corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1965628 - Align with Chrome for handling ORB blocked JS. r=sefeng,necko-reviewers,valentin

Browse Source 
Differential Revision: https://phabricator.services.mozilla.com/D249559
This commit is contained in:
Andreas Farre
2025-05-15 15:28:52 +00:00
committed by afarre@mozilla.com
parent 6951827636
commit 8065bd80ce
2 changed files with 3 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
netwerk/protocol/http/OpaqueResponseUtils.cpp
View File

@@ -559,8 +559,7 @@ nsresult OpaqueResponseBlocker::ValidateJavaScript(HttpBaseChannel* aChannel,
self->AllowResponse(); self->AllowResponse();
break; break;
case OpaqueResponse::Block: case OpaqueResponse::Block:
// We'll filter the data out later self->BlockResponse(channel, NS_ERROR_FAILURE);
self->AllowResponse();
break; break;
default: default:
MOZ_ASSERT_UNREACHABLE( MOZ_ASSERT_UNREACHABLE(
@@ -620,19 +619,11 @@ void OpaqueResponseBlocker::FilterResponse() {
void OpaqueResponseBlocker::ResolveAndProcessData( void OpaqueResponseBlocker::ResolveAndProcessData(
HttpBaseChannel* aChannel, bool aAllowed, Maybe<ipc::Shmem>& aSharedData) { HttpBaseChannel* aChannel, bool aAllowed, Maybe<ipc::Shmem>& aSharedData) {
if (!aAllowed) {
// OpaqueResponseFilter allows us to filter the headers
mNext = new OpaqueResponseFilter(mNext);
}
nsresult rv = OnStartRequest(aChannel); nsresult rv = OnStartRequest(aChannel);
if (!aAllowed || NS_FAILED(rv)) { if (!aAllowed || NS_FAILED(rv)) {
MOZ_ASSERT_IF(!aAllowed, mState == State::Allowed); MOZ_ASSERT_IF(!aAllowed, mState == State::Blocked);
// No need to call OnDataAvailable because // We decided to block, so nothing more to do.
// 1. The input stream is consumed by
// OpaqueResponseBlocker::OnDataAvailable already
// 2. We don't want to pass any data over
MaybeRunOnStopRequest(aChannel); MaybeRunOnStopRequest(aChannel);
return; return;
} }

15
testing/web-platform/meta/fetch/orb/tentative/known-mime-type.sub.any.js.ini
View File

@@ -3,33 +3,18 @@
[ORB should block opaque font/ttf: fetch(..., {mode: "no-cors"})] [ORB should block opaque font/ttf: fetch(..., {mode: "no-cors"})]
expected: FAIL expected: FAIL
[ORB should block opaque font/ttf: <script src=...>]
expected: FAIL
[ORB should block opaque text/plain: fetch(..., {mode: "no-cors"})] [ORB should block opaque text/plain: fetch(..., {mode: "no-cors"})]
expected: FAIL expected: FAIL
[ORB should block opaque text/plain: <script src=...>]
expected: FAIL
[ORB should block opaque application/json (non-empty): fetch(..., {mode: "no-cors"})] [ORB should block opaque application/json (non-empty): fetch(..., {mode: "no-cors"})]
expected: FAIL expected: FAIL
[ORB should block opaque application/json (non-empty): <script src=...>]
expected: FAIL
[ORB should block opaque application/json (empty): fetch(..., {mode: "no-cors"})] [ORB should block opaque application/json (empty): fetch(..., {mode: "no-cors"})]
expected: FAIL expected: FAIL
[ORB should block opaque application/json (empty): <script src=...>]
expected: FAIL
[ORB should block opaque application/json which contains non ascii characters: fetch(..., {mode: "no-cors"})] [ORB should block opaque application/json which contains non ascii characters: fetch(..., {mode: "no-cors"})]
expected: FAIL expected: FAIL
[ORB should block opaque application/json which contains non ascii characters: <script src=...>]
expected: FAIL
[known-mime-type.sub.any.worker.html] [known-mime-type.sub.any.worker.html]
prefs: [browser.opaqueResponseBlocking:true, browser.opaqueResponseBlocking.filterFetchResponse:2] prefs: [browser.opaqueResponseBlocking:true, browser.opaqueResponseBlocking.filterFetchResponse:2]