mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-26 22:32:46 +00:00
Bug 1834703 - Return null origin of "blob:" URL containing disallowed inner schemes r=smaug,valentin
Return null origin of a blob URL containing an inner URL which is not of some schemes (https, http, file per spec) to comply with new spec changes. Allowed schemes also include moz-extension for our own purposes. Examples: - "blob:blob:https://example.org/" - inner blob URL - "blob:ws://example.org/" - inner non-http(s) URL Spec PR: https://github.com/whatwg/url/pull/771 WPT tests: https://github.com/web-platform-tests/wpt/pull/40133 16 WPT subtests newly pass 🎉 Differential Revision: https://phabricator.services.mozilla.com/D179400
This commit is contained in:
parent
a8549eda8a
commit
7a80d19009
@ -6718,6 +6718,16 @@ nsresult nsContentUtils::GetWebExposedOriginSerialization(nsIURI* aURI,
|
|||||||
return NS_OK;
|
return NS_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (
|
||||||
|
// Schemes in spec. https://url.spec.whatwg.org/#origin
|
||||||
|
!uri->SchemeIs("http") && !uri->SchemeIs("https") &&
|
||||||
|
!uri->SchemeIs("file") && !uri->SchemeIs("resource") &&
|
||||||
|
// Our own schemes.
|
||||||
|
!uri->SchemeIs("moz-extension")) {
|
||||||
|
aOrigin.AssignLiteral("null");
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
|
||||||
return GetWebExposedOriginSerialization(uri, aOrigin);
|
return GetWebExposedOriginSerialization(uri, aOrigin);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
<html>
|
<html>
|
||||||
<head>
|
<head>
|
||||||
<meta charset="utf-8">
|
<meta charset="utf-8">
|
||||||
<title>Test for unknwon URL.origin</title>
|
<title>Test for unknown URL.origin</title>
|
||||||
<script src="/tests/SimpleTest/SimpleTest.js"></script>
|
<script src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
|
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
|
||||||
</head>
|
</head>
|
||||||
@ -10,7 +10,7 @@
|
|||||||
<script type="application/javascript">
|
<script type="application/javascript">
|
||||||
|
|
||||||
is((new URL("blob:http://foo.com/bar")).origin, "http://foo.com");
|
is((new URL("blob:http://foo.com/bar")).origin, "http://foo.com");
|
||||||
is((new URL("blob:blob:http://foo.com/bar")).origin, "http://foo.com");
|
is((new URL("blob:blob:http://foo.com/bar")).origin, "null");
|
||||||
|
|
||||||
</script>
|
</script>
|
||||||
</body>
|
</body>
|
||||||
|
@ -4,15 +4,3 @@
|
|||||||
|
|
||||||
[Parsing origin: <http://!"$&'()*+,-.;=_`{}~/> against <about:blank>]
|
[Parsing origin: <http://!"$&'()*+,-.;=_`{}~/> against <about:blank>]
|
||||||
expected: FAIL
|
expected: FAIL
|
||||||
|
|
||||||
[Parsing origin: <blob:blob:https://example.org/> against <about:blank>]
|
|
||||||
expected: FAIL
|
|
||||||
|
|
||||||
[Parsing origin: <blob:ftp://host/path> against <about:blank>]
|
|
||||||
expected: FAIL
|
|
||||||
|
|
||||||
[Parsing origin: <blob:ws://example.org/> against <about:blank>]
|
|
||||||
expected: FAIL
|
|
||||||
|
|
||||||
[Parsing origin: <blob:wss://example.org/> against <about:blank>]
|
|
||||||
expected: FAIL
|
|
||||||
|
@ -4,15 +4,3 @@
|
|||||||
|
|
||||||
[Parsing origin: <http://!"$&'()*+,-.;=_`{}~/> against <about:blank>]
|
[Parsing origin: <http://!"$&'()*+,-.;=_`{}~/> against <about:blank>]
|
||||||
expected: FAIL
|
expected: FAIL
|
||||||
|
|
||||||
[Parsing origin: <blob:blob:https://example.org/> against <about:blank>]
|
|
||||||
expected: FAIL
|
|
||||||
|
|
||||||
[Parsing origin: <blob:ftp://host/path> against <about:blank>]
|
|
||||||
expected: FAIL
|
|
||||||
|
|
||||||
[Parsing origin: <blob:ws://example.org/> against <about:blank>]
|
|
||||||
expected: FAIL
|
|
||||||
|
|
||||||
[Parsing origin: <blob:wss://example.org/> against <about:blank>]
|
|
||||||
expected: FAIL
|
|
||||||
|
@ -5,18 +5,6 @@
|
|||||||
[Origin parsing: <wss://!"$&'()*+,-.;=_`{}~/> without base]
|
[Origin parsing: <wss://!"$&'()*+,-.;=_`{}~/> without base]
|
||||||
expected: FAIL
|
expected: FAIL
|
||||||
|
|
||||||
[Origin parsing: <blob:blob:https://example.org/> without base]
|
|
||||||
expected: FAIL
|
|
||||||
|
|
||||||
[Origin parsing: <blob:ftp://host/path> without base]
|
|
||||||
expected: FAIL
|
|
||||||
|
|
||||||
[Origin parsing: <blob:ws://example.org/> without base]
|
|
||||||
expected: FAIL
|
|
||||||
|
|
||||||
[Origin parsing: <blob:wss://example.org/> without base]
|
|
||||||
expected: FAIL
|
|
||||||
|
|
||||||
|
|
||||||
[url-origin.any.worker.html]
|
[url-origin.any.worker.html]
|
||||||
[Origin parsing: <http://!"$&'()*+,-.;=_`{}~/> without base]
|
[Origin parsing: <http://!"$&'()*+,-.;=_`{}~/> without base]
|
||||||
@ -24,15 +12,3 @@
|
|||||||
|
|
||||||
[Origin parsing: <wss://!"$&'()*+,-.;=_`{}~/> without base]
|
[Origin parsing: <wss://!"$&'()*+,-.;=_`{}~/> without base]
|
||||||
expected: FAIL
|
expected: FAIL
|
||||||
|
|
||||||
[Origin parsing: <blob:blob:https://example.org/> without base]
|
|
||||||
expected: FAIL
|
|
||||||
|
|
||||||
[Origin parsing: <blob:ftp://host/path> without base]
|
|
||||||
expected: FAIL
|
|
||||||
|
|
||||||
[Origin parsing: <blob:ws://example.org/> without base]
|
|
||||||
expected: FAIL
|
|
||||||
|
|
||||||
[Origin parsing: <blob:wss://example.org/> without base]
|
|
||||||
expected: FAIL
|
|
||||||
|
Loading…
Reference in New Issue
Block a user