Bug 1834703 - Return null origin of "blob:" URL containing disallowed inner schemes r=smaug,valentin

Return null origin of a blob URL containing an inner URL which is not of
some schemes (https, http, file per spec) to comply with new spec changes.
Allowed schemes also include moz-extension for our own purposes.

Examples:
- "blob:blob:https://example.org/" - inner blob URL
- "blob:ws://example.org/" - inner non-http(s) URL

Spec PR: https://github.com/whatwg/url/pull/771
WPT tests: https://github.com/web-platform-tests/wpt/pull/40133

16 WPT subtests newly pass 🎉

Differential Revision: https://phabricator.services.mozilla.com/D179400
This commit is contained in:
CanadaHonk 2024-05-24 15:21:47 +00:00
parent a8549eda8a
commit 7a80d19009
5 changed files with 12 additions and 50 deletions

View File

@ -6718,6 +6718,16 @@ nsresult nsContentUtils::GetWebExposedOriginSerialization(nsIURI* aURI,
return NS_OK; return NS_OK;
} }
if (
// Schemes in spec. https://url.spec.whatwg.org/#origin
!uri->SchemeIs("http") && !uri->SchemeIs("https") &&
!uri->SchemeIs("file") && !uri->SchemeIs("resource") &&
// Our own schemes.
!uri->SchemeIs("moz-extension")) {
aOrigin.AssignLiteral("null");
return NS_OK;
}
return GetWebExposedOriginSerialization(uri, aOrigin); return GetWebExposedOriginSerialization(uri, aOrigin);
} }

View File

@ -2,7 +2,7 @@
<html> <html>
<head> <head>
<meta charset="utf-8"> <meta charset="utf-8">
<title>Test for unknwon URL.origin</title> <title>Test for unknown URL.origin</title>
<script src="/tests/SimpleTest/SimpleTest.js"></script> <script src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/> <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
</head> </head>
@ -10,7 +10,7 @@
<script type="application/javascript"> <script type="application/javascript">
is((new URL("blob:http://foo.com/bar")).origin, "http://foo.com"); is((new URL("blob:http://foo.com/bar")).origin, "http://foo.com");
is((new URL("blob:blob:http://foo.com/bar")).origin, "http://foo.com"); is((new URL("blob:blob:http://foo.com/bar")).origin, "null");
</script> </script>
</body> </body>

View File

@ -4,15 +4,3 @@
[Parsing origin: <http://!"$&'()*+,-.;=_`{}~/> against <about:blank>] [Parsing origin: <http://!"$&'()*+,-.;=_`{}~/> against <about:blank>]
expected: FAIL expected: FAIL
[Parsing origin: <blob:blob:https://example.org/> against <about:blank>]
expected: FAIL
[Parsing origin: <blob:ftp://host/path> against <about:blank>]
expected: FAIL
[Parsing origin: <blob:ws://example.org/> against <about:blank>]
expected: FAIL
[Parsing origin: <blob:wss://example.org/> against <about:blank>]
expected: FAIL

View File

@ -4,15 +4,3 @@
[Parsing origin: <http://!"$&'()*+,-.;=_`{}~/> against <about:blank>] [Parsing origin: <http://!"$&'()*+,-.;=_`{}~/> against <about:blank>]
expected: FAIL expected: FAIL
[Parsing origin: <blob:blob:https://example.org/> against <about:blank>]
expected: FAIL
[Parsing origin: <blob:ftp://host/path> against <about:blank>]
expected: FAIL
[Parsing origin: <blob:ws://example.org/> against <about:blank>]
expected: FAIL
[Parsing origin: <blob:wss://example.org/> against <about:blank>]
expected: FAIL

View File

@ -5,18 +5,6 @@
[Origin parsing: <wss://!"$&'()*+,-.;=_`{}~/> without base] [Origin parsing: <wss://!"$&'()*+,-.;=_`{}~/> without base]
expected: FAIL expected: FAIL
[Origin parsing: <blob:blob:https://example.org/> without base]
expected: FAIL
[Origin parsing: <blob:ftp://host/path> without base]
expected: FAIL
[Origin parsing: <blob:ws://example.org/> without base]
expected: FAIL
[Origin parsing: <blob:wss://example.org/> without base]
expected: FAIL
[url-origin.any.worker.html] [url-origin.any.worker.html]
[Origin parsing: <http://!"$&'()*+,-.;=_`{}~/> without base] [Origin parsing: <http://!"$&'()*+,-.;=_`{}~/> without base]
@ -24,15 +12,3 @@
[Origin parsing: <wss://!"$&'()*+,-.;=_`{}~/> without base] [Origin parsing: <wss://!"$&'()*+,-.;=_`{}~/> without base]
expected: FAIL expected: FAIL
[Origin parsing: <blob:blob:https://example.org/> without base]
expected: FAIL
[Origin parsing: <blob:ftp://host/path> without base]
expected: FAIL
[Origin parsing: <blob:ws://example.org/> without base]
expected: FAIL
[Origin parsing: <blob:wss://example.org/> without base]
expected: FAIL