Closed
Bug 756277
Opened 13 years ago
Closed 13 years ago
XMLHttpRequest started from Cc["@mozilla.org/xmlextras/xmlhttprequest;1"] ends up bound to some random window
Categories
(Core :: DOM: Core & HTML, defect)
Core
DOM: Core & HTML
Tracking
()
People
(Reporter: florian, Assigned: smaug)
References
(Blocks 1 open bug)
Details
(Keywords: regression, Whiteboard: [qa-])
Attachments
(1 file, 2 obsolete files)
7.67 KB,
patch
|
bzbarsky
:
review+
akeybl
:
approval-mozilla-aurora+
akeybl
:
approval-mozilla-beta+
|
Details | Diff | Splinter Review |
When this happens, I see this in my terminal:
NS_ENSURE_TRUE(!mHasOrHasHadOwner || mOwner) failed.
This is from http://hg.mozilla.org/mozilla-central/annotate/895e12563245/content/events/src/nsDOMEventTargetHelper.h#l147
Per IRC discussion, smaug thinks a "perfect hack" to remove the randomness would be to use the hidden window.
This seems to be directly causing bug 735688 where an HTTP request started by a back-end JS XPCOM component is aborted when a modal dialog is closed.
Assignee | ||
Updated•13 years ago
|
Assignee: nobody → bugs
Assignee | ||
Comment 1•13 years ago
|
||
This is an old bug. I'll figure out some way to fix this.
Comment 2•13 years ago
|
||
If I'm interpreting this bug properly, I think this means that in-process XMLHttpRequest's can get killed if the "randomly selected" window the request is bound to closes.
(I say "randomly selected" because it's quite likely that instead of random, the most recent window is selected...)
CC'ing Mark / David / Jb because all three of our major features that we're hoping to ship in the next few versions of Thunderbird (Account Provisioner, Filelink, IM) rely on XMLHttpRequest to function properly. IM has already been running into this... so far, I haven't heard of failures in Filelink or Account Provisioner, but I think the potential is there.
Comment 3•13 years ago
|
||
Hm - so I think I was wrong about Account Provisioner on this one. Account Provisioner doesn't create an instance of XMLHttpRequest via Cc["@mozilla.org/xmlextras/xmlhttprequest;1"] - it uses jQuery, which means it uses the vanilla XMLHttpRequest from the DOM.
Comment 4•13 years ago
|
||
This would impact add-ons severely.
We can't have XHR's randomly failing depending on what window they happened to get attached to.
Assignee | ||
Comment 5•13 years ago
|
||
Yes. But this is an ancient bug, dates back at least to FF1.5, IIRC. So nothing catastrophic hasn't happened.
Comment 6•13 years ago
|
||
(In reply to Olli Pettay [:smaug] from comment #5)
> Yes. But this is an ancient bug, dates back at least to FF1.5, IIRC. So
> nothing catastrophic hasn't happened.
This bug was opened on February 7, 2012.
The documentation here:
https://developer.mozilla.org/en/DOM/XMLHttpRequest/Using_XMLHttpRequest#Using_XMLHttpRequest_from_JavaScript_modules_.2F_XPCOM.C2.A0components
Was recently changed to tell add-on developers to stop using Components.interfaces.nsiXMLHttpRequest and instead use
const { XMLHttpRequest } = Components.classes["@mozilla.org/appshell/appShellService;1"]
.getService(Components.interfaces.nsIAppShellService)
.hiddenDOMWindow;
var req = XMLHttpRequest();
It also says:
Warning: The following code will create an XMLHttpRequest associated with the nearest available window object. If this window is closed then it will cancel your XMLHttpRequest.
So if add-on developers are being told to stop using one way, and the new method randomly fails, that's a problem.
Assignee | ||
Comment 7•13 years ago
|
||
Oh, I have no idea who has updated the documentation and why.
I do *hope* to get rid of createInstance for XHR, but I'm still surprised to see that documentation
has been changed already.
Anyhow, this particular bug is *old*.
Assignee | ||
Comment 8•13 years ago
|
||
...FF 2.0 certainly had this behavior.
Also, I'm expecting to first fix this sort-of-random behavior somehow.
Comment 9•13 years ago
|
||
Comment 10•13 years ago
|
||
> I do *hope* to get rid of createInstance for XHR
Can I ask why? What exactly is going on with XHR? Is it no longer going to be a component?
Is this work detailed somewhere?
Assignee | ||
Comment 11•13 years ago
|
||
(In reply to Michael Kaply (mkaply) from comment #10)
> > I do *hope* to get rid of createInstance for XHR
>
> Can I ask why?
Because per spec XHR is bound to a document/window.
It would make the implementation simpler if there was just one way to create and use XHR.
But anyhow, I think for now we should just support createInstance.
Assignee | ||
Comment 12•13 years ago
|
||
Assignee | ||
Comment 13•13 years ago
|
||
Attachment #631158 -
Attachment is obsolete: true
Assignee | ||
Comment 14•13 years ago
|
||
This should pass on try. Makes createInstance created XHRs always
using system principal (if needed, we can add a scriptable init() to pass
different principal).
The changes to nsDOMClassInfo.cpp aren't strictly needed, but I want to make
sure that XHR created in a web page using new XMLHttpRequest() has never
mPrincipal pointing to the system principal. Either there isn't a principal,
or the principal is the right one.
Attachment #631190 -
Attachment is obsolete: true
Attachment #631303 -
Flags: review?(bzbarsky)
Comment 15•13 years ago
|
||
Comment on attachment 631303 [details] [diff] [review]
patch
r=me
Attachment #631303 -
Flags: review?(bzbarsky) → review+
Assignee | ||
Comment 16•13 years ago
|
||
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 18•13 years ago
|
||
Comment on attachment 631303 [details] [diff] [review]
patch
Thanks for fixing this! I can confirm this patch fixes bug 735688.
[Approval Request Comment]
This bug was the real cause of bug 735688. Without this fix the configuration process of Twitter accounts in Thunderbird randomly breaks for a large proportion of users.
This implementation of Twitter has been on comm-central for a few cycles already but is pref'ed off on current releases while we polish the remaining issues. Our current plan is to ship it (that is, have it pref'ed on) in Thunderbird 15 (currently in aurora), so I would really appreciate if this fix could land on the aurora branch.
Attachment #631303 -
Flags: approval-mozilla-aurora?
Comment 19•13 years ago
|
||
This patch needs a risk evaluation before being considered for approval.
Assignee | ||
Comment 20•13 years ago
|
||
Should be reasonable safe, but might affect some addons which, for some strange reason, rely on
the old behavior.
Comment 21•13 years ago
|
||
FYI, we started experiencing this problem in FF13.
I tracked it down to:
https://bugzilla.mozilla.org/show_bug.cgi?id=734057
So although you say this bug has been around for a while, the change for 734057 caused it to start happening in places where it didn't.
Comment 22•13 years ago
|
||
The fix for bug 734057 made this happen more than it used to.
Our add-on that did an XHR in a modal window broke with FF13.
I believe other addon developers will encounter this as well.
We should fix it in FF14.
tracking-firefox14:
--- → ?
Assignee | ||
Comment 23•13 years ago
|
||
(In reply to Michael Kaply (mkaply) from comment #21)
> https://bugzilla.mozilla.org/show_bug.cgi?id=734057
Ah, yes, that bug did affect the behavior. The old behavior caused leaks in some cases, the
new one closes XHR when it isn't really usable anymore. (Note even with the old behavior
event listeners wouldn't be called when the window goes away.)
Comment 24•13 years ago
|
||
I'm going to mark this as a regression because as of bug 734057, things are broke in FF13.
If a FF13 update goes out, I think this fix should be in it.
As it stands, FF13 breaks some addons.
tracking-firefox13:
--- → ?
Keywords: regression
Updated•13 years ago
|
Comment 25•13 years ago
|
||
Comment on attachment 631303 [details] [diff] [review]
patch
[Triage Comment]
Let's land this on Aurora in preparation for possible beta/release uplift.
Attachment #631303 -
Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
Comment 26•13 years ago
|
||
There are over 1000 MXR results in addons for this contractid, so I expect that this could be a fairly common issue for addons and this may be worth taking for a potential 13.0.1 if we spin that.
Comment 27•13 years ago
|
||
(In reply to Alex Keybl [:akeybl] from comment #25)
> Comment on attachment 631303 [details] [diff] [review]
> patch
>
> [Triage Comment]
> Let's land this on Aurora in preparation for possible beta/release uplift.
It would also be great to get feedback on the risk to taking this on beta/release this week. Thanks!
Assignee | ||
Comment 28•13 years ago
|
||
(In reply to Michael Kaply (mkaply) from comment #24)
> I'm going to mark this as a regression because as of bug 734057, things are
> broke in FF13.
>
> If a FF13 update goes out, I think this fix should be in it.
>
> As it stands, FF13 breaks some addons.
which addons exactly?
The behavior change in FF13 affects addons only in certain cases.
Assignee | ||
Comment 29•13 years ago
|
||
(In reply to Benjamin Smedberg [:bsmedberg] from comment #26)
> There are over 1000 MXR results in addons for this contractid, so I expect
> that this could be a fairly common issue for addons and this may be worth
> taking for a potential 13.0.1 if we spin that.
I'd assume this to affect relatively few addons.
Comment 30•13 years ago
|
||
Per discussions in the channel meeting today, I don't think this has a reproducible case. Can someone please clarify if and how QA can verify this fix?
Whiteboard: [qa+]
Comment 31•13 years ago
|
||
The majority of add-ons use XHR in a way that is affected by this bug. However, this can only be reproduced (sometimes) by closing a window in a middle of a request, so it is very unlikely to happen consistently and it would be almost impossible to reproduce.
This bug will probably happen a lot, but for various different users and various different add-ons. It's unlikely that it will constantly annoy a single user.
Reporter | ||
Comment 32•13 years ago
|
||
(In reply to Anthony Hughes, Mozilla QA (irc: ashughes) from comment #30)
> Per discussions in the channel meeting today, I don't think this has a
> reproducible case. Can someone please clarify if and how QA can verify this
> fix?
I had a reproducible case that I used to verify that the patch here actually fixed bug 735688. (see bug 735688 comment 11)
Comment 33•13 years ago
|
||
Another issue here is that the workaround that was placed on MDN (to use hiddenDOMWindow) doesn't actually work. hiddenDOMWindow apparently doesn't have chrome privileges so cross site XHR's fail.
So there's really no good way for an add-on to work around this problem, short of making sure XHRs are tied to a given browser window. Of course if that browser window is closed, it kills the XHR.
Assignee | ||
Comment 34•13 years ago
|
||
Even before bug 734057 event listeners wouldn't be called if the window was closed.
Reporter | ||
Comment 35•13 years ago
|
||
Before bug 734057, wasn't the XHR object keeping a strong reference to the window that kept it alive?
Instantbird (currently based on Mozilla 12) uses the exact same Twitter code as Thunderbird, and we never received any report similar to bug 735688 for Instantbird, so I would be willing to believe that the annoying behavior this bug fixes started (being visible) with Mozilla 13.
Assignee | ||
Comment 36•13 years ago
|
||
(In reply to Florian Quèze from comment #35)
> Before bug 734057, wasn't the XHR object keeping a strong reference to the
> window that kept it alive?
Yes, but that has nothing to do with event handling.
If the inner window (which XHR kept alive) became not-the-current-inner-window, then
event listeners would be called.
Comment 37•13 years ago
|
||
> Even before bug 734057 event listeners wouldn't be called if the window was closed.
But clearly something changed because at least two add-ons are broken as a result of 734057.
In our case, the XHRs clearly completed after the modal window was closed and called their appropriate onload functions before Firefox 13.
With Firefox 13, closing the modal window immediately kills the XHR.
You seem to be arguing that we were broke before Firefox 13 as well, but we weren't.
The fix for 734057 caused this behavior (or at least made it happen in places where it didn't before).
Assignee | ||
Comment 38•13 years ago
|
||
(In reply to Michael Kaply (mkaply) from comment #37)
> > Even before bug 734057 event listeners wouldn't be called if the window was closed.
>
> But clearly something changed because at least two add-ons are broken as a
> result of 734057.
>
> In our case, the XHRs clearly completed after the modal window was closed
> and called their appropriate onload functions before Firefox 13.
>
> With Firefox 13, closing the modal window immediately kills the XHR.
Yes. That is the behavioral change, as I've said before.
It was done to prevent certain kinds of leaks.
> You seem to be arguing that we were broke before Firefox 13 as well, but we
> weren't.
We were broken before FF13. It just depends on what you were doing with XHR.
Some things worked, some things didn't. In FF13, one more thing broke (or changed)
Assignee | ||
Comment 39•13 years ago
|
||
(Btw, it would be really really great if addon devs would actually test their addons with Aurora and
Beta releases.)
Comment 40•13 years ago
|
||
> (Btw, it would be really really great if addon devs would actually test their addons with Aurora and
Beta releases.)
I resent that remark. We do extensive testing with all builds including nightlies. This was a very unique scenario in our add-on.
And BTW, it would be really great if Firefox devs would actually listen when someone opens a bug (like this one) indicating they saw different behavior than they did before. This bug was found as a result of 734057 (almost two months ago) and you simply ignored it and kept claiming that it wasn't a new bug.
Can you please explain to me how a call from a Javascript moduile to instantiate a Javascript component is so dependent on having a window?
That's the part that really bothers me about this.
Are you saying that if you build a headless Firefox, XHRs don't work?
What changed to make XHRs so dependent on windows? Have they always been this way?
Assignee | ||
Comment 41•13 years ago
|
||
XHRs have been bound to a window, when one available, since the end of 2007.
Assignee | ||
Comment 42•13 years ago
|
||
And yes, I should have fixed this bug earlier.
Comment 43•13 years ago
|
||
There are components (expressed as JSM or C++ module, for example) which do pure logic, independent of any window, and for all windows as a whole. Some of these need to make network calls to web services. These are typically done via XHR (I wouldn't even know another simple way to make an HTTP call and get XML back). The obvious way is to create an XPCOM component Ci.nsIXMLHttpRequest. If I do that from a backend component, I don't expect this to have anything to do anything with any window whatsoever.
Binding this to a window is a bug. You claim the spec says this. If it does, it would be a bug in the spec, but I don't read it there, in fact I read the opposite, the spec talking explicitly about using XHR outside of window contexts:
"4.1 Origin and base URL ...
This specification defines their [the URL] values when the global object is represented by the Window object. When the XMLHttpRequest object is used in other contexts their values will have to be defined as appropriate for that context. That is considered to be out of scope for this specification."
So clearly the spec allows to use XHR without any window. The only references to DOM are EventTarget, an API which in itself has nothing to do with the DOM either.
That said, thanks for fixing this bug. It solves the bug for the addon.
Please merge this into FF14, because existing functionality broke in FF13.
Comment 44•13 years ago
|
||
Source: http://www.w3.org/TR/XMLHttpRequest/#origin-and-base-url
(the quoted text is the only reference to windows in the spec.)
Comment 45•13 years ago
|
||
Comment on attachment 631303 [details] [diff] [review]
patch
[Approval Request Comment]
Bug caused by (feature/regressing bug #):
User impact if declined:
Testing completed (on m-c, etc.):
Risk to taking this patch (and alternatives if risky):
String or UUID changes made by this patch:
Attachment #631303 -
Flags: approval-mozilla-beta?
Comment 46•13 years ago
|
||
Ben, if you want your approval requests to be taken seriously, you need to actually fill in the info approval requests ask for. Otherwise drivers can't evaluate them sanely....
Comment 47•13 years ago
|
||
Well, that was in the 2 comments right before that.
[Approval Request Comment]
Bug caused by (feature/regressing bug #):
Bug 734057
User impact if declined:
XHRs from logic components are silently aborted, breaking popular addons, Twitter in Thunderbird.
XHR is a core component needed in many places, and a good deal of them are backend components, which all potentially break (in some cases) without this fix.
For example, in one addon, the user does to a pref dialog and adds and accounts and logs in, and the login fails (and won't be repeated) when the user closes the pref window before the login call finished. Before FF13, this worked fine.
Testing completed (on m-c, etc.):
Risk to taking this patch (and alternatives if risky):
String or UUID changes made by this patch:
Comment 48•13 years ago
|
||
(In the example above, the XHR happens from a JSM, not directly from the window, so arguably the addon code is written reasonably, and used to work.)
Comment 49•13 years ago
|
||
Comment on attachment 631303 [details] [diff] [review]
patch
[Triage Comment]
Recent regression in add-ons, approving for beta.
Attachment #631303 -
Flags: approval-mozilla-beta? → approval-mozilla-beta+
Assignee | ||
Comment 50•13 years ago
|
||
https://hg.mozilla.org/releases/mozilla-aurora/rev/787d44019d72
https://hg.mozilla.org/releases/mozilla-beta/rev/aa1fd608d88a
status-firefox14:
--- → fixed
status-firefox15:
--- → fixed
Reporter | ||
Comment 51•13 years ago
|
||
(In reply to Florian Quèze from comment #35)
> Instantbird (currently based on Mozilla 12) uses the exact same Twitter code
> as Thunderbird, and we never received any report similar to bug 735688 for
> Instantbird, so I would be willing to believe that the annoying behavior
> this bug fixes started (being visible) with Mozilla 13.
Instantbird has just been updated to Mozilla 13.0.1 and now I can reproduce bug 735688 on Instantbird too.
Comment 52•12 years ago
|
||
Is there a way QA can verify this fix in Firefox?
Whiteboard: [qa+] → [qa?]
Comment 53•12 years ago
|
||
I don't think we have clear steps to reproduce, so we can probably remove the QA flags.
Updated•12 years ago
|
Depends on: CVE-2012-4205
Comment 55•12 years ago
|
||
The hiddenWindow approach doesn't work on current Aurora (17), since XHR simply disappeared from hiddenDOMWindow... I don't know what and when the xhr is gone. Any clues?
Comment 56•12 years ago
|
||
Ouch, I mean Linux. On OS X the xhr in hiddenDOMWindow still works.
This bug was fixed in Firefox 14. Why do you need to do anything with the idden window in Firefox 17?
Comment 58•12 years ago
|
||
I'm guessing he's following the docs:
https://developer.mozilla.org/en-US/docs/DOM/XMLHttpRequest/Using_XMLHttpRequest
Scroll to the bottom to
Using XMLHttpRequest from JavaScript modules / XPCOM components
Comment 59•12 years ago
|
||
On Linux, you're touching the hidden window via an Xray, presumably. It's _possible_ that XHR doesn't show up through an Xray. Worth checking, at least.
Comment 60•12 years ago
|
||
And by "XHR" I mean "WebIDL objects".
(In reply to Michael Kaply (mkaply) from comment #58)
> I'm guessing he's following the docs:
>
> https://developer.mozilla.org/en-US/docs/DOM/XMLHttpRequest/
> Using_XMLHttpRequest
>
> Scroll to the bottom to
>
> Using XMLHttpRequest from JavaScript modules / XPCOM components
Sigh.
I edited the docs.
Comment 62•12 years ago
|
||
Was there any version that method actually did work on? I haven't tried it in a while, but all I hear from people are complaints that it doesn't work because of cross-origin issues.
Updated•6 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•