summaryrefslogtreecommitdiff
path: root/gnu/packages/patches/icecat-CVE-2014-8638-pt2.patch
blob: 4e439efb892b1e9f696be057073b6232b875d4fe (about) (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
From 0d47e593c685313571aaa00cb7341b458123c82f Mon Sep 17 00:00:00 2001
From: Christoph Kerschbaumer <mozilla@christophkerschbaumer.com>
Date: Wed, 19 Nov 2014 16:03:30 -0800
Subject: [PATCH 2/2] Bug 1080987 - navigator.sendBeacon() needs to sent origin
 header - test. r=sicking, a=bkerensa

---
 .../beacon/beacon-originheader-handler.sjs         | 41 ++++++++++++++
 dom/tests/mochitest/beacon/mochitest.ini           |  2 +
 .../mochitest/beacon/test_beaconOriginHeader.html  | 64 ++++++++++++++++++++++
 3 files changed, 107 insertions(+)
 create mode 100644 dom/tests/mochitest/beacon/beacon-originheader-handler.sjs
 create mode 100644 dom/tests/mochitest/beacon/test_beaconOriginHeader.html

diff --git a/dom/tests/mochitest/beacon/beacon-originheader-handler.sjs b/dom/tests/mochitest/beacon/beacon-originheader-handler.sjs
new file mode 100644
index 0000000..baed22c
--- /dev/null
+++ b/dom/tests/mochitest/beacon/beacon-originheader-handler.sjs
@@ -0,0 +1,41 @@
+/*
+ * TestSever customized specifically for the needs of:
+ * Bug 1080987 - navigator.sendBeacon() needs to sent origin header
+ */
+
+function handleRequest(request, response)
+{
+  response.setHeader("Cache-Control", "no-cache", false);
+  response.setHeader("Content-Type", "text/plain", false);
+
+  // case XHR-REQUEST: the xhr-request tries to query the
+  // stored header from the beacon request.
+  if (request.queryString == "queryheader") {
+    var header = getState("originHeader");
+    // if the beacon already stored the header - return.
+    if (header) {
+      response.write(header);
+      setState("originHeader", "");
+      return;
+    }
+    // otherwise wait for the beacon request
+    response.processAsync();
+    setObjectState("xhr-response", response);
+    return;
+  }
+
+  // case BEACON-REQUEST: get the beacon header and
+  // store the header on the server.
+  var header = request.getHeader("origin");
+  setState("originHeader", header);
+
+  // if there is an xhr-request waiting, return the header now.
+  getObjectState("xhr-response", function(xhrResponse) {
+    if (!xhrResponse) {
+      return;
+    }
+    setState("originHeader", "");
+    xhrResponse.write(header);
+    xhrResponse.finish();
+  });
+}
diff --git a/dom/tests/mochitest/beacon/mochitest.ini b/dom/tests/mochitest/beacon/mochitest.ini
index f65276e..6681fa4 100644
--- a/dom/tests/mochitest/beacon/mochitest.ini
+++ b/dom/tests/mochitest/beacon/mochitest.ini
@@ -2,8 +2,10 @@
 skip-if = buildapp == 'b2g' || e10s
 support-files = beacon-frame.html
                 beacon-handler.sjs
+                beacon-originheader-handler.sjs
 
 [test_beacon.html]
 [test_beaconFrame.html]
 [test_beaconPreflight.html]
 [test_beaconContentPolicy.html]
+[test_beaconOriginHeader.html]
diff --git a/dom/tests/mochitest/beacon/test_beaconOriginHeader.html b/dom/tests/mochitest/beacon/test_beaconOriginHeader.html
new file mode 100644
index 0000000..b5684a9
--- /dev/null
+++ b/dom/tests/mochitest/beacon/test_beaconOriginHeader.html
@@ -0,0 +1,64 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <title>Bug 1080987 - navigator.sendBeacon() needs to sent origin header</title>
+  <!-- Including SimpleTest.js so we can use waitForExplicitFinish !-->
+  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+  <p id="display"></p>
+  <div id="content" style="visibility: hidden">
+    <iframe style="width:100%;" id="testframe"></iframe>
+  </div>
+
+<script class="testbody" type="text/javascript">
+
+SimpleTest.waitForExplicitFinish();
+
+const BEACON_URL = "http://example.com/tests/dom/tests/mochitest/beacon/beacon-originheader-handler.sjs";
+const ORIGIN_HEADER = "http://mochi.test:8888";
+
+/* Description of the test:
+ *   We call sendBeacon() cross origin and make sure that the
+ *   origin header is actually set in the request.
+ *
+ * Since sendBeacon() does not expect any response, we are storing the
+ * header on the server (*.sjs) and use an XMLHttpRequest to actually
+ * retrieve the header back from the server. We assert that the header
+ * is indeed correct. Since sendBeacon() and also the XMLHttpRequest()
+ * are performed in an asynchronous fashion, there is no guarantee that
+ * the sendBeacon() is actually executed before the XMLHttpRequest().
+ * Hence the xhr-response might be processed asynchronously.
+ */
+
+SpecialPowers.pushPrefEnv({'set': [["beacon.enabled", true]]}, runTest);
+
+function queryHeaderFromServer() {
+  var xhr = new XMLHttpRequest();
+  xhr.open("GET", "beacon-originheader-handler.sjs?queryheader", true);
+  xhr.onload = function() {
+    is(xhr.responseText, ORIGIN_HEADER, "SendBeacon sends right origin header");
+    SimpleTest.finish();
+  };
+  xhr.onerror = function() {
+    ok(false, "xhr request returned error");
+    SimpleTest.finish();
+  };
+  xhr.send();
+}
+
+function runTest() {
+  // generate data and send beacon
+  var formData = new FormData();
+  formData.append('name', 'value');
+  navigator.sendBeacon(BEACON_URL, formData);
+
+  // start quering the result from the server
+  queryHeaderFromServer();
+}
+
+</script>
+</pre>
+</body>
+</html>
-- 
2.1.2