[tbb-commits] [tor-browser/tor-browser-60.2.1esr-8.5-1] Bug 680300 - Part 3: Make the client.navigate() not to reference the baseURL if it navigates to a view-source URL r=asuth
gk at torproject.org
gk at torproject.org
Tue Oct 9 10:03:57 UTC 2018
commit d098b183150a7feb83f159ad731fc42537252863
Author: Tim Huang <tihuang at mozilla.com>
Date: Mon Sep 24 18:22:26 2018 +0000
Bug 680300 - Part 3: Make the client.navigate() not to reference the baseURL if it navigates to a view-source URL r=asuth
The suppressing of the error NS_ERROR_UNKNOWN_PROTOCOL will break the
web-platform-test 'windowclient-navigate.https.html' since navigating
to an invalid view-source url through the client API won't receive
any error due to the suppressing. So the test will time-out since it
waits for an error.
While navigating to an invalid view-source url with its inner url as
relative, this will pass the validity check we have right now and
do the navigation because of it takes account the baseURL while doing
the check. The invalid view-source url will be resolved into a valid
view-source url in the case. Fortunately, we won't encounter any issue
in the test in the past since the docShell will block this loading
because it's loading a view-source url inside an iframe and reports a
NS_ERROR_UNKNOWN_PROTOCOL error. But, we should faild with a
NS_ERROR_MALFORMED_URI error when doing the URL validity check.
For addressing this, this patch makes the client.navigate to not take
the baseURL into account if it is a view-source URL.
Differential Revision: https://phabricator.services.mozilla.com/D6587
--HG--
extra : moz-landing-system : lando
---
dom/clients/manager/ClientNavigateOpChild.cpp | 19 ++++++++++++++++++-
1 file changed, 18 insertions(+), 1 deletion(-)
diff --git a/dom/clients/manager/ClientNavigateOpChild.cpp b/dom/clients/manager/ClientNavigateOpChild.cpp
index b6a8e70b7356..1e6cc50da41d 100644
--- a/dom/clients/manager/ClientNavigateOpChild.cpp
+++ b/dom/clients/manager/ClientNavigateOpChild.cpp
@@ -15,6 +15,7 @@
#include "nsIWebProgressListener.h"
#include "nsNetUtil.h"
#include "nsPIDOMWindow.h"
+#include "nsURLHelper.h"
namespace mozilla {
namespace dom {
@@ -185,8 +186,24 @@ ClientNavigateOpChild::DoNavigate(const ClientNavigateOpConstructorArgs& aArgs)
return ref.forget();
}
+ // There is an edge case for view-source url here. According to the wpt test
+ // windowclient-navigate.https.html, a view-source URL with a relative inner
+ // URL should be treated as an invalid URL. However, we will still resolve it
+ // into a valid view-source URL since the baseURL is involved while creating
+ // the URI. So, an invalid view-source URL will be treated as a valid URL
+ // in this case. To address this, we should not take the baseURL into account
+ // for the view-source URL.
+ bool shouldUseBaseURL = true;
+ nsAutoCString scheme;
+ if (NS_SUCCEEDED(net_ExtractURLScheme(aArgs.url(), scheme)) &&
+ scheme.LowerCaseEqualsLiteral("view-source")) {
+ shouldUseBaseURL = false;
+ }
+
nsCOMPtr<nsIURI> url;
- rv = NS_NewURI(getter_AddRefs(url), aArgs.url(), nullptr, baseURL);
+ rv = NS_NewURI(getter_AddRefs(url), aArgs.url(),
+ nullptr, shouldUseBaseURL ? baseURL.get()
+ : nullptr);
if (NS_FAILED(rv)) {
ref = ClientOpPromise::CreateAndReject(rv, __func__);
return ref.forget();
More information about the tbb-commits
mailing list