Bug 1408194 - Prevent using find api on about urls. r=gijs, a=lizzard
authorShane Caraveo <scaraveo@mozilla.com>
Tue, 30 Jan 2018 16:55:54 -0700
changeset 454604 84c1cb814b185771e99e48f0445c258ef460af16
parent 454603 2e091a38d41c673863a09157414c50288df66b57
child 454605 0e762fc7cb7446469e69b47932cbbdeccf50ecb2
push id1648
push usermtabara@mozilla.com
push dateThu, 01 Mar 2018 12:45:47 +0000
treeherdermozilla-release@cbb9688c2eeb [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgijs, lizzard
bugs1408194
milestone59.0
Bug 1408194 - Prevent using find api on about urls. r=gijs, a=lizzard
browser/components/extensions/ext-find.js
browser/components/extensions/test/browser/browser_ext_find.js
--- a/browser/components/extensions/ext-find.js
+++ b/browser/components/extensions/ext-find.js
@@ -15,16 +15,23 @@
  */
 function runFindOperation(params, message) {
   let {tabId} = params;
   let tab = tabId ? tabTracker.getTab(tabId) : tabTracker.activeTab;
   let browser = tab.linkedBrowser;
   let mm = browser.messageManager;
   tabId = tabId || tabTracker.getId(tab);
 
+  // We disallow find in about: urls.
+  if (tab.linkedBrowser.contentPrincipal.isSystemPrincipal ||
+      (["about", "chrome", "resource"].includes(tab.linkedBrowser.currentURI.scheme) &&
+      tab.linkedBrowser.currentURI.spec != "about:blank")) {
+    return Promise.reject({message: `Unable to search: ${tabId}`});
+  }
+
   return new Promise((resolve, reject) => {
     mm.addMessageListener(`ext-Finder:${message}Finished`, function messageListener(message) {
       mm.removeMessageListener(`ext-Finder:${message}Finished`, messageListener);
       switch (message.data) {
         case "Success":
           resolve();
           break;
         case "OutOfRange":
--- a/browser/components/extensions/test/browser/browser_ext_find.js
+++ b/browser/components/extensions/test/browser/browser_ext_find.js
@@ -155,8 +155,33 @@ add_task(async function testDuplicatePin
 
   info("Test that text was highlighted properly.");
   is(message.data.text, "bananA", `The text that was highlighted: - Expected: bananA, Actual: ${message.data.text}`);
 
   info("Test that rectangle data returned from the search matches the highlighted result.");
   is(message.data.rect.top, top, `rect.top: - Expected: ${message.data.rect.top}, Actual: ${top}`);
   is(message.data.rect.left, left, `rect.left: - Expected: ${message.data.rect.left}, Actual: ${left}`);
 });
+
+add_task(async function testAboutFind() {
+  async function background() {
+    await browser.test.assertRejects(
+      browser.find.find("banana"),
+      /Unable to search:/,
+      "Should not be able to search about tabs");
+
+    browser.test.sendMessage("done");
+  }
+
+  let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, "about:home");
+
+  let extension = ExtensionTestUtils.loadExtension({
+    manifest: {
+      "permissions": ["find", "tabs"],
+    },
+    background,
+  });
+
+  await extension.startup();
+  await extension.awaitMessage("done");
+  await extension.unload();
+  await BrowserTestUtils.removeTab(tab);
+});