Bug 1582647 - Pref off the public-suffix-list-updated event r=Gijs a=pascalc
authorValentin Gosu <valentin.gosu@gmail.com>
Thu, 28 Nov 2019 19:46:11 +0200
changeset 563496 c65d4278139f08b1b18e602c3453f62c74bc53c9
parent 563495 b4717df2d39ff77a9d991d08657049d30494f0e4
child 563497 a514ead5cb170c7d66faf354c5d1a403c8938989
push id2202
push usercbrindusan@mozilla.com
push dateThu, 28 Nov 2019 17:50:36 +0000
treeherdermozilla-release@c65d4278139f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersGijs, pascalc
bugs1582647
milestone71.0
Bug 1582647 - Pref off the public-suffix-list-updated event r=Gijs a=pascalc
modules/libpref/init/all.js
netwerk/dns/PublicSuffixList.jsm
netwerk/dns/tests/unit/test_PublicSuffixList.js
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -3987,16 +3987,22 @@ pref("network.tcp.tcp_fastopen_consecuti
 // will make this a pref. If tcp_fastopen_http_stalls_limit of stalls are
 // detected the TCP fast open will be disabled.
 // If tcp_fastopen_http_check_for_stalls_only_if_idle_for is set to 0 the
 // check will not be performed.
 pref("network.tcp.tcp_fastopen_http_check_for_stalls_only_if_idle_for", 10);
 pref("network.tcp.tcp_fastopen_http_stalls_limit", 3);
 pref("network.tcp.tcp_fastopen_http_stalls_timeout", 20);
 
+// This pref controls if we send the "public-suffix-list-updated" notification
+// from PublicSuffixList.onUpdate() - Doing so would cause the PSL graph to
+// be updated while Firefox is running which may cause principals to have an
+// inconsistent state. See bug 1582647 comment 30
+pref("network.psl.onUpdate_notify", false);
+
 #ifdef MOZ_WIDGET_GTK
   pref("gfx.xrender.enabled",false);
   pref("widget.content.allow-gtk-dark-theme", false);
   pref("widget.content.gtk-theme-override", "");
 #endif
 #ifdef MOZ_WAYLAND
   pref("widget.wayland_dmabuf_backend.enabled", false);
 #endif
--- a/netwerk/dns/PublicSuffixList.jsm
+++ b/netwerk/dns/PublicSuffixList.jsm
@@ -45,16 +45,23 @@ const PublicSuffixList = {
    */
   getFilePath(fileURI) {
     const uri = Services.io.newURI(fileURI);
     const file = uri.QueryInterface(Ci.nsIFileURL).file;
     return file.path;
   },
 
   notifyUpdate(fileURI) {
+    if (!Services.prefs.getBoolPref("network.psl.onUpdate_notify", false)) {
+      // Updating the PSL while Firefox is running could cause principals to
+      // have a different base domain before/after the update.
+      // See bug 1582647 comment 30
+      return;
+    }
+
     const filePath = this.getFilePath(fileURI);
     const nsifile = new FileUtils.File(filePath);
     /* Send a signal to be read by the C++, the method
      * ::Observe(nsISupports* aSubject, const char* aTopic, const char16_t* aData)
      * at netwerk/dns/nsEffectiveTLDService.cpp
      */
     Services.obs.notifyObservers(
       nsifile, // aSubject
--- a/netwerk/dns/tests/unit/test_PublicSuffixList.js
+++ b/netwerk/dns/tests/unit/test_PublicSuffixList.js
@@ -2,16 +2,18 @@
 
 const { PublicSuffixList } = ChromeUtils.import(
   "resource://gre/modules/netwerk-dns/PublicSuffixList.jsm"
 );
 const { TestUtils } = ChromeUtils.import(
   "resource://testing-common/TestUtils.jsm"
 );
 
+const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm");
+
 const CLIENT = PublicSuffixList.CLIENT;
 const SIGNAL = "public-suffix-list-updated";
 
 const PAYLOAD_UPDATED_RECORDS = {
   current: [{ id: "tld-dafsa", "commit-hash": "current-commit-hash" }],
   created: [],
   updated: [
     {
@@ -43,16 +45,24 @@ const PAYLOAD_UPDATED_AND_CREATED_RECORD
     },
   ],
   deleted: [],
 };
 
 const fakeDafsaBinFile = do_get_file("data/fake_remote_dafsa.bin");
 const mockedFilePath = fakeDafsaBinFile.path;
 
+function setup() {
+  Services.prefs.setBoolPref("network.psl.onUpdate_notify", true);
+}
+setup();
+registerCleanupFunction(() => {
+  Services.prefs.clearUserPref("network.psl.onUpdate_notify");
+});
+
 /**
  * downloadCalled is used by mockDownload() and resetMockDownload()
  * to keep track weather CLIENT.attachments.download is called or not
  * downloadBackup will help restore CLIENT.attachments.download to original definition
  * notifyUpdateBackup will help restore PublicSuffixList.notifyUpdate to original definition
  */
 let downloadCalled = false;
 const downloadBackup = CLIENT.attachments.download;