From 02f4dbbbf98480e2e8c657a9f60b7b1db4bbb885 Mon Sep 17 00:00:00 2001 From: Thomas Nguyen Date: Mon, 17 Sep 2018 05:36:45 +0000 Subject: [PATCH] Bug 1330487 - Part 3: Propagate referrer policy from doc/sheet to URLExtraData r=heycam Referrer policy argurment is passed from sheet/doc to URLExtraData, default value is RP_Unset. We use default value in some cases, particularly when there's no certain spec talks about that (svg for example) MozReview-Commit-ID: 5VAX1ZUXD3i Differential Revision: https://phabricator.services.mozilla.com/D1922 --HG-- extra : moz-landing-system : lando --- dom/base/FragmentOrElement.cpp | 3 ++- dom/base/nsAttrValue.cpp | 13 ++++++----- dom/base/nsDocument.cpp | 4 +++- dom/canvas/CanvasRenderingContext2D.cpp | 3 ++- dom/svg/SVGUseElement.cpp | 7 ++++-- dom/svg/nsSVGElement.cpp | 5 ++-- dom/xul/nsXULElement.cpp | 4 +++- layout/style/FontFace.cpp | 6 ++++- layout/style/ServoCSSParser.cpp | 3 ++- layout/style/StyleSheet.cpp | 14 ++++++++--- layout/style/StyleSheet.h | 2 ++ layout/style/URLExtraData.cpp | 4 +++- layout/style/URLExtraData.h | 13 ++++++++--- layout/style/test/gtest/StyloParsingBench.cpp | 23 +++++++++++++------ 14 files changed, 74 insertions(+), 30 deletions(-) diff --git a/dom/base/FragmentOrElement.cpp b/dom/base/FragmentOrElement.cpp index edde5bd1f540..d60f8529936b 100644 --- a/dom/base/FragmentOrElement.cpp +++ b/dom/base/FragmentOrElement.cpp @@ -440,7 +440,8 @@ nsIContent::GetURLDataForStyleAttr(nsIPrincipal* aSubjectPrincipal) const // TODO: Cache this? return MakeAndAddRef(OwnerDoc()->GetDocBaseURI(), OwnerDoc()->GetDocumentURI(), - aSubjectPrincipal); + aSubjectPrincipal, + OwnerDoc()->GetReferrerPolicy()); } // This also ignores the case that SVG inside XBL binding. // But it is probably fine. diff --git a/dom/base/nsAttrValue.cpp b/dom/base/nsAttrValue.cpp index 061edabccf10..ed9f2ee54a8c 100644 --- a/dom/base/nsAttrValue.cpp +++ b/dom/base/nsAttrValue.cpp @@ -1737,12 +1737,13 @@ nsAttrValue::ParseStyleAttribute(const nsAString& aString, } } - RefPtr data = new URLExtraData(baseURI, docURI, principal); - RefPtr decl = - DeclarationBlock::FromCssText(aString, - data, - ownerDoc->GetCompatibilityMode(), - ownerDoc->CSSLoader()); + RefPtr data = new URLExtraData(baseURI, docURI, + principal, + ownerDoc->GetReferrerPolicy()); + RefPtr decl = DeclarationBlock:: + FromCssText(aString, data, + ownerDoc->GetCompatibilityMode(), + ownerDoc->CSSLoader()); if (!decl) { return false; } diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp index ca21d2211d1d..a98980087497 100644 --- a/dom/base/nsDocument.cpp +++ b/dom/base/nsDocument.cpp @@ -3739,11 +3739,13 @@ nsIDocument::DefaultStyleAttrURLData() nsIURI* baseURI = GetDocBaseURI(); nsIURI* docURI = GetDocumentURI(); nsIPrincipal* principal = NodePrincipal(); + mozilla::net::ReferrerPolicy policy = GetReferrerPolicy(); if (!mCachedURLData || mCachedURLData->BaseURI() != baseURI || mCachedURLData->GetReferrer() != docURI || + mCachedURLData->GetReferrerPolicy() != policy || mCachedURLData->GetPrincipal() != principal) { - mCachedURLData = new URLExtraData(baseURI, docURI, principal); + mCachedURLData = new URLExtraData(baseURI, docURI, principal, policy); } return mCachedURLData; } diff --git a/dom/canvas/CanvasRenderingContext2D.cpp b/dom/canvas/CanvasRenderingContext2D.cpp index b026d609df6b..78fc4b899376 100644 --- a/dom/canvas/CanvasRenderingContext2D.cpp +++ b/dom/canvas/CanvasRenderingContext2D.cpp @@ -2639,7 +2639,8 @@ CreateDeclarationForServo(nsCSSPropertyID aProperty, RefPtr data = new URLExtraData(aDocument->GetDocBaseURI(), aDocument->GetDocumentURI(), - aDocument->NodePrincipal()); + aDocument->NodePrincipal(), + aDocument->GetReferrerPolicy()); ServoCSSParser::ParsingEnvironment env(data, aDocument->GetCompatibilityMode(), diff --git a/dom/svg/SVGUseElement.cpp b/dom/svg/SVGUseElement.cpp index e5312db1b661..8e1abebbd3a6 100644 --- a/dom/svg/SVGUseElement.cpp +++ b/dom/svg/SVGUseElement.cpp @@ -20,6 +20,7 @@ #include "mozilla/URLExtraData.h" #include "SVGObserverUtils.h" #include "nsSVGUseFrame.h" +#include "mozilla/net/ReferrerPolicy.h" NS_IMPL_NS_NEW_NAMESPACED_SVG_ELEMENT(Use) @@ -326,10 +327,12 @@ SVGUseElement::UpdateShadowTree() newSVGElement->SetLength(nsGkAtoms::height, mLengthAttributes[ATTR_HEIGHT]); } - // Store the base URI + // The specs do not say which referrer policy we should use, pass RP_Unset for + // now mContentURLData = new URLExtraData(baseURI.forget(), do_AddRef(OwnerDoc()->GetDocumentURI()), - do_AddRef(NodePrincipal())); + do_AddRef(NodePrincipal()), + mozilla::net::RP_Unset); targetElement->AddMutationObserver(this); } diff --git a/dom/svg/nsSVGElement.cpp b/dom/svg/nsSVGElement.cpp index 64c10a3d3c4f..de20e7fcaef2 100644 --- a/dom/svg/nsSVGElement.cpp +++ b/dom/svg/nsSVGElement.cpp @@ -1194,8 +1194,9 @@ MappedAttrParser::ParseMappedAttrValue(nsAtom* aMappedAttrName, bool changed = false; // outparam for ParseProperty. NS_ConvertUTF16toUTF8 value(aMappedAttrValue); // FIXME (bug 1343964): Figure out a better solution for sending the base uri to servo - RefPtr data = new URLExtraData(mBaseURI, mDocURI, - mElement->NodePrincipal()); + RefPtr data = + new URLExtraData(mBaseURI, mDocURI, mElement->NodePrincipal(), + mElement->OwnerDoc()->GetReferrerPolicy()); changed = Servo_DeclarationBlock_SetPropertyById( mDecl->Raw(), propertyID, &value, false, data, ParsingMode::AllowUnitlessLength, diff --git a/dom/xul/nsXULElement.cpp b/dom/xul/nsXULElement.cpp index 09964042ada8..e5b886cead1c 100644 --- a/dom/xul/nsXULElement.cpp +++ b/dom/xul/nsXULElement.cpp @@ -1869,8 +1869,10 @@ nsXULPrototypeElement::SetAttrAt(uint32_t aPos, const nsAString& aValue, // TODO: If we implement Content Security Policy for chrome documents // as has been discussed, the CSP should be checked here to see if // inline styles are allowed to be applied. + // XXX No specific specs talk about xul and referrer policy, pass Unset RefPtr data = - new URLExtraData(aDocumentURI, aDocumentURI, principal); + new URLExtraData(aDocumentURI, aDocumentURI, principal, + mozilla::net::RP_Unset); RefPtr declaration = DeclarationBlock::FromCssText( aValue, data, eCompatibility_FullStandards, nullptr); diff --git a/layout/style/FontFace.cpp b/layout/style/FontFace.cpp index 3fd4b11338c8..7d2d2d6795f8 100644 --- a/layout/style/FontFace.cpp +++ b/layout/style/FontFace.cpp @@ -21,6 +21,7 @@ #include "mozilla/StaticPrefs.h" #include "nsIDocument.h" #include "nsStyleUtil.h" +#include "mozilla/net/ReferrerPolicy.h" namespace mozilla { namespace dom { @@ -530,7 +531,10 @@ FontFace::GetURLExtraData() const nsCOMPtr docURI = window->GetDocumentURI(); nsCOMPtr base = window->GetDocBaseURI(); - RefPtr url = new URLExtraData(base, docURI, principal); + // We pass RP_Unset when creating URLExtraData object here because it's not + // going to result to change referer policy in a resource request. + RefPtr url = new URLExtraData(base, docURI, principal, + net::RP_Unset); return url.forget(); } diff --git a/layout/style/ServoCSSParser.cpp b/layout/style/ServoCSSParser.cpp index f0c595b65704..df372dfe9e11 100644 --- a/layout/style/ServoCSSParser.cpp +++ b/layout/style/ServoCSSParser.cpp @@ -86,7 +86,8 @@ ServoCSSParser::GetURLExtraData(nsIDocument* aDocument) // FIXME this is using the wrong base uri (bug 1343919) RefPtr url = new URLExtraData(aDocument->GetDocumentURI(), aDocument->GetDocumentURI(), - aDocument->NodePrincipal()); + aDocument->NodePrincipal(), + aDocument->GetReferrerPolicy()); return url.forget(); } diff --git a/layout/style/StyleSheet.cpp b/layout/style/StyleSheet.cpp index f1f897bcf9de..a8885aeb6997 100644 --- a/layout/style/StyleSheet.cpp +++ b/layout/style/StyleSheet.cpp @@ -277,6 +277,15 @@ StyleSheet::SetDisabled(bool aDisabled) } } +already_AddRefed +StyleSheet::CreateURLExtraData() const +{ + RefPtr data = new URLExtraData(GetBaseURI(), + GetSheetURI(), + Principal(), + GetReferrerPolicy()); + return data.forget(); +} StyleSheetInfo::StyleSheetInfo(CORSMode aCORSMode, ReferrerPolicy aReferrerPolicy, const SRIMetadata& aIntegrity, @@ -1018,8 +1027,7 @@ StyleSheet::ParseSheet(css::Loader* aLoader, MOZ_ASSERT(aLoadData); MOZ_ASSERT(mParsePromise.IsEmpty()); RefPtr p = mParsePromise.Ensure(__func__); - Inner().mURLData = - new URLExtraData(GetBaseURI(), GetSheetURI(), Principal()); // RefPtr + Inner().mURLData = CreateURLExtraData(); // RefPtr const StyleUseCounters* useCounters = aLoader->GetDocument() ? aLoader->GetDocument()->GetStyleUseCounters() @@ -1079,7 +1087,7 @@ StyleSheet::ParseSheetSync(css::Loader* aLoader, ? aLoader->GetDocument()->GetStyleUseCounters() : nullptr; - Inner().mURLData = new URLExtraData(GetBaseURI(), GetSheetURI(), Principal()); // RefPtr + Inner().mURLData = CreateURLExtraData(); // RefPtr Inner().mContents = Servo_StyleSheet_FromUTF8Bytes(aLoader, this, aLoadData, diff --git a/layout/style/StyleSheet.h b/layout/style/StyleSheet.h index e1454faf9d32..4dda9d83c650 100644 --- a/layout/style/StyleSheet.h +++ b/layout/style/StyleSheet.h @@ -467,6 +467,8 @@ private: // returns false. bool AreRulesAvailable(nsIPrincipal& aSubjectPrincipal, ErrorResult& aRv); + already_AddRefed CreateURLExtraData() const; + protected: // Internal methods which do not have security check and completeness check. uint32_t InsertRuleInternal(const nsAString& aRule, diff --git a/layout/style/URLExtraData.cpp b/layout/style/URLExtraData.cpp index 08a56861c0b0..e86e1388134a 100644 --- a/layout/style/URLExtraData.cpp +++ b/layout/style/URLExtraData.cpp @@ -10,6 +10,7 @@ #include "mozilla/NullPrincipalURI.h" #include "nsProxyRelease.h" +#include "mozilla/net/ReferrerPolicy.h" namespace mozilla { @@ -22,7 +23,8 @@ URLExtraData::InitDummy() RefPtr referrer = baseURI; sDummy = new URLExtraData(baseURI.forget(), referrer.forget(), - NullPrincipal::CreateWithoutOriginAttributes()); + NullPrincipal::CreateWithoutOriginAttributes(), + net::RP_Unset); } /* static */ void diff --git a/layout/style/URLExtraData.h b/layout/style/URLExtraData.h index d1259ab44aee..e05676767069 100644 --- a/layout/style/URLExtraData.h +++ b/layout/style/URLExtraData.h @@ -12,6 +12,7 @@ #include "mozilla/dom/URL.h" #include "mozilla/Move.h" #include "mozilla/StaticPtr.h" +#include "mozilla/net/ReferrerPolicy.h" #include "nsCOMPtr.h" #include "nsIPrincipal.h" @@ -23,9 +24,11 @@ struct URLExtraData { URLExtraData(already_AddRefed aBaseURI, already_AddRefed aReferrer, - already_AddRefed aPrincipal) + already_AddRefed aPrincipal, + net::ReferrerPolicy aReferrerPolicy) : mBaseURI(std::move(aBaseURI)) , mReferrer(std::move(aReferrer)) + , mReferrerPolicy(aReferrerPolicy) , mPrincipal(std::move(aPrincipal)) // When we hold the URI data of a style sheet, mReferrer is always // equal to the sheet URI. @@ -34,15 +37,18 @@ struct URLExtraData MOZ_ASSERT(mBaseURI); } - URLExtraData(nsIURI* aBaseURI, nsIURI* aReferrer, nsIPrincipal* aPrincipal) + URLExtraData(nsIURI* aBaseURI, nsIURI* aReferrer, nsIPrincipal* aPrincipal, + net::ReferrerPolicy aReferrerPolicy) : URLExtraData(do_AddRef(aBaseURI), do_AddRef(aReferrer), - do_AddRef(aPrincipal)) {} + do_AddRef(aPrincipal), + aReferrerPolicy) {} NS_INLINE_DECL_THREADSAFE_REFCOUNTING(URLExtraData) nsIURI* BaseURI() const { return mBaseURI; } nsIURI* GetReferrer() const { return mReferrer; } + net::ReferrerPolicy GetReferrerPolicy() const { return mReferrerPolicy;} nsIPrincipal* GetPrincipal() const { return mPrincipal; } static URLExtraData* Dummy() { @@ -57,6 +63,7 @@ private: nsCOMPtr mBaseURI; nsCOMPtr mReferrer; + net::ReferrerPolicy mReferrerPolicy; nsCOMPtr mPrincipal; // True if mReferrer is a chrome:// URI. diff --git a/layout/style/test/gtest/StyloParsingBench.cpp b/layout/style/test/gtest/StyloParsingBench.cpp index d379c26793aa..032f88ef9270 100644 --- a/layout/style/test/gtest/StyloParsingBench.cpp +++ b/layout/style/test/gtest/StyloParsingBench.cpp @@ -11,6 +11,7 @@ #include "ServoBindings.h" #include "mozilla/Encoding.h" #include "mozilla/NullPrincipalURI.h" +#include "mozilla/net/ReferrerPolicy.h" using namespace mozilla; using namespace mozilla::css; @@ -31,8 +32,11 @@ static void ServoParsingBench(const StyleUseCounters* aCounters) cssStr.Append(css); ASSERT_EQ(Encoding::UTF8ValidUpTo(css), css.Length()); - RefPtr data = new URLExtraData( - NullPrincipalURI::Create(), nullptr, NullPrincipal::CreateWithoutOriginAttributes()); + RefPtr data = + new URLExtraData(NullPrincipalURI::Create(), + nullptr, + NullPrincipal::CreateWithoutOriginAttributes(), + mozilla::net::RP_Unset); for (int i = 0; i < PARSING_REPETITIONS; i++) { RefPtr stylesheet = Servo_StyleSheet_FromUTF8Bytes(nullptr, @@ -52,9 +56,11 @@ static void ServoParsingBench(const StyleUseCounters* aCounters) static void ServoSetPropertyByIdBench(const nsACString& css) { RefPtr block = Servo_DeclarationBlock_CreateEmpty().Consume(); - RefPtr data = new URLExtraData( - NullPrincipalURI::Create(), nullptr, NullPrincipal::CreateWithoutOriginAttributes()); - + RefPtr data = + new URLExtraData(NullPrincipalURI::Create(), + nullptr, + NullPrincipal::CreateWithoutOriginAttributes(), + mozilla::net::RP_Unset); ASSERT_TRUE(IsUTF8(css)); for (int i = 0; i < SETPROPERTY_REPETITIONS; i++) { @@ -74,8 +80,11 @@ static void ServoSetPropertyByIdBench(const nsACString& css) static void ServoGetPropertyValueById() { RefPtr block = Servo_DeclarationBlock_CreateEmpty().Consume(); - RefPtr data = new URLExtraData( - NullPrincipalURI::Create(), nullptr, NullPrincipal::CreateWithoutOriginAttributes()); + RefPtr data = + new URLExtraData(NullPrincipalURI::Create(), + nullptr, + NullPrincipal::CreateWithoutOriginAttributes(), + mozilla::net::RP_Unset); NS_NAMED_LITERAL_CSTRING(css_, "10px"); const nsACString& css = css_; Servo_DeclarationBlock_SetPropertyById(