diff --git a/caps/ContentPrincipal.cpp b/caps/ContentPrincipal.cpp index 265d3ced2bee..a4bc4dc2cb53 100644 --- a/caps/ContentPrincipal.cpp +++ b/caps/ContentPrincipal.cpp @@ -99,7 +99,7 @@ nsresult ContentPrincipal::GenerateOriginNoSuffixFromURI( return NS_ERROR_FAILURE; } - MOZ_ASSERT(!NS_IsAboutBlank(origin), + MOZ_ASSERT(!NS_IsAboutBlankAllowQueryAndFragment(origin), "The inner URI for about:blank must be moz-safe-about:blank"); // Handle non-strict file:// uris. diff --git a/docshell/base/CanonicalBrowsingContext.cpp b/docshell/base/CanonicalBrowsingContext.cpp index f43ed0038ff6..5045757cec93 100644 --- a/docshell/base/CanonicalBrowsingContext.cpp +++ b/docshell/base/CanonicalBrowsingContext.cpp @@ -2959,7 +2959,7 @@ bool CanonicalBrowsingContext::AllowedInBFCache( nsCOMPtr currentURI = wgp->GetDocumentURI(); // Exempt about:* pages from bfcache, with the exception of about:blank if (currentURI->SchemeIs("about") && - !currentURI->GetSpecOrDefault().EqualsLiteral("about:blank")) { + !NS_IsAboutBlankAllowQueryAndFragment(currentURI)) { bfcacheCombo |= BFCacheStatus::ABOUT_PAGE; MOZ_LOG(gSHIPBFCacheLog, LogLevel::Debug, (" * about:* page")); } diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index af7b74f97e90..1cfbdef5c875 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -10053,7 +10053,7 @@ nsIPrincipal* nsDocShell::GetInheritedPrincipal( bool nsDocShell::IsAboutBlankLoadOntoInitialAboutBlank( nsIURI* aURI, bool aInheritPrincipal, nsIPrincipal* aPrincipalToInherit) { - return NS_IsAboutBlank(aURI) && aInheritPrincipal && + return NS_IsAboutBlankAllowQueryAndFragment(aURI) && aInheritPrincipal && (aPrincipalToInherit == GetInheritedPrincipal(false)) && (!mDocumentViewer || !mDocumentViewer->GetDocument() || mDocumentViewer->GetDocument()->IsInitialDocument()); diff --git a/dom/base/nsContentUtils.cpp b/dom/base/nsContentUtils.cpp index 984eb7a1a34b..46f2faad6648 100644 --- a/dom/base/nsContentUtils.cpp +++ b/dom/base/nsContentUtils.cpp @@ -7412,7 +7412,8 @@ bool nsContentUtils::ChannelShouldInheritPrincipal( // we're checking for things that will use the owner. inherit = (NS_SUCCEEDED(URIInheritsSecurityContext(aURI, &uriInherits)) && - (uriInherits || (aInheritForAboutBlank && NS_IsAboutBlank(aURI)))) || + (uriInherits || (aInheritForAboutBlank && + NS_IsAboutBlankAllowQueryAndFragment(aURI)))) || // // file: uri special-casing // diff --git a/dom/base/nsGlobalWindowInner.cpp b/dom/base/nsGlobalWindowInner.cpp index edd15b851866..8aa1c19f310b 100644 --- a/dom/base/nsGlobalWindowInner.cpp +++ b/dom/base/nsGlobalWindowInner.cpp @@ -1861,12 +1861,9 @@ nsresult nsGlobalWindowInner::EnsureClientSource() { bool ignoreLoadInfo = false; - // Note, this is mostly copied from NS_IsAboutBlank(). Its duplicated - // here so we can efficiently check about:srcdoc as well. if (uri->SchemeIs("about")) { - nsCString spec = uri->GetSpecOrDefault(); - ignoreLoadInfo = spec.EqualsLiteral("about:blank") || - spec.EqualsLiteral("about:srcdoc"); + ignoreLoadInfo = + NS_IsAboutBlankAllowQueryAndFragment(uri) || NS_IsAboutSrcdoc(uri); } else { // Its not an about: URL, so now check for our other URL types. ignoreLoadInfo = uri->SchemeIs("data") || uri->SchemeIs("blob"); diff --git a/dom/clients/api/Clients.cpp b/dom/clients/api/Clients.cpp index b08a7fa59801..c3e14928725f 100644 --- a/dom/clients/api/Clients.cpp +++ b/dom/clients/api/Clients.cpp @@ -21,6 +21,7 @@ #include "mozilla/StorageAccess.h" #include "nsIGlobalObject.h" #include "nsString.h" +#include "nsReadableUtils.h" namespace mozilla::dom { @@ -212,7 +213,9 @@ already_AddRefed Clients::OpenWindow(const nsAString& aURL, return outerPromise.forget(); } - if (aURL.EqualsLiteral("about:blank")) { + if (aURL.EqualsLiteral(u"about:blank") || + StringBeginsWith(aURL, u"about:blank?"_ns) || + StringBeginsWith(aURL, u"about:blank#"_ns)) { CopyableErrorResult rv; rv.ThrowTypeError( "Passing \"about:blank\" to Clients.openWindow is not allowed"); diff --git a/dom/clients/manager/ClientNavigateOpChild.cpp b/dom/clients/manager/ClientNavigateOpChild.cpp index 4d47dd826eb6..5ea27f8b1476 100644 --- a/dom/clients/manager/ClientNavigateOpChild.cpp +++ b/dom/clients/manager/ClientNavigateOpChild.cpp @@ -224,7 +224,7 @@ RefPtr ClientNavigateOpChild::DoNavigate( return ClientOpPromise::CreateAndReject(result, __func__); } - if (url->GetSpecOrDefault().EqualsLiteral("about:blank")) { + if (NS_IsAboutBlankAllowQueryAndFragment(url)) { CopyableErrorResult result; result.ThrowTypeError("Navigation to \"about:blank\" is not allowed"); return ClientOpPromise::CreateAndReject(result, __func__); diff --git a/dom/html/nsHTMLDocument.cpp b/dom/html/nsHTMLDocument.cpp index 26165bb62224..8db05f826b38 100644 --- a/dom/html/nsHTMLDocument.cpp +++ b/dom/html/nsHTMLDocument.cpp @@ -339,12 +339,8 @@ nsresult nsHTMLDocument::StartDocumentLoad( // mDocumentURI hasn't been set, yet, so get the URI from the channel nsCOMPtr uri; aChannel->GetOriginalURI(getter_AddRefs(uri)); - // Adapted from nsDocShell: - // GetSpec can be expensive for some URIs, so check the scheme first. - if (uri && uri->SchemeIs("about")) { - if (uri->GetSpecOrDefault().EqualsLiteral("about:blank")) { - loadAsHtml5 = false; - } + if (NS_IsAboutBlankAllowQueryAndFragment(uri)) { + loadAsHtml5 = false; } } diff --git a/netwerk/base/nsNetUtil.cpp b/netwerk/base/nsNetUtil.cpp index b700c7e0dd31..d48315c7f03f 100644 --- a/netwerk/base/nsNetUtil.cpp +++ b/netwerk/base/nsNetUtil.cpp @@ -23,6 +23,7 @@ #include "mozilla/StoragePrincipalHelper.h" #include "mozilla/TaskQueue.h" #include "mozilla/Telemetry.h" +#include "nsAboutProtocolUtils.h" #include "nsBufferedStreams.h" #include "nsCategoryCache.h" #include "nsComponentManagerUtils.h" @@ -2803,6 +2804,20 @@ bool NS_IsAboutBlank(nsIURI* uri) { return spec.EqualsLiteral("about:blank"); } +bool NS_IsAboutBlankAllowQueryAndFragment(nsIURI* uri) { + // GetSpec can be expensive for some URIs, so check the scheme first. + if (!uri->SchemeIs("about")) { + return false; + } + + nsAutoCString name; + if (NS_FAILED(NS_GetAboutModuleName(uri, name))) { + return false; + } + + return name.EqualsLiteral("blank"); +} + bool NS_IsAboutSrcdoc(nsIURI* uri) { // GetSpec can be expensive for some URIs, so check the scheme first. if (!uri->SchemeIs("about")) { diff --git a/netwerk/base/nsNetUtil.h b/netwerk/base/nsNetUtil.h index 8058ae89d944..2cda0dbee9a4 100644 --- a/netwerk/base/nsNetUtil.h +++ b/netwerk/base/nsNetUtil.h @@ -875,6 +875,12 @@ void net_EnsurePSMInit(); */ bool NS_IsAboutBlank(nsIURI* uri); +/** + * Test whether a URI is "about:blank", possibly with fragment or query. |uri| + * must not be null + */ +bool NS_IsAboutBlankAllowQueryAndFragment(nsIURI* uri); + /** * Test whether a URI is "about:srcdoc". |uri| must not be null */ diff --git a/parser/htmlparser/nsParser.h b/parser/htmlparser/nsParser.h index 95782e954be9..40edb3dc802f 100644 --- a/parser/htmlparser/nsParser.h +++ b/parser/htmlparser/nsParser.h @@ -239,6 +239,8 @@ class nsParser final : public nsIParser, void HandleParserContinueEvent(class nsParserContinueEvent*); void Reset() { + MOZ_ASSERT(!mIsAboutBlank, + "Only the XML fragment parsing case is supposed to call this."); Cleanup(); mUnusedInput.Truncate(); Initialize(); diff --git a/testing/web-platform/meta/html/browsers/browsing-the-web/navigating-across-documents/initial-empty-document/load-pageshow-events-iframe-contentWindow.html.ini b/testing/web-platform/meta/html/browsers/browsing-the-web/navigating-across-documents/initial-empty-document/load-pageshow-events-iframe-contentWindow.html.ini index c514ffc0ea07..525f3b49b87f 100644 --- a/testing/web-platform/meta/html/browsers/browsing-the-web/navigating-across-documents/initial-empty-document/load-pageshow-events-iframe-contentWindow.html.ini +++ b/testing/web-platform/meta/html/browsers/browsing-the-web/navigating-across-documents/initial-empty-document/load-pageshow-events-iframe-contentWindow.html.ini @@ -2,19 +2,19 @@ expected: if (os == "android") and fission: [OK, TIMEOUT] [load & pageshow event do not fire on contentWindow of