Mercurial > mozreview > gecko / changeset / 0bb35e84038dce82d7e0a2db1259c9fc2fb65d48
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1354633 - When privacy.resistFingerprinting = true, MediaError.message can only get whitelisted messages draft
authorChung-Sheng Fu <cfu@mozilla.com>
Fri, 04 Aug 2017 18:46:26 +0800
changeset 656498 0bb35e84038dce82d7e0a2db1259c9fc2fb65d48
parent 656346 04b6be50a2526c7a26a63715f441c47e1aa1f9be
child 656499 8dc340416da25593e65c9b6bd558a90da85eea67
child 657105 9090ef2ad54b904a723002069d7957fabe6c896f
push id77249
push userbmo:cfu@mozilla.com
push dateThu, 31 Aug 2017 09:30:25 +0000
bugs1354633
milestone57.0a1
Bug 1354633 - When privacy.resistFingerprinting = true, MediaError.message can only get whitelisted messages MozReview-Commit-ID: mYBftzcZT5
dom/html/MediaError.cpp file | annotate | diff | comparison | revisions 
--- a/dom/html/MediaError.cpp
+++ b/dom/html/MediaError.cpp
@@ -1,17 +1,24 @@
 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "mozilla/dom/MediaError.h"
+
+#include <string>
+#include <unordered_set>
+
 #include "nsDOMClassInfoID.h"
 #include "mozilla/dom/MediaErrorBinding.h"
+#include "nsContentUtils.h"
+#include "nsIScriptError.h"
+#include "jsapi.h"
 
 namespace mozilla {
 namespace dom {
 
 NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(MediaError, mParent)
 NS_IMPL_CYCLE_COLLECTING_ADDREF(MediaError)
 NS_IMPL_CYCLE_COLLECTING_RELEASE(MediaError)
 
@@ -26,16 +33,60 @@ MediaError::MediaError(HTMLMediaElement*
   , mCode(aCode)
   , mMessage(aMessage)
 {
 }
 
 void
 MediaError::GetMessage(nsAString& aResult) const
 {
+  // When fingerprinting resistance is enabled, only messages in this list
+  // can be returned to content script.
+  static const std::unordered_set<std::string> whitelist = {
+    "404: Not Found"
+    // TODO
+  };
+
+  bool shouldBlank = (whitelist.find(mMessage.get()) == whitelist.end());
+
+  if (shouldBlank) {
+    // Print a warning message to JavaScript console to alert developers of
+    // a non-whitelisted error message.
+    nsAutoCString message =
+      NS_LITERAL_CSTRING(
+        "This error message will be blank when privacy.resistFingerprinting = true."
+        "  If it is really necessary, please add it to the whitelist in"
+        " MediaError::GetMessage: ") +
+      mMessage;
+    nsIDocument* ownerDoc = mParent->OwnerDoc();
+    AutoJSAPI api;
+    if (api.Init(ownerDoc->GetScopeObject())) {
+      // We prefer this API because it can also print to our debug log and
+      // try server's log viewer.
+      JS_ReportWarningASCII(api.cx(), "%s", message.get());
+    } else {
+      // If failed to use JS_ReportWarningASCII, fall back to
+      // nsContentUtils::ReportToConsoleNonLocalized, which can only print to
+      // JavaScript console.
+      nsContentUtils::ReportToConsoleNonLocalized(
+        NS_ConvertASCIItoUTF16(message),
+        nsIScriptError::warningFlag,
+        NS_LITERAL_CSTRING("MediaError"),
+        ownerDoc
+      );
+    }
+  }
+
+  if (!nsContentUtils::IsCallerChrome() &&
+      nsContentUtils::ShouldResistFingerprinting() &&
+      shouldBlank) {
+    aResult.Truncate();
+    return;
+  }
+
   CopyUTF8toUTF16(mMessage, aResult);
 }
 
 JSObject*
 MediaError::WrapObject(JSContext* aCx, JS::Handle<JSObject*> aGivenProto)
 {
   return MediaErrorBinding::Wrap(aCx, this, aGivenProto);
 }
gecko
Deployed from 4e825768105f at 2024-04-08T16:23:59Z.