Bug 1325501 - Adds ServiceRequest as a drop-in replacement for XHR, which uses conservative TLS settings r=Mossop
MozReview-Commit-ID: 5937m90Q948
new file mode 100644
--- /dev/null
+++ b/toolkit/modules/ServiceRequest.jsm
@@ -0,0 +1,49 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+"use strict";
+
+const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components;
+
+/**
+ * This module consolidates various code and data update requests, so flags
+ * can be set, Telemetry collected, etc. in a central place.
+ */
+
+Cu.import("resource://gre/modules/Log.jsm");
+Cu.importGlobalProperties(["XMLHttpRequest"]);
+
+this.EXPORTED_SYMBOLS = [ "ServiceRequest" ];
+
+const logger = Log.repository.getLogger("ServiceRequest");
+logger.level = Log.Level.Debug;
+logger.addAppender(new Log.ConsoleAppender(new Log.BasicFormatter()));
+
+/**
+ * ServiceRequest is intended to be a drop-in replacement for current users
+ * of XMLHttpRequest.
+ *
+ * @param {Object} options - Options for underlying XHR, e.g. { mozAnon: bool }
+ */
+class ServiceRequest extends XMLHttpRequest {
+ constructor(options) {
+ super(options);
+ }
+ /**
+ * Opens an XMLHttpRequest, and sets the NSS "beConservative" flag.
+ * Requests are always async.
+ *
+ * @param {String} method - HTTP method to use, e.g. "GET".
+ * @param {String} url - URL to open.
+ * @param {Object} options - Additional options (reserved for future use).
+ */
+ open(method, url, options) {
+ super.open(method, url, true);
+
+ // Disable cutting edge features, like TLS 1.3, where middleboxes might brick us
+ if (super.channel instanceof Ci.nsIHttpChannelInternal) {
+ super.channel.QueryInterface(Ci.nsIHttpChannelInternal).beConservative = true;
+ }
+ }
+}
--- a/toolkit/modules/moz.build
+++ b/toolkit/modules/moz.build
@@ -77,16 +77,17 @@ EXTRA_JS_MODULES += [
'RemotePageManager.jsm',
'RemoteSecurityUI.jsm',
'RemoteWebProgress.jsm',
'ResetProfile.jsm',
'secondscreen/RokuApp.jsm',
'secondscreen/SimpleServiceDiscovery.jsm',
'SelectContentHelper.jsm',
'SelectParentHelper.jsm',
+ 'ServiceRequest.jsm',
'Services.jsm',
'SessionRecorder.jsm',
'sessionstore/FormData.jsm',
'sessionstore/ScrollPosition.jsm',
'sessionstore/XPathGenerator.jsm',
'ShortcutUtils.jsm',
'Sntp.jsm',
'SpatialNavigation.jsm',
new file mode 100644
--- /dev/null
+++ b/toolkit/modules/tests/xpcshell/test_servicerequest_xhr.js
@@ -0,0 +1,25 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+var {classes: Cc, interfaces: Ci, utils: Cu} = Components;
+
+Cu.import("resource://gre/modules/ServiceRequest.jsm");
+
+add_task(function* test_tls_conservative() {
+ const request = new ServiceRequest();
+ request.open("GET", "http://example.com", false);
+
+ const sr_channel = request.channel.QueryInterface(Ci.nsIHttpChannelInternal);
+ ok(("beConservative" in sr_channel), "TLS setting is present in SR channel");
+ ok(sr_channel.beConservative, "TLS setting in request channel is set to conservative for SR");
+
+ const xhr = new XMLHttpRequest();
+ xhr.open("GET", "http://example.com", false);
+
+ const xhr_channel = xhr.channel.QueryInterface(Ci.nsIHttpChannelInternal);
+ ok(("beConservative" in xhr_channel), "TLS setting is present in XHR channel");
+ ok(!xhr_channel.beConservative, "TLS setting in request channel is not set to conservative for XHR");
+
+});
--- a/toolkit/modules/tests/xpcshell/xpcshell.ini
+++ b/toolkit/modules/tests/xpcshell/xpcshell.ini
@@ -69,8 +69,9 @@ skip-if = toolkit == 'android'
skip-if = !updater
reason = LOCALE is not defined without MOZ_UPDATER
[test_UpdateUtils_updatechannel.js]
[test_web_channel.js]
[test_web_channel_broker.js]
[test_ZipUtils.js]
skip-if = toolkit == 'android'
[test_Log_stackTrace.js]
+[test_servicerequest_xhr.js]