[tbb-commits] [tor-browser] 32/73: Bug 1781063 don't use tainting for cross-origin check on document media resource loads r=chunmin a=RyanVM
gitolite role
git at cupani.torproject.org
Wed Sep 21 20:17:25 UTC 2022
This is an automated email from the git hooks/post-receive script.
richard pushed a commit to branch geckoview-102.3.0esr-12.0-1
in repository tor-browser.
commit 4b97f47d5532e8f7dd0c82a743f992d75ddd6c9d
Author: Karl Tomlinson <karlt+ at karlt.net>
AuthorDate: Wed Aug 24 01:55:02 2022 +0000
Bug 1781063 don't use tainting for cross-origin check on document media resource loads r=chunmin a=RyanVM
When the media resource is loaded as a document, the response from the initial
document load gets reused, as an optimization, as an emulated load for the
resource of the media host element in the generated HTML document.
https://searchfox.org/mozilla-central/rev/5644fae86d5122519a0e34ee03117c88c6ed9b47/dom/html/VideoDocument.cpp#114
https://html.spec.whatwg.org/multipage/browsing-the-web.html#read-media
Depends on D154041
Differential Revision: https://phabricator.services.mozilla.com/D154042
---
dom/media/ChannelMediaResource.cpp | 27 ++++++++++++++++++++-------
1 file changed, 20 insertions(+), 7 deletions(-)
diff --git a/dom/media/ChannelMediaResource.cpp b/dom/media/ChannelMediaResource.cpp
index e0a44ab805d52..1bff255343ef1 100644
--- a/dom/media/ChannelMediaResource.cpp
+++ b/dom/media/ChannelMediaResource.cpp
@@ -814,14 +814,27 @@ void ChannelMediaResource::UpdatePrincipal() {
mode == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_INHERITS_SEC_CONTEXT ||
mode == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
"no-cors request");
+ MOZ_ASSERT(!hadData || !mChannel->IsDocument(),
+ "Only the initial load may be a document load");
bool finalResponseIsOpaque =
- // GetChannelResultPrincipal() returns the original request URL for
- // null-origin Responses from ServiceWorker, in which case the URL
- // does not indicate the real source of data. Such null-origin
- // Responses have Basic LoadTainting. CORS filtered Responses from
- // ServiceWorker also cannot be mixed with no-cors cross-origin
- // responses.
- loadInfo->GetTainting() == LoadTainting::Opaque &&
+ // NS_GetFinalChannelURI() and GetChannelResultPrincipal() return the
+ // original request URI for null-origin Responses from ServiceWorker,
+ // in which case the URI does not necessarily indicate the real source
+ // of data. Such null-origin Responses have Basic LoadTainting, and
+ // so can be distinguished from true cross-origin responses when the
+ // channel is not a document load.
+ //
+ // When the channel is a document load, LoadTainting indicates opacity
+ // wrt the parent document and so does not indicate whether the
+ // response is cross-origin wrt to the media element. However,
+ // ServiceWorkers for document loads are always same-origin with the
+ // channel URI and so there is no need to distinguish null-origin
+ // ServiceWorker responses to document loads.
+ //
+ // CORS filtered Responses from ServiceWorker also cannot be mixed
+ // with no-cors cross-origin responses.
+ (mChannel->IsDocument() ||
+ loadInfo->GetTainting() == LoadTainting::Opaque) &&
// Although intermediate cross-origin redirects back to URIs with
// loadingPrincipal will have LoadTainting::Opaque and will taint the
// media element, they are not considered opaque when verifying
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the tbb-commits
mailing list