corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 791594 - Set tab title state while auth prompt is open. r=pbz,mconley,Gijs

Browse Source 
Differential Revision: https://phabricator.services.mozilla.com/D164442
This commit is contained in:
Hannah Peuckmann
2023-01-31 18:16:54 +00:00
parent 9f66067efd
commit c7b6da7fb7
5 changed files with 69 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
browser/actors/PromptParent.jsm
View File

@@ -11,6 +11,7 @@ const lazy = {};
ChromeUtils.defineESModuleGetters(lazy, {
PromptUtils: "resource://gre/modules/PromptUtils.sys.mjs",
BrowserUtils: "resource://gre/modules/BrowserUtils.sys.mjs",
});
const { XPCOMUtils } = ChromeUtils.importESModule(
"resource://gre/modules/XPCOMUtils.sys.mjs"
@@ -314,8 +315,11 @@ class PromptParent extends JSWindowActorParent {
if (dialogBox._allowTabFocusByPromptPrincipal) {
this.addTabSwitchCheckboxToArgs(dialogBox, args);
}
let currentLocationsTabLabel;
let targetTab = win.gBrowser.getTabForBrowser(browser);
if (args.isTopLevelCrossDomainAuth) {
// Auth prompt spoofing protection, see bug 791594.
// Set up the url bar with the url of the cross domain resource.
// onLocationChange will change the url back to the current browsers
// if we do not hold the state here.
@@ -324,6 +328,14 @@ class PromptParent extends JSWindowActorParent {
if (browser == win.gBrowser.selectedBrowser) {
win.gURLBar.setURI();
}
// Set up the tab title for the cross domain resource.
// We need to remember the original tab title in case
// the load does not happen after the prompt, then we need to reset the tab title manually.
currentLocationsTabLabel = targetTab.label;
win.gBrowser.setTabLabelForAuthPrompts(
targetTab,
lazy.BrowserUtils.formatURIForDisplay(args.channel.URI)
);
}
bag = lazy.PromptUtils.objectToPropBag(args);
try {
@@ -341,10 +353,14 @@ class PromptParent extends JSWindowActorParent {
if (args.isTopLevelCrossDomainAuth) {
browser.currentAuthPromptURI = null;
// If the user is stopping the page load before answering the prompt, no navigation will happen after the prompt
// so we need to reset the uri here to the current browsers for that specific case
// so we need to reset the uri and tab title here to the current browsers for that specific case
if (browser == win.gBrowser.selectedBrowser) {
win.gURLBar.setURI();
}
win.gBrowser.setTabLabelForAuthPrompts(
targetTab,
currentLocationsTabLabel
);
}
}
} else {

8
browser/base/content/tabbrowser.js
View File

@@ -1653,6 +1653,14 @@
return this._setTabLabel(aTab, title, { isContentTitle, isURL });
},
// While an auth prompt from a base domain different than the current sites is open, we do not want to show the tab title of the current site,
// but of the origin that is requesting authentication.
// This is to prevent possible auth spoofing scenarios.
// See bug 791594 for reference.
setTabLabelForAuthPrompts(aTab, aLabel) {
return this._setTabLabel(aTab, aLabel);
},
_setTabLabel(aTab, aLabel, { beforeTabOpen, isContentTitle, isURL } = {}) {
if (!aLabel || aLabel.includes("about:reader?")) {
return false;

29
browser/base/content/test/tabPrompts/browser_auth_spoofing_protection.js
View File

@@ -57,7 +57,12 @@ async function waitForDialog(doConfirmPrompt, crossDomain) {
AUTH_URL,
"Correct location is provided by the prompt"
);
// switch to another tab and make sure we dont mess up this new tabs url bar
Assert.equal(
window.gBrowser.selectedTab.label,
"example.org",
"Tab title is manipulated"
);
// switch to another tab and make sure we dont mess up this new tabs url bar and tab title
let tab = await BrowserTestUtils.openNewForegroundTab(
gBrowser,
"https://example.org:443"
@@ -67,13 +72,23 @@ async function waitForDialog(doConfirmPrompt, crossDomain) {
"https://example.org",
"No location is provided by the prompt, correct location is displayed"
);
// switch back to our tab with the prompt and make sure the url bar state is still there
Assert.equal(
window.gBrowser.selectedTab.label,
"mochitest index /",
"Tab title is not manipulated"
);
// switch back to our tab with the prompt and make sure the url bar state and tab title is still there
BrowserTestUtils.removeTab(tab);
Assert.equal(
window.gURLBar.value,
AUTH_URL,
"Correct location is provided by the prompt"
);
Assert.equal(
window.gBrowser.selectedTab.label,
"example.org",
"Tab title is manipulated"
);
// make sure a value that the user types in has a higher priority than our prompts location
gBrowser.selectedBrowser.userTypedValue = "user value";
gURLBar.setURI();
@@ -101,6 +116,11 @@ async function waitForDialog(doConfirmPrompt, crossDomain) {
SAME_DOMAIN_URL,
"No location is provided by the prompt, correct location is displayed"
);
Assert.equal(
window.gBrowser.selectedTab.label,
"example.com",
"Tab title is not manipulated"
);
}
let onDialogClosed = BrowserTestUtils.waitForEvent(
@@ -125,6 +145,11 @@ async function waitForDialog(doConfirmPrompt, crossDomain) {
crossDomain ? CROSS_DOMAIN_URL : SAME_DOMAIN_URL,
"No location is provided by the prompt"
);
Assert.equal(
window.gBrowser.selectedTab.label,
"example.com",
"Tab title is not manipulated"
);
}
/**

2
browser/base/content/test/tabPrompts/browser_auth_spoofing_url_copy.js
View File

@@ -84,7 +84,7 @@ async function waitForDialogAndCopyURL() {
}
/**
* Tests that the 401 auth spoofing mechanisms covers the url bar copy action propperly,
* Tests that the 401 auth spoofing mechanisms covers the url bar copy action properly,
* canceling the prompt
*/
add_task(async function testUrlCopy() {

15
browser/base/content/test/tabPrompts/redirect-crossDomain-tabTitle-update.html Normal file
View File

@@ -0,0 +1,15 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>example.com</title>
</head>
<body>
I am a friendly test page!
<script>
document.title="tab title update 1";
window.location.href="https://example.org:443/browser/browser/base/content/test/tabPrompts/auth-route.sjs";
document.title ="tab title update 2";
</script>
</body>
</html>