me/omegafox
1
0
Fork 0
mirror of https://forge.fsky.io/oneflux/omegafox.git synced 2026-02-10 14:12:05 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

Bump to FF132 beta.14

Browse source 
- Update upstream Firefox version to 132.0.
- Updated Playwright patches and Juggler to FF132 (+1 version above current parent Playwright branch)
- Removed upstream DNS leak patch (has been added natively)
- Added WebGL context attribute "forceSoftwareRendering"
This commit is contained in:
daijro 2024-11-01 00:50:26 -05:00
parent 33189cd5b4
commit 2539e60a79
13 changed files with 277 additions and 1297 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
Makefile
View file

@ -68,9 +68,10 @@ ff-dbg: setup
# Only apply patches to help debug vanilla Firefox
make patch ./patches/chromeutil.patch
make patch ./patches/debug-url-navigation.patch
echo "\nLOCAL_INCLUDES += ['/camoucfg']" >> $(cf_source_dir)/dom/base/moz.build
echo "LOCAL_INCLUDES += ['/camoucfg']" >> $(cf_source_dir)/dom/base/moz.build
touch $(cf_source_dir)/_READY
make checkpoint
make build
revert:
cd $(cf_source_dir) && git reset --hard unpatched

36
additions/juggler/NetworkObserver.js
View file

@ -145,10 +145,13 @@ class NetworkRequest {
}
this._expectingInterception = false;
this._expectingResumedRequest = undefined; // { method, headers, postData }
this._overriddenHeadersForRedirect = redirectedFrom?._overriddenHeadersForRedirect;
this._sentOnResponse = false;
this._fulfilled = false;
if (this._pageNetwork)
if (this._overriddenHeadersForRedirect)
overrideRequestHeaders(httpChannel, this._overriddenHeadersForRedirect);
else if (this._pageNetwork)
appendExtraHTTPHeaders(httpChannel, this._pageNetwork.combinedExtraHTTPHeaders());
this._responseBodyChunks = [];
@ -230,20 +233,13 @@ class NetworkRequest {
if (!this._expectingResumedRequest)
return;
const { method, headers, postData } = this._expectingResumedRequest;
this._overriddenHeadersForRedirect = headers;
this._expectingResumedRequest = undefined;
if (headers) {
for (const header of requestHeaders(this.httpChannel)) {
// We cannot remove the "host" header.
if (header.name.toLowerCase() === 'host')
continue;
this.httpChannel.setRequestHeader(header.name, '', false /* merge */);
}
for (const header of headers)
this.httpChannel.setRequestHeader(header.name, header.value, false /* merge */);
} else if (this._pageNetwork) {
if (headers)
overrideRequestHeaders(this.httpChannel, headers);
else if (this._pageNetwork)
appendExtraHTTPHeaders(this.httpChannel, this._pageNetwork.combinedExtraHTTPHeaders());
}
if (method)
this.httpChannel.requestMethod = method;
if (postData !== undefined)
@ -773,6 +769,20 @@ function requestHeaders(httpChannel) {
return headers;
}
function clearRequestHeaders(httpChannel) {
for (const header of requestHeaders(httpChannel)) {
// We cannot remove the "host" header.
if (header.name.toLowerCase() === 'host')
continue;
httpChannel.setRequestHeader(header.name, '', false /* merge */);
}
}
function overrideRequestHeaders(httpChannel, headers) {
clearRequestHeaders(httpChannel);
appendExtraHTTPHeaders(httpChannel, headers);
}
function causeTypeToString(causeType) {
for (let key in Ci.nsIContentPolicy) {
if (Ci.nsIContentPolicy[key] === causeType)
@ -954,4 +964,4 @@ PageNetwork.Events = {
var EXPORTED_SYMBOLS = ['NetworkObserver', 'PageNetwork'];
this.NetworkObserver = NetworkObserver;
this.PageNetwork = PageNetwork;
this.PageNetwork = PageNetwork;

8
additions/juggler/components/Juggler.js
View file

@ -4,6 +4,7 @@
var EXPORTED_SYMBOLS = ["Juggler", "JugglerFactory"];
const {AppConstants} = ChromeUtils.import("resource://gre/modules/AppConstants.jsm");
const {XPCOMUtils} = ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm");
const {ComponentUtils} = ChromeUtils.import("resource://gre/modules/ComponentUtils.jsm");
const {Dispatcher} = ChromeUtils.import("chrome://juggler/content/protocol/Dispatcher.js");
@ -105,7 +106,12 @@ class Juggler {
};
// Force create hidden window here, otherwise its creation later closes the web socket!
Services.appShell.hiddenDOMWindow;
// In FF132, the hidden window has been removed on Linux and Windows. Only enable it on Mac.
// https://bugzilla.mozilla.org/show_bug.cgi?id=71895
if (AppConstants.platform === "macosx") {
ChromeUtils.camouDebug('Creating hidden window');
Services.appShell.hiddenDOMWindow;
}
let pipeStopped = false;
let browserHandler;

14
additions/juggler/content/FrameTree.js
View file

@ -46,8 +46,6 @@ class FrameTree {
Ci.nsISupportsWeakReference,
]);
this._addedScrollbarsStylesheetSymbol = Symbol('_addedScrollbarsStylesheetSymbol');
this._wdm = Cc["@mozilla.org/dom/workers/workerdebuggermanager;1"].createInstance(Ci.nsIWorkerDebuggerManager);
this._wdmListener = {
QueryInterface: ChromeUtils.generateQI([Ci.nsIWorkerDebuggerManagerListener]),
@ -130,24 +128,12 @@ class FrameTree {
}
_onDOMWindowCreated(window) {
if (!window[this._addedScrollbarsStylesheetSymbol] && this.scrollbarsHidden) {
const styleSheetService = Cc["@mozilla.org/content/style-sheet-service;1"].getService(Components.interfaces.nsIStyleSheetService);
const ioService = Cc["@mozilla.org/network/io-service;1"].getService(Components.interfaces.nsIIOService);
const uri = ioService.newURI('chrome://juggler/content/content/hidden-scrollbars.css', null, null);
const sheet = styleSheetService.preloadSheet(uri, styleSheetService.AGENT_SHEET);
window.windowUtils.addSheet(sheet, styleSheetService.AGENT_SHEET);
window[this._addedScrollbarsStylesheetSymbol] = true;
}
const frame = this.frameForDocShell(window.docShell);
if (!frame)
return;
frame._onGlobalObjectCleared();
}
setScrollbarsHidden(hidden) {
this.scrollbarsHidden = hidden;
}
setJavaScriptDisabled(javaScriptDisabled) {
this._javaScriptDisabled = javaScriptDisabled;
for (const frame of this.frames())

16
additions/juggler/content/PageAgent.js
View file

@ -120,7 +120,8 @@ class PageAgent {
// After the dragStart event is dispatched and handled by Web,
// it might or might not create a new drag session, depending on its preventing default.
setTimeout(() => {
this._browserPage.emit('pageInputEvent', { type: 'juggler-drag-finalized', dragSessionStarted: !!dragService.getCurrentSession() });
const session = this._getCurrentDragSession();
this._browserPage.emit('pageInputEvent', { type: 'juggler-drag-finalized', dragSessionStarted: !!session });
}, 0);
}
}),
@ -526,8 +527,14 @@ class PageAgent {
});
}
_getCurrentDragSession() {
const frame = this._frameTree.mainFrame();
const domWindow = frame?.domWindow();
return domWindow ? dragService.getCurrentSession(domWindow) : undefined;
}
async _dispatchDragEvent({type, x, y, modifiers}) {
const session = dragService.getCurrentSession();
const session = this._getCurrentDragSession();
const dropEffect = session.dataTransfer.dropEffect;
if ((type === 'drop' && dropEffect !== 'none') || type === 'dragover') {
@ -551,9 +558,8 @@ class PageAgent {
return;
}
if (type === 'dragend') {
const session = dragService.getCurrentSession();
if (session)
dragService.endDragSession(true);
const session = this._getCurrentDragSession();
session?.endDragSession(true);
return;
}
}

4
additions/juggler/content/main.js
View file

@ -45,10 +45,6 @@ function initialize(browsingContext, docShell) {
docShell.languageOverride = locale;
},
scrollbarsHidden: (hidden) => {
data.frameTree.setScrollbarsHidden(hidden);
},
javaScriptDisabled: (javaScriptDisabled) => {
data.frameTree.setJavaScriptDisabled(javaScriptDisabled);
},

4
additions/juggler/protocol/BrowserHandler.js
View file

@ -255,10 +255,6 @@ class BrowserHandler {
await this._targetRegistry.browserContextForId(browserContextId).setDefaultViewport(nullToUndefined(viewport));
}
async ['Browser.setScrollbarsHidden']({browserContextId, hidden}) {
await this._targetRegistry.browserContextForId(browserContextId).applySetting('scrollbarsHidden', nullToUndefined(hidden));
}
async ['Browser.setInitScripts']({browserContextId, scripts}) {
await this._targetRegistry.browserContextForId(browserContextId).setInitScripts(scripts);
}

6
additions/juggler/protocol/Protocol.js
View file

@ -394,12 +394,6 @@ const Browser = {
viewport: t.Nullable(pageTypes.Viewport),
}
},
'setScrollbarsHidden': {
params: {
browserContextId: t.Optional(t.String),
hidden: t.Boolean,
}
},
'setInitScripts': {
params: {
browserContextId: t.Optional(t.String),

76
patches/librewolf/ui-patches/allow_cookies_for_site.patch
View file

@ -1,76 +0,0 @@
diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js
index 4efbba2..5445b03 100644
--- a/browser/base/content/browser-siteIdentity.js
+++ b/browser/base/content/browser-siteIdentity.js
@@ -414,6 +414,33 @@ var gIdentityHandler = {
event.stopPropagation();
},
+ async refreshSiteData() {
+ document.getElementById("identity-popup-allow-sitedata-toggle").toggleAttribute(
+ "pressed",
+ Services.perms.testExactPermissionFromPrincipal(
+ gBrowser.contentPrincipal,
+ "cookie"
+ ) === Services.perms.ALLOW_ACTION
+ );
+ },
+
+ async toggleSiteData() {
+ const pressed = document.getElementById("identity-popup-allow-sitedata-toggle").toggleAttribute(
+ "pressed"
+ );
+
+ if (pressed) {
+ Services.perms.addFromPrincipal(
+ gBrowser.contentPrincipal,
+ "cookie",
+ Services.perms.ALLOW_ACTION,
+ Services.perms.EXPIRE_NEVER
+ );
+ } else {
+ Services.perms.removeFromPrincipal(gBrowser.contentPrincipal, "cookie");
+ }
+ },
+
/**
* Handler for mouseclicks on the "More Information" button in the
* "identity-popup" panel.
@@ -1151,6 +1178,8 @@ var gIdentityHandler = {
this._identityPopupContentOwner.textContent = owner;
this._identityPopupContentSupp.textContent = supplemental;
this._identityPopupContentVerif.textContent = verifier;
+
+ this.refreshSiteData();
},
setURI(uri) {
diff --git a/browser/components/controlcenter/content/identityPanel.inc.xhtml b/browser/components/controlcenter/content/identityPanel.inc.xhtml
index 8bc64fa..4a4a1af 100644
--- a/browser/components/controlcenter/content/identityPanel.inc.xhtml
+++ b/browser/components/controlcenter/content/identityPanel.inc.xhtml
@@ -96,6 +96,12 @@
data-l10n-id="identity-clear-site-data"
class="subviewbutton"
oncommand="gIdentityHandler.clearSiteData(event);"/>
+ <toolbarbutton id="identity-popup-allow-sitedata-button"
+ class="subviewbutton"
+ oncommand="gIdentityHandler.toggleSiteData();">
+ <label data-l10n-id="identity-allow-site-data" flex="1"></label>
+ <html:moz-toggle id="identity-popup-allow-sitedata-toggle" style="pointer-events: none;"></html:moz-toggle>
+ </toolbarbutton>
</vbox>
</panelview>
diff --git a/browser/locales/en-US/browser/browser.ftl b/browser/locales/en-US/browser/browser.ftl
index 0dbdc78..e183f1a 100644
--- a/browser/locales/en-US/browser/browser.ftl
+++ b/browser/locales/en-US/browser/browser.ftl
@@ -402,6 +402,7 @@ identity-permissions-storage-access-learn-more = Learn more
identity-permissions-reload-hint = You may need to reload the page for changes to apply.
identity-clear-site-data =
.label = Clear cookies and site data…
+identity-allow-site-data = Camoufox: Always store cookies/data for this site
identity-connection-not-secure-security-view = You are not securely connected to this site.
identity-connection-verified = You are securely connected to this site.
identity-ev-owner-label = Certificate issued to:

495
patches/playwright/0-playwright-updated.patch
View file

File diff suppressed because it is too large Load diff

875
patches/upstream-dns-leak-fix.patch
View file

@ -1,875 +0,0 @@
# HG changeset patch
# User Kershaw Chang <kershaw@mozilla.com>
# Date 1725998669 0
# Node ID eb748cbf195dc2195a5a26910efb0f35a0967e03
# Parent f2a1d0b442ab14b7d00c4229444d4845d14cbb68
Bug 1910593 - Don't prefetch HTTPS RR if proxyDNS is enabled, r=necko-reviewers,valentin
Differential Revision: https://phabricator.services.mozilla.com/D219528
diff --git a/dom/chrome-webidl/NetDashboard.webidl b/dom/chrome-webidl/NetDashboard.webidl
--- a/dom/chrome-webidl/NetDashboard.webidl
+++ b/dom/chrome-webidl/NetDashboard.webidl
@@ -63,16 +63,17 @@ dictionary WebSocketDict {
dictionary DnsCacheEntry {
DOMString hostname = "";
sequence<DOMString> hostaddr;
DOMString family = "";
double expiration = 0;
boolean trr = false;
DOMString originAttributesSuffix = "";
DOMString flags = "";
+ unsigned short type = 0;
};
[GenerateConversionToJS]
dictionary DNSCacheDict {
sequence<DnsCacheEntry> entries;
};
[GenerateConversionToJS]
diff --git a/netwerk/base/Dashboard.cpp b/netwerk/base/Dashboard.cpp
--- a/netwerk/base/Dashboard.cpp
+++ b/netwerk/base/Dashboard.cpp
@@ -907,20 +907,23 @@ nsresult Dashboard::GetDNSCacheEntries(D
nsString* addr = addrs.AppendElement(fallible);
if (!addr) {
JS_ReportOutOfMemory(cx);
return NS_ERROR_OUT_OF_MEMORY;
}
CopyASCIItoUTF16(dnsData->mData[i].hostaddr[j], *addr);
}
- if (dnsData->mData[i].family == PR_AF_INET6) {
- entry.mFamily.AssignLiteral(u"ipv6");
- } else {
- entry.mFamily.AssignLiteral(u"ipv4");
+ entry.mType = dnsData->mData[i].resolveType;
+ if (entry.mType == nsIDNSService::RESOLVE_TYPE_DEFAULT) {
+ if (dnsData->mData[i].family == PR_AF_INET6) {
+ entry.mFamily.AssignLiteral(u"ipv6");
+ } else {
+ entry.mFamily.AssignLiteral(u"ipv4");
+ }
}
entry.mOriginAttributesSuffix =
NS_ConvertUTF8toUTF16(dnsData->mData[i].originAttributesSuffix);
entry.mFlags = NS_ConvertUTF8toUTF16(dnsData->mData[i].flags);
}
JS::Rooted<JS::Value> val(cx);
diff --git a/netwerk/base/DashboardTypes.h b/netwerk/base/DashboardTypes.h
--- a/netwerk/base/DashboardTypes.h
+++ b/netwerk/base/DashboardTypes.h
@@ -30,22 +30,22 @@ inline bool operator==(const SocketInfo&
struct DnsAndConnectSockets {
bool speculative;
};
struct DNSCacheEntries {
nsCString hostname;
nsTArray<nsCString> hostaddr;
- uint16_t family;
- int64_t expiration;
- nsCString netInterface;
- bool TRR;
+ uint16_t family{0};
+ int64_t expiration{0};
+ bool TRR{false};
nsCString originAttributesSuffix;
nsCString flags;
+ uint16_t resolveType{0};
};
struct HttpConnInfo {
uint32_t ttl;
uint32_t rtt;
nsString protocolVersion;
void SetHTTPProtocolVersion(HttpVersion pv);
@@ -94,27 +94,31 @@ template <>
struct ParamTraits<mozilla::net::DNSCacheEntries> {
typedef mozilla::net::DNSCacheEntries paramType;
static void Write(MessageWriter* aWriter, const paramType& aParam) {
WriteParam(aWriter, aParam.hostname);
WriteParam(aWriter, aParam.hostaddr);
WriteParam(aWriter, aParam.family);
WriteParam(aWriter, aParam.expiration);
- WriteParam(aWriter, aParam.netInterface);
WriteParam(aWriter, aParam.TRR);
+ WriteParam(aWriter, aParam.originAttributesSuffix);
+ WriteParam(aWriter, aParam.flags);
+ WriteParam(aWriter, aParam.resolveType);
}
static bool Read(MessageReader* aReader, paramType* aResult) {
return ReadParam(aReader, &aResult->hostname) &&
ReadParam(aReader, &aResult->hostaddr) &&
ReadParam(aReader, &aResult->family) &&
ReadParam(aReader, &aResult->expiration) &&
- ReadParam(aReader, &aResult->netInterface) &&
- ReadParam(aReader, &aResult->TRR);
+ ReadParam(aReader, &aResult->TRR) &&
+ ReadParam(aReader, &aResult->originAttributesSuffix) &&
+ ReadParam(aReader, &aResult->flags) &&
+ ReadParam(aReader, &aResult->resolveType);
}
};
template <>
struct ParamTraits<mozilla::net::DnsAndConnectSockets> {
typedef mozilla::net::DnsAndConnectSockets paramType;
static void Write(MessageWriter* aWriter, const paramType& aParam) {
diff --git a/netwerk/dns/nsHostResolver.cpp b/netwerk/dns/nsHostResolver.cpp
--- a/netwerk/dns/nsHostResolver.cpp
+++ b/netwerk/dns/nsHostResolver.cpp
@@ -2030,50 +2030,44 @@ void nsHostResolver::GetDNSCacheEntries(
// Also require a host.
nsHostRecord* rec = recordEntry.GetWeak();
MOZ_ASSERT(rec, "rec should never be null here!");
if (!rec) {
continue;
}
- // For now we only show A/AAAA records.
- if (!rec->IsAddrRecord()) {
+ DNSCacheEntries info;
+ info.resolveType = rec->type;
+ info.hostname = rec->host;
+ info.family = rec->af;
+ if (rec->mValidEnd.IsNull()) {
continue;
}
-
- RefPtr<AddrHostRecord> addrRec = do_QueryObject(rec);
- MOZ_ASSERT(addrRec);
- if (!addrRec || !addrRec->addr_info) {
- continue;
- }
-
- DNSCacheEntries info;
- info.hostname = rec->host;
- info.family = rec->af;
info.expiration =
(int64_t)(rec->mValidEnd - TimeStamp::NowLoRes()).ToSeconds();
if (info.expiration <= 0) {
// We only need valid DNS cache entries
continue;
}
- {
+ info.originAttributesSuffix = recordEntry.GetKey().originSuffix;
+ info.flags = nsPrintfCString("%u|0x%x|%u|%d|%s", rec->type, rec->flags,
+ rec->af, rec->pb, rec->mTrrServer.get());
+
+ RefPtr<AddrHostRecord> addrRec = do_QueryObject(rec);
+ if (addrRec && addrRec->addr_info) {
MutexAutoLock lock(addrRec->addr_info_lock);
for (const auto& addr : addrRec->addr_info->Addresses()) {
char buf[kIPv6CStrBufSize];
if (addr.ToStringBuffer(buf, sizeof(buf))) {
info.hostaddr.AppendElement(buf);
}
}
info.TRR = addrRec->addr_info->IsTRR();
}
- info.originAttributesSuffix = recordEntry.GetKey().originSuffix;
- info.flags = nsPrintfCString("%u|0x%x|%u|%d|%s", rec->type, rec->flags,
- rec->af, rec->pb, rec->mTrrServer.get());
-
args->AppendElement(std::move(info));
}
}
#undef LOG
#undef LOG_ENABLED
diff --git a/netwerk/protocol/http/nsHttp.cpp b/netwerk/protocol/http/nsHttp.cpp
--- a/netwerk/protocol/http/nsHttp.cpp
+++ b/netwerk/protocol/http/nsHttp.cpp
@@ -30,16 +30,18 @@
#include <errno.h>
#include <functional>
#include "nsLiteralString.h"
#include <string.h>
namespace mozilla {
namespace net {
+extern const char kProxyType_SOCKS[];
+
const uint32_t kHttp3VersionCount = 5;
const nsCString kHttp3Versions[] = {"h3-29"_ns, "h3-30"_ns, "h3-31"_ns,
"h3-32"_ns, "h3"_ns};
// https://datatracker.ietf.org/doc/html/draft-ietf-webtrans-http3/#section-4.3
constexpr uint64_t kWebTransportErrorCodeStart = 0x52e4a40fa8db;
constexpr uint64_t kWebTransportErrorCodeEnd = 0x52e4a40fa9e2;
@@ -1173,10 +1175,24 @@ nsLiteralCString HttpVersionToTelemetryL
case HttpVersion::v3_0:
return "http_3"_ns;
default:
break;
}
return "unknown"_ns;
}
+ProxyDNSStrategy GetProxyDNSStrategyHelper(const char* aType, uint32_t aFlag) {
+ if (!aType) {
+ return ProxyDNSStrategy::ORIGIN;
+ }
+
+ if (!(aFlag & nsIProxyInfo::TRANSPARENT_PROXY_RESOLVES_HOST)) {
+ if (aType == kProxyType_SOCKS) {
+ return ProxyDNSStrategy::ORIGIN;
+ }
+ }
+
+ return ProxyDNSStrategy::PROXY;
+}
+
} // namespace net
} // namespace mozilla
diff --git a/netwerk/protocol/http/nsHttp.h b/netwerk/protocol/http/nsHttp.h
--- a/netwerk/protocol/http/nsHttp.h
+++ b/netwerk/protocol/http/nsHttp.h
@@ -524,12 +524,22 @@ uint64_t WebTransportErrorToHttp3Error(u
uint8_t Http3ErrorToWebTransportError(uint64_t aErrorCode);
bool PossibleZeroRTTRetryError(nsresult aReason);
void DisallowHTTPSRR(uint32_t& aCaps);
nsLiteralCString HttpVersionToTelemetryLabel(HttpVersion version);
+enum class ProxyDNSStrategy : uint8_t {
+ // To resolve the origin of the end server we are connecting
+ // to.
+ ORIGIN = 1 << 0,
+ // To resolve the host name of the proxy.
+ PROXY = 1 << 1
+};
+
+ProxyDNSStrategy GetProxyDNSStrategyHelper(const char* aType, uint32_t aFlag);
+
} // namespace net
} // namespace mozilla
#endif // nsHttp_h__
diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -773,16 +773,20 @@ nsresult nsHttpChannel::MaybeUseHTTPSRRF
return aStatus;
}
if (mURI->SchemeIs("https") || aShouldUpgrade || !LoadUseHTTPSSVC()) {
return ContinueOnBeforeConnect(aShouldUpgrade, aStatus);
}
auto shouldSkipUpgradeWithHTTPSRR = [&]() -> bool {
+ if (mCaps & NS_HTTP_DISALLOW_HTTPS_RR) {
+ return true;
+ }
+
// Skip using HTTPS RR to upgrade when this is not a top-level load and the
// loading principal is http.
if ((mLoadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_DOCUMENT) &&
(mLoadInfo->GetLoadingPrincipal() &&
mLoadInfo->GetLoadingPrincipal()->SchemeIs("http"))) {
return true;
}
@@ -795,16 +799,21 @@ nsresult nsHttpChannel::MaybeUseHTTPSRRF
return true;
}
// Don't block the channel when TRR is not used.
if (!trrEnabled) {
return true;
}
+ auto dnsStrategy = GetProxyDNSStrategy();
+ if (dnsStrategy != ProxyDNSStrategy::ORIGIN) {
+ return true;
+ }
+
nsAutoCString uriHost;
mURI->GetAsciiHost(uriHost);
return gHttpHandler->IsHostExcludedForHTTPSRR(uriHost);
};
if (shouldSkipUpgradeWithHTTPSRR()) {
StoreUseHTTPSSVC(false);
@@ -819,21 +828,16 @@ nsresult nsHttpChannel::MaybeUseHTTPSRRF
LOG((
"nsHttpChannel::MaybeUseHTTPSRRForUpgrade [%p] mHTTPSSVCRecord is some",
this));
StoreWaitHTTPSSVCRecord(false);
bool hasHTTPSRR = (mHTTPSSVCRecord.ref() != nullptr);
return ContinueOnBeforeConnect(hasHTTPSRR, aStatus, hasHTTPSRR);
}
- auto dnsStrategy = GetProxyDNSStrategy();
- if (!(dnsStrategy & DNS_PREFETCH_ORIGIN)) {
- return ContinueOnBeforeConnect(aShouldUpgrade, aStatus);
- }
-
LOG(("nsHttpChannel::MaybeUseHTTPSRRForUpgrade [%p] wait for HTTPS RR",
this));
OriginAttributes originAttributes;
StoragePrincipalHelper::GetOriginAttributesForHTTPSRR(this, originAttributes);
RefPtr<nsDNSPrefetch> resolver =
new nsDNSPrefetch(mURI, originAttributes, nsIRequest::GetTRRMode());
@@ -1346,23 +1350,23 @@ void nsHttpChannel::SpeculativeConnect()
if (LoadAllowStaleCacheContent()) {
return;
}
nsCOMPtr<nsIInterfaceRequestor> callbacks;
NS_NewNotificationCallbacksAggregation(mCallbacks, mLoadGroup,
getter_AddRefs(callbacks));
if (!callbacks) return;
-
- Unused << gHttpHandler->SpeculativeConnect(
+ bool httpsRRAllowed = !(mCaps & NS_HTTP_DISALLOW_HTTPS_RR);
+ Unused << gHttpHandler->MaybeSpeculativeConnectWithHTTPSRR(
mConnectionInfo, callbacks,
mCaps & (NS_HTTP_DISALLOW_SPDY | NS_HTTP_TRR_MODE_MASK |
NS_HTTP_DISABLE_IPV4 | NS_HTTP_DISABLE_IPV6 |
NS_HTTP_DISALLOW_HTTP3 | NS_HTTP_REFRESH_DNS),
- gHttpHandler->EchConfigEnabled());
+ gHttpHandler->EchConfigEnabled() && httpsRRAllowed);
}
void nsHttpChannel::DoNotifyListenerCleanup() {
// We don't need this info anymore
CleanRedirectCacheChainIfNecessary();
}
void nsHttpChannel::ReleaseListeners() {
@@ -6755,39 +6759,26 @@ nsHttpChannel::GetOrCreateChannelClassif
LOG(("nsHttpChannel [%p] created nsChannelClassifier [%p]\n", this,
mChannelClassifier.get()));
}
RefPtr<nsChannelClassifier> classifier = mChannelClassifier;
return classifier.forget();
}
-uint16_t nsHttpChannel::GetProxyDNSStrategy() {
- // This function currently only supports returning DNS_PREFETCH_ORIGIN.
- // Support for the rest of the DNS_* flags will be added later.
-
+ProxyDNSStrategy nsHttpChannel::GetProxyDNSStrategy() {
// When network_dns_force_use_https_rr is true, return DNS_PREFETCH_ORIGIN.
// This ensures that we always perform HTTPS RR query.
- if (!mProxyInfo || StaticPrefs::network_dns_force_use_https_rr()) {
- return DNS_PREFETCH_ORIGIN;
- }
-
- uint32_t flags = 0;
- nsAutoCString type;
- mProxyInfo->GetFlags(&flags);
- mProxyInfo->GetType(type);
+ nsCOMPtr<nsProxyInfo> proxyInfo(static_cast<nsProxyInfo*>(mProxyInfo.get()));
+ if (!proxyInfo || StaticPrefs::network_dns_force_use_https_rr()) {
+ return ProxyDNSStrategy::ORIGIN;
+ }
// If the proxy is not to perform name resolution itself.
- if (!(flags & nsIProxyInfo::TRANSPARENT_PROXY_RESOLVES_HOST)) {
- if (type.EqualsLiteral("socks")) {
- return DNS_PREFETCH_ORIGIN;
- }
- }
-
- return 0;
+ return GetProxyDNSStrategyHelper(proxyInfo->Type(), proxyInfo->Flags());
}
// BeginConnect() SHOULD NOT call AsyncAbort(). AsyncAbort will be called by
// functions that called BeginConnect if needed. Only
// MaybeResolveProxyAndBeginConnect and OnProxyAvailable ever call
// BeginConnect.
nsresult nsHttpChannel::BeginConnect() {
LOG(("nsHttpChannel::BeginConnect [this=%p]\n", this));
@@ -6962,21 +6953,23 @@ nsresult nsHttpChannel::BeginConnect() {
} else {
LOG(("nsHttpChannel %p Using default connection info", this));
mConnectionInfo = connInfo;
Telemetry::Accumulate(Telemetry::HTTP_TRANSACTION_USE_ALTSVC, false);
}
bool trrEnabled = false;
+ auto dnsStrategy = GetProxyDNSStrategy();
bool httpsRRAllowed =
!LoadBeConservative() && !(mCaps & NS_HTTP_BE_CONSERVATIVE) &&
!(mLoadInfo->TriggeringPrincipal()->IsSystemPrincipal() &&
mLoadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_DOCUMENT) &&
+ dnsStrategy == ProxyDNSStrategy::ORIGIN &&
!mConnectionInfo->UsingConnect() && canUseHTTPSRRonNetwork(&trrEnabled) &&
StaticPrefs::network_dns_use_https_rr_as_altsvc();
if (!httpsRRAllowed) {
DisallowHTTPSRR(mCaps);
} else if (trrEnabled) {
if (nsIRequest::GetTRRMode() != nsIRequest::TRR_DISABLED_MODE) {
mCaps |= NS_HTTP_FORCE_WAIT_HTTP_RR;
}
@@ -7077,26 +7070,17 @@ nsresult nsHttpChannel::BeginConnect() {
"[this=%p]\n",
this));
return NS_OK;
}
ReEvaluateReferrerAfterTrackingStatusIsKnown();
}
- rv = MaybeStartDNSPrefetch();
- if (NS_FAILED(rv)) {
- auto dnsStrategy = GetProxyDNSStrategy();
- if (dnsStrategy & DNS_BLOCK_ON_ORIGIN_RESOLVE) {
- // TODO: Should this be fatal?
- return rv;
- }
- // Otherwise this shouldn't be fatal.
- return NS_OK;
- }
+ MaybeStartDNSPrefetch();
rv = CallOrWaitForResume(
[](nsHttpChannel* self) { return self->PrepareToConnect(); });
if (NS_FAILED(rv)) {
return rv;
}
if (shouldBeClassified) {
@@ -7106,69 +7090,57 @@ nsresult nsHttpChannel::BeginConnect() {
LOG(("nsHttpChannel::Starting nsChannelClassifier %p [this=%p]",
channelClassifier.get(), this));
channelClassifier->Start();
}
return NS_OK;
}
-nsresult nsHttpChannel::MaybeStartDNSPrefetch() {
+void nsHttpChannel::MaybeStartDNSPrefetch() {
// Start a DNS lookup very early in case the real open is queued the DNS can
// happen in parallel. Do not do so in the presence of an HTTP proxy as
// all lookups other than for the proxy itself are done by the proxy.
// Also we don't do a lookup if the LOAD_NO_NETWORK_IO or
// LOAD_ONLY_FROM_CACHE flags are set.
//
// We keep the DNS prefetch object around so that we can retrieve
// timing information from it. There is no guarantee that we actually
// use the DNS prefetch data for the real connection, but as we keep
// this data around for 3 minutes by default, this should almost always
// be correct, and even when it isn't, the timing still represents _a_
// valid DNS lookup timing for the site, even if it is not _the_
// timing we used.
if ((mLoadFlags & (LOAD_NO_NETWORK_IO | LOAD_ONLY_FROM_CACHE)) ||
LoadAuthRedirectedChannel()) {
- return NS_OK;
+ return;
}
auto dnsStrategy = GetProxyDNSStrategy();
LOG(
("nsHttpChannel::MaybeStartDNSPrefetch [this=%p, strategy=%u] "
"prefetching%s\n",
- this, dnsStrategy,
+ this, static_cast<uint32_t>(dnsStrategy),
mCaps & NS_HTTP_REFRESH_DNS ? ", refresh requested" : ""));
- if (dnsStrategy & DNS_PREFETCH_ORIGIN) {
+ if (dnsStrategy == ProxyDNSStrategy::ORIGIN) {
OriginAttributes originAttributes;
StoragePrincipalHelper::GetOriginAttributesForNetworkState(
this, originAttributes);
mDNSPrefetch =
new nsDNSPrefetch(mURI, originAttributes, nsIRequest::GetTRRMode(),
this, LoadTimingEnabled());
nsIDNSService::DNSFlags dnsFlags = nsIDNSService::RESOLVE_DEFAULT_FLAGS;
if (mCaps & NS_HTTP_REFRESH_DNS) {
dnsFlags |= nsIDNSService::RESOLVE_BYPASS_CACHE;
}
- nsresult rv = mDNSPrefetch->PrefetchHigh(dnsFlags);
-
- if (dnsStrategy & DNS_BLOCK_ON_ORIGIN_RESOLVE) {
- LOG((" blocking on prefetching origin"));
-
- if (NS_WARN_IF(NS_FAILED(rv))) {
- LOG((" lookup failed with 0x%08" PRIx32 ", aborting request",
- static_cast<uint32_t>(rv)));
- return rv;
- }
-
- // Resolved in OnLookupComplete.
- mDNSBlockingThenable = mDNSBlockingPromise.Ensure(__func__);
- }
+
+ Unused << mDNSPrefetch->PrefetchHigh(dnsFlags);
if (StaticPrefs::network_dns_use_https_rr_as_altsvc() && !mHTTPSSVCRecord &&
!(mCaps & NS_HTTP_DISALLOW_HTTPS_RR) && canUseHTTPSRRonNetwork()) {
MOZ_ASSERT(!mHTTPSSVCRecord);
OriginAttributes originAttributes;
StoragePrincipalHelper::GetOriginAttributesForHTTPSRR(this,
originAttributes);
@@ -7176,18 +7148,16 @@ nsresult nsHttpChannel::MaybeStartDNSPre
RefPtr<nsDNSPrefetch> resolver =
new nsDNSPrefetch(mURI, originAttributes, nsIRequest::GetTRRMode());
Unused << resolver->FetchHTTPSSVC(mCaps & NS_HTTP_REFRESH_DNS, true,
[](nsIDNSHTTPSSVCRecord*) {
// Do nothing. This is a DNS prefetch.
});
}
}
-
- return NS_OK;
}
NS_IMETHODIMP
nsHttpChannel::GetEncodedBodySize(uint64_t* aEncodedBodySize) {
if (mCacheEntry && !LoadCacheEntryIsWriteOnly()) {
int64_t dataSize = 0;
mCacheEntry->GetDataSize(&dataSize);
*aEncodedBodySize = dataSize;
diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h
--- a/netwerk/protocol/http/nsHttpChannel.h
+++ b/netwerk/protocol/http/nsHttpChannel.h
@@ -304,33 +304,21 @@ class nsHttpChannel final : public HttpB
bool RequestIsConditional();
void HandleContinueCancellingByURLClassifier(nsresult aErrorCode);
nsresult CancelInternal(nsresult status);
void ContinueCancellingByURLClassifier(nsresult aErrorCode);
// Connections will only be established in this function.
// (including DNS prefetch and speculative connection.)
void MaybeResolveProxyAndBeginConnect();
- nsresult MaybeStartDNSPrefetch();
-
- // Tells the channel to resolve the origin of the end server we are connecting
- // to.
- static uint16_t const DNS_PREFETCH_ORIGIN = 1 << 0;
- // Tells the channel to resolve the host name of the proxy.
- static uint16_t const DNS_PREFETCH_PROXY = 1 << 1;
- // Will be set if the current channel uses an HTTP/HTTPS proxy.
- static uint16_t const DNS_PROXY_IS_HTTP = 1 << 2;
- // Tells the channel to wait for the result of the origin server resolution
- // before any connection attempts are made.
- static uint16_t const DNS_BLOCK_ON_ORIGIN_RESOLVE = 1 << 3;
+ void MaybeStartDNSPrefetch();
// Based on the proxy configuration determine the strategy for resolving the
// end server host name.
- // Returns a combination of the above flags.
- uint16_t GetProxyDNSStrategy();
+ ProxyDNSStrategy GetProxyDNSStrategy();
// We might synchronously or asynchronously call BeginConnect,
// which includes DNS prefetch and speculative connection, according to
// whether an async tracker lookup is required. If the tracker lookup
// is required, this funciton will just return NS_OK and BeginConnect()
// will be called when callback. See Bug 1325054 for more information.
nsresult BeginConnect();
[[nodiscard]] nsresult PrepareToConnect();
diff --git a/netwerk/protocol/http/nsHttpConnectionInfo.h b/netwerk/protocol/http/nsHttpConnectionInfo.h
--- a/netwerk/protocol/http/nsHttpConnectionInfo.h
+++ b/netwerk/protocol/http/nsHttpConnectionInfo.h
@@ -122,16 +122,23 @@ class nsHttpConnectionInfo final : publi
return mProxyInfo ? mProxyInfo->Type() : nullptr;
}
const char* ProxyUsername() const {
return mProxyInfo ? mProxyInfo->Username().get() : nullptr;
}
const char* ProxyPassword() const {
return mProxyInfo ? mProxyInfo->Password().get() : nullptr;
}
+ uint32_t ProxyFlag() const {
+ uint32_t flags = 0;
+ if (mProxyInfo) {
+ mProxyInfo->GetFlags(&flags);
+ }
+ return flags;
+ }
const nsCString& ProxyAuthorizationHeader() const {
return mProxyInfo ? mProxyInfo->ProxyAuthorizationHeader() : EmptyCString();
}
const nsCString& ConnectionIsolationKey() const {
return mProxyInfo ? mProxyInfo->ConnectionIsolationKey() : EmptyCString();
}
diff --git a/netwerk/protocol/http/nsHttpConnectionMgr.cpp b/netwerk/protocol/http/nsHttpConnectionMgr.cpp
--- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp
+++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp
@@ -3570,19 +3570,25 @@ void nsHttpConnectionMgr::DoSpeculativeC
MOZ_ASSERT(OnSocketThread(), "not on socket thread");
MOZ_ASSERT(aTrans);
MOZ_ASSERT(aEnt);
if (!gHttpHandler->Active()) {
// Do nothing if we are shutting down.
return;
}
- if (aFetchHTTPSRR && NS_SUCCEEDED(aTrans->FetchHTTPSRR())) {
- // nsHttpConnectionMgr::DoSpeculativeConnection will be called again when
- // HTTPS RR is available.
+ ProxyDNSStrategy strategy = GetProxyDNSStrategyHelper(
+ aEnt->mConnInfo->ProxyType(), aEnt->mConnInfo->ProxyFlag());
+ // Speculative connections can be triggered by non-Necko consumers,
+ // so add an extra check to ensure HTTPS RR isn't fetched when a proxy is
+ // used.
+ if (aFetchHTTPSRR && strategy == ProxyDNSStrategy::ORIGIN &&
+ NS_SUCCEEDED(aTrans->FetchHTTPSRR())) {
+ // nsHttpConnectionMgr::DoSpeculativeConnection will be called again
+ // when HTTPS RR is available.
return;
}
uint32_t parallelSpeculativeConnectLimit =
aTrans->ParallelSpeculativeConnectLimit()
? *aTrans->ParallelSpeculativeConnectLimit()
: gHttpHandler->ParallelSpeculativeConnectLimit();
bool ignoreIdle = aTrans->IgnoreIdle() ? *aTrans->IgnoreIdle() : false;
diff --git a/netwerk/protocol/http/nsHttpHandler.cpp b/netwerk/protocol/http/nsHttpHandler.cpp
--- a/netwerk/protocol/http/nsHttpHandler.cpp
+++ b/netwerk/protocol/http/nsHttpHandler.cpp
@@ -2403,17 +2403,19 @@ nsresult nsHttpHandler::SpeculativeConne
if (!neckoParent) {
continue;
}
Unused << neckoParent->SendSpeculativeConnectRequest();
}
}
}
- return SpeculativeConnect(ci, aCallbacks);
+ // When ech is enabled, always do speculative connect with HTTPS RR.
+ return MaybeSpeculativeConnectWithHTTPSRR(ci, aCallbacks, 0,
+ EchConfigEnabled());
}
NS_IMETHODIMP
nsHttpHandler::SpeculativeConnect(nsIURI* aURI, nsIPrincipal* aPrincipal,
nsIInterfaceRequestor* aCallbacks,
bool aAnonymous) {
return SpeculativeConnectInternal(aURI, aPrincipal, Nothing(), aCallbacks,
aAnonymous);
diff --git a/netwerk/protocol/http/nsHttpHandler.h b/netwerk/protocol/http/nsHttpHandler.h
--- a/netwerk/protocol/http/nsHttpHandler.h
+++ b/netwerk/protocol/http/nsHttpHandler.h
@@ -291,24 +291,23 @@ class nsHttpHandler final : public nsIHt
[[nodiscard]] nsresult ProcessPendingQ() {
return mConnMgr->ProcessPendingQ();
}
[[nodiscard]] nsresult GetSocketThreadTarget(nsIEventTarget** target) {
return mConnMgr->GetSocketThreadTarget(target);
}
- [[nodiscard]] nsresult SpeculativeConnect(nsHttpConnectionInfo* ci,
- nsIInterfaceRequestor* callbacks,
- uint32_t caps = 0,
- bool aFetchHTTPSRR = false) {
+ [[nodiscard]] nsresult MaybeSpeculativeConnectWithHTTPSRR(
+ nsHttpConnectionInfo* ci, nsIInterfaceRequestor* callbacks, uint32_t caps,
+ bool aFetchHTTPSRR) {
TickleWifi(callbacks);
RefPtr<nsHttpConnectionInfo> clone = ci->Clone();
return mConnMgr->SpeculativeConnect(clone, callbacks, caps, nullptr,
- aFetchHTTPSRR | EchConfigEnabled());
+ aFetchHTTPSRR);
}
[[nodiscard]] nsresult SpeculativeConnect(nsHttpConnectionInfo* ci,
nsIInterfaceRequestor* callbacks,
uint32_t caps,
SpeculativeTransaction* aTrans) {
RefPtr<nsHttpConnectionInfo> clone = ci->Clone();
return mConnMgr->SpeculativeConnect(clone, callbacks, caps, aTrans);
diff --git a/netwerk/test/unit/test_proxyDNS_leak.js b/netwerk/test/unit/test_proxyDNS_leak.js
new file mode 100644
--- /dev/null
+++ b/netwerk/test/unit/test_proxyDNS_leak.js
@@ -0,0 +1,111 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// Test when socks proxy is registered, we don't try to resolve HTTPS record.
+// Steps:
+// 1. Use addHTTPSRecordOverride to add an override for service.com.
+// 2. Add a proxy filter to use socks proxy.
+// 3. Create a request to load service.com.
+// 4. See if the HTTPS record is in DNS cache entries.
+
+"use strict";
+
+const gDashboard = Cc["@mozilla.org/network/dashboard;1"].getService(
+ Ci.nsIDashboard
+);
+const pps = Cc["@mozilla.org/network/protocol-proxy-service;1"].getService();
+
+add_task(async function setup() {
+ Services.prefs.setBoolPref("network.dns.native_https_query", true);
+ Services.prefs.setBoolPref("network.dns.native_https_query_win10", true);
+ const override = Cc["@mozilla.org/network/native-dns-override;1"].getService(
+ Ci.nsINativeDNSResolverOverride
+ );
+
+ let rawBuffer = [
+ 0, 0, 128, 0, 0, 0, 0, 1, 0, 0, 0, 0, 7, 115, 101, 114, 118, 105, 99, 101,
+ 3, 99, 111, 109, 0, 0, 65, 0, 1, 0, 0, 0, 55, 0, 13, 0, 1, 0, 0, 1, 0, 6, 2,
+ 104, 50, 2, 104, 51,
+ ];
+ override.addHTTPSRecordOverride("service.com", rawBuffer, rawBuffer.length);
+ override.addIPOverride("service.com", "127.0.0.1");
+ registerCleanupFunction(() => {
+ Services.prefs.clearUserPref("network.dns.native_https_query");
+ Services.prefs.clearUserPref("network.dns.native_https_query_win10");
+ Services.prefs.clearUserPref("network.dns.localDomains");
+ override.clearOverrides();
+ });
+});
+
+function makeChan(uri) {
+ let chan = NetUtil.newChannel({
+ uri,
+ loadUsingSystemPrincipal: true,
+ contentPolicyType: Ci.nsIContentPolicy.TYPE_DOCUMENT,
+ }).QueryInterface(Ci.nsIHttpChannel);
+ chan.loadFlags = Ci.nsIChannel.LOAD_INITIAL_DOCUMENT_URI;
+ return chan;
+}
+
+function channelOpenPromise(chan, flags) {
+ return new Promise(resolve => {
+ function finish(req, buffer) {
+ resolve([req, buffer]);
+ }
+ chan.asyncOpen(new ChannelListener(finish, null, flags));
+ });
+}
+
+async function isRecordFound(hostname) {
+ return new Promise(resolve => {
+ gDashboard.requestDNSInfo(function (data) {
+ let found = false;
+ for (let i = 0; i < data.entries.length; i++) {
+ if (
+ data.entries[i].hostname == hostname &&
+ data.entries[i].type == Ci.nsIDNSService.RESOLVE_TYPE_HTTPSSVC
+ ) {
+ found = true;
+ break;
+ }
+ }
+ resolve(found);
+ });
+ });
+}
+
+async function do_test_with_proxy_filter(filter) {
+ pps.registerFilter(filter, 10);
+
+ let chan = makeChan(`https://service.com/`);
+ await channelOpenPromise(chan, CL_EXPECT_LATE_FAILURE | CL_ALLOW_UNKNOWN_CL);
+
+ let found = await isRecordFound("service.com");
+ pps.unregisterFilter(filter);
+
+ return found;
+}
+
+add_task(async function test_proxyDNS_do_leak() {
+ let filter = new NodeProxyFilter("socks", "localhost", 443, 0);
+
+ let res = await do_test_with_proxy_filter(filter);
+
+ Assert.ok(res, "Should find a DNS entry");
+});
+
+add_task(async function test_proxyDNS_dont_leak() {
+ Services.dns.clearCache(false);
+
+ let filter = new NodeProxyFilter(
+ "socks",
+ "localhost",
+ 443,
+ Ci.nsIProxyInfo.TRANSPARENT_PROXY_RESOLVES_HOST
+ );
+
+ let res = await do_test_with_proxy_filter(filter);
+
+ Assert.ok(!res, "Should not find a DNS entry");
+});
diff --git a/netwerk/test/unit/xpcshell.toml b/netwerk/test/unit/xpcshell.toml
--- a/netwerk/test/unit/xpcshell.toml
+++ b/netwerk/test/unit/xpcshell.toml
@@ -974,16 +974,22 @@ skip-if = [
["test_proxy-slow-upload.js"]
["test_proxy_cancel.js"]
run-sequentially = "node server exceptions dont replay well"
["test_proxy_pac.js"]
+["test_proxyDNS_leak.js"]
+skip-if = [
+ "os == 'android'",
+ "socketprocess_networking",
+]
+
["test_proxyconnect.js"]
skip-if = [
"tsan",
"socketprocess_networking", # Bug 1614708
]
["test_proxyconnect_https.js"]
skip-if = [
diff --git a/toolkit/content/aboutNetworking.js b/toolkit/content/aboutNetworking.js
--- a/toolkit/content/aboutNetworking.js
+++ b/toolkit/content/aboutNetworking.js
@@ -111,16 +111,21 @@ function displayDns(data) {
prevURL.parentNode.replaceChild(trr_url_tbody, prevURL);
let cont = document.getElementById("dns_content");
let parent = cont.parentNode;
let new_cont = document.createElement("tbody");
new_cont.setAttribute("id", "dns_content");
for (let i = 0; i < data.entries.length; i++) {
+ // TODO: Will be supported in bug 1889387.
+ if (data.entries[i].type != Ci.nsIDNSService.RESOLVE_TYPE_DEFAULT) {
+ continue;
+ }
+
let row = document.createElement("tr");
row.appendChild(col(data.entries[i].hostname));
row.appendChild(col(data.entries[i].family));
row.appendChild(col(data.entries[i].trr));
let column = document.createElement("td");
for (let j = 0; j < data.entries[i].hostaddr.length; j++) {
column.appendChild(document.createTextNode(data.entries[i].hostaddr[j]));

33
patches/webgl-spoofing.patch
View file

@ -1,5 +1,5 @@
diff --git a/dom/canvas/ClientWebGLContext.cpp b/dom/canvas/ClientWebGLContext.cpp
index db60868f65..7361f0fc9c 100644
index a1e5c4792d..be99491bf8 100644
--- a/dom/canvas/ClientWebGLContext.cpp
+++ b/dom/canvas/ClientWebGLContext.cpp
@@ -4,6 +4,9 @@
@ -12,8 +12,8 @@ index db60868f65..7361f0fc9c 100644
#include <bitset>
@@ -744,6 +747,13 @@ void ClientWebGLContext::SetDrawingBufferColorSpace(
Run<RPROC(SetDrawingBufferColorSpace)>(*mDrawingBufferColorSpace);
@@ -750,6 +753,13 @@ void ClientWebGLContext::SetUnpackColorSpace(
Run<RPROC(SetUnpackColorSpace)>(*mUnpackColorSpace);
}
+bool ClientWebGLContext::MBoolVal(const std::string& key, bool defaultValue) {
@ -26,7 +26,7 @@ index db60868f65..7361f0fc9c 100644
void ClientWebGLContext::GetContextAttributes(
dom::Nullable<dom::WebGLContextAttributes>& retval) {
retval.SetNull();
@@ -754,14 +764,38 @@ void ClientWebGLContext::GetContextAttributes(
@@ -760,15 +770,40 @@ void ClientWebGLContext::GetContextAttributes(
const auto& options = mNotLost->info.options;
@ -38,6 +38,7 @@ index db60868f65..7361f0fc9c 100644
- result.mPreserveDrawingBuffer = options.preserveDrawingBuffer;
- result.mFailIfMajorPerformanceCaveat = options.failIfMajorPerformanceCaveat;
- result.mPowerPreference = options.powerPreference;
- result.mForceSoftwareRendering = options.forceSoftwareRendering;
+ result.mAlpha.Construct(MBoolVal("alpha", options.alpha));
+ result.mDepth = MBoolVal("depth", options.depth);
+ result.mStencil = MBoolVal("stencil", options.stencil);
@ -70,10 +71,12 @@ index db60868f65..7361f0fc9c 100644
+ } else {
+ result.mPowerPreference = options.powerPreference;
+ }
+ result.mForceSoftwareRendering = MBoolVal(
+ "forceSoftwareRendering", options.forceSoftwareRendering);
}
// -----------------------
@@ -979,18 +1013,28 @@ bool ClientWebGLContext::CreateHostContext(const uvec2& requestedSize) {
@@ -986,18 +1021,28 @@ bool ClientWebGLContext::CreateHostContext(const uvec2& requestedSize) {
std::unordered_map<GLenum, bool> webgl::MakeIsEnabledMap(const bool webgl2) {
auto ret = std::unordered_map<GLenum, bool>{};
@ -112,7 +115,7 @@ index db60868f65..7361f0fc9c 100644
}
return ret;
@@ -2058,6 +2102,57 @@ void ClientWebGLContext::GetParameter(JSContext* cx, GLenum pname,
@@ -2066,6 +2111,57 @@ void ClientWebGLContext::GetParameter(JSContext* cx, GLenum pname,
const auto& state = State();
// -
@ -170,7 +173,7 @@ index db60868f65..7361f0fc9c 100644
const auto fnSetRetval_Buffer = [&](const GLenum target) {
const auto buffer = *MaybeFind(state.mBoundBufferByTarget, target);
@@ -2163,49 +2258,84 @@ void ClientWebGLContext::GetParameter(JSContext* cx, GLenum pname,
@@ -2171,49 +2267,84 @@ void ClientWebGLContext::GetParameter(JSContext* cx, GLenum pname,
// 2 floats
case LOCAL_GL_DEPTH_RANGE:
@ -268,7 +271,7 @@ index db60868f65..7361f0fc9c 100644
return;
}
@@ -2385,6 +2515,10 @@ void ClientWebGLContext::GetParameter(JSContext* cx, GLenum pname,
@@ -2393,6 +2524,10 @@ void ClientWebGLContext::GetParameter(JSContext* cx, GLenum pname,
switch (pname) {
case dom::WEBGL_debug_renderer_info_Binding::UNMASKED_RENDERER_WEBGL:
@ -279,7 +282,7 @@ index db60868f65..7361f0fc9c 100644
ret = GetUnmaskedRenderer();
if (ret && StaticPrefs::webgl_sanitize_unmasked_renderer()) {
*ret = webgl::SanitizeRenderer(*ret);
@@ -2392,6 +2526,10 @@ void ClientWebGLContext::GetParameter(JSContext* cx, GLenum pname,
@@ -2400,6 +2535,10 @@ void ClientWebGLContext::GetParameter(JSContext* cx, GLenum pname,
break;
case dom::WEBGL_debug_renderer_info_Binding::UNMASKED_VENDOR_WEBGL:
@ -290,7 +293,7 @@ index db60868f65..7361f0fc9c 100644
ret = GetUnmaskedVendor();
break;
@@ -2482,7 +2620,9 @@ void ClientWebGLContext::GetParameter(JSContext* cx, GLenum pname,
@@ -2490,7 +2629,9 @@ void ClientWebGLContext::GetParameter(JSContext* cx, GLenum pname,
case LOCAL_GL_COLOR_WRITEMASK: {
const auto mask = uint8_t(*maybe);
const auto bs = std::bitset<4>(mask);
@ -301,7 +304,7 @@ index db60868f65..7361f0fc9c 100644
JS::Rooted<JS::Value> arr(cx);
if (!dom::ToJSValue(cx, src.data(), src.size(), &arr)) {
rv = NS_ERROR_OUT_OF_MEMORY;
@@ -2865,6 +3005,24 @@ ClientWebGLContext::GetShaderPrecisionFormat(const GLenum shadertype,
@@ -2873,6 +3014,24 @@ ClientWebGLContext::GetShaderPrecisionFormat(const GLenum shadertype,
const GLenum precisiontype) {
if (IsContextLost()) return nullptr;
const auto info = [&]() {
@ -326,7 +329,7 @@ index db60868f65..7361f0fc9c 100644
const auto& inProcess = mNotLost->inProcess;
if (inProcess) {
return inProcess->GetShaderPrecisionFormat(shadertype, precisiontype);
@@ -5822,6 +5980,17 @@ bool ClientWebGLContext::IsSupported(const WebGLExtensionID ext,
@@ -5853,6 +6012,17 @@ bool ClientWebGLContext::IsSupported(const WebGLExtensionID ext,
return false;
}
@ -344,7 +347,7 @@ index db60868f65..7361f0fc9c 100644
const auto& limits = Limits();
return limits.supportedExtensions[ext];
}
@@ -5833,6 +6002,18 @@ void ClientWebGLContext::GetSupportedExtensions(
@@ -5864,6 +6034,18 @@ void ClientWebGLContext::GetSupportedExtensions(
if (!mNotLost) return;
auto& retarr = retval.SetValue();
@ -364,10 +367,10 @@ index db60868f65..7361f0fc9c 100644
if (!IsSupported(i, callerType)) continue;
diff --git a/dom/canvas/ClientWebGLContext.h b/dom/canvas/ClientWebGLContext.h
index 9e8b3c0f00..16e3fc7aa5 100644
index 62957ee445..dfb2b8ff53 100644
--- a/dom/canvas/ClientWebGLContext.h
+++ b/dom/canvas/ClientWebGLContext.h
@@ -1067,6 +1067,9 @@ class ClientWebGLContext final : public nsICanvasRenderingContextInternal,
@@ -1074,6 +1074,9 @@ class ClientWebGLContext final : public nsICanvasRenderingContextInternal,
// -

4
upstream.sh
View file

@ -1,2 +1,2 @@
version=130.0.1
release=beta.13
version=132.0
release=beta.14