[DNR] testMatchOutcome should account for restricted domains by not returning matches
Categories
(WebExtensions :: Request Handling, enhancement, P3)
Tracking
(firefox113 fixed)
Tracking | Status | |
---|---|---|
firefox113 | --- | fixed |
People
(Reporter: robwu, Assigned: robwu)
References
(Blocks 1 open bug)
Details
(Whiteboard: [addons-jira])
Attachments
(2 files)
The (debug helper) testMatchOutcome
method does not account for restricted domains. Since this method is supposed to be used by extension authors for debugging purposes, it should account for restricted domains to be consistent with what had been implemented for actual DNR evaluations for the network, and to expand the unit tests at https://searchfox.org/mozilla-central/rev/e941c8a6d49b4f62f361446de7a80214fb899186/toolkit/components/extensions/test/xpcshell/test_ext_dnr_system_restrictions.js to verify that the results are similar.
The relevant check is at channel.canModify
in ExtensionDNR.sys.mjs, whose implementation (ChannelWrapper::CanModify) rejects system loads and requests to restricted URLs. Since system requests cannot be simulated by testMatchOutcome
, it suffices to only implement the restricted URL check for the request URL + "initiator" URL.
Updated•1 year ago
|
Assignee | ||
Updated•1 year ago
|
Assignee | ||
Comment 1•1 year ago
|
||
Test-only change to expand coverage:
-
Rules without "resourceTypes" do not block main frames by default.
This was desirable because otherwise we could not be simulating
fetch() requests from specified origins.
However, it also meant that we lacked test coverage that verified
that we wouldn't be blocking the main frame.
Now we have that: dnr_ignores_css_import_at_restrictedDomains. -
While I am at it, I also added extra test coverage for the case
where the triggering principal is NOT a restricted domain. While
the implementation works as desired, there was no explicit test
case for this scenario.
Assignee | ||
Comment 2•1 year ago
|
||
Pushed by rob@robwu.nl: https://hg.mozilla.org/integration/autoland/rev/86fbbf43e126 Expand coverage of test_ext_dnr_system_restrictions.js r=rpl https://hg.mozilla.org/integration/autoland/rev/0110fc953165 Exclude restricted domains from testMatchOutcome r=rpl
Comment 4•1 year ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/86fbbf43e126
https://hg.mozilla.org/mozilla-central/rev/0110fc953165
Description
•