[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [Git][tpo/applications/mullvad-browser][mullvad-browser-128.1.0esr-14.0-1] 2 commits: Bug 1899180. If a channel is not nsIPrivateBrowsingChannel and has no load...

Title: GitLab

ma1 pushed to branch mullvad-browser-128.1.0esr-14.0-1 at The Tor Project / Applications / Mullvad Browser

Commits:

  • 94473f85
    by Timothy Nikkel at 2024-08-06T15:59:27+02:00 
    Bug 1899180. If a channel is not nsIPrivateBrowsingChannel and has no load context, use the private browsing field from it's origin attributes. r=necko-reviewers,anti-tracking-reviewers,valentin

If the channel is not a nsIPrivateBrowsingChannel, and it also has no load context (eg inside svg images) then we will over write a non-zero mPrivateBrowsingId on the OriginAttributes of the channel with 0, making NS_UsePrivateBrowsing return false for the channel.

Differential Revision: https://phabricator.services.mozilla.com/D212083
  • e0c31372
    by Jon Coppeard at 2024-08-06T15:59:28+02:00 
    Bug 1904011 - Ignore finalized scripts when iterating code covarage tables r=iain

Differential Revision: https://phabricator.services.mozilla.com/D214799

6 changed files:

Changes:

  • image/test/browser/browser.toml
    ... ... @@ -15,6 +15,9 @@ skip-if = ["true"] # Bug 1207012 - Permaorange from an uncaught exception that i
    15 15 
     ["browser_bug1869938.js"]
    16 16 
     support-files = ["helper1869938.html"]
    17 17
    18 
    +["browser_bug1899180.js"]
    19 
    +support-files = ["helper1899180.html"]
    20 
    +
    18 21 
     ["browser_docshell_type_editor.js"]
    19 22
    20 23 
     ["browser_image.js"]

  • image/test/browser/browser_bug1899180.js
    1 
    +/* This Source Code Form is subject to the terms of the Mozilla Public
    2 
    + * License, v. 2.0. If a copy of the MPL was not distributed with this
    3 
    + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
    4 
    +
    5 
    +/*
    6 
    + * This test opens a private browsing window, then opens a content page in it
    7 
    + * that loads an svg image that contains an image to an external protocol.
    8 
    + * This tests that we don't hit an assert in this situation.
    9 
    + */
    10 
    +
    11 
    +add_task(async function test() {
    12 
    +  function httpURL(filename) {
    13 
    +    let chromeURL = getRootDirectory(gTestPath) + filename;
    14 
    +    return chromeURL.replace(
    15 
    +      "chrome://mochitests/content/",
    16 
    +      "http://mochi.test:8888/"
    17 
    +    );
    18 
    +  }
    19 
    +
    20 
    +  let win = await BrowserTestUtils.openNewBrowserWindow({ private: true });
    21 
    +
    22 
    +  let tab = (win.gBrowser.selectedTab = BrowserTestUtils.addTab(
    23 
    +    win.gBrowser,
    24 
    +    "about:blank"
    25 
    +  ));
    26 
    +
    27 
    +  await BrowserTestUtils.browserLoaded(tab.linkedBrowser);
    28 
    +
    29 
    +  const pageUrl = httpURL("helper1899180.html");
    30 
    +
    31 
    +  BrowserTestUtils.startLoadingURIString(tab.linkedBrowser, pageUrl);
    32 
    +
    33 
    +  await BrowserTestUtils.browserLoaded(tab.linkedBrowser);
    34 
    +
    35 
    +  await new Promise(resolve => {
    36 
    +    waitForFocus(resolve, win);
    37 
    +  });
    38 
    +
    39 
    +  // do a couple rafs here to ensure its loaded and displayed
    40 
    +  await new Promise(r => requestAnimationFrame(r));
    41 
    +  await new Promise(r => requestAnimationFrame(r));
    42 
    +
    43 
    +  await BrowserTestUtils.closeWindow(win);
    44 
    +
    45 
    +  win = null;
    46 
    +  tab = null;
    47 
    +
    48 
    +  ok(true, "we got here and didn't crash/assert");
    49 
    +});

  • image/test/browser/helper1899180.html
    1 
    +<!DOCTYPE html>
    2 
    +<html>
    3 
    +<!-- just an svg that contains an image whose src points to a protocol that firefox doesn't support -->
    4 
    +<img src="">'data:image/svg+xml;charset=UTF-8,<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewBox="0 0 120 120"><image width="10" height="10" xlink:href=""/></svg>'/>
    5 
    +</html>

  • js/src/gc/Zone.cpp
    ... ... @@ -906,7 +906,13 @@ void Zone::clearScriptCounts(Realm* realm) {
    906 906 
       // Clear all hasScriptCounts_ flags of BaseScript, in order to release all
    907 907 
       // ScriptCounts entries of the given realm.
    908 908 
       for (auto i = scriptCountsMap->modIter(); !i.done(); i.next()) {
    909 
    -    BaseScript* script = i.get().key();
    909 
    +    const HeapPtr<BaseScript*>& script = i.get().key();
    910 
    +    if (IsAboutToBeFinalized(script)) {
    911 
    +      // Dead scripts may be present during incremental GC until script
    912 
    +      // finalizers have been run.
    913 
    +      continue;
    914 
    +    }
    915 
    +
    910 916 
         if (script->realm() != realm) {
    911 917 
           continue;
    912 918 
         }
    ... ... @@ -927,7 +933,13 @@ void Zone::clearScriptLCov(Realm* realm) {
    927 933 
       }
    928 934
    929 935 
       for (auto i = scriptLCovMap->modIter(); !i.done(); i.next()) {
    930 
    -    BaseScript* script = i.get().key();
    936 
    +    const HeapPtr<BaseScript*>& script = i.get().key();
    937 
    +    if (IsAboutToBeFinalized(script)) {
    938 
    +      // Dead scripts may be present during incremental GC until script
    939 
    +      // finalizers have been run.
    940 
    +      continue;
    941 
    +    }
    942 
    +
    931 943 
         if (script->realm() == realm) {
    932 944 
           i.remove();
    933 945 
         }

  • js/src/jit-test/tests/debug/bug-1904011.js
    1 
    +// |jit-test| --fuzzing-safe; --ion-offthread-compile=off
    2 
    +gczeal(0);
    3 
    +
    4 
    +let g = newGlobal({newCompartment: true});
    5 
    +let dbg = new Debugger(g);
    6 
    +
    7 
    +dbg.collectCoverageInfo = true;
    8 
    +g.eval("0");
    9 
    +
    10 
    +// Start a GC in the debugger's zone and yield after sweeping objects.
    11 
    +schedulezone(g);
    12 
    +gczeal(22);
    13 
    +startgc(100);
    14 
    +
    15 
    +dbg.collectCoverageInfo = false;

  • toolkit/components/antitracking/StoragePrincipalHelper.cpp
    ... ... @@ -447,7 +447,7 @@ bool StoragePrincipalHelper::GetOriginAttributes(
    447 447 
       nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
    448 448 
       loadInfo->GetOriginAttributes(&aAttributes);
    449 449
    450 
    -  bool isPrivate = false;
    450 
    +  bool isPrivate = aAttributes.mPrivateBrowsingId > 0;
    451 451 
       nsCOMPtr<nsIPrivateBrowsingChannel> pbChannel = do_QueryInterface(aChannel);
    452 452 
       if (pbChannel) {
    453 453 
         nsresult rv = pbChannel->GetIsChannelPrivate(&isPrivate);
    ... ... @@ -456,7 +456,9 @@ bool StoragePrincipalHelper::GetOriginAttributes(
    456 456 
         // Some channels may not implement nsIPrivateBrowsingChannel
    457 457 
         nsCOMPtr<nsILoadContext> loadContext;
    458 458 
         NS_QueryNotificationCallbacks(aChannel, loadContext);
    459 
    -    isPrivate = loadContext && loadContext->UsePrivateBrowsing();
    459 
    +    if (loadContext) {
    460 
    +      isPrivate = loadContext->UsePrivateBrowsing();
    461 
    +    }
    460 462 
       }
    461 463 
       aAttributes.SyncAttributesWithPrivateBrowsing(isPrivate);
    462 464


    • View it on GitLab.
    You're receiving this email because of your account on gitlab.torproject.org. Manage all notifications · Help 

    _______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits