nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity

Bug 1539595 - Create a separate content process type for privleged mozilla content r=nika,flod

Browse source 
Differential Revision: https://phabricator.services.mozilla.com/D30276

--HG--
rename : browser/base/content/test/general/browser_e10s_about_page_triggeringprincipal.js => browser/base/content/test/tabs/browser_e10s_about_page_triggeringprincipal.js
rename : browser/base/content/test/general/browser_e10s_about_process.js => browser/base/content/test/tabs/browser_e10s_about_process.js
rename : browser/base/content/test/general/browser_e10s_chrome_process.js => browser/base/content/test/tabs/browser_e10s_chrome_process.js
rename : browser/base/content/test/general/browser_e10s_javascript.js => browser/base/content/test/tabs/browser_e10s_javascript.js
rename : browser/base/content/test/general/browser_e10s_switchbrowser.js => browser/base/content/test/tabs/browser_e10s_switchbrowser.js
rename : browser/base/content/test/general/file_about_child.html => browser/base/content/test/tabs/file_about_child.html
rename : browser/base/content/test/general/file_about_parent.html => browser/base/content/test/tabs/file_about_parent.html
rename : browser/base/content/test/general/test_process_flags_chrome.html => browser/base/content/test/tabs/test_process_flags_chrome.html
extra : moz-landing-system : lando
This commit is contained in:
Tom Ritter 2019-05-29 11:31:50 +00:00
parent b8705a8481
commit ff200aa350
21 changed files with 481 additions and 249 deletions
repo.diff.show_diff_stats Download patch file Download diff file Expand all files Collapse all files

7
browser/app/profile/firefox.js
View file

@ -498,11 +498,16 @@ pref("browser.tabs.showAudioPlayingIcon", true);
// This should match Chromium's audio indicator delay.
pref("browser.tabs.delayHidingAudioPlayingIconMS", 3000);
#if defined(NIGHTLY_BUILD) && !defined(MOZ_ASAN)
// Pref to control whether we use a separate privileged content process
// for about: pages. This pref name did not age well: we will have multiple
// types of privileged content processes, each with different privileges.
#if defined(NIGHTLY_BUILD) && !defined(MOZ_ASAN)
// types of privleged content processes, each with different privleges.
pref("browser.tabs.remote.separatePrivilegedContentProcess", true);
// Pref to control whether we use a separate privileged content process
// for certain mozilla webpages (which are listed in the pref
// browser.tabs.remote.separatedMozillaDomains).
pref("browser.tabs.remote.separatePrivilegedMozillaWebContentProcess", true);
#endif
#ifdef NIGHTLY_BUILD

16
browser/base/content/test/general/browser.ini
View file

@ -47,7 +47,6 @@ support-files =
test_bug462673.html
test_bug628179.html
test_bug839103.html
test_process_flags_chrome.html
title_test.svg
unknownContentType_file.pif
unknownContentType_file.pif^headers^
@ -414,21 +413,6 @@ skip-if = e10s || debug # Bug 1094240 - has findbar-related failures
# DO NOT ADD MORE TESTS HERE. USE A TOPICAL DIRECTORY INSTEAD.
[browser_addCertException.js]
# DO NOT ADD MORE TESTS HERE. USE A TOPICAL DIRECTORY INSTEAD.
[browser_e10s_about_page_triggeringprincipal.js]
skip-if = verify
support-files =
file_about_child.html
file_about_parent.html
# DO NOT ADD MORE TESTS HERE. USE A TOPICAL DIRECTORY INSTEAD.
[browser_e10s_switchbrowser.js]
# DO NOT ADD MORE TESTS HERE. USE A TOPICAL DIRECTORY INSTEAD.
[browser_e10s_about_process.js]
# DO NOT ADD MORE TESTS HERE. USE A TOPICAL DIRECTORY INSTEAD.
[browser_e10s_chrome_process.js]
skip-if = debug # Bug 1444565, Bug 1457887
# DO NOT ADD MORE TESTS HERE. USE A TOPICAL DIRECTORY INSTEAD.
[browser_e10s_javascript.js]
# DO NOT ADD MORE TESTS HERE. USE A TOPICAL DIRECTORY INSTEAD.
[browser_blockHPKP.js]
skip-if = verify && !debug
uses-unsafe-cpows = true

176
browser/base/content/test/general/browser_e10s_about_process.js
View file

@ -1,176 +0,0 @@
const CHROME_PROCESS = E10SUtils.NOT_REMOTE;
const WEB_CONTENT_PROCESS = E10SUtils.WEB_REMOTE_TYPE;
const PRIVILEGED_CONTENT_PROCESS = E10SUtils.PRIVILEGEDABOUT_REMOTE_TYPE;
const EXTENSION_PROCESS = E10SUtils.EXTENSION_REMOTE_TYPE;
const CHROME = {
id: "cb34538a-d9da-40f3-b61a-069f0b2cb9fb",
path: "test-chrome",
flags: 0,
};
const CANREMOTE = {
id: "2480d3e1-9ce4-4b84-8ae3-910b9a95cbb3",
path: "test-allowremote",
flags: Ci.nsIAboutModule.URI_CAN_LOAD_IN_CHILD,
};
const MUSTREMOTE = {
id: "f849cee5-e13e-44d2-981d-0fb3884aaead",
path: "test-mustremote",
flags: Ci.nsIAboutModule.URI_MUST_LOAD_IN_CHILD,
};
const CANPRIVILEGEDREMOTE = {
id: "a04ffafe-6c63-4266-acae-0f4b093165aa",
path: "test-canprivilegedremote",
flags: Ci.nsIAboutModule.URI_MUST_LOAD_IN_CHILD |
Ci.nsIAboutModule.URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS,
};
const MUSTEXTENSION = {
id: "f7a1798f-965b-49e9-be83-ec6ee4d7d675",
path: "test-mustextension",
flags: Ci.nsIAboutModule.URI_MUST_LOAD_IN_EXTENSION_PROCESS,
};
const TEST_MODULES = [
CHROME,
CANREMOTE,
MUSTREMOTE,
CANPRIVILEGEDREMOTE,
MUSTEXTENSION,
];
function AboutModule() {
}
AboutModule.prototype = {
newChannel(aURI, aLoadInfo) {
throw Cr.NS_ERROR_NOT_IMPLEMENTED;
},
getURIFlags(aURI) {
for (let module of TEST_MODULES) {
if (aURI.pathQueryRef.startsWith(module.path)) {
return module.flags;
}
}
ok(false, "Called getURIFlags for an unknown page " + aURI.spec);
return 0;
},
getIndexedDBOriginPostfix(aURI) {
return null;
},
QueryInterface: ChromeUtils.generateQI([Ci.nsIAboutModule]),
};
var AboutModuleFactory = {
createInstance(aOuter, aIID) {
if (aOuter)
throw Cr.NS_ERROR_NO_AGGREGATION;
return new AboutModule().QueryInterface(aIID);
},
lockFactory(aLock) {
throw Cr.NS_ERROR_NOT_IMPLEMENTED;
},
QueryInterface: ChromeUtils.generateQI([Ci.nsIFactory]),
};
add_task(async function init() {
let registrar = Components.manager.QueryInterface(Ci.nsIComponentRegistrar);
for (let module of TEST_MODULES) {
registrar.registerFactory(Components.ID(module.id), "",
"@mozilla.org/network/protocol/about;1?what=" + module.path,
AboutModuleFactory);
}
});
registerCleanupFunction(() => {
let registrar = Components.manager.QueryInterface(Ci.nsIComponentRegistrar);
for (let module of TEST_MODULES) {
registrar.unregisterFactory(Components.ID(module.id), AboutModuleFactory);
}
});
function test_url(url, chromeResult, webContentResult, privilegedContentResult, extensionProcessResult) {
is(E10SUtils.canLoadURIInRemoteType(url, /* fission */ false, CHROME_PROCESS),
chromeResult, "Check URL in chrome process.");
is(E10SUtils.canLoadURIInRemoteType(url, /* fission */ false, WEB_CONTENT_PROCESS),
webContentResult, "Check URL in web content process.");
is(E10SUtils.canLoadURIInRemoteType(url, /* fission */ false, PRIVILEGED_CONTENT_PROCESS),
privilegedContentResult, "Check URL in privileged content process.");
is(E10SUtils.canLoadURIInRemoteType(url, /* fission */ false, EXTENSION_PROCESS),
extensionProcessResult, "Check URL in extension process.");
is(E10SUtils.canLoadURIInRemoteType(url + "#foo", /* fission */ false, CHROME_PROCESS),
chromeResult, "Check URL with ref in chrome process.");
is(E10SUtils.canLoadURIInRemoteType(url + "#foo", /* fission */ false, WEB_CONTENT_PROCESS),
webContentResult, "Check URL with ref in web content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "#foo", /* fission */ false, PRIVILEGED_CONTENT_PROCESS),
privilegedContentResult, "Check URL with ref in privileged content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "#foo", /* fission */ false, EXTENSION_PROCESS),
extensionProcessResult, "Check URL with ref in extension process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo", /* fission */ false, CHROME_PROCESS),
chromeResult, "Check URL with query in chrome process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo", /* fission */ false, WEB_CONTENT_PROCESS),
webContentResult, "Check URL with query in web content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo", /* fission */ false, PRIVILEGED_CONTENT_PROCESS),
privilegedContentResult, "Check URL with query in privileged content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo", /* fission */ false, EXTENSION_PROCESS),
extensionProcessResult, "Check URL with query in extension process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo#bar", /* fission */ false, CHROME_PROCESS),
chromeResult, "Check URL with query and ref in chrome process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo#bar", /* fission */ false, WEB_CONTENT_PROCESS),
webContentResult, "Check URL with query and ref in web content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo#bar", /* fission */ false, PRIVILEGED_CONTENT_PROCESS),
privilegedContentResult, "Check URL with query and ref in privileged content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo#bar", /* fission */ false, EXTENSION_PROCESS),
extensionProcessResult, "Check URL with query and ref in extension process.");
}
add_task(async function test_chrome() {
test_url("about:" + CHROME.path, true, false, false, false);
});
add_task(async function test_any() {
test_url("about:" + CANREMOTE.path, true, true, false, false);
});
add_task(async function test_remote() {
test_url("about:" + MUSTREMOTE.path, false, true, false, false);
});
add_task(async function test_privileged_remote_true() {
await SpecialPowers.pushPrefEnv({
set: [
["browser.tabs.remote.separatePrivilegedContentProcess", true],
],
});
// This shouldn't be taken literally. We will always use the privleged about
// content type if the URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS flag is enabled and
// the pref is turned on.
test_url("about:" + CANPRIVILEGEDREMOTE.path, false, false, true, false);
});
add_task(async function test_privileged_remote_false() {
await SpecialPowers.pushPrefEnv({
set: [
["browser.tabs.remote.separatePrivilegedContentProcess", false],
],
});
// This shouldn't be taken literally. We will always use the privleged about
// content type if the URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS flag is enabled and
// the pref is turned on.
test_url("about:" + CANPRIVILEGEDREMOTE.path, false, true, false, false);
});
add_task(async function test_extension() {
test_url("about:" + MUSTEXTENSION.path, false, false, false, true);
});

14
browser/base/content/test/tabs/browser.ini
View file

@ -4,6 +4,7 @@ support-files =
dummy_page.html
../general/audio.ogg
file_mediaPlayback.html
test_process_flags_chrome.html
[browser_accessibility_indicator.js]
skip-if = (verify && debug && (os == 'linux')) || (os == 'win' && processor == 'aarch64')
@ -19,6 +20,17 @@ skip-if = (verify && debug && (os == 'linux'))
support-files =
test_bug1358314.html
[browser_isLocalAboutURI.js]
[browser_e10s_about_page_triggeringprincipal.js]
skip-if = verify
support-files =
file_about_child.html
file_about_parent.html
[browser_e10s_switchbrowser.js]
[browser_e10s_about_process.js]
[browser_e10s_mozillaweb_process.js]
[browser_e10s_chrome_process.js]
skip-if = debug # Bug 1444565, Bug 1457887
[browser_e10s_javascript.js]
[browser_multiselect_tabs_active_tab_selected_by_default.js]
[browser_multiselect_tabs_bookmark.js]
[browser_multiselect_tabs_clear_selection_when_tab_switch.js]
@ -54,6 +66,8 @@ skip-if = (debug && os == 'linux' && bits == 32) #Bug 1455882, disabled on Linux
support-files = file_new_tab_page.html
[browser_new_tab_in_privilegedabout_process_pref.js]
skip-if = !e10s # Pref and test only relevant for e10s.
[browser_privilegedmozilla_process_pref.js]
skip-if = !e10s # Pref and test only relevant for e10s.
[browser_new_web_tab_in_file_process_pref.js]
skip-if = !e10s # Pref and test only relevant for e10s.
[browser_newwindow_tabstrip_overflow.js]

0
browser/base/content/test/general/browser_e10s_about_page_triggeringprincipal.js → browser/base/content/test/tabs/browser_e10s_about_page_triggeringprincipal.js
View file

135
browser/base/content/test/tabs/browser_e10s_about_process.js Normal file
View file

@ -0,0 +1,135 @@
const CHROME = {
id: "cb34538a-d9da-40f3-b61a-069f0b2cb9fb",
path: "test-chrome",
flags: 0,
};
const CANREMOTE = {
id: "2480d3e1-9ce4-4b84-8ae3-910b9a95cbb3",
path: "test-allowremote",
flags: Ci.nsIAboutModule.URI_CAN_LOAD_IN_CHILD,
};
const MUSTREMOTE = {
id: "f849cee5-e13e-44d2-981d-0fb3884aaead",
path: "test-mustremote",
flags: Ci.nsIAboutModule.URI_MUST_LOAD_IN_CHILD,
};
const CANPRIVILEGEDREMOTE = {
id: "a04ffafe-6c63-4266-acae-0f4b093165aa",
path: "test-canprivilegedremote",
flags: Ci.nsIAboutModule.URI_MUST_LOAD_IN_CHILD |
Ci.nsIAboutModule.URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS,
};
const MUSTEXTENSION = {
id: "f7a1798f-965b-49e9-be83-ec6ee4d7d675",
path: "test-mustextension",
flags: Ci.nsIAboutModule.URI_MUST_LOAD_IN_EXTENSION_PROCESS,
};
const TEST_MODULES = [
CHROME,
CANREMOTE,
MUSTREMOTE,
CANPRIVILEGEDREMOTE,
MUSTEXTENSION,
];
function AboutModule() {
}
AboutModule.prototype = {
newChannel(aURI, aLoadInfo) {
throw Cr.NS_ERROR_NOT_IMPLEMENTED;
},
getURIFlags(aURI) {
for (let module of TEST_MODULES) {
if (aURI.pathQueryRef.startsWith(module.path)) {
return module.flags;
}
}
ok(false, "Called getURIFlags for an unknown page " + aURI.spec);
return 0;
},
getIndexedDBOriginPostfix(aURI) {
return null;
},
QueryInterface: ChromeUtils.generateQI([Ci.nsIAboutModule]),
};
var AboutModuleFactory = {
createInstance(aOuter, aIID) {
if (aOuter)
throw Cr.NS_ERROR_NO_AGGREGATION;
return new AboutModule().QueryInterface(aIID);
},
lockFactory(aLock) {
throw Cr.NS_ERROR_NOT_IMPLEMENTED;
},
QueryInterface: ChromeUtils.generateQI([Ci.nsIFactory]),
};
add_task(async function init() {
SpecialPowers.setBoolPref("browser.tabs.remote.separatePrivilegedMozillaWebContentProcess", true);
let registrar = Components.manager.QueryInterface(Ci.nsIComponentRegistrar);
for (let module of TEST_MODULES) {
registrar.registerFactory(Components.ID(module.id), "",
"@mozilla.org/network/protocol/about;1?what=" + module.path,
AboutModuleFactory);
}
});
registerCleanupFunction(() => {
SpecialPowers.clearUserPref("browser.tabs.remote.separatePrivilegedMozillaWebContentProcess");
let registrar = Components.manager.QueryInterface(Ci.nsIComponentRegistrar);
for (let module of TEST_MODULES) {
registrar.unregisterFactory(Components.ID(module.id), AboutModuleFactory);
}
});
add_task(async function test_chrome() {
test_url_for_process_types("about:" + CHROME.path, true, false, false, false, false);
});
add_task(async function test_any() {
test_url_for_process_types("about:" + CANREMOTE.path, true, true, false, false, false);
});
add_task(async function test_remote() {
test_url_for_process_types("about:" + MUSTREMOTE.path, false, true, false, false, false);
});
add_task(async function test_privileged_remote_true() {
await SpecialPowers.pushPrefEnv({
set: [
["browser.tabs.remote.separatePrivilegedContentProcess", true],
],
});
// This shouldn't be taken literally. We will always use the privleged about
// content type if the URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS flag is enabled and
// the pref is turned on.
test_url_for_process_types("about:" + CANPRIVILEGEDREMOTE.path, false, false, true, false, false);
});
add_task(async function test_privileged_remote_false() {
await SpecialPowers.pushPrefEnv({
set: [
["browser.tabs.remote.separatePrivilegedContentProcess", false],
],
});
// This shouldn't be taken literally. We will always use the privleged about
// content type if the URI_CAN_LOAD_IN_PRIVILEGEDABOUT_PROCESS flag is enabled and
// the pref is turned on.
test_url_for_process_types("about:" + CANPRIVILEGEDREMOTE.path, false, true, false, false, false);
});
add_task(async function test_extension() {
test_url_for_process_types("about:" + MUSTEXTENSION.path, false, false, false, false, true);
});

30
browser/base/content/test/general/browser_e10s_chrome_process.js → browser/base/content/test/tabs/browser_e10s_chrome_process.js
View file

@ -32,8 +32,6 @@ function makeTest(name, startURL, startProcessIsRemote, endURL, endProcessIsRemo
};
}
const CHROME_PROCESS = E10SUtils.NOT_REMOTE;
const WEB_CONTENT_PROCESS = E10SUtils.WEB_REMOTE_TYPE;
const PATH = (getRootDirectory(gTestPath) + "test_process_flags_chrome.html").replace("chrome://mochitests", "");
const CHROME = "chrome://mochitests" + PATH;
@ -48,38 +46,16 @@ registerCleanupFunction(() => {
gBrowser.removeCurrentTab();
});
function test_url(url, chromeResult, contentResult) {
is(E10SUtils.canLoadURIInRemoteType(url, /* fission */ false, CHROME_PROCESS),
chromeResult, "Check URL in chrome process.");
is(E10SUtils.canLoadURIInRemoteType(url, /* fission */ false, WEB_CONTENT_PROCESS),
contentResult, "Check URL in web content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "#foo", /* fission */ false, CHROME_PROCESS),
chromeResult, "Check URL with ref in chrome process.");
is(E10SUtils.canLoadURIInRemoteType(url + "#foo", /* fission */ false, WEB_CONTENT_PROCESS),
contentResult, "Check URL with ref in web content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo", /* fission */ false, CHROME_PROCESS),
chromeResult, "Check URL with query in chrome process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo", /* fission */ false, WEB_CONTENT_PROCESS),
contentResult, "Check URL with query in web content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo#bar", /* fission */ false, CHROME_PROCESS),
chromeResult, "Check URL with query and ref in chrome process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo#bar", /* fission */ false, WEB_CONTENT_PROCESS),
contentResult, "Check URL with query and ref in web content process.");
}
add_task(async function test_chrome() {
test_url(CHROME, true, false);
test_url_for_process_types(CHROME, true, false, false, false, false);
});
add_task(async function test_any() {
test_url(CANREMOTE, true, true);
test_url_for_process_types(CANREMOTE, true, true, false, false, false);
});
add_task(async function test_remote() {
test_url(MUSTREMOTE, false, true);
test_url_for_process_types(MUSTREMOTE, false, true, false, false, false);
});
// The set of page transitions

0
browser/base/content/test/general/browser_e10s_javascript.js → browser/base/content/test/tabs/browser_e10s_javascript.js
View file

24
browser/base/content/test/tabs/browser_e10s_mozillaweb_process.js Normal file
View file

@ -0,0 +1,24 @@
add_task(async function test_privileged_remote_true() {
await SpecialPowers.pushPrefEnv({
set: [
["browser.tabs.remote.separatePrivilegedContentProcess", true],
["browser.tabs.remote.separatePrivilegedMozillaWebContentProcess", true],
["browser.tabs.remote.separatedMozillaDomains", "example.org"],
],
});
test_url_for_process_types("https://example.com", false, true, false, false, false);
test_url_for_process_types("https://example.org", false, false, false, true, false);
});
add_task(async function test_privileged_remote_false() {
await SpecialPowers.pushPrefEnv({
set: [
["browser.tabs.remote.separatePrivilegedContentProcess", true],
["browser.tabs.remote.separatePrivilegedMozillaWebContentProcess", false],
],
});
test_url_for_process_types("https://example.com", false, true, false, false, false);
test_url_for_process_types("https://example.org", false, true, false, false, false);
});

0
browser/base/content/test/general/browser_e10s_switchbrowser.js → browser/base/content/test/tabs/browser_e10s_switchbrowser.js
View file

25
browser/base/content/test/tabs/browser_new_tab_in_privilegedabout_process_pref.js
View file

@ -17,31 +17,6 @@ const ABOUT_NEWTAB = "about:newtab";
const ABOUT_WELCOME = "about:welcome";
const TEST_HTTP = "http://example.org/";
/**
* Takes a xul:browser and makes sure that the remoteTypes for the browser in
* both the parent and the child processes are the same.
*
* @param {xul:browser} browser
* A xul:browser.
* @param {string} expectedRemoteType
* The expected remoteType value for the browser in both the parent
* and child processes.
* @param {optional string} message
* If provided, shows this string as the message when remoteType values
* do not match. If not present, it uses the default message defined
* in the function parameters.
*/
function checkBrowserRemoteType(
browser,
expectedRemoteType,
message = `Ensures that tab runs in the ${expectedRemoteType} content process.`
) {
// Check both parent and child to ensure that they have the correct remoteType.
is(browser.remoteType, expectedRemoteType, message);
is(browser.messageManager.remoteType, expectedRemoteType,
"Parent and child process should agree on the remote type.");
}
add_task(async function setup() {
await SpecialPowers.pushPrefEnv({
set: [

183
browser/base/content/test/tabs/browser_privilegedmozilla_process_pref.js Normal file
View file

@ -0,0 +1,183 @@
/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */
/* vim: set ft=javascript ts=2 et sw=2 tw=80: */
/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/
*/
/**
* Tests to ensure that Mozilla Privileged Webpages load in the privileged
* mozilla web content process. Normal http web pages should load in the web
* content process.
* Ref: Bug 1539595.
*/
// High and Low Privilege
const TEST_HIGH1 = "https://example.org/";
const TEST_HIGH2 = "https://test1.example.org/";
const TEST_LOW1 = "http://example.org/";
const TEST_LOW2 = "https://example.com/";
add_task(async function setup() {
await SpecialPowers.pushPrefEnv({
set: [
["browser.tabs.remote.separatePrivilegedMozillaWebContentProcess", true],
["browser.tabs.remote.separatedMozillaDomains", "example.org"],
["dom.ipc.processCount.privilegedmozilla", 1],
],
});
});
/*
* Test to ensure that the tabs open in privileged mozilla content process. We
* will first open a page that acts as a reference to the privileged mozilla web
* content process. With the reference, we can then open other links in a new tab
* and ensure that the new tab opens in the same privileged mozilla content process
* as our reference.
*/
add_task(async function webpages_in_privileged_content_process() {
Services.ppmm.releaseCachedProcesses();
await BrowserTestUtils.withNewTab(TEST_HIGH1, async function(browser1) {
checkBrowserRemoteType(browser1, E10SUtils.PRIVILEGEDMOZILLA_REMOTE_TYPE);
// Note the processID for about:newtab for comparison later.
let privilegedPid = browser1.frameLoader.remoteTab.osPid;
for (let url of [
TEST_HIGH1,
`${TEST_HIGH1}#foo`,
`${TEST_HIGH1}?q=foo`,
TEST_HIGH2,
`${TEST_HIGH2}#foo`,
`${TEST_HIGH2}?q=foo`,
]) {
await BrowserTestUtils.withNewTab(url, async function(browser2) {
is(browser2.frameLoader.remoteTab.osPid, privilegedPid,
"Check that privileged pages are in the same privileged mozilla content process.");
});
}
});
Services.ppmm.releaseCachedProcesses();
});
/*
* Test to ensure that a process switch occurs when navigating between normal
* web pages and unprivileged pages in the same tab.
*/
add_task(async function process_switching_through_loading_in_the_same_tab() {
Services.ppmm.releaseCachedProcesses();
await BrowserTestUtils.withNewTab(TEST_LOW1, async function(browser) {
checkBrowserRemoteType(browser, E10SUtils.WEB_REMOTE_TYPE);
for (let [url, remoteType] of [
[TEST_HIGH1, E10SUtils.PRIVILEGEDMOZILLA_REMOTE_TYPE],
[TEST_LOW1, E10SUtils.WEB_REMOTE_TYPE],
[TEST_HIGH1, E10SUtils.PRIVILEGEDMOZILLA_REMOTE_TYPE],
[TEST_LOW2, E10SUtils.WEB_REMOTE_TYPE],
[TEST_HIGH1, E10SUtils.PRIVILEGEDMOZILLA_REMOTE_TYPE],
[TEST_LOW1, E10SUtils.WEB_REMOTE_TYPE],
[TEST_LOW2, E10SUtils.WEB_REMOTE_TYPE],
[`${TEST_HIGH1}#foo`, E10SUtils.PRIVILEGEDMOZILLA_REMOTE_TYPE],
[TEST_LOW1, E10SUtils.WEB_REMOTE_TYPE],
[`${TEST_HIGH1}#bar`, E10SUtils.PRIVILEGEDMOZILLA_REMOTE_TYPE],
[TEST_LOW2, E10SUtils.WEB_REMOTE_TYPE],
[`${TEST_HIGH1}#baz`, E10SUtils.PRIVILEGEDMOZILLA_REMOTE_TYPE],
[TEST_LOW1, E10SUtils.WEB_REMOTE_TYPE],
[`${TEST_HIGH1}?q=foo`, E10SUtils.PRIVILEGEDMOZILLA_REMOTE_TYPE],
[TEST_LOW2, E10SUtils.WEB_REMOTE_TYPE],
[`${TEST_HIGH1}?q=bar`, E10SUtils.PRIVILEGEDMOZILLA_REMOTE_TYPE],
[TEST_LOW1, E10SUtils.WEB_REMOTE_TYPE],
[`${TEST_HIGH1}?q=baz`, E10SUtils.PRIVILEGEDMOZILLA_REMOTE_TYPE],
[TEST_LOW2, E10SUtils.WEB_REMOTE_TYPE],
]) {
BrowserTestUtils.loadURI(browser, url);
await BrowserTestUtils.browserLoaded(browser, false, url);
checkBrowserRemoteType(browser, remoteType);
}
});
Services.ppmm.releaseCachedProcesses();
});
/*
* Test to ensure that a process switch occurs when navigating between normal
* web pages and privileged pages using the browser's navigation features
* such as history and location change.
*/
add_task(async function process_switching_through_navigation_features() {
Services.ppmm.releaseCachedProcesses();
await BrowserTestUtils.withNewTab(TEST_HIGH1, async function(browser) {
checkBrowserRemoteType(browser, E10SUtils.PRIVILEGEDMOZILLA_REMOTE_TYPE);
// Note the processID for about:newtab for comparison later.
let privilegedPid = browser.frameLoader.remoteTab.osPid;
// Check that about:newtab opened from JS in about:newtab page is in the same process.
let promiseTabOpened = BrowserTestUtils.waitForNewTab(gBrowser, TEST_HIGH1, true);
await ContentTask.spawn(browser, TEST_HIGH1, uri => {
content.open(uri, "_blank");
});
let newTab = await promiseTabOpened;
registerCleanupFunction(async function() {
BrowserTestUtils.removeTab(newTab);
});
browser = newTab.linkedBrowser;
is(browser.frameLoader.remoteTab.osPid, privilegedPid,
"Check that new tab opened from privileged page is loaded in privileged mozilla content process.");
// Check that reload does not break the privileged mozilla content process affinity.
BrowserReload();
await BrowserTestUtils.browserLoaded(browser, false, TEST_HIGH1);
is(browser.frameLoader.remoteTab.osPid, privilegedPid,
"Check that privileged page is still in privileged mozilla content process after reload.");
// Load http webpage
BrowserTestUtils.loadURI(browser, TEST_LOW1);
await BrowserTestUtils.browserLoaded(browser, false, TEST_LOW1);
checkBrowserRemoteType(browser, E10SUtils.WEB_REMOTE_TYPE);
// Check that using the history back feature switches back to privileged mozilla content process.
let promiseLocation = BrowserTestUtils.waitForLocationChange(gBrowser, TEST_HIGH1);
browser.goBack();
await promiseLocation;
// We will need to ensure that the process flip has fully completed so that
// the navigation history data will be available when we do browser.goForward();
await BrowserTestUtils.waitForEvent(newTab, "SSTabRestored");
is(browser.frameLoader.remoteTab.osPid, privilegedPid,
"Check that privileged page is still in privileged mozilla content process after history goBack.");
// Check that using the history forward feature switches back to the web content process.
promiseLocation = BrowserTestUtils.waitForLocationChange(gBrowser, TEST_LOW1);
browser.goForward();
await promiseLocation;
// We will need to ensure that the process flip has fully completed so that
// the navigation history data will be available when we do browser.gotoIndex(0);
await BrowserTestUtils.waitForEvent(newTab, "SSTabRestored");
checkBrowserRemoteType(browser, E10SUtils.WEB_REMOTE_TYPE,
"Check that tab runs in the web content process after using history goForward.");
// Check that goto history index does not break the affinity.
promiseLocation = BrowserTestUtils.waitForLocationChange(gBrowser, TEST_HIGH1);
browser.gotoIndex(0);
await promiseLocation;
is(browser.frameLoader.remoteTab.osPid, privilegedPid,
"Check that privileged page is in privileged mozilla content process after history gotoIndex.");
BrowserTestUtils.loadURI(browser, TEST_LOW2);
await BrowserTestUtils.browserLoaded(browser, false, TEST_LOW2);
checkBrowserRemoteType(browser, E10SUtils.WEB_REMOTE_TYPE);
// Check that location change causes a change in process type as well.
await ContentTask.spawn(browser, TEST_HIGH1, uri => {
content.location = uri;
});
await BrowserTestUtils.browserLoaded(browser, false, TEST_HIGH1);
is(browser.frameLoader.remoteTab.osPid, privilegedPid,
"Check that privileged page is in privileged mozilla content process after location change.");
});
Services.ppmm.releaseCachedProcesses();
});

0
browser/base/content/test/general/file_about_child.html → browser/base/content/test/tabs/file_about_child.html
View file

0
browser/base/content/test/general/file_about_parent.html → browser/base/content/test/tabs/file_about_parent.html
View file

77
browser/base/content/test/tabs/head.js
View file

@ -189,3 +189,80 @@ async function dragAndDrop(tab1, tab2, copy, destWindow = window) {
function getUrl(tab) {
return tab.linkedBrowser.currentURI.spec;
}
/**
* Takes a xul:browser and makes sure that the remoteTypes for the browser in
* both the parent and the child processes are the same.
*
* @param {xul:browser} browser
* A xul:browser.
* @param {string} expectedRemoteType
* The expected remoteType value for the browser in both the parent
* and child processes.
* @param {optional string} message
* If provided, shows this string as the message when remoteType values
* do not match. If not present, it uses the default message defined
* in the function parameters.
*/
function checkBrowserRemoteType(
browser,
expectedRemoteType,
message = `Ensures that tab runs in the ${expectedRemoteType} content process.`
) {
// Check both parent and child to ensure that they have the correct remoteType.
is(browser.remoteType, expectedRemoteType, message);
is(browser.messageManager.remoteType, expectedRemoteType,
"Parent and child process should agree on the remote type.");
}
function test_url_for_process_types(url, chromeResult, webContentResult, privilegedAboutContentResult, privilegedMozillaContentResult, extensionProcessResult) {
const CHROME_PROCESS = E10SUtils.NOT_REMOTE;
const WEB_CONTENT_PROCESS = E10SUtils.WEB_REMOTE_TYPE;
const PRIVILEGEDABOUT_CONTENT_PROCESS = E10SUtils.PRIVILEGEDABOUT_REMOTE_TYPE;
const PRIVILEGEDMOZILLA_CONTENT_PROCESS = E10SUtils.PRIVILEGEDMOZILLA_REMOTE_TYPE;
const EXTENSION_PROCESS = E10SUtils.EXTENSION_REMOTE_TYPE;
is(E10SUtils.canLoadURIInRemoteType(url, /* fission */ false, CHROME_PROCESS),
chromeResult, "Check URL in chrome process.");
is(E10SUtils.canLoadURIInRemoteType(url, /* fission */ false, WEB_CONTENT_PROCESS),
webContentResult, "Check URL in web content process.");
is(E10SUtils.canLoadURIInRemoteType(url, /* fission */ false, PRIVILEGEDABOUT_CONTENT_PROCESS),
privilegedAboutContentResult, "Check URL in privileged about content process.");
is(E10SUtils.canLoadURIInRemoteType(url, /* fission */ false, PRIVILEGEDMOZILLA_CONTENT_PROCESS),
privilegedMozillaContentResult, "Check URL in privileged mozilla content process.");
is(E10SUtils.canLoadURIInRemoteType(url, /* fission */ false, EXTENSION_PROCESS),
extensionProcessResult, "Check URL in extension process.");
is(E10SUtils.canLoadURIInRemoteType(url + "#foo", /* fission */ false, CHROME_PROCESS),
chromeResult, "Check URL with ref in chrome process.");
is(E10SUtils.canLoadURIInRemoteType(url + "#foo", /* fission */ false, WEB_CONTENT_PROCESS),
webContentResult, "Check URL with ref in web content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "#foo", /* fission */ false, PRIVILEGEDABOUT_CONTENT_PROCESS),
privilegedAboutContentResult, "Check URL with ref in privileged about content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "#foo", /* fission */ false, PRIVILEGEDMOZILLA_CONTENT_PROCESS),
privilegedMozillaContentResult, "Check URL with ref in privileged mozilla content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "#foo", /* fission */ false, EXTENSION_PROCESS),
extensionProcessResult, "Check URL with ref in extension process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo", /* fission */ false, CHROME_PROCESS),
chromeResult, "Check URL with query in chrome process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo", /* fission */ false, WEB_CONTENT_PROCESS),
webContentResult, "Check URL with query in web content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo", /* fission */ false, PRIVILEGEDABOUT_CONTENT_PROCESS),
privilegedAboutContentResult, "Check URL with query in privileged about content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo", /* fission */ false, PRIVILEGEDMOZILLA_CONTENT_PROCESS),
privilegedMozillaContentResult, "Check URL with query in privileged mozilla content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo", /* fission */ false, EXTENSION_PROCESS),
extensionProcessResult, "Check URL with query in extension process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo#bar", /* fission */ false, CHROME_PROCESS),
chromeResult, "Check URL with query and ref in chrome process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo#bar", /* fission */ false, WEB_CONTENT_PROCESS),
webContentResult, "Check URL with query and ref in web content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo#bar", /* fission */ false, PRIVILEGEDABOUT_CONTENT_PROCESS),
privilegedAboutContentResult, "Check URL with query and ref in privileged about content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo#bar", /* fission */ false, PRIVILEGEDMOZILLA_CONTENT_PROCESS),
privilegedMozillaContentResult, "Check URL with query and ref in privileged mozilla content process.");
is(E10SUtils.canLoadURIInRemoteType(url + "?foo#bar", /* fission */ false, EXTENSION_PROCESS),
extensionProcessResult, "Check URL with query and ref in extension process.");
}

6
browser/base/content/test/general/test_process_flags_chrome.html → browser/base/content/test/tabs/test_process_flags_chrome.html
View file

@ -3,8 +3,8 @@
<html>
<body>
<p>chrome: test page</p>
<p><a href="chrome://mochitests/content/browser/browser/base/content/test/general/test_process_flags_chrome.html">chrome</a></p>
<p><a href="chrome://mochitests-any/content/browser/browser/base/content/test/general/test_process_flags_chrome.html">canremote</a></p>
<p><a href="chrome://mochitests-content/content/browser/browser/base/content/test/general/test_process_flags_chrome.html">mustremote</a></p>
<p><a href="chrome://mochitests/content/browser/browser/base/content/test/tabs/test_process_flags_chrome.html">chrome</a></p>
<p><a href="chrome://mochitests-any/content/browser/browser/base/content/test/tabs/test_process_flags_chrome.html">canremote</a></p>
<p><a href="chrome://mochitests-content/content/browser/browser/base/content/test/tabs/test_process_flags_chrome.html">mustremote</a></p>
</body>
</html>

1
dom/ipc/ContentParent.h
View file

@ -53,6 +53,7 @@
#define FILE_REMOTE_TYPE "file"
#define EXTENSION_REMOTE_TYPE "extension"
#define PRIVILEGEDABOUT_REMOTE_TYPE "privilegedabout"
#define PRIVILEGEDMOZILLA_REMOTE_TYPE "privilegedmozilla"
// This must start with the DEFAULT_REMOTE_TYPE above.
#define LARGE_ALLOCATION_REMOTE_TYPE "webLargeAllocation"

1
mobile/android/app/mobile.js
View file

@ -861,3 +861,4 @@ pref("extensions.systemAddon.update.url", "https://aus5.mozilla.org/update/3/Sys
pref("browser.tabs.remote.separateFileUriProcess", false);
pref("browser.tabs.remote.allowLinkedWebInFileUriProcess", true);
pref("browser.tabs.remote.separatePrivilegedContentProcess", false);
pref("browser.tabs.remote.separatePrivilegedMozillaWebContentProcess", false);

12
modules/libpref/init/all.js
View file

@ -3351,6 +3351,10 @@ pref("dom.ipc.processCount.extension", 1);
// The privileged about process only supports a single content process.
pref("dom.ipc.processCount.privilegedabout", 1);
// Limit the privileged mozilla process to a single instance only
// to avoid multiple of these content processes
pref("dom.ipc.processCount.privilegedmozilla", 1);
// Keep a single privileged about process alive for performance reasons.
// e.g. we do not want to throw content processes out every time we navigate
// away from about:newtab.
@ -3391,6 +3395,14 @@ pref("browser.tabs.remote.allowLinkedWebInFileUriProcess", true);
// types of privileged content processes, each with different privileges.
pref("browser.tabs.remote.separatePrivilegedContentProcess", false);
// Pref to control whether we use a separate privileged content process
// for certain mozilla webpages (which are listed in the following pref).
pref("browser.tabs.remote.separatePrivilegedMozillaWebContentProcess", false);
// The domains we will isolate into the Mozilla Content Process. Comma-separated
// full domains: any subdomains of the domains listed will also be allowed.
pref("browser.tabs.remote.separatedMozillaDomains", "addons.mozilla.org,accounts.firefox.com");
// When this pref is enabled top level loads with a mismatched
// Cross-Origin-Opener-Policy header will be loaded in a separate process.
pref("browser.tabs.remote.useCrossOriginOpenerPolicy", false);

6
toolkit/locales/en-US/toolkit/global/processTypes.ftl
View file

@ -4,10 +4,14 @@
process-type-web = Web Content
# process used to run privileged pages,
# process used to run privileged about pages,
# such as about:home
process-type-privilegedabout = Privileged About
# process used to run privileged mozilla pages,
# such as accounts.firefox.com
process-type-privilegedmozilla = Privileged Mozilla Content
process-type-extension = Extension
# process used to open file:// URLs

17
toolkit/modules/E10SUtils.jsm
View file

@ -15,6 +15,11 @@ XPCOMUtils.defineLazyPreferenceGetter(this, "allowLinkedWebInFileUriProcess",
"browser.tabs.remote.allowLinkedWebInFileUriProcess", false);
XPCOMUtils.defineLazyPreferenceGetter(this, "useSeparatePrivilegedAboutContentProcess",
"browser.tabs.remote.separatePrivilegedContentProcess", false);
XPCOMUtils.defineLazyPreferenceGetter(this, "separatePrivilegedMozillaWebContentProcess",
"browser.tabs.remote.separatePrivilegedMozillaWebContentProcess", false);
XPCOMUtils.defineLazyPreferenceGetter(this, "separatedMozillaDomains",
"browser.tabs.remote.separatedMozillaDomains", false,
false, val => val.split(","));
XPCOMUtils.defineLazyPreferenceGetter(this, "useHttpResponseProcessSelection",
"browser.tabs.remote.useHTTPResponseProcessSelection", false);
XPCOMUtils.defineLazyPreferenceGetter(this, "useCrossOriginOpenerPolicy",
@ -47,12 +52,23 @@ const WEB_REMOTE_TYPE = "web";
const FILE_REMOTE_TYPE = "file";
const EXTENSION_REMOTE_TYPE = "extension";
const PRIVILEGEDABOUT_REMOTE_TYPE = "privilegedabout";
const PRIVILEGEDMOZILLA_REMOTE_TYPE = "privilegedmozilla";
// This must start with the WEB_REMOTE_TYPE above.
const LARGE_ALLOCATION_REMOTE_TYPE = "webLargeAllocation";
const DEFAULT_REMOTE_TYPE = WEB_REMOTE_TYPE;
function validatedWebRemoteType(aPreferredRemoteType, aTargetUri, aCurrentUri, aRemoteSubframes) {
// To load into the Privileged Mozilla Content Process you must be https,
// and be an exact match or a subdomain of an allowlisted domain.
if (separatePrivilegedMozillaWebContentProcess &&
aTargetUri.asciiHost && aTargetUri.scheme == "https" &&
separatedMozillaDomains.some(function(val) {
return aTargetUri.asciiHost == val || aTargetUri.asciiHost.endsWith("." + val);
})) {
return PRIVILEGEDMOZILLA_REMOTE_TYPE;
}
// If the domain is whitelisted to allow it to use file:// URIs, then we have
// to run it in a file content process, in case it uses file:// sub-resources.
const sm = Services.scriptSecurityManager;
@ -104,6 +120,7 @@ var E10SUtils = {
FILE_REMOTE_TYPE,
EXTENSION_REMOTE_TYPE,
PRIVILEGEDABOUT_REMOTE_TYPE,
PRIVILEGEDMOZILLA_REMOTE_TYPE,
LARGE_ALLOCATION_REMOTE_TYPE,
useHttpResponseProcessSelection() {