Closed Bug 1134424 Opened 11 years ago Closed 11 years ago

[e10s] "Save Image/Audio/Video As..." in remote browser causes unsafe CPOW usage warning

Categories

(Firefox :: Menus, defect)

defect
Not set
normal

Tracking

()

RESOLVED FIXED
Firefox 40
Tracking Status
e10s m8+ ---
firefox40 --- fixed

People

(Reporter: Kwan, Assigned: Kwan)

References

Details

Attachments

(2 files, 1 obsolete file)

+++ This bug was initially created as a clone of Bug #1133577 +++ STR: 1) Visit a site with some images, <audio/>s, <video/>s, or <canvas/>s on it in an e10s window 2) Right-click on one of the media elements, and choose "Save Image/Audio/Video As..." This causes some "unsafe CPOW usage" warnings in the Browser Console. In browser/base/content/nsContextMenu.js: saveHelper: function(linkURL, linkText, dialogTitle, bypassCache, doc) { [...] if (channel instanceof Ci.nsIHttpChannel) { channel.referrer = BrowserUtils.makeURIFromCPOW(doc.documentURIObject); <-- Causes CPOW warning [audio, video] if (channel instanceof Ci.nsIHttpChannelInternal) channel.forceAllowThirdPartyCookie = true; } [...] // Save URL of the clicked upon image, video, or audio. saveMedia: function() { var doc = this.target.ownerDocument; <-- Causes CPOW warning if (this.onCanvas) { // Bypass cache, since it's a data: URL. saveImageURL(this.target.toDataURL(), "canvas.png", "SaveImageTitle", <-- Causes CPOW warning [canvas] true, false, BrowserUtils.makeURIFromCPOW(doc.documentURIObject), doc); <-- Causes CPOW warning [canvas] } else if (this.onImage) { urlSecurityCheck(this.mediaURL, this.principal); saveImageURL(this.mediaURL, null, "SaveImageTitle", false, false, BrowserUtils.makeURIFromCPOW(doc.documentURIObject), doc); <-- Causes CPOW warning [image] } else if (this.onVideo || this.onAudio) { urlSecurityCheck(this.mediaURL, this.principal); var dialogTitle = this.onVideo ? "SaveVideoTitle" : "SaveAudioTitle"; this.saveHelper(this.mediaURL, null, dialogTitle, false, doc); } }, in toolkit/modules/BrowserUtils.jsm makeURIFromCPOW: function(aCPOWURI) { return Services.io.newURI(aCPOWURI.spec, aCPOWURI.originCharset, null); <-- Causes CPOW warning }, warnings are tagged e.g. [image] if they only occur with certain element types.
Assignee: nobody → moz-ian
Status: NEW → ASSIGNED
Depends on: 1140859
Depends on: 1134391
Attached file MozReview Request: bz://1134424/Kwan (obsolete) —
/r/6985 - Bug 1134424 - Use message to safely get the dataURL of the canvas for saving /r/7359 - Bug 1134424 - Use the existing reference to the document in nsContextMenu.saveMedia() rather than unsafely creating a new one Pull down these commits: hg pull -r 7ca6efe0e6d13e86e885dab531ccae97624e079c https://reviewboard-hg.mozilla.org/gecko/
Attachment #8596041 - Flags: review?(gkrizsanits)
Comment on attachment 8596041 [details] MozReview Request: bz://1134424/Kwan https://reviewboard.mozilla.org/r/6983/#review6251 Ship It!
Attachment #8596041 - Flags: review?(gkrizsanits) → review+
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Whiteboard: [fixed-in-fx-team]
Target Milestone: --- → Firefox 40
Attachment #8596041 - Attachment is obsolete: true
Attachment #8619518 - Flags: review+
Attachment #8619519 - Flags: review+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: