Open Bug 1228118 Opened 9 years ago Updated 2 years ago

Change about: handling to not use nested URIs

Categories

(Core :: Networking, defect, P3)

defect

Tracking

()

People

(Reporter: sicking, Unassigned)

References

(Blocks 2 open bugs)

Details

(Whiteboard: [necko-backlog])

Rather than created a nested URI with an inner "moz-safe-about" URI, we should always create an nsSimpleURI. We can then use the nsIProtocolHandlerWithDynamicFlags mechanism to give different security properties to different about: URIs.
Part of the challange here is that IndexedDB's file formats ends up using the moz-safe-about scheme name.

The origin of the page which uses IndexedDB, is stored in 3 places in the filesystem:
* The directory name (each origin gets a separate directory).
* Each directory gets a .metadata file which contain the origin and
some other information.
* Each IDB sqlite database contains a "database" table which has an
"origin" column with the origin.

Calculating this origin (correctly) grabs the innermost URI, which means that we use a moz-safe-about: scheme.

However there's two pieces of good news.

First off, it seems like all our origin handling for about: URIs go
through the TryGetInfoForAboutURI [1] function. That means that it is
quite easy to change our handling there to make sure that even though
we change about: URIs to never be parsed into inner moz-safe-about
URIs, we can easily act as if we did in order to avoid changing the
on-disk format.

Second, in bug 1195930 we're going to change the way that origins are
stored on disk. So we can rather easily at the same time change how
about: origins are stored. It's unclear if bug 1195930 will be fixed
first, or if we'll change about: URIs first. But either way I think we
should not worry about upgrading on-disk format as part of changing
about: URIs. Instead we should do the conversion when writing an
about: origin to disk.

Updating the on-disk format fewer times is better for both performance
and ability to downgrade anyway.

Additionally we do have code which reads one of these origins back
from disk and parses them in OriginParser::ParseOrigin [2]. It sounds
like we use this to restore .metadata files using a directory name
since for some reason the .metadata files sometimes gets lost. So this
code would also need to get updated to convert moz-safe-about origins
properly.

[1] http://mxr.mozilla.org/mozilla-central/source/dom/quota/ActorsParent.cpp#4030
[2] http://mxr.mozilla.org/mozilla-central/source/dom/quota/ActorsParent.cpp#6241
Flags: needinfo?(bzbarsky)
Whiteboard: [necko-backlog]
See Also: → 1280336
Note to self: when we do this I would like to make sure that checkLoadURI and friends in caps/ still don't let non-chrome-privileged about: link to chrome-privileged about: .
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P1
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: P1 → P3
Blocks: 1171853
Blocks: 1430257
No longer blocks: 1171853
See Also: → 1461407
See Also: → 1557677

With the about:home case changed in bug 1438367, I wonder if this is easier now...

Flags: needinfo?(bzbarsky)
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.