Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 24 Feb 2018 00:49:01 +0000 (UTC)
From:      Jan Beich <jbeich@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r462756 - in head/www/waterfox: . files
Message-ID:  <201802240049.w1O0n1xF080856@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: jbeich
Date: Sat Feb 24 00:49:01 2018
New Revision: 462756
URL: https://svnweb.freebsd.org/changeset/ports/462756

Log:
  www/waterfox: apply some FF59 fixes

Added:
  head/www/waterfox/files/patch-bug1325888   (contents, props changed)
  head/www/waterfox/files/patch-bug1345058   (contents, props changed)
  head/www/waterfox/files/patch-bug1363038   (contents, props changed)
  head/www/waterfox/files/patch-bug1385609   (contents, props changed)
  head/www/waterfox/files/patch-bug1393235   (contents, props changed)
  head/www/waterfox/files/patch-bug1394601   (contents, props changed)
  head/www/waterfox/files/patch-bug1426869   (contents, props changed)
  head/www/waterfox/files/patch-bug1427118   (contents, props changed)
  head/www/waterfox/files/patch-bug1435859   (contents, props changed)
  head/www/waterfox/files/patch-bug1437507   (contents, props changed)
  head/www/waterfox/files/patch-revert-bug1393954   (contents, props changed)
Modified:
  head/www/waterfox/Makefile   (contents, props changed)

Modified: head/www/waterfox/Makefile
==============================================================================
--- head/www/waterfox/Makefile	Sat Feb 24 00:32:08 2018	(r462755)
+++ head/www/waterfox/Makefile	Sat Feb 24 00:49:01 2018	(r462756)
@@ -3,6 +3,7 @@
 PORTNAME=	waterfox
 DISTVERSION=	56.0.4-20
 DISTVERSIONSUFFIX=	-ge03e284b083d
+PORTREVISION=	1
 CATEGORIES=	www ipv6
 
 MAINTAINER=	jbeich@FreeBSD.org

Added: head/www/waterfox/files/patch-bug1325888
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/waterfox/files/patch-bug1325888	Sat Feb 24 00:49:01 2018	(r462756)
@@ -0,0 +1,39 @@
+commit fb631be6ce75
+Author: DimiL <dlee@mozilla.com>
+Date:   Wed Nov 1 08:40:00 2017 +0800
+
+    Bug 1325888 - Clear cached completion result when close safebrowsing database. r=francois
+    
+    Safebrowsing testcase will close and then re-open database to simulate firefox restart.
+    This bug happened when DB service already has a previously cached completion result and then
+    re-open database. In this scenario, if testcase triggers another the same completion request,
+    we won't cache it because we thought we have it already (See nsUrlClassifierDBServiceWorker::CacheCompletion).
+    
+    This causes a testcase assertion when testcase expects the completion
+    result should be stored in LookupCache.
+    
+    MozReview-Commit-ID: 8o57jHv92OH
+    
+    --HG--
+    extra : rebase_source : 90861060437d6cef860b85dd669d76e74ceec660
+---
+ toolkit/components/url-classifier/nsUrlClassifierDBService.cpp | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git toolkit/components/url-classifier/nsUrlClassifierDBService.cpp toolkit/components/url-classifier/nsUrlClassifierDBService.cpp
+index e1a1be065aaf..a108812a1792 100644
+--- toolkit/components/url-classifier/nsUrlClassifierDBService.cpp
++++ toolkit/components/url-classifier/nsUrlClassifierDBService.cpp
+@@ -812,6 +812,12 @@ nsUrlClassifierDBServiceWorker::CloseDb()
+     mClassifier = nullptr;
+   }
+ 
++  // Clear last completion result when close db so we will still cache completion
++  // result next time we re-open it.
++  if (mLastResults) {
++    mLastResults->Clear();
++  }
++
+   LOG(("urlclassifier db closed\n"));
+ 
+   return NS_OK;

Added: head/www/waterfox/files/patch-bug1345058
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/waterfox/files/patch-bug1345058	Sat Feb 24 00:49:01 2018	(r462756)
@@ -0,0 +1,620 @@
+commit 1f57fdb85d3d
+Author: Thomas Nguyen <tnguyen@mozilla.com>
+Date:   Mon Aug 14 14:05:23 2017 +0800
+
+    Bug 1345058 - Asynchronously decide if a flash document should be blocked. r=baku
+    
+    MozReview-Commit-ID: K91cSvIdOrb
+    
+    --HG--
+    extra : rebase_source : 4d91ab3499c0124129e74a054c5cc78882ff351e
+---
+ dom/base/nsDocument.cpp                            | 447 ++++++++++++++++++---
+ dom/base/nsDocument.h                              |   5 +
+ .../url-classifier/nsUrlClassifierDBService.cpp    |  22 +-
+ 3 files changed, 401 insertions(+), 73 deletions(-)
+
+diff --git dom/base/nsDocument.cpp dom/base/nsDocument.cpp
+index acfde3bc0210..386c96745438 100644
+--- dom/base/nsDocument.cpp
++++ dom/base/nsDocument.cpp
+@@ -279,6 +279,7 @@
+ #include "nsIURIClassifier.h"
+ #include "mozilla/DocumentStyleRootIterator.h"
+ #include "mozilla/ServoRestyleManager.h"
++#include "mozilla/ClearOnShutdown.h"
+ 
+ using namespace mozilla;
+ using namespace mozilla::dom;
+@@ -319,6 +320,65 @@ GetHttpChannelHelper(nsIChannel* aChannel, nsIHttpChannel** aHttpChannel)
+   return NS_OK;
+ }
+ 
++////////////////////////////////////////////////////////////////////
++// PrincipalFlashClassifier
++
++// Classify the flash based on the document principal.
++// The usage of this class is as follows:
++//
++// 1) Call AsyncClassify() as early as possible to asynchronously do
++//    classification against all the flash blocking related tables
++//    via nsIURIClassifier.asyncClassifyLocalWithTables.
++//
++// 2) At any time you need the classification result, call Result()
++//    and it is guaranteed to give you the result. Note that you have
++//    to specify "aIsThirdParty" to the function so please make sure
++//    you can already correctly decide if the document is third-party.
++//
++//    Behind the scenes, the sync classification API
++//    (nsIURIClassifier.classifyLocalWithTable) may be called as a fallback to
++//    synchronously get the result if the asyncClassifyLocalWithTables hasn't
++//    been done yet.
++//
++// 3) You can call Result() as many times as you want and only the first time
++//    it may unfortunately call the blocking sync API. The subsequent call
++//    will just return the result that came out at the first time.
++//
++class PrincipalFlashClassifier final : public nsIURIClassifierCallback
++{
++public:
++  NS_DECL_THREADSAFE_ISUPPORTS
++  NS_DECL_NSIURICLASSIFIERCALLBACK
++
++  PrincipalFlashClassifier();
++
++  // Fire async classification based on the given principal.
++  void AsyncClassify(nsIPrincipal* aPrincipal);
++
++  // Would block if the result hasn't come out.
++  mozilla::dom::FlashClassification ClassifyMaybeSync(nsIPrincipal* aPrincipal,
++                                           bool aIsThirdParty);
++
++private:
++ ~PrincipalFlashClassifier() = default;
++
++  void Reset();
++  bool EnsureUriClassifier();
++  mozilla::dom::FlashClassification CheckIfClassifyNeeded(nsIPrincipal* aPrincipal);
++  mozilla::dom::FlashClassification Resolve(bool aIsThirdParty);
++  mozilla::dom::FlashClassification AsyncClassifyInternal(nsIPrincipal* aPrincipal);
++  void GetClassificationTables(bool aIsThirdParty, nsACString& aTables);
++
++  // For the fallback sync classification.
++  nsCOMPtr<nsIURI> mClassificationURI;
++
++  nsCOMPtr<nsIURIClassifier> mUriClassifier;
++  bool mAsyncClassified;
++  nsTArray<nsCString> mMatchedTables;
++  mozilla::dom::FlashClassification mResult;
++};
++
++
+ #define NAME_NOT_VALID ((nsSimpleContentList*)1)
+ 
+ nsIdentifierMapEntry::~nsIdentifierMapEntry()
+@@ -1575,6 +1635,9 @@ nsDocument::nsDocument(const char* aContentType)
+ 
+   // void state used to differentiate an empty source from an unselected source
+   mPreloadPictureFoundSource.SetIsVoid(true);
++  // For determining if this is a flash document which should be
++  // blocked based on its principal.
++  mPrincipalFlashClassifier = new PrincipalFlashClassifier();
+ }
+ 
+ void
+@@ -2761,6 +2824,11 @@ nsDocument::StartDocumentLoad(const char* aCommand, nsIChannel* aChannel,
+     aChannel->Cancel(NS_ERROR_CSP_FRAME_ANCESTOR_VIOLATION);
+   }
+ 
++  // Perform a async flash classification based on the doc principal
++  // in an early stage to reduce the blocking time.
++  mFlashClassification = FlashClassification::Unclassified;
++  mPrincipalFlashClassifier->AsyncClassify(GetPrincipal());
++
+   return NS_OK;
+ }
+ 
+@@ -13483,6 +13551,23 @@ nsIDocument::UpdateStyleBackendType()
+ #endif
+ }
+ 
++/**
++ * Retrieves the classification of the Flash plugins in the document based on
++ * the classification lists. We perform AsyncInitFlashClassification on
++ * StartDocumentLoad() and the result may not be initialized when this function
++ * gets called. In that case, We can only unfortunately have a blocking wait.
++ *
++ * For more information, see
++ * toolkit/components/url-classifier/flash-block-lists.rst
++ */
++FlashClassification
++nsDocument::PrincipalFlashClassification()
++{
++  MOZ_ASSERT(mPrincipalFlashClassifier);
++  return mPrincipalFlashClassifier->ClassifyMaybeSync(GetPrincipal(),
++                                                      IsThirdParty());
++}
++
+ /**
+  * Helper function for |nsDocument::PrincipalFlashClassification|
+  *
+@@ -13523,27 +13608,279 @@ ArrayContainsTable(const nsTArray<nsCString>& aTableArray,
+   return false;
+ }
+ 
+-/**
+- * Retrieves the classification of the Flash plugins in the document based on
+- * the classification lists.
+- *
+- * For more information, see
+- * toolkit/components/url-classifier/flash-block-lists.rst
+- */
++namespace {
++
++// An object to store all preferences we need for flash blocking feature.
++struct PrefStore
++{
++  PrefStore()
++  {
++    Preferences::AddBoolVarCache(&mFlashBlockEnabled,
++                                 "plugins.flashBlock.enabled");
++    Preferences::AddBoolVarCache(&mPluginsHttpOnly,
++                                 "plugins.http_https_only");
++
++    // We only need to register string-typed preferences.
++    Preferences::RegisterCallback(UpdateStringPrefs, "urlclassifier.flashAllowTable", this);
++    Preferences::RegisterCallback(UpdateStringPrefs, "urlclassifier.flashAllowExceptTable", this);
++    Preferences::RegisterCallback(UpdateStringPrefs, "urlclassifier.flashTable", this);
++    Preferences::RegisterCallback(UpdateStringPrefs, "urlclassifier.flashExceptTable", this);
++    Preferences::RegisterCallback(UpdateStringPrefs, "urlclassifier.flashSubDocTable", this);
++    Preferences::RegisterCallback(UpdateStringPrefs, "urlclassifier.flashSubDocExceptTable", this);
++
++    UpdateStringPrefs();
++  }
++
++  ~PrefStore()
++  {
++    Preferences::UnregisterCallback(UpdateStringPrefs, "urlclassifier.flashAllowTable", this);
++    Preferences::UnregisterCallback(UpdateStringPrefs, "urlclassifier.flashAllowExceptTable", this);
++    Preferences::UnregisterCallback(UpdateStringPrefs, "urlclassifier.flashTable", this);
++    Preferences::UnregisterCallback(UpdateStringPrefs, "urlclassifier.flashExceptTable", this);
++    Preferences::UnregisterCallback(UpdateStringPrefs, "urlclassifier.flashSubDocTable", this);
++    Preferences::UnregisterCallback(UpdateStringPrefs, "urlclassifier.flashSubDocExceptTable", this);
++  }
++
++  void UpdateStringPrefs()
++  {
++    Preferences::GetCString("urlclassifier.flashAllowTable", mAllowTables);
++    Preferences::GetCString("urlclassifier.flashAllowExceptTable", mAllowExceptionsTables);
++    Preferences::GetCString("urlclassifier.flashTable", mDenyTables);
++    Preferences::GetCString("urlclassifier.flashExceptTable", mDenyExceptionsTables);
++    Preferences::GetCString("urlclassifier.flashSubDocTable", mSubDocDenyTables);
++    Preferences::GetCString("urlclassifier.flashSubDocExceptTable", mSubDocDenyExceptionsTables);
++  }
++
++  static void UpdateStringPrefs(const char*, void* aClosure)
++  {
++    static_cast<PrefStore*>(aClosure)->UpdateStringPrefs();
++  }
++
++  bool mFlashBlockEnabled;
++  bool mPluginsHttpOnly;
++
++  nsCString mAllowTables;
++  nsCString mAllowExceptionsTables;
++  nsCString mDenyTables;
++  nsCString mDenyExceptionsTables;
++  nsCString mSubDocDenyTables;
++  nsCString mSubDocDenyExceptionsTables;
++};
++
++static const
++PrefStore& GetPrefStore()
++{
++  static UniquePtr<PrefStore> sPrefStore;
++  if (!sPrefStore) {
++    sPrefStore.reset(new PrefStore());
++    ClearOnShutdown(&sPrefStore);
++  }
++  return *sPrefStore;
++}
++
++} // end of unnamed namespace.
++
++////////////////////////////////////////////////////////////////////
++// PrincipalFlashClassifier implementation.
++
++NS_IMPL_ISUPPORTS(PrincipalFlashClassifier, nsIURIClassifierCallback)
++
++PrincipalFlashClassifier::PrincipalFlashClassifier()
++{
++  Reset();
++}
++
++void
++PrincipalFlashClassifier::Reset()
++{
++  mAsyncClassified = false;
++  mMatchedTables.Clear();
++  mResult = FlashClassification::Unclassified;
++}
++
++void
++PrincipalFlashClassifier::GetClassificationTables(bool aIsThirdParty,
++                                                  nsACString& aTables)
++{
++  aTables.Truncate();
++  auto& prefs = GetPrefStore();
++
++  MaybeAddTableToTableList(prefs.mAllowTables, aTables);
++  MaybeAddTableToTableList(prefs.mAllowExceptionsTables, aTables);
++  MaybeAddTableToTableList(prefs.mDenyTables, aTables);
++  MaybeAddTableToTableList(prefs.mDenyExceptionsTables, aTables);
++
++  if (aIsThirdParty) {
++    MaybeAddTableToTableList(prefs.mSubDocDenyTables, aTables);
++    MaybeAddTableToTableList(prefs.mSubDocDenyExceptionsTables, aTables);
++  }
++}
++
++bool
++PrincipalFlashClassifier::EnsureUriClassifier()
++{
++  if (!mUriClassifier) {
++    mUriClassifier = do_GetService(NS_URICLASSIFIERSERVICE_CONTRACTID);
++  }
++
++  return !!mUriClassifier;
++}
++
+ FlashClassification
+-nsDocument::PrincipalFlashClassification()
++PrincipalFlashClassifier::ClassifyMaybeSync(nsIPrincipal* aPrincipal, bool aIsThirdParty)
++{
++  if (FlashClassification::Unclassified != mResult) {
++    // We already have the result. Just return it.
++    return mResult;
++  }
++
++  // TODO: Bug 1342333 - Entirely remove the use of the sync API
++  // (ClassifyLocalWithTables).
++  if (!mAsyncClassified) {
++
++    //
++    // We may
++    //   1) have called AsyncClassifyLocalWithTables but OnClassifyComplete
++    //      hasn't been called.
++    //   2) haven't even called AsyncClassifyLocalWithTables.
++    //
++    // In both cases we need to do the synchronous classification as the fallback.
++    //
++
++    if (!EnsureUriClassifier()) {
++      return FlashClassification::Denied;
++    }
++    mResult = CheckIfClassifyNeeded(aPrincipal);
++    if (FlashClassification::Unclassified != mResult) {
++      return mResult;
++    }
++
++    nsresult rv;
++    nsAutoCString classificationTables;
++    GetClassificationTables(aIsThirdParty, classificationTables);
++
++    if (!mClassificationURI) {
++      rv = aPrincipal->GetURI(getter_AddRefs(mClassificationURI));
++      if (NS_FAILED(rv) || !mClassificationURI) {
++        mResult = FlashClassification::Denied;
++        return mResult;
++      }
++    }
++
++    rv = mUriClassifier->ClassifyLocalWithTables(mClassificationURI,
++                                                 classificationTables,
++                                                 mMatchedTables);
++    if (NS_WARN_IF(NS_FAILED(rv))) {
++      if (rv == NS_ERROR_MALFORMED_URI) {
++        // This means that the URI had no hostname (ex: file://doc.html). In this
++        // case, we allow the default (Unknown plugin) behavior.
++        mResult = FlashClassification::Unknown;
++      } else {
++        mResult = FlashClassification::Denied;
++      }
++      return mResult;
++    }
++  }
++
++  // Resolve the result based on mMatchedTables and aIsThirdParty.
++  mResult = Resolve(aIsThirdParty);
++  MOZ_ASSERT(FlashClassification::Unclassified != mResult);
++
++  // The subsequent call of Result() will return the resolved result
++  // and never reach here until Reset() is called.
++  return mResult;
++}
++
++/*virtual*/ nsresult
++PrincipalFlashClassifier::OnClassifyComplete(nsresult /*aErrorCode*/,
++                                             const nsACString& aLists, // Only this matters.
++                                             const nsACString& /*aProvider*/,
++                                             const nsACString& /*aPrefix*/)
++{
++  mAsyncClassified = true;
++
++  if (FlashClassification::Unclassified != mResult) {
++    // Result() has been called prior to this callback.
++    return NS_OK;
++  }
++
++  // TODO: Bug 1364804 - We should use a callback type which notifies
++  // the result as a string array rather than a formatted string.
++
++  // We only populate the matched list without resolving the classification
++  // result because we are not sure if the parent doc has been properly set.
++  // We also parse the comma-separated tables to array. (the code is copied
++  // from Classifier::SplitTables.)
++  nsACString::const_iterator begin, iter, end;
++  aLists.BeginReading(begin);
++  aLists.EndReading(end);
++  while (begin != end) {
++    iter = begin;
++    FindCharInReadable(',', iter, end);
++    nsDependentCSubstring table = Substring(begin,iter);
++    if (!table.IsEmpty()) {
++      mMatchedTables.AppendElement(Substring(begin, iter));
++    }
++    begin = iter;
++    if (begin != end) {
++      begin++;
++    }
++  }
++
++  return NS_OK;
++}
++
++// We resolve the classification result based on aIsThirdParty
++// and the matched tables we got ealier on (via either sync or async API).
++FlashClassification
++PrincipalFlashClassifier::Resolve(bool aIsThirdParty)
++{
++  MOZ_ASSERT(FlashClassification::Unclassified == mResult,
++             "We already have resolved classification result.");
++
++  if (mMatchedTables.IsEmpty()) {
++    return FlashClassification::Unknown;
++  }
++
++  auto& prefs = GetPrefStore();
++  if (ArrayContainsTable(mMatchedTables, prefs.mDenyTables) &&
++      !ArrayContainsTable(mMatchedTables, prefs.mDenyExceptionsTables)) {
++    return FlashClassification::Denied;
++  } else if (ArrayContainsTable(mMatchedTables, prefs.mAllowTables) &&
++             !ArrayContainsTable(mMatchedTables, prefs.mAllowExceptionsTables)) {
++    return FlashClassification::Allowed;
++  }
++
++  if (aIsThirdParty && ArrayContainsTable(mMatchedTables, prefs.mSubDocDenyTables) &&
++      !ArrayContainsTable(mMatchedTables, prefs.mSubDocDenyExceptionsTables)) {
++    return FlashClassification::Denied;
++  }
++
++  return FlashClassification::Unknown;
++}
++
++void
++PrincipalFlashClassifier::AsyncClassify(nsIPrincipal* aPrincipal)
++{
++  MOZ_ASSERT(FlashClassification::Unclassified == mResult,
++             "The old classification result should be reset first.");
++  Reset();
++  mResult = AsyncClassifyInternal(aPrincipal);
++}
++
++FlashClassification
++PrincipalFlashClassifier::CheckIfClassifyNeeded(nsIPrincipal* aPrincipal)
+ {
+   nsresult rv;
+ 
+-  bool httpOnly = Preferences::GetBool("plugins.http_https_only", true);
+-  bool flashBlock = Preferences::GetBool("plugins.flashBlock.enabled", false);
++  auto& prefs = GetPrefStore();
+ 
+   // If neither pref is on, skip the null-principal and principal URI checks.
+-  if (!httpOnly && !flashBlock) {
+-    return FlashClassification::Unknown;
++  if (prefs.mPluginsHttpOnly && !prefs.mFlashBlockEnabled) {
++   return FlashClassification::Unknown;
+   }
+ 
+-  nsCOMPtr<nsIPrincipal> principal = GetPrincipal();
++  nsCOMPtr<nsIPrincipal> principal = aPrincipal;
+   if (principal->GetIsNullPrincipal()) {
+     return FlashClassification::Denied;
+   }
+@@ -13554,7 +13891,7 @@ nsDocument::PrincipalFlashClassification()
+     return FlashClassification::Denied;
+   }
+ 
+-  if (httpOnly) {
++  if (prefs.mPluginsHttpOnly) {
+     // Only allow plugins for documents from an HTTP/HTTPS origin. This should
+     // allow dependent data: URIs to load plugins, but not:
+     // * chrome documents
+@@ -13570,49 +13907,50 @@ nsDocument::PrincipalFlashClassification()
+ 
+   // If flash blocking is disabled, it is equivalent to all sites being
+   // on neither list.
+-  if (!flashBlock) {
++  if (!prefs.mFlashBlockEnabled) {
+     return FlashClassification::Unknown;
+   }
+ 
+-  nsAutoCString allowTables, allowExceptionsTables,
+-                denyTables, denyExceptionsTables,
+-                subDocDenyTables, subDocDenyExceptionsTables,
+-                tables;
+-  Preferences::GetCString("urlclassifier.flashAllowTable", allowTables);
+-  MaybeAddTableToTableList(allowTables, tables);
+-  Preferences::GetCString("urlclassifier.flashAllowExceptTable",
+-                          allowExceptionsTables);
+-  MaybeAddTableToTableList(allowExceptionsTables, tables);
+-  Preferences::GetCString("urlclassifier.flashTable", denyTables);
+-  MaybeAddTableToTableList(denyTables, tables);
+-  Preferences::GetCString("urlclassifier.flashExceptTable",
+-                          denyExceptionsTables);
+-  MaybeAddTableToTableList(denyExceptionsTables, tables);
+-
+-  bool isThirdPartyDoc = IsThirdParty();
+-  if (isThirdPartyDoc) {
+-    Preferences::GetCString("urlclassifier.flashSubDocTable",
+-                            subDocDenyTables);
+-    MaybeAddTableToTableList(subDocDenyTables, tables);
+-    Preferences::GetCString("urlclassifier.flashSubDocExceptTable",
+-                            subDocDenyExceptionsTables);
+-    MaybeAddTableToTableList(subDocDenyExceptionsTables, tables);
++  return FlashClassification::Unclassified;
++}
++
++// Using nsIURIClassifier.asyncClassifyLocalWithTables to do classification
++// against the flash related tables based on the given principal.
++FlashClassification
++PrincipalFlashClassifier::AsyncClassifyInternal(nsIPrincipal* aPrincipal)
++{
++  auto result = CheckIfClassifyNeeded(aPrincipal);
++  if (FlashClassification::Unclassified != result) {
++    return result;
+   }
+ 
++  // We haven't been able to decide if it's a third party document
++  // since determining if a document is third-party may depend on its
++  // parent document. At the time we call AsyncClassifyInternal
++  // (i.e. StartDocumentLoad) the parent document may not have been
++  // set. As a result, we wait until Resolve() to be called to
++  // take "is third party" into account. At this point, we just assume
++  // it's third-party to include every list.
++  nsAutoCString tables;
++  GetClassificationTables(true, tables);
++
+   if (tables.IsEmpty()) {
+     return FlashClassification::Unknown;
+   }
+ 
+-  nsCOMPtr<nsIURIClassifier> uriClassifier =
+-    do_GetService(NS_URICLASSIFIERSERVICE_CONTRACTID, &rv);
+-  if (NS_FAILED(rv)) {
++  if (!EnsureUriClassifier()) {
+     return FlashClassification::Denied;
+   }
+ 
+-  nsTArray<nsCString> results;
+-  rv = uriClassifier->ClassifyLocalWithTables(classificationURI,
+-                                              tables,
+-                                              results);
++  nsresult rv = aPrincipal->GetURI(getter_AddRefs(mClassificationURI));
++  if (NS_FAILED(rv) || !mClassificationURI) {
++    return FlashClassification::Denied;
++  }
++
++  rv = mUriClassifier->AsyncClassifyLocalWithTables(mClassificationURI,
++                                                    tables,
++                                                    this);
++
+   if (NS_FAILED(rv)) {
+     if (rv == NS_ERROR_MALFORMED_URI) {
+       // This means that the URI had no hostname (ex: file://doc.html). In this
+@@ -13623,24 +13961,7 @@ nsDocument::PrincipalFlashClassification()
+     }
+   }
+ 
+-  if (results.IsEmpty()) {
+-    return FlashClassification::Unknown;
+-  }
+-
+-  if (ArrayContainsTable(results, denyTables) &&
+-      !ArrayContainsTable(results, denyExceptionsTables)) {
+-    return FlashClassification::Denied;
+-  } else if (ArrayContainsTable(results, allowTables) &&
+-             !ArrayContainsTable(results, allowExceptionsTables)) {
+-    return FlashClassification::Allowed;
+-  }
+-
+-  if (isThirdPartyDoc && ArrayContainsTable(results, subDocDenyTables) &&
+-      !ArrayContainsTable(results, subDocDenyExceptionsTables)) {
+-    return FlashClassification::Denied;
+-  }
+-
+-  return FlashClassification::Unknown;
++  return FlashClassification::Unclassified;
+ }
+ 
+ FlashClassification
+diff --git dom/base/nsDocument.h dom/base/nsDocument.h
+index be3d59698b56..5a2938f353a3 100644
+--- dom/base/nsDocument.h
++++ dom/base/nsDocument.h
+@@ -72,6 +72,7 @@
+ #include "CustomElementRegistry.h"
+ #include "mozilla/dom/Performance.h"
+ #include "mozilla/Maybe.h"
++#include "nsIURIClassifier.h"
+ 
+ #define XML_DECLARATION_BITS_DECLARATION_EXISTS   (1 << 0)
+ #define XML_DECLARATION_BITS_ENCODING_EXISTS      (1 << 1)
+@@ -346,6 +347,9 @@ protected:
+   bool mHaveShutDown;
+ };
+ 
++// For classifying a flash document based on its principal.
++class PrincipalFlashClassifier;
++
+ // Base class for our document implementations.
+ class nsDocument : public nsIDocument,
+                    public nsIDOMDocument,
+@@ -1184,6 +1188,7 @@ protected:
+   // non-null when this document is in fullscreen mode.
+   nsWeakPtr mFullscreenRoot;
+ 
++  RefPtr<PrincipalFlashClassifier> mPrincipalFlashClassifier;
+   mozilla::dom::FlashClassification mFlashClassification;
+   // Do not use this value directly. Call the |IsThirdParty()| method, which
+   // caches its result here.
+diff --git toolkit/components/url-classifier/nsUrlClassifierDBService.cpp toolkit/components/url-classifier/nsUrlClassifierDBService.cpp
+index 074bfc583b93..6476b8d546f3 100644
+--- toolkit/components/url-classifier/nsUrlClassifierDBService.cpp
++++ toolkit/components/url-classifier/nsUrlClassifierDBService.cpp
+@@ -1783,6 +1783,18 @@ nsUrlClassifierDBService::AsyncClassifyLocalWithTables(nsIURI *aURI,
+   MOZ_ASSERT(NS_IsMainThread(), "AsyncClassifyLocalWithTables must be called "
+                                 "on main thread");
+ 
++  // We do this check no matter what process we are in to return
++  // error as early as possible.
++  nsCOMPtr<nsIURI> uri = NS_GetInnermostURI(aURI);
++  NS_ENSURE_TRUE(uri, NS_ERROR_FAILURE);
++
++  nsAutoCString key;
++  // Canonicalize the url
++  nsCOMPtr<nsIUrlClassifierUtils> utilsService =
++    do_GetService(NS_URLCLASSIFIERUTILS_CONTRACTID);
++  nsresult rv = utilsService->GetKeyForURI(uri, key);
++  NS_ENSURE_SUCCESS(rv, rv);
++
+   if (XRE_IsContentProcess()) {
+     using namespace mozilla::dom;
+     using namespace mozilla::ipc;
+@@ -1815,16 +1827,6 @@ nsUrlClassifierDBService::AsyncClassifyLocalWithTables(nsIURI *aURI,
+   using namespace mozilla::Telemetry;
+   auto startTime = TimeStamp::Now(); // For telemetry.
+ 
+-  nsCOMPtr<nsIURI> uri = NS_GetInnermostURI(aURI);
+-  NS_ENSURE_TRUE(uri, NS_ERROR_FAILURE);
+-
+-  nsAutoCString key;
+-  // Canonicalize the url
+-  nsCOMPtr<nsIUrlClassifierUtils> utilsService =
+-    do_GetService(NS_URLCLASSIFIERUTILS_CONTRACTID);
+-  nsresult rv = utilsService->GetKeyForURI(uri, key);
+-  NS_ENSURE_SUCCESS(rv, rv);
+-
+   auto worker = mWorker;
+   nsCString tables(aTables);
+ 

Added: head/www/waterfox/files/patch-bug1363038
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/waterfox/files/patch-bug1363038	Sat Feb 24 00:49:01 2018	(r462756)
@@ -0,0 +1,68 @@
+commit 9d1887c28c05
+Author: Thomas Nguyen <tnguyen@mozilla.com>
+Date:   Tue Aug 22 14:51:44 2017 +0800
+
+    Bug 1363038 - Remove synchronous dispatch when worker is racing against shutdown r=hchang
+    
+    MozReview-Commit-ID: JOkOukz1fov
+    
+    --HG--
+    extra : rebase_source : 9e4204cebcd4615078019a51818250ff8125efe1
+---
+ .../url-classifier/nsUrlClassifierDBService.cpp     | 21 ++++++++-------------
+ .../url-classifier/nsUrlClassifierDBService.h       |  3 +++
+ 2 files changed, 11 insertions(+), 13 deletions(-)
+
+diff --git toolkit/components/url-classifier/nsUrlClassifierDBService.cpp toolkit/components/url-classifier/nsUrlClassifierDBService.cpp
+index 3f7e3c8daaac..074bfc583b93 100644
+--- toolkit/components/url-classifier/nsUrlClassifierDBService.cpp
++++ toolkit/components/url-classifier/nsUrlClassifierDBService.cpp
+@@ -1616,12 +1616,6 @@ nsUrlClassifierDBService::Init()
+   ReadTablesFromPrefs();
+   nsresult rv;
+ 
+-  {
+-    // Force PSM loading on main thread
+-    nsCOMPtr<nsICryptoHash> dummy = do_CreateInstance(NS_CRYPTO_HASH_CONTRACTID, &rv);
+-    NS_ENSURE_SUCCESS(rv, rv);
+-  }
+-
+   {
+     // Force nsIUrlClassifierUtils loading on main thread.
+     nsCOMPtr<nsIUrlClassifierUtils> dummy =
+@@ -2278,13 +2272,14 @@ nsUrlClassifierDBService::Shutdown()
+   //    is to avoid racing for Classifier::mUpdateThread
+   //    between main thread and the worker thread. (Both threads
+   //    would access Classifier::mUpdateThread.)
+-  using Worker = nsUrlClassifierDBServiceWorker;
+-  RefPtr<nsIRunnable> r = NewRunnableMethod(
+-    "nsUrlClassifierDBServiceWorker::FlushAndDisableAsyncUpdate",
+-    mWorker,
+-    &Worker::FlushAndDisableAsyncUpdate);
+-  SyncRunnable::DispatchToThread(gDbBackgroundThread, r);
+-
++  if (mWorker->IsDBOpened()) {
++    using Worker = nsUrlClassifierDBServiceWorker;
++    RefPtr<nsIRunnable> r = NewRunnableMethod(
++      "nsUrlClassifierDBServiceWorker::FlushAndDisableAsyncUpdate",
++      mWorker,
++      &Worker::FlushAndDisableAsyncUpdate);
++    SyncRunnable::DispatchToThread(gDbBackgroundThread, r);
++  }
+   // At this point the update thread has been shut down and
+   // the worker thread should only have at most one event,
+   // which is the callback event.
+diff --git toolkit/components/url-classifier/nsUrlClassifierDBService.h toolkit/components/url-classifier/nsUrlClassifierDBService.h
+index 13987b0ed2ee..8d284f5b0842 100644
+--- toolkit/components/url-classifier/nsUrlClassifierDBService.h
++++ toolkit/components/url-classifier/nsUrlClassifierDBService.h
+@@ -227,6 +227,9 @@ public:
+   // will be nulled out in NotifyUpdateObserver.
+   bool IsBusyUpdating() const { return !!mUpdateObserver; }
+ 
++  // Check the DB ready state of the worker thread
++  bool IsDBOpened() const { return !!mClassifier; }
++
+   // Delegate Classifier to disable async update. If there is an
+   // ongoing update on the update thread, we will be blocked until
+   // the background update is done and callback is fired.

Added: head/www/waterfox/files/patch-bug1385609
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/waterfox/files/patch-bug1385609	Sat Feb 24 00:49:01 2018	(r462756)
@@ -0,0 +1,102 @@
+commit dd42019824ed
+Author: Thomas Nguyen <tnguyen@mozilla.com>
+Date:   Wed Aug 30 18:04:10 2017 +0800
+
+    Bug 1385609 - Fix backoff issue that makes SB lists no longer update r=francois
+    
+    The issue occurs when nsITimer is fired earlier than the backoff time. In that
+    case, the update doesn't proceed and we never make another attempt because the
+    backoff update timer was oneshot.
+    
+    We fix the issue in two ways:
+    
+    - Add a tolerance of 1 second in case the timer fires too early.
+    - Set another oneshot timer whenever we are prevented from updating due to
+    backoff.
+    
+    MozReview-Commit-ID: E2ogNRsHJVK
+    
+    --HG--
+    extra : rebase_source : c81fa77934f6c39e1c5d07b19785a01546e02542
+---
+ toolkit/components/url-classifier/nsUrlClassifierLib.js      | 12 +++++++++---
+ .../components/url-classifier/nsUrlClassifierListManager.js  |  5 ++++-
+ toolkit/components/url-classifier/tests/unit/test_backoff.js |  2 +-
+ 3 files changed, 14 insertions(+), 5 deletions(-)
+
+diff --git toolkit/components/url-classifier/nsUrlClassifierLib.js toolkit/components/url-classifier/nsUrlClassifierLib.js
+index e2457d85474c..38d1977e4641 100644
+--- toolkit/components/url-classifier/nsUrlClassifierLib.js
++++ toolkit/components/url-classifier/nsUrlClassifierLib.js
+@@ -77,17 +77,20 @@ this.HTTP_TEMPORARY_REDIRECT    = 307;
+  * @param timeoutIncrement Number time (ms) the starting timeout period
+  *     we double this time for consecutive errors
+  * @param maxTimeout Number time (ms) maximum timeout period
++ * @param tolerance Checking next request tolerance.
+  */
+ this.RequestBackoff =
+ function RequestBackoff(maxErrors, retryIncrement,
+                         maxRequests, requestPeriod,
+-                        timeoutIncrement, maxTimeout) {
++                        timeoutIncrement, maxTimeout,
++                        tolerance) {
+   this.MAX_ERRORS_ = maxErrors;
+   this.RETRY_INCREMENT_ = retryIncrement;
+   this.MAX_REQUESTS_ = maxRequests;
+   this.REQUEST_PERIOD_ = requestPeriod;
+   this.TIMEOUT_INCREMENT_ = timeoutIncrement;
+   this.MAX_TIMEOUT_ = maxTimeout;
++  this.TOLERANCE_ = tolerance;
+ 
+   // Queue of ints keeping the time of all requests
+   this.requestTimes_ = [];
+@@ -111,7 +114,9 @@ RequestBackoff.prototype.reset = function() {
+  */
+ RequestBackoff.prototype.canMakeRequest = function() {
+   var now = Date.now();
+-  if (now < this.nextRequestTime_) {
++  // Note that nsITimer delay is approximate: the timer can be fired before the
++  // requested time has elapsed. So, give it a tolerance
++  if (now + this.TOLERANCE_ < this.nextRequestTime_) {
+     return false;
+   }
+ 
+@@ -180,7 +185,8 @@ function RequestBackoffV4(maxRequests, requestPeriod) {
+                   maxRequests /* num requests */,
+                 requestPeriod /* request time, 60 min */,
+               backoffInterval /* backoff interval, 60 min */,
+-          24 * 60 * 60 * 1000 /* max backoff, 24hr */);
++          24 * 60 * 60 * 1000 /* max backoff, 24hr */,
++                         1000 /* tolerance of 1 sec */);
+ }
+ 
+ // Expose this whole component.
+diff --git toolkit/components/url-classifier/nsUrlClassifierListManager.js toolkit/components/url-classifier/nsUrlClassifierListManager.js
+index 1e976b8597b7..5f10933163b6 100644
+--- toolkit/components/url-classifier/nsUrlClassifierListManager.js
++++ toolkit/components/url-classifier/nsUrlClassifierListManager.js
+@@ -236,7 +236,10 @@ PROT_ListManager.prototype.setUpdateCheckTimer = function(updateUrl,
+                                     .createInstance(Ci.nsITimer);
+   this.updateCheckers_[updateUrl].initWithCallback(() => {
+     this.updateCheckers_[updateUrl] = null;
+-    this.checkForUpdates(updateUrl);
++    if (updateUrl && !this.checkForUpdates(updateUrl)) {
++      // Make another attempt later.
++      this.setUpdateCheckTimer(updateUrl, this.updateInterval);
++    }
+   }, delay, Ci.nsITimer.TYPE_ONE_SHOT);
+ }
+ /**
+diff --git toolkit/components/url-classifier/tests/unit/test_backoff.js toolkit/components/url-classifier/tests/unit/test_backoff.js
+index 365568c479e9..205507e83dd6 100644
+--- toolkit/components/url-classifier/tests/unit/test_backoff.js
++++ toolkit/components/url-classifier/tests/unit/test_backoff.js
+@@ -11,7 +11,7 @@ function setNow(time) {
+ function run_test() {
+   // 3 errors, 1ms retry period, max 3 requests per ten milliseconds,
+   // 5ms backoff interval, 19ms max delay
+-  var rb = new jslib.RequestBackoff(3, 1, 3, 10, 5, 19);
++  var rb = new jslib.RequestBackoff(3, 1, 3, 10, 5, 19, 0);
+   setNow(1);
+   rb.noteServerResponse(200);
+   do_check_true(rb.canMakeRequest());

Added: head/www/waterfox/files/patch-bug1393235
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/waterfox/files/patch-bug1393235	Sat Feb 24 00:49:01 2018	(r462756)
@@ -0,0 +1,88 @@
+commit 9398bd6f4378
+Author: Eric Rahm <erahm@mozilla.com>
+Date:   Tue Aug 22 19:30:46 2017 -0700
+
+    Bug 1393235 - Fix improper usages of string functions. r=njn
+    
+    This fixes usages of `Find`, `RFind` and the equality operator that kind of
+    work right now but will break with the proper type checking of a templatized
+    version of the string classes.
+    
+    For `Find` and `RFind` it appears that `nsCString::(R)Find("foo", 0)` calls
+    were being coerced to the `Find(char*, bool, int, int)` versions. The intent was
+    probably to just start searching from position zero.
+    
+    For the equality operator, the type of nullptr is nullptr_t rather than
+    char(16_t)* so we'd need to add an operator overload that takes nullptr_t. In
+    this case just using `IsVoid` is probably more appropriate.
+    
+    --HG--
+    extra : rebase_source : 50f78519084012ca669da0a211c489520c11d6b6
+---
+ docshell/base/nsDefaultURIFixup.cpp              | 2 +-
+ dom/media/gmp/ChromiumCDMChild.cpp               | 2 +-
+ toolkit/components/places/nsNavHistory.cpp       | 2 +-
+ toolkit/components/url-classifier/Classifier.cpp | 4 ++--
+ 4 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git docshell/base/nsDefaultURIFixup.cpp docshell/base/nsDefaultURIFixup.cpp
+index 77e008b15a17..a1a893b8efb2 100644
+--- docshell/base/nsDefaultURIFixup.cpp
++++ docshell/base/nsDefaultURIFixup.cpp
+@@ -687,7 +687,7 @@ nsDefaultURIFixup::FixupURIProtocol(const nsACString& aURIString,
+   //   no-scheme.com/query?foo=http://www.foo.com
+   //   user:pass@no-scheme.com
+   //
+-  int32_t schemeDelim = uriString.Find("://", 0);
++  int32_t schemeDelim = uriString.Find("://");
+   int32_t firstDelim = uriString.FindCharInSet("/:");
+   if (schemeDelim <= 0 ||
+       (firstDelim != -1 && schemeDelim > firstDelim)) {
+diff --git dom/media/gmp/ChromiumCDMChild.cpp dom/media/gmp/ChromiumCDMChild.cpp
+index e99f913622ab..8dc288b4c57e 100644
+--- dom/media/gmp/ChromiumCDMChild.cpp
++++ dom/media/gmp/ChromiumCDMChild.cpp
+@@ -232,7 +232,7 @@ ChromiumCDMChild::OnResolveNewSessionPromiseInternal(uint32_t aPromiseId,
+     // a session it calls OnResolveNewSessionPromise with nullptr as the sessionId.
+     // We can safely assume this means that we have failed to load a session
+     // as the other methods specify calling 'OnRejectPromise' when they fail.
+-    bool loadSuccessful = aSessionId != nullptr;
++    bool loadSuccessful = !aSessionId.IsEmpty();
+     GMP_LOG("ChromiumCDMChild::OnResolveNewSessionPromise(pid=%u, sid=%s) "
+             "resolving %s load session ",
+             aPromiseId,
+diff --git toolkit/components/places/nsNavHistory.cpp toolkit/components/places/nsNavHistory.cpp
+index 4e52752529fa..0b01d904b2f7 100644
+--- toolkit/components/places/nsNavHistory.cpp
++++ toolkit/components/places/nsNavHistory.cpp
+@@ -1939,7 +1939,7 @@ PlacesSQLQueryBuilder::Where()
+ 
+   // If we used WHERE already, we inject the conditions
+   // in place of {ADDITIONAL_CONDITIONS}
+-  if (mQueryString.Find("{ADDITIONAL_CONDITIONS}", 0) != kNotFound) {
++  if (mQueryString.Find("{ADDITIONAL_CONDITIONS}") != kNotFound) {
+     nsAutoCString innerCondition;
+     // If we have condition AND it
+     if (!mConditions.IsEmpty()) {
+diff --git toolkit/components/url-classifier/Classifier.cpp toolkit/components/url-classifier/Classifier.cpp
+index 500780150a91..68169925d2d0 100644
+--- toolkit/components/url-classifier/Classifier.cpp
++++ toolkit/components/url-classifier/Classifier.cpp
+@@ -992,7 +992,7 @@ Classifier::ScanStoreDir(nsIFile* aDirectory, nsTArray<nsCString>& aTables)
+     // Both v2 and v4 contain .pset file
+     nsCString suffix(NS_LITERAL_CSTRING(".pset"));
+ 
+-    int32_t dot = leafName.RFind(suffix, 0);
++    int32_t dot = leafName.RFind(suffix);
+     if (dot != -1) {
+       leafName.Cut(dot, suffix.Length());
+       aTables.AppendElement(leafName);
+@@ -1582,7 +1582,7 @@ Classifier::LoadMetadata(nsIFile* aDirectory, nsACString& aResult)
+     rv = file->GetNativeLeafName(tableName);
+     NS_ENSURE_SUCCESS(rv, rv);
+ 
+-    int32_t dot = tableName.RFind(METADATA_SUFFIX, 0);
++    int32_t dot = tableName.RFind(METADATA_SUFFIX);
+     if (dot == -1) {
+       continue;
+     }

Added: head/www/waterfox/files/patch-bug1394601
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/waterfox/files/patch-bug1394601	Sat Feb 24 00:49:01 2018	(r462756)
@@ -0,0 +1,26 @@
+commit 99cb2b5a1879
+Author: Francois Marier <francois@mozilla.com>
+Date:   Mon Aug 28 17:06:00 2017 -0700
+
+    Bug 1394601 - Log an error when the Google API key is missing during Safe Browsing initialization. r=gcp
+    
+    MozReview-Commit-ID: DNwa9lR0J6K
+    
+    --HG--
+    extra : rebase_source : 0a547c0cf88e1ed09268cbb810abaaca09e98531
+---
+ toolkit/components/url-classifier/SafeBrowsing.jsm | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git toolkit/components/url-classifier/SafeBrowsing.jsm toolkit/components/url-classifier/SafeBrowsing.jsm
+index 051432393539..32cab18c187f 100644
+--- toolkit/components/url-classifier/SafeBrowsing.jsm
++++ toolkit/components/url-classifier/SafeBrowsing.jsm
+@@ -343,6 +343,7 @@ this.SafeBrowsing = {
+       let googleKey = Services.urlFormatter.formatURL("%GOOGLE_API_KEY%").trim();
+       if ((provider == "google" || provider == "google4") &&
+           (!googleKey || googleKey == "no-google-api-key")) {
++        log("Missing Google API key, clearing updateURL and gethashURL.");
+         updateURL= "";
+         gethashURL= "";
+       }

Added: head/www/waterfox/files/patch-bug1426869
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/waterfox/files/patch-bug1426869	Sat Feb 24 00:49:01 2018	(r462756)
@@ -0,0 +1,25 @@
+commit 65d845f891a3
+Author: Jet Villegas <jvillegas@mozilla.com>
+Date:   Tue Jan 9 08:00:00 2018 +0200
+
+    Bug 1426869 - td.contenteditable=true focus breaks text selection. r=masayuki, a=RyanVM
+    
+    --HG--
+    extra : source : b3118b4fae1372c3aa57caf4b16af9834ce46539
+    extra : amend_source : 1187aa7d3d760aa60b974b874968aea4d0e09eea
+---
+ layout/generic/nsFrameSelection.cpp | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git layout/generic/nsFrameSelection.cpp layout/generic/nsFrameSelection.cpp
+index c483622e1ffb..a60d69bf79e0 100644
+--- layout/generic/nsFrameSelection.cpp
++++ layout/generic/nsFrameSelection.cpp
+@@ -1403,6 +1403,7 @@ nsFrameSelection::TakeFocus(nsIContent*        aNewFocus,
+ 
+     NS_ENSURE_STATE(mShell);
+     bool editableCell = false;
++    mCellParent = nullptr;
+     RefPtr<nsPresContext> context = mShell->GetPresContext();
+     if (context) {
+       RefPtr<HTMLEditor> htmlEditor = nsContentUtils::GetHTMLEditor(context);

Added: head/www/waterfox/files/patch-bug1427118
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201802240049.w1O0n1xF080856>