Bug 1201904 - Force windowless mode for Flash when sandbox level >= 2. r=bsmedberg
--- a/dom/plugins/ipc/PluginModuleParent.cpp
+++ b/dom/plugins/ipc/PluginModuleParent.cpp
@@ -666,16 +666,17 @@ PluginModuleParent::PluginModuleParent(b
, mShutdown(false)
, mHadLocalInstance(false)
, mClearSiteDataSupported(false)
, mGetSitesWithDataSupported(false)
, mNPNIface(nullptr)
, mNPPIface(nullptr)
, mPlugin(nullptr)
, mTaskFactory(this)
+ , mSandboxLevel(0)
, mIsFlashPlugin(false)
, mIsStartingAsync(false)
, mNPInitialized(false)
, mIsNPShutdownPending(false)
, mAsyncNewRv(NS_ERROR_NOT_INITIALIZED)
{
#if defined(XP_WIN) || defined(XP_MACOSX) || defined(MOZ_WIDGET_GTK)
mIsStartingAsync = aAllowAsyncInit &&
@@ -728,17 +729,16 @@ PluginModuleChromeParent::PluginModuleCh
, mChromeTaskFactory(this)
, mHangAnnotationFlags(0)
, mHangAnnotatorMutex("PluginModuleChromeParent::mHangAnnotatorMutex")
#ifdef XP_WIN
, mPluginCpuUsageOnHang()
, mHangUIParent(nullptr)
, mHangUIEnabled(true)
, mIsTimerReset(true)
- , mSandboxLevel(aSandboxLevel)
#ifdef MOZ_CRASHREPORTER
, mCrashReporterMutex("PluginModuleChromeParent::mCrashReporterMutex")
, mCrashReporter(nullptr)
#endif
#endif
#ifdef MOZ_CRASHREPORTER_INJECTOR
, mFlashProcess1(0)
, mFlashProcess2(0)
@@ -746,16 +746,17 @@ PluginModuleChromeParent::PluginModuleCh
#endif
, mInitOnAsyncConnect(false)
, mAsyncInitRv(NS_ERROR_NOT_INITIALIZED)
, mAsyncInitError(NPERR_NO_ERROR)
, mContentParent(nullptr)
{
NS_ASSERTION(mSubprocess, "Out of memory!");
sInstantiated = true;
+ mSandboxLevel = aSandboxLevel;
mRunID = GeckoChildProcessHost::GetUniqueID();
#ifdef MOZ_ENABLE_PROFILER_SPS
InitPluginProfiling();
#endif
mozilla::HangMonitor::RegisterAnnotator(*this);
}
@@ -2661,16 +2662,33 @@ PluginModuleParent::NPP_NewInternal(NPMI
}
nsDependentCString strPluginType(pluginType);
PluginInstanceParent* parentInstance =
new PluginInstanceParent(this, instance, strPluginType, mNPNIface);
if (mIsFlashPlugin) {
parentInstance->InitMetadata(strPluginType, srcAttribute);
+#ifdef XP_WIN
+ // Force windowless mode (bug 1201904) when sandbox level >= 2
+ if (mSandboxLevel >= 2) {
+ NS_NAMED_LITERAL_CSTRING(wmodeAttributeName, "wmode");
+ NS_NAMED_LITERAL_CSTRING(opaqueAttributeValue, "opaque");
+ auto wmodeAttributeIndex =
+ names.IndexOf(wmodeAttributeName, 0, comparator);
+ if (wmodeAttributeIndex != names.NoIndex) {
+ if (!values[wmodeAttributeIndex].EqualsLiteral("transparent")) {
+ values[wmodeAttributeIndex].Assign(opaqueAttributeValue);
+ }
+ } else {
+ names.AppendElement(wmodeAttributeName);
+ values.AppendElement(opaqueAttributeValue);
+ }
+ }
+#endif
}
// Release the surrogate reference that was in pdata
RefPtr<PluginAsyncSurrogate> surrogate(
dont_AddRef(PluginAsyncSurrogate::Cast(instance)));
// Now replace it with the instance
instance->pdata = static_cast<PluginDataResolver*>(parentInstance);
--- a/dom/plugins/ipc/PluginModuleParent.h
+++ b/dom/plugins/ipc/PluginModuleParent.h
@@ -320,16 +320,17 @@ protected:
TaskFactory<PluginModuleParent> mTaskFactory;
nsString mPluginDumpID;
nsString mBrowserDumpID;
nsString mHangID;
RefPtr<nsIObserver> mProfilerObserver;
TimeDuration mTimeBlocked;
nsCString mPluginName;
nsCString mPluginVersion;
+ int32_t mSandboxLevel;
bool mIsFlashPlugin;
#ifdef MOZ_X11
// Dup of plugin's X socket, used to scope its resources to this
// object instead of the plugin process's lifetime
ScopedClose mPluginXSocketFdDup;
#endif
@@ -543,17 +544,16 @@ private:
Atomic<uint32_t> mHangAnnotationFlags;
mozilla::Mutex mHangAnnotatorMutex;
InfallibleTArray<mozilla::ipc::IProtocol*> mProtocolCallStack;
#ifdef XP_WIN
InfallibleTArray<float> mPluginCpuUsageOnHang;
PluginHangUIParent *mHangUIParent;
bool mHangUIEnabled;
bool mIsTimerReset;
- int32_t mSandboxLevel;
#ifdef MOZ_CRASHREPORTER
/**
* This mutex protects the crash reporter when the Plugin Hang UI event
* handler is executing off main thread. It is intended to protect both
* the mCrashReporter variable in addition to the CrashReporterParent object
* that mCrashReporter refers to.
*/
mozilla::Mutex mCrashReporterMutex;