commit 30a070eefe4c881a1804690b8983db2911c2c99b Author: Rob Wu rob@robwu.nl Date: Mon Mar 25 21:16:49 2019 +0000
Bug 1532530 - Avoid loss of upload data by webRequest API r=kmag a=lizzard
When an extension requests access to the request body of a request, `nsConverterInputStream` is used to parse the input streams that make up a request body. These input streams are later (re)used to upload the form data to the original destination (server).
`nsConverterInputStream`'s destructor does however close the input streams, which results in data loss when the object is garbage-collected before the upload completes.
This patch fixes the issue by explicitly nulling the underlying stream before returning from the form parser.
Differential Revision: https://phabricator.services.mozilla.com/D24539
--HG-- extra : source : 574c141c8dd619a00ffa90fc40c2ba614afb46da extra : intermediate-source : 85efc85e2cf3e5d3e26cfdf8a716bbb9ac3551b5 --- toolkit/modules/addons/WebRequestUpload.jsm | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/toolkit/modules/addons/WebRequestUpload.jsm b/toolkit/modules/addons/WebRequestUpload.jsm index 10770d7ee771..294a394cd93f 100644 --- a/toolkit/modules/addons/WebRequestUpload.jsm +++ b/toolkit/modules/addons/WebRequestUpload.jsm @@ -192,6 +192,7 @@ function parseFormData(stream, channel, lenient = false) { const BUFFER_SIZE = 8192;
let touchedStreams = new Set(); + let converterStreams = [];
/** * Creates a converter input stream from the given raw input stream, @@ -210,10 +211,12 @@ function parseFormData(stream, channel, lenient = false) { }
touchedStreams.add(stream); - return ConverterInputStream( + let converterStream = ConverterInputStream( stream, "UTF-8", 0, lenient ? Ci.nsIConverterInputStream.DEFAULT_REPLACEMENT_CHARACTER : 0); + converterStreams.push(converterStream); + return converterStream; }
/** @@ -382,6 +385,12 @@ function parseFormData(stream, channel, lenient = false) { for (let stream of touchedStreams) { rewind(stream); } + for (let converterStream of converterStreams) { + // Release the reference to the underlying input stream, to prevent the + // destructor of nsConverterInputStream from closing the stream, which + // would cause uploads to break. + converterStream.init(null, null, 0, 0); + } }
return null;