Bug 913199 - Use HTTPS for FxAccounts server URL. r=rnewman

--HG-- extra : rebase_source : 61f4e1d3f071da8ec504b0a91e77926eac72f86d
2025-02-27 21:00:50 +00:00 · 2013-09-27 12:02:20 -07:00 · 2013-09-27 12:02:20 -07:00 · fc3d2f695c
commit fc3d2f695c
parent 2c8842b2b6
5 changed files with 74 additions and 10 deletions
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@ -1305,5 +1305,5 @@ pref("geo.wifi.uri", "https://www.googleapis.com/geolocation/v1/geolocate?key=%G
 pref("network.disable.ipc.security", true);

 // The URL where remote content that composes the UI for Firefox Accounts should
-// be fetched.
-pref("firefox.accounts.remoteUrl", "http://accounts.dev.lcip.org/flow");
+// be fetched. Must use HTTPS.
+pref("firefox.accounts.remoteUrl", "https://accounts.dev.lcip.org/flow");
--- a/browser/base/content/aboutaccounts/aboutaccounts.js
+++ b/browser/base/content/aboutaccounts/aboutaccounts.js
@ -7,11 +7,16 @@
 const {classes: Cc, interfaces: Ci, utils: Cu} = Components;

 Cu.import("resource://gre/modules/Services.jsm");
+Cu.import("resource://gre/modules/FxAccounts.jsm");

 function log(msg) {
  //dump("FXA: " + msg + "\n");
 };

+function error(msg) {
+  console.log("Firefox Account Error: " + msg + "\n");
+};
+
 let wrapper = {
  iframe: null,

@ -19,7 +24,12 @@ let wrapper = {
    let iframe = document.getElementById("remote");
    this.iframe = iframe;
    iframe.addEventListener("load", this);
-    iframe.src = this._getAccountsURI();
+
+    try {
+      iframe.src = fxAccounts.getAccountsURI();
+    } catch (e) {
+      error("Couldn't init Firefox Account wrapper: " + e.message);
+    }
  },

  handleEvent: function (evt) {
@ -49,10 +59,6 @@ let wrapper = {
    this.injectData("message", { status: "verified" });
  },

-  _getAccountsURI: function () {
-    return Services.urlFormatter.formatURLPref("firefox.accounts.remoteUrl");
-  },
-
  handleRemoteCommand: function (evt) {
    log('command: ' + evt.detail.command);
    let data = evt.detail.data;
@ -74,13 +80,17 @@ let wrapper = {
  },

  injectData: function (type, content) {
-    let authUrl = this._getAccountsURI();
-
+    let authUrl;
+    try {
+      authUrl = fxAccounts.getAccountsURI();
+    } catch (e) {
+      error("Couldn't inject data: " + e.message);
+      return;
+    }
    let data = {
      type: type,
      content: content
    };
-
    this.iframe.contentWindow.postMessage(data, authUrl);
  },
 };
--- a/services/fxaccounts/FxAccounts.jsm
+++ b/services/fxaccounts/FxAccounts.jsm
@ -10,6 +10,7 @@ const {classes: Cc, interfaces: Ci, utils: Cu} = Components;
 Cu.import("resource://gre/modules/Promise.jsm");
 Cu.import("resource://gre/modules/osfile.jsm")
 Cu.import("resource://services-common/utils.js");
+Cu.import("resource://gre/modules/Services.jsm");

 const defaultBaseDir = OS.Path.join(OS.Constants.Path.profileDir);
 const defaultStorageOptions = {
@ -107,6 +108,15 @@ FxAccounts.prototype = Object.freeze({
    this._signedInUser = {};
    return this._signedInUserStorage.set(null);
  },
+
+  getAccountsURI: function () {
+    let url = Services.urlFormatter.formatURLPref("firefox.accounts.remoteUrl");
+    if (!/^https:/.test(url)) {
+      throw new Error("Firefox Accounts server must use HTTPS");
+    }
+    return url;
+  },
+
 });


--- a/services/fxaccounts/tests/xpcshell/head.js
+++ b/services/fxaccounts/tests/xpcshell/head.js
@ -13,4 +13,34 @@
  ns.initTestLogging("Trace");
 }).call(this);

+/**
+ * Test whether specified function throws exception with expected
+ * result.
+ *
+ * @param func
+ *        Function to be tested.
+ * @param message
+ *        Message of expected exception. <code>null</code> for no throws.
+ * @param stack
+ *        Optional stack object to be printed. <code>null</code> for
+ *        Components#stack#caller.
+ */
+function do_check_throws(func, message, stack)
+{
+  if (!stack)
+    stack = Components.stack.caller;

+  try {
+    func();
+  } catch (exc) {
+    if (exc.message === message) {
+      return;
+    }
+    do_throw("expecting exception '" + message
+             + "', caught '" + exc.message + "'", stack);
+  }
+
+  if (message) {
+    do_throw("expecting exception '" + message + "', none thrown", stack);
+  }
+}
--- a/services/fxaccounts/tests/xpcshell/test_accounts.js
+++ b/services/fxaccounts/tests/xpcshell/test_accounts.js
@ -5,6 +5,7 @@

 const {interfaces: Ci, results: Cr, utils: Cu} = Components;

+Cu.import("resource://gre/modules/Services.jsm");
 Cu.import("resource://gre/modules/FxAccounts.jsm");

 function run_test() {
@ -20,6 +21,19 @@ let credentials = {
  kB: "cafe"
 };

+add_test(function test_non_https_remote_server_uri() {
+
+  Services.prefs.setCharPref("firefox.accounts.remoteUrl",
+                             "http://example.com/browser/browser/base/content/test/general/accounts_testRemoteCommands.html");
+  do_check_throws(function () {
+    fxAccounts.getAccountsURI();
+  }, "Firefox Accounts server must use HTTPS");
+
+  Services.prefs.clearUserPref("firefox.accounts.remoteUrl");
+
+  run_next_test();
+});
+
 add_task(function test_get_signed_in_user_initially_unset() {
  // user is initially undefined
  let result = yield fxAccounts.getSignedInUser();