Closed Bug 1746494 Opened 2 years ago Closed 2 years ago

Right-clicking anchor with invalid URL throws NS_ERROR_MALFORMED_URI

Categories

(WebExtensions :: Frontend, defect, P3)

Firefox 97
defect
Points:
2

Tracking

(firefox95 wontfix, firefox96 wontfix, firefox97 verified)

VERIFIED FIXED
97 Branch
Tracking Status
firefox95 --- wontfix
firefox96 --- wontfix
firefox97 --- verified

People

(Reporter: sebastian.simon1602, Assigned: robwu)

References

Details

(Whiteboard: [addons-jira])

Attachments

(2 files)

Attached file MRE.html

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:100.0) Gecko/20100101 Firefox/100.0

Steps to reproduce:

Right-clicking on an anchor with an invalid URL throws some of the errors shown below.

This bug may be Pocket-specific, but any component or web extension may exhibit this bug since it’s very subtle.

This is reproducible for any HTMLAnchorElement link for which link.matches(":link") && (() => { try { new URL(link); return false; } catch { return true; } })() holds true. (This means: any link for which the href getter returns a non-empty string for which the URL constructor, without a second argument, throws; e.g. any link with an invalid host.)

A Meta Stack Exchange bug report about malformed links exhibits this behavior. Minimal reproducible example:

<a href="https://%00">Click</a>
  1. Render this HTML snippet anywhere.
  2. Right-click it.

Actual results:

If in about:config, extensions.pocket.enabled is set to true, this error is thrown:

NS_ERROR_MALFORMED_URI: Component returned failure code: 0x804b000a (NS_ERROR_MALFORMED_URI) [nsIIOService.newURI] SaveToPocket.jsm:104
    observe chrome://pocket/content/SaveToPocket.jsm:104
    nsContextMenu chrome://browser/content/nsContextMenu.js:152
    onpopupshowing chrome://browser/content/browser.xhtml:1
    openContextMenu chrome://browser/content/nsContextMenu.js:94
    receiveMessage resource:///actors/ContextMenuParent.jsm:23
    (Async: JSActor query)
    handleEvent resource:///actors/ContextMenuChild.jsm:702

If the extension uBlock Origin is installed, this error is thrown:

NS_ERROR_MALFORMED_URI: Component returned failure code: 0x804b000a (NS_ERROR_MALFORMED_URI) [nsIIOService.newURI] ext-menus.js:965
    enabledForContext chrome://browser/content/parent/ext-menus.js:965
    some self-hosted:163
    enabledForContext chrome://browser/content/parent/ext-menus.js:964
    buildChildren chrome://browser/content/parent/ext-menus.js:253
    buildTopLevelElements chrome://browser/content/parent/ext-menus.js:261
    createAndInsertTopLevelElements chrome://browser/content/parent/ext-menus.js:204
    build chrome://browser/content/parent/ext-menus.js:68
    observe chrome://browser/content/parent/ext-menus.js:1069
    nsContextMenu chrome://browser/content/nsContextMenu.js:152
    onpopupshowing chrome://browser/content/browser.xhtml:1
    openContextMenu chrome://browser/content/nsContextMenu.js:94
    receiveMessage resource:///actors/ContextMenuParent.jsm:23
    (Async: JSActor query)
    handleEvent resource:///actors/ContextMenuChild.jsm:702

Expected results:

None of these failures should occur.

The Bugbug bot thinks this bug should belong to the 'WebExtensions::Untriaged' component, and is moving the bug to that component. Please revert this change in case you think the bot is wrong.

Product: Firefox → WebExtensions

I didn’t notice this before, but for whatever reason, the PrismJS version used here on Bugzilla removes the %00 part of the minimal reproducible example when highlighting the HTML syntax. Funny enough, the URL is actually rendered as a link with the correct URL, so this bug is reproducible right on this page, in the first comment.

The correct HTML (without syntax highlighting) is:

<a href="https://%00">Click</a>

Hello,

I reproduced the issue on the latest Nightly (97.0a1/20211219214917), Beta (96.0b7/20211219185855) and Release (95.0.2/20211218203254) under Windows 10 x64 and Ubuntu 16.04 LTS.

As mentioned in the report, right clicking the link directly from this page will throw the first error and while uBlock Origin is installed, it will throw the second error. The only exception I found was that on Beta and Release the (Async: JSActor query) / handleEvent resource:///actors/ContextMenuChild.jsm:702 part of the errors is not present.

Status: UNCONFIRMED → NEW
Ever confirmed: true
Severity: -- → S4
Points: --- → 2
Component: Untriaged → Frontend
Priority: -- → P3
Whiteboard: [addons-jira]
Assignee: nobody → rob
Status: NEW → ASSIGNED
Pushed by rob@robwu.nl:
https://hg.mozilla.org/integration/autoland/rev/d86456ed5b0b
Account for invalid linkUrls in context menus r=zombie
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → 97 Branch

Hello,

Verified the fix on the latest Nightly (97.0a1/20220103215519) under Windows 10 x64 and Ubuntu 16.04 LTS.

Right clicking the link from the first comment, as per the STR, will no longer throw the mentioned errors, with or without uBlock Origin installed, thus confirming the fix.

Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: