Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-09 11:25:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1420622 - Remove feed and pcast protocols. r=Gijs

Browse Source 
MozReview-Commit-ID: KAC9MmLiuBG

--HG--
extra : rebase_source : 076fc5a6acc75362ceffee1b5150e1598af41673
This commit is contained in:
Jonathan Kingston 2017-12-19 16:12:29 +00:00
parent a03071c7a1
commit 2cb1afc933
10 changed files with 16 additions and 216 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
browser/base/content/browser-feeds.js
View File

@ -208,11 +208,6 @@ var FeedHandler = {
href = event.target.getAttribute("feed");
urlSecurityCheck(href, gBrowser.contentPrincipal,
Ci.nsIScriptSecurityManager.DISALLOW_INHERIT_PRINCIPAL);
let feedURI = makeURI(href, document.characterSet);
// Use the feed scheme so X-Moz-Is-Feed will be set
// The value doesn't matter
if (/^https?$/.test(feedURI.scheme))
href = "feed:" + href;
this.loadFeed(href, event);
},
@ -279,6 +274,13 @@ var FeedHandler = {
if (!browserForLink.feeds)
browserForLink.feeds = [];
urlSecurityCheck(link.href, gBrowser.contentPrincipal,
Ci.nsIScriptSecurityManager.DISALLOW_INHERIT_PRINCIPAL);
let feedURI = makeURI(link.href, document.characterSet);
if (!/^https?$/.test(feedURI.scheme))
return;
browserForLink.feeds.push({ href: link.href, title: link.title });
// If this addition was for the current browser, update the UI. For

5
browser/base/content/test/general/feed_discovery.html
View File

@ -12,6 +12,11 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=377611
<link rel="alternate" type="application/rss+xml" title="2" href="/2.rss" />
<link rel="feed" title="3" href="/3.xml" />
<!-- invalid protocol -->
<link rel="alternate" type="application/atom+xml" title="Bogus non file protocol" href="file://path/1.rss" />
<link rel="alternate" type="application/atom+xml" title="Bogus non feed:http protocol" href="feed:http://path/1.rss" />
<link rel="alternate" type="application/atom+xml" title="Bogus non pcast protocol" href="pcast://path/1.rss" />
<!-- rel is a space-separated list -->
<link rel=" alternate " type="application/atom+xml" title="4" href="/4.atom" />
<link rel="foo alternate" type="application/atom+xml" title="5" href="/5.atom" />

4
browser/components/feeds/BrowserFeeds.manifest
View File

@ -14,10 +14,6 @@ contract @mozilla.org/streamconv;1?from=application/vnd.mozilla.maybe.video.feed
contract @mozilla.org/streamconv;1?from=application/vnd.mozilla.maybe.audio.feed&to=*/* {229fa115-9412-4d32-baf3-2fc407f76fb1}
component {2376201c-bbc6-472f-9b62-7548040a61c6} FeedConverter.js
contract @mozilla.org/browser/feeds/result-service;1 {2376201c-bbc6-472f-9b62-7548040a61c6}
component {4f91ef2e-57ba-472e-ab7a-b4999e42d6c0} FeedConverter.js
contract @mozilla.org/network/protocol;1?name=feed {4f91ef2e-57ba-472e-ab7a-b4999e42d6c0}
component {1c31ed79-accd-4b94-b517-06e0c81999d5} FeedConverter.js
contract @mozilla.org/network/protocol;1?name=pcast {1c31ed79-accd-4b94-b517-06e0c81999d5}
component {49bb6593-3aff-4eb3-a068-2712c28bd58e} FeedWriter.js
contract @mozilla.org/browser/feeds/result-writer;1 {49bb6593-3aff-4eb3-a068-2712c28bd58e}
component {792a7e82-06a0-437c-af63-b2d12e808acc} WebContentConverter.js

116
browser/components/feeds/FeedConverter.js
View File

@ -455,123 +455,9 @@ FeedResultService.prototype = {
},
};
/**
* A protocol handler that attempts to deal with the variant forms of feed:
* URIs that are actually either http or https.
*/
function GenericProtocolHandler() {
}
GenericProtocolHandler.prototype = {
_init(scheme) {
this._http = Services.io.getProtocolHandler("http");
this._scheme = scheme;
},
get scheme() {
return this._scheme;
},
get protocolFlags() {
let {URI_DANGEROUS_TO_LOAD, ALLOWS_PROXY_HTTP, ALLOWS_PROXY} =
Ci.nsIProtocolHandler;
return URI_DANGEROUS_TO_LOAD | ALLOWS_PROXY | ALLOWS_PROXY_HTTP;
},
get defaultPort() {
return this._http.defaultPort;
},
allowPort(port, scheme) {
return this._http.allowPort(port, scheme);
},
_getTelemetrySchemeId() {
// Gets a scheme id from 1-8
let schemeId;
if (!this._telemetrySubScheme) {
schemeId = 1;
} else {
switch (this._telemetryInnerScheme) {
case "http":
schemeId = 2;
break;
case "https":
schemeId = 3;
break;
default:
// Invalid scheme
schemeId = 4;
}
}
if (this._scheme === "pcast") {
schemeId += 4;
}
return schemeId;
},
newURI(spec, originalCharset, baseURI) {
// Feed URIs can be either nested URIs of the form feed:realURI (in which
// case we create a nested URI for the realURI) or feed://example.com, in
// which case we create a nested URI for the real protocol which is http.
let scheme = this._scheme + ":";
if (spec.substr(0, scheme.length) != scheme)
throw Cr.NS_ERROR_MALFORMED_URI;
this._telemetrySubScheme = spec.substr(scheme.length, 2) != "//";
let prefix = spec.substr(scheme.length, 2) == "//" ? "http:" : "";
let inner = Services.io.newURI(spec.replace(scheme, prefix),
originalCharset, baseURI);
this._telemetryInnerScheme = inner.scheme;
if (!["http", "https"].includes(inner.scheme))
throw Cr.NS_ERROR_MALFORMED_URI;
let uri = Services.io.QueryInterface(Ci.nsINetUtil).newSimpleNestedURI(inner);
uri.spec = inner.spec.replace(prefix, scheme);
return uri;
},
newChannel2(aUri, aLoadInfo) {
let inner = aUri.QueryInterface(Ci.nsINestedURI).innerURI;
let channel = Services.io.newChannelFromURIWithLoadInfo(inner, aLoadInfo);
const schemeId = this._getTelemetrySchemeId();
Services.telemetry.getHistogramById("FEED_PROTOCOL_USAGE").add(schemeId);
if (channel instanceof Components.interfaces.nsIHttpChannel)
// Set this so we know this is supposed to be a feed
channel.setRequestHeader("X-Moz-Is-Feed", "1", false);
channel.originalURI = aUri;
return channel;
},
QueryInterface(iid) {
if (iid.equals(Ci.nsIProtocolHandler) ||
iid.equals(Ci.nsISupports))
return this;
throw Cr.NS_ERROR_NO_INTERFACE;
}
};
function FeedProtocolHandler() {
this._init("feed");
}
FeedProtocolHandler.prototype = new GenericProtocolHandler();
FeedProtocolHandler.prototype.classID = Components.ID("{4f91ef2e-57ba-472e-ab7a-b4999e42d6c0}");
function PodCastProtocolHandler() {
this._init("pcast");
}
PodCastProtocolHandler.prototype = new GenericProtocolHandler();
PodCastProtocolHandler.prototype.classID = Components.ID("{1c31ed79-accd-4b94-b517-06e0c81999d5}");
var components = [FeedConverter,
FeedResultService,
FeedProtocolHandler,
PodCastProtocolHandler];
FeedResultService];
this.NSGetFactory = XPCOMUtils.generateNSGetFactory(components);

1
browser/components/feeds/moz.build
View File

@ -4,7 +4,6 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
XPCSHELL_TESTS_MANIFESTS += ['test/unit/xpcshell.ini']
MOCHITEST_CHROME_MANIFESTS += ['test/chrome/chrome.ini']
MOCHITEST_MANIFESTS += ['test/mochitest.ini']

11
browser/components/feeds/nsFeedSniffer.cpp
View File

@ -246,17 +246,6 @@ nsFeedSniffer::GetMIMETypeFromContent(nsIRequest* request,
bool noSniff = contentType.EqualsLiteral(TYPE_RSS) ||
contentType.EqualsLiteral(TYPE_ATOM);
// Check to see if this was a feed request from the location bar or from
// the feed: protocol. This is also a reliable indication.
// The value of the header doesn't matter.
if (!noSniff) {
nsAutoCString sniffHeader;
nsresult foundHeader =
channel->GetRequestHeader(NS_LITERAL_CSTRING("X-Moz-Is-Feed"),
sniffHeader);
noSniff = NS_SUCCEEDED(foundHeader);
}
if (noSniff) {
// check for an attachment after we have a likely feed.
if(HasAttachmentDisposition(channel)) {

12
browser/modules/test/unit/test_E10SUtils_nested_URIs.js
View File

@ -28,14 +28,6 @@ var TEST_CASES = [
nestedURL: "jar:http://some.site/file!/",
plainURL: "http://some.site/file",
},
{
nestedURL: "feed:http://some.site",
plainURL: "http://some.site",
},
{
nestedURL: "pcast:http://some.site",
plainURL: "http://some.site",
},
{
nestedURL: "view-source:http://some.site",
plainURL: "http://some.site",
@ -52,10 +44,6 @@ var TEST_CASES = [
nestedURL: "view-source:about:robots",
plainURL: "about:robots",
},
{
nestedURL: "view-source:feed:http://some.site",
plainURL: "http://some.site",
},
{
nestedURL: "view-source:pcast:http://some.site",
plainURL: "http://some.site",

41
caps/tests/mochitest/browser_checkloaduri.js
View File

@ -47,40 +47,12 @@ const URLs = new Map([
// - whether the URI can be created at all (some protocol handlers will
// refuse to create certain variants)
["http://www.example2.com", true, true, true],
["feed:http://www.example2.com", false, false, true],
["https://www.example2.com", true, true, true],
["moz-icon:file:///foo/bar/baz.exe", false, false, true],
["moz-icon://.exe", false, false, true],
["chrome://foo/content/bar.xul", false, false, true],
["feed:chrome://foo/content/bar.xul", false, false, false],
["view-source:http://www.example2.com", false, false, true],
["view-source:https://www.example2.com", false, false, true],
["view-source:feed:http://www.example2.com", false, false, true],
["feed:view-source:http://www.example2.com", false, false, false],
["data:text/html,Hi", true, false, true],
["view-source:data:text/html,Hi", false, false, true],
["javascript:alert('hi')", true, false, true],
["moz://a", false, false, true],
["about:test-chrome-privs", false, false, true],
["about:test-unknown-unlinkable", false, false, true],
["about:test-content-unlinkable", false, false, true],
["about:test-content-linkable", true, true, true],
// Because this page doesn't have SAFE_FOR_UNTRUSTED, the web can't link to it:
["about:test-unknown-linkable", false, false, true],
]],
["feed:http://www.example.com", [
["http://www.example2.com", true, true, true],
["feed:http://www.example2.com", true, true, true],
["https://www.example2.com", true, true, true],
["moz-icon:file:///foo/bar/baz.exe", false, false, true],
["moz-icon://.exe", false, false, true],
["feed:https://www.example2.com", true, true, true],
["chrome://foo/content/bar.xul", false, false, true],
["feed:chrome://foo/content/bar.xul", false, false, false],
["view-source:http://www.example2.com", false, false, true],
["view-source:https://www.example2.com", false, false, true],
["view-source:feed:http://www.example2.com", false, false, true],
["feed:view-source:http://www.example2.com", false, false, false],
["data:text/html,Hi", true, false, true],
["view-source:data:text/html,Hi", false, false, true],
["javascript:alert('hi')", true, false, true],
@ -94,17 +66,12 @@ const URLs = new Map([
]],
["view-source:http://www.example.com", [
["http://www.example2.com", true, true, true],
["feed:http://www.example2.com", false, false, true],
["https://www.example2.com", true, true, true],
["moz-icon:file:///foo/bar/baz.exe", false, false, true],
["moz-icon://.exe", false, false, true],
["feed:https://www.example2.com", false, false, true],
["chrome://foo/content/bar.xul", false, false, true],
["feed:chrome://foo/content/bar.xul", false, false, false],
["view-source:http://www.example2.com", true, true, true],
["view-source:https://www.example2.com", true, true, true],
["view-source:feed:http://www.example2.com", false, false, true],
["feed:view-source:http://www.example2.com", false, false, false],
["data:text/html,Hi", true, false, true],
["view-source:data:text/html,Hi", true, false, true],
["javascript:alert('hi')", true, false, true],
@ -289,14 +256,6 @@ add_task(async function() {
baseFlags);
testURL(contentPrincipal, "view-source:" + contentBlobURI, false, false, true,
baseFlags | ssm.DISALLOW_INHERIT_PRINCIPAL);
// Feed URIs for blobs can't be created, so need to pass false as the fourth param.
for (let prefix of ["feed:", "view-source:feed:", "feed:view-source:"]) {
testURL(contentPrincipal, prefix + contentBlobURI, false, false, false,
baseFlags);
testURL(contentPrincipal, prefix + contentBlobURI, false, false, false,
baseFlags | ssm.DISALLOW_INHERIT_PRINCIPAL);
}
}
);

21
docshell/test/chrome/test_viewsource_forbidden_in_iframe.xul
View File

@ -132,34 +132,19 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=624883
expectedProtocolList: "view-source, http"
},
{
desc: "Test 2: feed:view-source should not be allowed in an iframe",
protocols: "feed:view-source:http",
expectedProtocolList: "feed, view-source, http"
},
{
desc: "Test 3: jar:view-source should not be allowed in an iframe",
desc: "Test 2: jar:view-source should not be allowed in an iframe",
protocols: "jar:view-source:http",
expectedProtocolList: "jar, view-source, http"
},
{
desc: "Test 4: pcast:view-source should not be allowed in an iframe",
protocols: "pcast:view-source:http",
expectedProtocolList: "pcast, view-source, http"
},
{
desc: "Test 5: pcast:feed:view-source should not be allowed in an iframe",
protocols: "pcast:feed:view-source:http",
expectedProtocolList: "pcast, feed, view-source, http"
},
{
desc: "Test 6: if invalid protocol first should report before view-source",
desc: "Test 3: if invalid protocol first should report before view-source",
protocols: "wibble:view-source:http",
// Nothing after the invalid protocol gets set as a proper nested URI,
// so the list stops there.
expectedProtocolList: "wibble"
},
{
desc: "Test 7: if view-source first should report before invalid protocol",
desc: "Test 4: if view-source first should report before invalid protocol",
protocols: "view-source:wibble:http",
expectedProtocolList: "view-source, wibble"
}

9
toolkit/components/telemetry/Histograms.json
View File

@ -869,15 +869,6 @@
"bug_numbers": [1239166],
"description": "Status of Family Safety detection and remediation. See nsNSSComponent.cpp."
},
"FEED_PROTOCOL_USAGE": {
"record_in_processes": ["main", "content"],
"alert_emails": ["jkt@mozilla.com"],
"bug_numbers": [1345546],
"expires_in_version": "60",
"kind": "enumerated",
"n_values": 8,
"description": "Usage counts of feed protocols used to load a page. (1=feed, 2=feed:http, 3=feed:https, 4=feed:brokenScheme, 5=pcast, 6=pcast:http, 7=pcast:https, 8=pcast:brokenScheme)"
},
"FETCH_IS_MAINTHREAD": {
"record_in_processes": ["main", "content"],
"expires_in_version": "50",