From owner-svn-ports-all@freebsd.org Sat Feb 24 00:49:03 2018 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 40BCBF0396D; Sat, 24 Feb 2018 00:49:03 +0000 (UTC) (envelope-from jbeich@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DD6618274A; Sat, 24 Feb 2018 00:49:02 +0000 (UTC) (envelope-from jbeich@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D1F471DF80; Sat, 24 Feb 2018 00:49:02 +0000 (UTC) (envelope-from jbeich@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w1O0n2Gq080867; Sat, 24 Feb 2018 00:49:02 GMT (envelope-from jbeich@FreeBSD.org) Received: (from jbeich@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w1O0n1xF080856; Sat, 24 Feb 2018 00:49:01 GMT (envelope-from jbeich@FreeBSD.org) Message-Id: <201802240049.w1O0n1xF080856@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jbeich set sender to jbeich@FreeBSD.org using -f From: Jan Beich Date: Sat, 24 Feb 2018 00:49:01 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r462756 - in head/www/waterfox: . files X-SVN-Group: ports-head X-SVN-Commit-Author: jbeich X-SVN-Commit-Paths: in head/www/waterfox: . files X-SVN-Commit-Revision: 462756 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Feb 2018 00:49:03 -0000 Author: jbeich Date: Sat Feb 24 00:49:01 2018 New Revision: 462756 URL: https://svnweb.freebsd.org/changeset/ports/462756 Log: www/waterfox: apply some FF59 fixes Added: head/www/waterfox/files/patch-bug1325888 (contents, props changed) head/www/waterfox/files/patch-bug1345058 (contents, props changed) head/www/waterfox/files/patch-bug1363038 (contents, props changed) head/www/waterfox/files/patch-bug1385609 (contents, props changed) head/www/waterfox/files/patch-bug1393235 (contents, props changed) head/www/waterfox/files/patch-bug1394601 (contents, props changed) head/www/waterfox/files/patch-bug1426869 (contents, props changed) head/www/waterfox/files/patch-bug1427118 (contents, props changed) head/www/waterfox/files/patch-bug1435859 (contents, props changed) head/www/waterfox/files/patch-bug1437507 (contents, props changed) head/www/waterfox/files/patch-revert-bug1393954 (contents, props changed) Modified: head/www/waterfox/Makefile (contents, props changed) Modified: head/www/waterfox/Makefile ============================================================================== --- head/www/waterfox/Makefile Sat Feb 24 00:32:08 2018 (r462755) +++ head/www/waterfox/Makefile Sat Feb 24 00:49:01 2018 (r462756) @@ -3,6 +3,7 @@ PORTNAME= waterfox DISTVERSION= 56.0.4-20 DISTVERSIONSUFFIX= -ge03e284b083d +PORTREVISION= 1 CATEGORIES= www ipv6 MAINTAINER= jbeich@FreeBSD.org Added: head/www/waterfox/files/patch-bug1325888 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1325888 Sat Feb 24 00:49:01 2018 (r462756) @@ -0,0 +1,39 @@ +commit fb631be6ce75 +Author: DimiL +Date: Wed Nov 1 08:40:00 2017 +0800 + + Bug 1325888 - Clear cached completion result when close safebrowsing database. r=francois + + Safebrowsing testcase will close and then re-open database to simulate firefox restart. + This bug happened when DB service already has a previously cached completion result and then + re-open database. In this scenario, if testcase triggers another the same completion request, + we won't cache it because we thought we have it already (See nsUrlClassifierDBServiceWorker::CacheCompletion). + + This causes a testcase assertion when testcase expects the completion + result should be stored in LookupCache. + + MozReview-Commit-ID: 8o57jHv92OH + + --HG-- + extra : rebase_source : 90861060437d6cef860b85dd669d76e74ceec660 +--- + toolkit/components/url-classifier/nsUrlClassifierDBService.cpp | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git toolkit/components/url-classifier/nsUrlClassifierDBService.cpp toolkit/components/url-classifier/nsUrlClassifierDBService.cpp +index e1a1be065aaf..a108812a1792 100644 +--- toolkit/components/url-classifier/nsUrlClassifierDBService.cpp ++++ toolkit/components/url-classifier/nsUrlClassifierDBService.cpp +@@ -812,6 +812,12 @@ nsUrlClassifierDBServiceWorker::CloseDb() + mClassifier = nullptr; + } + ++ // Clear last completion result when close db so we will still cache completion ++ // result next time we re-open it. ++ if (mLastResults) { ++ mLastResults->Clear(); ++ } ++ + LOG(("urlclassifier db closed\n")); + + return NS_OK; Added: head/www/waterfox/files/patch-bug1345058 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1345058 Sat Feb 24 00:49:01 2018 (r462756) @@ -0,0 +1,620 @@ +commit 1f57fdb85d3d +Author: Thomas Nguyen +Date: Mon Aug 14 14:05:23 2017 +0800 + + Bug 1345058 - Asynchronously decide if a flash document should be blocked. r=baku + + MozReview-Commit-ID: K91cSvIdOrb + + --HG-- + extra : rebase_source : 4d91ab3499c0124129e74a054c5cc78882ff351e +--- + dom/base/nsDocument.cpp | 447 ++++++++++++++++++--- + dom/base/nsDocument.h | 5 + + .../url-classifier/nsUrlClassifierDBService.cpp | 22 +- + 3 files changed, 401 insertions(+), 73 deletions(-) + +diff --git dom/base/nsDocument.cpp dom/base/nsDocument.cpp +index acfde3bc0210..386c96745438 100644 +--- dom/base/nsDocument.cpp ++++ dom/base/nsDocument.cpp +@@ -279,6 +279,7 @@ + #include "nsIURIClassifier.h" + #include "mozilla/DocumentStyleRootIterator.h" + #include "mozilla/ServoRestyleManager.h" ++#include "mozilla/ClearOnShutdown.h" + + using namespace mozilla; + using namespace mozilla::dom; +@@ -319,6 +320,65 @@ GetHttpChannelHelper(nsIChannel* aChannel, nsIHttpChannel** aHttpChannel) + return NS_OK; + } + ++//////////////////////////////////////////////////////////////////// ++// PrincipalFlashClassifier ++ ++// Classify the flash based on the document principal. ++// The usage of this class is as follows: ++// ++// 1) Call AsyncClassify() as early as possible to asynchronously do ++// classification against all the flash blocking related tables ++// via nsIURIClassifier.asyncClassifyLocalWithTables. ++// ++// 2) At any time you need the classification result, call Result() ++// and it is guaranteed to give you the result. Note that you have ++// to specify "aIsThirdParty" to the function so please make sure ++// you can already correctly decide if the document is third-party. ++// ++// Behind the scenes, the sync classification API ++// (nsIURIClassifier.classifyLocalWithTable) may be called as a fallback to ++// synchronously get the result if the asyncClassifyLocalWithTables hasn't ++// been done yet. ++// ++// 3) You can call Result() as many times as you want and only the first time ++// it may unfortunately call the blocking sync API. The subsequent call ++// will just return the result that came out at the first time. ++// ++class PrincipalFlashClassifier final : public nsIURIClassifierCallback ++{ ++public: ++ NS_DECL_THREADSAFE_ISUPPORTS ++ NS_DECL_NSIURICLASSIFIERCALLBACK ++ ++ PrincipalFlashClassifier(); ++ ++ // Fire async classification based on the given principal. ++ void AsyncClassify(nsIPrincipal* aPrincipal); ++ ++ // Would block if the result hasn't come out. ++ mozilla::dom::FlashClassification ClassifyMaybeSync(nsIPrincipal* aPrincipal, ++ bool aIsThirdParty); ++ ++private: ++ ~PrincipalFlashClassifier() = default; ++ ++ void Reset(); ++ bool EnsureUriClassifier(); ++ mozilla::dom::FlashClassification CheckIfClassifyNeeded(nsIPrincipal* aPrincipal); ++ mozilla::dom::FlashClassification Resolve(bool aIsThirdParty); ++ mozilla::dom::FlashClassification AsyncClassifyInternal(nsIPrincipal* aPrincipal); ++ void GetClassificationTables(bool aIsThirdParty, nsACString& aTables); ++ ++ // For the fallback sync classification. ++ nsCOMPtr mClassificationURI; ++ ++ nsCOMPtr mUriClassifier; ++ bool mAsyncClassified; ++ nsTArray mMatchedTables; ++ mozilla::dom::FlashClassification mResult; ++}; ++ ++ + #define NAME_NOT_VALID ((nsSimpleContentList*)1) + + nsIdentifierMapEntry::~nsIdentifierMapEntry() +@@ -1575,6 +1635,9 @@ nsDocument::nsDocument(const char* aContentType) + + // void state used to differentiate an empty source from an unselected source + mPreloadPictureFoundSource.SetIsVoid(true); ++ // For determining if this is a flash document which should be ++ // blocked based on its principal. ++ mPrincipalFlashClassifier = new PrincipalFlashClassifier(); + } + + void +@@ -2761,6 +2824,11 @@ nsDocument::StartDocumentLoad(const char* aCommand, nsIChannel* aChannel, + aChannel->Cancel(NS_ERROR_CSP_FRAME_ANCESTOR_VIOLATION); + } + ++ // Perform a async flash classification based on the doc principal ++ // in an early stage to reduce the blocking time. ++ mFlashClassification = FlashClassification::Unclassified; ++ mPrincipalFlashClassifier->AsyncClassify(GetPrincipal()); ++ + return NS_OK; + } + +@@ -13483,6 +13551,23 @@ nsIDocument::UpdateStyleBackendType() + #endif + } + ++/** ++ * Retrieves the classification of the Flash plugins in the document based on ++ * the classification lists. We perform AsyncInitFlashClassification on ++ * StartDocumentLoad() and the result may not be initialized when this function ++ * gets called. In that case, We can only unfortunately have a blocking wait. ++ * ++ * For more information, see ++ * toolkit/components/url-classifier/flash-block-lists.rst ++ */ ++FlashClassification ++nsDocument::PrincipalFlashClassification() ++{ ++ MOZ_ASSERT(mPrincipalFlashClassifier); ++ return mPrincipalFlashClassifier->ClassifyMaybeSync(GetPrincipal(), ++ IsThirdParty()); ++} ++ + /** + * Helper function for |nsDocument::PrincipalFlashClassification| + * +@@ -13523,27 +13608,279 @@ ArrayContainsTable(const nsTArray& aTableArray, + return false; + } + +-/** +- * Retrieves the classification of the Flash plugins in the document based on +- * the classification lists. +- * +- * For more information, see +- * toolkit/components/url-classifier/flash-block-lists.rst +- */ ++namespace { ++ ++// An object to store all preferences we need for flash blocking feature. ++struct PrefStore ++{ ++ PrefStore() ++ { ++ Preferences::AddBoolVarCache(&mFlashBlockEnabled, ++ "plugins.flashBlock.enabled"); ++ Preferences::AddBoolVarCache(&mPluginsHttpOnly, ++ "plugins.http_https_only"); ++ ++ // We only need to register string-typed preferences. ++ Preferences::RegisterCallback(UpdateStringPrefs, "urlclassifier.flashAllowTable", this); ++ Preferences::RegisterCallback(UpdateStringPrefs, "urlclassifier.flashAllowExceptTable", this); ++ Preferences::RegisterCallback(UpdateStringPrefs, "urlclassifier.flashTable", this); ++ Preferences::RegisterCallback(UpdateStringPrefs, "urlclassifier.flashExceptTable", this); ++ Preferences::RegisterCallback(UpdateStringPrefs, "urlclassifier.flashSubDocTable", this); ++ Preferences::RegisterCallback(UpdateStringPrefs, "urlclassifier.flashSubDocExceptTable", this); ++ ++ UpdateStringPrefs(); ++ } ++ ++ ~PrefStore() ++ { ++ Preferences::UnregisterCallback(UpdateStringPrefs, "urlclassifier.flashAllowTable", this); ++ Preferences::UnregisterCallback(UpdateStringPrefs, "urlclassifier.flashAllowExceptTable", this); ++ Preferences::UnregisterCallback(UpdateStringPrefs, "urlclassifier.flashTable", this); ++ Preferences::UnregisterCallback(UpdateStringPrefs, "urlclassifier.flashExceptTable", this); ++ Preferences::UnregisterCallback(UpdateStringPrefs, "urlclassifier.flashSubDocTable", this); ++ Preferences::UnregisterCallback(UpdateStringPrefs, "urlclassifier.flashSubDocExceptTable", this); ++ } ++ ++ void UpdateStringPrefs() ++ { ++ Preferences::GetCString("urlclassifier.flashAllowTable", mAllowTables); ++ Preferences::GetCString("urlclassifier.flashAllowExceptTable", mAllowExceptionsTables); ++ Preferences::GetCString("urlclassifier.flashTable", mDenyTables); ++ Preferences::GetCString("urlclassifier.flashExceptTable", mDenyExceptionsTables); ++ Preferences::GetCString("urlclassifier.flashSubDocTable", mSubDocDenyTables); ++ Preferences::GetCString("urlclassifier.flashSubDocExceptTable", mSubDocDenyExceptionsTables); ++ } ++ ++ static void UpdateStringPrefs(const char*, void* aClosure) ++ { ++ static_cast(aClosure)->UpdateStringPrefs(); ++ } ++ ++ bool mFlashBlockEnabled; ++ bool mPluginsHttpOnly; ++ ++ nsCString mAllowTables; ++ nsCString mAllowExceptionsTables; ++ nsCString mDenyTables; ++ nsCString mDenyExceptionsTables; ++ nsCString mSubDocDenyTables; ++ nsCString mSubDocDenyExceptionsTables; ++}; ++ ++static const ++PrefStore& GetPrefStore() ++{ ++ static UniquePtr sPrefStore; ++ if (!sPrefStore) { ++ sPrefStore.reset(new PrefStore()); ++ ClearOnShutdown(&sPrefStore); ++ } ++ return *sPrefStore; ++} ++ ++} // end of unnamed namespace. ++ ++//////////////////////////////////////////////////////////////////// ++// PrincipalFlashClassifier implementation. ++ ++NS_IMPL_ISUPPORTS(PrincipalFlashClassifier, nsIURIClassifierCallback) ++ ++PrincipalFlashClassifier::PrincipalFlashClassifier() ++{ ++ Reset(); ++} ++ ++void ++PrincipalFlashClassifier::Reset() ++{ ++ mAsyncClassified = false; ++ mMatchedTables.Clear(); ++ mResult = FlashClassification::Unclassified; ++} ++ ++void ++PrincipalFlashClassifier::GetClassificationTables(bool aIsThirdParty, ++ nsACString& aTables) ++{ ++ aTables.Truncate(); ++ auto& prefs = GetPrefStore(); ++ ++ MaybeAddTableToTableList(prefs.mAllowTables, aTables); ++ MaybeAddTableToTableList(prefs.mAllowExceptionsTables, aTables); ++ MaybeAddTableToTableList(prefs.mDenyTables, aTables); ++ MaybeAddTableToTableList(prefs.mDenyExceptionsTables, aTables); ++ ++ if (aIsThirdParty) { ++ MaybeAddTableToTableList(prefs.mSubDocDenyTables, aTables); ++ MaybeAddTableToTableList(prefs.mSubDocDenyExceptionsTables, aTables); ++ } ++} ++ ++bool ++PrincipalFlashClassifier::EnsureUriClassifier() ++{ ++ if (!mUriClassifier) { ++ mUriClassifier = do_GetService(NS_URICLASSIFIERSERVICE_CONTRACTID); ++ } ++ ++ return !!mUriClassifier; ++} ++ + FlashClassification +-nsDocument::PrincipalFlashClassification() ++PrincipalFlashClassifier::ClassifyMaybeSync(nsIPrincipal* aPrincipal, bool aIsThirdParty) ++{ ++ if (FlashClassification::Unclassified != mResult) { ++ // We already have the result. Just return it. ++ return mResult; ++ } ++ ++ // TODO: Bug 1342333 - Entirely remove the use of the sync API ++ // (ClassifyLocalWithTables). ++ if (!mAsyncClassified) { ++ ++ // ++ // We may ++ // 1) have called AsyncClassifyLocalWithTables but OnClassifyComplete ++ // hasn't been called. ++ // 2) haven't even called AsyncClassifyLocalWithTables. ++ // ++ // In both cases we need to do the synchronous classification as the fallback. ++ // ++ ++ if (!EnsureUriClassifier()) { ++ return FlashClassification::Denied; ++ } ++ mResult = CheckIfClassifyNeeded(aPrincipal); ++ if (FlashClassification::Unclassified != mResult) { ++ return mResult; ++ } ++ ++ nsresult rv; ++ nsAutoCString classificationTables; ++ GetClassificationTables(aIsThirdParty, classificationTables); ++ ++ if (!mClassificationURI) { ++ rv = aPrincipal->GetURI(getter_AddRefs(mClassificationURI)); ++ if (NS_FAILED(rv) || !mClassificationURI) { ++ mResult = FlashClassification::Denied; ++ return mResult; ++ } ++ } ++ ++ rv = mUriClassifier->ClassifyLocalWithTables(mClassificationURI, ++ classificationTables, ++ mMatchedTables); ++ if (NS_WARN_IF(NS_FAILED(rv))) { ++ if (rv == NS_ERROR_MALFORMED_URI) { ++ // This means that the URI had no hostname (ex: file://doc.html). In this ++ // case, we allow the default (Unknown plugin) behavior. ++ mResult = FlashClassification::Unknown; ++ } else { ++ mResult = FlashClassification::Denied; ++ } ++ return mResult; ++ } ++ } ++ ++ // Resolve the result based on mMatchedTables and aIsThirdParty. ++ mResult = Resolve(aIsThirdParty); ++ MOZ_ASSERT(FlashClassification::Unclassified != mResult); ++ ++ // The subsequent call of Result() will return the resolved result ++ // and never reach here until Reset() is called. ++ return mResult; ++} ++ ++/*virtual*/ nsresult ++PrincipalFlashClassifier::OnClassifyComplete(nsresult /*aErrorCode*/, ++ const nsACString& aLists, // Only this matters. ++ const nsACString& /*aProvider*/, ++ const nsACString& /*aPrefix*/) ++{ ++ mAsyncClassified = true; ++ ++ if (FlashClassification::Unclassified != mResult) { ++ // Result() has been called prior to this callback. ++ return NS_OK; ++ } ++ ++ // TODO: Bug 1364804 - We should use a callback type which notifies ++ // the result as a string array rather than a formatted string. ++ ++ // We only populate the matched list without resolving the classification ++ // result because we are not sure if the parent doc has been properly set. ++ // We also parse the comma-separated tables to array. (the code is copied ++ // from Classifier::SplitTables.) ++ nsACString::const_iterator begin, iter, end; ++ aLists.BeginReading(begin); ++ aLists.EndReading(end); ++ while (begin != end) { ++ iter = begin; ++ FindCharInReadable(',', iter, end); ++ nsDependentCSubstring table = Substring(begin,iter); ++ if (!table.IsEmpty()) { ++ mMatchedTables.AppendElement(Substring(begin, iter)); ++ } ++ begin = iter; ++ if (begin != end) { ++ begin++; ++ } ++ } ++ ++ return NS_OK; ++} ++ ++// We resolve the classification result based on aIsThirdParty ++// and the matched tables we got ealier on (via either sync or async API). ++FlashClassification ++PrincipalFlashClassifier::Resolve(bool aIsThirdParty) ++{ ++ MOZ_ASSERT(FlashClassification::Unclassified == mResult, ++ "We already have resolved classification result."); ++ ++ if (mMatchedTables.IsEmpty()) { ++ return FlashClassification::Unknown; ++ } ++ ++ auto& prefs = GetPrefStore(); ++ if (ArrayContainsTable(mMatchedTables, prefs.mDenyTables) && ++ !ArrayContainsTable(mMatchedTables, prefs.mDenyExceptionsTables)) { ++ return FlashClassification::Denied; ++ } else if (ArrayContainsTable(mMatchedTables, prefs.mAllowTables) && ++ !ArrayContainsTable(mMatchedTables, prefs.mAllowExceptionsTables)) { ++ return FlashClassification::Allowed; ++ } ++ ++ if (aIsThirdParty && ArrayContainsTable(mMatchedTables, prefs.mSubDocDenyTables) && ++ !ArrayContainsTable(mMatchedTables, prefs.mSubDocDenyExceptionsTables)) { ++ return FlashClassification::Denied; ++ } ++ ++ return FlashClassification::Unknown; ++} ++ ++void ++PrincipalFlashClassifier::AsyncClassify(nsIPrincipal* aPrincipal) ++{ ++ MOZ_ASSERT(FlashClassification::Unclassified == mResult, ++ "The old classification result should be reset first."); ++ Reset(); ++ mResult = AsyncClassifyInternal(aPrincipal); ++} ++ ++FlashClassification ++PrincipalFlashClassifier::CheckIfClassifyNeeded(nsIPrincipal* aPrincipal) + { + nsresult rv; + +- bool httpOnly = Preferences::GetBool("plugins.http_https_only", true); +- bool flashBlock = Preferences::GetBool("plugins.flashBlock.enabled", false); ++ auto& prefs = GetPrefStore(); + + // If neither pref is on, skip the null-principal and principal URI checks. +- if (!httpOnly && !flashBlock) { +- return FlashClassification::Unknown; ++ if (prefs.mPluginsHttpOnly && !prefs.mFlashBlockEnabled) { ++ return FlashClassification::Unknown; + } + +- nsCOMPtr principal = GetPrincipal(); ++ nsCOMPtr principal = aPrincipal; + if (principal->GetIsNullPrincipal()) { + return FlashClassification::Denied; + } +@@ -13554,7 +13891,7 @@ nsDocument::PrincipalFlashClassification() + return FlashClassification::Denied; + } + +- if (httpOnly) { ++ if (prefs.mPluginsHttpOnly) { + // Only allow plugins for documents from an HTTP/HTTPS origin. This should + // allow dependent data: URIs to load plugins, but not: + // * chrome documents +@@ -13570,49 +13907,50 @@ nsDocument::PrincipalFlashClassification() + + // If flash blocking is disabled, it is equivalent to all sites being + // on neither list. +- if (!flashBlock) { ++ if (!prefs.mFlashBlockEnabled) { + return FlashClassification::Unknown; + } + +- nsAutoCString allowTables, allowExceptionsTables, +- denyTables, denyExceptionsTables, +- subDocDenyTables, subDocDenyExceptionsTables, +- tables; +- Preferences::GetCString("urlclassifier.flashAllowTable", allowTables); +- MaybeAddTableToTableList(allowTables, tables); +- Preferences::GetCString("urlclassifier.flashAllowExceptTable", +- allowExceptionsTables); +- MaybeAddTableToTableList(allowExceptionsTables, tables); +- Preferences::GetCString("urlclassifier.flashTable", denyTables); +- MaybeAddTableToTableList(denyTables, tables); +- Preferences::GetCString("urlclassifier.flashExceptTable", +- denyExceptionsTables); +- MaybeAddTableToTableList(denyExceptionsTables, tables); +- +- bool isThirdPartyDoc = IsThirdParty(); +- if (isThirdPartyDoc) { +- Preferences::GetCString("urlclassifier.flashSubDocTable", +- subDocDenyTables); +- MaybeAddTableToTableList(subDocDenyTables, tables); +- Preferences::GetCString("urlclassifier.flashSubDocExceptTable", +- subDocDenyExceptionsTables); +- MaybeAddTableToTableList(subDocDenyExceptionsTables, tables); ++ return FlashClassification::Unclassified; ++} ++ ++// Using nsIURIClassifier.asyncClassifyLocalWithTables to do classification ++// against the flash related tables based on the given principal. ++FlashClassification ++PrincipalFlashClassifier::AsyncClassifyInternal(nsIPrincipal* aPrincipal) ++{ ++ auto result = CheckIfClassifyNeeded(aPrincipal); ++ if (FlashClassification::Unclassified != result) { ++ return result; + } + ++ // We haven't been able to decide if it's a third party document ++ // since determining if a document is third-party may depend on its ++ // parent document. At the time we call AsyncClassifyInternal ++ // (i.e. StartDocumentLoad) the parent document may not have been ++ // set. As a result, we wait until Resolve() to be called to ++ // take "is third party" into account. At this point, we just assume ++ // it's third-party to include every list. ++ nsAutoCString tables; ++ GetClassificationTables(true, tables); ++ + if (tables.IsEmpty()) { + return FlashClassification::Unknown; + } + +- nsCOMPtr uriClassifier = +- do_GetService(NS_URICLASSIFIERSERVICE_CONTRACTID, &rv); +- if (NS_FAILED(rv)) { ++ if (!EnsureUriClassifier()) { + return FlashClassification::Denied; + } + +- nsTArray results; +- rv = uriClassifier->ClassifyLocalWithTables(classificationURI, +- tables, +- results); ++ nsresult rv = aPrincipal->GetURI(getter_AddRefs(mClassificationURI)); ++ if (NS_FAILED(rv) || !mClassificationURI) { ++ return FlashClassification::Denied; ++ } ++ ++ rv = mUriClassifier->AsyncClassifyLocalWithTables(mClassificationURI, ++ tables, ++ this); ++ + if (NS_FAILED(rv)) { + if (rv == NS_ERROR_MALFORMED_URI) { + // This means that the URI had no hostname (ex: file://doc.html). In this +@@ -13623,24 +13961,7 @@ nsDocument::PrincipalFlashClassification() + } + } + +- if (results.IsEmpty()) { +- return FlashClassification::Unknown; +- } +- +- if (ArrayContainsTable(results, denyTables) && +- !ArrayContainsTable(results, denyExceptionsTables)) { +- return FlashClassification::Denied; +- } else if (ArrayContainsTable(results, allowTables) && +- !ArrayContainsTable(results, allowExceptionsTables)) { +- return FlashClassification::Allowed; +- } +- +- if (isThirdPartyDoc && ArrayContainsTable(results, subDocDenyTables) && +- !ArrayContainsTable(results, subDocDenyExceptionsTables)) { +- return FlashClassification::Denied; +- } +- +- return FlashClassification::Unknown; ++ return FlashClassification::Unclassified; + } + + FlashClassification +diff --git dom/base/nsDocument.h dom/base/nsDocument.h +index be3d59698b56..5a2938f353a3 100644 +--- dom/base/nsDocument.h ++++ dom/base/nsDocument.h +@@ -72,6 +72,7 @@ + #include "CustomElementRegistry.h" + #include "mozilla/dom/Performance.h" + #include "mozilla/Maybe.h" ++#include "nsIURIClassifier.h" + + #define XML_DECLARATION_BITS_DECLARATION_EXISTS (1 << 0) + #define XML_DECLARATION_BITS_ENCODING_EXISTS (1 << 1) +@@ -346,6 +347,9 @@ protected: + bool mHaveShutDown; + }; + ++// For classifying a flash document based on its principal. ++class PrincipalFlashClassifier; ++ + // Base class for our document implementations. + class nsDocument : public nsIDocument, + public nsIDOMDocument, +@@ -1184,6 +1188,7 @@ protected: + // non-null when this document is in fullscreen mode. + nsWeakPtr mFullscreenRoot; + ++ RefPtr mPrincipalFlashClassifier; + mozilla::dom::FlashClassification mFlashClassification; + // Do not use this value directly. Call the |IsThirdParty()| method, which + // caches its result here. +diff --git toolkit/components/url-classifier/nsUrlClassifierDBService.cpp toolkit/components/url-classifier/nsUrlClassifierDBService.cpp +index 074bfc583b93..6476b8d546f3 100644 +--- toolkit/components/url-classifier/nsUrlClassifierDBService.cpp ++++ toolkit/components/url-classifier/nsUrlClassifierDBService.cpp +@@ -1783,6 +1783,18 @@ nsUrlClassifierDBService::AsyncClassifyLocalWithTables(nsIURI *aURI, + MOZ_ASSERT(NS_IsMainThread(), "AsyncClassifyLocalWithTables must be called " + "on main thread"); + ++ // We do this check no matter what process we are in to return ++ // error as early as possible. ++ nsCOMPtr uri = NS_GetInnermostURI(aURI); ++ NS_ENSURE_TRUE(uri, NS_ERROR_FAILURE); ++ ++ nsAutoCString key; ++ // Canonicalize the url ++ nsCOMPtr utilsService = ++ do_GetService(NS_URLCLASSIFIERUTILS_CONTRACTID); ++ nsresult rv = utilsService->GetKeyForURI(uri, key); ++ NS_ENSURE_SUCCESS(rv, rv); ++ + if (XRE_IsContentProcess()) { + using namespace mozilla::dom; + using namespace mozilla::ipc; +@@ -1815,16 +1827,6 @@ nsUrlClassifierDBService::AsyncClassifyLocalWithTables(nsIURI *aURI, + using namespace mozilla::Telemetry; + auto startTime = TimeStamp::Now(); // For telemetry. + +- nsCOMPtr uri = NS_GetInnermostURI(aURI); +- NS_ENSURE_TRUE(uri, NS_ERROR_FAILURE); +- +- nsAutoCString key; +- // Canonicalize the url +- nsCOMPtr utilsService = +- do_GetService(NS_URLCLASSIFIERUTILS_CONTRACTID); +- nsresult rv = utilsService->GetKeyForURI(uri, key); +- NS_ENSURE_SUCCESS(rv, rv); +- + auto worker = mWorker; + nsCString tables(aTables); + Added: head/www/waterfox/files/patch-bug1363038 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1363038 Sat Feb 24 00:49:01 2018 (r462756) @@ -0,0 +1,68 @@ +commit 9d1887c28c05 +Author: Thomas Nguyen +Date: Tue Aug 22 14:51:44 2017 +0800 + + Bug 1363038 - Remove synchronous dispatch when worker is racing against shutdown r=hchang + + MozReview-Commit-ID: JOkOukz1fov + + --HG-- + extra : rebase_source : 9e4204cebcd4615078019a51818250ff8125efe1 +--- + .../url-classifier/nsUrlClassifierDBService.cpp | 21 ++++++++------------- + .../url-classifier/nsUrlClassifierDBService.h | 3 +++ + 2 files changed, 11 insertions(+), 13 deletions(-) + +diff --git toolkit/components/url-classifier/nsUrlClassifierDBService.cpp toolkit/components/url-classifier/nsUrlClassifierDBService.cpp +index 3f7e3c8daaac..074bfc583b93 100644 +--- toolkit/components/url-classifier/nsUrlClassifierDBService.cpp ++++ toolkit/components/url-classifier/nsUrlClassifierDBService.cpp +@@ -1616,12 +1616,6 @@ nsUrlClassifierDBService::Init() + ReadTablesFromPrefs(); + nsresult rv; + +- { +- // Force PSM loading on main thread +- nsCOMPtr dummy = do_CreateInstance(NS_CRYPTO_HASH_CONTRACTID, &rv); +- NS_ENSURE_SUCCESS(rv, rv); +- } +- + { + // Force nsIUrlClassifierUtils loading on main thread. + nsCOMPtr dummy = +@@ -2278,13 +2272,14 @@ nsUrlClassifierDBService::Shutdown() + // is to avoid racing for Classifier::mUpdateThread + // between main thread and the worker thread. (Both threads + // would access Classifier::mUpdateThread.) +- using Worker = nsUrlClassifierDBServiceWorker; +- RefPtr r = NewRunnableMethod( +- "nsUrlClassifierDBServiceWorker::FlushAndDisableAsyncUpdate", +- mWorker, +- &Worker::FlushAndDisableAsyncUpdate); +- SyncRunnable::DispatchToThread(gDbBackgroundThread, r); +- ++ if (mWorker->IsDBOpened()) { ++ using Worker = nsUrlClassifierDBServiceWorker; ++ RefPtr r = NewRunnableMethod( ++ "nsUrlClassifierDBServiceWorker::FlushAndDisableAsyncUpdate", ++ mWorker, ++ &Worker::FlushAndDisableAsyncUpdate); ++ SyncRunnable::DispatchToThread(gDbBackgroundThread, r); ++ } + // At this point the update thread has been shut down and + // the worker thread should only have at most one event, + // which is the callback event. +diff --git toolkit/components/url-classifier/nsUrlClassifierDBService.h toolkit/components/url-classifier/nsUrlClassifierDBService.h +index 13987b0ed2ee..8d284f5b0842 100644 +--- toolkit/components/url-classifier/nsUrlClassifierDBService.h ++++ toolkit/components/url-classifier/nsUrlClassifierDBService.h +@@ -227,6 +227,9 @@ public: + // will be nulled out in NotifyUpdateObserver. + bool IsBusyUpdating() const { return !!mUpdateObserver; } + ++ // Check the DB ready state of the worker thread ++ bool IsDBOpened() const { return !!mClassifier; } ++ + // Delegate Classifier to disable async update. If there is an + // ongoing update on the update thread, we will be blocked until + // the background update is done and callback is fired. Added: head/www/waterfox/files/patch-bug1385609 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1385609 Sat Feb 24 00:49:01 2018 (r462756) @@ -0,0 +1,102 @@ +commit dd42019824ed +Author: Thomas Nguyen +Date: Wed Aug 30 18:04:10 2017 +0800 + + Bug 1385609 - Fix backoff issue that makes SB lists no longer update r=francois + + The issue occurs when nsITimer is fired earlier than the backoff time. In that + case, the update doesn't proceed and we never make another attempt because the + backoff update timer was oneshot. + + We fix the issue in two ways: + + - Add a tolerance of 1 second in case the timer fires too early. + - Set another oneshot timer whenever we are prevented from updating due to + backoff. + + MozReview-Commit-ID: E2ogNRsHJVK + + --HG-- + extra : rebase_source : c81fa77934f6c39e1c5d07b19785a01546e02542 +--- + toolkit/components/url-classifier/nsUrlClassifierLib.js | 12 +++++++++--- + .../components/url-classifier/nsUrlClassifierListManager.js | 5 ++++- + toolkit/components/url-classifier/tests/unit/test_backoff.js | 2 +- + 3 files changed, 14 insertions(+), 5 deletions(-) + +diff --git toolkit/components/url-classifier/nsUrlClassifierLib.js toolkit/components/url-classifier/nsUrlClassifierLib.js +index e2457d85474c..38d1977e4641 100644 +--- toolkit/components/url-classifier/nsUrlClassifierLib.js ++++ toolkit/components/url-classifier/nsUrlClassifierLib.js +@@ -77,17 +77,20 @@ this.HTTP_TEMPORARY_REDIRECT = 307; + * @param timeoutIncrement Number time (ms) the starting timeout period + * we double this time for consecutive errors + * @param maxTimeout Number time (ms) maximum timeout period ++ * @param tolerance Checking next request tolerance. + */ + this.RequestBackoff = + function RequestBackoff(maxErrors, retryIncrement, + maxRequests, requestPeriod, +- timeoutIncrement, maxTimeout) { ++ timeoutIncrement, maxTimeout, ++ tolerance) { + this.MAX_ERRORS_ = maxErrors; + this.RETRY_INCREMENT_ = retryIncrement; + this.MAX_REQUESTS_ = maxRequests; + this.REQUEST_PERIOD_ = requestPeriod; + this.TIMEOUT_INCREMENT_ = timeoutIncrement; + this.MAX_TIMEOUT_ = maxTimeout; ++ this.TOLERANCE_ = tolerance; + + // Queue of ints keeping the time of all requests + this.requestTimes_ = []; +@@ -111,7 +114,9 @@ RequestBackoff.prototype.reset = function() { + */ + RequestBackoff.prototype.canMakeRequest = function() { + var now = Date.now(); +- if (now < this.nextRequestTime_) { ++ // Note that nsITimer delay is approximate: the timer can be fired before the ++ // requested time has elapsed. So, give it a tolerance ++ if (now + this.TOLERANCE_ < this.nextRequestTime_) { + return false; + } + +@@ -180,7 +185,8 @@ function RequestBackoffV4(maxRequests, requestPeriod) { + maxRequests /* num requests */, + requestPeriod /* request time, 60 min */, + backoffInterval /* backoff interval, 60 min */, +- 24 * 60 * 60 * 1000 /* max backoff, 24hr */); ++ 24 * 60 * 60 * 1000 /* max backoff, 24hr */, ++ 1000 /* tolerance of 1 sec */); + } + + // Expose this whole component. +diff --git toolkit/components/url-classifier/nsUrlClassifierListManager.js toolkit/components/url-classifier/nsUrlClassifierListManager.js +index 1e976b8597b7..5f10933163b6 100644 +--- toolkit/components/url-classifier/nsUrlClassifierListManager.js ++++ toolkit/components/url-classifier/nsUrlClassifierListManager.js +@@ -236,7 +236,10 @@ PROT_ListManager.prototype.setUpdateCheckTimer = function(updateUrl, + .createInstance(Ci.nsITimer); + this.updateCheckers_[updateUrl].initWithCallback(() => { + this.updateCheckers_[updateUrl] = null; +- this.checkForUpdates(updateUrl); ++ if (updateUrl && !this.checkForUpdates(updateUrl)) { ++ // Make another attempt later. ++ this.setUpdateCheckTimer(updateUrl, this.updateInterval); ++ } + }, delay, Ci.nsITimer.TYPE_ONE_SHOT); + } + /** +diff --git toolkit/components/url-classifier/tests/unit/test_backoff.js toolkit/components/url-classifier/tests/unit/test_backoff.js +index 365568c479e9..205507e83dd6 100644 +--- toolkit/components/url-classifier/tests/unit/test_backoff.js ++++ toolkit/components/url-classifier/tests/unit/test_backoff.js +@@ -11,7 +11,7 @@ function setNow(time) { + function run_test() { + // 3 errors, 1ms retry period, max 3 requests per ten milliseconds, + // 5ms backoff interval, 19ms max delay +- var rb = new jslib.RequestBackoff(3, 1, 3, 10, 5, 19); ++ var rb = new jslib.RequestBackoff(3, 1, 3, 10, 5, 19, 0); + setNow(1); + rb.noteServerResponse(200); + do_check_true(rb.canMakeRequest()); Added: head/www/waterfox/files/patch-bug1393235 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1393235 Sat Feb 24 00:49:01 2018 (r462756) @@ -0,0 +1,88 @@ +commit 9398bd6f4378 +Author: Eric Rahm +Date: Tue Aug 22 19:30:46 2017 -0700 + + Bug 1393235 - Fix improper usages of string functions. r=njn + + This fixes usages of `Find`, `RFind` and the equality operator that kind of + work right now but will break with the proper type checking of a templatized + version of the string classes. + + For `Find` and `RFind` it appears that `nsCString::(R)Find("foo", 0)` calls + were being coerced to the `Find(char*, bool, int, int)` versions. The intent was + probably to just start searching from position zero. + + For the equality operator, the type of nullptr is nullptr_t rather than + char(16_t)* so we'd need to add an operator overload that takes nullptr_t. In + this case just using `IsVoid` is probably more appropriate. + + --HG-- + extra : rebase_source : 50f78519084012ca669da0a211c489520c11d6b6 +--- + docshell/base/nsDefaultURIFixup.cpp | 2 +- + dom/media/gmp/ChromiumCDMChild.cpp | 2 +- + toolkit/components/places/nsNavHistory.cpp | 2 +- + toolkit/components/url-classifier/Classifier.cpp | 4 ++-- + 4 files changed, 5 insertions(+), 5 deletions(-) + +diff --git docshell/base/nsDefaultURIFixup.cpp docshell/base/nsDefaultURIFixup.cpp +index 77e008b15a17..a1a893b8efb2 100644 +--- docshell/base/nsDefaultURIFixup.cpp ++++ docshell/base/nsDefaultURIFixup.cpp +@@ -687,7 +687,7 @@ nsDefaultURIFixup::FixupURIProtocol(const nsACString& aURIString, + // no-scheme.com/query?foo=http://www.foo.com + // user:pass@no-scheme.com + // +- int32_t schemeDelim = uriString.Find("://", 0); ++ int32_t schemeDelim = uriString.Find("://"); + int32_t firstDelim = uriString.FindCharInSet("/:"); + if (schemeDelim <= 0 || + (firstDelim != -1 && schemeDelim > firstDelim)) { +diff --git dom/media/gmp/ChromiumCDMChild.cpp dom/media/gmp/ChromiumCDMChild.cpp +index e99f913622ab..8dc288b4c57e 100644 +--- dom/media/gmp/ChromiumCDMChild.cpp ++++ dom/media/gmp/ChromiumCDMChild.cpp +@@ -232,7 +232,7 @@ ChromiumCDMChild::OnResolveNewSessionPromiseInternal(uint32_t aPromiseId, + // a session it calls OnResolveNewSessionPromise with nullptr as the sessionId. + // We can safely assume this means that we have failed to load a session + // as the other methods specify calling 'OnRejectPromise' when they fail. +- bool loadSuccessful = aSessionId != nullptr; ++ bool loadSuccessful = !aSessionId.IsEmpty(); + GMP_LOG("ChromiumCDMChild::OnResolveNewSessionPromise(pid=%u, sid=%s) " + "resolving %s load session ", + aPromiseId, +diff --git toolkit/components/places/nsNavHistory.cpp toolkit/components/places/nsNavHistory.cpp +index 4e52752529fa..0b01d904b2f7 100644 +--- toolkit/components/places/nsNavHistory.cpp ++++ toolkit/components/places/nsNavHistory.cpp +@@ -1939,7 +1939,7 @@ PlacesSQLQueryBuilder::Where() + + // If we used WHERE already, we inject the conditions + // in place of {ADDITIONAL_CONDITIONS} +- if (mQueryString.Find("{ADDITIONAL_CONDITIONS}", 0) != kNotFound) { ++ if (mQueryString.Find("{ADDITIONAL_CONDITIONS}") != kNotFound) { + nsAutoCString innerCondition; + // If we have condition AND it + if (!mConditions.IsEmpty()) { +diff --git toolkit/components/url-classifier/Classifier.cpp toolkit/components/url-classifier/Classifier.cpp +index 500780150a91..68169925d2d0 100644 +--- toolkit/components/url-classifier/Classifier.cpp ++++ toolkit/components/url-classifier/Classifier.cpp +@@ -992,7 +992,7 @@ Classifier::ScanStoreDir(nsIFile* aDirectory, nsTArray& aTables) + // Both v2 and v4 contain .pset file + nsCString suffix(NS_LITERAL_CSTRING(".pset")); + +- int32_t dot = leafName.RFind(suffix, 0); ++ int32_t dot = leafName.RFind(suffix); + if (dot != -1) { + leafName.Cut(dot, suffix.Length()); + aTables.AppendElement(leafName); +@@ -1582,7 +1582,7 @@ Classifier::LoadMetadata(nsIFile* aDirectory, nsACString& aResult) + rv = file->GetNativeLeafName(tableName); + NS_ENSURE_SUCCESS(rv, rv); + +- int32_t dot = tableName.RFind(METADATA_SUFFIX, 0); ++ int32_t dot = tableName.RFind(METADATA_SUFFIX); + if (dot == -1) { + continue; + } Added: head/www/waterfox/files/patch-bug1394601 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1394601 Sat Feb 24 00:49:01 2018 (r462756) @@ -0,0 +1,26 @@ +commit 99cb2b5a1879 +Author: Francois Marier +Date: Mon Aug 28 17:06:00 2017 -0700 + + Bug 1394601 - Log an error when the Google API key is missing during Safe Browsing initialization. r=gcp + + MozReview-Commit-ID: DNwa9lR0J6K + + --HG-- + extra : rebase_source : 0a547c0cf88e1ed09268cbb810abaaca09e98531 +--- + toolkit/components/url-classifier/SafeBrowsing.jsm | 1 + + 1 file changed, 1 insertion(+) + +diff --git toolkit/components/url-classifier/SafeBrowsing.jsm toolkit/components/url-classifier/SafeBrowsing.jsm +index 051432393539..32cab18c187f 100644 +--- toolkit/components/url-classifier/SafeBrowsing.jsm ++++ toolkit/components/url-classifier/SafeBrowsing.jsm +@@ -343,6 +343,7 @@ this.SafeBrowsing = { + let googleKey = Services.urlFormatter.formatURL("%GOOGLE_API_KEY%").trim(); + if ((provider == "google" || provider == "google4") && + (!googleKey || googleKey == "no-google-api-key")) { ++ log("Missing Google API key, clearing updateURL and gethashURL."); + updateURL= ""; + gethashURL= ""; + } Added: head/www/waterfox/files/patch-bug1426869 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1426869 Sat Feb 24 00:49:01 2018 (r462756) @@ -0,0 +1,25 @@ +commit 65d845f891a3 +Author: Jet Villegas +Date: Tue Jan 9 08:00:00 2018 +0200 + + Bug 1426869 - td.contenteditable=true focus breaks text selection. r=masayuki, a=RyanVM + + --HG-- + extra : source : b3118b4fae1372c3aa57caf4b16af9834ce46539 + extra : amend_source : 1187aa7d3d760aa60b974b874968aea4d0e09eea +--- + layout/generic/nsFrameSelection.cpp | 1 + + 1 file changed, 1 insertion(+) + +diff --git layout/generic/nsFrameSelection.cpp layout/generic/nsFrameSelection.cpp +index c483622e1ffb..a60d69bf79e0 100644 +--- layout/generic/nsFrameSelection.cpp ++++ layout/generic/nsFrameSelection.cpp +@@ -1403,6 +1403,7 @@ nsFrameSelection::TakeFocus(nsIContent* aNewFocus, + + NS_ENSURE_STATE(mShell); + bool editableCell = false; ++ mCellParent = nullptr; + RefPtr context = mShell->GetPresContext(); + if (context) { + RefPtr htmlEditor = nsContentUtils::GetHTMLEditor(context); Added: head/www/waterfox/files/patch-bug1427118 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***