Bug 1417431 - secureConnectionStart should be 0 for pages with HTTP scheme. r=bkelly

2024-10-10 03:45:46 +00:00 · 2017-12-06 12:57:28 +01:00 · 2017-12-06 12:57:28 +01:00 · d2271cd3a8
commit d2271cd3a8
parent e8c489d641
3 changed files with 27 additions and 4 deletions
--- a/dom/performance/PerformanceTiming.cpp
+++ b/dom/performance/PerformanceTiming.cpp
@ -52,6 +52,23 @@ PerformanceTiming::PerformanceTiming(Performance* aPerformance,
    mReportCrossOriginRedirect = mTimingAllowed && redirectsPassCheck;
  }

+  mSecureConnection = false;
+  nsCOMPtr<nsIURI> uri;
+  if (aHttpChannel) {
+    aHttpChannel->GetURI(getter_AddRefs(uri));
+  } else {
+    nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel);
+    if (httpChannel) {
+      httpChannel->GetURI(getter_AddRefs(uri));
+    }
+  }
+
+  if (uri) {
+    nsresult rv = uri->SchemeIs("https", &mSecureConnection);
+    if (NS_FAILED(rv)) {
+      mSecureConnection = false;
+    }
+  }
  InitializeTimingInfo(aChannel);

  // Non-null aHttpChannel implies that this PerformanceTiming object is being
@ -118,7 +135,8 @@ PerformanceTiming::InitializeTimingInfo(nsITimedChannel* aChannel)
        mConnectStart = *clampTime;
      }

-      if (!mSecureConnectionStart.IsNull() && mSecureConnectionStart < *clampTime) {
+      if (mSecureConnection && !mSecureConnectionStart.IsNull() &&
+          mSecureConnectionStart < *clampTime) {
        mSecureConnectionStart = *clampTime;
      }

@ -369,8 +387,11 @@ PerformanceTiming::SecureConnectionStartHighRes()
      nsContentUtils::ShouldResistFingerprinting()) {
    return mZeroTime;
  }
-  return mSecureConnectionStart.IsNull() ? mZeroTime
-                                         : TimeStampToDOMHighRes(mSecureConnectionStart);
+  return !mSecureConnection
+    ? 0 // We use 0 here, because mZeroTime is sometimes set to the navigation
+        // start time.
+    : (mSecureConnectionStart.IsNull() ? mZeroTime
+                                       : TimeStampToDOMHighRes(mSecureConnectionStart));
 }

 DOMTimeMilliSec
--- a/dom/performance/PerformanceTiming.h
+++ b/dom/performance/PerformanceTiming.h
@ -305,6 +305,8 @@ private:
  // redirectEnd attributes. It is false if there were no redirects, or if
  // any of the responses didn't pass the timing-allow-check
  bool mReportCrossOriginRedirect;
+
+  bool mSecureConnection;
 };

 } // namespace dom
--- a/dom/performance/tests/test_performance_user_timing.js
+++ b/dom/performance/tests/test_performance_user_timing.js
@ -266,7 +266,7 @@ var steps = [
                performance.measure("test", n);
                ok(true, "Measure created from reserved name as starting time: " + n);
            } catch (e) {
-                ok(["redirectStart", "redirectEnd", "unloadEventStart", "unloadEventEnd", "loadEventEnd"].indexOf(n) >= 0,
+                ok(["redirectStart", "redirectEnd", "unloadEventStart", "unloadEventEnd", "loadEventEnd", "secureConnectionStart"].indexOf(n) >= 0,
                   "Measure created from reserved name as starting time: " + n + " and threw expected error");
            }
        };