Closed
Bug 1501503
Opened 6 years ago
Closed 6 years ago
Send a console warning when masks are blocked due to CORS.
Categories
(Core :: CSS Parsing and Computation, defect, P2)
Core
CSS Parsing and Computation
Tracking
()
RESOLVED
FIXED
mozilla65
Tracking | Status | |
---|---|---|
firefox65 | --- | fixed |
People
(Reporter: emilio, Assigned: bradwerth)
References
Details
Attachments
(2 files)
Brad, any chance you could do this? Let me know if not and I'll take a look when I have the time.
This causes a lot of confusion. There's no signal from the browser about anything failing.
Reporter | ||
Updated•6 years ago
|
Flags: needinfo?(bwerth)
Comment 1•6 years ago
|
||
Setting as P2 since the CORS mask-image fix is riding in 64 (which is now beta). We should definitely show *something* and not fail silently.
Priority: -- → P2
Assignee | ||
Updated•6 years ago
|
Assignee: nobody → bwerth
Flags: needinfo?(bwerth)
Assignee | ||
Comment 2•6 years ago
|
||
Assignee | ||
Comment 3•6 years ago
|
||
Assignee | ||
Comment 4•6 years ago
|
||
I've posted a patch which makes our CORS failure reporting occur in all cases like this. It's possible that the reporting is now too frequent. If it is, then we'll need to pass more information through to nsCORSListenerProxy::UpdateChannel(), possibly in the nsIChannel for the request.
Comment 5•6 years ago
|
||
Brad: Thanks for continuing to take on these additional CORS issues.
Assignee | ||
Comment 6•6 years ago
|
||
I'm working on a test for this by expanding dom/base/test/test_warning_for_blocked_cross_site_request.html
Assignee | ||
Comment 7•6 years ago
|
||
Depends on D9807
Pushed by bwerth@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/c2d9f82adf43
Report cross-origin load failures in more cases. r=ckerschb
https://hg.mozilla.org/integration/autoland/rev/814414676c25
Part 2: Test that CORS rejection messages are output for loads triggered from styles. r=ckerschb
Comment 9•6 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/c2d9f82adf43
https://hg.mozilla.org/mozilla-central/rev/814414676c25
Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox65:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla65
Assignee | ||
Comment 10•6 years ago
|
||
(In reply to Brad Werth [:bradwerth] from comment #4)
> I've posted a patch which makes our CORS failure reporting occur in all
> cases like this. It's possible that the reporting is now too frequent. If it
> is, then we'll need to pass more information through to
> nsCORSListenerProxy::UpdateChannel(), possibly in the nsIChannel for the
> request.
Sightings like Bug 1504284 indicate that we are now over-reporting "errors" for successful loads. Looking at the code again, I see that the modifications in Part 1 are reporting errors in an early-success path through the code. Even if these checks fail, there are other paths that lead to code success. I'll work on identifying those paths.
Cristian, would you please roll this change back?
Status: RESOLVED → REOPENED
Flags: needinfo?(cbrindusan)
Resolution: FIXED → ---
Assignee | ||
Comment 11•6 years ago
|
||
I've found by undoing JUST Part 1 of the patch (the behavior change), the test in Part 2 still passes, indicating that we are reporting CORS messages properly for mask-image without the code changes. Are we sure this is even a bug? With Part 1 undone, when I try the testcase in Bug 1418470 (try to load https://test.shhnjk.com/CSSMask.html), I also correctly get a CORS error message.
Emilio, do you have another testcase that was failing? I'd like to try it with Part 1 undone to confirm this is actually a bug.
Flags: needinfo?(emilio)
Reporter | ||
Comment 12•6 years ago
|
||
Yes,
mozregression --launch 2018-10-15 -a https://bugzilla.mozilla.org/attachment.cgi?id=9019544
(The date is fairly arbitrary, but enough so that it doesn't contain this patch).
That shows no CORS warning at all. Shows a CSP error, but that's due to it being hosted in BMO, if you run the test locally you'll see no warnings at all.
https://test.shhnjk.com/CSSMask.html also shows no warning at all in that Nightly.
I've also tested 2018-10-29 with same results, fwiw.
Flags: needinfo?(emilio)
Reporter | ||
Comment 13•6 years ago
|
||
There's a chance that bug 1496505 fixed this somehow? I don't know.
Comment 14•6 years ago
|
||
Brad, can you please let me know if this changeset needs a backout (or both of them)?
https://hg.mozilla.org/integration/autoland/rev/c2d9f82adf43
Flags: needinfo?(cbrindusan) → needinfo?(bwerth)
Comment 15•6 years ago
|
||
Backout by cbrindusan@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/e6860806fc1f
Backed out 2 changesets as requested by bradwerth on the ticket.
Assignee | ||
Comment 16•6 years ago
|
||
Thank you. Backing out both changesets is the right thing to do. The test will possibly be added back in another bug. Closing this bug again because the original issue no longer results in a silent failure.
Status: REOPENED → RESOLVED
Closed: 6 years ago → 6 years ago
Flags: needinfo?(bwerth)
Resolution: --- → FIXED
Comment 17•6 years ago
|
||
Pushed by emilio@crisal.io:
https://hg.mozilla.org/integration/mozilla-inbound/rev/abe6431b9950
Part 2: Test that CORS rejection messages are output for loads triggered from styles. r=ckerschb
Reporter | ||
Comment 18•6 years ago
|
||
I relanded the test because I think it's worth not to regress this accidentally.
Comment 19•6 years ago
|
||
bugherder |
You need to log in
before you can comment on or make changes to this bug.
Description
•