Closed Bug 1470295 Opened 6 years ago Closed 6 years ago

Allow Save-as links to FTP files on HTTP pages.

Categories

(Core :: DOM: Security, defect, P1)

defect

Tracking

()

VERIFIED FIXED
mozilla62
Tracking Status
firefox61 + verified
firefox62 --- verified
firefox63 --- verified

People

(Reporter: evilpie, Assigned: evilpie)

References

Details

(Keywords: regression, Whiteboard: [domsecurity-active])

Attachments

(3 files)

Attachment #8986918 - Flags: review?(ckerschb)
Comment on attachment 8986918 [details] [diff] [review]
Allow save-as download of FTP files on HTTP pages. r?

Review of attachment 8986918 [details] [diff] [review]:
-----------------------------------------------------------------

Thanks, r=me

::: dom/security/nsContentSecurityManager.cpp
@@ +182,5 @@
>  
> +  // Allow save-as download of FTP files on HTTP pages.
> +  if (type == nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD) {
> +    return NS_OK;
> +  }

Maybe bundle that check with the TYPE_DOC check, something like:

// Allow top-level FTP documents and
// save-as download of FTP files on HTTP pages.
if (type == nsIContentPolicy::TYPE_DOCUMENT ||
    type == nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD) {
  return NS_OK;
}
Attachment #8986918 - Flags: review?(ckerschb) → review+
Status: NEW → ASSIGNED
Priority: -- → P1
Whiteboard: [domsecurity-active]
Pushed by evilpies@gmail.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/54b5db87eb7e
Allow save-as download of FTP files on HTTP pages. r=ckerschb
https://hg.mozilla.org/mozilla-central/rev/54b5db87eb7e
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla62
Attached patch Patch to upliftSplinter Review
Approval Request Comment
[Feature/Bug causing the regression]: bug bug 1404744
[User impact if declined]: From an HTML page, right clicking on a FTP link 'Save Link as' doesn't work
[Is this code covered by automated tests?]: No
[Has the fix been verified in Nightly?]: Yes
[Needs manual test from QE? If yes, steps to reproduce]: 1) Create HTML page with a link to an FTP file
2) Right click link and click 'Save Link As...'
3) File should download
[List of other uplifts needed for the feature/fix]: None
[Is the change risky?]: No
[Why is the change risky/not risky?]: Allows some limited old behavior
[String changes made/needed]: None
Attachment #8987341 - Flags: approval-mozilla-release?
Flags: qe-verify+
I could not reproduce the issue using an HTML page with an FTP link created by me or using the link provided in bug 1469536 comment 19 with Nightly 62.0a1 (2018-06-21) or using the latest Nightly 62.0a1(2018-06-26).

Xu Zhen, could you please confirm the fix on the latest Nightly?
Flags: needinfo?(xuzhen)
Tested with 62.0b3 and 63.0a1(209180627), the save-as function was working.
And I found another regression: visiting undisplayable file on FTP server makes Firefox hang.
Click ftp://ftp.mirror.nl/pub/Museum/atari/files/stnet110.tos , Firefox 62b/63a will hang and consume 100% CPU. Haven't tested with 61.
Flags: needinfo?(xuzhen)
Based on comment 7 I'm marking this bug as Verified fixed.

Xu Zhen, thanks for the report, I can confirm the issue described in comment 7 and I will file another bug for this.
Status: RESOLVED → VERIFIED
(In reply to roxana.leitan@softvision.ro from comment #8)
> Based on comment 7 I'm marking this bug as Verified fixed.
> 
> Xu Zhen, thanks for the report, I can confirm the issue described in comment
> 7 and I will file another bug for this.

Which bug number is this? This is quite a serious issue.
(In reply to Tom Schuster [:evilpie] from comment #9)
> Which bug number is this? This is quite a serious issue.

bug 1471594 / bug 1467102
Thank you Jan!

Did we decide not to uplift this bug?
[Tracking Requested - why for this release]:
See comment 5 + comment 11.
Comment on attachment 8987341 [details] [diff] [review]
Patch to uplift

Approved for 61.0.1.
Attachment #8987341 - Flags: approval-mozilla-release? → approval-mozilla-release+
Attached file testcase.html
I was able to reproduce this bug using the attached testcase on an affected Nightly build 62.0a1 (2018-06-21).

I can confirm that the bug is no longer reproducible on 61.0.1 (20180704003137) under the following OSes: Windows 10 x64, macOS 10.12 and Ubuntu 16.04 x64.
Flags: qe-verify+
You need to log in before you can comment on or make changes to this bug.