Backed out changeset abbef296a82f (bug 1285036)

2024-10-11 12:25:53 +00:00 · 2016-07-21 06:14:28 +02:00 · 2016-07-21 06:14:28 +02:00 · 7d34c388a9
commit 7d34c388a9
parent ada9fcd231
3 changed files with 166 additions and 208 deletions
--- a/dom/xhr/XMLHttpRequestMainThread.cpp
+++ b/dom/xhr/XMLHttpRequestMainThread.cpp
@ -1350,131 +1350,54 @@ XMLHttpRequestMainThread::IsSystemXHR() const
 }

 NS_IMETHODIMP
-XMLHttpRequestMainThread::Open(const nsACString& aMethod, const nsACString& aUrl,
-                               bool aAsync, const nsAString& aUsername,
-                               const nsAString& aPassword, uint8_t optional_argc)
+XMLHttpRequestMainThread::Open(const nsACString& method, const nsACString& url,
+                               bool async, const nsAString& user,
+                               const nsAString& password, uint8_t optional_argc)
 {
-  Optional<bool> async;
  if (!optional_argc) {
    // No optional arguments were passed in. Default async to true.
-    async.Construct() = true;
-  } else {
-    async.Construct() = aAsync;
+    async = true;
  }
-  Optional<nsAString> username;
+  Optional<nsAString> realUser;
  if (optional_argc > 1) {
-    username = &aUsername;
+    realUser = &user;
  }
-  Optional<nsAString> password;
+  Optional<nsAString> realPassword;
  if (optional_argc > 2) {
-    password = &aPassword;
+    realPassword = &password;
  }
-  return OpenInternal(aMethod, aUrl, async, username, password);
-}
-
-// This case is hit when the async parameter is outright omitted, which
-// should set it to true (and the username and password to null).
-void
-XMLHttpRequestMainThread::Open(const nsACString& aMethod, const nsAString& aUrl,
-                               ErrorResult& aRv)
-{
-  aRv = OpenInternal(aMethod, NS_ConvertUTF16toUTF8(aUrl), Optional<bool>(true),
-                     Optional<nsAString>(), Optional<nsAString>());
-}
-
-// This case is hit when the async parameter is specified, even if the
-// JS value was "undefined" (which due to legacy reasons should be
-// treated as true, which is how it will already be passed in here).
-void
-XMLHttpRequestMainThread::Open(const nsACString& aMethod,
-                               const nsAString& aUrl,
-                               bool aAsync,
-                               const Optional<nsAString>& aUsername,
-                               const Optional<nsAString>& aPassword,
-                               ErrorResult& aRv)
-{
-  aRv = OpenInternal(aMethod, NS_ConvertUTF16toUTF8(aUrl),
-                     Optional<bool>(aAsync), aUsername, aPassword);
+  return Open(method, url, async, realUser, realPassword);
 }

 nsresult
-XMLHttpRequestMainThread::OpenInternal(const nsACString& aMethod,
-                                       const nsACString& aUrl,
-                                       const Optional<bool>& aAsync,
-                                       const Optional<nsAString>& aUsername,
-                                       const Optional<nsAString>& aPassword)
+XMLHttpRequestMainThread::Open(const nsACString& inMethod, const nsACString& url,
+                               bool async, const Optional<nsAString>& user,
+                               const Optional<nsAString>& password)
 {
-  bool async = aAsync.WasPassed() ? aAsync.Value() : true;
+  if (inMethod.IsEmpty()) {
+    return NS_ERROR_DOM_SYNTAX_ERR;
+  }

-  // Gecko-specific
  if (!async && !DontWarnAboutSyncXHR() && GetOwner() &&
      GetOwner()->GetExtantDoc()) {
    GetOwner()->GetExtantDoc()->WarnOnceAbout(nsIDocument::eSyncXMLHttpRequest);
  }

-  Telemetry::Accumulate(Telemetry::XMLHTTPREQUEST_ASYNC_OR_SYNC, async ? 0 : 1);
+  Telemetry::Accumulate(Telemetry::XMLHTTPREQUEST_ASYNC_OR_SYNC,
+                        async ? 0 : 1);

-  // Step 1
-  nsCOMPtr<nsIDocument> responsibleDocument = GetDocumentIfCurrent();
-  if (!responsibleDocument) {
-    // This could be because we're no longer current or because we're in some
-    // non-window context...
-    nsresult rv = CheckInnerWindowCorrectness();
-    if (NS_WARN_IF(NS_FAILED(rv))) {
-      return NS_ERROR_DOM_INVALID_STATE_ERR;
-    }
-  }
  NS_ENSURE_TRUE(mPrincipal, NS_ERROR_NOT_INITIALIZED);

-  // Steps 2-4
  nsAutoCString method;
-  nsresult rv = FetchUtil::GetValidRequestMethod(aMethod, method);
+  nsresult rv = FetchUtil::GetValidRequestMethod(inMethod, method);
  if (NS_WARN_IF(NS_FAILED(rv))) {
    return rv;
  }

-  // Steps 5-6
-  nsCOMPtr<nsIURI> baseURI;
-  if (mBaseURI) {
-    baseURI = mBaseURI;
-  } else if (responsibleDocument) {
-    baseURI = responsibleDocument->GetBaseURI();
-  }
-  nsCOMPtr<nsIURI> parsedURL;
-  rv = NS_NewURI(getter_AddRefs(parsedURL), aUrl, nullptr, baseURI);
-  if (NS_FAILED(rv)) {
-    if (rv ==  NS_ERROR_MALFORMED_URI) {
-      return NS_ERROR_DOM_SYNTAX_ERR;
-    }
-    return rv;
-  }
-  if (NS_WARN_IF(NS_FAILED(CheckInnerWindowCorrectness()))) {
-    return NS_ERROR_DOM_INVALID_STATE_ERR;
-  }
-
-  // Step 7 is already done above.
-  // Note that the username and password are already passed in as null by Open()
-  // if the async parameter is omitted, so there's no need check again here.
-
-  // Step 8
-  if (aAsync.WasPassed()) {
-    nsAutoCString host;
-    parsedURL->GetHost(host);
-    if (!host.IsEmpty()) {
-      nsAutoCString userpass;
-      if (aUsername.WasPassed()) {
-        CopyUTF16toUTF8(aUsername.Value(), userpass);
-      }
-      userpass.AppendLiteral(":");
-      if (aPassword.WasPassed()) {
-        AppendUTF16toUTF8(aPassword.Value(), userpass);
-      }
-      parsedURL->SetUserPass(userpass);
-    }
-  }
-
-  // Step 9
-  if (!async && HasOrHasHadOwner() && (mTimeoutMilliseconds ||
+  // sync request is not allowed to use responseType or timeout
+  // in window context
+  if (!async && HasOrHasHadOwner() &&
+      (mTimeoutMilliseconds ||
       mResponseType != XMLHttpRequestResponseType::_empty)) {
    if (mTimeoutMilliseconds) {
      LogMessage("TimeoutSyncXHRWarning", GetOwner());
@ -1485,30 +1408,140 @@ XMLHttpRequestMainThread::OpenInternal(const nsACString& aMethod,
    return NS_ERROR_DOM_INVALID_ACCESS_ERR;
  }

-  // Step 10
-  CloseRequest();
+  nsCOMPtr<nsIURI> uri;
+
+  CloseRequest(); // spec step 10
+  ResetResponse(); // (part of) spec step 11

-  // Step 11
-  // timeouts are handled without a flag
  mFlagSend = false;
-  mRequestMethod.Assign(method);
-  mRequestURL = parsedURL;
-  mFlagSynchronous = !async;
-  mAuthorRequestHeaders.Clear();
-  ResetResponse();

-  // Gecko-specific
-  mFlagHadUploadListenersOnSend = false;
+  // Unset any pre-existing aborted and timed-out flags.
  mFlagAborted = false;
  mFlagTimedOut = false;

-  rv = InitChannel();
+  mFlagSynchronous = !async;
+
+  nsCOMPtr<nsIDocument> doc = GetDocumentIfCurrent();
+  if (!doc) {
+    // This could be because we're no longer current or because we're in some
+    // non-window context...
+    if (NS_WARN_IF(NS_FAILED(CheckInnerWindowCorrectness()))) {
+      return NS_ERROR_DOM_INVALID_STATE_ERR;
+    }
+  }
+
+  nsCOMPtr<nsIURI> baseURI;
+  if (mBaseURI) {
+    baseURI = mBaseURI;
+  }
+  else if (doc) {
+    baseURI = doc->GetBaseURI();
+  }
+
+  rv = NS_NewURI(getter_AddRefs(uri), url, nullptr, baseURI);
+
+  if (NS_FAILED(rv)) {
+    if (rv ==  NS_ERROR_MALFORMED_URI) {
+      return NS_ERROR_DOM_SYNTAX_ERR;
+    }
+    return rv;
+  }
+
+  if (NS_WARN_IF(NS_FAILED(CheckInnerWindowCorrectness()))) {
+    return NS_ERROR_DOM_INVALID_STATE_ERR;
+  }
+
+  // XXXbz this is wrong: we should only be looking at whether
+  // user/password were passed, not at the values!  See bug 759624.
+  if (user.WasPassed() && !user.Value().IsEmpty()) {
+    nsAutoCString userpass;
+    CopyUTF16toUTF8(user.Value(), userpass);
+    if (password.WasPassed() && !password.Value().IsEmpty()) {
+      userpass.Append(':');
+      AppendUTF16toUTF8(password.Value(), userpass);
+    }
+    uri->SetUserPass(userpass);
+  }
+
+  // Clear our record of previously set headers so future header set
+  // operations will merge/override correctly.
+  mAuthorRequestHeaders.Clear();
+
+  // When we are called from JS we can find the load group for the page,
+  // and add ourselves to it. This way any pending requests
+  // will be automatically aborted if the user leaves the page.
+  nsCOMPtr<nsILoadGroup> loadGroup = GetLoadGroup();
+
+  nsSecurityFlags secFlags;
+  nsLoadFlags loadFlags = nsIRequest::LOAD_BACKGROUND |
+    nsIChannel::LOAD_CLASSIFY_URI;
+  if (nsContentUtils::IsSystemPrincipal(mPrincipal)) {
+    // When chrome is loading we want to make sure to sandbox any potential
+    // result document. We also want to allow cross-origin loads.
+    secFlags = nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL |
+               nsILoadInfo::SEC_SANDBOXED;
+  }
+  else if (IsSystemXHR()) {
+    // For pages that have appropriate permissions, we want to still allow
+    // cross-origin loads, but make sure that the any potential result
+    // documents get the same principal as the loader.
+    secFlags = nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS |
+               nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
+    loadFlags |= nsIChannel::LOAD_BYPASS_SERVICE_WORKER;
+  }
+  else {
+    // Otherwise use CORS. Again, make sure that potential result documents
+    // use the same principal as the loader.
+    secFlags = nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS |
+               nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
+  }
+
+  if (mIsAnon) {
+    secFlags |= nsILoadInfo::SEC_COOKIES_OMIT;
+  }
+
+  // If we have the document, use it. Unfortunately, for dedicated workers
+  // 'doc' ends up being the parent document, which is not the document
+  // that we want to use. So make sure to avoid using 'doc' in that situation.
+  if (doc && doc->NodePrincipal() == mPrincipal) {
+    rv = NS_NewChannel(getter_AddRefs(mChannel),
+                       uri,
+                       doc,
+                       secFlags,
+                       nsIContentPolicy::TYPE_INTERNAL_XMLHTTPREQUEST,
+                       loadGroup,
+                       nullptr,   // aCallbacks
+                       loadFlags);
+  } else {
+    //otherwise use the principal
+    rv = NS_NewChannel(getter_AddRefs(mChannel),
+                       uri,
+                       mPrincipal,
+                       secFlags,
+                       nsIContentPolicy::TYPE_INTERNAL_XMLHTTPREQUEST,
+                       loadGroup,
+                       nullptr,   // aCallbacks
+                       loadFlags);
+  }
+
  NS_ENSURE_SUCCESS(rv, rv);

-  // Step 12
+  mFlagHadUploadListenersOnSend = false;
+
+  nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(mChannel));
+  if (httpChannel) {
+    rv = httpChannel->SetRequestMethod(method);
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    // Set the initiator type
+    nsCOMPtr<nsITimedChannel> timedChannel(do_QueryInterface(httpChannel));
+    if (timedChannel) {
+      timedChannel->SetInitiatorType(kLiteralString_xmlhttprequest);
+    }
+  }
+
  if (mState != State::opened) {
-    mState = State::opened;
-    FireReadystatechangeEvent();
+    ChangeState(State::opened);
  }

  return NS_OK;
@ -2106,81 +2139,6 @@ XMLHttpRequestMainThread::ChangeStateToDone()
  }
 }

-nsresult
-XMLHttpRequestMainThread::InitChannel()
-{
-  // When we are called from JS we can find the load group for the page,
-  // and add ourselves to it. This way any pending requests
-  // will be automatically aborted if the user leaves the page.
-  nsCOMPtr<nsILoadGroup> loadGroup = GetLoadGroup();
-
-  nsSecurityFlags secFlags;
-  nsLoadFlags loadFlags = nsIRequest::LOAD_BACKGROUND |
-                          nsIChannel::LOAD_CLASSIFY_URI;
-  if (nsContentUtils::IsSystemPrincipal(mPrincipal)) {
-    // When chrome is loading we want to make sure to sandbox any potential
-    // result document. We also want to allow cross-origin loads.
-    secFlags = nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL |
-               nsILoadInfo::SEC_SANDBOXED;
-  } else if (IsSystemXHR()) {
-    // For pages that have appropriate permissions, we want to still allow
-    // cross-origin loads, but make sure that the any potential result
-    // documents get the same principal as the loader.
-    secFlags = nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS |
-               nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
-    loadFlags |= nsIChannel::LOAD_BYPASS_SERVICE_WORKER;
-  } else {
-    // Otherwise use CORS. Again, make sure that potential result documents
-    // use the same principal as the loader.
-    secFlags = nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS |
-               nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
-  }
-
-  if (mIsAnon) {
-    secFlags |= nsILoadInfo::SEC_COOKIES_OMIT;
-  }
-
-  // Use the responsibleDocument if we have it, except for dedicated workers
-  // where it will be the parent document, which is not the one we want to use.
-  nsresult rv;
-  nsCOMPtr<nsIDocument> responsibleDocument = GetDocumentIfCurrent();
-  if (responsibleDocument && responsibleDocument->NodePrincipal() == mPrincipal) {
-    rv = NS_NewChannel(getter_AddRefs(mChannel),
-                       mRequestURL,
-                       responsibleDocument,
-                       secFlags,
-                       nsIContentPolicy::TYPE_INTERNAL_XMLHTTPREQUEST,
-                       loadGroup,
-                       nullptr,   // aCallbacks
-                       loadFlags);
-  } else {
-    // Otherwise use the principal.
-    rv = NS_NewChannel(getter_AddRefs(mChannel),
-                       mRequestURL,
-                       mPrincipal,
-                       secFlags,
-                       nsIContentPolicy::TYPE_INTERNAL_XMLHTTPREQUEST,
-                       loadGroup,
-                       nullptr,   // aCallbacks
-                       loadFlags);
-  }
-  NS_ENSURE_SUCCESS(rv, rv);
-
-  nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(mChannel));
-  if (httpChannel) {
-    rv = httpChannel->SetRequestMethod(mRequestMethod);
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    // Set the initiator type
-    nsCOMPtr<nsITimedChannel> timedChannel(do_QueryInterface(httpChannel));
-    if (timedChannel) {
-      timedChannel->SetInitiatorType(NS_LITERAL_STRING("xmlhttprequest"));
-    }
-  }
-
-  return NS_OK;
-}
-
 static nsresult
 GetRequestBodyInternal(nsIDOMDocument* aDoc, nsIInputStream** aResult,
                       uint64_t* aContentLength, nsACString& aContentType,
--- a/dom/xhr/XMLHttpRequestMainThread.h
+++ b/dom/xhr/XMLHttpRequestMainThread.h
@ -199,17 +199,25 @@ public:
  virtual uint16_t ReadyState() const override;

  // request
-  nsresult InitChannel();
-
  virtual void
  Open(const nsACString& aMethod, const nsAString& aUrl,
-       ErrorResult& aRv) override;
+       ErrorResult& aRv) override
+  {
+    Open(aMethod, aUrl, true,
+         Optional<nsAString>(),
+         Optional<nsAString>(),
+         aRv);
+  }

  virtual void
  Open(const nsACString& aMethod, const nsAString& aUrl, bool aAsync,
       const Optional<nsAString>& aUser,
       const Optional<nsAString>& aPassword,
-       ErrorResult& aRv) override;
+       ErrorResult& aRv) override
+  {
+    aRv = Open(aMethod, NS_ConvertUTF16toUTF8(aUrl),
+               aAsync, aUser, aPassword);
+  }

  virtual void
  SetRequestHeader(const nsACString& aName, const nsACString& aValue,
@ -602,19 +610,15 @@ protected:

  nsresult OnRedirectVerifyCallback(nsresult result);

-  nsresult OpenInternal(const nsACString& aMethod,
-                        const nsACString& aUrl,
-                        const Optional<bool>& aAsync,
-                        const Optional<nsAString>& aUsername,
-                        const Optional<nsAString>& aPassword);
+  nsresult Open(const nsACString& method, const nsACString& url, bool async,
+                const Optional<nsAString>& user,
+                const Optional<nsAString>& password);

  already_AddRefed<nsXMLHttpRequestXPCOMifier> EnsureXPCOMifier();

  nsCOMPtr<nsISupports> mContext;
  nsCOMPtr<nsIPrincipal> mPrincipal;
  nsCOMPtr<nsIChannel> mChannel;
-  nsCString mRequestMethod;
-  nsCOMPtr<nsIURI> mRequestURL;
  nsCOMPtr<nsIDocument> mResponseXML;

  nsCOMPtr<nsIStreamListener> mXMLParserStreamListener;
--- a/dom/xhr/XMLHttpRequestWorker.cpp
+++ b/dom/xhr/XMLHttpRequestWorker.cpp
@ -1498,10 +1498,8 @@ SendRunnable::RunOnMainThread(ErrorResult& aRv)
  mProxy->mSyncLoopTarget.swap(mSyncLoopTarget);

  if (mHasUploadListeners) {
-    // Send() can be called more than once before failure,
-    // so don't attach the upload listeners more than once.
-    if (!mProxy->mUploadEventListenersAttached &&
-        !mProxy->AddRemoveEventListeners(true, true)) {
+    NS_ASSERTION(!mProxy->mUploadEventListenersAttached, "Huh?!");
+    if (!mProxy->AddRemoveEventListeners(true, true)) {
      MOZ_ASSERT(false, "This should never fail!");
    }
  }
@ -1516,10 +1514,8 @@ SendRunnable::RunOnMainThread(ErrorResult& aRv)
    mProxy->mOutstandingSendCount++;

    if (!mHasUploadListeners) {
-      // Send() can be called more than once before failure,
-      // so don't attach the upload listeners more than once.
-      if (!mProxy->mUploadEventListenersAttached &&
-          !mProxy->AddRemoveEventListeners(true, true)) {
+      NS_ASSERTION(!mProxy->mUploadEventListenersAttached, "Huh?!");
+      if (!mProxy->AddRemoveEventListeners(true, true)) {
        MOZ_ASSERT(false, "This should never fail!");
      }
    }