Merge pull request #126 from janekptacijarabaci/js_X-Content-Type-Options_nosniff_json_1

Align XCTO: nosniff allowed script MIME types with the spec

17 files changed, 149 insertions, 71 deletions

diff --git a/dom/base/nsContentUtils.cpp b/dom/base/nsContentUtils.cpp
index 02c6bf1deb..ef87a250ec 100644
--- a/dom/base/nsContentUtils.cpp
+++ b/dom/base/nsContentUtils.cpp
@@ -3717,11 +3717,15 @@ nsContentUtils::IsChildOfSameType(nsIDocument* aDoc)
 }
 
 bool
-nsContentUtils::IsScriptType(const nsACString& aContentType)
+nsContentUtils::IsPlainTextType(const nsACString& aContentType)
 {
   // NOTE: if you add a type here, add it to the CONTENTDLF_CATEGORIES
   // define in nsContentDLF.h as well.
-  return aContentType.EqualsLiteral(APPLICATION_JAVASCRIPT) ||
+  return aContentType.EqualsLiteral(TEXT_PLAIN) ||
+         aContentType.EqualsLiteral(TEXT_CSS) ||
+         aContentType.EqualsLiteral(TEXT_CACHE_MANIFEST) ||
+         aContentType.EqualsLiteral(TEXT_VTT) ||
+         aContentType.EqualsLiteral(APPLICATION_JAVASCRIPT) ||
          aContentType.EqualsLiteral(APPLICATION_XJAVASCRIPT) ||
          aContentType.EqualsLiteral(TEXT_ECMASCRIPT) ||
          aContentType.EqualsLiteral(APPLICATION_ECMASCRIPT) ||
@@ -3731,18 +3735,6 @@ nsContentUtils::IsScriptType(const nsACString& aContentType)
 }
 
 bool
-nsContentUtils::IsPlainTextType(const nsACString& aContentType)
-{
-  // NOTE: if you add a type here, add it to the CONTENTDLF_CATEGORIES
-  // define in nsContentDLF.h as well.
-  return aContentType.EqualsLiteral(TEXT_PLAIN) ||
-         aContentType.EqualsLiteral(TEXT_CSS) ||
-         aContentType.EqualsLiteral(TEXT_CACHE_MANIFEST) ||
-         aContentType.EqualsLiteral(TEXT_VTT) ||
-         IsScriptType(aContentType);
-}
-
-bool
 nsContentUtils::GetWrapperSafeScriptFilename(nsIDocument* aDocument,
                                              nsIURI* aURI,
                                              nsACString& aScriptURI,
diff --git a/dom/base/nsContentUtils.h b/dom/base/nsContentUtils.h
index 0a293d73ea..0932f451e5 100644
--- a/dom/base/nsContentUtils.h
+++ b/dom/base/nsContentUtils.h
@@ -1018,12 +1018,7 @@ public:
   static bool IsChildOfSameType(nsIDocument* aDoc);
 
   /**
-  '* Returns true if the content-type is any of the supported script types.
-   */
-  static bool IsScriptType(const nsACString& aContentType);
-
-  /**
-  '* Returns true if the content-type will be rendered as plain-text.
+   * Returns true if the content-type will be rendered as plain-text.
    */
   static bool IsPlainTextType(const nsACString& aContentType);
 
diff --git a/dom/events/Event.cpp b/dom/events/Event.cpp
index 2af34136ea..2546a81adc 100755
--- a/dom/events/Event.cpp
+++ b/dom/events/Event.cpp
@@ -412,8 +412,17 @@ Event::Constructor(const GlobalObject& aGlobal,
                    ErrorResult& aRv)
 {
   nsCOMPtr<mozilla::dom::EventTarget> t = do_QueryInterface(aGlobal.GetAsSupports());
-  RefPtr<Event> e = new Event(t, nullptr, nullptr);
-  bool trusted = e->Init(t);
+  return Constructor(t, aType, aParam);
+}
+
+// static
+already_AddRefed<Event>
+Event::Constructor(EventTarget* aEventTarget,
+                   const nsAString& aType,
+                   const EventInit& aParam)
+{
+  RefPtr<Event> e = new Event(aEventTarget, nullptr, nullptr);
+  bool trusted = e->Init(aEventTarget);
   e->InitEvent(aType, aParam.mBubbles, aParam.mCancelable);
   e->SetTrusted(trusted);
   e->SetComposed(aParam.mComposed);
@@ -1209,7 +1218,7 @@ Event::Deserialize(const IPC::Message* aMsg, PickleIterator* aIter)
 }
 
 NS_IMETHODIMP_(void)
-Event::SetOwner(mozilla::dom::EventTarget* aOwner)
+Event::SetOwner(EventTarget* aOwner)
 {
   mOwner = nullptr;
 
diff --git a/dom/events/Event.h b/dom/events/Event.h
index c28226e8af..0817aa809e 100755
--- a/dom/events/Event.h
+++ b/dom/events/Event.h
@@ -142,6 +142,10 @@ public:
                                      LayoutDeviceIntPoint aPoint,
                                      CSSIntPoint aDefaultPoint);
 
+  static already_AddRefed<Event> Constructor(EventTarget* aEventTarget,
+                                             const nsAString& aType,
+                                             const EventInit& aParam);
+
   static already_AddRefed<Event> Constructor(const GlobalObject& aGlobal,
                                              const nsAString& aType,
                                              const EventInit& aParam,
diff --git a/dom/security/test/csp/file_child-src_worker-redirect.html b/dom/security/test/csp/file_child-src_worker-redirect.html
index 188f173b86..b0029935c2 100644
--- a/dom/security/test/csp/file_child-src_worker-redirect.html
+++ b/dom/security/test/csp/file_child-src_worker-redirect.html
@@ -23,11 +23,8 @@
           );
 
       worker.onerror = function(error) {
-        var msg = error.message;
-        if (msg.match(/^NetworkError/) || msg.match(/Failed to load worker script/)) {
-          // this means CSP blocked it
-          msg = "blocked";
-        }
+        // this means CSP blocked it
+        var msg = !("message" in error) ? "blocked" : e.message;
         window.parent.postMessage({id:page_id, message:msg}, 'http://mochi.test:8888');
         error.preventDefault();
       };
diff --git a/dom/security/test/general/test_block_script_wrong_mime.html b/dom/security/test/general/test_block_script_wrong_mime.html
index f4da9c577d..34d4b621bc 100644
--- a/dom/security/test/general/test_block_script_wrong_mime.html
+++ b/dom/security/test/general/test_block_script_wrong_mime.html
@@ -53,9 +53,6 @@ function testWorker([mime, shouldLoad]) {
     };
     worker.onerror = (error) => {
       ok(!shouldLoad, `worker with wrong mime '${mime}' should be blocked`);
-      let msg = error.message;
-      ok(msg.match(/^NetworkError/) || msg.match(/Failed to load worker script/),
-         "should gets correct error message");
       error.preventDefault();
       resolve();
     }
@@ -74,9 +71,6 @@ function testWorkerImportScripts([mime, shouldLoad]) {
     };
     worker.onerror = (error) => {
       ok(!shouldLoad, `worker/importScripts with wrong mime '${mime}' should be blocked`);
-      let msg = error.message;
-      ok(msg.match(/^NetworkError/) || msg.match(/Failed to load worker script/),
-         "should gets correct error message");
       error.preventDefault();
       resolve();
     }
diff --git a/dom/workers/WorkerPrivate.cpp b/dom/workers/WorkerPrivate.cpp
index c2ab4aca38..bd8a33032e 100644
--- a/dom/workers/WorkerPrivate.cpp
+++ b/dom/workers/WorkerPrivate.cpp
@@ -495,6 +495,82 @@ private:
   }
 };
 
+class ReportCompileErrorRunnable final : public WorkerRunnable
+{
+public:
+  static void
+  CreateAndDispatch(JSContext* aCx, WorkerPrivate* aWorkerPrivate)
+  {
+    MOZ_ASSERT(aWorkerPrivate);
+    aWorkerPrivate->AssertIsOnWorkerThread();
+
+    RefPtr<ReportCompileErrorRunnable> runnable =
+      new ReportCompileErrorRunnable(aCx, aWorkerPrivate);
+    runnable->Dispatch();
+  }
+
+private:
+  ReportCompileErrorRunnable(JSContext* aCx, WorkerPrivate* aWorkerPrivate)
+    : WorkerRunnable(aWorkerPrivate, ParentThreadUnchangedBusyCount)
+  {
+    aWorkerPrivate->AssertIsOnWorkerThread();
+  }
+
+  void
+  PostDispatch(WorkerPrivate* aWorkerPrivate, bool aDispatchResult) override
+  {
+    aWorkerPrivate->AssertIsOnWorkerThread();
+
+    // Dispatch may fail if the worker was canceled, no need to report that as
+    // an error, so don't call base class PostDispatch.
+  }
+
+  bool
+  WorkerRun(JSContext* aCx, WorkerPrivate* aWorkerPrivate) override
+  {
+    if (aWorkerPrivate->IsFrozen() ||
+        aWorkerPrivate->IsParentWindowPaused()) {
+      MOZ_ASSERT(!IsDebuggerRunnable());
+      aWorkerPrivate->QueueRunnable(this);
+      return true;
+    }
+
+    if (aWorkerPrivate->IsSharedWorker()) {
+      aWorkerPrivate->BroadcastErrorToSharedWorkers(aCx, EmptyString(),
+                                                    EmptyString(),
+                                                    EmptyString(), 0, 0,
+                                                    JSREPORT_ERROR,
+                                                    /* isErrorEvent */ false);
+      return true;
+    }
+
+    if (aWorkerPrivate->IsServiceWorker()) {
+      RefPtr<ServiceWorkerManager> swm = ServiceWorkerManager::GetInstance();
+      if (swm) {
+        swm->HandleError(aCx, aWorkerPrivate->GetPrincipal(),
+                         aWorkerPrivate->WorkerName(),
+                         aWorkerPrivate->ScriptURL(),
+                         EmptyString(), EmptyString(), EmptyString(),
+                         0, 0, JSREPORT_ERROR, JSEXN_ERR);
+      }
+      return true;
+    }
+
+    if (!aWorkerPrivate->IsAcceptingEvents()) {
+      return true;
+    }
+
+    RefPtr<Event> event =
+      Event::Constructor(aWorkerPrivate, NS_LITERAL_STRING("error"),
+                         EventInit());
+    event->SetTrusted(true);
+
+    nsEventStatus status = nsEventStatus_eIgnore;
+    aWorkerPrivate->DispatchDOMEvent(nullptr, event, nullptr, &status);
+    return true;
+  }
+};
+
 class CompileScriptRunnable final : public WorkerRunnable
 {
   nsString mScriptURL;
@@ -538,9 +614,15 @@ private:
     }
 
     // Make sure to propagate exceptions from rv onto aCx, so that they will get
-    // reported after we return.  We do this for all failures on rv, because now
-    // we're using rv to track all the state we care about.
-    //
+    // reported after we return.  We want to propagate just JS exceptions,
+    // because all the other errors are handled when the script is loaded.
+    // See: https://dom.spec.whatwg.org/#concept-event-fire
+    if (rv.Failed() && !rv.IsJSException()) {
+      ReportCompileErrorRunnable::CreateAndDispatch(aCx, aWorkerPrivate);
+      rv.SuppressException();
+      return false;
+    }
+
     // This is a little dumb, but aCx is in the null compartment here because we
     // set it up that way in our Run(), since we had not created the global at
     // that point yet.  So we need to enter the compartment of our global,
@@ -1171,7 +1253,8 @@ private:
       if (aWorkerPrivate->IsSharedWorker()) {
         aWorkerPrivate->BroadcastErrorToSharedWorkers(aCx, mMessage, mFilename,
                                                       mLine, mLineNumber,
-                                                      mColumnNumber, mFlags);
+                                                      mColumnNumber, mFlags,
+                                                      /* isErrorEvent */ true);
         return true;
       }
 
@@ -3250,7 +3333,8 @@ WorkerPrivateParent<Derived>::BroadcastErrorToSharedWorkers(
                                                     const nsAString& aLine,
                                                     uint32_t aLineNumber,
                                                     uint32_t aColumnNumber,
-                                                    uint32_t aFlags)
+                                                    uint32_t aFlags,
+                                                    bool aIsErrorEvent)
 {
   AssertIsOnMainThread();
 
@@ -3281,31 +3365,42 @@ WorkerPrivateParent<Derived>::BroadcastErrorToSharedWorkers(
     // May be null.
     nsPIDOMWindowInner* window = sharedWorker->GetOwner();
 
-    RootedDictionary<ErrorEventInit> errorInit(aCx);
-    errorInit.mBubbles = false;
-    errorInit.mCancelable = true;
-    errorInit.mMessage = aMessage;
-    errorInit.mFilename = aFilename;
-    errorInit.mLineno = aLineNumber;
-    errorInit.mColno = aColumnNumber;
-
-    RefPtr<ErrorEvent> errorEvent =
-      ErrorEvent::Constructor(sharedWorker, NS_LITERAL_STRING("error"),
-                              errorInit);
-    if (!errorEvent) {
+    RefPtr<Event> event;
+
+    if (aIsErrorEvent) {
+      RootedDictionary<ErrorEventInit> errorInit(aCx);
+      errorInit.mBubbles = false;
+      errorInit.mCancelable = true;
+      errorInit.mMessage = aMessage;
+      errorInit.mFilename = aFilename;
+      errorInit.mLineno = aLineNumber;
+      errorInit.mColno = aColumnNumber;
+
+      event = ErrorEvent::Constructor(sharedWorker, NS_LITERAL_STRING("error"),
+                                      errorInit);
+    } else {
+      event = Event::Constructor(sharedWorker, NS_LITERAL_STRING("error"),
+                                 EventInit());
+    }
+
+    if (!event) {
       ThrowAndReport(window, NS_ERROR_UNEXPECTED);
       continue;
     }
 
-    errorEvent->SetTrusted(true);
+    event->SetTrusted(true);
 
     bool defaultActionEnabled;
-    nsresult rv = sharedWorker->DispatchEvent(errorEvent, &defaultActionEnabled);
+    nsresult rv = sharedWorker->DispatchEvent(event, &defaultActionEnabled);
     if (NS_FAILED(rv)) {
       ThrowAndReport(window, rv);
       continue;
     }
 
+    if (!aIsErrorEvent) {
+      continue;
+    }
+
     if (defaultActionEnabled) {
       // Add the owning window to our list so that we will fire an error event
       // at it later.
diff --git a/dom/workers/WorkerPrivate.h b/dom/workers/WorkerPrivate.h
index 8008f30e54..465c0f9a33 100644
--- a/dom/workers/WorkerPrivate.h
+++ b/dom/workers/WorkerPrivate.h
@@ -408,7 +408,8 @@ public:
                                 const nsAString& aLine,
                                 uint32_t aLineNumber,
                                 uint32_t aColumnNumber,
-                                uint32_t aFlags);
+                                uint32_t aFlags,
+                                bool aIsErrorEvent);
 
   void
   WorkerScriptLoaded();
diff --git a/dom/workers/test/test_404.html b/dom/workers/test/test_404.html
index e2e83a35e3..15e5ded684 100644
--- a/dom/workers/test/test_404.html
+++ b/dom/workers/test/test_404.html
@@ -25,7 +25,6 @@ Tests of DOM Worker Threads
 
   worker.onerror = function(event) {
     is(event.target, worker);
-    is(event.message, 'NetworkError: Failed to load worker script at "nonexistent_worker.js"');
     event.preventDefault();
     SimpleTest.finish();
   };
diff --git a/dom/workers/test/test_bug1036484.html b/dom/workers/test/test_bug1036484.html
index 17b9d490fe..49c31bbc9e 100644
--- a/dom/workers/test/test_bug1036484.html
+++ b/dom/workers/test/test_bug1036484.html
@@ -25,7 +25,6 @@ function test(script) {
 
   worker.onerror = function(event) {
     is(event.target, worker);
-    ok(event.message.startsWith("NetworkError: Failed to load worker script"))
     event.preventDefault();
     runTests();
   };
diff --git a/dom/workers/test/test_loadError.html b/dom/workers/test/test_loadError.html
index dc109b796b..b9a215d11e 100644
--- a/dom/workers/test/test_loadError.html
+++ b/dom/workers/test/test_loadError.html
@@ -13,15 +13,13 @@
 <script class="testbody" type="text/javascript">
 "use strict";
 
-var loadErrorMessage = 'SecurityError: Failed to load worker script at "about:blank"';
-
 function nextTest() {
   (function(){
     function workerfunc() {
       var subworker = new Worker("about:blank");
       subworker.onerror = function(e) {
         e.preventDefault();
-        postMessage(e.message);
+        postMessage("ERROR");
       }
     }
     var b = new Blob([workerfunc+'workerfunc();']);
@@ -37,7 +35,7 @@ function nextTest() {
         return;
       }
       w.onmessage = function(e) {
-        is(e.data, loadErrorMessage,
+        is(e.data, "ERROR",
            "Should catch the error when loading inner script");
         if (++i < 2) callworker(i);
         else SimpleTest.finish();
@@ -54,8 +52,6 @@ try {
   var worker = new Worker("about:blank");
   worker.onerror = function(e) {
     e.preventDefault();
-    is(e.message, loadErrorMessage,
-       "Should get the right error from the toplevel script");
     nextTest();
   }
 
diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
index ce0f45dabe..94b0d9bf93 100644
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -1152,7 +1152,7 @@ ProcessXCTO(nsIURI* aURI, nsHttpResponseHead* aResponseHead, nsILoadInfo* aLoadI
     }
 
     if (aLoadInfo->GetExternalContentPolicyType() == nsIContentPolicy::TYPE_SCRIPT) {
-        if (nsContentUtils::IsScriptType(contentType)) {
+        if (nsContentUtils::IsJavascriptMIMEType(NS_ConvertUTF8toUTF16(contentType))) {
             return NS_OK;
         }
         ReportTypeBlocking(aURI, aLoadInfo, "MimeTypeMismatch");
diff --git a/testing/web-platform/meta/fetch/nosniff/worker.html.ini b/testing/web-platform/meta/fetch/nosniff/worker.html.ini
deleted file mode 100644
index 011ad15b81..0000000000
--- a/testing/web-platform/meta/fetch/nosniff/worker.html.ini
+++ /dev/null
@@ -1,3 +0,0 @@
-[worker.html]
-  type: testharness
-  expected: ERROR
diff --git a/testing/web-platform/tests/fetch/nosniff/script.html b/testing/web-platform/tests/fetch/nosniff/script.html
index 667f3c99a6..c5c5167f57 100644
--- a/testing/web-platform/tests/fetch/nosniff/script.html
+++ b/testing/web-platform/tests/fetch/nosniff/script.html
@@ -4,8 +4,8 @@
 <script>
   var log = function() {}, // see comment below
       p = function() {}, // see comment below
-      fails = ["", "?type=", "?type=x", "?type=x/x"],
-      passes = ["?type=text/javascript", "?type=text/ecmascript", "?type=text/ecmascript;blah"]
+      fails = ["", "?type=", "?type=x", "?type=x/x", "?type=text/json"],
+      passes = ["?type=text/javascript", "?type=text/ecmascript", "?type=text/ecmascript;blah", "?type=text/javascript1.0"]
 
   // Ideally we'd also check whether the scripts in fact execute, but that would involve
   // timers and might get a bit racy without cross-browser support for the execute events.
diff --git a/testing/web-platform/tests/workers/Worker_cross_origin_security_err.htm b/testing/web-platform/tests/workers/Worker_cross_origin_security_err.htm
index 647a8b81e2..d57dc29d55 100644
--- a/testing/web-platform/tests/workers/Worker_cross_origin_security_err.htm
+++ b/testing/web-platform/tests/workers/Worker_cross_origin_security_err.htm
@@ -8,7 +8,7 @@ async_test(function(t) {
   try {
     var w = new Worker("ftp://example.org/support/WorkerBasic.js");
     w.onerror = t.step_func_done(function(e) {
-      assert_true(e instanceof ErrorEvent);
+      assert_true(e instanceof Event);
     });
   } catch (e) {
     t.step_func_done(function(e) { assert_true(true); });
diff --git a/testing/web-platform/tests/workers/constructors/SharedWorker/same-origin.html b/testing/web-platform/tests/workers/constructors/SharedWorker/same-origin.html
index 2e0dd8db33..78d53164e6 100644
--- a/testing/web-platform/tests/workers/constructors/SharedWorker/same-origin.html
+++ b/testing/web-platform/tests/workers/constructors/SharedWorker/same-origin.html
@@ -16,7 +16,7 @@ function testSharedWorkerHelper(t, script) {
   try {
     var worker = new SharedWorker(script, '');
     worker.onerror = t.step_func_done(function(e) {
-      assert_true(e instanceof ErrorEvent);
+      assert_true(e instanceof Event);
     });
   } catch (e) {
     t.step_func_done(function(e) { assert_true(true); });
diff --git a/testing/web-platform/tests/workers/constructors/Worker/same-origin.html b/testing/web-platform/tests/workers/constructors/Worker/same-origin.html
index 9b0148da3a..bbc4382d0b 100644
--- a/testing/web-platform/tests/workers/constructors/Worker/same-origin.html
+++ b/testing/web-platform/tests/workers/constructors/Worker/same-origin.html
@@ -14,7 +14,7 @@ function testSharedWorkerHelper(t, script) {
   try {
     var worker = new SharedWorker(script, '');
     worker.onerror = t.step_func_done(function(e) {
-      assert_true(e instanceof ErrorEvent);
+      assert_true(e instanceof Event);
     });
   } catch (e) {
     t.step_func_done(function(e) { assert_true(true); });