Bug 1541399 - Ensure we don't fetch search suggestions for file urls. r=adw a=pascalc
authorMarco Bonardo <mbonardo@mozilla.com>
Mon, 08 Apr 2019 23:50:21 +0000
changeset 526110 59dcec156ac92fac1b57e640a2e3222df604aa4e
parent 526109 9b56acdef604faeee96eb7cdb1369d8f2cf97042
child 526111 611f3e691f0b918b449e7a1717d08d20e7b509f9
push id2032
push userffxbld-merge
push dateMon, 13 May 2019 09:36:57 +0000
treeherdermozilla-release@455c1065dcbe [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersadw, pascalc
bugs1541399
milestone67.0
Bug 1541399 - Ensure we don't fetch search suggestions for file urls. r=adw a=pascalc Fixes the tokenizer to recognize file:/// urls, plus adds a second layer of protection, so that if URI fixup thinks the typed string may be an url, we don't fetch suggestions for it. Differential Revision: https://phabricator.services.mozilla.com/D26282
browser/components/urlbar/UrlbarTokenizer.jsm
browser/components/urlbar/tests/unit/test_tokenizer.js
toolkit/components/places/UnifiedComplete.jsm
--- a/browser/components/urlbar/UrlbarTokenizer.jsm
+++ b/browser/components/urlbar/UrlbarTokenizer.jsm
@@ -22,17 +22,17 @@ XPCOMUtils.defineLazyGetter(this, "logge
 
 var UrlbarTokenizer = {
   // Regex matching on whitespaces.
   REGEXP_SPACES: /\s+/,
 
   // Regex used to guess url-like strings.
   // These are not expected to be 100% correct, we accept some user mistypes
   // and we're unlikely to be able to cover 100% of the cases.
-  REGEXP_LIKE_PROTOCOL: /^[A-Z+.-]+:\/{0,2}(?!\/)/i,
+  REGEXP_LIKE_PROTOCOL: /^[A-Z+.-]+:\/*(?!\/)/i,
   REGEXP_USERINFO_INVALID_CHARS: /[^\w.~%!$&'()*+,;=:-]/,
   REGEXP_HOSTPORT_INVALID_CHARS: /[^\[\]A-Z0-9.:-]/i,
   REGEXP_HOSTPORT_IP_LIKE: /^[a-f0-9\.\[\]:]+$/i,
   // This accepts partial IPv4.
   REGEXP_HOSTPORT_INVALID_IP: /\.{2,}|\d{5,}|\d{4,}(?![:\]])|^\.|^(\d+\.){4,}\d+$|^\d{4,}$/,
   // This only accepts complete IPv4.
   REGEXP_HOSTPORT_IPV4: /^(\d{1,3}\.){3,}\d{1,3}(:\d+)?$/,
   // This accepts partial IPv6.
--- a/browser/components/urlbar/tests/unit/test_tokenizer.js
+++ b/browser/components/urlbar/tests/unit/test_tokenizer.js
@@ -138,32 +138,50 @@ add_task(async function test_tokenizer()
       ],
     },
     { desc: "protocol",
       searchString: "http://test",
       expectedTokens: [
         { value: "http://test", type: UrlbarTokenizer.TYPE.POSSIBLE_URL },
       ],
     },
+    { desc: "bogus protocol with host (we allow visits to http://///example.com)",
+      searchString: "http:///test",
+      expectedTokens: [
+        { value: "http:///test", type: UrlbarTokenizer.TYPE.POSSIBLE_URL },
+      ],
+    },
+    { desc: "file protocol with path",
+      searchString: "file:///home",
+      expectedTokens: [
+        { value: "file:///home", type: UrlbarTokenizer.TYPE.POSSIBLE_URL },
+      ],
+    },
     { desc: "almost a protocol",
       searchString: "http:",
       expectedTokens: [
         { value: "http:", type: UrlbarTokenizer.TYPE.POSSIBLE_URL },
       ],
     },
     { desc: "almost a protocol 2",
       searchString: "http:/",
       expectedTokens: [
         { value: "http:/", type: UrlbarTokenizer.TYPE.POSSIBLE_URL },
       ],
     },
-    { desc: "bogus protocol",
+    { desc: "bogus protocol (we allow visits to http://///example.com)",
       searchString: "http:///",
       expectedTokens: [
-        { value: "http:///", type: UrlbarTokenizer.TYPE.TEXT },
+        { value: "http:///", type: UrlbarTokenizer.TYPE.POSSIBLE_URL },
+      ],
+    },
+    { desc: "file protocol",
+      searchString: "file:///",
+      expectedTokens: [
+        { value: "file:///", type: UrlbarTokenizer.TYPE.POSSIBLE_URL },
       ],
     },
     { desc: "userinfo",
       searchString: "user:pass@test",
       expectedTokens: [
         { value: "user:pass@test", type: UrlbarTokenizer.TYPE.POSSIBLE_ORIGIN },
       ],
     },
--- a/toolkit/components/places/UnifiedComplete.jsm
+++ b/toolkit/components/places/UnifiedComplete.jsm
@@ -1313,16 +1313,19 @@ Search.prototype = {
       // we use a fallback for things we don't know about.
 
       // We may not have auto-filled, but this may still look like a URL.
       // However, even if the input is a valid URL, we may not want to use
       // it as such. This can happen if the host would require whitelisting,
       // but isn't in the whitelist.
       let matched = await this._matchUnknownUrl();
       if (matched) {
+        // Because we think this may be a URL, we won't be fetching search
+        // suggestions for it.
+        this._prohibitSearchSuggestions = true;
         // Since we can't tell if this is a real URL and
         // whether the user wants to visit or search for it,
         // we always provide an alternative searchengine match.
         try {
           new URL(this._originalSearchString);
         } catch (ex) {
           if (UrlbarPrefs.get("keyword.enabled") &&
               !looksLikeUrl(this._originalSearchString, true)) {