diff options
Diffstat (limited to 'browser/components/about')
-rw-r--r-- | browser/components/about/AboutRedirector.cpp | 309 | ||||
-rw-r--r-- | browser/components/about/AboutRedirector.h | 30 | ||||
-rw-r--r-- | browser/components/about/components.conf | 49 | ||||
-rw-r--r-- | browser/components/about/moz.build | 32 | ||||
-rw-r--r-- | browser/components/about/test/unit/test_getURIFlags.js | 14 | ||||
-rw-r--r-- | browser/components/about/test/unit/xpcshell.toml | 7 |
6 files changed, 441 insertions, 0 deletions
diff --git a/browser/components/about/AboutRedirector.cpp b/browser/components/about/AboutRedirector.cpp new file mode 100644 index 0000000000..6f01344014 --- /dev/null +++ b/browser/components/about/AboutRedirector.cpp @@ -0,0 +1,309 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// See also: docshell/base/nsAboutRedirector.cpp + +#include "AboutRedirector.h" +#include "nsNetUtil.h" +#include "nsIAboutNewTabService.h" +#include "nsIChannel.h" +#include "nsIURI.h" +#include "nsIProtocolHandler.h" +#include "nsServiceManagerUtils.h" +#include "mozilla/StaticPrefs_browser.h" +#include "mozilla/dom/ContentChild.h" + +namespace mozilla { +namespace browser { + +NS_IMPL_ISUPPORTS(AboutRedirector, nsIAboutModule) + +static const uint32_t ACTIVITY_STREAM_FLAGS = + nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::ENABLE_INDEXED_DB | + nsIAboutModule::URI_MUST_LOAD_IN_CHILD | + nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS | + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT; + +struct RedirEntry { + const char* id; + const char* url; + uint32_t flags; +}; + +/* + Entries which do not have URI_SAFE_FOR_UNTRUSTED_CONTENT will run with chrome + privileges. This is potentially dangerous. Please use + URI_SAFE_FOR_UNTRUSTED_CONTENT in the third argument to each map item below + unless your about: page really needs chrome privileges. Security review is + required before adding new map entries without + URI_SAFE_FOR_UNTRUSTED_CONTENT. + + NOTE: changes to this redir map need to be accompanied with changes to + browser/components/about/components.conf +*/ +static const RedirEntry kRedirMap[] = { + {"asrouter", "chrome://browser/content/asrouter/asrouter-admin.html", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS | + nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | + nsIAboutModule::HIDE_FROM_ABOUTABOUT}, + {"blocked", "chrome://browser/content/blockedSite.xhtml", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::URI_CAN_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | + nsIAboutModule::HIDE_FROM_ABOUTABOUT}, + {"certerror", "chrome://global/content/aboutNetError.html", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::URI_CAN_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | + nsIAboutModule::HIDE_FROM_ABOUTABOUT}, + {"unloads", "chrome://browser/content/tabunloader/aboutUnloads.html", + nsIAboutModule::ALLOW_SCRIPT}, + {"framecrashed", "chrome://browser/content/aboutFrameCrashed.html", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::URI_CAN_LOAD_IN_CHILD | + nsIAboutModule::HIDE_FROM_ABOUTABOUT}, + {"logins", "chrome://browser/content/aboutlogins/aboutLogins.html", + nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::URI_MUST_LOAD_IN_CHILD | + nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS | + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::IS_SECURE_CHROME_UI}, + {"loginsimportreport", + "chrome://browser/content/aboutlogins/aboutLoginsImportReport.html", + nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::URI_MUST_LOAD_IN_CHILD | + nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS | + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::IS_SECURE_CHROME_UI}, + {"firefoxview", "chrome://browser/content/firefoxview/firefoxview.html", + nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::IS_SECURE_CHROME_UI | + nsIAboutModule::HIDE_FROM_ABOUTABOUT}, + {"policies", "chrome://browser/content/policies/aboutPolicies.html", + nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::IS_SECURE_CHROME_UI}, + {"privatebrowsing", "chrome://browser/content/aboutPrivateBrowsing.html", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | + nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS}, + {"profiling", + "chrome://devtools/content/performance-new/aboutprofiling/index.xhtml", + nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::IS_SECURE_CHROME_UI}, + {"rights", "chrome://global/content/aboutRights.xhtml", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::IS_SECURE_CHROME_UI}, + {"robots", "chrome://browser/content/aboutRobots.xhtml", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::ALLOW_SCRIPT}, + {"sessionrestore", "chrome://browser/content/aboutSessionRestore.xhtml", + nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT | + nsIAboutModule::IS_SECURE_CHROME_UI}, + {"shoppingsidebar", "chrome://browser/content/shopping/shopping.html", + nsIAboutModule::URI_MUST_LOAD_IN_CHILD | + nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS | + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT | + nsIAboutModule::IS_SECURE_CHROME_UI}, + {"tabcrashed", "chrome://browser/content/aboutTabCrashed.xhtml", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, + {"welcomeback", "chrome://browser/content/aboutWelcomeBack.xhtml", + nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT | + nsIAboutModule::IS_SECURE_CHROME_UI}, + // Actual activity stream URL for home and newtab are set in channel + // creation + {"home", "about:blank", ACTIVITY_STREAM_FLAGS}, + {"newtab", "chrome://browser/content/blanktab.html", ACTIVITY_STREAM_FLAGS}, + {"welcome", "about:blank", + nsIAboutModule::URI_MUST_LOAD_IN_CHILD | + nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS | + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::ALLOW_SCRIPT}, + {"messagepreview", + "chrome://browser/content/messagepreview/messagepreview.html", + nsIAboutModule::URI_MUST_LOAD_IN_CHILD | + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, + {"pocket-saved", "chrome://pocket/content/panels/saved.html", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | + nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS | + nsIAboutModule::HIDE_FROM_ABOUTABOUT}, + {"pocket-signup", "chrome://pocket/content/panels/signup.html", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | + nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS | + nsIAboutModule::HIDE_FROM_ABOUTABOUT}, + {"pocket-home", "chrome://pocket/content/panels/home.html", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | + nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS | + nsIAboutModule::HIDE_FROM_ABOUTABOUT}, + {"pocket-style-guide", "chrome://pocket/content/panels/style-guide.html", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | + nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS | + nsIAboutModule::HIDE_FROM_ABOUTABOUT}, + {"preferences", "chrome://browser/content/preferences/preferences.xhtml", + nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::IS_SECURE_CHROME_UI}, + {"downloads", + "chrome://browser/content/downloads/contentAreaDownloadsView.xhtml", + nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::IS_SECURE_CHROME_UI}, + {"reader", "chrome://global/content/reader/aboutReader.html", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::URI_MUST_LOAD_IN_CHILD | + nsIAboutModule::HIDE_FROM_ABOUTABOUT}, + {"restartrequired", "chrome://browser/content/aboutRestartRequired.xhtml", + nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT}, + {"protections", "chrome://browser/content/protections.html", + nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT | + nsIAboutModule::URI_MUST_LOAD_IN_CHILD | nsIAboutModule::ALLOW_SCRIPT | + nsIAboutModule::URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS | + nsIAboutModule::IS_SECURE_CHROME_UI}, + {"ion", "chrome://browser/content/ion.html", + nsIAboutModule::ALLOW_SCRIPT | nsIAboutModule::HIDE_FROM_ABOUTABOUT | + nsIAboutModule::IS_SECURE_CHROME_UI}, +}; + +static nsAutoCString GetAboutModuleName(nsIURI* aURI) { + nsAutoCString path; + aURI->GetPathQueryRef(path); + + int32_t f = path.FindChar('#'); + if (f >= 0) path.SetLength(f); + + f = path.FindChar('?'); + if (f >= 0) path.SetLength(f); + + ToLowerCase(path); + return path; +} + +NS_IMETHODIMP +AboutRedirector::NewChannel(nsIURI* aURI, nsILoadInfo* aLoadInfo, + nsIChannel** result) { + NS_ENSURE_ARG_POINTER(aURI); + NS_ENSURE_ARG_POINTER(aLoadInfo); + + NS_ASSERTION(result, "must not be null"); + + nsAutoCString path = GetAboutModuleName(aURI); + + nsresult rv; + nsCOMPtr<nsIIOService> ioService = do_GetIOService(&rv); + NS_ENSURE_SUCCESS(rv, rv); + + // If we're accessing about:home in the "privileged about content + // process", then we give the nsIAboutNewTabService the responsibility + // to return the nsIChannel, since it might be from the about:home + // startup cache. + if (XRE_IsContentProcess() && path.EqualsLiteral("home")) { + auto& remoteType = dom::ContentChild::GetSingleton()->GetRemoteType(); + if (remoteType == PRIVILEGEDABOUT_REMOTE_TYPE) { + nsCOMPtr<nsIAboutNewTabService> aboutNewTabService = + do_GetService("@mozilla.org/browser/aboutnewtab-service;1", &rv); + NS_ENSURE_SUCCESS(rv, rv); + + return aboutNewTabService->AboutHomeChannel(aURI, aLoadInfo, result); + } + } + + for (auto& redir : kRedirMap) { + if (!strcmp(path.get(), redir.id)) { + nsAutoCString url; + + // Let the aboutNewTabService decide where to redirect for about:home and + // enabled about:newtab. Disabled about:newtab page uses fallback. + if (path.EqualsLiteral("home") || + (StaticPrefs::browser_newtabpage_enabled() && + path.EqualsLiteral("newtab"))) { + nsCOMPtr<nsIAboutNewTabService> aboutNewTabService = + do_GetService("@mozilla.org/browser/aboutnewtab-service;1", &rv); + NS_ENSURE_SUCCESS(rv, rv); + rv = aboutNewTabService->GetDefaultURL(url); + NS_ENSURE_SUCCESS(rv, rv); + } + + if (path.EqualsLiteral("welcome")) { + nsCOMPtr<nsIAboutNewTabService> aboutNewTabService = + do_GetService("@mozilla.org/browser/aboutnewtab-service;1", &rv); + NS_ENSURE_SUCCESS(rv, rv); + rv = aboutNewTabService->GetWelcomeURL(url); + NS_ENSURE_SUCCESS(rv, rv); + } + + // fall back to the specified url in the map + if (url.IsEmpty()) { + url.AssignASCII(redir.url); + } + + nsCOMPtr<nsIChannel> tempChannel; + nsCOMPtr<nsIURI> tempURI; + rv = NS_NewURI(getter_AddRefs(tempURI), url); + NS_ENSURE_SUCCESS(rv, rv); + + // If tempURI links to an external URI (i.e. something other than + // chrome:// or resource://) then set the result principal URI on the + // load info which forces the channel prncipal to reflect the displayed + // URL rather then being the systemPrincipal. + bool isUIResource = false; + rv = NS_URIChainHasFlags(tempURI, nsIProtocolHandler::URI_IS_UI_RESOURCE, + &isUIResource); + NS_ENSURE_SUCCESS(rv, rv); + + rv = NS_NewChannelInternal(getter_AddRefs(tempChannel), tempURI, + aLoadInfo); + NS_ENSURE_SUCCESS(rv, rv); + + if (!isUIResource) { + aLoadInfo->SetResultPrincipalURI(tempURI); + } + tempChannel->SetOriginalURI(aURI); + + NS_ADDREF(*result = tempChannel); + return rv; + } + } + + return NS_ERROR_ILLEGAL_VALUE; +} + +NS_IMETHODIMP +AboutRedirector::GetURIFlags(nsIURI* aURI, uint32_t* result) { + NS_ENSURE_ARG_POINTER(aURI); + + nsAutoCString name = GetAboutModuleName(aURI); + + for (auto& redir : kRedirMap) { + if (name.Equals(redir.id)) { + *result = redir.flags; + return NS_OK; + } + } + + return NS_ERROR_ILLEGAL_VALUE; +} + +NS_IMETHODIMP +AboutRedirector::GetChromeURI(nsIURI* aURI, nsIURI** chromeURI) { + NS_ENSURE_ARG_POINTER(aURI); + + nsAutoCString name = GetAboutModuleName(aURI); + + for (const auto& redir : kRedirMap) { + if (name.Equals(redir.id)) { + return NS_NewURI(chromeURI, redir.url); + } + } + + return NS_ERROR_ILLEGAL_VALUE; +} + +nsresult AboutRedirector::Create(REFNSIID aIID, void** result) { + AboutRedirector* about = new AboutRedirector(); + if (about == nullptr) return NS_ERROR_OUT_OF_MEMORY; + NS_ADDREF(about); + nsresult rv = about->QueryInterface(aIID, result); + NS_RELEASE(about); + return rv; +} + +} // namespace browser +} // namespace mozilla diff --git a/browser/components/about/AboutRedirector.h b/browser/components/about/AboutRedirector.h new file mode 100644 index 0000000000..87addd2671 --- /dev/null +++ b/browser/components/about/AboutRedirector.h @@ -0,0 +1,30 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef AboutRedirector_h__ +#define AboutRedirector_h__ + +#include "nsIAboutModule.h" + +namespace mozilla { +namespace browser { + +class AboutRedirector : public nsIAboutModule { + public: + NS_DECL_ISUPPORTS + NS_DECL_NSIABOUTMODULE + + AboutRedirector() {} + + static nsresult Create(REFNSIID aIID, void** aResult); + + protected: + virtual ~AboutRedirector() {} +}; + +} // namespace browser +} // namespace mozilla + +#endif // AboutRedirector_h__ diff --git a/browser/components/about/components.conf b/browser/components/about/components.conf new file mode 100644 index 0000000000..c03994b11c --- /dev/null +++ b/browser/components/about/components.conf @@ -0,0 +1,49 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +pages = [ + 'asrouter', + 'blocked', + 'certerror', + 'downloads', + 'framecrashed', + 'home', + 'logins', + 'loginsimportreport', + 'firefoxview', + 'messagepreview', + 'newtab', + 'ion', + 'pocket-home', + 'pocket-saved', + 'pocket-signup', + 'pocket-style-guide', + 'policies', + 'preferences', + 'privatebrowsing', + 'protections', + 'profiling', + 'reader', + 'restartrequired', + 'rights', + 'robots', + 'sessionrestore', + 'shoppingsidebar', + 'tabcrashed', + 'unloads', + 'welcome', + 'welcomeback', +] + +Classes = [ + { + 'cid': '{7e4bb6ad-2fc4-4dc6-89ef-23e8e5ccf980}', + 'contract_ids': ['@mozilla.org/network/protocol/about;1?what=%s' % page + for page in pages], + 'legacy_constructor': 'mozilla::browser::AboutRedirector::Create', + 'headers': ['/browser/components/about/AboutRedirector.h'], + }, +] diff --git a/browser/components/about/moz.build b/browser/components/about/moz.build new file mode 100644 index 0000000000..994f084510 --- /dev/null +++ b/browser/components/about/moz.build @@ -0,0 +1,32 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +with Files("**"): + BUG_COMPONENT = ("Firefox", "General") + +EXPORTS.mozilla.browser += [ + "AboutRedirector.h", +] + +XPCSHELL_TESTS_MANIFESTS += ["test/unit/xpcshell.toml"] + +SOURCES += [ + "AboutRedirector.cpp", +] + +XPCOM_MANIFESTS += [ + "components.conf", +] + +FINAL_LIBRARY = "browsercomps" + +LOCAL_INCLUDES += [ + "../build", + "/dom/base", + "/ipc/chromium/src", +] + +include("/ipc/chromium/chromium-config.mozbuild") diff --git a/browser/components/about/test/unit/test_getURIFlags.js b/browser/components/about/test/unit/test_getURIFlags.js new file mode 100644 index 0000000000..09846b8122 --- /dev/null +++ b/browser/components/about/test/unit/test_getURIFlags.js @@ -0,0 +1,14 @@ +const contract = "@mozilla.org/network/protocol/about;1?what=newtab"; +const am = Cc[contract].getService(Ci.nsIAboutModule); +const uri = Services.io.newURI("about:newtab"); + +function run_test() { + test_AS_enabled_flags(); +} + +// Activity Stream, however, is e10s-capable, and should advertise it. +function test_AS_enabled_flags() { + let flags = am.getURIFlags(uri); + + ok(flags & Ci.nsIAboutModule.URI_MUST_LOAD_IN_CHILD); +} diff --git a/browser/components/about/test/unit/xpcshell.toml b/browser/components/about/test/unit/xpcshell.toml new file mode 100644 index 0000000000..c71e0f2449 --- /dev/null +++ b/browser/components/about/test/unit/xpcshell.toml @@ -0,0 +1,7 @@ +[DEFAULT] +skip-if = ["os == 'android'"] # bug 1730213 +head = '' +# make the firefox services (eg newtab-service) available to xpcshell +firefox-appdir = "browser" + +["test_getURIFlags.js"] |