Bug 1964754 - Remove nsIContentPolicy TYPE_OBJECT_SUBREQUEST. r=necko-reviewers,webdriver-reviewers,extension-reviewers,devtools-reviewers,valentin,robwu,whimboo,ochameau

Differential Revision: https://phabricator.services.mozilla.com/D250027
2025-05-22 07:54:54 +00:00
parent 8c8efd4370
commit e709a4d123
20 changed files with 7 additions and 74 deletions
--- a/devtools/shared/network-observer/NetworkUtils.sys.mjs
+++ b/devtools/shared/network-observer/NetworkUtils.sys.mjs
@@ -41,7 +41,6 @@ const LOAD_CAUSE_STRINGS = {
  [Ci.nsIContentPolicy.TYPE_SUBDOCUMENT]: "subdocument",
  [Ci.nsIContentPolicy.TYPE_PING]: "ping",
  [Ci.nsIContentPolicy.TYPE_XMLHTTPREQUEST]: "xhr",
-  [Ci.nsIContentPolicy.TYPE_OBJECT_SUBREQUEST]: "objectSubdoc",
  [Ci.nsIContentPolicy.TYPE_DTD]: "dtd",
  [Ci.nsIContentPolicy.TYPE_FONT]: "font",
  [Ci.nsIContentPolicy.TYPE_MEDIA]: "media",
--- a/dom/base/nsContentPolicyUtils.h
+++ b/dom/base/nsContentPolicyUtils.h
@@ -96,7 +96,6 @@ inline const char* NS_CP_ContentTypeName(nsContentPolicyType contentType) {
    CASE_RETURN(TYPE_SUBDOCUMENT);
    CASE_RETURN(TYPE_PING);
    CASE_RETURN(TYPE_XMLHTTPREQUEST);
-    CASE_RETURN(TYPE_OBJECT_SUBREQUEST);
    CASE_RETURN(TYPE_DTD);
    CASE_RETURN(TYPE_FONT);
    CASE_RETURN(TYPE_MEDIA);
--- a/dom/base/nsContentUtils.h
+++ b/dom/base/nsContentUtils.h
@@ -3834,7 +3834,6 @@ nsContentUtils::InternalContentPolicyTypeToExternal(nsContentPolicyType aType) {
    case nsIContentPolicy::TYPE_SUBDOCUMENT:
    case nsIContentPolicy::TYPE_PING:
    case nsIContentPolicy::TYPE_XMLHTTPREQUEST:
-    case nsIContentPolicy::TYPE_OBJECT_SUBREQUEST:
    case nsIContentPolicy::TYPE_DTD:
    case nsIContentPolicy::TYPE_FONT:
    case nsIContentPolicy::TYPE_MEDIA:
--- a/dom/base/nsIContentPolicy.idl
+++ b/dom/base/nsIContentPolicy.idl
@@ -82,11 +82,11 @@ interface nsIContentPolicy : nsISupports
    TYPE_SUBDOCUMENT = 7,

    /*
-     * XXX: nsContentPolicyType = 8 used to inicate a timed refresh request.
+     * XXX: nsContentPolicyType = 8 used to indicate a timed refresh request.
     */

    /*
-     * XXX: nsContentPolicyType = 9 used to inicate an XBL binding request.
+     * XXX: nsContentPolicyType = 9 used to indicate an XBL binding request.
     */

    /**
@@ -99,10 +99,9 @@ interface nsIContentPolicy : nsISupports
     */
    TYPE_XMLHTTPREQUEST = 11,

-    /**
-     * Indicates a request by a plugin.
+    /*
+     * XXX: nsContentPolicyType = 12 used to indicate plugin/object sub-requests.
     */
-    TYPE_OBJECT_SUBREQUEST = 12,

    /**
     * Indicates a DTD loaded by an XML document.
@@ -600,7 +599,6 @@ enum class ExtContentPolicyType : uint8_t {
  TYPE_SUBDOCUMENT = nsIContentPolicy::TYPE_SUBDOCUMENT,
  TYPE_PING = nsIContentPolicy::TYPE_PING,
  TYPE_XMLHTTPREQUEST = nsIContentPolicy::TYPE_XMLHTTPREQUEST,
-  TYPE_OBJECT_SUBREQUEST = nsIContentPolicy::TYPE_OBJECT_SUBREQUEST,
  TYPE_DTD = nsIContentPolicy::TYPE_DTD,
  TYPE_FONT = nsIContentPolicy::TYPE_FONT,
  TYPE_MEDIA = nsIContentPolicy::TYPE_MEDIA,
--- a/dom/cache/DBSchema.cpp
+++ b/dom/cache/DBSchema.cpp
@@ -344,7 +344,6 @@ static_assert(
        nsIContentPolicy::TYPE_SUBDOCUMENT == 7 &&
        nsIContentPolicy::TYPE_PING == 10 &&
        nsIContentPolicy::TYPE_XMLHTTPREQUEST == 11 &&
-        nsIContentPolicy::TYPE_OBJECT_SUBREQUEST == 12 &&
        nsIContentPolicy::TYPE_DTD == 13 && nsIContentPolicy::TYPE_FONT == 14 &&
        nsIContentPolicy::TYPE_MEDIA == 15 &&
        nsIContentPolicy::TYPE_WEBSOCKET == 16 &&
--- a/dom/chrome-webidl/ChannelWrapper.webidl
+++ b/dom/chrome-webidl/ChannelWrapper.webidl
@@ -19,7 +19,6 @@ enum MozContentPolicyType {
  "script",
  "image",
  "object",
-  "object_subrequest",
  "xmlhttprequest",
  "xslt",
  "ping",
--- a/dom/fetch/InternalRequest.cpp
+++ b/dom/fetch/InternalRequest.cpp
@@ -310,8 +310,6 @@ RequestDestination InternalRequest::MapContentPolicyTypeToRequestDestination(
      return RequestDestination::_empty;
    case nsIContentPolicy::TYPE_INTERNAL_EVENTSOURCE:
      return RequestDestination::_empty;
-    case nsIContentPolicy::TYPE_OBJECT_SUBREQUEST:
-      return RequestDestination::_empty;
    case nsIContentPolicy::TYPE_DTD:
    case nsIContentPolicy::TYPE_INTERNAL_DTD:
    case nsIContentPolicy::TYPE_INTERNAL_FORCE_ALLOWED_DTD:
--- a/dom/locales/en-US/chrome/security/security.properties
+++ b/dom/locales/en-US/chrome/security/security.properties
@@ -42,7 +42,6 @@ InsecurePasswordsPresentOnIframe=Password fields present on an insecure (http://
 # LOCALIZATION NOTE: "%1$S" is the URI of the insecure mixed content resource
 LoadingMixedActiveContent2=Loading mixed (insecure) active content “%1$S” on a secure page
 LoadingMixedDisplayContent2=Loading mixed (insecure) display content “%1$S” on a secure page
-LoadingMixedDisplayObjectSubrequestDeprecation=Loading mixed (insecure) content “%1$S” within a plugin on a secure page is discouraged and will be blocked soon.
 # LOCALIZATION NOTE: "%S" is the URI of the insecure mixed content download
 MixedContentBlockedDownload = Blocked downloading insecure content “%S”.

--- a/dom/security/SecFetch.cpp
+++ b/dom/security/SecFetch.cpp
@@ -74,8 +74,6 @@ nsCString MapInternalContentPolicyTypeToDest(nsContentPolicyType aType) {
      return "empty"_ns;
    case nsIContentPolicy::TYPE_INTERNAL_EVENTSOURCE:
      return "empty"_ns;
-    case nsIContentPolicy::TYPE_OBJECT_SUBREQUEST:
-      return "empty"_ns;
    case nsIContentPolicy::TYPE_DTD:
    case nsIContentPolicy::TYPE_INTERNAL_DTD:
    case nsIContentPolicy::TYPE_INTERNAL_FORCE_ALLOWED_DTD:
--- a/dom/security/nsCSPUtils.cpp
+++ b/dom/security/nsCSPUtils.cpp
@@ -381,7 +381,6 @@ CSPDirective CSP_ContentTypeToDirective(nsContentPolicyType aType) {
      return nsIContentSecurityPolicy::CONNECT_SRC_DIRECTIVE;

    case nsIContentPolicy::TYPE_OBJECT:
-    case nsIContentPolicy::TYPE_OBJECT_SUBREQUEST:
    case nsIContentPolicy::TYPE_INTERNAL_EMBED:
    case nsIContentPolicy::TYPE_INTERNAL_OBJECT:
      return nsIContentSecurityPolicy::OBJECT_SRC_DIRECTIVE;
--- a/dom/security/nsContentSecurityManager.cpp
+++ b/dom/security/nsContentSecurityManager.cpp
@@ -395,18 +395,6 @@ static nsresult DoContentSecurityChecks(nsIChannel* aChannel,
      break;
    }

-    case ExtContentPolicy::TYPE_OBJECT_SUBREQUEST: {
-#ifdef DEBUG
-      {
-        nsCOMPtr<nsINode> node = aLoadInfo->LoadingNode();
-        MOZ_ASSERT(
-            !node || node->NodeType() == nsINode::ELEMENT_NODE,
-            "type_subrequest requires requestingContext of type Element");
-      }
-#endif
-      break;
-    }
-
    case ExtContentPolicy::TYPE_DTD: {
 #ifdef DEBUG
      {
--- a/dom/security/nsHTTPSOnlyStreamListener.cpp
+++ b/dom/security/nsHTTPSOnlyStreamListener.cpp
@@ -167,7 +167,6 @@ void nsHTTPSOnlyStreamListener::RecordUpgradeTelemetry(nsIRequest* request,
        break;

      case ExtContentPolicy::TYPE_OBJECT:
-      case ExtContentPolicy::TYPE_OBJECT_SUBREQUEST:
        typeKey = "object"_ns;
        break;

--- a/dom/security/nsMixedContentBlocker.cpp
+++ b/dom/security/nsMixedContentBlocker.cpp
@@ -493,13 +493,6 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
  // Mixed content web fonts are relatively uncommon, and we can can fall back
  // to built-in fonts with minimal disruption in almost all cases.
  //
-  // TYPE_OBJECT_SUBREQUEST could actually be either active content (e.g. a
-  // script that a plugin will execute) or display content (e.g. Flash video
-  // content).  Until we have a way to determine active vs passive content
-  // from plugin requests (bug 836352), we will treat this as passive content.
-  // This is to prevent false positives from causing users to become
-  // desensitized to the mixed content blocker.
-  //
  // TYPE_CSP_REPORT: High-risk because they directly leak information about
  // the content of the page, and because blocking them does not have any
  // negative effect on the page loading.
@@ -581,13 +574,6 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
    case ExtContentPolicy::TYPE_MEDIA:
      classification = eMixedDisplay;
      break;
-    case ExtContentPolicy::TYPE_OBJECT_SUBREQUEST:
-      if (StaticPrefs::security_mixed_content_block_object_subrequest()) {
-        classification = eMixedScript;
-      } else {
-        classification = eMixedDisplay;
-      }
-      break;

    // Active content (or content with a low value/risk-of-blocking ratio)
    // that has been explicitly evaluated; listed here for documentation
@@ -879,19 +865,6 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
    }
  }

-  // set hasMixedContentObjectSubrequest on this object if necessary
-  if (contentType == ExtContentPolicyType::TYPE_OBJECT_SUBREQUEST &&
-      aReportError) {
-    if (!StaticPrefs::security_mixed_content_block_object_subrequest()) {
-      nsAutoCString messageLookUpKey(
-          "LoadingMixedDisplayObjectSubrequestDeprecation");
-
-      LogMixedContentMessage(classification, aContentLocation, topWC->Id(),
-                             eUserOverride, requestingLocation,
-                             messageLookUpKey);
-    }
-  }
-
  uint32_t newState = 0;
  // If the content is display content, and the pref says display content should
  // be blocked, block it.
--- a/modules/libpref/init/StaticPrefList.yaml
+++ b/modules/libpref/init/StaticPrefList.yaml
@@ -16382,12 +16382,6 @@
  value: @IS_ANDROID@
  mirror: always

-# Pref to block sub requests that happen within an object.
- name: security.mixed_content.block_object_subrequest
-  type: bool
-  value: false
-  mirror: always
-
 # Pref for mixed display content blocking (images, audio, video).
 - name: security.mixed_content.block_display_content
  type: bool
--- a/netwerk/protocol/http/HttpBaseChannel.cpp
+++ b/netwerk/protocol/http/HttpBaseChannel.cpp
@@ -3274,7 +3274,6 @@ bool HttpBaseChannel::ShouldBlockOpaqueResponse() const {

  auto extContentPolicyType = mLoadInfo->GetExternalContentPolicyType();
  if (extContentPolicyType == ExtContentPolicy::TYPE_OBJECT ||
-      extContentPolicyType == ExtContentPolicy::TYPE_OBJECT_SUBREQUEST ||
      extContentPolicyType == ExtContentPolicy::TYPE_WEBSOCKET ||
      extContentPolicyType == ExtContentPolicy::TYPE_SAVEAS_DOWNLOAD) {
    LOGORB("No block: object || websocket request || save as download");
@@ -6728,11 +6727,10 @@ static void CollectORBBlockTelemetry(
    case ExtContentPolicy::TYPE_DOCUMENT:
    case ExtContentPolicy::TYPE_SUBDOCUMENT:
    case ExtContentPolicy::TYPE_OBJECT:
-    case ExtContentPolicy::TYPE_OBJECT_SUBREQUEST:
    case ExtContentPolicy::TYPE_WEBSOCKET:
    case ExtContentPolicy::TYPE_SAVEAS_DOWNLOAD:
      MOZ_ASSERT_UNREACHABLE("Shouldn't block this type");
-      // DOCUMENT, SUBDOCUMENT, OBJECT, OBJECT_SUBREQUEST,
+      // DOCUMENT, SUBDOCUMENT, OBJECT,
      // WEBSOCKET and SAVEAS_DOWNLOAD are excluded from ORB
      glean::orb::block_initiator
          .EnumGet(glean::orb::BlockInitiatorLabel::eExcluded)
--- a/netwerk/url-classifier/UrlClassifierCommon.cpp
+++ b/netwerk/url-classifier/UrlClassifierCommon.cpp
@@ -688,9 +688,7 @@ bool UrlClassifierCommon::IsPassiveContent(nsIChannel* aChannel) {
  // defined by the mixed content blocker.
  // https://searchfox.org/mozilla-central/rev/c80fa7258c935223fe319c5345b58eae85d4c6ae/dom/security/nsMixedContentBlocker.cpp#532
  return contentType == ExtContentPolicy::TYPE_IMAGE ||
-         contentType == ExtContentPolicy::TYPE_MEDIA ||
-         (contentType == ExtContentPolicy::TYPE_OBJECT_SUBREQUEST &&
-          !StaticPrefs::security_mixed_content_block_object_subrequest());
+         contentType == ExtContentPolicy::TYPE_MEDIA;
 }

 /* static */
--- a/remote/cdp/domains/parent/Network.sys.mjs
+++ b/remote/cdp/domains/parent/Network.sys.mjs
@@ -17,7 +17,6 @@ const LOAD_CAUSE_STRINGS = {
  [Ci.nsIContentPolicy.TYPE_SUBDOCUMENT]: "Subdocument",
  [Ci.nsIContentPolicy.TYPE_PING]: "Ping",
  [Ci.nsIContentPolicy.TYPE_XMLHTTPREQUEST]: "Xhr",
-  [Ci.nsIContentPolicy.TYPE_OBJECT_SUBREQUEST]: "ObjectSubdoc",
  [Ci.nsIContentPolicy.TYPE_DTD]: "Dtd",
  [Ci.nsIContentPolicy.TYPE_FONT]: "Font",
  [Ci.nsIContentPolicy.TYPE_MEDIA]: "Media",
--- a/toolkit/components/extensions/schemas/declarative_net_request.json
+++ b/toolkit/components/extensions/schemas/declarative_net_request.json
@@ -77,7 +77,7 @@
      {
        "id": "ResourceType",
        "type": "string",
-        "description": "How the requested resource will be used. Comparable to the webRequest.ResourceType type.",
+        "description": "How the requested resource will be used. Comparable to the webRequest.ResourceType type. object_subrequest is unsupported.",
        "enum": [
          "main_frame",
          "sub_frame",
--- a/toolkit/components/extensions/schemas/web_request.json
+++ b/toolkit/components/extensions/schemas/web_request.json
@@ -40,7 +40,6 @@
          "script",
          "image",
          "object",
-          "object_subrequest",
          "xmlhttprequest",
          "xslt",
          "ping",
--- a/toolkit/components/extensions/webrequest/ChannelWrapper.cpp
+++ b/toolkit/components/extensions/webrequest/ChannelWrapper.cpp
@@ -864,8 +864,6 @@ MozContentPolicyType GetContentPolicyType(ExtContentPolicyType aType) {
      return MozContentPolicyType::Image;
    case ExtContentPolicy::TYPE_OBJECT:
      return MozContentPolicyType::Object;
-    case ExtContentPolicy::TYPE_OBJECT_SUBREQUEST:
-      return MozContentPolicyType::Object_subrequest;
    case ExtContentPolicy::TYPE_XMLHTTPREQUEST:
      return MozContentPolicyType::Xmlhttprequest;
    // TYPE_FETCH returns xmlhttprequest for cross-browser compatibility.