Bug 1443942 - Block mid-flight redirects to cross origin destinations during media loads. r=jya
There's no compelling use case for mid-flight redirects, and Chrome
already blocks it, so there's little point in maintaining it.
Add a hidden pref to toggle blocking, so we can toggle it off during
testing to ensure that we're blocking a working mid-flight redirect.
MozReview-Commit-ID: EnGNmYFr8Uv
--- a/dom/media/ChannelMediaDecoder.cpp
+++ b/dom/media/ChannelMediaDecoder.cpp
@@ -162,19 +162,19 @@ ChannelMediaDecoder::NotifyPrincipalChan
// We'll receive one notification when the channel's initial principal
// is known, after all HTTP redirects have resolved. This isn't really a
// principal change, so return here to avoid the mSameOriginMedia check
// below.
mInitialChannelPrincipalKnown = true;
return;
}
if (!mSameOriginMedia &&
- DecoderTraits::CrossOriginRedirectsProhibited(ContainerType())) {
- // For some content types we block mid-flight channel redirects to cross
- // origin destinations due to security constraints. See bug 1441153.
+ Preferences::GetBool("media.block-midflight-redirects", true)) {
+ // Block mid-flight redirects to non CORS same origin destinations.
+ // See bugs 1441153, 1443942.
LOG("ChannnelMediaDecoder prohibited cross origin redirect blocked.");
NetworkError(MediaResult(NS_ERROR_DOM_BAD_URI,
"Prohibited cross origin redirect blocked"));
}
}
void
ChannelMediaDecoder::ResourceCallback::NotifySuspendedStatusChanged(
--- a/dom/media/ChannelMediaResource.cpp
+++ b/dom/media/ChannelMediaResource.cpp
@@ -280,16 +280,21 @@ ChannelMediaResource::OnStartRequest(nsI
// Not an HTTP channel. Assume data will be sent from position zero.
startOffset = 0;
}
// Update principals before OnDataAvailable() putting the data in the cache.
// This is important, we want to make sure all principals are updated before
// any consumer can see the new data.
UpdatePrincipal();
+ if (owner->HasError()) {
+ // Updating the principal resulted in an error. Abort the load.
+ CloseChannel();
+ return NS_OK;
+ }
mCacheStream.NotifyDataStarted(mLoadID, startOffset, seekable, length);
mIsTransportSeekable = seekable;
mSuspendAgent.Delegate(mChannel);
// Fires an initial progress event.
owner->DownloadProgressed();
--- a/dom/media/DecoderTraits.cpp
+++ b/dom/media/DecoderTraits.cpp
@@ -320,16 +320,9 @@ bool DecoderTraits::IsSupportedInVideoDo
ADTSDecoder::IsSupportedType(*type) ||
FlacDecoder::IsSupportedType(*type) ||
#ifdef MOZ_ANDROID_HLS_SUPPORT
HLSDecoder::IsSupportedType(*type) ||
#endif
false;
}
-/* static */
-bool
-DecoderTraits::CrossOriginRedirectsProhibited(const MediaContainerType& aType)
-{
- return WaveDecoder::IsSupportedType(aType);
-}
-
} // namespace mozilla
--- a/dom/media/DecoderTraits.h
+++ b/dom/media/DecoderTraits.h
@@ -52,18 +52,14 @@ public:
// Returns true if aType is MIME type of hls.
static bool IsHttpLiveStreamingType(const MediaContainerType& aType);
// Returns true if aType is matroska type.
static bool IsMatroskaType(const MediaContainerType& aType);
static bool IsSupportedType(const MediaContainerType& aType);
-
- // For some content types we block channel redirects to cross origin
- // destinations due to security constraints. See bug 1441153.
- static bool CrossOriginRedirectsProhibited(const MediaContainerType& aType);
};
} // namespace mozilla
#endif
--- a/dom/media/MediaPrefs.h
+++ b/dom/media/MediaPrefs.h
@@ -192,16 +192,17 @@ private:
// resume background video decoding when the cursor is hovering over the tab.
DECL_MEDIA_PREF("media.resume-bkgnd-video-on-tabhover", ResumeVideoDecodingOnTabHover, bool, false);
DECL_MEDIA_PREF("media.videocontrols.lock-video-orientation", VideoOrientationLockEnabled, bool, false);
// Media Seamless Looping
DECL_MEDIA_PREF("media.seamless-looping", SeamlessLooping, bool, true);
+
public:
// Manage the singleton:
static MediaPrefs& GetSingleton();
static bool SingletonExists();
private:
template<class T> friend class StaticAutoPtr;
static StaticAutoPtr<MediaPrefs> sInstance;