Bug 1421099 - blob URLs must check the nsILoadInfo originAttributes with its one in case used as top-level url, r=smaug

2024-10-19 16:25:38 +00:00 · 2017-11-28 16:40:37 +01:00 · 2017-11-28 16:40:37 +01:00 · d368c9c43e
commit d368c9c43e
parent f4ddc50d61
1 changed files with 31 additions and 18 deletions
--- a/dom/file/nsHostObjectProtocolHandler.cpp
+++ b/dom/file/nsHostObjectProtocolHandler.cpp
@ -7,6 +7,7 @@
 #include "nsHostObjectProtocolHandler.h"

 #include "DOMMediaStream.h"
+#include "mozilla/dom/ChromeUtils.h"
 #include "mozilla/dom/ContentChild.h"
 #include "mozilla/dom/ContentParent.h"
 #include "mozilla/dom/Exceptions.h"
@ -823,23 +824,35 @@ nsHostObjectProtocolHandler::NewChannel2(nsIURI* uri,
    return NS_ERROR_DOM_BAD_URI;
  }

-#ifdef DEBUG
-  DataInfo* info = GetDataInfoFromURI(uri);
-
-  // Info can be null, in case this blob URL has been revoked already.
-  if (info) {
-    nsCOMPtr<nsIURIWithPrincipal> uriPrinc = do_QueryInterface(uri);
-    nsCOMPtr<nsIPrincipal> principal;
-    uriPrinc->GetPrincipal(getter_AddRefs(principal));
-    MOZ_ASSERT(info->mPrincipal == principal, "Wrong principal!");
+  nsCOMPtr<nsIURIWithPrincipal> uriPrinc = do_QueryInterface(uri);
+  if (!uriPrinc) {
+    return NS_ERROR_DOM_BAD_URI;
  }
+
+  nsCOMPtr<nsIPrincipal> principal;
+  nsresult rv = uriPrinc->GetPrincipal(getter_AddRefs(principal));
+  NS_ENSURE_SUCCESS(rv, rv);
+
+#ifdef DEBUG
+  // Info can be null, in case this blob URL has been revoked already.
+  DataInfo* info = GetDataInfoFromURI(uri);
+  MOZ_ASSERT_IF(info, info->mPrincipal == principal);
 #endif

-  ErrorResult rv;
+  // We want to be sure that we stop the creation of the channel if the blob URL
+  // is copy-and-pasted on a different context (ex. private browsing or
+  // containers).
+  if (aLoadInfo &&
+      !ChromeUtils::IsOriginAttributesEqualIgnoringFPD(aLoadInfo->GetOriginAttributes(),
+                                                         BasePrincipal::Cast(principal)->OriginAttributesRef())) {
+    return NS_ERROR_DOM_BAD_URI;
+  }
+
+  ErrorResult error;
  nsCOMPtr<nsIInputStream> stream;
-  blobImpl->CreateInputStream(getter_AddRefs(stream), rv);
-  if (NS_WARN_IF(rv.Failed())) {
-    return rv.StealNSResult();
+  blobImpl->CreateInputStream(getter_AddRefs(stream), error);
+  if (NS_WARN_IF(error.Failed())) {
+    return error.StealNSResult();
  }

  nsAutoString contentType;
@ -852,8 +865,8 @@ nsHostObjectProtocolHandler::NewChannel2(nsIURI* uri,
                                        NS_ConvertUTF16toUTF8(contentType),
                                        EmptyCString(), // aContentCharset
                                        aLoadInfo);
-  if (NS_WARN_IF(rv.Failed())) {
-    return rv.StealNSResult();
+  if (NS_WARN_IF(NS_FAILED(rv))) {
+    return rv;
  }

  if (blobImpl->IsFile()) {
@ -862,9 +875,9 @@ nsHostObjectProtocolHandler::NewChannel2(nsIURI* uri,
    channel->SetContentDispositionFilename(filename);
  }

-  uint64_t size = blobImpl->GetSize(rv);
-  if (NS_WARN_IF(rv.Failed())) {
-    return rv.StealNSResult();
+  uint64_t size = blobImpl->GetSize(error);
+  if (NS_WARN_IF(error.Failed())) {
+    return error.StealNSResult();
  }

  channel->SetOriginalURI(uri);