From 2c2d5c8e3d15c37f17cba87e8cc84e3ff8007759 Mon Sep 17 00:00:00 2001 From: Gurzau Raul Date: Mon, 29 Apr 2019 01:05:24 +0300 Subject: [PATCH 1/2] Backed out 7 changesets (bug 1535697) for causing Bug 1547596. a=backout Backed out changeset 037390836504 (bug 1535697) Backed out changeset ebad998aae7a (bug 1535697) Backed out changeset 969945148b3d (bug 1535697) Backed out changeset 5cbdeb635a3e (bug 1535697) Backed out changeset c316d49df8c4 (bug 1535697) Backed out changeset 4a5475f6aa49 (bug 1535697) Backed out changeset 9191d987a9e1 (bug 1535697) --- netwerk/protocol/http/AlternateServices.cpp | 35 +++----- netwerk/protocol/http/AlternateServices.h | 11 +-- netwerk/protocol/http/Http2Session.cpp | 8 +- netwerk/protocol/http/nsHttpChannel.cpp | 82 +++++++------------ netwerk/protocol/http/nsHttpChannel.h | 19 ----- .../protocol/http/nsHttpConnectionInfo.cpp | 82 ++++++------------- netwerk/protocol/http/nsHttpConnectionInfo.h | 31 +------ netwerk/protocol/http/nsHttpConnectionMgr.cpp | 4 +- netwerk/protocol/http/nsHttpHandler.cpp | 10 +-- .../test/browser/browser_tlsSessionTickets.js | 24 ------ 10 files changed, 79 insertions(+), 227 deletions(-) diff --git a/netwerk/protocol/http/AlternateServices.cpp b/netwerk/protocol/http/AlternateServices.cpp index 3622c71f55fe..422bc08c49a7 100644 --- a/netwerk/protocol/http/AlternateServices.cpp +++ b/netwerk/protocol/http/AlternateServices.cpp @@ -51,8 +51,8 @@ bool AltSvcMapping::AcceptableProxy(nsProxyInfo *proxyInfo) { void AltSvcMapping::ProcessHeader( const nsCString &buf, const nsCString &originScheme, const nsCString &originHost, int32_t originPort, const nsACString &username, - const nsACString &topWindowOrigin, bool privateBrowsing, - nsIInterfaceRequestor *callbacks, nsProxyInfo *proxyInfo, uint32_t caps, + bool privateBrowsing, nsIInterfaceRequestor *callbacks, + nsProxyInfo *proxyInfo, uint32_t caps, const OriginAttributes &originAttributes) { MOZ_ASSERT(NS_IsMainThread()); LOG(("AltSvcMapping::ProcessHeader: %s\n", buf.get())); @@ -145,8 +145,8 @@ void AltSvcMapping::ProcessHeader( RefPtr mapping = new AltSvcMapping( gHttpHandler->ConnMgr()->GetStoragePtr(), gHttpHandler->ConnMgr()->StorageEpoch(), originScheme, originHost, - originPort, username, topWindowOrigin, privateBrowsing, - NowInSeconds() + maxage, hostname, portno, npnToken, originAttributes); + originPort, username, privateBrowsing, NowInSeconds() + maxage, + hostname, portno, npnToken, originAttributes); if (mapping->TTL() <= 0) { LOG(("Alt Svc invalid map")); mapping = nullptr; @@ -169,9 +169,8 @@ void AltSvcMapping::ProcessHeader( AltSvcMapping::AltSvcMapping(DataStorage *storage, int32_t epoch, const nsACString &originScheme, const nsACString &originHost, int32_t originPort, - const nsACString &username, - const nsACString &topWindowOrigin, - bool privateBrowsing, uint32_t expiresAt, + const nsACString &username, bool privateBrowsing, + uint32_t expiresAt, const nsACString &alternateHost, int32_t alternatePort, const nsACString &npnToken, const OriginAttributes &originAttributes) @@ -182,7 +181,6 @@ AltSvcMapping::AltSvcMapping(DataStorage *storage, int32_t epoch, mOriginHost(originHost), mOriginPort(originPort), mUsername(username), - mTopWindowOrigin(topWindowOrigin), mPrivate(privateBrowsing), mExpiresAt(expiresAt), mValidated(false), @@ -312,8 +310,8 @@ void AltSvcMapping::GetConnectionInfo( nsHttpConnectionInfo **outCI, nsProxyInfo *pi, const OriginAttributes &originAttributes) { RefPtr ci = new nsHttpConnectionInfo( - mOriginHost, mOriginPort, mNPNToken, mUsername, mTopWindowOrigin, pi, - originAttributes, mAlternateHost, mAlternatePort); + mOriginHost, mOriginPort, mNPNToken, mUsername, pi, originAttributes, + mAlternateHost, mAlternatePort); // http:// without the mixed-scheme attribute needs to be segmented in the // connection manager connection information hash with this attribute @@ -336,8 +334,6 @@ void AltSvcMapping::Serialize(nsCString &out) { out.Append(':'); out.Append(mUsername); out.Append(':'); - out.Append(mTopWindowOrigin); - out.Append('|'); // Be careful, the top window origin may contain colons! out.Append(mPrivate ? 'y' : 'n'); out.Append(':'); out.AppendInt(mExpiresAt); @@ -361,7 +357,6 @@ AltSvcMapping::AltSvcMapping(DataStorage *storage, int32_t epoch, : mStorage(storage), mStorageEpoch(epoch), mSyncOnlyOnSuccess(false) { mValidated = false; nsresult code; - char separator = ':'; // The the do {} while(0) loop acts like try/catch(e){} with the break in // _NS_NEXT_TOKEN @@ -369,13 +364,13 @@ AltSvcMapping::AltSvcMapping(DataStorage *storage, int32_t epoch, #ifdef _NS_NEXT_TOKEN COMPILER ERROR #endif -#define _NS_NEXT_TOKEN \ - start = idx + 1; \ - idx = str.FindChar(separator, start); \ +#define _NS_NEXT_TOKEN \ + start = idx + 1; \ + idx = str.FindChar(':', start); \ if (idx < 0) break; int32_t start = 0; int32_t idx; - idx = str.FindChar(separator, start); + idx = str.FindChar(':', start); if (idx < 0) break; mHttps = Substring(str, start, idx - start).EqualsLiteral("https"); _NS_NEXT_TOKEN; @@ -390,12 +385,6 @@ AltSvcMapping::AltSvcMapping(DataStorage *storage, int32_t epoch, nsCString(Substring(str, start, idx - start)).ToInteger(&code); _NS_NEXT_TOKEN; mUsername = Substring(str, start, idx - start); - // The separator after the top window origin is a pipe character since the - // origin string can contain colons. - separator = '|'; - _NS_NEXT_TOKEN; - mTopWindowOrigin = Substring(str, start, idx - start); - separator = ':'; _NS_NEXT_TOKEN; mPrivate = Substring(str, start, idx - start).EqualsLiteral("y"); _NS_NEXT_TOKEN; diff --git a/netwerk/protocol/http/AlternateServices.h b/netwerk/protocol/http/AlternateServices.h index 1b741d2e5b8e..f3da37b46fd1 100644 --- a/netwerk/protocol/http/AlternateServices.h +++ b/netwerk/protocol/http/AlternateServices.h @@ -49,9 +49,9 @@ class AltSvcMapping { AltSvcMapping(DataStorage *storage, int32_t storageEpoch, const nsACString &originScheme, const nsACString &originHost, int32_t originPort, const nsACString &username, - const nsACString &topWindowOrigin, bool privateBrowsing, - uint32_t expiresAt, const nsACString &alternateHost, - int32_t alternatePort, const nsACString &npnToken, + bool privateBrowsing, uint32_t expiresAt, + const nsACString &alternateHost, int32_t alternatePort, + const nsACString &npnToken, const OriginAttributes &originAttributes); public: @@ -60,9 +60,7 @@ class AltSvcMapping { static void ProcessHeader(const nsCString &buf, const nsCString &originScheme, const nsCString &originHost, int32_t originPort, - const nsACString &username, - const nsACString &topWindowOrigin, - bool privateBrowsing, + const nsACString &username, bool privateBrowsing, nsIInterfaceRequestor *callbacks, nsProxyInfo *proxyInfo, uint32_t caps, const OriginAttributes &originAttributes); @@ -117,7 +115,6 @@ class AltSvcMapping { MOZ_INIT_OUTSIDE_CTOR int32_t mOriginPort; nsCString mUsername; - nsCString mTopWindowOrigin; MOZ_INIT_OUTSIDE_CTOR bool mPrivate; MOZ_INIT_OUTSIDE_CTOR uint32_t mExpiresAt; // alt-svc mappping diff --git a/netwerk/protocol/http/Http2Session.cpp b/netwerk/protocol/http/Http2Session.cpp index a374f3c9a2f9..ca675b22b940 100644 --- a/netwerk/protocol/http/Http2Session.cpp +++ b/netwerk/protocol/http/Http2Session.cpp @@ -2516,10 +2516,10 @@ class UpdateAltSvcEvent : public Runnable { uri->GetHost(originHost); uri->GetPort(&originPort); - AltSvcMapping::ProcessHeader( - mHeader, originScheme, originHost, originPort, mCI->GetUsername(), - mCI->GetTopWindowOrigin(), mCI->GetPrivate(), mCallbacks, - mCI->ProxyInfo(), 0, mCI->GetOriginAttributes()); + AltSvcMapping::ProcessHeader(mHeader, originScheme, originHost, originPort, + mCI->GetUsername(), mCI->GetPrivate(), + mCallbacks, mCI->ProxyInfo(), 0, + mCI->GetOriginAttributes()); return NS_OK; } diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp index ffc2e2b4f383..cdd354c0886e 100644 --- a/netwerk/protocol/http/nsHttpChannel.cpp +++ b/netwerk/protocol/http/nsHttpChannel.cpp @@ -334,9 +334,6 @@ nsHttpChannel::nsHttpChannel() mAuthConnectionRestartable(0), mChannelClassifierCancellationPending(0), mAsyncResumePending(0), - mHasBeenIsolatedChecked(0), - mIsIsolated(0), - mTopWindowOriginComputed(0), mPushedStream(nullptr), mLocalBlocklist(false), mOnTailUnblock(nullptr), @@ -628,10 +625,13 @@ nsresult nsHttpChannel::ContinueOnBeforeConnect(bool aShouldUpgrade, mCaps |= NS_HTTP_DISABLE_TRR; } + bool isIsolated = mPrivateBrowsing || + !AntiTrackingCommon::IsFirstPartyStorageAccessGrantedFor( + this, mURI, nullptr); + // Finalize ConnectionInfo flags before SpeculativeConnect mConnectionInfo->SetAnonymous((mLoadFlags & LOAD_ANONYMOUS) != 0); - mConnectionInfo->SetPrivate(mPrivateBrowsing); - mConnectionInfo->SetIsolated(IsIsolated()); + mConnectionInfo->SetPrivate(isIsolated); mConnectionInfo->SetNoSpdy(mCaps & NS_HTTP_DISALLOW_SPDY); mConnectionInfo->SetBeConservative((mCaps & NS_HTTP_BE_CONSERVATIVE) || mBeConservative); @@ -2368,10 +2368,9 @@ void nsHttpChannel::ProcessAltService() { OriginAttributes originAttributes; NS_GetOriginAttributes(this, originAttributes); - AltSvcMapping::ProcessHeader(altSvc, scheme, originHost, originPort, - mUsername, GetTopWindowOrigin(), - mPrivateBrowsing, callbacks, proxyInfo, - mCaps & NS_HTTP_DISALLOW_SPDY, originAttributes); + AltSvcMapping::ProcessHeader( + altSvc, scheme, originHost, originPort, mUsername, mPrivateBrowsing, + callbacks, proxyInfo, mCaps & NS_HTTP_DISALLOW_SPDY, originAttributes); } nsresult nsHttpChannel::ProcessResponse() { @@ -3896,42 +3895,6 @@ nsresult nsHttpChannel::OpenCacheEntry(bool isHttps) { return OpenCacheEntryInternal(isHttps, mApplicationCache, true); } -bool nsHttpChannel::IsIsolated() { - if (mHasBeenIsolatedChecked) { - return mIsIsolated; - } - mIsIsolated = IsThirdPartyTrackingResource() && - !AntiTrackingCommon::IsFirstPartyStorageAccessGrantedFor( - this, mURI, nullptr); - mHasBeenIsolatedChecked = true; - return mIsIsolated; -} - -const nsCString &nsHttpChannel::GetTopWindowOrigin() { - if (mTopWindowOriginComputed) { - return mTopWindowOrigin; - } - - nsCOMPtr topWindowURI; - nsresult rv = GetTopWindowURI(getter_AddRefs(topWindowURI)); - bool isDocument = false; - if (NS_FAILED(rv) && NS_SUCCEEDED(GetIsMainDocumentChannel(&isDocument)) && - isDocument) { - // For top-level documents, use the document channel's origin to compute - // the unique storage space identifier instead of the top Window URI. - rv = NS_GetFinalChannelURI(this, getter_AddRefs(topWindowURI)); - NS_ENSURE_SUCCESS(rv, mTopWindowOrigin); - } - - rv = nsContentUtils::GetASCIIOrigin(topWindowURI ? topWindowURI : mURI, - mTopWindowOrigin); - NS_ENSURE_SUCCESS(rv, mTopWindowOrigin); - - mTopWindowOriginComputed = true; - - return mTopWindowOrigin; -} - nsresult nsHttpChannel::OpenCacheEntryInternal( bool isHttps, nsIApplicationCache *applicationCache, bool allowApplicationCache) { @@ -4051,14 +4014,27 @@ nsresult nsHttpChannel::OpenCacheEntryInternal( extension.Append("TRR"); } - if (IsIsolated()) { - auto &topWindowOrigin = GetTopWindowOrigin(); - if (topWindowOrigin.IsEmpty()) { - return NS_ERROR_FAILURE; + if (IsThirdPartyTrackingResource() && + !AntiTrackingCommon::IsFirstPartyStorageAccessGrantedFor(this, mURI, + nullptr)) { + nsCOMPtr topWindowURI; + rv = GetTopWindowURI(getter_AddRefs(topWindowURI)); + bool isDocument = false; + if (NS_FAILED(rv) && NS_SUCCEEDED(GetIsMainDocumentChannel(&isDocument)) && + isDocument) { + // For top-level documents, use the document channel's origin to compute + // the unique storage space identifier instead of the top Window URI. + rv = NS_GetFinalChannelURI(this, getter_AddRefs(topWindowURI)); + NS_ENSURE_SUCCESS(rv, rv); } + nsAutoString topWindowOrigin; + rv = nsContentUtils::GetUTFOrigin(topWindowURI ? topWindowURI : mURI, + topWindowOrigin); + NS_ENSURE_SUCCESS(rv, rv); + extension.Append("-unique:"); - extension.Append(topWindowOrigin); + extension.Append(NS_ConvertUTF16toUTF8(topWindowOrigin)); } mCacheOpenWithPriority = cacheEntryOpenFlags & nsICacheStorage::OPEN_PRIORITY; @@ -6565,9 +6541,9 @@ nsresult nsHttpChannel::BeginConnect() { OriginAttributes originAttributes; NS_GetOriginAttributes(this, originAttributes); - RefPtr connInfo = new nsHttpConnectionInfo( - host, port, EmptyCString(), mUsername, GetTopWindowOrigin(), proxyInfo, - originAttributes, isHttps); + RefPtr connInfo = + new nsHttpConnectionInfo(host, port, EmptyCString(), mUsername, proxyInfo, + originAttributes, isHttps); mAllowAltSvc = (mAllowAltSvc && !gHttpHandler->IsSpdyBlacklisted(connInfo)); RefPtr mapping; diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h index c31325e1e3d5..0a6821dd697a 100644 --- a/netwerk/protocol/http/nsHttpChannel.h +++ b/netwerk/protocol/http/nsHttpChannel.h @@ -546,10 +546,6 @@ class nsHttpChannel final : public HttpBaseChannel, void SetOriginHeader(); void SetDoNotTrack(); - bool IsIsolated(); - - const nsCString &GetTopWindowOrigin(); - already_AddRefed GetOrCreateChannelClassifier(); // Start an internal redirect to a new InterceptedHttpChannel which will @@ -722,21 +718,6 @@ class nsHttpChannel final : public HttpBaseChannel, // Used to suspend any newly created pumps in mCallOnResume handler. uint32_t mAsyncResumePending : 1; - // True only when we have checked whether this channel has been isolated for - // anti-tracking purposes. - uint32_t mHasBeenIsolatedChecked : 1; - // True only when we have determined this channel should be isolated for - // anti-tracking purposes. Can never ben true unless mHasBeenIsolatedChecked - // is true. - uint32_t mIsIsolated : 1; - - // True only when we have computed the value of the top window origin. - uint32_t mTopWindowOriginComputed : 1; - - // The origin of the top window, only valid when mTopWindowOriginComputed is - // true. - nsCString mTopWindowOrigin; - nsTArray mRedirectFuncStack; // Needed for accurate DNS timing diff --git a/netwerk/protocol/http/nsHttpConnectionInfo.cpp b/netwerk/protocol/http/nsHttpConnectionInfo.cpp index c3a5b59c4c3a..81bf1ae4d7b9 100644 --- a/netwerk/protocol/http/nsHttpConnectionInfo.cpp +++ b/netwerk/protocol/http/nsHttpConnectionInfo.cpp @@ -43,60 +43,38 @@ namespace net { nsHttpConnectionInfo::nsHttpConnectionInfo( const nsACString &originHost, int32_t originPort, const nsACString &npnToken, const nsACString &username, - const nsACString &topWindowOrigin, nsProxyInfo *proxyInfo, - const OriginAttributes &originAttributes, bool endToEndSSL, bool isolated) - : mRoutedPort(443), mIsolated(isolated), mLessThanTls13(false) { - Init(originHost, originPort, npnToken, username, topWindowOrigin, proxyInfo, - originAttributes, endToEndSSL); + nsProxyInfo *proxyInfo, const OriginAttributes &originAttributes, + bool endToEndSSL) + : mRoutedPort(443), mLessThanTls13(false) { + Init(originHost, originPort, npnToken, username, proxyInfo, originAttributes, + endToEndSSL); } nsHttpConnectionInfo::nsHttpConnectionInfo( const nsACString &originHost, int32_t originPort, const nsACString &npnToken, const nsACString &username, - const nsACString &topWindowOrigin, nsProxyInfo *proxyInfo, - const OriginAttributes &originAttributes, bool endToEndSSL) - : nsHttpConnectionInfo(originHost, originPort, npnToken, username, - topWindowOrigin, proxyInfo, originAttributes, - endToEndSSL, false) {} - -nsHttpConnectionInfo::nsHttpConnectionInfo( - const nsACString &originHost, int32_t originPort, - const nsACString &npnToken, const nsACString &username, - const nsACString &topWindowOrigin, nsProxyInfo *proxyInfo, - const OriginAttributes &originAttributes, const nsACString &routedHost, - int32_t routedPort, bool isolated) - : mIsolated(isolated), mLessThanTls13(false) { + nsProxyInfo *proxyInfo, const OriginAttributes &originAttributes, + const nsACString &routedHost, int32_t routedPort) + : mLessThanTls13(false) { mEndToEndSSL = true; // so DefaultPort() works mRoutedPort = routedPort == -1 ? DefaultPort() : routedPort; if (!originHost.Equals(routedHost) || (originPort != routedPort)) { mRoutedHost = routedHost; } - Init(originHost, originPort, npnToken, username, topWindowOrigin, proxyInfo, - originAttributes, true); + Init(originHost, originPort, npnToken, username, proxyInfo, originAttributes, + true); } -nsHttpConnectionInfo::nsHttpConnectionInfo( - const nsACString &originHost, int32_t originPort, - const nsACString &npnToken, const nsACString &username, - const nsACString &topWindowOrigin, nsProxyInfo *proxyInfo, - const OriginAttributes &originAttributes, const nsACString &routedHost, - int32_t routedPort) - : nsHttpConnectionInfo(originHost, originPort, npnToken, username, - topWindowOrigin, proxyInfo, originAttributes, - routedHost, routedPort, false) {} - void nsHttpConnectionInfo::Init(const nsACString &host, int32_t port, const nsACString &npnToken, const nsACString &username, - const nsACString &topWindowOrigin, nsProxyInfo *proxyInfo, const OriginAttributes &originAttributes, bool e2eSSL) { LOG(("Init nsHttpConnectionInfo @%p\n", this)); mUsername = username; - mTopWindowOrigin = topWindowOrigin; mProxyInfo = proxyInfo; mEndToEndSSL = e2eSSL; mUsingConnect = false; @@ -153,12 +131,8 @@ void nsHttpConnectionInfo::BuildHashKey() { // byte 4 is I/. I is for insecure scheme on TLS for http:// uris // byte 5 is X/. X is for disallow_spdy flag // byte 6 is C/. C is for be Conservative - // byte 7 is i/. i is for isolated - mHashKey.AssignLiteral("........[tlsflags0x00000000]"); - if (mIsolated) { - mHashKey.SetCharAt('i', 7); - } + mHashKey.AssignLiteral(".......[tlsflags0x00000000]"); mHashKey.Append(keyHost); mHashKey.Append(':'); @@ -244,14 +218,6 @@ void nsHttpConnectionInfo::BuildHashKey() { mHashKey.AppendLiteral("[!v6]"); } - if (mIsolated && !mTopWindowOrigin.IsEmpty()) { - mHashKey.Append('{'); - mHashKey.Append('{'); - mHashKey.Append(mTopWindowOrigin); - mHashKey.Append('}'); - mHashKey.Append('}'); - } - nsAutoCString originAttributes; mOriginAttributes.CreateSuffix(originAttributes); mHashKey.Append(originAttributes); @@ -267,14 +233,14 @@ void nsHttpConnectionInfo::SetOriginServer(const nsACString &host, already_AddRefed nsHttpConnectionInfo::Clone() const { RefPtr clone; if (mRoutedHost.IsEmpty()) { - clone = new nsHttpConnectionInfo( - mOrigin, mOriginPort, mNPNToken, mUsername, mTopWindowOrigin, - mProxyInfo, mOriginAttributes, mEndToEndSSL, mIsolated); + clone = + new nsHttpConnectionInfo(mOrigin, mOriginPort, mNPNToken, mUsername, + mProxyInfo, mOriginAttributes, mEndToEndSSL); } else { MOZ_ASSERT(mEndToEndSSL); - clone = new nsHttpConnectionInfo( - mOrigin, mOriginPort, mNPNToken, mUsername, mTopWindowOrigin, - mProxyInfo, mOriginAttributes, mRoutedHost, mRoutedPort, mIsolated); + clone = new nsHttpConnectionInfo(mOrigin, mOriginPort, mNPNToken, mUsername, + mProxyInfo, mOriginAttributes, mRoutedHost, + mRoutedPort); } // Make sure the anonymous, insecure-scheme, and private flags are transferred @@ -300,9 +266,9 @@ void nsHttpConnectionInfo::CloneAsDirectRoute(nsHttpConnectionInfo **outCI) { return; } - RefPtr clone = new nsHttpConnectionInfo( - mOrigin, mOriginPort, EmptyCString(), mUsername, mTopWindowOrigin, - mProxyInfo, mOriginAttributes, mEndToEndSSL, mIsolated); + RefPtr clone = + new nsHttpConnectionInfo(mOrigin, mOriginPort, EmptyCString(), mUsername, + mProxyInfo, mOriginAttributes, mEndToEndSSL); // Make sure the anonymous, insecure-scheme, and private flags are transferred clone->SetAnonymous(GetAnonymous()); clone->SetPrivate(GetPrivate()); @@ -328,9 +294,9 @@ nsresult nsHttpConnectionInfo::CreateWildCard(nsHttpConnectionInfo **outParam) { } RefPtr clone; - clone = new nsHttpConnectionInfo(NS_LITERAL_CSTRING("*"), 0, mNPNToken, - mUsername, mTopWindowOrigin, mProxyInfo, - mOriginAttributes, true); + clone = + new nsHttpConnectionInfo(NS_LITERAL_CSTRING("*"), 0, mNPNToken, mUsername, + mProxyInfo, mOriginAttributes, true); // Make sure the anonymous and private flags are transferred! clone->SetAnonymous(GetAnonymous()); clone->SetPrivate(GetPrivate()); @@ -362,7 +328,7 @@ void nsHttpConnectionInfo::SetIPv6Disabled(bool aNoIPv6) { void nsHttpConnectionInfo::SetTlsFlags(uint32_t aTlsFlags) { mTlsFlags = aTlsFlags; - mHashKey.Replace(19, 8, nsPrintfCString("%08x", mTlsFlags)); + mHashKey.Replace(18, 8, nsPrintfCString("%08x", mTlsFlags)); } bool nsHttpConnectionInfo::UsingProxy() { diff --git a/netwerk/protocol/http/nsHttpConnectionInfo.h b/netwerk/protocol/http/nsHttpConnectionInfo.h index d7e3317b9300..480a04288c5e 100644 --- a/netwerk/protocol/http/nsHttpConnectionInfo.h +++ b/netwerk/protocol/http/nsHttpConnectionInfo.h @@ -38,7 +38,6 @@ class nsHttpConnectionInfo final : public ARefBase { public: nsHttpConnectionInfo(const nsACString &originHost, int32_t originPort, const nsACString &npnToken, const nsACString &username, - const nsACString &topWindowOrigin, nsProxyInfo *proxyInfo, const OriginAttributes &originAttributes, bool endToEndSSL = false); @@ -48,7 +47,6 @@ class nsHttpConnectionInfo final : public ARefBase { // origin information nsHttpConnectionInfo(const nsACString &originHost, int32_t originPort, const nsACString &npnToken, const nsACString &username, - const nsACString &topWindowOrigin, nsProxyInfo *proxyInfo, const OriginAttributes &originAttributes, const nsACString &routedHost, int32_t routedPort); @@ -124,12 +122,6 @@ class nsHttpConnectionInfo final : public ARefBase { } bool GetBeConservative() const { return mHashKey.CharAt(6) == 'C'; } - void SetIsolated(bool aIsolated) { - mIsolated = aIsolated; - BuildHashKey(); - } - bool GetIsolated() const { return mIsolated; } - void SetTlsFlags(uint32_t aTlsFlags); uint32_t GetTlsFlags() const { return mTlsFlags; } @@ -150,7 +142,6 @@ class nsHttpConnectionInfo final : public ARefBase { const nsCString &GetNPNToken() { return mNPNToken; } const nsCString &GetUsername() { return mUsername; } - const nsCString &GetTopWindowOrigin() { return mTopWindowOrigin; } const OriginAttributes &GetOriginAttributes() { return mOriginAttributes; } @@ -183,25 +174,9 @@ class nsHttpConnectionInfo final : public ARefBase { } private: - // These constructor versions are intended to only be used from Clone(). - nsHttpConnectionInfo(const nsACString &originHost, int32_t originPort, - const nsACString &npnToken, const nsACString &username, - const nsACString &topWindowOrigin, - nsProxyInfo *proxyInfo, - const OriginAttributes &originAttributes, - bool endToEndSSL, bool isolated); - nsHttpConnectionInfo(const nsACString &originHost, int32_t originPort, - const nsACString &npnToken, const nsACString &username, - const nsACString &topWindowOrigin, - nsProxyInfo *proxyInfo, - const OriginAttributes &originAttributes, - const nsACString &routedHost, int32_t routedPort, - bool isolated); - void Init(const nsACString &host, int32_t port, const nsACString &npnToken, - const nsACString &username, const nsACString &topWindowOrigin, - nsProxyInfo *proxyInfo, const OriginAttributes &originAttributes, - bool EndToEndSSL); + const nsACString &username, nsProxyInfo *proxyInfo, + const OriginAttributes &originAttributes, bool EndToEndSSL); void SetOriginServer(const nsACString &host, int32_t port); nsCString mOrigin; @@ -211,7 +186,6 @@ class nsHttpConnectionInfo final : public ARefBase { nsCString mHashKey; nsCString mUsername; - nsCString mTopWindowOrigin; nsCOMPtr mProxyInfo; bool mUsingHttpProxy; bool mUsingHttpsProxy; @@ -221,7 +195,6 @@ class nsHttpConnectionInfo final : public ARefBase { OriginAttributes mOriginAttributes; uint32_t mTlsFlags; - uint16_t mIsolated : 1; uint16_t mTrrUsed : 1; uint16_t mTrrDisabled : 1; uint16_t mIPv4Disabled : 1; diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.cpp b/netwerk/protocol/http/nsHttpConnectionMgr.cpp index 2d0ff92ca6b0..f62e0c55d404 100644 --- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp +++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp @@ -4025,9 +4025,7 @@ nsresult nsHttpConnectionMgr::nsHalfOpenSocket::SetupStreams( if (mCaps & NS_HTTP_LOAD_ANONYMOUS) tmpFlags |= nsISocketTransport::ANONYMOUS_CONNECT; - if (ci->GetPrivate() || ci->GetIsolated()) { - tmpFlags |= nsISocketTransport::NO_PERMANENT_STORAGE; - } + if (ci->GetPrivate()) tmpFlags |= nsISocketTransport::NO_PERMANENT_STORAGE; if (ci->GetLessThanTls13()) { tmpFlags |= nsISocketTransport::DONT_TRY_ESNI; diff --git a/netwerk/protocol/http/nsHttpHandler.cpp b/netwerk/protocol/http/nsHttpHandler.cpp index 5b4403b77caf..673984648fd2 100644 --- a/netwerk/protocol/http/nsHttpHandler.cpp +++ b/netwerk/protocol/http/nsHttpHandler.cpp @@ -2496,13 +2496,9 @@ nsresult nsHttpHandler::SpeculativeConnectInternal( nsAutoCString username; aURI->GetUsername(username); - // TODO For now pass EmptyCString() for topWindowOrigin for all speculative - // connection attempts, but ideally we should pass the accurate top window - // origin here. This would require updating the nsISpeculativeConnect API - // and all of its consumers. - RefPtr ci = new nsHttpConnectionInfo( - host, port, EmptyCString(), username, EmptyCString(), nullptr, - originAttributes, usingSSL); + RefPtr ci = + new nsHttpConnectionInfo(host, port, EmptyCString(), username, nullptr, + originAttributes, usingSSL); ci->SetAnonymous(anonymous); return SpeculativeConnect(ci, aCallbacks); diff --git a/toolkit/components/antitracking/test/browser/browser_tlsSessionTickets.js b/toolkit/components/antitracking/test/browser/browser_tlsSessionTickets.js index b0291dd3120a..eacdae6e474e 100644 --- a/toolkit/components/antitracking/test/browser/browser_tlsSessionTickets.js +++ b/toolkit/components/antitracking/test/browser/browser_tlsSessionTickets.js @@ -1,17 +1,3 @@ -function isIsolated(key) { - return key.charAt(7) == "i"; -} - -function hasTopWindowOrigin(key, origin) { - let tokenAtEnd = `{{${origin}}}`; - let endPart = key.slice(-tokenAtEnd.length); - return endPart == tokenAtEnd; -} - -function hasAnyTopWindowOrigin(key) { - return !!key.match(/{{[^}]+}}/); -} - add_task(async function() { info("Starting tlsSessionTickets test"); @@ -96,16 +82,6 @@ add_task(async function() { is(hashKeys.length, 3, "We should have observed 3 loads for " + trackingURL); is(hashKeys[1], hashKeys[2], "The second and third hash keys should match"); isnot(hashKeys[0], hashKeys[1], "The first and second hash keys should not match"); - - ok(isIsolated(hashKeys[0]), "The first connection must have been isolated"); - ok(!isIsolated(hashKeys[1]), "The second connection must not have been isolated"); - ok(!isIsolated(hashKeys[2]), "The third connection must not have been isolated"); - ok(hasTopWindowOrigin(hashKeys[0], TEST_DOMAIN.replace(/\/$/, "")), - "The first connection must be bound to its top-level window"); - ok(!hasAnyTopWindowOrigin(hashKeys[1]), - "The second connection must not be bound to a top-level window"); - ok(!hasAnyTopWindowOrigin(hashKeys[2]), - "The third connection must not be bound to a top-level window"); }); info("Removing the tab"); From b756e6d00728dda4121f8278a744381d8643317a Mon Sep 17 00:00:00 2001 From: Cosmin Sabou Date: Mon, 29 Apr 2019 12:55:04 +0300 Subject: [PATCH 2/2] Backed out 2 changesets (bug 1540748) for causing more crashes (bug 1547604). a=backout Backed out changeset 57b12599afe2 (bug 1540748) Backed out changeset 8c9fc50e48c2 (bug 1540748) --- dom/media/MediaData.h | 3 - .../platforms/android/RemoteDataDecoder.cpp | 78 ++++++------------- .../platforms/android/RemoteDataDecoder.h | 1 - 3 files changed, 22 insertions(+), 60 deletions(-) diff --git a/dom/media/MediaData.h b/dom/media/MediaData.h index 9dbf5567f3d0..9c0993a53384 100644 --- a/dom/media/MediaData.h +++ b/dom/media/MediaData.h @@ -300,9 +300,6 @@ class MediaData { // the result is invalid. virtual bool AdjustForStartTime(const media::TimeUnit& aStartTime) { mTime -= aStartTime; - if (mTime.IsNegative()) { - NS_WARNING("Negative start time after time-adjustment!"); - } return mTime.IsValid(); } diff --git a/dom/media/platforms/android/RemoteDataDecoder.cpp b/dom/media/platforms/android/RemoteDataDecoder.cpp index 46eaf21b5f60..e1e3851b040e 100644 --- a/dom/media/platforms/android/RemoteDataDecoder.cpp +++ b/dom/media/platforms/android/RemoteDataDecoder.cpp @@ -173,18 +173,14 @@ class RemoteVideoDecoder : public RemoteDataDecoder { RefPtr Decode( MediaRawData* aSample) override { - RefPtr self = this; - RefPtr sample = aSample; - return InvokeAsync(mTaskQueue, __func__, [self, this, sample]() { - const VideoInfo* config = - sample->mTrackInfo ? sample->mTrackInfo->GetAsVideoInfo() : &mConfig; - MOZ_ASSERT(config); + const VideoInfo* config = + aSample->mTrackInfo ? aSample->mTrackInfo->GetAsVideoInfo() : &mConfig; + MOZ_ASSERT(config); - InputInfo info(sample->mDuration.ToMicroseconds(), config->mImage, - config->mDisplay); - mInputInfos.Insert(sample->mTime.ToMicroseconds(), info); - return RemoteDataDecoder::ProcessDecode(sample); - }); + InputInfo info(aSample->mDuration.ToMicroseconds(), config->mImage, + config->mDisplay); + mInputInfos.Insert(aSample->mTime.ToMicroseconds(), info); + return RemoteDataDecoder::Decode(aSample); } bool SupportDecoderRecycling() const override { @@ -368,26 +364,6 @@ class RemoteAudioDecoder : public RemoteDataDecoder { return InitPromise::CreateAndResolve(TrackInfo::kAudioTrack, __func__); } - RefPtr Flush() override { - RefPtr self = this; - return InvokeAsync(mTaskQueue, __func__, [self, this]() { - mFirstDemuxedSampleTime.reset(); - return RemoteDataDecoder::ProcessFlush(); - }); - } - - RefPtr Decode(MediaRawData* aSample) override { - RefPtr self = this; - RefPtr sample = aSample; - return InvokeAsync(mTaskQueue, __func__, [self, sample, this]() { - if (mFirstDemuxedSampleTime.isNothing()) { - MOZ_ASSERT(sample->mTime.IsValid()); - mFirstDemuxedSampleTime.emplace(sample->mTime); - } - return RemoteDataDecoder::ProcessDecode(sample); - }); - } - private: class CallbacksSupport final : public JavaCallbacksSupport { public: @@ -432,10 +408,6 @@ class RemoteAudioDecoder : public RemoteDataDecoder { RemoteAudioDecoder* mDecoder; }; - bool IsSampleTimeSmallerThanFirstDemuxedSampleTime(int64_t aTime) const { - return TimeUnit::FromMicroseconds(aTime) < mFirstDemuxedSampleTime.ref(); - } - // Param and LocalRef are only valid for the duration of a JNI method call. // Use GlobalRef as the parameter type to keep the Java object referenced // until running. @@ -476,8 +448,7 @@ class RemoteAudioDecoder : public RemoteDataDecoder { int32_t size; ok &= NS_SUCCEEDED(info->Size(&size)); - if (!ok || - IsSampleTimeSmallerThanFirstDemuxedSampleTime(presentationTimeUs)) { + if (!ok) { Error(MediaResult(NS_ERROR_DOM_MEDIA_FATAL_ERR, __func__)); return; } @@ -529,7 +500,6 @@ class RemoteAudioDecoder : public RemoteDataDecoder { int32_t mOutputChannels; int32_t mOutputSampleRate; - Maybe mFirstDemuxedSampleTime; }; already_AddRefed RemoteDataDecoder::CreateAudioDecoder( @@ -712,29 +682,25 @@ static CryptoInfo::LocalRef GetCryptoInfoFromSample( RefPtr RemoteDataDecoder::Decode( MediaRawData* aSample) { + MOZ_ASSERT(aSample != nullptr); + RefPtr self = this; RefPtr sample = aSample; - return InvokeAsync(mTaskQueue, __func__, [self, this, sample]() { - return RemoteDataDecoder::ProcessDecode(sample); + return InvokeAsync(mTaskQueue, __func__, [self, sample]() { + jni::ByteBuffer::LocalRef bytes = jni::ByteBuffer::New( + const_cast(sample->Data()), sample->Size()); + + self->SetState(State::DRAINABLE); + self->mInputBufferInfo->Set(0, sample->Size(), + sample->mTime.ToMicroseconds(), 0); + return self->mJavaDecoder->Input(bytes, self->mInputBufferInfo, + GetCryptoInfoFromSample(sample)) + ? self->mDecodePromise.Ensure(__func__) + : DecodePromise::CreateAndReject( + MediaResult(NS_ERROR_OUT_OF_MEMORY, __func__), __func__); }); } -RefPtr RemoteDataDecoder::ProcessDecode( - MediaRawData* aSample) { - AssertOnTaskQueue(); - MOZ_ASSERT(aSample != nullptr); - jni::ByteBuffer::LocalRef bytes = jni::ByteBuffer::New( - const_cast(aSample->Data()), aSample->Size()); - - SetState(State::DRAINABLE); - mInputBufferInfo->Set(0, aSample->Size(), aSample->mTime.ToMicroseconds(), 0); - return mJavaDecoder->Input(bytes, mInputBufferInfo, - GetCryptoInfoFromSample(aSample)) - ? mDecodePromise.Ensure(__func__) - : DecodePromise::CreateAndReject( - MediaResult(NS_ERROR_OUT_OF_MEMORY, __func__), __func__); -} - void RemoteDataDecoder::UpdatePendingInputStatus(PendingOp aOp) { AssertOnTaskQueue(); switch (aOp) { diff --git a/dom/media/platforms/android/RemoteDataDecoder.h b/dom/media/platforms/android/RemoteDataDecoder.h index 683269648f17..3945fa805466 100644 --- a/dom/media/platforms/android/RemoteDataDecoder.h +++ b/dom/media/platforms/android/RemoteDataDecoder.h @@ -43,7 +43,6 @@ class RemoteDataDecoder : public MediaDataDecoder, // Methods only called on mTaskQueue. RefPtr ProcessFlush(); - RefPtr ProcessDecode(MediaRawData* aSample); RefPtr ProcessShutdown(); void UpdateInputStatus(int64_t aTimestamp, bool aProcessed); void UpdateOutputStatus(RefPtr&& aSample);