1404524 - Redirection limit should apply to API redirects

Status: RESOLVED FIXED

(Core :: Networking: HTTP, enhancement, P2)

Description

[Kris Maglione [:kmag]]

In bug 1398188, we're seeing thrashing and unbounded heap growth caused by an extension that creates an infinite redirect loop using API redirects.

If part of the redirect chain ever included an HTTP redirect, the redirect loop would be aborted, but since the extension is responsible for all of the redirect attempts, the redirection limit is decremented to 0, but never actually enforced.

Comment 1

[Valentin Gosu [:valentin] (he/him)]

Does this apply to the webextension API? I'm not sure how redirection works is performed there.
Also, is there a possibility of getting a test case (mochitest/xpcshell/webextension)? Thanks

Comment 2

[Kris Maglione [:kmag]]

(In reply to Valentin Gosu [:valentin] from comment #1)
> Does this apply to the webextension API? I'm not sure how redirection works
> is performed there.

Yes. Those APIs have listeners that can return an object with a "redirectTo" property, which causes us to call the channel's redirectTo() method with its value.

> Also, is there a possibility of getting a test case
> (mochitest/xpcshell/webextension)? Thanks

Yes, it should be pretty simple to add a test for that, but until this is fixed, it would just result in an infinite redirect loop.

Comment 3

[Dragana Damjanovic [:dragana]]

Kris, can you point to how to write a webExtension test for this?

We will find someone to work on it.

Comment 4

[Ben Kelly [:bkelly, not reviewing]]

I have some patches in bug 1412015 that improve our redirection limit enforcement.  Can you see if this behavior is any better with those patches applied?

Comment 5

[Kris Maglione [:kmag]]

I wrote a test for this, and now it works as expected. It looks like it was fixed by bug 1405739 or bug 1412015.

I'll clean the test up a bit and land it when I have a chance.