mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-29 07:42:04 +00:00
Bug 683280 - 'Workers: creating workers from 'localhost' or an IP address fails'. r=sicking.
This commit is contained in:
parent
84bef19b19
commit
92f904aeb4
@ -57,46 +57,6 @@ ThirdPartyUtil::Init()
|
||||
return rv;
|
||||
}
|
||||
|
||||
// Get the base domain for aHostURI; e.g. for "www.bbc.co.uk", this would be
|
||||
// "bbc.co.uk". Only properly-formed URI's are tolerated, though a trailing
|
||||
// dot may be present. If aHostURI is an IP address, an alias such as
|
||||
// 'localhost', an eTLD such as 'co.uk', or the empty string, aBaseDomain will
|
||||
// be the exact host. The result of this function should only be used in exact
|
||||
// string comparisons, since substring comparisons will not be valid for the
|
||||
// special cases elided above.
|
||||
nsresult
|
||||
ThirdPartyUtil::GetBaseDomain(nsIURI* aHostURI,
|
||||
nsCString& aBaseDomain)
|
||||
{
|
||||
// Get the base domain. this will fail if the host contains a leading dot,
|
||||
// more than one trailing dot, or is otherwise malformed.
|
||||
nsresult rv = mTLDService->GetBaseDomain(aHostURI, 0, aBaseDomain);
|
||||
if (rv == NS_ERROR_HOST_IS_IP_ADDRESS ||
|
||||
rv == NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS) {
|
||||
// aHostURI is either an IP address, an alias such as 'localhost', an eTLD
|
||||
// such as 'co.uk', or the empty string. Uses the normalized host in such
|
||||
// cases.
|
||||
rv = aHostURI->GetAsciiHost(aBaseDomain);
|
||||
}
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// aHostURI (and thus aBaseDomain) may be the string '.'. If so, fail.
|
||||
if (aBaseDomain.Length() == 1 && aBaseDomain.Last() == '.')
|
||||
return NS_ERROR_INVALID_ARG;
|
||||
|
||||
// Reject any URIs without a host that aren't file:// URIs. This makes it the
|
||||
// only way we can get a base domain consisting of the empty string, which
|
||||
// means we can safely perform foreign tests on such URIs where "not foreign"
|
||||
// means "the involved URIs are all file://".
|
||||
if (aBaseDomain.IsEmpty()) {
|
||||
PRBool isFileURI = PR_FALSE;
|
||||
aHostURI->SchemeIs("file", &isFileURI);
|
||||
NS_ENSURE_TRUE(isFileURI, NS_ERROR_INVALID_ARG);
|
||||
}
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// Determine if aFirstDomain is a different base domain to aSecondURI; or, if
|
||||
// the concept of base domain does not apply, determine if the two hosts are not
|
||||
// string-identical.
|
||||
@ -316,3 +276,42 @@ ThirdPartyUtil::IsThirdPartyChannel(nsIChannel* aChannel,
|
||||
return IsThirdPartyWindow(ourWin, channelURI, aResult);
|
||||
}
|
||||
|
||||
// Get the base domain for aHostURI; e.g. for "www.bbc.co.uk", this would be
|
||||
// "bbc.co.uk". Only properly-formed URI's are tolerated, though a trailing
|
||||
// dot may be present. If aHostURI is an IP address, an alias such as
|
||||
// 'localhost', an eTLD such as 'co.uk', or the empty string, aBaseDomain will
|
||||
// be the exact host. The result of this function should only be used in exact
|
||||
// string comparisons, since substring comparisons will not be valid for the
|
||||
// special cases elided above.
|
||||
NS_IMETHODIMP
|
||||
ThirdPartyUtil::GetBaseDomain(nsIURI* aHostURI,
|
||||
nsACString& aBaseDomain)
|
||||
{
|
||||
// Get the base domain. this will fail if the host contains a leading dot,
|
||||
// more than one trailing dot, or is otherwise malformed.
|
||||
nsresult rv = mTLDService->GetBaseDomain(aHostURI, 0, aBaseDomain);
|
||||
if (rv == NS_ERROR_HOST_IS_IP_ADDRESS ||
|
||||
rv == NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS) {
|
||||
// aHostURI is either an IP address, an alias such as 'localhost', an eTLD
|
||||
// such as 'co.uk', or the empty string. Uses the normalized host in such
|
||||
// cases.
|
||||
rv = aHostURI->GetAsciiHost(aBaseDomain);
|
||||
}
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// aHostURI (and thus aBaseDomain) may be the string '.'. If so, fail.
|
||||
if (aBaseDomain.Length() == 1 && aBaseDomain.Last() == '.')
|
||||
return NS_ERROR_INVALID_ARG;
|
||||
|
||||
// Reject any URIs without a host that aren't file:// URIs. This makes it the
|
||||
// only way we can get a base domain consisting of the empty string, which
|
||||
// means we can safely perform foreign tests on such URIs where "not foreign"
|
||||
// means "the involved URIs are all file://".
|
||||
if (aBaseDomain.IsEmpty()) {
|
||||
PRBool isFileURI = PR_FALSE;
|
||||
aHostURI->SchemeIs("file", &isFileURI);
|
||||
NS_ENSURE_TRUE(isFileURI, NS_ERROR_INVALID_ARG);
|
||||
}
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
|
@ -56,7 +56,6 @@ public:
|
||||
nsresult Init();
|
||||
|
||||
private:
|
||||
nsresult GetBaseDomain(nsIURI* aHostURI, nsCString& aBaseDomain);
|
||||
nsresult IsThirdPartyInternal(const nsCString& aFirstDomain,
|
||||
nsIURI* aSecondURI, PRBool* aResult);
|
||||
static already_AddRefed<nsIURI> GetURIFromWindow(nsIDOMWindow* aWin);
|
||||
|
@ -39,11 +39,11 @@
|
||||
|
||||
#include "WorkerPrivate.h"
|
||||
|
||||
#include "mozIThirdPartyUtil.h"
|
||||
#include "nsIClassInfo.h"
|
||||
#include "nsIConsoleService.h"
|
||||
#include "nsIDOMFile.h"
|
||||
#include "nsIDocument.h"
|
||||
#include "nsIEffectiveTLDService.h"
|
||||
#include "nsIJSContextStack.h"
|
||||
#include "nsIMemoryReporter.h"
|
||||
#include "nsIScriptError.h"
|
||||
@ -2329,14 +2329,14 @@ WorkerPrivate::Create(JSContext* aCx, JSObject* aObj, WorkerPrivate* aParent,
|
||||
domain = file;
|
||||
}
|
||||
else {
|
||||
nsCOMPtr<nsIEffectiveTLDService> tldService =
|
||||
do_GetService(NS_EFFECTIVETLDSERVICE_CONTRACTID);
|
||||
if (!tldService) {
|
||||
JS_ReportError(aCx, "Could not get TLD service!");
|
||||
nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil =
|
||||
do_GetService(THIRDPARTYUTIL_CONTRACTID);
|
||||
if (!thirdPartyUtil) {
|
||||
JS_ReportError(aCx, "Could not get third party helper service!");
|
||||
return nsnull;
|
||||
}
|
||||
|
||||
if (NS_FAILED(tldService->GetBaseDomain(codebase, 0, domain))) {
|
||||
if (NS_FAILED(thirdPartyUtil->GetBaseDomain(codebase, domain))) {
|
||||
JS_ReportError(aCx, "Could not get domain!");
|
||||
return nsnull;
|
||||
}
|
||||
|
@ -58,6 +58,9 @@ _TEST_FILES = \
|
||||
errorPropagation_worker.js \
|
||||
test_eventDispatch.html \
|
||||
eventDispatch_worker.js \
|
||||
test_ipAddressOrigin.html \
|
||||
ipAddressOrigin_iframe.html \
|
||||
ipAddressOrigin_worker.js \
|
||||
test_importScripts.html \
|
||||
importScripts_worker.js \
|
||||
importScripts_worker_imported1.js \
|
||||
|
23
dom/workers/test/ipAddressOrigin_iframe.html
Normal file
23
dom/workers/test/ipAddressOrigin_iframe.html
Normal file
@ -0,0 +1,23 @@
|
||||
<!--
|
||||
Any copyright is dedicated to the Public Domain.
|
||||
http://creativecommons.org/publicdomain/zero/1.0/
|
||||
-->
|
||||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<body>
|
||||
<script>
|
||||
|
||||
onmessage = function (event) {
|
||||
var url = "http://127.0.0.1" +
|
||||
window.location.pathname.replace("ipAddressOrigin_iframe.html",
|
||||
"ipAddRessOrigin_worker.js");
|
||||
|
||||
var worker = new Worker(url);
|
||||
worker.onmessage = function (event) {
|
||||
window.parent.postMessage(event.data, "*");
|
||||
};
|
||||
}
|
||||
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
5
dom/workers/test/ipAddressOrigin_worker.js
Normal file
5
dom/workers/test/ipAddressOrigin_worker.js
Normal file
@ -0,0 +1,5 @@
|
||||
/**
|
||||
* Any copyright is dedicated to the Public Domain.
|
||||
* http://creativecommons.org/publicdomain/zero/1.0/
|
||||
*/
|
||||
postMessage("done");
|
42
dom/workers/test/test_ipAddressOrigin.html
Normal file
42
dom/workers/test/test_ipAddressOrigin.html
Normal file
@ -0,0 +1,42 @@
|
||||
<!--
|
||||
Any copyright is dedicated to the Public Domain.
|
||||
http://creativecommons.org/publicdomain/zero/1.0/
|
||||
-->
|
||||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<head>
|
||||
<title>Test for Web Workers</title>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
||||
</head>
|
||||
<body onload="go();">
|
||||
<p id="display"></p>
|
||||
<div id="content" style="display: none">
|
||||
</div>
|
||||
<pre id="test">
|
||||
<iframe id="testFrame"></iframe>
|
||||
<script class="testbody" type="text/javascript">
|
||||
|
||||
function go() {
|
||||
var iframe = document.getElementById("testFrame");
|
||||
|
||||
iframe.addEventListener("load", function() {
|
||||
iframe.contentWindow.postMessage("go", "*");
|
||||
window.addEventListener("message", function(event) {
|
||||
is(event.data, "done", "Correct message");
|
||||
SimpleTest.finish();
|
||||
}, "false");
|
||||
}, false);
|
||||
|
||||
iframe.src =
|
||||
"http://127.0.0.1" +
|
||||
window.location.pathname.replace("test_ipAddressOrigin.html",
|
||||
"ipAddressOrigin_iframe.html");
|
||||
}
|
||||
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
|
||||
</script>
|
||||
</pre>
|
||||
</body>
|
||||
</html>
|
@ -45,7 +45,7 @@ interface nsIChannel;
|
||||
* Utility functions for determining whether a given URI, channel, or window
|
||||
* hierarchy is third party with respect to a known URI.
|
||||
*/
|
||||
[scriptable, uuid(55385caa-1b94-4376-a34c-b47c51ef0837)]
|
||||
[scriptable, uuid(d994fd1d-d2fe-4372-9ae7-88b08b7d9d90)]
|
||||
interface mozIThirdPartyUtil : nsISupports
|
||||
{
|
||||
/**
|
||||
@ -155,6 +155,24 @@ interface mozIThirdPartyUtil : nsISupports
|
||||
* @see isThirdPartyWindow
|
||||
*/
|
||||
boolean isThirdPartyChannel(in nsIChannel aChannel, [optional] in nsIURI aURI);
|
||||
|
||||
/**
|
||||
* getBaseDomain
|
||||
*
|
||||
* Get the base domain for aHostURI; e.g. for "www.bbc.co.uk", this would be
|
||||
* "bbc.co.uk". Only properly-formed URI's are tolerated, though a trailing
|
||||
* dot may be present. If aHostURI is an IP address, an alias such as
|
||||
* 'localhost', an eTLD such as 'co.uk', or the empty string, aBaseDomain will
|
||||
* be the exact host. The result of this function should only be used in exact
|
||||
* string comparisons, since substring comparisons will not be valid for the
|
||||
* special cases elided above.
|
||||
*
|
||||
* @param aHostURI
|
||||
* The URI to analyze.
|
||||
*
|
||||
* @return the base domain.
|
||||
*/
|
||||
AUTF8String getBaseDomain(in nsIURI aHostURI);
|
||||
};
|
||||
|
||||
%{ C++
|
||||
|
Loading…
Reference in New Issue
Block a user