Open Bug 1608074 Opened 5 years ago Updated 7 months ago

Add assertion to make sure referrer header matches the computed spec in referrerInfo

Categories

(Core :: DOM: Security, enhancement, P2)

enhancement

Tracking

()

REOPENED
83 Branch
Tracking Status
firefox83 --- affected

People

(Reporter: tnguyen, Assigned: julianwels)

Details

(Whiteboard: [domsecurity-active])

Attachments

(1 file, 1 obsolete file)

No description provided.
Assignee: nobody → tnguyen
Whiteboard: [domsecurity-active]
Status: NEW → ASSIGNED
Priority: -- → P2

Basti, may I ask you to drive this one over the finishing line please?

Assignee: tnguyen → sstreich
Flags: needinfo?(sstreich)

(In reply to Christoph Kerschbaumer [:ckerschb] from comment #3)

Basti, may I ask you to drive this one over the finishing line please?

302 to Julian - can you take a look at this one please?

Assignee: sstreich → jgaibler
Flags: needinfo?(sstreich) → needinfo?(jgaibler)

202 Accepted

Flags: needinfo?(julianwels)

Because this bug has no description and no tests, I had to go back again to a conversation to find why this is being done. From a chat with ckerschb:

imagine a page sets a referrer-policy of 'no-referrer'
but we accidentally use a codepath that sets a referrer
the assertion is to make sure we can not accidentally create a new instance of a channel (or even protocol) without us realizing we are accidentally leaking the referrer value
I imagine that some devtools thing allows you to create a channel and set a referrer and then we don't have a valid referrerinfo for that

I'd like to see a test (the above makes a test sound possible), or an explanation why one is not necessary (or not possible), or (less desirable) a solid STR for QA to manually test.

Thanks for digging up that message. Took me a while to understand what's going on but I think I got a clear picture now:

The first patch (D59314) adds debug assertions with MOZ_ASSERT to check if the ReferrerInfo object and the referer-header match. This means as long as there is any test that (A) sets the referer header and (B) sends the request, an implicit test that the referer was set correctly is also made.

To double-check that this is actually the case I ran three tests affected by the patch, with and without the changes from D59856:

./mach test devtools/client/netmonitor/test/browser_net_resend_headers.js
  (with)    OK
  (without) Assertion failure: referrerHeader.IsEmpty() (Referrer header should not be sent if there's no referrerInfo)

./mach test toolkit/components/extensions/test/xpcshell/test_ext_downloads_download.js
  (with)    OK
  (without) Mozilla crash reason: MOZ_ASSERT(referrerHeader.IsEmpty()) (Referrer header should not be sent if there's no referrerInfo)

./mach test toolkit/components/extensions/test/xpcshell/test_ext_downloads_download.js 
  (with)    OK
  (without) Mozilla crash reason: MOZ_ASSERT(referrerHeader.IsEmpty()) (Referrer header should not be sent if there's no referrerInfo)
Pushed by nbeleuzu@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/b3fb1b5bbe34 Set channel ReferrerInfo in privileged code instead of referrer header r=nchevobbe,mixedpuppy,valentin
Pushed by nbeleuzu@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/7aa5ac524911 Add assertion to make sure referrer header matches the computed referrer in referrerInfo r=ckerschb

Nrgg, sorry. I forgot to upload local changes :(

Flags: needinfo?(julianwels)

It appears the other patch should also be backed out.

Pushed by nbeleuzu@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/4e44940803cd Set channel ReferrerInfo in privileged code instead of referrer header r=nchevobbe,mixedpuppy,valentin

If this one fails again, but I'm rather certain that it won't, then it's better to back both out, that's right! :)

Status: ASSIGNED → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → 83 Branch

The assertion patch still has to land. Before that, we need to figure out why and where it gets triggered and fix that as well.

Status: RESOLVED → REOPENED
Flags: needinfo?(julianwels)
Resolution: FIXED → ---
Severity: normal → S3
Attachment #9119719 - Attachment is obsolete: true
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: