From 44ff01783718818e0e96e2bb457866c2ec360243 Mon Sep 17 00:00:00 2001 From: Tom Schuster Date: Fri, 12 Feb 2021 15:40:56 +0000 Subject: [PATCH] Bug 1686441 - Add a console warning when blob URL partitioning is applied. r=smaug Differential Revision: https://phabricator.services.mozilla.com/D104813 --- dom/file/uri/BlobURLInputStream.cpp | 6 ++++-- dom/file/uri/BlobURLProtocolHandler.cpp | 14 +++++++++++++- dom/file/uri/BlobURLProtocolHandler.h | 1 + dom/ipc/ContentParent.cpp | 6 +++--- dom/ipc/ContentParent.h | 2 +- dom/ipc/PContent.ipdl | 1 + dom/locales/en-US/chrome/dom/dom.properties | 2 ++ 7 files changed, 25 insertions(+), 7 deletions(-) diff --git a/dom/file/uri/BlobURLInputStream.cpp b/dom/file/uri/BlobURLInputStream.cpp index 9ad8a92798ea..f5a854c9e1c7 100644 --- a/dom/file/uri/BlobURLInputStream.cpp +++ b/dom/file/uri/BlobURLInputStream.cpp @@ -375,7 +375,8 @@ void BlobURLInputStream::RetrieveBlobData(const MutexAutoLock& aProofOfLock) { if (!BlobURLProtocolHandler::GetDataEntry( mBlobURLSpec, getter_AddRefs(blobImpl), loadingPrincipal, triggeringPrincipal, loadInfo->GetOriginAttributes(), - agentClusterId, true /* AlsoIfRevoked */)) { + loadInfo->GetInnerWindowID(), agentClusterId, + true /* AlsoIfRevoked */)) { NS_WARNING("Failed to get data entry principal. URL revoked?"); return; } @@ -407,7 +408,8 @@ void BlobURLInputStream::RetrieveBlobData(const MutexAutoLock& aProofOfLock) { contentChild ->SendBlobURLDataRequest(mBlobURLSpec, triggeringPrincipal, loadingPrincipal, - loadInfo->GetOriginAttributes(), agentClusterId) + loadInfo->GetOriginAttributes(), + loadInfo->GetInnerWindowID(), agentClusterId) ->Then( GetCurrentSerialEventTarget(), __func__, [self](const BlobURLDataRequestResult& aResult) { diff --git a/dom/file/uri/BlobURLProtocolHandler.cpp b/dom/file/uri/BlobURLProtocolHandler.cpp index 1e227f906d69..a6c3c9526e50 100644 --- a/dom/file/uri/BlobURLProtocolHandler.cpp +++ b/dom/file/uri/BlobURLProtocolHandler.cpp @@ -737,7 +737,7 @@ nsresult BlobURLProtocolHandler::GenerateURIString(nsIPrincipal* aPrincipal, bool BlobURLProtocolHandler::GetDataEntry( const nsACString& aUri, mozilla::dom::BlobImpl** aBlobImpl, nsIPrincipal* aLoadingPrincipal, nsIPrincipal* aTriggeringPrincipal, - const OriginAttributes& aOriginAttributes, + const OriginAttributes& aOriginAttributes, uint64_t aInnerWindowId, const Maybe& aAgentClusterId, bool aAlsoIfRevoked) { MOZ_ASSERT(NS_IsMainThread(), "without locking gDataTable is main-thread only"); @@ -778,6 +778,18 @@ bool BlobURLProtocolHandler::GetDataEntry( if (StaticPrefs::privacy_partition_bloburl_per_agent_cluster() && aAgentClusterId.isSome() && info->mAgentClusterId.isSome() && NS_WARN_IF(!aAgentClusterId->Equals(info->mAgentClusterId.value()))) { + nsAutoString localizedMsg; + AutoTArray param; + CopyUTF8toUTF16(aUri, *param.AppendElement()); + nsresult rv = nsContentUtils::FormatLocalizedString( + nsContentUtils::eDOM_PROPERTIES, "BlobDifferentClusterError", param, + localizedMsg); + if (NS_WARN_IF(NS_FAILED(rv))) { + return false; + } + + nsContentUtils::ReportToConsoleByWindowID( + localizedMsg, nsIScriptError::errorFlag, "DOM"_ns, aInnerWindowId); return false; } diff --git a/dom/file/uri/BlobURLProtocolHandler.h b/dom/file/uri/BlobURLProtocolHandler.h index 66f24e01c3b9..46c31b9154d5 100644 --- a/dom/file/uri/BlobURLProtocolHandler.h +++ b/dom/file/uri/BlobURLProtocolHandler.h @@ -75,6 +75,7 @@ class BlobURLProtocolHandler final : public nsIProtocolHandler, nsIPrincipal* aLoadingPrincipal, nsIPrincipal* aTriggeringPrincipal, const OriginAttributes& aOriginAttributes, + uint64_t aInnerWindowId, const Maybe& blobAgentClusterId, bool aAlsoIfRevoked = false); diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp index 3e47037f09e8..f62b5cc9c80c 100644 --- a/dom/ipc/ContentParent.cpp +++ b/dom/ipc/ContentParent.cpp @@ -7196,7 +7196,7 @@ PFileDescriptorSetParent* ContentParent::SendPFileDescriptorSetConstructor( mozilla::ipc::IPCResult ContentParent::RecvBlobURLDataRequest( const nsCString& aBlobURL, nsIPrincipal* aTriggeringPrincipal, nsIPrincipal* aLoadingPrincipal, const OriginAttributes& aOriginAttributes, - const Maybe& aAgentClusterId, + uint64_t aInnerWindowId, const Maybe& aAgentClusterId, BlobURLDataRequestResolver&& aResolver) { RefPtr blobImpl; @@ -7204,8 +7204,8 @@ mozilla::ipc::IPCResult ContentParent::RecvBlobURLDataRequest( // longer exists (due to the 5 second timeout) when execution reaches here if (!BlobURLProtocolHandler::GetDataEntry( aBlobURL, getter_AddRefs(blobImpl), aLoadingPrincipal, - aTriggeringPrincipal, aOriginAttributes, aAgentClusterId, - true /* AlsoIfRevoked */)) { + aTriggeringPrincipal, aOriginAttributes, aInnerWindowId, + aAgentClusterId, true /* AlsoIfRevoked */)) { aResolver(NS_ERROR_DOM_BAD_URI); return IPC_OK(); } diff --git a/dom/ipc/ContentParent.h b/dom/ipc/ContentParent.h index bd2d9f5cb599..23b69566cde1 100644 --- a/dom/ipc/ContentParent.h +++ b/dom/ipc/ContentParent.h @@ -724,7 +724,7 @@ class ContentParent final mozilla::ipc::IPCResult RecvBlobURLDataRequest( const nsCString& aBlobURL, nsIPrincipal* pTriggeringPrincipal, nsIPrincipal* pLoadingPrincipal, - const OriginAttributes& aOriginAttributes, + const OriginAttributes& aOriginAttributes, uint64_t aInnerWindowId, const Maybe& aAgentClusterId, BlobURLDataRequestResolver&& aResolver); diff --git a/dom/ipc/PContent.ipdl b/dom/ipc/PContent.ipdl index 7682f85e1b18..0fcc049a9c6a 100644 --- a/dom/ipc/PContent.ipdl +++ b/dom/ipc/PContent.ipdl @@ -1721,6 +1721,7 @@ parent: nsIPrincipal aTriggeringPrincipal, nsIPrincipal aLoadingPrincipal, OriginAttributes aOriginAttributes, + uint64_t aInnerWindowId, nsID? aAgentClusterId) returns (BlobURLDataRequestResult aResult); diff --git a/dom/locales/en-US/chrome/dom/dom.properties b/dom/locales/en-US/chrome/dom/dom.properties index 99cbbcbe9e84..3c467d4bf90d 100644 --- a/dom/locales/en-US/chrome/dom/dom.properties +++ b/dom/locales/en-US/chrome/dom/dom.properties @@ -411,3 +411,5 @@ ExternalProtocolFrameBlockedNoUserActivation=Iframe with external protocol was b MultiplePopupsBlockedNoUserActivation=Opening multiple popups was blocked due to lack of user activation. # LOCALIZATION NOTE: %S is the URL of the preload that was ignored. PreloadIgnoredInvalidAttr=Preload of %S was ignored due to unknown “as” or “type” values, or non-matching “media” attribute. +# LOCALIZATION NOTE: %S is the blob URL. Don't translate "agent cluster". +BlobDifferentClusterError=Cannot access blob URL “%S” from a different agent cluster.