mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-25 22:01:30 +00:00
Bug 1658878 - Isolate BlobURLs per agent-cluster - pref, r=smaug
Differential Revision: https://phabricator.services.mozilla.com/D86968
This commit is contained in:
parent
2a7a7cfe86
commit
6b8618a091
@ -135,6 +135,12 @@ async function openInNewTabAndReturnContent(selector) {
|
|||||||
return blobDataFromContent;
|
return blobDataFromContent;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
add_task(async function setup() {
|
||||||
|
await SpecialPowers.pushPrefEnv({
|
||||||
|
set: [["privacy.partition.bloburl_per_agent_cluster", false]],
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
add_task(async function test_rightclick_open_bloburl_in_new_tab() {
|
add_task(async function test_rightclick_open_bloburl_in_new_tab() {
|
||||||
let blobDataFromLoadedPage = await rightClickOpenInNewTabAndReturnContent(
|
let blobDataFromLoadedPage = await rightClickOpenInNewTabAndReturnContent(
|
||||||
"blob-url-link"
|
"blob-url-link"
|
||||||
|
@ -109,4 +109,10 @@ for (let blobify of [page_blobify, worker_blobify]) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
IsolationTestTools.runTests(TEST_PAGE, tests);
|
async function setup() {
|
||||||
|
await SpecialPowers.pushPrefEnv({
|
||||||
|
set: [["privacy.partition.bloburl_per_agent_cluster", false]],
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
IsolationTestTools.runTests(TEST_PAGE, tests, null, setup);
|
||||||
|
@ -4,6 +4,12 @@ requestLongerTimeout(3);
|
|||||||
|
|
||||||
const BASE_URI = "http://mochi.test:8888/browser/dom/file/ipc/tests/empty.html";
|
const BASE_URI = "http://mochi.test:8888/browser/dom/file/ipc/tests/empty.html";
|
||||||
|
|
||||||
|
add_task(async function setup() {
|
||||||
|
await SpecialPowers.pushPrefEnv({
|
||||||
|
set: [["privacy.partition.bloburl_per_agent_cluster", false]],
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
// More than 1mb memory blob childA-parent-childB.
|
// More than 1mb memory blob childA-parent-childB.
|
||||||
add_task(async function test_CtoPtoC_big() {
|
add_task(async function test_CtoPtoC_big() {
|
||||||
let tab1 = await BrowserTestUtils.openNewForegroundTab(gBrowser, BASE_URI);
|
let tab1 = await BrowserTestUtils.openNewForegroundTab(gBrowser, BASE_URI);
|
||||||
|
@ -6,12 +6,19 @@ const { CookieXPCShellUtils } = ChromeUtils.import(
|
|||||||
"resource://testing-common/CookieXPCShellUtils.jsm"
|
"resource://testing-common/CookieXPCShellUtils.jsm"
|
||||||
);
|
);
|
||||||
|
|
||||||
|
const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm");
|
||||||
|
|
||||||
CookieXPCShellUtils.init(this);
|
CookieXPCShellUtils.init(this);
|
||||||
|
|
||||||
// Same agent cluster, all works fine: blobURLs can be opened.
|
// Same agent cluster, all works fine: blobURLs can be opened.
|
||||||
add_task(async () => {
|
add_task(async () => {
|
||||||
do_get_profile();
|
do_get_profile();
|
||||||
|
|
||||||
|
Services.prefs.setBoolPref(
|
||||||
|
"privacy.partition.bloburl_per_agent_cluster",
|
||||||
|
true
|
||||||
|
);
|
||||||
|
|
||||||
const server = CookieXPCShellUtils.createServer({ hosts: ["example.org"] });
|
const server = CookieXPCShellUtils.createServer({ hosts: ["example.org"] });
|
||||||
|
|
||||||
let result = new Promise(resolve => {
|
let result = new Promise(resolve => {
|
||||||
|
@ -739,8 +739,9 @@ bool BlobURLProtocolHandler::GetDataEntry(
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Same agent-cluster only.
|
// BlobURLs are openable on the same agent-cluster-id only.
|
||||||
if (aAgentClusterId.isSome() && info->mAgentClusterId.isSome() &&
|
if (StaticPrefs::privacy_partition_bloburl_per_agent_cluster() &&
|
||||||
|
aAgentClusterId.isSome() && info->mAgentClusterId.isSome() &&
|
||||||
!aAgentClusterId.value().Equals(info->mAgentClusterId.value())) {
|
!aAgentClusterId.value().Equals(info->mAgentClusterId.value())) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
@ -19,10 +19,14 @@ onmessage = function(e) {
|
|||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
var ifr = document.createElement("iframe");
|
SpecialPowers.pushPrefEnv({
|
||||||
document.body.appendChild(ifr);
|
"set": [["privacy.partition.bloburl_per_agent_cluster", false]]
|
||||||
|
}).then(() => {
|
||||||
|
var ifr = document.createElement("iframe");
|
||||||
|
document.body.appendChild(ifr);
|
||||||
|
|
||||||
ifr.src = "data:text/html,<script>location=URL.createObjectURL(new%20Blob(['<script>parent.postMessage(location.pathname,\"*\");location.pathname=\"foo\";parent.postMessage(location.pathname,\"*\");<\/s' +'cript>'], {type:\"text/html\"}));<\/script>";
|
ifr.src = "data:text/html,<script>location=URL.createObjectURL(new%20Blob(['<script>parent.postMessage(location.pathname,\"*\");location.pathname=\"foo\";parent.postMessage(location.pathname,\"*\");<\/s' +'cript>'], {type:\"text/html\"}));<\/script>";
|
||||||
|
});
|
||||||
|
|
||||||
SimpleTest.waitForExplicitFinish();
|
SimpleTest.waitForExplicitFinish();
|
||||||
|
|
||||||
|
@ -8766,6 +8766,11 @@
|
|||||||
value: @IS_NIGHTLY_BUILD@
|
value: @IS_NIGHTLY_BUILD@
|
||||||
mirror: always
|
mirror: always
|
||||||
|
|
||||||
|
- name: privacy.partition.bloburl_per_agent_cluster
|
||||||
|
type: RelaxedAtomicBool
|
||||||
|
value: @IS_NIGHTLY_BUILD@
|
||||||
|
mirror: always
|
||||||
|
|
||||||
# By default, the network state isolation is not active when there is a proxy
|
# By default, the network state isolation is not active when there is a proxy
|
||||||
# setting. This pref forces the network isolation even in these scenarios.
|
# setting. This pref forces the network isolation even in these scenarios.
|
||||||
- name: privacy.partition.network_state.connection_with_proxy
|
- name: privacy.partition.network_state.connection_with_proxy
|
||||||
|
@ -0,0 +1 @@
|
|||||||
|
prefs: [privacy.partition.bloburl_per_agent_cluster:false]
|
@ -0,0 +1 @@
|
|||||||
|
prefs: [privacy.partition.bloburl_per_agent_cluster:false]
|
Loading…
Reference in New Issue
Block a user