Backed out 4 changesets (bug 1805676) for causing wpt failures in /workers/modules/shared-worker-import-csp.html. CLOSED TREE

Backed out changeset 3d943ee00682 (bug 1805676) Backed out changeset 34da8cbd7db2 (bug 1805676) Backed out changeset 1573d31341db (bug 1805676) Backed out changeset 212f36c3a9e0 (bug 1805676)
2023-02-13 10:41:28 +02:00
parent 7d867cbbdf
commit 5561fe074d
175 changed files with 223 additions and 2444 deletions
--- a/dom/workers/ScriptLoader.cpp
+++ b/dom/workers/ScriptLoader.cpp
@@ -259,26 +259,19 @@ void LoadAllScripts(WorkerPrivate* aWorkerPrivate,

 class ChannelGetterRunnable final : public WorkerMainThreadRunnable {
  const nsAString& mScriptURL;
-  const WorkerType& mWorkerType;
-  const RequestCredentials& mCredentials;
  const ClientInfo mClientInfo;
  WorkerLoadInfo& mLoadInfo;
  nsresult mResult;

 public:
  ChannelGetterRunnable(WorkerPrivate* aParentWorker,
-                        const nsAString& aScriptURL,
-                        const WorkerType& aWorkerType,
-                        const RequestCredentials& aCredentials,
-                        WorkerLoadInfo& aLoadInfo)
+                        const nsAString& aScriptURL, WorkerLoadInfo& aLoadInfo)
      : WorkerMainThreadRunnable(aParentWorker,
                                 "ScriptLoader :: ChannelGetter"_ns),
        mScriptURL(aScriptURL)
        // ClientInfo should always be present since this should not be called
        // if parent's status is greater than Running.
        ,
-        mWorkerType(aWorkerType),
-        mCredentials(aCredentials),
        mClientInfo(aParentWorker->GlobalScope()->GetClientInfo().ref()),
        mLoadInfo(aLoadInfo),
        mResult(NS_ERROR_FAILURE) {
@@ -325,7 +318,7 @@ class ChannelGetterRunnable final : public WorkerMainThreadRunnable {

    mResult = workerinternals::ChannelFromScriptURLMainThread(
        mLoadInfo.mLoadingPrincipal, parentDoc, mLoadInfo.mLoadGroup, url,
-        mWorkerType, mCredentials, clientInfo,
+        clientInfo,
        // Nested workers are always dedicated.
        nsIContentPolicy::TYPE_INTERNAL_WORKER, mLoadInfo.mCookieJarSettings,
        mLoadInfo.mReferrerInfo, getter_AddRefs(channel));
@@ -373,24 +366,19 @@ nsresult GetCommonSecFlags(bool aIsMainScript, nsIURI* uri,
    secFlags |= nsILoadInfo::SEC_ALLOW_CHROME;
  }

-  // Note: this is for backwards compatibility and goes against spec.
-  // We should find a better solution.
-  if (aIsMainScript && isData) {
-    secFlags = nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL;
-  }
-
  return NS_OK;
 }

-nsresult GetModuleSecFlags(bool aIsTopLevel, nsIPrincipal* principal,
-                           WorkerScriptType aWorkerScriptType, nsIURI* aURI,
+nsresult GetModuleSecFlags(nsIPrincipal* principal,
+                           WorkerScriptType aWorkerScriptType,
+                           ScriptLoadRequest* aRequest,
                           RequestCredentials aCredentials,
                           uint32_t& secFlags) {
  // Implements "To fetch a single module script,"
  // Step 9. If destination is "worker", "sharedworker", or "serviceworker",
  //         and the top-level module fetch flag is set, then set request's
  //         mode to "same-origin".
-  secFlags = aIsTopLevel
+  secFlags = aRequest->GetWorkerLoadContext()->IsTopLevel()
                 ? nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED
                 : nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_INHERITS_SEC_CONTEXT;

@@ -406,7 +394,8 @@ nsresult GetModuleSecFlags(bool aIsTopLevel, nsIPrincipal* principal,
    secFlags |= nsILoadInfo::nsILoadInfo::SEC_COOKIES_OMIT;
  }

-  return GetCommonSecFlags(aIsTopLevel, aURI, principal, aWorkerScriptType,
+  return GetCommonSecFlags(aRequest->GetWorkerLoadContext()->IsTopLevel(),
+                           aRequest->mURI, principal, aWorkerScriptType,
                           secFlags);
 }

@@ -418,8 +407,16 @@ nsresult GetClassicSecFlags(bool aIsMainScript, nsIURI* uri,
                 ? nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED
                 : nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_INHERITS_SEC_CONTEXT;

-  return GetCommonSecFlags(aIsMainScript, uri, principal, aWorkerScriptType,
-                           secFlags);
+  nsresult rv = GetCommonSecFlags(aIsMainScript, uri, principal,
+                                  aWorkerScriptType, secFlags);
+  bool isData = uri->SchemeIs("data");
+  // Note: this is for backwards compatibility and goes against spec.
+  // We should find a better solution.
+  if (aIsMainScript && isData) {
+    secFlags = nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL;
+  }
+
+  return rv;
 }

 }  //  anonymous namespace
@@ -909,9 +906,9 @@ nsresult WorkerScriptLoader::LoadScript(
    if (request->IsModuleRequest()) {
      referrerInfo =
          new ReferrerInfo(request->mReferrer, request->ReferrerPolicy());
-      rv = GetModuleSecFlags(
-          loadContext->IsTopLevel(), principal, mWorkerScriptType,
-          request->mURI, mWorkerRef->Private()->WorkerCredentials(), secFlags);
+      rv = GetModuleSecFlags(principal, mWorkerScriptType, request,
+                             mWorkerRef->Private()->WorkerCredentials(),
+                             secFlags);
    } else {
      referrerInfo = ReferrerInfo::CreateForFetch(principal, nullptr);
      if (parentWorker && !loadContext->IsTopLevel()) {
@@ -1577,9 +1574,7 @@ nsresult ScriptExecutorRunnable::Cancel() {

 nsresult ChannelFromScriptURLMainThread(
    nsIPrincipal* aPrincipal, Document* aParentDoc, nsILoadGroup* aLoadGroup,
-    nsIURI* aScriptURL, const WorkerType& aWorkerType,
-    const RequestCredentials& aCredentials,
-    const Maybe<ClientInfo>& aClientInfo,
+    nsIURI* aScriptURL, const Maybe<ClientInfo>& aClientInfo,
    nsContentPolicyType aMainScriptContentPolicyType,
    nsICookieJarSettings* aCookieJarSettings, nsIReferrerInfo* aReferrerInfo,
    nsIChannel** aChannel) {
@@ -1591,14 +1586,8 @@ nsresult ChannelFromScriptURLMainThread(
  NS_ASSERTION(secMan, "This should never be null!");

  uint32_t secFlags;
-  nsresult rv;
-  if (aWorkerType == WorkerType::Module) {
-    rv = GetModuleSecFlags(true, aPrincipal, WorkerScript, aScriptURL,
-                           aCredentials, secFlags);
-  } else {
-    rv = GetClassicSecFlags(true, aScriptURL, aPrincipal, WorkerScript,
-                            secFlags);
-  }
+  nsresult rv =
+      GetClassicSecFlags(true, aScriptURL, aPrincipal, WorkerScript, secFlags);
  if (NS_FAILED(rv)) {
    return rv;
  }
@@ -1610,14 +1599,14 @@ nsresult ChannelFromScriptURLMainThread(
      aCookieJarSettings, aReferrerInfo, aChannel);
 }

-nsresult ChannelFromScriptURLWorkerThread(
-    JSContext* aCx, WorkerPrivate* aParent, const nsAString& aScriptURL,
-    const WorkerType& aWorkerType, const RequestCredentials& aCredentials,
-    WorkerLoadInfo& aLoadInfo) {
+nsresult ChannelFromScriptURLWorkerThread(JSContext* aCx,
+                                          WorkerPrivate* aParent,
+                                          const nsAString& aScriptURL,
+                                          WorkerLoadInfo& aLoadInfo) {
  aParent->AssertIsOnWorkerThread();

-  RefPtr<ChannelGetterRunnable> getter = new ChannelGetterRunnable(
-      aParent, aScriptURL, aWorkerType, aCredentials, aLoadInfo);
+  RefPtr<ChannelGetterRunnable> getter =
+      new ChannelGetterRunnable(aParent, aScriptURL, aLoadInfo);

  ErrorResult rv;
  getter->Dispatch(Canceling, rv);