summaryrefslogtreecommitdiffstats
path: root/dom/file/uri
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 01:47:29 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 01:47:29 +0000
commit0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d (patch)
treea31f07c9bcca9d56ce61e9a1ffd30ef350d513aa /dom/file/uri
parentInitial commit. (diff)
downloadfirefox-esr-upstream/115.8.0esr.tar.xz
firefox-esr-upstream/115.8.0esr.zip
Adding upstream version 115.8.0esr.upstream/115.8.0esr
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'dom/file/uri')
-rw-r--r--dom/file/uri/BlobURL.cpp171
-rw-r--r--dom/file/uri/BlobURL.h123
-rw-r--r--dom/file/uri/BlobURLChannel.cpp86
-rw-r--r--dom/file/uri/BlobURLChannel.h37
-rw-r--r--dom/file/uri/BlobURLInputStream.cpp589
-rw-r--r--dom/file/uri/BlobURLInputStream.h81
-rw-r--r--dom/file/uri/BlobURLProtocolHandler.cpp990
-rw-r--r--dom/file/uri/BlobURLProtocolHandler.h140
-rw-r--r--dom/file/uri/components.conf24
-rw-r--r--dom/file/uri/moz.build34
10 files changed, 2275 insertions, 0 deletions
diff --git a/dom/file/uri/BlobURL.cpp b/dom/file/uri/BlobURL.cpp
new file mode 100644
index 0000000000..b3afd60437
--- /dev/null
+++ b/dom/file/uri/BlobURL.cpp
@@ -0,0 +1,171 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nsIClassInfoImpl.h"
+#include "nsIObjectInputStream.h"
+#include "nsIObjectOutputStream.h"
+
+#include "mozilla/dom/BlobURL.h"
+#include "mozilla/dom/BlobURLProtocolHandler.h"
+#include "mozilla/ipc/BackgroundUtils.h"
+#include "mozilla/ipc/URIUtils.h"
+
+using namespace mozilla::dom;
+
+static NS_DEFINE_CID(kThisSimpleURIImplementationCID,
+ NS_THIS_SIMPLEURI_IMPLEMENTATION_CID);
+
+NS_IMPL_ADDREF_INHERITED(BlobURL, mozilla::net::nsSimpleURI)
+NS_IMPL_RELEASE_INHERITED(BlobURL, mozilla::net::nsSimpleURI)
+
+NS_IMPL_CLASSINFO(BlobURL, nullptr, nsIClassInfo::THREADSAFE,
+ NS_HOSTOBJECTURI_CID);
+// Empty CI getter. We only need nsIClassInfo for Serialization
+NS_IMPL_CI_INTERFACE_GETTER0(BlobURL)
+
+NS_INTERFACE_MAP_BEGIN(BlobURL)
+ if (aIID.Equals(kHOSTOBJECTURICID))
+ foundInterface = static_cast<nsIURI*>(this);
+ else if (aIID.Equals(kThisSimpleURIImplementationCID)) {
+ // Need to return explicitly here, because if we just set foundInterface
+ // to null the NS_INTERFACE_MAP_END_INHERITING will end up calling into
+ // nsSimplURI::QueryInterface and finding something for this CID.
+ *aInstancePtr = nullptr;
+ return NS_NOINTERFACE;
+ } else
+ NS_IMPL_QUERY_CLASSINFO(BlobURL)
+NS_INTERFACE_MAP_END_INHERITING(mozilla::net::nsSimpleURI)
+
+BlobURL::BlobURL() : mRevoked(false) {}
+
+// nsISerializable methods:
+
+NS_IMETHODIMP
+BlobURL::Read(nsIObjectInputStream* aStream) {
+ MOZ_ASSERT_UNREACHABLE("Use nsIURIMutator.read() instead");
+ return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+nsresult BlobURL::ReadPrivate(nsIObjectInputStream* aStream) {
+ nsresult rv = mozilla::net::nsSimpleURI::ReadPrivate(aStream);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ rv = aStream->ReadBoolean(&mRevoked);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+BlobURL::Write(nsIObjectOutputStream* aStream) {
+ nsresult rv = mozilla::net::nsSimpleURI::Write(aStream);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ rv = aStream->WriteBoolean(mRevoked);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ return NS_OK;
+}
+
+NS_IMETHODIMP_(void)
+BlobURL::Serialize(mozilla::ipc::URIParams& aParams) {
+ using namespace mozilla::ipc;
+
+ HostObjectURIParams hostParams;
+ URIParams simpleParams;
+
+ mozilla::net::nsSimpleURI::Serialize(simpleParams);
+ hostParams.simpleParams() = simpleParams;
+
+ hostParams.revoked() = mRevoked;
+
+ aParams = hostParams;
+}
+
+bool BlobURL::Deserialize(const mozilla::ipc::URIParams& aParams) {
+ using namespace mozilla::ipc;
+
+ if (aParams.type() != URIParams::THostObjectURIParams) {
+ NS_ERROR("Received unknown parameters from the other process!");
+ return false;
+ }
+
+ const HostObjectURIParams& hostParams = aParams.get_HostObjectURIParams();
+
+ if (!mozilla::net::nsSimpleURI::Deserialize(hostParams.simpleParams())) {
+ return false;
+ }
+
+ mRevoked = hostParams.revoked();
+ return true;
+}
+
+nsresult BlobURL::SetScheme(const nsACString& aScheme) {
+ // Disallow setting the scheme, since that could cause us to be associated
+ // with a different protocol handler.
+ return NS_ERROR_FAILURE;
+}
+
+// nsIURI methods:
+nsresult BlobURL::CloneInternal(
+ mozilla::net::nsSimpleURI::RefHandlingEnum aRefHandlingMode,
+ const nsACString& newRef, nsIURI** aClone) {
+ nsCOMPtr<nsIURI> simpleClone;
+ nsresult rv = mozilla::net::nsSimpleURI::CloneInternal(
+ aRefHandlingMode, newRef, getter_AddRefs(simpleClone));
+ NS_ENSURE_SUCCESS(rv, rv);
+
+#ifdef DEBUG
+ RefPtr<BlobURL> uriCheck;
+ rv = simpleClone->QueryInterface(kHOSTOBJECTURICID, getter_AddRefs(uriCheck));
+ MOZ_ASSERT(NS_SUCCEEDED(rv) && uriCheck);
+#endif
+
+ BlobURL* u = static_cast<BlobURL*>(simpleClone.get());
+ u->mRevoked = mRevoked;
+
+ simpleClone.forget(aClone);
+ return NS_OK;
+}
+
+/* virtual */
+nsresult BlobURL::EqualsInternal(
+ nsIURI* aOther, mozilla::net::nsSimpleURI::RefHandlingEnum aRefHandlingMode,
+ bool* aResult) {
+ if (!aOther) {
+ *aResult = false;
+ return NS_OK;
+ }
+
+ RefPtr<BlobURL> otherUri;
+ aOther->QueryInterface(kHOSTOBJECTURICID, getter_AddRefs(otherUri));
+ if (!otherUri) {
+ *aResult = false;
+ return NS_OK;
+ }
+
+ // Compare the member data that our base class knows about.
+ *aResult =
+ mozilla::net::nsSimpleURI::EqualsInternal(otherUri, aRefHandlingMode);
+
+ // We don't want to compare the revoked flag.
+ return NS_OK;
+}
+
+// Queries this list of interfaces. If none match, it queries mURI.
+NS_IMPL_NSIURIMUTATOR_ISUPPORTS(BlobURL::Mutator, nsIURISetters, nsIURIMutator,
+ nsISerializable, nsIBlobURLMutator)
+
+NS_IMETHODIMP
+BlobURL::Mutate(nsIURIMutator** aMutator) {
+ RefPtr<BlobURL::Mutator> mutator = new BlobURL::Mutator();
+ nsresult rv = mutator->InitFromURI(this);
+ if (NS_FAILED(rv)) {
+ return rv;
+ }
+ mutator.forget(aMutator);
+ return NS_OK;
+}
diff --git a/dom/file/uri/BlobURL.h b/dom/file/uri/BlobURL.h
new file mode 100644
index 0000000000..1e7a91daa4
--- /dev/null
+++ b/dom/file/uri/BlobURL.h
@@ -0,0 +1,123 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef mozilla_dom_BlobURL_h
+#define mozilla_dom_BlobURL_h
+
+#include "nsCOMPtr.h"
+#include "nsISerializable.h"
+#include "nsSimpleURI.h"
+#include "prtime.h"
+
+#define NS_HOSTOBJECTURI_CID \
+ { \
+ 0xf5475c51, 0x59a7, 0x4757, { \
+ 0xb3, 0xd9, 0xe2, 0x11, 0xa9, 0x41, 0x08, 0x72 \
+ } \
+ }
+
+#define NS_IBLOBURLMUTATOR_IID \
+ { \
+ 0xf91e646d, 0xe87b, 0x485e, { \
+ 0xbb, 0xc8, 0x0e, 0x8a, 0x2e, 0xe9, 0x87, 0xa9 \
+ } \
+ }
+
+class NS_NO_VTABLE nsIBlobURLMutator : public nsISupports {
+ public:
+ NS_DECLARE_STATIC_IID_ACCESSOR(NS_IBLOBURLMUTATOR_IID)
+ NS_IMETHOD SetRevoked(bool aRevoked) = 0;
+};
+
+inline NS_DEFINE_CID(kHOSTOBJECTURICID, NS_HOSTOBJECTURI_CID);
+
+NS_DEFINE_STATIC_IID_ACCESSOR(nsIBlobURLMutator, NS_IBLOBURLMUTATOR_IID)
+
+namespace mozilla::dom {
+
+/**
+ * These URIs refer to host objects with "blob" scheme.
+ */
+class BlobURL final : public mozilla::net::nsSimpleURI {
+ private:
+ BlobURL();
+
+ public:
+ NS_DECL_ISUPPORTS_INHERITED
+ NS_DECL_NSISERIALIZABLE
+
+ // Override CloneInternal() and EqualsInternal()
+ nsresult CloneInternal(RefHandlingEnum aRefHandlingMode,
+ const nsACString& newRef, nsIURI** aClone) override;
+ nsresult EqualsInternal(nsIURI* aOther, RefHandlingEnum aRefHandlingMode,
+ bool* aResult) override;
+ NS_IMETHOD_(void) Serialize(mozilla::ipc::URIParams& aParams) override;
+
+ // Override StartClone to hand back a BlobURL
+ mozilla::net::nsSimpleURI* StartClone(RefHandlingEnum refHandlingMode,
+ const nsACString& newRef) override {
+ BlobURL* url = new BlobURL();
+ SetRefOnClone(url, refHandlingMode, newRef);
+ return url;
+ }
+
+ bool Revoked() const { return mRevoked; }
+
+ NS_IMETHOD Mutate(nsIURIMutator** _retval) override;
+
+ private:
+ ~BlobURL() override = default;
+
+ nsresult SetScheme(const nsACString& aProtocol) override;
+ bool Deserialize(const mozilla::ipc::URIParams&);
+ nsresult ReadPrivate(nsIObjectInputStream* stream);
+
+ bool mRevoked;
+
+ public:
+ class Mutator final : public nsIURIMutator,
+ public BaseURIMutator<BlobURL>,
+ public nsIBlobURLMutator,
+ public nsISerializable {
+ NS_DECL_ISUPPORTS
+ NS_FORWARD_SAFE_NSIURISETTERS_RET(mURI)
+ NS_DEFINE_NSIMUTATOR_COMMON
+
+ NS_IMETHOD
+ Write(nsIObjectOutputStream* aOutputStream) override {
+ return NS_ERROR_NOT_IMPLEMENTED;
+ }
+
+ [[nodiscard]] NS_IMETHOD Read(nsIObjectInputStream* aStream) override {
+ return InitFromInputStream(aStream);
+ }
+
+ NS_IMETHOD SetRevoked(bool aRevoked) override {
+ mURI->mRevoked = aRevoked;
+ return NS_OK;
+ }
+
+ Mutator() = default;
+
+ private:
+ ~Mutator() = default;
+
+ friend class BlobURL;
+ };
+
+ friend BaseURIMutator<BlobURL>;
+};
+
+#define NS_HOSTOBJECTURIMUTATOR_CID \
+ { \
+ 0xbbe50ef2, 0x80eb, 0x469d, { \
+ 0xb7, 0x0d, 0x02, 0x85, 0x82, 0x75, 0x38, 0x9f \
+ } \
+ }
+
+} // namespace mozilla::dom
+
+#endif /* mozilla_dom_BlobURL_h */
diff --git a/dom/file/uri/BlobURLChannel.cpp b/dom/file/uri/BlobURLChannel.cpp
new file mode 100644
index 0000000000..6a7d4f1be6
--- /dev/null
+++ b/dom/file/uri/BlobURLChannel.cpp
@@ -0,0 +1,86 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "BlobURLChannel.h"
+#include "mozilla/dom/BlobImpl.h"
+#include "mozilla/dom/BlobURL.h"
+#include "mozilla/dom/BlobURLInputStream.h"
+
+using namespace mozilla::dom;
+
+BlobURLChannel::BlobURLChannel(nsIURI* aURI, nsILoadInfo* aLoadInfo)
+ : mContentStreamOpened(false) {
+ SetURI(aURI);
+ SetOriginalURI(aURI);
+ SetLoadInfo(aLoadInfo);
+
+ // If we're sandboxed, make sure to clear any owner the channel
+ // might already have.
+ if (aLoadInfo && aLoadInfo->GetLoadingSandboxed()) {
+ SetOwner(nullptr);
+ }
+}
+
+BlobURLChannel::~BlobURLChannel() = default;
+
+NS_IMETHODIMP
+BlobURLChannel::SetContentType(const nsACString& aContentType) {
+ // If the blob type is empty, set the content type of the channel to the
+ // empty string.
+ if (aContentType.IsEmpty()) {
+ mContentType.Truncate();
+ return NS_OK;
+ }
+
+ return nsBaseChannel::SetContentType(aContentType);
+}
+
+nsresult BlobURLChannel::OpenContentStream(bool aAsync,
+ nsIInputStream** aResult,
+ nsIChannel** aChannel) {
+ if (mContentStreamOpened) {
+ return NS_ERROR_ALREADY_OPENED;
+ }
+
+ mContentStreamOpened = true;
+
+ nsCOMPtr<nsIURI> uri;
+ nsresult rv = GetURI(getter_AddRefs(uri));
+ NS_ENSURE_SUCCESS(rv, NS_ERROR_MALFORMED_URI);
+
+ RefPtr<BlobURL> blobURL;
+ rv = uri->QueryInterface(kHOSTOBJECTURICID, getter_AddRefs(blobURL));
+
+ if (NS_WARN_IF(NS_FAILED(rv)) || NS_WARN_IF(!blobURL)) {
+ return NS_ERROR_MALFORMED_URI;
+ }
+
+ if (blobURL->Revoked()) {
+#ifdef MOZ_WIDGET_ANDROID
+ nsCOMPtr<nsILoadInfo> loadInfo;
+ GetLoadInfo(getter_AddRefs(loadInfo));
+ // if the channel was not triggered by the system principal,
+ // then we return here because the URL had been revoked
+ if (loadInfo && !loadInfo->TriggeringPrincipal()->IsSystemPrincipal()) {
+ return NS_ERROR_MALFORMED_URI;
+ }
+#else
+ return NS_ERROR_MALFORMED_URI;
+#endif
+ }
+
+ nsCOMPtr<nsIInputStream> inputStream =
+ BlobURLInputStream::Create(this, blobURL);
+ if (NS_WARN_IF(!inputStream)) {
+ return NS_ERROR_MALFORMED_URI;
+ }
+
+ EnableSynthesizedProgressEvents(true);
+
+ inputStream.forget(aResult);
+
+ return NS_OK;
+}
diff --git a/dom/file/uri/BlobURLChannel.h b/dom/file/uri/BlobURLChannel.h
new file mode 100644
index 0000000000..232537171e
--- /dev/null
+++ b/dom/file/uri/BlobURLChannel.h
@@ -0,0 +1,37 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef mozilla_dom_BlobURLChannel_h
+#define mozilla_dom_BlobURLChannel_h
+
+#include "nsBaseChannel.h"
+#include "nsCOMPtr.h"
+#include "nsIInputStream.h"
+
+class nsIURI;
+
+namespace mozilla::dom {
+
+class BlobImpl;
+
+class BlobURLChannel final : public nsBaseChannel {
+ public:
+ BlobURLChannel(nsIURI* aURI, nsILoadInfo* aLoadInfo);
+
+ NS_IMETHOD SetContentType(const nsACString& aContentType) override;
+
+ private:
+ ~BlobURLChannel() override;
+
+ nsresult OpenContentStream(bool aAsync, nsIInputStream** aResult,
+ nsIChannel** aChannel) override;
+
+ bool mContentStreamOpened;
+};
+
+} // namespace mozilla::dom
+
+#endif /* mozilla_dom_BlobURLChannel_h */
diff --git a/dom/file/uri/BlobURLInputStream.cpp b/dom/file/uri/BlobURLInputStream.cpp
new file mode 100644
index 0000000000..7610281afc
--- /dev/null
+++ b/dom/file/uri/BlobURLInputStream.cpp
@@ -0,0 +1,589 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "BlobURLInputStream.h"
+#include "BlobURL.h"
+#include "BlobURLChannel.h"
+#include "BlobURLProtocolHandler.h"
+
+#include "mozilla/ScopeExit.h"
+#include "mozilla/dom/ContentChild.h"
+#include "mozilla/dom/IPCBlobUtils.h"
+#include "nsStreamUtils.h"
+#include "nsMimeTypes.h"
+
+namespace mozilla::dom {
+
+NS_IMPL_ADDREF(BlobURLInputStream);
+NS_IMPL_RELEASE(BlobURLInputStream);
+
+NS_INTERFACE_MAP_BEGIN(BlobURLInputStream)
+ NS_INTERFACE_MAP_ENTRY(nsIInputStream)
+ NS_INTERFACE_MAP_ENTRY(nsIAsyncInputStream)
+ NS_INTERFACE_MAP_ENTRY(nsIInputStreamLength)
+ NS_INTERFACE_MAP_ENTRY(nsIAsyncInputStreamLength)
+ NS_INTERFACE_MAP_ENTRY(nsIInputStreamCallback)
+ NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIAsyncInputStream)
+NS_INTERFACE_MAP_END
+
+/* static */
+already_AddRefed<nsIInputStream> BlobURLInputStream::Create(
+ BlobURLChannel* const aChannel, BlobURL* const aBlobURL) {
+ MOZ_ASSERT(NS_IsMainThread());
+
+ if (NS_WARN_IF(!aChannel) || NS_WARN_IF(!aBlobURL)) {
+ return nullptr;
+ }
+
+ nsAutoCString spec;
+
+ nsresult rv = aBlobURL->GetSpec(spec);
+ if (NS_WARN_IF(NS_FAILED(rv))) {
+ return nullptr;
+ }
+
+ return MakeAndAddRef<BlobURLInputStream>(aChannel, spec);
+}
+
+// from nsIInputStream interface
+NS_IMETHODIMP BlobURLInputStream::Close() {
+ return CloseWithStatus(NS_BASE_STREAM_CLOSED);
+}
+
+NS_IMETHODIMP BlobURLInputStream::Available(uint64_t* aLength) {
+ MutexAutoLock lock(mStateMachineMutex);
+
+ if (mState == State::ERROR) {
+ MOZ_ASSERT(NS_FAILED(mError));
+ return mError;
+ }
+
+ if (mState == State::CLOSED) {
+ return NS_BASE_STREAM_CLOSED;
+ }
+
+ if (mState == State::READY) {
+ MOZ_ASSERT(mAsyncInputStream);
+ return mAsyncInputStream->Available(aLength);
+ }
+
+ return NS_OK;
+}
+
+NS_IMETHODIMP BlobURLInputStream::StreamStatus() {
+ MutexAutoLock lock(mStateMachineMutex);
+
+ if (mState == State::ERROR) {
+ MOZ_ASSERT(NS_FAILED(mError));
+ return mError;
+ }
+
+ if (mState == State::CLOSED) {
+ return NS_BASE_STREAM_CLOSED;
+ }
+
+ if (mState == State::READY) {
+ MOZ_ASSERT(mAsyncInputStream);
+ return mAsyncInputStream->StreamStatus();
+ }
+
+ return NS_OK;
+}
+
+NS_IMETHODIMP BlobURLInputStream::Read(char* aBuffer, uint32_t aCount,
+ uint32_t* aReadCount) {
+ MutexAutoLock lock(mStateMachineMutex);
+ if (mState == State::ERROR) {
+ MOZ_ASSERT(NS_FAILED(mError));
+ return mError;
+ }
+
+ // Read() should not return NS_BASE_STREAM_CLOSED if stream is closed.
+ // A read count of 0 should indicate closed or consumed stream.
+ // See:
+ // https://searchfox.org/mozilla-central/rev/559b25eb41c1cbffcb90a34e008b8288312fcd25/xpcom/io/nsIInputStream.idl#104
+ if (mState == State::CLOSED) {
+ *aReadCount = 0;
+ return NS_OK;
+ }
+
+ if (mState == State::READY) {
+ MOZ_ASSERT(mAsyncInputStream);
+ nsresult rv = mAsyncInputStream->Read(aBuffer, aCount, aReadCount);
+ if (NS_SUCCEEDED(rv) && aReadCount && !*aReadCount) {
+ mState = State::CLOSED;
+ ReleaseUnderlyingStream(lock);
+ }
+ return rv;
+ }
+
+ return NS_BASE_STREAM_WOULD_BLOCK;
+}
+
+NS_IMETHODIMP BlobURLInputStream::ReadSegments(nsWriteSegmentFun aWriter,
+ void* aClosure, uint32_t aCount,
+ uint32_t* aResult) {
+ // This means the caller will have to wrap the stream in an
+ // nsBufferedInputStream in order to use ReadSegments
+ return NS_ERROR_NOT_IMPLEMENTED;
+}
+
+NS_IMETHODIMP BlobURLInputStream::IsNonBlocking(bool* aNonBlocking) {
+ *aNonBlocking = true;
+ return NS_OK;
+}
+
+// from nsIAsyncInputStream interface
+NS_IMETHODIMP BlobURLInputStream::CloseWithStatus(nsresult aStatus) {
+ MutexAutoLock lock(mStateMachineMutex);
+ if (mState == State::READY) {
+ MOZ_ASSERT(mAsyncInputStream);
+ mAsyncInputStream->CloseWithStatus(aStatus);
+ }
+
+ mState = State::CLOSED;
+ ReleaseUnderlyingStream(lock);
+ return NS_OK;
+}
+
+NS_IMETHODIMP BlobURLInputStream::AsyncWait(nsIInputStreamCallback* aCallback,
+ uint32_t aFlags,
+ uint32_t aRequestedCount,
+ nsIEventTarget* aEventTarget) {
+ MutexAutoLock lock(mStateMachineMutex);
+
+ if (mState == State::ERROR) {
+ MOZ_ASSERT(NS_FAILED(mError));
+ return NS_ERROR_FAILURE;
+ }
+
+ // Pre-empting a valid callback with another is not allowed.
+ if (NS_WARN_IF(mAsyncWaitCallback && aCallback &&
+ mAsyncWaitCallback != aCallback)) {
+ return NS_ERROR_FAILURE;
+ }
+
+ mAsyncWaitTarget = aEventTarget;
+ mAsyncWaitRequestedCount = aRequestedCount;
+ mAsyncWaitFlags = aFlags;
+ mAsyncWaitCallback = aCallback;
+
+ if (mState == State::INITIAL) {
+ mState = State::WAITING;
+ // RetrieveBlobData will execute NotifyWWaitTarget() when retrieve succeeds
+ // or fails
+ if (NS_IsMainThread()) {
+ RetrieveBlobData(lock);
+ return NS_OK;
+ }
+
+ nsCOMPtr<nsIRunnable> runnable = mozilla::NewRunnableMethod(
+ "BlobURLInputStream::CallRetrieveBlobData", this,
+ &BlobURLInputStream::CallRetrieveBlobData);
+ NS_DispatchToMainThread(runnable.forget(), NS_DISPATCH_NORMAL);
+ return NS_OK;
+ }
+
+ if (mState == State::WAITING) {
+ // RetrieveBlobData is already in progress and will execute
+ // NotifyWaitTargets when retrieve succeeds or fails
+ return NS_OK;
+ }
+
+ if (mState == State::READY) {
+ // Ask the blob's input stream if reading is possible or not
+ return mAsyncInputStream->AsyncWait(
+ mAsyncWaitCallback ? this : nullptr, mAsyncWaitFlags,
+ mAsyncWaitRequestedCount, mAsyncWaitTarget);
+ }
+
+ MOZ_ASSERT(mState == State::CLOSED);
+ NotifyWaitTargets(lock);
+ return NS_OK;
+}
+
+// from nsIInputStreamLength interface
+NS_IMETHODIMP BlobURLInputStream::Length(int64_t* aLength) {
+ MutexAutoLock lock(mStateMachineMutex);
+
+ if (mState == State::CLOSED) {
+ return NS_BASE_STREAM_CLOSED;
+ }
+
+ if (mState == State::ERROR) {
+ MOZ_ASSERT(NS_FAILED(mError));
+ return NS_ERROR_FAILURE;
+ }
+
+ if (mState == State::READY) {
+ *aLength = mBlobSize;
+ return NS_OK;
+ }
+ return NS_BASE_STREAM_WOULD_BLOCK;
+}
+
+// from nsIAsyncInputStreamLength interface
+NS_IMETHODIMP BlobURLInputStream::AsyncLengthWait(
+ nsIInputStreamLengthCallback* aCallback, nsIEventTarget* aEventTarget) {
+ MutexAutoLock lock(mStateMachineMutex);
+
+ if (mState == State::ERROR) {
+ MOZ_ASSERT(NS_FAILED(mError));
+ return mError;
+ }
+
+ // Pre-empting a valid callback with another is not allowed.
+ if (mAsyncLengthWaitCallback && aCallback) {
+ return NS_ERROR_FAILURE;
+ }
+
+ mAsyncLengthWaitTarget = aEventTarget;
+ mAsyncLengthWaitCallback = aCallback;
+
+ if (mState == State::INITIAL) {
+ mState = State::WAITING;
+ // RetrieveBlobData will execute NotifyWWaitTarget() when retrieve succeeds
+ // or fails
+ if (NS_IsMainThread()) {
+ RetrieveBlobData(lock);
+ return NS_OK;
+ }
+
+ nsCOMPtr<nsIRunnable> runnable = mozilla::NewRunnableMethod(
+ "BlobURLInputStream::CallRetrieveBlobData", this,
+ &BlobURLInputStream::CallRetrieveBlobData);
+ NS_DispatchToMainThread(runnable.forget(), NS_DISPATCH_NORMAL);
+ return NS_OK;
+ }
+
+ if (mState == State::WAITING) {
+ // RetrieveBlobData is already in progress and will execute
+ // NotifyWaitTargets when retrieve succeeds or fails
+ return NS_OK;
+ }
+
+ // Since here the state must be READY (in which case the size of the blob is
+ // already known) or CLOSED, callback can be called immediately
+ NotifyWaitTargets(lock);
+ return NS_OK;
+}
+
+// from nsIInputStreamCallback interface
+NS_IMETHODIMP BlobURLInputStream::OnInputStreamReady(
+ nsIAsyncInputStream* aStream) {
+ nsCOMPtr<nsIInputStreamCallback> callback;
+
+ {
+ MutexAutoLock lock(mStateMachineMutex);
+ MOZ_ASSERT_IF(mAsyncInputStream, aStream == mAsyncInputStream);
+
+ // aborted in the meantime
+ if (!mAsyncWaitCallback) {
+ return NS_OK;
+ }
+
+ mAsyncWaitCallback.swap(callback);
+ mAsyncWaitTarget = nullptr;
+ }
+
+ MOZ_ASSERT(callback);
+ return callback->OnInputStreamReady(this);
+}
+
+// from nsIInputStreamLengthCallback interface
+NS_IMETHODIMP BlobURLInputStream::OnInputStreamLengthReady(
+ nsIAsyncInputStreamLength* aStream, int64_t aLength) {
+ nsCOMPtr<nsIInputStreamLengthCallback> callback;
+ {
+ MutexAutoLock lock(mStateMachineMutex);
+
+ // aborted in the meantime
+ if (!mAsyncLengthWaitCallback) {
+ return NS_OK;
+ }
+
+ mAsyncLengthWaitCallback.swap(callback);
+ mAsyncLengthWaitCallback = nullptr;
+ }
+
+ return callback->OnInputStreamLengthReady(this, aLength);
+}
+
+// private:
+BlobURLInputStream::~BlobURLInputStream() {
+ if (mChannel) {
+ NS_ReleaseOnMainThread("BlobURLInputStream::mChannel", mChannel.forget());
+ }
+}
+
+BlobURLInputStream::BlobURLInputStream(BlobURLChannel* const aChannel,
+ nsACString& aBlobURLSpec)
+ : mChannel(aChannel),
+ mBlobURLSpec(std::move(aBlobURLSpec)),
+ mStateMachineMutex("BlobURLInputStream::mStateMachineMutex"),
+ mState(State::INITIAL),
+ mError(NS_OK),
+ mBlobSize(-1),
+ mAsyncWaitFlags(),
+ mAsyncWaitRequestedCount() {}
+
+void BlobURLInputStream::WaitOnUnderlyingStream(
+ const MutexAutoLock& aProofOfLock) {
+ if (mAsyncWaitCallback || mAsyncWaitTarget) {
+ // AsyncWait should be called on the underlying stream
+ mAsyncInputStream->AsyncWait(mAsyncWaitCallback ? this : nullptr,
+ mAsyncWaitFlags, mAsyncWaitRequestedCount,
+ mAsyncWaitTarget);
+ }
+
+ if (mAsyncLengthWaitCallback || mAsyncLengthWaitTarget) {
+ // AsyncLengthWait should be called on the underlying stream
+ nsCOMPtr<nsIAsyncInputStreamLength> asyncStreamLength =
+ do_QueryInterface(mAsyncInputStream);
+ if (asyncStreamLength) {
+ asyncStreamLength->AsyncLengthWait(
+ mAsyncLengthWaitCallback ? this : nullptr, mAsyncLengthWaitTarget);
+ }
+ }
+}
+
+void BlobURLInputStream::CallRetrieveBlobData() {
+ MutexAutoLock lock(mStateMachineMutex);
+ RetrieveBlobData(lock);
+}
+
+void BlobURLInputStream::RetrieveBlobData(const MutexAutoLock& aProofOfLock) {
+ MOZ_ASSERT(NS_IsMainThread(), "Only call on main thread");
+
+ MOZ_ASSERT(mState == State::WAITING);
+
+ auto cleanupOnEarlyExit = MakeScopeExit([&] {
+ mState = State::ERROR;
+ mError = NS_ERROR_FAILURE;
+ NS_ReleaseOnMainThread("BlobURLInputStream::mChannel", mChannel.forget());
+ NotifyWaitTargets(aProofOfLock);
+ });
+
+ nsCOMPtr<nsILoadInfo> loadInfo = mChannel->LoadInfo();
+ nsCOMPtr<nsIPrincipal> triggeringPrincipal;
+ nsCOMPtr<nsIPrincipal> loadingPrincipal;
+ if (NS_WARN_IF(NS_FAILED(loadInfo->GetTriggeringPrincipal(
+ getter_AddRefs(triggeringPrincipal)))) ||
+ NS_WARN_IF(!triggeringPrincipal)) {
+ NS_WARNING("Failed to get owning channel's triggering principal");
+ return;
+ }
+
+ if (NS_WARN_IF(NS_FAILED(
+ loadInfo->GetLoadingPrincipal(getter_AddRefs(loadingPrincipal))))) {
+ NS_WARNING("Failed to get owning channel's loading principal");
+ return;
+ }
+
+ Maybe<nsID> agentClusterId;
+ Maybe<ClientInfo> clientInfo = loadInfo->GetClientInfo();
+ if (clientInfo.isSome()) {
+ agentClusterId = clientInfo->AgentClusterId();
+ }
+
+ if (XRE_IsParentProcess() || !BlobURLSchemeIsHTTPOrHTTPS(mBlobURLSpec)) {
+ RefPtr<BlobImpl> blobImpl;
+
+ // Since revoked blobs are also retrieved, it is possible that the blob no
+ // longer exists (due to the 5 second timeout) when execution reaches here
+ if (!BlobURLProtocolHandler::GetDataEntry(
+ mBlobURLSpec, getter_AddRefs(blobImpl), loadingPrincipal,
+ triggeringPrincipal, loadInfo->GetOriginAttributes(),
+ loadInfo->GetInnerWindowID(), agentClusterId,
+ true /* AlsoIfRevoked */)) {
+ NS_WARNING("Failed to get data entry principal. URL revoked?");
+ return;
+ }
+
+ if (NS_WARN_IF(
+ NS_FAILED(StoreBlobImplStream(blobImpl.forget(), aProofOfLock)))) {
+ return;
+ }
+
+ mState = State::READY;
+
+ // By design, execution can only reach here when a caller has called
+ // AsyncWait or AsyncLengthWait on this stream. The underlying stream is
+ // valid, but the caller should not be informed until that stream has data
+ // to read or it is closed.
+ WaitOnUnderlyingStream(aProofOfLock);
+
+ cleanupOnEarlyExit.release();
+ return;
+ }
+
+ ContentChild* contentChild{ContentChild::GetSingleton()};
+ MOZ_ASSERT(contentChild);
+
+ const RefPtr<BlobURLInputStream> self = this;
+
+ cleanupOnEarlyExit.release();
+
+ contentChild
+ ->SendBlobURLDataRequest(mBlobURLSpec, triggeringPrincipal,
+ loadingPrincipal,
+ loadInfo->GetOriginAttributes(),
+ loadInfo->GetInnerWindowID(), agentClusterId)
+ ->Then(
+ GetCurrentSerialEventTarget(), __func__,
+ [self](const BlobURLDataRequestResult& aResult) {
+ MutexAutoLock lock(self->mStateMachineMutex);
+ if (aResult.type() == BlobURLDataRequestResult::TIPCBlob) {
+ if (self->mState == State::WAITING) {
+ RefPtr<BlobImpl> blobImpl =
+ IPCBlobUtils::Deserialize(aResult.get_IPCBlob());
+ if (blobImpl && self->StoreBlobImplStream(blobImpl.forget(),
+ lock) == NS_OK) {
+ self->mState = State::READY;
+ // By design, execution can only reach here when a caller has
+ // called AsyncWait or AsyncLengthWait on this stream. The
+ // underlying stream is valid, but the caller should not be
+ // informed until that stream has data to read or it is
+ // closed.
+ self->WaitOnUnderlyingStream(lock);
+ return;
+ }
+ } else {
+ MOZ_ASSERT(self->mState == State::CLOSED);
+ // Callback can be called immediately
+ self->NotifyWaitTargets(lock);
+ return;
+ }
+ }
+ NS_WARNING("Blob data was not retrieved!");
+ self->mState = State::ERROR;
+ self->mError = aResult.type() == BlobURLDataRequestResult::Tnsresult
+ ? aResult.get_nsresult()
+ : NS_ERROR_FAILURE;
+ NS_ReleaseOnMainThread("BlobURLInputStream::mChannel",
+ self->mChannel.forget());
+ self->NotifyWaitTargets(lock);
+ },
+ [self](mozilla::ipc::ResponseRejectReason aReason) {
+ MutexAutoLock lock(self->mStateMachineMutex);
+ NS_WARNING("IPC call to SendBlobURLDataRequest failed!");
+ self->mState = State::ERROR;
+ self->mError = NS_ERROR_FAILURE;
+ NS_ReleaseOnMainThread("BlobURLInputStream::mChannel",
+ self->mChannel.forget());
+ self->NotifyWaitTargets(lock);
+ });
+}
+
+nsresult BlobURLInputStream::StoreBlobImplStream(
+ already_AddRefed<BlobImpl> aBlobImpl, const MutexAutoLock& aProofOfLock) {
+ MOZ_ASSERT(NS_IsMainThread(), "Only call on main thread");
+ const RefPtr<BlobImpl> blobImpl = aBlobImpl;
+ nsAutoString blobContentType;
+ nsAutoCString channelContentType;
+
+ blobImpl->GetType(blobContentType);
+ mChannel->GetContentType(channelContentType);
+ // A empty content type is the correct channel content type in the case of a
+ // fetch of a blob where the type was not set. It is invalid in others cases
+ // such as a XHR (See https://xhr.spec.whatwg.org/#response-mime-type). The
+ // XMLHttpRequestMainThread will set the channel content type to the correct
+ // fallback value before this point, so we need to be careful to only override
+ // it when the blob type is valid.
+ if (!blobContentType.IsEmpty() ||
+ channelContentType.EqualsLiteral(UNKNOWN_CONTENT_TYPE)) {
+ mChannel->SetContentType(NS_ConvertUTF16toUTF8(blobContentType));
+ }
+
+ auto cleanupOnExit = MakeScopeExit([&] { mChannel = nullptr; });
+
+ if (blobImpl->IsFile()) {
+ nsAutoString filename;
+ blobImpl->GetName(filename);
+
+ // Don't overwrite existing name.
+ nsString ignored;
+ bool hasName =
+ NS_SUCCEEDED(mChannel->GetContentDispositionFilename(ignored));
+
+ if (!filename.IsEmpty() && !hasName) {
+ mChannel->SetContentDispositionFilename(filename);
+ }
+ }
+
+ mozilla::ErrorResult errorResult;
+
+ mBlobSize = blobImpl->GetSize(errorResult);
+
+ if (NS_WARN_IF(errorResult.Failed())) {
+ return errorResult.StealNSResult();
+ }
+
+ mChannel->SetContentLength(mBlobSize);
+
+ nsCOMPtr<nsIInputStream> inputStream;
+ blobImpl->CreateInputStream(getter_AddRefs(inputStream), errorResult);
+
+ if (NS_WARN_IF(errorResult.Failed())) {
+ return errorResult.StealNSResult();
+ }
+
+ if (NS_WARN_IF(!inputStream)) {
+ return NS_ERROR_NOT_AVAILABLE;
+ }
+
+ nsresult rv = NS_MakeAsyncNonBlockingInputStream(
+ inputStream.forget(), getter_AddRefs(mAsyncInputStream));
+ if (NS_WARN_IF(NS_FAILED(rv))) {
+ return rv;
+ }
+
+ if (NS_WARN_IF(!mAsyncInputStream)) {
+ return NS_ERROR_NOT_AVAILABLE;
+ }
+
+ return NS_OK;
+}
+
+void BlobURLInputStream::NotifyWaitTargets(const MutexAutoLock& aProofOfLock) {
+ if (mAsyncWaitCallback) {
+ auto callback = mAsyncWaitTarget
+ ? NS_NewInputStreamReadyEvent(
+ "BlobURLInputStream::OnInputStreamReady",
+ mAsyncWaitCallback, mAsyncWaitTarget)
+ : mAsyncWaitCallback;
+
+ mAsyncWaitCallback = nullptr;
+ mAsyncWaitTarget = nullptr;
+ callback->OnInputStreamReady(this);
+ }
+
+ if (mAsyncLengthWaitCallback) {
+ const RefPtr<BlobURLInputStream> self = this;
+ nsCOMPtr<nsIRunnable> runnable = NS_NewRunnableFunction(
+ "BlobURLInputStream::OnInputStreamLengthReady", [self] {
+ self->mAsyncLengthWaitCallback->OnInputStreamLengthReady(
+ self, self->mBlobSize);
+ });
+
+ mAsyncLengthWaitCallback = nullptr;
+
+ if (mAsyncLengthWaitTarget) {
+ mAsyncLengthWaitTarget->Dispatch(runnable, NS_DISPATCH_NORMAL);
+ mAsyncLengthWaitTarget = nullptr;
+ } else {
+ runnable->Run();
+ }
+ }
+}
+
+void BlobURLInputStream::ReleaseUnderlyingStream(
+ const MutexAutoLock& aProofOfLock) {
+ mAsyncInputStream = nullptr;
+ mBlobSize = -1;
+}
+
+} // namespace mozilla::dom
diff --git a/dom/file/uri/BlobURLInputStream.h b/dom/file/uri/BlobURLInputStream.h
new file mode 100644
index 0000000000..b9215e5ffd
--- /dev/null
+++ b/dom/file/uri/BlobURLInputStream.h
@@ -0,0 +1,81 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef mozilla_dom_BlobURLInputStream_h
+#define mozilla_dom_BlobURLInputStream_h
+
+#include "mozilla/dom/BlobImpl.h"
+#include "mozilla/Mutex.h"
+#include "nsCOMPtr.h"
+#include "nsIAsyncInputStream.h"
+#include "nsIInputStreamLength.h"
+
+namespace mozilla::dom {
+
+class BlobURL;
+class BlobURLChannel;
+class BlobURLInputStream final : public nsIAsyncInputStream,
+ public nsIInputStreamLength,
+ public nsIAsyncInputStreamLength,
+ public nsIInputStreamCallback,
+ public nsIInputStreamLengthCallback {
+ public:
+ NS_DECL_THREADSAFE_ISUPPORTS
+ NS_DECL_NSIINPUTSTREAM
+ NS_DECL_NSIASYNCINPUTSTREAM
+ NS_DECL_NSIINPUTSTREAMLENGTH
+ NS_DECL_NSIASYNCINPUTSTREAMLENGTH
+ NS_DECL_NSIINPUTSTREAMCALLBACK
+ NS_DECL_NSIINPUTSTREAMLENGTHCALLBACK
+
+ static already_AddRefed<nsIInputStream> Create(BlobURLChannel* const aChannel,
+ BlobURL* const aBlobURL);
+
+ BlobURLInputStream(BlobURLChannel* const aChannel, nsACString& aBlobURLSpec);
+
+ private:
+ enum class State { INITIAL, READY, WAITING, CLOSED, ERROR };
+
+ ~BlobURLInputStream();
+
+ void WaitOnUnderlyingStream(const MutexAutoLock& aProofOfLock);
+
+ // This method should only be used to call RetrieveBlobData in a different
+ // thread
+ void CallRetrieveBlobData();
+
+ void RetrieveBlobData(const MutexAutoLock& aProofOfLock);
+
+ nsresult StoreBlobImplStream(already_AddRefed<BlobImpl> aBlobImpl,
+ const MutexAutoLock& aProofOfLock);
+ void NotifyWaitTargets(const MutexAutoLock& aProofOfLock);
+ void ReleaseUnderlyingStream(const MutexAutoLock& aProofOfLock);
+
+ RefPtr<BlobURLChannel> mChannel;
+ const nsCString mBlobURLSpec;
+
+ // Non-recursive mutex introduced in order to guard access to mState, mError
+ // and mAsyncInputStream
+ Mutex mStateMachineMutex MOZ_UNANNOTATED;
+ State mState;
+ // Stores the error code if stream is in error state
+ nsresult mError;
+
+ int64_t mBlobSize;
+
+ nsCOMPtr<nsIAsyncInputStream> mAsyncInputStream;
+ nsCOMPtr<nsIInputStreamCallback> mAsyncWaitCallback;
+ nsCOMPtr<nsIEventTarget> mAsyncWaitTarget;
+ uint32_t mAsyncWaitFlags;
+ uint32_t mAsyncWaitRequestedCount;
+
+ nsCOMPtr<nsIInputStreamLengthCallback> mAsyncLengthWaitCallback;
+ nsCOMPtr<nsIEventTarget> mAsyncLengthWaitTarget;
+};
+
+} // namespace mozilla::dom
+
+#endif /* mozilla_dom_BlobURLInputStream_h */
diff --git a/dom/file/uri/BlobURLProtocolHandler.cpp b/dom/file/uri/BlobURLProtocolHandler.cpp
new file mode 100644
index 0000000000..756ce01544
--- /dev/null
+++ b/dom/file/uri/BlobURLProtocolHandler.cpp
@@ -0,0 +1,990 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "BlobURLProtocolHandler.h"
+#include "BlobURLChannel.h"
+#include "mozilla/dom/BlobURL.h"
+
+#include "mozilla/dom/ChromeUtils.h"
+#include "mozilla/dom/ContentChild.h"
+#include "mozilla/dom/ContentParent.h"
+#include "mozilla/dom/Exceptions.h"
+#include "mozilla/dom/BlobImpl.h"
+#include "mozilla/dom/IPCBlobUtils.h"
+#include "mozilla/dom/MediaSource.h"
+#include "mozilla/ipc/IPCStreamUtils.h"
+#include "mozilla/AppShutdown.h"
+#include "mozilla/BasePrincipal.h"
+#include "mozilla/LoadInfo.h"
+#include "mozilla/Maybe.h"
+#include "mozilla/NullPrincipal.h"
+#include "mozilla/OriginAttributes.h"
+#include "mozilla/Preferences.h"
+#include "mozilla/SchedulerGroup.h"
+#include "mozilla/ScopeExit.h"
+#include "nsClassHashtable.h"
+#include "nsContentUtils.h"
+#include "nsError.h"
+#include "nsIAsyncShutdown.h"
+#include "nsIDUtils.h"
+#include "nsIException.h" // for nsIStackFrame
+#include "nsIMemoryReporter.h"
+#include "nsIPrincipal.h"
+#include "nsIUUIDGenerator.h"
+#include "nsNetUtil.h"
+#include "nsReadableUtils.h"
+
+#define RELEASING_TIMER 5000
+
+namespace mozilla {
+
+using namespace ipc;
+
+namespace dom {
+
+// -----------------------------------------------------------------------
+// Hash table
+struct DataInfo {
+ enum ObjectType { eBlobImpl, eMediaSource };
+
+ DataInfo(mozilla::dom::BlobImpl* aBlobImpl, nsIPrincipal* aPrincipal,
+ const Maybe<nsID>& aAgentClusterId)
+ : mObjectType(eBlobImpl),
+ mBlobImpl(aBlobImpl),
+ mPrincipal(aPrincipal),
+ mAgentClusterId(aAgentClusterId),
+ mRevoked(false) {
+ MOZ_ASSERT(aPrincipal);
+ }
+
+ DataInfo(MediaSource* aMediaSource, nsIPrincipal* aPrincipal,
+ const Maybe<nsID>& aAgentClusterId)
+ : mObjectType(eMediaSource),
+ mMediaSource(aMediaSource),
+ mPrincipal(aPrincipal),
+ mAgentClusterId(aAgentClusterId),
+ mRevoked(false) {
+ MOZ_ASSERT(aPrincipal);
+ }
+
+ ObjectType mObjectType;
+
+ RefPtr<BlobImpl> mBlobImpl;
+ RefPtr<MediaSource> mMediaSource;
+
+ nsCOMPtr<nsIPrincipal> mPrincipal;
+ Maybe<nsID> mAgentClusterId;
+
+ nsCString mStack;
+
+ // When a blobURL is revoked, we keep it alive for RELEASING_TIMER
+ // milliseconds in order to support pending operations such as navigation,
+ // download and so on.
+ bool mRevoked;
+};
+
+// The mutex is locked whenever gDataTable is changed, or if gDataTable
+// is accessed off-main-thread.
+static StaticMutex sMutex MOZ_UNANNOTATED;
+
+// All changes to gDataTable must happen on the main thread, while locking
+// sMutex. Reading from gDataTable on the main thread may happen without
+// locking, since no changes are possible. Reading it from another thread
+// must also lock sMutex to prevent data races.
+static nsClassHashtable<nsCStringHashKey, mozilla::dom::DataInfo>* gDataTable;
+
+static mozilla::dom::DataInfo* GetDataInfo(const nsACString& aUri,
+ bool aAlsoIfRevoked = false) {
+ if (!gDataTable) {
+ return nullptr;
+ }
+
+ // Let's remove any fragment from this URI.
+ int32_t fragmentPos = aUri.FindChar('#');
+
+ mozilla::dom::DataInfo* res;
+ if (fragmentPos < 0) {
+ res = gDataTable->Get(aUri);
+ } else {
+ res = gDataTable->Get(StringHead(aUri, fragmentPos));
+ }
+
+ if (!aAlsoIfRevoked && res && res->mRevoked) {
+ return nullptr;
+ }
+
+ return res;
+}
+
+static mozilla::dom::DataInfo* GetDataInfoFromURI(nsIURI* aURI,
+ bool aAlsoIfRevoked = false) {
+ if (!aURI) {
+ return nullptr;
+ }
+
+ nsCString spec;
+ nsresult rv = aURI->GetSpec(spec);
+ if (NS_WARN_IF(NS_FAILED(rv))) {
+ return nullptr;
+ }
+
+ return GetDataInfo(spec, aAlsoIfRevoked);
+}
+
+// Memory reporting for the hash table.
+void BroadcastBlobURLRegistration(const nsACString& aURI,
+ mozilla::dom::BlobImpl* aBlobImpl,
+ nsIPrincipal* aPrincipal,
+ const Maybe<nsID>& aAgentClusterId) {
+ MOZ_ASSERT(NS_IsMainThread());
+ MOZ_ASSERT(aBlobImpl);
+ MOZ_ASSERT(aPrincipal);
+
+ if (XRE_IsParentProcess()) {
+ dom::ContentParent::BroadcastBlobURLRegistration(
+ aURI, aBlobImpl, aPrincipal, aAgentClusterId);
+ return;
+ }
+
+ IPCBlob ipcBlob;
+ nsresult rv = IPCBlobUtils::Serialize(aBlobImpl, ipcBlob);
+ if (NS_WARN_IF(NS_FAILED(rv))) {
+ return;
+ }
+
+ dom::ContentChild* cc = dom::ContentChild::GetSingleton();
+ (void)NS_WARN_IF(!cc->SendStoreAndBroadcastBlobURLRegistration(
+ nsCString(aURI), ipcBlob, aPrincipal, aAgentClusterId));
+}
+
+void BroadcastBlobURLUnregistration(const nsCString& aURI,
+ nsIPrincipal* aPrincipal) {
+ MOZ_ASSERT(NS_IsMainThread());
+
+ if (XRE_IsParentProcess()) {
+ dom::ContentParent::BroadcastBlobURLUnregistration(aURI, aPrincipal);
+ return;
+ }
+
+ dom::ContentChild* cc = dom::ContentChild::GetSingleton();
+ if (cc) {
+ (void)NS_WARN_IF(
+ !cc->SendUnstoreAndBroadcastBlobURLUnregistration(aURI, aPrincipal));
+ }
+}
+
+class BlobURLsReporter final : public nsIMemoryReporter {
+ public:
+ NS_DECL_ISUPPORTS
+
+ NS_IMETHOD CollectReports(nsIHandleReportCallback* aCallback,
+ nsISupports* aData, bool aAnonymize) override {
+ MOZ_ASSERT(NS_IsMainThread(),
+ "without locking gDataTable is main-thread only");
+ if (!gDataTable) {
+ return NS_OK;
+ }
+
+ nsTHashMap<nsPtrHashKey<mozilla::dom::BlobImpl>, uint32_t> refCounts;
+
+ // Determine number of URLs per mozilla::dom::BlobImpl, to handle the case
+ // where it's > 1.
+ for (const auto& entry : *gDataTable) {
+ if (entry.GetWeak()->mObjectType != mozilla::dom::DataInfo::eBlobImpl) {
+ continue;
+ }
+
+ mozilla::dom::BlobImpl* blobImpl = entry.GetWeak()->mBlobImpl;
+ MOZ_ASSERT(blobImpl);
+
+ refCounts.LookupOrInsert(blobImpl, 0) += 1;
+ }
+
+ for (const auto& entry : *gDataTable) {
+ nsCStringHashKey::KeyType key = entry.GetKey();
+ mozilla::dom::DataInfo* info = entry.GetWeak();
+
+ if (entry.GetWeak()->mObjectType == mozilla::dom::DataInfo::eBlobImpl) {
+ mozilla::dom::BlobImpl* blobImpl = entry.GetWeak()->mBlobImpl;
+ MOZ_ASSERT(blobImpl);
+
+ constexpr auto desc =
+ "A blob URL allocated with URL.createObjectURL; the referenced "
+ "blob cannot be freed until all URLs for it have been explicitly "
+ "invalidated with URL.revokeObjectURL."_ns;
+ nsAutoCString path, url, owner, specialDesc;
+ uint64_t size = 0;
+ uint32_t refCount = 1;
+ DebugOnly<bool> blobImplWasCounted;
+
+ blobImplWasCounted = refCounts.Get(blobImpl, &refCount);
+ MOZ_ASSERT(blobImplWasCounted);
+ MOZ_ASSERT(refCount > 0);
+
+ bool isMemoryFile = blobImpl->IsMemoryFile();
+
+ if (isMemoryFile) {
+ ErrorResult rv;
+ size = blobImpl->GetSize(rv);
+ if (NS_WARN_IF(rv.Failed())) {
+ rv.SuppressException();
+ size = 0;
+ }
+ }
+
+ path = isMemoryFile ? "memory-blob-urls/" : "file-blob-urls/";
+ BuildPath(path, key, info, aAnonymize);
+
+ if (refCount > 1) {
+ nsAutoCString addrStr;
+
+ addrStr = "0x";
+ addrStr.AppendInt((uint64_t)(mozilla::dom::BlobImpl*)blobImpl, 16);
+
+ path += " ";
+ path.AppendInt(refCount);
+ path += "@";
+ path += addrStr;
+
+ specialDesc = desc;
+ specialDesc += "\n\nNOTE: This blob (address ";
+ specialDesc += addrStr;
+ specialDesc += ") has ";
+ specialDesc.AppendInt(refCount);
+ specialDesc += " URLs.";
+ if (isMemoryFile) {
+ specialDesc += " Its size is divided ";
+ specialDesc += refCount > 2 ? "among" : "between";
+ specialDesc += " them in this report.";
+ }
+ }
+
+ const nsACString& descString =
+ specialDesc.IsEmpty() ? static_cast<const nsACString&>(desc)
+ : static_cast<const nsACString&>(specialDesc);
+ if (isMemoryFile) {
+ aCallback->Callback(""_ns, path, KIND_OTHER, UNITS_BYTES,
+ size / refCount, descString, aData);
+ } else {
+ aCallback->Callback(""_ns, path, KIND_OTHER, UNITS_COUNT, 1,
+ descString, aData);
+ }
+ continue;
+ }
+
+ // Just report the path for the MediaSource.
+ nsAutoCString path;
+ path = "media-source-urls/";
+ BuildPath(path, key, info, aAnonymize);
+
+ constexpr auto desc =
+ "An object URL allocated with URL.createObjectURL; the referenced "
+ "data cannot be freed until all URLs for it have been explicitly "
+ "invalidated with URL.revokeObjectURL."_ns;
+
+ aCallback->Callback(""_ns, path, KIND_OTHER, UNITS_COUNT, 1, desc, aData);
+ }
+
+ return NS_OK;
+ }
+
+ // Initialize info->mStack to record JS stack info, if enabled.
+ // The string generated here is used in ReportCallback, below.
+ static void GetJSStackForBlob(mozilla::dom::DataInfo* aInfo) {
+ nsCString& stack = aInfo->mStack;
+ MOZ_ASSERT(stack.IsEmpty());
+ const uint32_t maxFrames =
+ Preferences::GetUint("memory.blob_report.stack_frames");
+
+ if (maxFrames == 0) {
+ return;
+ }
+
+ nsCOMPtr<nsIStackFrame> frame = dom::GetCurrentJSStack(maxFrames);
+
+ nsAutoCString origin;
+
+ aInfo->mPrincipal->GetPrePath(origin);
+
+ // If we got a frame, we better have a current JSContext. This is cheating
+ // a bit; ideally we'd have our caller pass in a JSContext, or have
+ // GetCurrentJSStack() hand out the JSContext it found.
+ JSContext* cx = frame ? nsContentUtils::GetCurrentJSContext() : nullptr;
+
+ while (frame) {
+ nsString fileNameUTF16;
+ frame->GetFilename(cx, fileNameUTF16);
+
+ int32_t lineNumber = frame->GetLineNumber(cx);
+
+ if (!fileNameUTF16.IsEmpty()) {
+ NS_ConvertUTF16toUTF8 fileName(fileNameUTF16);
+ stack += "js(";
+ if (!origin.IsEmpty()) {
+ // Make the file name root-relative for conciseness if possible.
+ const char* originData;
+ uint32_t originLen;
+
+ originLen = origin.GetData(&originData);
+ // If fileName starts with origin + "/", cut up to that "/".
+ if (fileName.Length() >= originLen + 1 &&
+ memcmp(fileName.get(), originData, originLen) == 0 &&
+ fileName[originLen] == '/') {
+ fileName.Cut(0, originLen);
+ }
+ }
+ fileName.ReplaceChar('/', '\\');
+ stack += fileName;
+ if (lineNumber > 0) {
+ stack += ", line=";
+ stack.AppendInt(lineNumber);
+ }
+ stack += ")/";
+ }
+
+ frame = frame->GetCaller(cx);
+ }
+ }
+
+ private:
+ ~BlobURLsReporter() = default;
+
+ static void BuildPath(nsAutoCString& path, nsCStringHashKey::KeyType aKey,
+ mozilla::dom::DataInfo* aInfo, bool anonymize) {
+ nsAutoCString url, owner;
+ aInfo->mPrincipal->GetAsciiSpec(owner);
+ if (!owner.IsEmpty()) {
+ owner.ReplaceChar('/', '\\');
+ path += "owner(";
+ if (anonymize) {
+ path += "<anonymized>";
+ } else {
+ path += owner;
+ }
+ path += ")";
+ } else {
+ path += "owner unknown";
+ }
+ path += "/";
+ if (anonymize) {
+ path += "<anonymized-stack>";
+ } else {
+ path += aInfo->mStack;
+ }
+ url = aKey;
+ url.ReplaceChar('/', '\\');
+ if (anonymize) {
+ path += "<anonymized-url>";
+ } else {
+ path += url;
+ }
+ }
+};
+
+NS_IMPL_ISUPPORTS(BlobURLsReporter, nsIMemoryReporter)
+
+class ReleasingTimerHolder final : public Runnable,
+ public nsITimerCallback,
+ public nsIAsyncShutdownBlocker {
+ public:
+ NS_DECL_ISUPPORTS_INHERITED
+
+ static void Create(const nsACString& aURI) {
+ MOZ_ASSERT(NS_IsMainThread());
+
+ RefPtr<ReleasingTimerHolder> holder = new ReleasingTimerHolder(aURI);
+
+ // BlobURLProtocolHandler::RemoveDataEntry potentially happens late. We are
+ // prepared to RevokeUri synchronously if we run after XPCOMWillShutdown,
+ // but we need at least to be able to dispatch to the main thread here.
+ auto raii = MakeScopeExit([holder] { holder->CancelTimerAndRevokeURI(); });
+
+ nsresult rv =
+ SchedulerGroup::Dispatch(TaskCategory::Other, holder.forget());
+ NS_ENSURE_SUCCESS_VOID(rv);
+
+ raii.release();
+ }
+
+ // Runnable interface
+
+ NS_IMETHOD
+ Run() override {
+ RefPtr<ReleasingTimerHolder> self = this;
+ auto raii = MakeScopeExit([self] { self->CancelTimerAndRevokeURI(); });
+
+ nsresult rv = NS_NewTimerWithCallback(
+ getter_AddRefs(mTimer), this, RELEASING_TIMER, nsITimer::TYPE_ONE_SHOT);
+ NS_ENSURE_SUCCESS(rv, NS_OK);
+
+ nsCOMPtr<nsIAsyncShutdownClient> phase = GetShutdownPhase();
+ NS_ENSURE_TRUE(!!phase, NS_OK);
+
+ rv = phase->AddBlocker(this, NS_LITERAL_STRING_FROM_CSTRING(__FILE__),
+ __LINE__, u"ReleasingTimerHolder shutdown"_ns);
+ NS_ENSURE_SUCCESS(rv, NS_OK);
+
+ raii.release();
+ return NS_OK;
+ }
+
+ // nsITimerCallback interface
+
+ NS_IMETHOD
+ Notify(nsITimer* aTimer) override {
+ RevokeURI();
+ return NS_OK;
+ }
+
+#ifdef MOZ_COLLECTING_RUNNABLE_TELEMETRY
+ using nsINamed::GetName;
+#endif
+
+ // nsIAsyncShutdownBlocker interface
+
+ NS_IMETHOD
+ GetName(nsAString& aName) override {
+ aName.AssignLiteral("ReleasingTimerHolder for blobURL: ");
+ aName.Append(NS_ConvertUTF8toUTF16(mURI));
+ return NS_OK;
+ }
+
+ NS_IMETHOD
+ BlockShutdown(nsIAsyncShutdownClient* aClient) override {
+ CancelTimerAndRevokeURI();
+ return NS_OK;
+ }
+
+ NS_IMETHOD
+ GetState(nsIPropertyBag**) override { return NS_OK; }
+
+ private:
+ explicit ReleasingTimerHolder(const nsACString& aURI)
+ : Runnable("ReleasingTimerHolder"), mURI(aURI) {}
+
+ ~ReleasingTimerHolder() override = default;
+
+ void RevokeURI() {
+ // Remove the shutting down blocker
+ nsCOMPtr<nsIAsyncShutdownClient> phase = GetShutdownPhase();
+ if (phase) {
+ phase->RemoveBlocker(this);
+ }
+
+ MOZ_ASSERT(NS_IsMainThread(),
+ "without locking gDataTable is main-thread only");
+ mozilla::dom::DataInfo* info =
+ GetDataInfo(mURI, true /* We care about revoked dataInfo */);
+ if (!info) {
+ // Already gone!
+ return;
+ }
+
+ MOZ_ASSERT(info->mRevoked);
+
+ StaticMutexAutoLock lock(sMutex);
+ gDataTable->Remove(mURI);
+ if (gDataTable->Count() == 0) {
+ delete gDataTable;
+ gDataTable = nullptr;
+ }
+ }
+
+ void CancelTimerAndRevokeURI() {
+ if (mTimer) {
+ mTimer->Cancel();
+ mTimer = nullptr;
+ }
+
+ RevokeURI();
+ }
+
+ static nsCOMPtr<nsIAsyncShutdownClient> GetShutdownPhase() {
+ nsCOMPtr<nsIAsyncShutdownService> svc = services::GetAsyncShutdownService();
+ NS_ENSURE_TRUE(!!svc, nullptr);
+
+ nsCOMPtr<nsIAsyncShutdownClient> phase;
+ nsresult rv = svc->GetXpcomWillShutdown(getter_AddRefs(phase));
+ NS_ENSURE_SUCCESS(rv, nullptr);
+
+ return phase;
+ }
+
+ nsCString mURI;
+ nsCOMPtr<nsITimer> mTimer;
+};
+
+NS_IMPL_ISUPPORTS_INHERITED(ReleasingTimerHolder, Runnable, nsITimerCallback,
+ nsIAsyncShutdownBlocker)
+
+template <typename T>
+static void AddDataEntryInternal(const nsACString& aURI, T aObject,
+ nsIPrincipal* aPrincipal,
+ const Maybe<nsID>& aAgentClusterId) {
+ MOZ_ASSERT(NS_IsMainThread(), "changing gDataTable is main-thread only");
+ StaticMutexAutoLock lock(sMutex);
+ if (!gDataTable) {
+ gDataTable = new nsClassHashtable<nsCStringHashKey, mozilla::dom::DataInfo>;
+ }
+
+ mozilla::UniquePtr<mozilla::dom::DataInfo> info =
+ mozilla::MakeUnique<mozilla::dom::DataInfo>(aObject, aPrincipal,
+ aAgentClusterId);
+ BlobURLsReporter::GetJSStackForBlob(info.get());
+
+ gDataTable->InsertOrUpdate(aURI, std::move(info));
+}
+
+void BlobURLProtocolHandler::Init(void) {
+ static bool initialized = false;
+
+ if (!initialized) {
+ initialized = true;
+ RegisterStrongMemoryReporter(new BlobURLsReporter());
+ }
+}
+
+BlobURLProtocolHandler::BlobURLProtocolHandler() { Init(); }
+
+BlobURLProtocolHandler::~BlobURLProtocolHandler() = default;
+
+/* static */
+nsresult BlobURLProtocolHandler::AddDataEntry(
+ mozilla::dom::BlobImpl* aBlobImpl, nsIPrincipal* aPrincipal,
+ const Maybe<nsID>& aAgentClusterId, nsACString& aUri) {
+ MOZ_ASSERT(aBlobImpl);
+ MOZ_ASSERT(aPrincipal);
+
+ Init();
+
+ nsresult rv = GenerateURIString(aPrincipal, aUri);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ AddDataEntryInternal(aUri, aBlobImpl, aPrincipal, aAgentClusterId);
+
+ BroadcastBlobURLRegistration(aUri, aBlobImpl, aPrincipal, aAgentClusterId);
+ return NS_OK;
+}
+
+/* static */
+nsresult BlobURLProtocolHandler::AddDataEntry(
+ MediaSource* aMediaSource, nsIPrincipal* aPrincipal,
+ const Maybe<nsID>& aAgentClusterId, nsACString& aUri) {
+ MOZ_ASSERT(aMediaSource);
+ MOZ_ASSERT(aPrincipal);
+
+ Init();
+
+ nsresult rv = GenerateURIString(aPrincipal, aUri);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ AddDataEntryInternal(aUri, aMediaSource, aPrincipal, aAgentClusterId);
+ return NS_OK;
+}
+
+/* static */
+void BlobURLProtocolHandler::AddDataEntry(const nsACString& aURI,
+ nsIPrincipal* aPrincipal,
+ const Maybe<nsID>& aAgentClusterId,
+ mozilla::dom::BlobImpl* aBlobImpl) {
+ MOZ_ASSERT(aPrincipal);
+ MOZ_ASSERT(aBlobImpl);
+ AddDataEntryInternal(aURI, aBlobImpl, aPrincipal, aAgentClusterId);
+}
+
+/* static */
+bool BlobURLProtocolHandler::ForEachBlobURL(
+ std::function<bool(mozilla::dom::BlobImpl*, nsIPrincipal*,
+ const Maybe<nsID>&, const nsACString&, bool aRevoked)>&&
+ aCb) {
+ MOZ_ASSERT(NS_IsMainThread());
+
+ if (!gDataTable) {
+ return false;
+ }
+
+ for (const auto& entry : *gDataTable) {
+ mozilla::dom::DataInfo* info = entry.GetWeak();
+ MOZ_ASSERT(info);
+
+ if (info->mObjectType != mozilla::dom::DataInfo::eBlobImpl) {
+ continue;
+ }
+
+ MOZ_ASSERT(info->mBlobImpl);
+ if (!aCb(info->mBlobImpl, info->mPrincipal, info->mAgentClusterId,
+ entry.GetKey(), info->mRevoked)) {
+ return false;
+ }
+ }
+
+ return true;
+}
+
+/*static */
+void BlobURLProtocolHandler::RemoveDataEntry(const nsACString& aUri,
+ bool aBroadcastToOtherProcesses) {
+ MOZ_ASSERT(NS_IsMainThread(), "changing gDataTable is main-thread only");
+ if (!gDataTable) {
+ return;
+ }
+ mozilla::dom::DataInfo* info = GetDataInfo(aUri);
+ if (!info) {
+ return;
+ }
+
+ {
+ StaticMutexAutoLock lock(sMutex);
+ info->mRevoked = true;
+ }
+
+ if (aBroadcastToOtherProcesses &&
+ info->mObjectType == mozilla::dom::DataInfo::eBlobImpl) {
+ BroadcastBlobURLUnregistration(nsCString(aUri), info->mPrincipal);
+ }
+
+ // The timer will take care of removing the entry for real after
+ // RELEASING_TIMER milliseconds. In the meantime, the mozilla::dom::DataInfo,
+ // marked as revoked, will not be exposed.
+ ReleasingTimerHolder::Create(aUri);
+}
+
+/*static */
+bool BlobURLProtocolHandler::RemoveDataEntry(
+ const nsACString& aUri, nsIPrincipal* aPrincipal,
+ const Maybe<nsID>& aAgentClusterId) {
+ MOZ_ASSERT(NS_IsMainThread(), "changing gDataTable is main-thread only");
+ if (!gDataTable) {
+ return false;
+ }
+
+ mozilla::dom::DataInfo* info = GetDataInfo(aUri);
+ if (!info) {
+ return false;
+ }
+
+ if (!aPrincipal || !aPrincipal->Subsumes(info->mPrincipal)) {
+ return false;
+ }
+
+ if (StaticPrefs::privacy_partition_bloburl_per_agent_cluster() &&
+ aAgentClusterId.isSome() && info->mAgentClusterId.isSome() &&
+ !aAgentClusterId.value().Equals(info->mAgentClusterId.value())) {
+ return false;
+ }
+
+ RemoveDataEntry(aUri, true);
+ return true;
+}
+
+/* static */
+void BlobURLProtocolHandler::RemoveDataEntries() {
+ MOZ_ASSERT(NS_IsMainThread(), "changing gDataTable is main-thread only");
+ StaticMutexAutoLock lock(sMutex);
+ if (!gDataTable) {
+ return;
+ }
+
+ gDataTable->Clear();
+ delete gDataTable;
+ gDataTable = nullptr;
+}
+
+/* static */
+bool BlobURLProtocolHandler::HasDataEntry(const nsACString& aUri) {
+ MOZ_ASSERT(NS_IsMainThread(),
+ "without locking gDataTable is main-thread only");
+ return !!GetDataInfo(aUri);
+}
+
+/* static */
+nsresult BlobURLProtocolHandler::GenerateURIString(nsIPrincipal* aPrincipal,
+ nsACString& aUri) {
+ nsresult rv;
+ nsCOMPtr<nsIUUIDGenerator> uuidgen =
+ do_GetService("@mozilla.org/uuid-generator;1", &rv);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ nsID id;
+ rv = uuidgen->GenerateUUIDInPlace(&id);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ aUri.AssignLiteral(BLOBURI_SCHEME);
+ aUri.Append(':');
+
+ if (aPrincipal) {
+ nsAutoCString origin;
+ rv = aPrincipal->GetAsciiOrigin(origin);
+ if (NS_FAILED(rv)) {
+ origin.AssignLiteral("null");
+ }
+
+ aUri.Append(origin);
+ aUri.Append('/');
+ }
+
+ aUri += NSID_TrimBracketsASCII(id);
+
+ return NS_OK;
+}
+
+/* static */
+bool BlobURLProtocolHandler::GetDataEntry(
+ const nsACString& aUri, mozilla::dom::BlobImpl** aBlobImpl,
+ nsIPrincipal* aLoadingPrincipal, nsIPrincipal* aTriggeringPrincipal,
+ const OriginAttributes& aOriginAttributes, uint64_t aInnerWindowId,
+ const Maybe<nsID>& aAgentClusterId, bool aAlsoIfRevoked) {
+ MOZ_ASSERT(NS_IsMainThread(),
+ "without locking gDataTable is main-thread only");
+ MOZ_ASSERT(aTriggeringPrincipal);
+
+ if (!gDataTable) {
+ return false;
+ }
+
+ mozilla::dom::DataInfo* info = GetDataInfo(aUri, aAlsoIfRevoked);
+ if (!info) {
+ return false;
+ }
+
+ // We want to be sure that we stop the creation of the channel if the blob
+ // URL is copy-and-pasted on a different context (ex. private browsing or
+ // containers).
+ //
+ // We also allow the system principal to create the channel regardless of
+ // the OriginAttributes. This is primarily for the benefit of mechanisms
+ // like the Download API that explicitly create a channel with the system
+ // principal and which is never mutated to have a non-zero
+ // mPrivateBrowsingId or container.
+
+ if ((NS_WARN_IF(!aLoadingPrincipal) ||
+ !aLoadingPrincipal->IsSystemPrincipal()) &&
+ NS_WARN_IF(!ChromeUtils::IsOriginAttributesEqualIgnoringFPD(
+ aOriginAttributes,
+ BasePrincipal::Cast(info->mPrincipal)->OriginAttributesRef()))) {
+ return false;
+ }
+
+ if (NS_WARN_IF(!aTriggeringPrincipal->Subsumes(info->mPrincipal))) {
+ return false;
+ }
+
+ // BlobURLs are openable on the same agent-cluster-id only.
+ if (StaticPrefs::privacy_partition_bloburl_per_agent_cluster() &&
+ aAgentClusterId.isSome() && info->mAgentClusterId.isSome() &&
+ NS_WARN_IF(!aAgentClusterId->Equals(info->mAgentClusterId.value()))) {
+ nsAutoString localizedMsg;
+ AutoTArray<nsString, 1> param;
+ CopyUTF8toUTF16(aUri, *param.AppendElement());
+ nsresult rv = nsContentUtils::FormatLocalizedString(
+ nsContentUtils::eDOM_PROPERTIES, "BlobDifferentClusterError", param,
+ localizedMsg);
+ if (NS_WARN_IF(NS_FAILED(rv))) {
+ return false;
+ }
+
+ nsContentUtils::ReportToConsoleByWindowID(
+ localizedMsg, nsIScriptError::errorFlag, "DOM"_ns, aInnerWindowId);
+ return false;
+ }
+
+ RefPtr<mozilla::dom::BlobImpl> blobImpl = info->mBlobImpl;
+ blobImpl.forget(aBlobImpl);
+
+ return true;
+}
+
+/* static */
+void BlobURLProtocolHandler::Traverse(
+ const nsACString& aUri, nsCycleCollectionTraversalCallback& aCallback) {
+ MOZ_ASSERT(NS_IsMainThread(),
+ "without locking gDataTable is main-thread only");
+ if (!gDataTable) {
+ return;
+ }
+
+ mozilla::dom::DataInfo* res;
+ gDataTable->Get(aUri, &res);
+ if (!res) {
+ return;
+ }
+
+ NS_CYCLE_COLLECTION_NOTE_EDGE_NAME(
+ aCallback, "BlobURLProtocolHandler mozilla::dom::DataInfo.mBlobImpl");
+ aCallback.NoteXPCOMChild(res->mBlobImpl);
+
+ NS_CYCLE_COLLECTION_NOTE_EDGE_NAME(
+ aCallback, "BlobURLProtocolHandler mozilla::dom::DataInfo.mMediaSource");
+ aCallback.NoteXPCOMChild(static_cast<EventTarget*>(res->mMediaSource));
+}
+
+NS_IMPL_ISUPPORTS(BlobURLProtocolHandler, nsIProtocolHandler,
+ nsISupportsWeakReference)
+
+/* static */ nsresult BlobURLProtocolHandler::CreateNewURI(
+ const nsACString& aSpec, const char* aCharset, nsIURI* aBaseURI,
+ nsIURI** aResult) {
+ *aResult = nullptr;
+
+ // This method can be called on any thread, which is why we lock the mutex
+ // for read access to gDataTable.
+ bool revoked = true;
+ {
+ StaticMutexAutoLock lock(sMutex);
+ mozilla::dom::DataInfo* info = GetDataInfo(aSpec);
+ if (info && info->mObjectType == mozilla::dom::DataInfo::eBlobImpl) {
+ revoked = info->mRevoked;
+ }
+ }
+
+ return NS_MutateURI(new BlobURL::Mutator())
+ .SetSpec(aSpec)
+ .Apply(&nsIBlobURLMutator::SetRevoked, revoked)
+ .Finalize(aResult);
+}
+
+NS_IMETHODIMP
+BlobURLProtocolHandler::NewChannel(nsIURI* aURI, nsILoadInfo* aLoadInfo,
+ nsIChannel** aResult) {
+ auto channel = MakeRefPtr<BlobURLChannel>(aURI, aLoadInfo);
+ channel.forget(aResult);
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+BlobURLProtocolHandler::AllowPort(int32_t port, const char* scheme,
+ bool* _retval) {
+ // don't override anything.
+ *_retval = false;
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+BlobURLProtocolHandler::GetScheme(nsACString& result) {
+ result.AssignLiteral(BLOBURI_SCHEME);
+ return NS_OK;
+}
+
+/* static */
+bool BlobURLProtocolHandler::GetBlobURLPrincipal(nsIURI* aURI,
+ nsIPrincipal** aPrincipal) {
+ MOZ_ASSERT(aURI);
+ MOZ_ASSERT(aPrincipal);
+
+ RefPtr<BlobURL> blobURL;
+ nsresult rv =
+ aURI->QueryInterface(kHOSTOBJECTURICID, getter_AddRefs(blobURL));
+ if (NS_FAILED(rv) || !blobURL) {
+ return false;
+ }
+
+ StaticMutexAutoLock lock(sMutex);
+ mozilla::dom::DataInfo* info =
+ GetDataInfoFromURI(aURI, true /*aAlsoIfRevoked */);
+ if (!info || info->mObjectType != mozilla::dom::DataInfo::eBlobImpl ||
+ !info->mBlobImpl) {
+ return false;
+ }
+
+ nsCOMPtr<nsIPrincipal> principal;
+
+ if (blobURL->Revoked()) {
+ principal = NullPrincipal::Create(
+ BasePrincipal::Cast(info->mPrincipal)->OriginAttributesRef());
+ } else {
+ principal = info->mPrincipal;
+ }
+
+ principal.forget(aPrincipal);
+ return true;
+}
+
+bool BlobURLProtocolHandler::IsBlobURLBroadcastPrincipal(
+ nsIPrincipal* aPrincipal) {
+ return aPrincipal->IsSystemPrincipal() ||
+ aPrincipal->GetIsAddonOrExpandedAddonPrincipal();
+}
+
+} // namespace dom
+} // namespace mozilla
+
+nsresult NS_GetBlobForBlobURI(nsIURI* aURI, mozilla::dom::BlobImpl** aBlob) {
+ *aBlob = nullptr;
+ MOZ_ASSERT(NS_IsMainThread(),
+ "without locking gDataTable is main-thread only");
+ mozilla::dom::DataInfo* info =
+ mozilla::dom::GetDataInfoFromURI(aURI, false /* aAlsoIfRevoked */);
+ if (!info || info->mObjectType != mozilla::dom::DataInfo::eBlobImpl) {
+ return NS_ERROR_DOM_BAD_URI;
+ }
+
+ RefPtr<mozilla::dom::BlobImpl> blob = info->mBlobImpl;
+ blob.forget(aBlob);
+ return NS_OK;
+}
+
+nsresult NS_GetBlobForBlobURISpec(const nsACString& aSpec,
+ mozilla::dom::BlobImpl** aBlob,
+ bool aAlsoIfRevoked) {
+ *aBlob = nullptr;
+ MOZ_ASSERT(NS_IsMainThread(),
+ "without locking gDataTable is main-thread only");
+
+ mozilla::dom::DataInfo* info =
+ mozilla::dom::GetDataInfo(aSpec, aAlsoIfRevoked);
+ if (!info || info->mObjectType != mozilla::dom::DataInfo::eBlobImpl ||
+ !info->mBlobImpl) {
+ return NS_ERROR_DOM_BAD_URI;
+ }
+
+ RefPtr<mozilla::dom::BlobImpl> blob = info->mBlobImpl;
+ blob.forget(aBlob);
+ return NS_OK;
+}
+
+nsresult NS_GetSourceForMediaSourceURI(nsIURI* aURI,
+ mozilla::dom::MediaSource** aSource) {
+ *aSource = nullptr;
+
+ MOZ_ASSERT(NS_IsMainThread(),
+ "without locking gDataTable is main-thread only");
+ mozilla::dom::DataInfo* info = mozilla::dom::GetDataInfoFromURI(aURI);
+ if (!info || info->mObjectType != mozilla::dom::DataInfo::eMediaSource) {
+ return NS_ERROR_DOM_BAD_URI;
+ }
+
+ RefPtr<mozilla::dom::MediaSource> mediaSource = info->mMediaSource;
+ mediaSource.forget(aSource);
+ return NS_OK;
+}
+
+namespace mozilla::dom {
+
+bool IsType(nsIURI* aUri, mozilla::dom::DataInfo::ObjectType aType) {
+ // We lock because this may be called off-main-thread
+ StaticMutexAutoLock lock(sMutex);
+ mozilla::dom::DataInfo* info = GetDataInfoFromURI(aUri);
+ if (!info) {
+ return false;
+ }
+
+ return info->mObjectType == aType;
+}
+
+bool IsBlobURI(nsIURI* aUri) {
+ return IsType(aUri, mozilla::dom::DataInfo::eBlobImpl);
+}
+
+bool BlobURLSchemeIsHTTPOrHTTPS(const nsACString& aUri) {
+ return (StringBeginsWith(aUri, "blob:http://"_ns) ||
+ StringBeginsWith(aUri, "blob:https://"_ns));
+}
+
+bool IsMediaSourceURI(nsIURI* aUri) {
+ return IsType(aUri, mozilla::dom::DataInfo::eMediaSource);
+}
+
+} // namespace mozilla::dom
diff --git a/dom/file/uri/BlobURLProtocolHandler.h b/dom/file/uri/BlobURLProtocolHandler.h
new file mode 100644
index 0000000000..abb24f6fc0
--- /dev/null
+++ b/dom/file/uri/BlobURLProtocolHandler.h
@@ -0,0 +1,140 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef mozilla_dom_BlobURLProtocolHandler_h
+#define mozilla_dom_BlobURLProtocolHandler_h
+
+#include "mozilla/Attributes.h"
+#include "nsIProtocolHandler.h"
+#include "nsIURI.h"
+#include "nsCOMPtr.h"
+#include "nsTArray.h"
+#include "nsWeakReference.h"
+#include <functional>
+
+#define BLOBURI_SCHEME "blob"
+
+class nsIPrincipal;
+
+namespace mozilla {
+class BlobURLsReporter;
+class OriginAttributes;
+template <class T>
+class Maybe;
+
+namespace dom {
+
+class BlobImpl;
+class BlobURLRegistrationData;
+class ContentParent;
+class MediaSource;
+
+class BlobURLProtocolHandler final : public nsIProtocolHandler,
+ public nsSupportsWeakReference {
+ public:
+ NS_DECL_ISUPPORTS
+ NS_DECL_NSIPROTOCOLHANDLER
+
+ BlobURLProtocolHandler();
+
+ static nsresult CreateNewURI(const nsACString& aSpec, const char* aCharset,
+ nsIURI* aBaseURI, nsIURI** result);
+
+ // Methods for managing uri->object mapping
+ // AddDataEntry creates the URI with the given scheme and returns it in aUri
+ static nsresult AddDataEntry(BlobImpl*, nsIPrincipal*,
+ const Maybe<nsID>& aAgentClusterId,
+ nsACString& aUri);
+ static nsresult AddDataEntry(MediaSource*, nsIPrincipal*,
+ const Maybe<nsID>& aAgentClusterId,
+ nsACString& aUri);
+ // IPC only
+ static void AddDataEntry(const nsACString& aURI, nsIPrincipal* aPrincipal,
+ const Maybe<nsID>& aAgentClusterId,
+ BlobImpl* aBlobImpl);
+
+ // These methods revoke a blobURL. Because some operations could still be in
+ // progress, the revoking consists in marking the blobURL as revoked and in
+ // removing it after RELEASING_TIMER milliseconds.
+ static void RemoveDataEntry(const nsACString& aUri,
+ bool aBroadcastToOTherProcesses = true);
+ // Returns true if the entry was allowed to be removed.
+ static bool RemoveDataEntry(const nsACString& aUri, nsIPrincipal* aPrincipal,
+ const Maybe<nsID>& aAgentClusterId);
+
+ static void RemoveDataEntries();
+
+ static bool HasDataEntry(const nsACString& aUri);
+
+ static bool GetDataEntry(const nsACString& aUri, BlobImpl** aBlobImpl,
+ nsIPrincipal* aLoadingPrincipal,
+ nsIPrincipal* aTriggeringPrincipal,
+ const OriginAttributes& aOriginAttributes,
+ uint64_t aInnerWindowId,
+ const Maybe<nsID>& aAgentClusterId,
+ bool aAlsoIfRevoked = false);
+
+ static void Traverse(const nsACString& aUri,
+ nsCycleCollectionTraversalCallback& aCallback);
+
+ // Main-thread only method to invoke a helper function that gets called for
+ // every known and recently revoked Blob URL. The helper function should
+ // return true to keep going or false to stop enumerating (presumably because
+ // of an unexpected XPCOM or IPC error). This method returns false if already
+ // shutdown or if the helper method returns false, true otherwise.
+ static bool ForEachBlobURL(
+ std::function<bool(BlobImpl*, nsIPrincipal*, const Maybe<nsID>&,
+ const nsACString&, bool aRevoked)>&& aCb);
+
+ // This method returns false if aURI is not a known BlobURL. Otherwise it
+ // returns true.
+ //
+ // When true is returned, the aPrincipal out param is meaningful. It gets
+ // set to the principal that a channel loaded from the blob would get if
+ // the blob is not already revoked and to a NullPrincipal if the blob is
+ // revoked.
+ //
+ // This means that for a revoked blob URL this method may either return
+ // false or return true and hand out a NullPrincipal in aPrincipal,
+ // depending on whether the "remove it from the hashtable" timer has
+ // fired. See RemoveDataEntry().
+ static bool GetBlobURLPrincipal(nsIURI* aURI, nsIPrincipal** aPrincipal);
+
+ // Check if metadata about Blob URLs created with this principal should be
+ // broadcast into every content process. This is currently the case for
+ // extension blob URLs and system principal blob URLs, as they can be loaded
+ // by system code and content scripts respectively.
+ static bool IsBlobURLBroadcastPrincipal(nsIPrincipal* aPrincipal);
+
+ private:
+ ~BlobURLProtocolHandler();
+
+ static void Init();
+
+ // If principal is not null, its origin will be used to generate the URI.
+ static nsresult GenerateURIString(nsIPrincipal* aPrincipal, nsACString& aUri);
+};
+
+bool IsBlobURI(nsIURI* aUri);
+bool IsMediaSourceURI(nsIURI* aUri);
+
+// Return true if inner scheme of blobURL is http or https, false otherwise.
+bool BlobURLSchemeIsHTTPOrHTTPS(const nsACString& aUri);
+
+} // namespace dom
+} // namespace mozilla
+
+extern nsresult NS_GetBlobForBlobURI(nsIURI* aURI,
+ mozilla::dom::BlobImpl** aBlob);
+
+extern nsresult NS_GetBlobForBlobURISpec(const nsACString& aSpec,
+ mozilla::dom::BlobImpl** aBlob,
+ bool aAlsoIfRevoked = false);
+
+extern nsresult NS_GetSourceForMediaSourceURI(
+ nsIURI* aURI, mozilla::dom::MediaSource** aSource);
+
+#endif /* mozilla_dom_BlobURLProtocolHandler_h */
diff --git a/dom/file/uri/components.conf b/dom/file/uri/components.conf
new file mode 100644
index 0000000000..190a3a6c54
--- /dev/null
+++ b/dom/file/uri/components.conf
@@ -0,0 +1,24 @@
+# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
+# vim: set filetype=python:
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+Classes = [
+ {
+ 'cid': '{b43964aa-a078-44b2-b06b-fd4d1b172e66}',
+ 'contract_ids': ['@mozilla.org/network/protocol;1?name=blob'],
+ 'type': 'mozilla::dom::BlobURLProtocolHandler',
+ 'headers': ['mozilla/dom/BlobURLProtocolHandler.h'],
+ 'protocol_config': {
+ 'scheme': 'blob',
+ 'flags': [
+ 'URI_NORELATIVE',
+ 'URI_NOAUTH',
+ 'URI_LOADABLE_BY_SUBSUMERS',
+ 'URI_NON_PERSISTABLE',
+ 'URI_IS_LOCAL_RESOURCE',
+ ],
+ },
+ },
+]
diff --git a/dom/file/uri/moz.build b/dom/file/uri/moz.build
new file mode 100644
index 0000000000..a1c4aed54c
--- /dev/null
+++ b/dom/file/uri/moz.build
@@ -0,0 +1,34 @@
+# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*-
+# vim: set filetype=python:
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+with Files("**"):
+ BUG_COMPONENT = ("Core", "DOM: File")
+
+EXPORTS.mozilla.dom += [
+ "BlobURL.h",
+ "BlobURLInputStream.h",
+ "BlobURLProtocolHandler.h",
+]
+
+UNIFIED_SOURCES += [
+ "BlobURL.cpp",
+ "BlobURLChannel.cpp",
+ "BlobURLInputStream.cpp",
+ "BlobURLProtocolHandler.cpp",
+]
+
+XPCOM_MANIFESTS += [
+ "components.conf",
+]
+
+LOCAL_INCLUDES += [
+ "/dom/file",
+ "/netwerk/base",
+]
+
+include("/ipc/chromium/chromium-config.mozbuild")
+
+FINAL_LIBRARY = "xul"