If a download upgrades to https via httpsFirst-/httpsOnly - mode it fails
Categories
(Core :: DOM: Security, defect, P2)
Tracking
()
Tracking | Status | |
---|---|---|
firefox98 | --- | fixed |
People
(Reporter: sworddragon2, Assigned: t.yavor)
References
(Blocks 1 open bug)
Details
(Whiteboard: [domsecurity-active])
Attachments
(3 files, 1 obsolete file)
Steps to reproduce:
- Enable https-only - mode or https-first - mode (which is the default for private browsing).
- Download something that is accessible via http and https (for example http://de.download.nvidia.com/Windows/497.09/497.09-desktop-win10-win11-64bit-international-dch-whql.exe ).
Actual results:
The download upgrades to https but an error message pops up claiming that the source file can't be read.
Expected results:
The download should work as usual (e.g. which is the case when explicitely requested via https).
Reporter | ||
Updated•2 years ago
|
Assignee | ||
Updated•2 years ago
|
Assignee | ||
Updated•2 years ago
|
Assignee | ||
Comment 1•2 years ago
•
|
||
After checking multiple requests and their times I guess it is related to the background request.
If that is right, what happens is for https-only and https-first:
- Request e.g. http://de.download.nvidia.com/Windows/497.09/497.09-desktop-win10-win11-64bit-international-dch-whql.exe
- http://de.download.nvidia.com/Windows/497.09/497.09-desktop-win10-win11-64bit-international-dch-whql.exe gets upgraded to https.
- The background timer starts
- background timer was successful before download was completed (before https-site loaded completely )
- Loading process stops and so the download.
That bug doesn't occur if we aren't upgrading the download link since the background timer only runs for upgraded sites.
Assignee | ||
Comment 2•2 years ago
|
||
Comment 3•2 years ago
|
||
Hey Smaug, do you know where in the codebase would be the best place to set an indicator that a download has started loading bits?
Some Background Info:
- Our
https-first-mode
tries to upgrade top-level connections fromhttp
tohttps
. To avoid long time-outs in case a top-level connection is not available overhttps
, we fire anhttp
background request after3000 ms
to the host we are trying to connect to. That happens within PotentiallyFireHttpRequestToShortenTimout - If the
http
background request returns faster than we start loading bits using the upgraded top-level connection, then we see that as a strong indicator that the upgraded top-level connection will result in a timeout and we fall back to connecting to the top-level page usinghttp
. FWIW, that part seems to work fine for top-level requests. - Now problem being is that downloads look completely identical to top-level loads in our code, because we only know a load of
TYPE_DOCUMENT
will result in a download once we would start rendering the content. - For top-level loads we set the bit
HTTPS_ONLY_TOP_LEVEL_LOAD_IN_PROGRESS
within DocumentLoadListener::OnStartRequest to indicate that a top-level load has started. - Apparently for downloads we do not do that and we would need to set a similar bit once we know that download has started, so that we do not fire the background request which could kill our download.
I remember that for our data:
URI blocking mechanism, we were facing a similar problem, and we did not want to block data:
URIs which result in a download. To compensate, we added the check AllowTopLevelNavigationToDataURI()
within nsDSURIContentListener::DoContent. Is that a good place, or can you suggest a better place in our codebase where we would know that a download has started and we are about to load bits?
Comment 4•2 years ago
|
||
Basti mentioned that we could set the flag within nsExternalAppHandler::OnStartRequest which I think could be a good place.
Assignee | ||
Comment 5•2 years ago
|
||
Thank you both!
Sounds good.
Assignee | ||
Comment 6•2 years ago
|
||
Updated•2 years ago
|
Assignee | ||
Comment 7•2 years ago
|
||
Comment 8•2 years ago
|
||
yeah, externalapphandler should be able to handle this.
AllowTopLevelNavigationToDataURI() case wasn't about download, but whether or not load top level pages, no?
Comment 9•2 years ago
|
||
The severity field is not set for this bug.
:ckerschb, could you have a look please?
For more information, please visit auto_nag documentation.
Comment 10•2 years ago
|
||
Pushed by mozilla@christophkerschbaumer.com: https://hg.mozilla.org/integration/autoland/rev/dd8809f8bb92 If a download upgrades to https via httpsFirst-/httpsOnly - mode it fails. r=ckerschb,necko-reviewers,dragana https://hg.mozilla.org/integration/autoland/rev/f94ea51101a1 Test case: https - only/ first completes slow download from upgraded site.r=ckerschb
Comment 11•2 years ago
|
||
Backed out for causing failures on browser_slow_download.js
-
backout: https://hg.mozilla.org/integration/autoland/rev/0f08ad63b0b11db3189de7df4879958984c62f09
-
failure log: https://treeherder.mozilla.org/logviewer?job_id=362904478&repo=autoland&lineNumber=5689
[task 2022-01-03T18:12:42.588Z] 18:12:42 INFO - TEST-PASS | dom/security/test/https-first/browser_slow_download.js | File should be downloaded. -
[task 2022-01-03T18:12:42.588Z] 18:12:42 INFO - Buffered messages finished
[task 2022-01-03T18:12:42.589Z] 18:12:42 INFO - TEST-UNEXPECTED-FAIL | dom/security/test/https-first/browser_slow_download.js | Uncaught exception - DownloadError: Download blocked.
[task 2022-01-03T18:12:42.590Z] 18:12:42 INFO - Stack trace:
[task 2022-01-03T18:12:42.591Z] 18:12:42 INFO - DownloadError@resource://gre/modules/DownloadCore.jsm:1819:16
[task 2022-01-03T18:12:42.592Z] 18:12:42 INFO - DownloadError.fromSerializable@resource://gre/modules/DownloadCore.jsm:1928:11
[task 2022-01-03T18:12:42.592Z] 18:12:42 INFO - Download.fromSerializable@resource://gre/modules/DownloadCore.jsm:1352:36
[task 2022-01-03T18:12:42.593Z] 18:12:42 INFO - D_createDownload@resource://gre/modules/Downloads.jsm:108:39
[task 2022-01-03T18:12:42.594Z] 18:12:42 INFO - _nsITransferInitInternal@resource://gre/modules/DownloadLegacy.jsm:413:15
[task 2022-01-03T18:12:42.595Z] 18:12:42 INFO - initWithBrowsingContext@resource://gre/modules/DownloadLegacy.jsm:315:17
[task 2022-01-03T18:12:42.596Z] 18:12:42 INFO - promptForSaveToFileAsync/<@resource://gre/modules/HelperAppDlg.jsm:317:23
[task 2022-01-03T18:12:42.597Z] 18:12:42 INFO - Leaving test bound test_slow_download
[task 2022-01-03T18:12:42.597Z] 18:12:42 INFO - GECKO(2493) | [Child 2565: Main Thread]: I/DocShellAndDOMWindowLeak --DOMWINDOW == 12 (7fd4ebfc1400) [pid = 2565] [serial = 25] [outer = 0] [url = about:blank]
[task 2022-01-03T18:12:42.598Z] 18:12:42 INFO - GECKO(2493) | [Child 2565: Main Thread]: I/DocShellAndDOMWindowLeak --DOMWINDOW == 11 (7fd4ebfc3800) [pid = 2565] [serial = 27] [outer = 0] [url = about:blank]
[task 2022-01-03T18:12:42.601Z] 18:12:42 INFO - GECKO(2493) | [Child 2565: Main Thread]: I/DocShellAndDOMWindowLeak --DOMWINDOW == 10 (7fd4ebfc5000) [pid = 2565] [serial = 28] [outer = 0] [url = https://example.com/browser/dom/security/test/https-first/file_mixed_content_console.html]
[task 2022-01-03T18:12:42.602Z] 18:12:42 INFO - GECKO(2493) | [Child 2565: Main Thread]: I/DocShellAndDOMWindowLeak --DOMWINDOW == 9 (7fd4ebfcc800) [pid = 2565] [serial = 30] [outer = 0] [url = about:blank]
[task 2022-01-03T18:12:42.603Z] 18:12:42 INFO - GECKO(2493) | [Child 2565: Main Thread]: I/DocShellAndDOMWindowLeak --DOCSHELL 7fd4ebfcb800 == 1 [pid = 2565] [id = 8] [url = https://example.com/browser/dom/security/test/https-first/download_page.html]
[task 2022-01-03T18:12:42.604Z] 18:12:42 INFO - TEST-PASS | dom/security/test/https-first/browser_slow_download.js | Download start page is https -
Updated•2 years ago
|
Assignee | ||
Comment 12•2 years ago
•
|
||
I think something went wrong with the order of the patches.
Made a treeherder request with same machine and it didn't failed https://treeherder.mozilla.org/push-health/push?repo=try&revision=a3f556f27cd62eac4b891d462fb7b546e671ce9a&tab=tests&testGroup=pr&selectedTest=devtoolsclientinspectorsharedtestbrowserstyleinspectortooltip-background-imagejs&selectedTaskId=363222772&selectedJobName=devtools%2Fclient%2Finspector%2Fshared%2Ftest%2Fbrowser_styleinspector_tooltip-background-image.js+test-linux1804-64-qr%2Fopt-mochitest-devtools-chrome-fis-e10s-1.
Probably the test was run before the fix patch was applied.
Comment 13•2 years ago
•
|
||
We have this one on TRY again with some extended timeout requests for the test itself, which seems to work fine now:
https://treeherder.mozilla.org/jobs?repo=try&revision=8d1aab44319a2fe418ec461c1e3a594530602e47
Going to re-land ...
Comment 14•2 years ago
|
||
Pushed by mozilla@christophkerschbaumer.com: https://hg.mozilla.org/integration/autoland/rev/23081f3b923f If a download upgrades to https via httpsFirst-/httpsOnly - mode it fails. r=ckerschb,necko-reviewers,dragana https://hg.mozilla.org/integration/autoland/rev/7f7864031ae3 Test case: https - only/ first completes slow download from upgraded site.r=ckerschb
Comment 15•2 years ago
|
||
Backed out for causing mochitest failures on browser_slow_download.js
- Backout link
- Push with failures
- Failure Log
- Failure line: TEST-UNEXPECTED-FAIL | dom/security/test/https-first/browser_slow_download.js | Uncaught exception - DownloadError: Download blocked.
Assignee | ||
Comment 16•2 years ago
|
||
That is related to a defect in another test file: https://bugzilla.mozilla.org/show_bug.cgi?id=1749953
Comment 17•2 years ago
|
||
Pushed by mozilla@christophkerschbaumer.com: https://hg.mozilla.org/integration/autoland/rev/efb69ab57dc9 If a download upgrades to https via httpsFirst-/httpsOnly - mode it fails. r=ckerschb,necko-reviewers,dragana https://hg.mozilla.org/integration/autoland/rev/98712a0ace1e Test case: https - only/ first completes slow download from upgraded site.r=ckerschb
Comment 18•2 years ago
|
||
Backed out for causing mochitest failures on browser_slow_download.js
- Backout link
- Push with failures
- Failure Log
- Failure line: TEST-UNEXPECTED-FAIL | dom/security/test/https-first/browser_slow_download.js | Uncaught exception - DownloadError: Download blocked.
Updated•2 years ago
|
Assignee | ||
Comment 19•2 years ago
|
||
Assignee | ||
Updated•2 years ago
|
Comment 20•2 years ago
|
||
Pushed by mozilla@christophkerschbaumer.com: https://hg.mozilla.org/integration/autoland/rev/336d3cfecad2 If a download upgrades to https via httpsFirst-/httpsOnly - mode it fails. r=ckerschb,necko-reviewers,dragana https://hg.mozilla.org/integration/autoland/rev/32bac3160aa5 Test case: https - only/ first completes slow download from upgraded site.r=ckerschb
Comment 21•2 years ago
|
||
Backed out for causing build bustages on browser_download_slow. CLOSED TREE
Backout link : https://hg.mozilla.org/integration/autoland/rev/a5264b7356e480a7bd5850ed649804893daa0ed9
Link to failure log : https://treeherder.mozilla.org/logviewer?job_id=364356808&repo=autoland&lineNumber=64282
Failure message : package-tests> Error: Symlink target path does not exist: /builds/worker/checkouts/gecko/dom/security/test/https-first/browser_download_slow.html
Assignee | ||
Updated•2 years ago
|
Comment 22•2 years ago
|
||
Pushed by mozilla@christophkerschbaumer.com: https://hg.mozilla.org/integration/autoland/rev/34a08545bf69 If a download upgrades to https via httpsFirst-/httpsOnly - mode it fails. r=ckerschb,necko-reviewers,dragana https://hg.mozilla.org/integration/autoland/rev/2f5a2ce06906 Test case: https - only/ first completes slow download from upgraded site.r=ckerschb
Comment 23•2 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/34a08545bf69
https://hg.mozilla.org/mozilla-central/rev/2f5a2ce06906
Description
•