mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-12-01 00:32:11 +00:00
c771068e58
Differential Revision: https://phabricator.services.mozilla.com/D216993
218 lines
7.3 KiB
C++
218 lines
7.3 KiB
C++
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#include "ServiceWorkerUtils.h"
|
|
|
|
#include "mozilla/BasePrincipal.h"
|
|
#include "mozilla/ErrorResult.h"
|
|
#include "mozilla/Preferences.h"
|
|
#include "mozilla/StaticPrefs_dom.h"
|
|
#include "mozilla/StaticPrefs_extensions.h"
|
|
#include "mozilla/dom/BrowsingContext.h"
|
|
#include "mozilla/dom/ClientInfo.h"
|
|
#include "mozilla/dom/Navigator.h"
|
|
#include "mozilla/dom/ServiceWorkerGlobalScopeBinding.h"
|
|
#include "mozilla/dom/ServiceWorkerRegistrarTypes.h"
|
|
#include "nsCOMPtr.h"
|
|
#include "nsIPrincipal.h"
|
|
#include "nsIURL.h"
|
|
#include "nsPrintfCString.h"
|
|
|
|
namespace mozilla::dom {
|
|
|
|
static bool IsServiceWorkersTestingEnabledInWindow(JSObject* const aGlobal) {
|
|
if (const nsCOMPtr<nsPIDOMWindowInner> innerWindow =
|
|
Navigator::GetWindowFromGlobal(aGlobal)) {
|
|
if (auto* bc = innerWindow->GetBrowsingContext()) {
|
|
return bc->Top()->ServiceWorkersTestingEnabled();
|
|
}
|
|
}
|
|
return false;
|
|
}
|
|
|
|
static bool IsInPrivateBrowsing(JSContext* const aCx) {
|
|
if (const nsCOMPtr<nsIGlobalObject> global = xpc::CurrentNativeGlobal(aCx)) {
|
|
if (const nsCOMPtr<nsIPrincipal> principal = global->PrincipalOrNull()) {
|
|
return principal->GetIsInPrivateBrowsing();
|
|
}
|
|
}
|
|
return false;
|
|
}
|
|
|
|
bool ServiceWorkersEnabled(JSContext* aCx, JSObject* aGlobal) {
|
|
MOZ_ASSERT(NS_IsMainThread());
|
|
|
|
if (!StaticPrefs::dom_serviceWorkers_enabled()) {
|
|
return false;
|
|
}
|
|
|
|
// xpc::CurrentNativeGlobal below requires rooting
|
|
JS::Rooted<JSObject*> global(aCx, aGlobal);
|
|
|
|
if (IsInPrivateBrowsing(aCx)) {
|
|
return false;
|
|
}
|
|
|
|
// Allow a webextension principal to register a service worker script with
|
|
// a moz-extension url only if 'extensions.service_worker_register.allowed'
|
|
// is true.
|
|
if (!StaticPrefs::extensions_serviceWorkerRegister_allowed()) {
|
|
nsIPrincipal* principal = nsContentUtils::SubjectPrincipal(aCx);
|
|
if (principal && BasePrincipal::Cast(principal)->AddonPolicy()) {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
if (IsSecureContextOrObjectIsFromSecureContext(aCx, global)) {
|
|
return true;
|
|
}
|
|
|
|
return StaticPrefs::dom_serviceWorkers_testing_enabled() ||
|
|
IsServiceWorkersTestingEnabledInWindow(global);
|
|
}
|
|
|
|
bool ServiceWorkerVisible(JSContext* aCx, JSObject* aGlobal) {
|
|
if (NS_IsMainThread()) {
|
|
// We want to expose ServiceWorker interface only when
|
|
// navigator.serviceWorker is available. Currently it may not be available
|
|
// with some reasons:
|
|
// 1. navigator.serviceWorker is not supported in workers. (bug 1131324)
|
|
return ServiceWorkersEnabled(aCx, aGlobal);
|
|
}
|
|
|
|
// We are already in ServiceWorker and interfaces need to be exposed for e.g.
|
|
// globalThis.registration.serviceWorker. Note that navigator.serviceWorker
|
|
// is still not supported. (bug 1131324)
|
|
return IS_INSTANCE_OF(ServiceWorkerGlobalScope, aGlobal);
|
|
}
|
|
|
|
bool ServiceWorkerRegistrationDataIsValid(
|
|
const ServiceWorkerRegistrationData& aData) {
|
|
return !aData.scope().IsEmpty() && !aData.currentWorkerURL().IsEmpty() &&
|
|
!aData.cacheName().IsEmpty();
|
|
}
|
|
|
|
namespace {
|
|
|
|
void CheckForSlashEscapedCharsInPath(nsIURI* aURI, const char* aURLDescription,
|
|
ErrorResult& aRv) {
|
|
MOZ_ASSERT(aURI);
|
|
|
|
// A URL that can't be downcast to a standard URL is an invalid URL and should
|
|
// be treated as such and fail with SecurityError.
|
|
nsCOMPtr<nsIURL> url(do_QueryInterface(aURI));
|
|
if (NS_WARN_IF(!url)) {
|
|
// This really should not happen, since the caller checks that we
|
|
// have an http: or https: URL!
|
|
aRv.ThrowInvalidStateError("http: or https: URL without a concept of path");
|
|
return;
|
|
}
|
|
|
|
nsAutoCString path;
|
|
nsresult rv = url->GetFilePath(path);
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
// Again, should not happen.
|
|
aRv.ThrowInvalidStateError("http: or https: URL without a concept of path");
|
|
return;
|
|
}
|
|
|
|
ToLowerCase(path);
|
|
if (path.Find("%2f") != kNotFound || path.Find("%5c") != kNotFound) {
|
|
nsPrintfCString err("%s contains %%2f or %%5c", aURLDescription);
|
|
aRv.ThrowTypeError(err);
|
|
}
|
|
}
|
|
|
|
} // anonymous namespace
|
|
|
|
void ServiceWorkerScopeAndScriptAreValid(const ClientInfo& aClientInfo,
|
|
nsIURI* aScopeURI, nsIURI* aScriptURI,
|
|
ErrorResult& aRv) {
|
|
MOZ_DIAGNOSTIC_ASSERT(aScopeURI);
|
|
MOZ_DIAGNOSTIC_ASSERT(aScriptURI);
|
|
|
|
auto principalOrErr = aClientInfo.GetPrincipal();
|
|
if (NS_WARN_IF(principalOrErr.isErr())) {
|
|
aRv.ThrowInvalidStateError("Can't make security decisions about Client");
|
|
return;
|
|
}
|
|
|
|
auto hasHTTPScheme = [](nsIURI* aURI) -> bool {
|
|
return aURI->SchemeIs("http") || aURI->SchemeIs("https");
|
|
};
|
|
auto hasMozExtScheme = [](nsIURI* aURI) -> bool {
|
|
return aURI->SchemeIs("moz-extension");
|
|
};
|
|
|
|
nsCOMPtr<nsIPrincipal> principal = principalOrErr.unwrap();
|
|
|
|
auto isExtension = !!BasePrincipal::Cast(principal)->AddonPolicy();
|
|
auto hasValidURISchemes = !isExtension ? hasHTTPScheme : hasMozExtScheme;
|
|
|
|
// https://w3c.github.io/ServiceWorker/#start-register-algorithm step 3.
|
|
if (!hasValidURISchemes(aScriptURI)) {
|
|
auto message = !isExtension
|
|
? "Script URL's scheme is not 'http' or 'https'"_ns
|
|
: "Script URL's scheme is not 'moz-extension'"_ns;
|
|
aRv.ThrowTypeError(message);
|
|
return;
|
|
}
|
|
|
|
// https://w3c.github.io/ServiceWorker/#start-register-algorithm step 4.
|
|
CheckForSlashEscapedCharsInPath(aScriptURI, "script URL", aRv);
|
|
if (NS_WARN_IF(aRv.Failed())) {
|
|
return;
|
|
}
|
|
|
|
// https://w3c.github.io/ServiceWorker/#start-register-algorithm step 8.
|
|
if (!hasValidURISchemes(aScopeURI)) {
|
|
auto message = !isExtension
|
|
? "Scope URL's scheme is not 'http' or 'https'"_ns
|
|
: "Scope URL's scheme is not 'moz-extension'"_ns;
|
|
aRv.ThrowTypeError(message);
|
|
return;
|
|
}
|
|
|
|
// https://w3c.github.io/ServiceWorker/#start-register-algorithm step 9.
|
|
CheckForSlashEscapedCharsInPath(aScopeURI, "scope URL", aRv);
|
|
if (NS_WARN_IF(aRv.Failed())) {
|
|
return;
|
|
}
|
|
|
|
// The refs should really be empty coming in here, but if someone
|
|
// injects bad data into IPC, who knows. So let's revalidate that.
|
|
nsAutoCString ref;
|
|
Unused << aScopeURI->GetRef(ref);
|
|
if (NS_WARN_IF(!ref.IsEmpty())) {
|
|
aRv.ThrowSecurityError("Non-empty fragment on scope URL");
|
|
return;
|
|
}
|
|
|
|
Unused << aScriptURI->GetRef(ref);
|
|
if (NS_WARN_IF(!ref.IsEmpty())) {
|
|
aRv.ThrowSecurityError("Non-empty fragment on script URL");
|
|
return;
|
|
}
|
|
|
|
// Unfortunately we don't seem to have an obvious window id here; in
|
|
// particular ClientInfo does not have one.
|
|
nsresult rv = principal->CheckMayLoadWithReporting(
|
|
aScopeURI, false /* allowIfInheritsPrincipal */, 0 /* innerWindowID */);
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
aRv.ThrowSecurityError("Scope URL is not same-origin with Client");
|
|
return;
|
|
}
|
|
|
|
rv = principal->CheckMayLoadWithReporting(
|
|
aScriptURI, false /* allowIfInheritsPrincipal */, 0 /* innerWindowID */);
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
aRv.ThrowSecurityError("Script URL is not same-origin with Client");
|
|
return;
|
|
}
|
|
}
|
|
|
|
} // namespace mozilla::dom
|