Merge branch 'master' into releaseRB_20230123

11 files changed, 109 insertions, 59 deletions

diff --git a/devtools/client/shared/curl.js b/devtools/client/shared/curl.js
index f514ae1d74..5375bd634d 100644
--- a/devtools/client/shared/curl.js
+++ b/devtools/client/shared/curl.js
@@ -8,7 +8,7 @@
  * Copyright (C) 2008, 2009 Anthony Ricaud <rik@webkit.org>
  * Copyright (C) 2011 Google Inc. All rights reserved.
  * Copyright (C) 2009 Mozilla Foundation. All rights reserved.
- * Copyright (C) 2022 Moonchild Productions. All rights reserved.
+ * Copyright (C) 2022, 2023 Moonchild Productions. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -138,7 +138,8 @@ const Curl = {
     for (let i = 0; i < headers.length; i++) {
       let header = headers[i];
       if (header.name.toLowerCase() === "accept-encoding") {
-        addParam("--compressed");
+        // Ignore transfer encoding (compression) as not all commonly installed
+        // versions of curl support this.
         continue;
       }
       if (ignoredHeaders.has(header.name.toLowerCase())) {
@@ -397,41 +398,55 @@ const CurlUtils = {
 
   /**
    * Escape util function for Windows systems.
-   * Credit: Google DevTools
    */
   escapeStringWin: function (str) {
     /* 
-       Replace the backtick character ` with `` in order to escape it.
-       The backtick character is an escape character in PowerShell and
-       can, among other things, be used to disable the effect of some
-       of the other escapes created below.
-
-       Replace dollar sign because of commands in powershell when using
-       double quotes. e.g $(calc.exe).
-       
-       Also see http://www.rlmueller.net/PowerShellEscape.htm for details.
-
-       Replace quote by double quote (but not by \") because it is
-       recognized by both cmd.exe and MS Crt arguments parser.
+       Because the cmd.exe parser and the MS Crt arguments parsers use some
+       of the same escape characters, they can interact with each other in
+       terrible ways, meaning the order of operations is critical here.
 
-       Replace % by "%" because it could be expanded to an environment
-       variable value. So %% becomes "%""%". Even if an env variable ""
-       (2 doublequotes) is declared, the cmd.exe will not
-       substitute it with its value.
+       1. Replace \ with \\ first, because it is an escape character for
+       certain conditions in both parsers.
 
-       Replace each backslash with double backslash to make sure
-       MS Crt arguments parser won't collapse them.
-
-       Replace new line outside of quotes since cmd.exe doesn't let
-       us do it inside.
+       2. Replace double quote chars with two double quotes (not by escaping
+       with \") because it is recognized by both the cmd.exe and MS Crt
+       arguments parsers.
+       
+       3. Escape ` and $ so commands do not get executed, e.g $(calc.exe) or
+       `\$(calc.exe)
+       
+       4. Escape all characters we are not sure about with ^, to ensure it
+       gets to the MS Crt arguments parser safely.
+
+       5. The % character is special because the MS Crt arguments parser will
+       try and look for environment variables and fill them in, in-place. We
+       cannot escape them with % and cannot escape them with ^ (because it's
+       cmd.exe's escape, not the MS Crt arguments parser). So, we can get the
+       cmd.exe parser to escape the character after it, if it is followed by
+       a valid starting character of an environment variable.
+       This ensures we do not try and double-escape another ^ if it was placed
+       by the previous replace.
+
+       6. We replace \r and \r\n with \n; this allows us to consistently
+       escape all new lines in the next replace.
+
+       7. Lastly, we replace new lines with ^ and TWO new lines, because the
+       first new line is there to enact the escape command, and the second is
+       the character to escape (in this case new line).
+       The extra " enables escaping new lines with ^ within quotes in cmd.exe.
     */
-    return "\"" + 
-      str.replaceAll("`", "``")
-         .replaceAll("$", "`$")
-         .replaceAll('"', '""')
-         .replaceAll("%", '"%"')
-         .replace(/\\/g, "\\\\")
-         .replace(/[\r\n]+/g, "\"^$&\"") + "\"";
+    const encapsChars = '"';
+    return (
+      encapsChars +
+      str
+        .replace(/\\/g, "\\\\")
+        .replace(/"/g, '""')
+        .replace(/[`$]/g, "\\$&")
+        .replace(/[^a-zA-Z0-9\s_\-:=+~\/.',?;()*\$&\\{}\"`]/g, "^$&")
+        .replace(/%(?=[a-zA-Z0-9_])/g, "%^")
+        .replace(/\r\n?/g, "\n")
+        .replace(/\n/g, '"^\r\n\r\n"')
+      + encapsChars);
   }
 };
 
diff --git a/dom/base/nsHTMLContentSerializer.cpp b/dom/base/nsHTMLContentSerializer.cpp
index f89b29cb18..28b5ef697e 100644
--- a/dom/base/nsHTMLContentSerializer.cpp
+++ b/dom/base/nsHTMLContentSerializer.cpp
@@ -284,7 +284,7 @@ nsHTMLContentSerializer::AppendElementStart(Element* aElement,
   if (ns == kNameSpaceID_XHTML &&
       (name == nsGkAtoms::script ||
        name == nsGkAtoms::style ||
-       name == nsGkAtoms::noscript ||
+       (name == nsGkAtoms::noscript && aElement->OwnerDoc()->IsScriptEnabled()) ||
        name == nsGkAtoms::noframes)) {
     ++mDisableEntityEncoding;
   }
@@ -314,7 +314,7 @@ nsHTMLContentSerializer::AppendElementEnd(Element* aElement,
   if (ns == kNameSpaceID_XHTML &&
       (name == nsGkAtoms::script ||
        name == nsGkAtoms::style ||
-       name == nsGkAtoms::noscript ||
+       (name == nsGkAtoms::noscript && aElement->OwnerDoc()->IsScriptEnabled()) ||
        name == nsGkAtoms::noframes)) {
     --mDisableEntityEncoding;
   }
diff --git a/dom/performance/PerformanceWorker.cpp b/dom/performance/PerformanceWorker.cpp
index 1fa8cd9356..a98ba6a01f 100644
--- a/dom/performance/PerformanceWorker.cpp
+++ b/dom/performance/PerformanceWorker.cpp
@@ -19,7 +19,9 @@ PerformanceWorker::PerformanceWorker(WorkerPrivate* aWorkerPrivate)
 
 PerformanceWorker::~PerformanceWorker()
 {
-  mWorkerPrivate->AssertIsOnWorkerThread();
+  if (mWorkerPrivate) {
+    mWorkerPrivate->AssertIsOnWorkerThread();
+  }
 }
 
 void
@@ -40,13 +42,19 @@ PerformanceWorker::InsertUserEntry(PerformanceEntry* aEntry)
 TimeStamp
 PerformanceWorker::CreationTimeStamp() const
 {
-  return mWorkerPrivate->CreationTimeStamp();
+  if (mWorkerPrivate) {
+    return mWorkerPrivate->CreationTimeStamp();
+  }
+  return TimeStamp();
 }
 
 DOMHighResTimeStamp
 PerformanceWorker::CreationTime() const
 {
-  return mWorkerPrivate->CreationTime();
+  if (mWorkerPrivate) {
+    return mWorkerPrivate->CreationTime();
+  }
+  return DOMHighResTimeStamp();
 }
 
 } // dom namespace
diff --git a/js/src/jit/JitFrameIterator-inl.h b/js/src/jit/JitFrameIterator-inl.h
index 6854941c37..c13e1670b2 100644
--- a/js/src/jit/JitFrameIterator-inl.h
+++ b/js/src/jit/JitFrameIterator-inl.h
@@ -35,6 +35,12 @@ JitFrameIterator::baselineFrame() const
     return (BaselineFrame*)(fp() - BaselineFrame::FramePointerOffset - BaselineFrame::Size());
 }
 
+inline uint32_t
+JitFrameIterator::baselineFrameNumValueSlots() const {
+    MOZ_ASSERT(isBaselineJS());
+    return baselineFrame()->numValueSlots();
+}
+
 template <typename T>
 bool
 JitFrameIterator::isExitFrameLayout() const
diff --git a/js/src/jit/JitFrameIterator.h b/js/src/jit/JitFrameIterator.h
index 417d11afcc..b5b217b4e1 100644
--- a/js/src/jit/JitFrameIterator.h
+++ b/js/src/jit/JitFrameIterator.h
@@ -256,6 +256,10 @@ class JitFrameIterator
 
     inline BaselineFrame* baselineFrame() const;
 
+    // Returns the number of local and expression stack Values for the current
+    // Baseline frame.
+    inline uint32_t baselineFrameNumValueSlots() const;
+
     // This function isn't used, but we keep it here (debug-only) because it is
     // helpful when chasing issues with the jitcode map.
 #ifdef DEBUG
diff --git a/js/src/jsopcode.cpp b/js/src/jsopcode.cpp
index 30fcd0c87a..1ba19731eb 100644
--- a/js/src/jsopcode.cpp
+++ b/js/src/jsopcode.cpp
@@ -1568,18 +1568,18 @@ DecompileExpressionFromStack(JSContext* cx, int spindex, int skipStackHits, Hand
 
     FrameIter frameIter(cx);
 
-    if (frameIter.done() || !frameIter.hasScript() || frameIter.compartment() != cx->compartment())
-        return true;
+    if (frameIter.done() ||
+        !frameIter.hasScript() ||
+        frameIter.compartment() != cx->compartment() ||
+        frameIter.inPrologue()) {
+      return true;
+    }
 
     RootedScript script(cx, frameIter.script());
     jsbytecode* valuepc = frameIter.pc();
 
     MOZ_ASSERT(script->containsPC(valuepc));
 
-    // Give up if in prologue.
-    if (valuepc < script->main())
-        return true;
-
     if (!FindStartPC(cx, frameIter, spindex, skipStackHits, v, &valuepc))
         return false;
     if (!valuepc)
diff --git a/js/src/vm/Stack.cpp b/js/src/vm/Stack.cpp
index a9c585b295..cdc1046bcc 100644
--- a/js/src/vm/Stack.cpp
+++ b/js/src/vm/Stack.cpp
@@ -1331,6 +1331,21 @@ NonBuiltinScriptFrameIter::settle()
     }
 }
 
+bool
+ FrameIter::inPrologue() const {
+  if (pc() < script()->main()) {
+    return true;
+  }
+  // If we do a VM call before pushing locals in baseline, the stack frame will
+  // not include space for those locals.
+  if (pc() == script()->code() && isBaseline() &&
+      data_.jitFrames_.baselineFrameNumValueSlots() < script()->nfixed()) {
+    return true;
+  }
+
+  return false;
+}
+
 ActivationEntryMonitor::ActivationEntryMonitor(JSContext* cx)
   : cx_(cx), entryMonitor_(cx->runtime()->entryMonitor)
 {
diff --git a/js/src/vm/Stack.h b/js/src/vm/Stack.h
index 6b1b5ba993..b0d29831a3 100644
--- a/js/src/vm/Stack.h
+++ b/js/src/vm/Stack.h
@@ -1884,6 +1884,9 @@ class FrameIter
 
     // This is used to provide a raw interface for debugging.
     void* rawFramePtr() const;
+    
+    // Determines if we're in the prologue of a baseline function.
+    bool inPrologue() const;
 
   private:
     Data data_;
diff --git a/netwerk/protocol/http/Http2Session.cpp b/netwerk/protocol/http/Http2Session.cpp
index 805ea09038..0bd9440034 100644
--- a/netwerk/protocol/http/Http2Session.cpp
+++ b/netwerk/protocol/http/Http2Session.cpp
@@ -1146,7 +1146,9 @@ Http2Session::RemoveStreamFromQueues(Http2Stream *aStream)
 }
 
 void
-Http2Session::CloseStream(Http2Stream *aStream, nsresult aResult)
+Http2Session::CloseStream(Http2Stream *aStream,
+                          nsresult aResult,
+                          bool aRemoveFromQueue)
 {
   MOZ_ASSERT(PR_GetCurrentThread() == gSocketThread);
   LOG3(("Http2Session::CloseStream %p %p 0x%x %X\n",
@@ -1161,7 +1163,9 @@ Http2Session::CloseStream(Http2Stream *aStream, nsresult aResult)
     mInputFrameDataStream = nullptr;
   }
 
-  RemoveStreamFromQueues(aStream);
+  if (aRemoveFromQueue) {
+    RemoveStreamFromQueues(aStream);
+  }
 
   if (aStream->IsTunnel()) {
     UnRegisterTunnel(aStream);
@@ -1914,7 +1918,7 @@ Http2Session::RecvGoAway(Http2Session *self)
     if (self->mPeerGoAwayReason == HTTP_1_1_REQUIRED) {
       stream->Transaction()->DisableSpdy();
     }
-    self->CloseStream(stream, NS_ERROR_NET_RESET);
+    self->CloseStream(stream, NS_ERROR_NET_RESET, false);
     self->mStreamTransactionHash.Remove(stream->Transaction());
   }
 
diff --git a/netwerk/protocol/http/Http2Session.h b/netwerk/protocol/http/Http2Session.h
index d9a3c2b72b..9d6b8c8611 100644
--- a/netwerk/protocol/http/Http2Session.h
+++ b/netwerk/protocol/http/Http2Session.h
@@ -270,7 +270,7 @@ private:
   void        GenerateGoAway(uint32_t);
   void        CleanupStream(Http2Stream *, nsresult, errorType);
   void        CleanupStream(uint32_t, nsresult, errorType);
-  void        CloseStream(Http2Stream *, nsresult);
+  void        CloseStream(Http2Stream *, nsresult, bool aRemoveFromQueue = true);
   void        SendHello();
   void        RemoveStreamFromQueues(Http2Stream *);
   nsresult    ParsePadding(uint8_t &, uint16_t &);
diff --git a/widget/gtk/nsDragService.cpp b/widget/gtk/nsDragService.cpp
index aa5ee2c7ad..4148e5b768 100644
--- a/widget/gtk/nsDragService.cpp
+++ b/widget/gtk/nsDragService.cpp
@@ -793,12 +793,8 @@ nsDragService::GetData(nsITransferable * aTransferable,
                 // Dragging and dropping from the file manager would cause us 
                 // to parse the source text as a nsIFile URL.
                 if ( strcmp(flavorStr, kFileMime) == 0 ) {
-                    gdkFlavor = gdk_atom_intern(kTextMime, FALSE);
+                    gdkFlavor = gdk_atom_intern(gTextUriListType, FALSE);
                     GetTargetDragData(gdkFlavor);
-                    if (!mTargetDragData) {
-                        gdkFlavor = gdk_atom_intern(gTextUriListType, FALSE);
-                        GetTargetDragData(gdkFlavor);
-                    }
                     if (mTargetDragData) {
                         const char* text = static_cast<char*>(mTargetDragData);
                         char16_t* convertedText = nullptr;
@@ -1077,8 +1073,8 @@ nsDragService::IsDataFlavorSupported(const char *aDataFlavor,
             (strcmp(aDataFlavor, kURLMime) == 0 ||
              strcmp(aDataFlavor, kFileMime) == 0)) {
             MOZ_LOG(sDragLm, LogLevel::Debug,
-                   ("good! ( it's text/uri-list and \
-                   we're checking against text/x-moz-url )\n"));
+                   ("good! (it's text/uri-list and \
+                   we're checking against text/x-moz-url)\n"));
             *_retval = true;
         }
         // check for automatic _NETSCAPE_URL -> text/x-moz-url mapping
@@ -1087,19 +1083,18 @@ nsDragService::IsDataFlavorSupported(const char *aDataFlavor,
             (strcmp(name, gMozUrlType) == 0) &&
             (strcmp(aDataFlavor, kURLMime) == 0)) {
             MOZ_LOG(sDragLm, LogLevel::Debug,
-                   ("good! ( it's _NETSCAPE_URL and \
-                   we're checking against text/x-moz-url )\n"));
+                   ("good! (it's _NETSCAPE_URL and \
+                   we're checking against text/x-moz-url)\n"));
             *_retval = true;
         }
         // check for auto text/plain -> text/unicode mapping
         if (!*_retval && 
             name &&
             (strcmp(name, kTextMime) == 0) &&
-            ((strcmp(aDataFlavor, kUnicodeMime) == 0) ||
-             (strcmp(aDataFlavor, kFileMime) == 0))) {
+            (strcmp(aDataFlavor, kUnicodeMime) == 0)) {
             MOZ_LOG(sDragLm, LogLevel::Debug,
-                   ("good! ( it's text plain and we're checking \
-                   against text/unicode or application/x-moz-file)\n"));
+                   ("good! (it's text plain and we're checking \
+                   against text/unicode)\n"));
             *_retval = true;
         }
         g_free(name);