corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1911022 - Fix drag-and-drop of large amount of text on address bar causing hang on the parent process. r=mak

Browse Source 
Differential Revision: https://phabricator.services.mozilla.com/D231281
This commit is contained in:
Moritz Beier
2024-12-13 10:29:27 +00:00
parent 653c0dac72
commit c23c9fde21
2 changed files with 21 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
docshell/base/URIFixup.sys.mjs
View File

@@ -161,13 +161,6 @@ ChromeUtils.defineLazyGetter(
/^(?:[a-z+.-]+:\/*(?!\/))?\[(?:[0-9a-f]{0,4}:){0,7}[0-9a-f]{0,4}\]?(?::\d+|\/)?/i /^(?:[a-z+.-]+:\/*(?!\/))?\[(?:[0-9a-f]{0,4}:){0,7}[0-9a-f]{0,4}\]?(?::\d+|\/)?/i
); );
// Regex used to detect spaces in URL credentials.
ChromeUtils.defineLazyGetter(
lazy,
"DetectSpaceInCredentialsRegex",
() => /^[^/]*\s[^/]*@/
);
// Cache of known domains. // Cache of known domains.
ChromeUtils.defineLazyGetter(lazy, "knownDomains", () => { ChromeUtils.defineLazyGetter(lazy, "knownDomains", () => {
const branch = "browser.fixup.domainwhitelist."; const branch = "browser.fixup.domainwhitelist.";
@@ -384,13 +377,23 @@ URIFixup.prototype = {
uriString = uriString.replace(/^:?\/\//, ""); uriString = uriString.replace(/^:?\/\//, "");
} }
let detectSpaceInCredentials = val => {
// Only search the first 512 chars for performance reasons.
let firstChars = val.slice(0, 512);
if (!firstChars.includes("@")) {
return false;
}
let credentials = firstChars.split("@")[0];
return !credentials.includes("/") && /\s/.test(credentials);
};
// Avoid fixing up content that looks like tab-separated values. // Avoid fixing up content that looks like tab-separated values.
// Assume that 1 tab is accidental, but more than 1 implies this is // Assume that 1 tab is accidental, but more than 1 implies this is
// supposed to be tab-separated content. // supposed to be tab-separated content.
if ( if (
!isCommonProtocol && !isCommonProtocol &&
lazy.maxOneTabRegex.test(uriString) && lazy.maxOneTabRegex.test(uriString) &&
!lazy.DetectSpaceInCredentialsRegex.test(untrimmedURIString) !detectSpaceInCredentials(untrimmedURIString)
) { ) {
let uriWithProtocol = fixupURIProtocol(uriString); let uriWithProtocol = fixupURIProtocol(uriString);
if (uriWithProtocol) { if (uriWithProtocol) {
@@ -966,8 +969,11 @@ function fileURIFixup(uriString) {
* or null if fixing was not possible. * or null if fixing was not possible.
*/ */
function fixupURIProtocol(uriString) { function fixupURIProtocol(uriString) {
let schemePos = uriString.indexOf("://"); // The longest URI scheme on the IANA list is 36 chars + 3 for ://
if (schemePos == -1 || schemePos > uriString.search(/[:\/]/)) { let schemeChars = uriString.slice(0, 39);
let schemePos = schemeChars.indexOf("://");
if (schemePos == -1 || schemePos > schemeChars.search(/[:\/]/)) {
uriString = "http://" + uriString; uriString = "http://" + uriString;
} }
try { try {

5
docshell/test/unit/test_URIFixup.js
View File

@@ -73,6 +73,11 @@ var data = [
wrong: "whatever://this/is/a/test.html", wrong: "whatever://this/is/a/test.html",
fixed: "whatever://this/is/a/test.html", fixed: "whatever://this/is/a/test.html",
}, },
{
// Valid should not be changed.
wrong: "whatever://user:pass@example.com/test.html",
fixed: "whatever://user:pass@example.com/test.html",
},
{ {
// Spaces before @ are valid if it appears after the domain. // Spaces before @ are valid if it appears after the domain.
wrong: "example.com/ @test.com", wrong: "example.com/ @test.com",