Bug 927196 - Check more stuff in XHR. r=jonas

2024-10-11 12:25:53 +00:00 · 2013-10-16 19:20:51 +02:00 · 2013-10-16 19:20:51 +02:00 · f8d03252bb
commit f8d03252bb
parent b7e5d57a8d
15 changed files with 87 additions and 34 deletions
--- a/content/base/src/nsXMLHttpRequest.cpp
+++ b/content/base/src/nsXMLHttpRequest.cpp
@ -383,7 +383,7 @@ nsXMLHttpRequest::InitParameters(bool aAnon, bool aSystem)

  // Chrome is always allowed access, so do the permission check only
  // for non-chrome pages.
-  if (!IsSystemXHR()) {
+  if (!IsSystemXHR() && aSystem) {
    nsCOMPtr<nsIDocument> doc = window->GetExtantDoc();
    if (!doc) {
      return;
--- a/content/base/src/nsXMLHttpRequest.h
+++ b/content/base/src/nsXMLHttpRequest.h
@ -236,7 +236,7 @@ public:

  void SetParameters(bool aAnon, bool aSystem)
  {
-    mIsAnon = aAnon;
+    mIsAnon = aAnon || aSystem;
    mIsSystem = aSystem;
  }

--- a/content/base/test/file_restrictedEventSource.sjs
+++ b/content/base/test/file_restrictedEventSource.sjs
@ -5,9 +5,7 @@ function handleRequest(request, response)
       request.getHeader("Authorization") == "Basic dXNlciAxOnBhc3N3b3JkIDE=") ||
      (request.queryString == "test=user1_evtsrc" &&
       request.hasHeader("Authorization") &&
-       request.getHeader("Authorization") == "Basic dXNlciAxOnBhc3N3b3JkIDE=" &&
-       request.hasHeader("Cookie") &&
-       request.getHeader("Cookie") == "test=5c")) {
+       request.getHeader("Authorization") == "Basic dXNlciAxOnBhc3N3b3JkIDE=")) {
    response.setStatusLine(null, 200, "OK");
    response.setHeader("Content-Type", "text/event-stream", false);
    response.setHeader("Access-Control-Allow-Origin", "http://mochi.test:8888", false);
--- a/content/base/test/mochitest.ini
+++ b/content/base/test/mochitest.ini
@ -521,6 +521,7 @@ support-files =
 [test_bug895974.html]
 [test_bug902847.html]
 [test_bug907892.html]
+[test_bug927196.html]
 [test_caretPositionFromPoint.html]
 [test_classList.html]
 [test_copypaste.html]
--- a/content/base/test/test_XHR_parameters.html
+++ b/content/base/test/test_XHR_parameters.html
@ -53,12 +53,11 @@ function runTests() {
    }
    ok(xhr instanceof XMLHttpRequest, "passed " + JSON.stringify(value));

-    // If the page doesnt have privileges to create a system or anon XHR,
-    // these flags will always be false no matter what is passed.
-    let expectedAnon = false;
+    // If the page doesnt have privileges to create a system XHR,
+    // this flag will always be false no matter what is passed.
+    let expectedAnon = Boolean(value && value.mozAnon);
    let expectedSystem = false;
    if (havePrivileges) {
-      expectedAnon = Boolean(value && value.mozAnon);
      expectedSystem = Boolean(value && value.mozSystem);
    }
    is(xhr.mozAnon, expectedAnon, "testing mozAnon");
@ -84,13 +83,12 @@ function runTests() {

  // ...and once with privileges.
  havePrivileges = true;
-  SpecialPowers.addPermission("systemXHR", true, document);
+  SpecialPowers.pushPermissions([{'type': 'systemXHR', 'allow': true, 'context': document}], function() {
+    validParameters.forEach(testValidParameter);
+    invalidParameters.forEach(testInvalidParameter);

-  validParameters.forEach(testValidParameter);
-  invalidParameters.forEach(testInvalidParameter);
-  SpecialPowers.removePermission("systemXHR", document);
-
-  SimpleTest.finish();
+    SimpleTest.finish();
+  });
 }

 </script>
--- a/content/base/test/test_bug338583.html
+++ b/content/base/test/test_bug338583.html
@ -464,8 +464,8 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=338583

  function doTest5_c(test_id)
  {
-    // credentials using the auth cache and cookies
-    var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true});
+    // credentials using the auth cache
+    var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
    xhr.withCredentials = true;
    // also, test mixed mode UI
    xhr.open("GET", "https://example.com/tests/content/base/test/file_restrictedEventSource.sjs?test=user1_xhr", true, "user 1", "password 1");
@ -494,7 +494,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=338583

  function doTest5_d(test_id)
  {
-    var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true});
+    var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
    xhr.withCredentials = true;
    xhr.open("GET", "https://example.com/tests/content/base/test/file_restrictedEventSource.sjs?test=user2_xhr", true, "user 2", "password 2");
    xhr.send();
@ -521,8 +521,8 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=338583

  function doTest5_e(test_id)
  {
-    // credentials using the auth cache and cookies
-    var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true});
+    // credentials using the auth cache
+    var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
    xhr.withCredentials = true;
    xhr.open("GET", "http://example.org/tests/content/base/test/file_restrictedEventSource.sjs?test=user1_xhr", true, "user 1", "password 1");
    xhr.send();
@ -550,7 +550,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=338583

  function doTest5_f(test_id)
  {
-    var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true});
+    var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
    xhr.withCredentials = true;
    xhr.open("GET", "http://example.org/tests/content/base/test/file_restrictedEventSource.sjs?test=user2_xhr", true, "user 2", "password 2");
    xhr.send();
--- a/content/base/test/test_bug426308.html
+++ b/content/base/test/test_bug426308.html
@ -22,7 +22,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=426308
 const SJS_URL = "http://example.org:80/tests/content/base/test/bug426308-redirect.sjs";

 function startTest() {
-  var req = new XMLHttpRequest({mozAnon: false, mozSystem: true});
+  var req = new XMLHttpRequest({mozAnon: true, mozSystem: true});
  req.open("GET", SJS_URL + "?" + window.location.href, false);
  req.send(null);

--- a/content/base/test/test_bug431701.html
+++ b/content/base/test/test_bug431701.html
@ -51,7 +51,7 @@ function createDoc() {
 function xhrDoc(idx) {
  return function() {
    // Defy same-origin restrictions!
-    var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true});
+    var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
    xhr.open("GET", docSources[idx], false);
    xhr.send();
    return xhr.responseXML;
--- a/content/base/test/test_bug804395.html
+++ b/content/base/test/test_bug804395.html
@ -19,7 +19,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=804395
 <script type="application/javascript">

 function test200() {
-  var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true});
+  var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
  xhr.open('GET', 'jar:http://example.org/tests/content/base/test/file_bug804395.jar!/foo.bar', true);
  xhr.onreadystatechange = function() {
    if (xhr.readyState == 4) {
@ -31,7 +31,7 @@ function test200() {
 }

 function test404() {
-  var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true});
+  var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
  xhr.open('GET', 'jar:http://example.org/tests/content/base/test/file_bug804395.jar!/foo.do_not_exist', true);
  xhr.onreadystatechange = function() {
    if (xhr.readyState == 4) {
@ -43,7 +43,7 @@ function test404() {
 }

 function test0() {
-  var xhr = new XMLHttpRequest({mozAnon: false, mozSystem: true});
+  var xhr = new XMLHttpRequest({mozAnon: true, mozSystem: true});
  xhr.open('GET', 'jar:http://example.org/tests/content/base/test/file_bug804395.jar!/foo.bar', true);
  ok(xhr.status == 0, "Not Sent request must have status 0");
  runTests();
--- a/content/base/test/test_bug927196.html
+++ b/content/base/test/test_bug927196.html
@ -0,0 +1,56 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=426308
+-->
+<head>
+  <title>Test for Bug 426308</title>
+  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=927196">Mozilla Bug 927196</a>
+<p id="display"></p>
+<div id="content" style="display: none">
+  
+</div>
+<pre id="test">
+<script class="testbody" type="text/javascript">
+
+/** Test for Bug 927196 **/
+
+function startTest() {
+  req = new XMLHttpRequest({mozSystem: true});
+  is(req.mozAnon, true, "XMLHttpRequest should be mozAnon");
+
+  req = new XMLHttpRequest({mozAnon: true});
+  is(req.mozAnon, true, "XMLHttpRequest should be mozAnon");
+  is(req.mozSystem, false, "XMLHttpRequest should not be mozSystem");
+
+  req = new XMLHttpRequest({mozAnon: true, mozSystem: true});
+  is(req.mozAnon, true, "XMLHttpRequest should be mozAnon");
+  is(req.mozSystem, true, "XMLHttpRequest should be mozSystem");
+
+  req = new XMLHttpRequest({mozAnon: false, mozSystem: true});
+  is(req.mozAnon, true, "XMLHttpRequest should be mozAnon");
+
+  SimpleTest.finish();
+}
+
+SimpleTest.waitForExplicitFinish();
+
+var req = new XMLHttpRequest({mozAnon: true});
+is(req.mozAnon, true, "XMLHttpRequest should be mozAnon");
+is(req.mozSystem, false, "XMLHttpRequest should not be mozSystem");
+
+req = new XMLHttpRequest({mozAnon: true, mozSystem: true});
+is(req.mozAnon, false, "XMLHttpRequest should be mozAnon");
+is(req.mozSystem, false, "XMLHttpRequest should not be mozSystem");
+
+addLoadEvent(function() {
+   SpecialPowers.pushPermissions([{'type': 'systemXHR', 'allow': true, 'context': document}], startTest);
+});
+</script>
+</pre>
+</body>
+</html>
--- a/content/base/test/test_xhr_forbidden_headers.html
+++ b/content/base/test/test_xhr_forbidden_headers.html
@ -70,7 +70,7 @@ function  startTest() {
  }

  // Try setting headers in privileged context
-  request = new XMLHttpRequest({mozAnon: false, mozSystem: true});
+  request = new XMLHttpRequest({mozAnon: true, mozSystem: true});
  request.open("GET", window.location.href);
  for (i = 0; i < headers.length; i++)
    request.setRequestHeader(headers[i], "test" + i);
--- a/dom/workers/XMLHttpRequest.cpp
+++ b/dom/workers/XMLHttpRequest.cpp
@ -1502,7 +1502,10 @@ XMLHttpRequest::Constructor(const GlobalObject& aGlobal,
  nsRefPtr<XMLHttpRequest> xhr = new XMLHttpRequest(workerPrivate);

  if (workerPrivate->XHRParamsAllowed()) {
-    xhr->mMozAnon = aParams.mMozAnon;
+    if (aParams.mMozSystem)
+      xhr->mMozAnon = true;
+    else
+      xhr->mMozAnon = aParams.mMozAnon;
    xhr->mMozSystem = aParams.mMozSystem;
  }

--- a/dom/workers/test/test_xhr_system.html
+++ b/dom/workers/test/test_xhr_system.html
@ -26,8 +26,6 @@ function message(event) {
 };

 function test1() {
-  // ...and once with privileges.
-  SpecialPowers.addPermission("systemXHR", true, document);
  var worker = new Worker("test_xhr_system.js");
  worker.onmessage = message;
  worker.postMessage(true);
@ -36,7 +34,6 @@ function test1() {
 var tests = [ test1 ];
 function run() {
  if (!tests.length) {
-    SpecialPowers.removePermission("systemXHR", document);
    SimpleTest.finish();
    return;
  }
@ -46,7 +43,8 @@ function run() {
 }

 SimpleTest.waitForExplicitFinish();
-run();
+
+SpecialPowers.pushPermissions([{'type': 'systemXHR', 'allow': true, 'context': document}], run);

 </script>
 </pre>
--- a/dom/workers/test/test_xhr_system.js
+++ b/dom/workers/test/test_xhr_system.js
@ -11,7 +11,7 @@ self.onmessage = function onmessage(event) {
  // An XHR with system privileges will be able to do cross-site calls.

  const TEST_URL = "http://example.com/tests/content/base/test/test_XHR_system.html";
-  is(location.hostname, "mochi.test", "hostname");
+  is(location.hostname, "mochi.test", "hostname should be mochi.test");

  var xhr = new XMLHttpRequest({mozSystem: true});
  is(xhr.mozSystem, true, ".mozSystem == true");
--- a/testing/mochitest/manifest.webapp
+++ b/testing/mochitest/manifest.webapp
@ -27,7 +27,6 @@
    "idle":{},
    "network-events":{},
    "embed-apps":{},
-    "systemXHR":{},
    "audio-channel-content":{},
    "audio-channel-alarm":{}
  },