Closed
Bug 1185640
Opened 9 years ago
Closed 9 years ago
Passing a scope or scriptURL to register() with escaped '/' or '\' should fail
Categories
(Core :: DOM: Service Workers, defect)
Core
DOM: Service Workers
Tracking
()
RESOLVED
FIXED
mozilla43
People
(Reporter: nsm, Assigned: nsm)
References
Details
Attachments
(1 file, 1 obsolete file)
7.87 KB,
patch
|
bkelly
:
review+
|
Details | Diff | Splinter Review |
Updated•9 years ago
|
Assignee: nobody → amarchesini
Comment 2•9 years ago
|
||
Attachment #8646977 -
Flags: review?(bkelly)
Comment 3•9 years ago
|
||
Comment on attachment 8646977 [details] [diff] [review] slashes.patch Review of attachment 8646977 [details] [diff] [review]: ----------------------------------------------------------------- Sorry, but this needs to only check for the escaped slashes in the path part of the URL/scope. Escaped slashes in the query part of the string are allowed, for example.
Attachment #8646977 -
Flags: review?(bkelly) → review-
Comment 4•9 years ago
|
||
Attachment #8646977 -
Attachment is obsolete: true
Attachment #8647069 -
Flags: review?(bkelly)
Comment 5•9 years ago
|
||
Comment on attachment 8647069 [details] [diff] [review] slashes.patch Review of attachment 8647069 [details] [diff] [review]: ----------------------------------------------------------------- r=me with comments addressed. Thanks. ::: dom/workers/ServiceWorkerContainer.cpp @@ +105,5 @@ > +CheckForSlashEscapedCharsInPath(nsIURI* aURI) > +{ > + MOZ_ASSERT(aURI); > + > + nsCOMPtr<nsIURL> url(do_QueryInterface(aURI)); Assert main thread since nsIURI is being used? @@ +116,5 @@ > + if (NS_WARN_IF(NS_FAILED(rv))) { > + return rv; > + } > + > + ToLowerCase(path); You don't need to explicitly lower case here. You can just pass true for aIgnoreCase param in Find: path.Find("%2f", true /* ignore case */) I guess doing a single lower case operation is marginally more CPU efficient, though. So I don't feel strongly either way here. ::: dom/workers/test/serviceworkers/test_escapedSlashes.html @@ +19,5 @@ > + > +var tests = [ > + { status: true, > + scriptURL: "a.js?foo%2fbar", > + scopeURL: null }, Can you add a couple cases that test encoded slashes in the #anchor url ref section? @@ +84,5 @@ > + } else { > + ok(test.status, "Register should fail"); > + } > + }) > + .then(runTest); I think we should unregister the previous service worker before going on to the next one. Otherwise we are going to build up a lot of registrations/workers.
Attachment #8647069 -
Flags: review?(bkelly) → review+
Comment 6•9 years ago
|
||
> I think we should unregister the previous service worker before going on to
> the next one. Otherwise we are going to build up a lot of
> registrations/workers.
All these registrations should fail because the scripts do not exist.
Comment 8•9 years ago
|
||
Backed out for wpt permacrashes. https://treeherder.mozilla.org/logviewer.html#?job_id=12821154&repo=mozilla-inbound https://treeherder.mozilla.org/logviewer.html#?job_id=12820763&repo=mozilla-inbound https://hg.mozilla.org/integration/mozilla-inbound/rev/26e1446feb64
Comment 9•9 years ago
|
||
it seems that the dependences are fully landed. We can land this patch too.
Keywords: checkin-needed
Comment 10•9 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/f447f7b8190b
Keywords: checkin-needed
Comment 11•9 years ago
|
||
This has caused W8 bustage like this: 11. '/tools/buildbot/bin/python scripts/scripts/web_platform_tests.py ...' warnings 30m 40s 18ms 15022 01:58:01 INFO - TEST-UNEXPECTED-FAIL | /_mozilla/service-workers/service-worker/registration.https.html | Script URL is same-origin filesystem: URL - assert_throws: Registering a script which has same-origin filesystem: URL should fail with SecurityError. function "function () { throw e; }" threw object "[Exception... "Failure" nsresult: "0x80004005 (NS_ERROR_..." that is not a DOMException SecurityError: property "code" is equal to undefined, expected 18 15029 01:58:01 INFO - TEST-UNEXPECTED-FAIL | /_mozilla/service-workers/service-worker/registration.https.html | Scope URL is same-origin filesystem: URL - assert_throws: Registering with the scope that has same-origin filesystem: URL should fail with SecurityError. function "function () { throw e; }" threw object "[Exception... "Failure" nsresult: "0x80004005 (NS_ERROR_..." that is not a DOMException SecurityError: property "code" is equal to undefined, expected 18 15999 02:03:00 ERROR - Return code: 1 https://treeherder.mozilla.org/logviewer.html#?job_id=13081326&repo=mozilla-inbound I'll be backing out unless I hear otherwise.
Comment 12•9 years ago
|
||
Backed out in https://hg.mozilla.org/integration/mozilla-inbound/rev/d72462f193b4
Comment 13•9 years ago
|
||
nsm, can you take this and land it with the other fixes?
Flags: needinfo?(nsm.nikhil)
Assignee | ||
Updated•9 years ago
|
Assignee: amarchesini → nsm.nikhil
Flags: needinfo?(nsm.nikhil)
Updated•9 years ago
|
Status: NEW → ASSIGNED
Assignee | ||
Comment 14•9 years ago
|
||
url: https://hg.mozilla.org/integration/mozilla-inbound/rev/7c5cc8cfca19afaeb4af08c669a78219edea72c4 changeset: 7c5cc8cfca19afaeb4af08c669a78219edea72c4 user: Andrea Marchesini <amarchesini@mozilla.com> date: Wed Aug 19 13:23:58 2015 -0700 description: Bug 1185640 - serviceworker register() should not accept escaped slashes. r=bkelly
Comment 15•9 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/7c5cc8cfca19
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
status-firefox43:
--- → fixed
Flags: in-testsuite+
Resolution: --- → FIXED
Target Milestone: --- → mozilla43
You need to log in
before you can comment on or make changes to this bug.
Description
•