From f2ba920b49711c90b3e3206da2e9ae113b69aa4f Mon Sep 17 00:00:00 2001 From: Narcis Beleuzu Date: Fri, 10 Jul 2020 18:43:37 +0300 Subject: [PATCH] Backed out 2 changesets (bug 1635828) for mochitest failures on test_sts_privatebrowsing_perwindowpb.html . CLOSED TREE Backed out changeset 52be379dbb20 (bug 1635828) Backed out changeset c410710919ab (bug 1635828) --- netwerk/protocol/http/nsHttpChannel.cpp | 11 +-- .../antitracking/test/browser/browser.ini | 2 - .../browser/browser_staticPartition_HSTS.js | 73 ------------------- .../browser/browser_staticPartition_HSTS.sjs | 12 --- 4 files changed, 4 insertions(+), 94 deletions(-) delete mode 100644 toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.js delete mode 100644 toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp index 9b9bbff2fe69..029190e09923 100644 --- a/netwerk/protocol/http/nsHttpChannel.cpp +++ b/netwerk/protocol/http/nsHttpChannel.cpp @@ -585,8 +585,8 @@ nsresult nsHttpChannel::OnBeforeConnect() { this, getter_AddRefs(resultPrincipal)); } OriginAttributes originAttributes; - if (!StoragePrincipalHelper::GetOriginAttributesForNetworkState( - this, originAttributes)) { + if (!StoragePrincipalHelper::GetOriginAttributes( + this, originAttributes, StoragePrincipalHelper::eRegularPrincipal)) { return NS_ERROR_FAILURE; } @@ -2183,11 +2183,8 @@ nsresult nsHttpChannel::ProcessSingleSecurityHeader( // Process header will now discard the headers itself if the channel // wasn't secure (whereas before it had to be checked manually) OriginAttributes originAttributes; - if (NS_WARN_IF(!StoragePrincipalHelper::GetOriginAttributesForNetworkState( - this, originAttributes))) { - return NS_ERROR_FAILURE; - } - + StoragePrincipalHelper::GetOriginAttributes( + this, originAttributes, StoragePrincipalHelper::eRegularPrincipal); uint32_t failureResult; uint32_t headerSource = nsISiteSecurityService::SOURCE_ORGANIC_REQUEST; rv = sss->ProcessHeader(aType, mURI, securityHeader, aSecInfo, aFlags, diff --git a/toolkit/components/antitracking/test/browser/browser.ini b/toolkit/components/antitracking/test/browser/browser.ini index 8f75ea09c87e..32e11d246edc 100644 --- a/toolkit/components/antitracking/test/browser/browser.ini +++ b/toolkit/components/antitracking/test/browser/browser.ini @@ -155,5 +155,3 @@ support-files = !/browser/components/originattributes/test/browser/file_thirdPartyChild.worker.xhr.html !/browser/components/originattributes/test/browser/file_thirdPartyChild.xhr.html [browser_staticPartition_network.js] -[browser_staticPartition_HSTS.js] -support-files = browser_staticPartition_HSTS.sjs diff --git a/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.js b/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.js deleted file mode 100644 index e87a09892744..000000000000 --- a/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.js +++ /dev/null @@ -1,73 +0,0 @@ -/* Any copyright is dedicated to the Public Domain. - * http://creativecommons.org/publicdomain/zero/1.0/ - */ - -var unsecureEmptyURL = - "http://example.org/browser/toolkit/components/antitracking/test/browser/empty.html"; -var secureURL = - "https://example.com/browser/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs"; -var unsecureURL = - "http://example.com/browser/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs"; - -function cleanupHSTS() { - // Ensure to remove example.com from the HSTS list. - let sss = Cc["@mozilla.org/ssservice;1"].getService( - Ci.nsISiteSecurityService - ); - sss.resetState( - Ci.nsISiteSecurityService.HEADER_HSTS, - NetUtil.newURI("http://example.com/"), - 0 - ); -} - -function promiseTabLoadEvent(aTab, aURL, aFinalURL) { - info("Wait for load tab event"); - BrowserTestUtils.loadURI(aTab.linkedBrowser, aURL); - return BrowserTestUtils.browserLoaded(aTab.linkedBrowser, false, aFinalURL); -} - -add_task(async function() { - for (let prefValue of [true, false]) { - await SpecialPowers.pushPrefEnv({ - set: [["privacy.partition.network_state", prefValue]], - }); - - let tab = (gBrowser.selectedTab = BrowserTestUtils.addTab(gBrowser)); - - // Let's load the secureURL as first-party in order to activate HSTS. - await promiseTabLoadEvent(tab, secureURL, secureURL); - - // Let's test HSTS: unsecure -> secure. - await promiseTabLoadEvent(tab, unsecureURL, secureURL); - ok(true, "unsecure -> secure, first-party works!"); - - // Let's load a first-party. - await promiseTabLoadEvent(tab, unsecureEmptyURL, unsecureEmptyURL); - - let finalURL = await SpecialPowers.spawn( - tab.linkedBrowser, - [unsecureURL], - async url => { - return new content.Promise(resolve => { - let ifr = content.document.createElement("iframe"); - ifr.onload = _ => { - resolve(ifr.contentWindow.location.href); - }; - - content.document.body.appendChild(ifr); - ifr.src = url; - }); - } - ); - - if (prefValue) { - is(finalURL, unsecureURL, "HSTS doesn't work for 3rd parties"); - } else { - is(finalURL, secureURL, "HSTS works for 3rd parties"); - } - - gBrowser.removeCurrentTab(); - cleanupHSTS(); - } -}); diff --git a/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs b/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs deleted file mode 100644 index 64c4235288c3..000000000000 --- a/toolkit/components/antitracking/test/browser/browser_staticPartition_HSTS.sjs +++ /dev/null @@ -1,12 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this file, - * You can obtain one at http://mozilla.org/MPL/2.0/. */ - -function handleRequest(request, response) { - let page = "

HSTS page

"; - response.setStatusLine(request.httpVersion, "200", "OK"); - response.setHeader("Strict-Transport-Security", "max-age=60"); - response.setHeader("Content-Type", "text/html", false); - response.setHeader("Content-Length", page.length + "", false); - response.write(page); -}