2014-07-10 10:56:37 +04:00
|
|
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
2015-02-13 22:36:47 +03:00
|
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
2014-07-10 10:56:37 +04:00
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
|
|
|
|
|
|
#include "mozilla/LoadInfo.h"
|
|
|
|
|
|
2019-12-11 09:17:44 +03:00
|
|
|
#include "js/Array.h" // JS::NewArrayObject
|
2014-07-10 10:56:37 +04:00
|
|
|
#include "mozilla/Assertions.h"
|
2019-05-22 02:14:27 +03:00
|
|
|
#include "mozilla/ExpandedPrincipal.h"
|
2020-03-01 07:17:05 +03:00
|
|
|
#include "mozilla/dom/CanonicalBrowsingContext.h"
|
2017-11-16 21:15:09 +03:00
|
|
|
#include "mozilla/dom/ClientIPCTypes.h"
|
|
|
|
|
#include "mozilla/dom/ClientSource.h"
|
2019-08-08 03:50:24 +03:00
|
|
|
#include "mozilla/dom/Performance.h"
|
2018-01-24 19:17:31 +03:00
|
|
|
#include "mozilla/dom/PerformanceStorage.h"
|
2019-04-10 01:39:01 +03:00
|
|
|
#include "mozilla/dom/BrowserChild.h"
|
2015-07-20 05:11:03 +03:00
|
|
|
#include "mozilla/dom/ToJSValue.h"
|
2019-01-24 00:06:59 +03:00
|
|
|
#include "mozilla/dom/BrowsingContext.h"
|
2020-03-04 11:59:08 +03:00
|
|
|
#include "mozilla/net/CookieJarSettings.h"
|
2018-07-17 22:37:48 +03:00
|
|
|
#include "mozilla/NullPrincipal.h"
|
2019-07-26 04:10:23 +03:00
|
|
|
#include "mozilla/StaticPrefs_network.h"
|
2020-03-19 03:54:29 +03:00
|
|
|
#include "mozilla/StaticPrefs_security.h"
|
2015-12-01 00:25:29 +03:00
|
|
|
#include "mozIThirdPartyUtil.h"
|
2020-04-15 21:53:06 +03:00
|
|
|
#include "ThirdPartyUtil.h"
|
2015-05-08 22:52:49 +03:00
|
|
|
#include "nsFrameLoader.h"
|
2019-02-16 01:20:53 +03:00
|
|
|
#include "nsFrameLoaderOwner.h"
|
2016-05-31 12:14:00 +03:00
|
|
|
#include "nsIContentSecurityPolicy.h"
|
2015-05-08 22:52:49 +03:00
|
|
|
#include "nsIDocShell.h"
|
2019-01-02 16:05:23 +03:00
|
|
|
#include "mozilla/dom/Document.h"
|
2016-01-09 04:20:50 +03:00
|
|
|
#include "nsIInterfaceRequestorUtils.h"
|
2020-04-10 13:56:57 +03:00
|
|
|
#include "nsIScriptElement.h"
|
2014-07-10 10:56:37 +04:00
|
|
|
#include "nsISupportsImpl.h"
|
|
|
|
|
#include "nsISupportsUtils.h"
|
2018-09-06 17:01:58 +03:00
|
|
|
#include "nsIXPConnect.h"
|
2016-04-14 02:30:16 +03:00
|
|
|
#include "nsDocShell.h"
|
2015-12-01 00:25:29 +03:00
|
|
|
#include "nsGlobalWindow.h"
|
2018-03-04 17:33:33 +03:00
|
|
|
#include "nsMixedContentBlocker.h"
|
2019-02-16 01:20:53 +03:00
|
|
|
#include "nsQueryObject.h"
|
2017-05-25 20:42:00 +03:00
|
|
|
#include "nsRedirectHistoryEntry.h"
|
2018-10-25 11:44:12 +03:00
|
|
|
#include "nsSandboxFlags.h"
|
2020-04-15 21:53:06 +03:00
|
|
|
#include "nsICookieService.h"
|
2014-07-10 10:56:37 +04:00
|
|
|
|
2016-01-09 04:20:50 +03:00
|
|
|
using namespace mozilla::dom;
|
|
|
|
|
|
2014-07-10 10:56:37 +04:00
|
|
|
namespace mozilla {
|
2016-05-19 05:02:57 +03:00
|
|
|
namespace net {
|
2014-07-10 10:56:37 +04:00
|
|
|
|
2020-06-05 03:39:30 +03:00
|
|
|
static nsContentPolicyType InternalContentPolicyTypeForFrame(
|
|
|
|
|
CanonicalBrowsingContext* aBrowsingContext) {
|
|
|
|
|
const auto& maybeEmbedderElementType =
|
|
|
|
|
aBrowsingContext->GetEmbedderElementType();
|
|
|
|
|
MOZ_ASSERT(maybeEmbedderElementType.isSome());
|
|
|
|
|
auto embedderElementType = maybeEmbedderElementType.value();
|
|
|
|
|
|
|
|
|
|
// Assign same type as in nsDocShell::DetermineContentType.
|
|
|
|
|
// N.B. internal content policy type will never be TYPE_DOCUMENT
|
|
|
|
|
return embedderElementType.EqualsLiteral("iframe")
|
|
|
|
|
? nsIContentPolicy::TYPE_INTERNAL_IFRAME
|
|
|
|
|
: nsIContentPolicy::TYPE_INTERNAL_FRAME;
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-21 04:01:00 +03:00
|
|
|
/* static */ already_AddRefed<LoadInfo> LoadInfo::CreateForDocument(
|
|
|
|
|
dom::CanonicalBrowsingContext* aBrowsingContext,
|
|
|
|
|
nsIPrincipal* aTriggeringPrincipal,
|
|
|
|
|
const OriginAttributes& aOriginAttributes, nsSecurityFlags aSecurityFlags,
|
|
|
|
|
uint32_t aSandboxFlags) {
|
|
|
|
|
return MakeAndAddRef<LoadInfo>(aBrowsingContext, aTriggeringPrincipal,
|
|
|
|
|
aOriginAttributes, aSecurityFlags,
|
|
|
|
|
aSandboxFlags);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* static */ already_AddRefed<LoadInfo> LoadInfo::CreateForFrame(
|
|
|
|
|
dom::CanonicalBrowsingContext* aBrowsingContext,
|
|
|
|
|
nsIPrincipal* aTriggeringPrincipal, nsSecurityFlags aSecurityFlags,
|
|
|
|
|
uint32_t aSandboxFlags) {
|
|
|
|
|
return MakeAndAddRef<LoadInfo>(aBrowsingContext, aTriggeringPrincipal,
|
|
|
|
|
aSecurityFlags, aSandboxFlags);
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-21 04:01:05 +03:00
|
|
|
/* static */ already_AddRefed<LoadInfo> LoadInfo::CreateForNonDocument(
|
|
|
|
|
dom::WindowGlobalParent* aParentWGP, nsIPrincipal* aTriggeringPrincipal,
|
|
|
|
|
nsContentPolicyType aContentPolicyType, nsSecurityFlags aSecurityFlags,
|
|
|
|
|
uint32_t aSandboxFlags) {
|
|
|
|
|
return MakeAndAddRef<LoadInfo>(aParentWGP, aTriggeringPrincipal,
|
|
|
|
|
aContentPolicyType, aSecurityFlags,
|
|
|
|
|
aSandboxFlags);
|
|
|
|
|
}
|
|
|
|
|
|
2014-11-14 19:55:59 +03:00
|
|
|
LoadInfo::LoadInfo(
|
|
|
|
|
nsIPrincipal* aLoadingPrincipal, nsIPrincipal* aTriggeringPrincipal,
|
2014-07-17 00:16:12 +04:00
|
|
|
nsINode* aLoadingContext, nsSecurityFlags aSecurityFlags,
|
2018-01-23 18:38:54 +03:00
|
|
|
nsContentPolicyType aContentPolicyType,
|
|
|
|
|
const Maybe<mozilla::dom::ClientInfo>& aLoadingClientInfo,
|
2020-01-15 11:02:57 +03:00
|
|
|
const Maybe<mozilla::dom::ServiceWorkerDescriptor>& aController,
|
|
|
|
|
uint32_t aSandboxFlags)
|
2014-12-11 02:36:03 +03:00
|
|
|
: mLoadingPrincipal(aLoadingContext ? aLoadingContext->NodePrincipal()
|
|
|
|
|
: aLoadingPrincipal),
|
2014-11-14 19:55:59 +03:00
|
|
|
mTriggeringPrincipal(aTriggeringPrincipal ? aTriggeringPrincipal
|
2014-12-11 02:36:03 +03:00
|
|
|
: mLoadingPrincipal.get()),
|
2018-01-23 18:38:54 +03:00
|
|
|
mClientInfo(aLoadingClientInfo),
|
|
|
|
|
mController(aController),
|
2014-07-17 00:16:12 +04:00
|
|
|
mLoadingContext(do_GetWeakReference(aLoadingContext)),
|
|
|
|
|
mSecurityFlags(aSecurityFlags),
|
2020-01-15 11:02:57 +03:00
|
|
|
mSandboxFlags(aSandboxFlags),
|
2020-07-29 14:43:23 +03:00
|
|
|
mTriggeringSandboxFlags(0),
|
2020-07-21 04:00:53 +03:00
|
|
|
mInternalContentPolicyType(aContentPolicyType) {
|
2014-12-11 02:36:03 +03:00
|
|
|
MOZ_ASSERT(mLoadingPrincipal);
|
2014-11-14 19:55:59 +03:00
|
|
|
MOZ_ASSERT(mTriggeringPrincipal);
|
2016-04-14 02:30:36 +03:00
|
|
|
|
|
|
|
|
#ifdef DEBUG
|
|
|
|
|
// TYPE_DOCUMENT loads initiated by javascript tests will go through
|
|
|
|
|
// nsIOService and use the wrong constructor. Don't enforce the
|
|
|
|
|
// !TYPE_DOCUMENT check in those cases
|
|
|
|
|
bool skipContentTypeCheck = false;
|
|
|
|
|
skipContentTypeCheck =
|
|
|
|
|
Preferences::GetBool("network.loadinfo.skip_type_assertion");
|
|
|
|
|
#endif
|
|
|
|
|
|
2016-04-14 02:30:16 +03:00
|
|
|
// This constructor shouldn't be used for TYPE_DOCUMENT loads that don't
|
|
|
|
|
// have a loadingPrincipal
|
2018-03-29 13:16:23 +03:00
|
|
|
MOZ_ASSERT(skipContentTypeCheck || mLoadingPrincipal ||
|
2016-04-14 02:30:36 +03:00
|
|
|
mInternalContentPolicyType != nsIContentPolicy::TYPE_DOCUMENT);
|
2014-12-11 02:36:03 +03:00
|
|
|
|
2018-01-23 18:38:54 +03:00
|
|
|
// We should only get an explicit controller for subresource requests.
|
|
|
|
|
MOZ_DIAGNOSTIC_ASSERT(aController.isNothing() ||
|
|
|
|
|
!nsContentUtils::IsNonSubresourceInternalPolicyType(
|
|
|
|
|
mInternalContentPolicyType));
|
|
|
|
|
|
2016-03-26 00:47:31 +03:00
|
|
|
// TODO(bug 1259873): Above, we initialize mIsThirdPartyContext to false
|
|
|
|
|
// meaning that consumers of LoadInfo that don't pass a context or pass a
|
|
|
|
|
// context from which we can't find a window will default to assuming that
|
|
|
|
|
// they're 1st party. It would be nice if we could default "safe" and assume
|
|
|
|
|
// that we are 3rd party until proven otherwise.
|
|
|
|
|
|
2014-12-11 02:36:03 +03:00
|
|
|
// if consumers pass both, aLoadingContext and aLoadingPrincipal
|
|
|
|
|
// then the loadingPrincipal must be the same as the node's principal
|
|
|
|
|
MOZ_ASSERT(!aLoadingContext || !aLoadingPrincipal ||
|
|
|
|
|
aLoadingContext->NodePrincipal() == aLoadingPrincipal);
|
|
|
|
|
|
2014-07-17 00:16:12 +04:00
|
|
|
// if the load is sandboxed, we can not also inherit the principal
|
2020-01-15 11:02:57 +03:00
|
|
|
if (mSandboxFlags & SANDBOXED_ORIGIN) {
|
2017-01-10 22:46:30 +03:00
|
|
|
mForceInheritPrincipalDropped =
|
|
|
|
|
(mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
|
|
|
|
|
mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
|
2014-07-17 00:16:12 +04:00
|
|
|
}
|
2015-05-08 22:52:49 +03:00
|
|
|
|
2018-10-25 11:44:12 +03:00
|
|
|
uint32_t externalType =
|
|
|
|
|
nsContentUtils::InternalContentPolicyTypeToExternal(aContentPolicyType);
|
|
|
|
|
|
2015-05-08 22:52:49 +03:00
|
|
|
if (aLoadingContext) {
|
2017-11-21 23:13:05 +03:00
|
|
|
// Ensure that all network requests for a window client have the ClientInfo
|
2018-01-23 18:38:54 +03:00
|
|
|
// properly set. Workers must currently pass the loading ClientInfo
|
|
|
|
|
// explicitly. We allow main thread requests to explicitly pass the value as
|
|
|
|
|
// well.
|
|
|
|
|
if (mClientInfo.isNothing()) {
|
|
|
|
|
mClientInfo = aLoadingContext->OwnerDoc()->GetClientInfo();
|
|
|
|
|
}
|
2017-11-21 23:13:05 +03:00
|
|
|
|
2018-01-23 18:38:52 +03:00
|
|
|
// For subresource loads set the service worker based on the calling
|
2018-01-23 18:38:54 +03:00
|
|
|
// context's controller. Workers must currently pass the controller in
|
|
|
|
|
// explicitly. We allow main thread requests to explicitly pass the value
|
|
|
|
|
// as well, but otherwise extract from the loading context here.
|
|
|
|
|
if (mController.isNothing() &&
|
|
|
|
|
!nsContentUtils::IsNonSubresourceInternalPolicyType(
|
|
|
|
|
mInternalContentPolicyType)) {
|
2018-01-23 18:38:52 +03:00
|
|
|
mController = aLoadingContext->OwnerDoc()->GetController();
|
|
|
|
|
}
|
|
|
|
|
|
2016-03-12 07:28:00 +03:00
|
|
|
nsCOMPtr<nsPIDOMWindowOuter> contextOuter =
|
|
|
|
|
aLoadingContext->OwnerDoc()->GetWindow();
|
|
|
|
|
if (contextOuter) {
|
|
|
|
|
ComputeIsThirdPartyContext(contextOuter);
|
2019-01-24 00:06:59 +03:00
|
|
|
RefPtr<dom::BrowsingContext> bc = contextOuter->GetBrowsingContext();
|
2020-06-17 21:01:00 +03:00
|
|
|
MOZ_ASSERT(bc);
|
|
|
|
|
mBrowsingContextID = bc->Id();
|
2018-07-10 11:09:59 +03:00
|
|
|
|
|
|
|
|
nsGlobalWindowInner* innerWindow =
|
|
|
|
|
nsGlobalWindowInner::Cast(contextOuter->GetCurrentInnerWindow());
|
|
|
|
|
if (innerWindow) {
|
2019-10-24 15:57:21 +03:00
|
|
|
mTopLevelPrincipal = innerWindow->GetTopLevelAntiTrackingPrincipal();
|
2018-10-25 11:44:12 +03:00
|
|
|
|
|
|
|
|
// The top-level-storage-area-principal is not null only for the first
|
|
|
|
|
// level of iframes (null for top-level contexts, and null for
|
|
|
|
|
// sub-iframes). If we are loading a sub-document resource, we must
|
|
|
|
|
// calculate what the top-level-storage-area-principal will be for the
|
|
|
|
|
// new context.
|
|
|
|
|
if (externalType != nsIContentPolicy::TYPE_SUBDOCUMENT) {
|
|
|
|
|
mTopLevelStorageAreaPrincipal =
|
|
|
|
|
innerWindow->GetTopLevelStorageAreaPrincipal();
|
2020-06-17 21:01:00 +03:00
|
|
|
} else if (bc->IsTop()) {
|
2019-01-02 16:05:23 +03:00
|
|
|
Document* doc = innerWindow->GetExtantDoc();
|
2019-08-06 23:07:21 +03:00
|
|
|
if (!doc || (!doc->StorageAccessSandboxed())) {
|
2018-10-25 11:44:12 +03:00
|
|
|
mTopLevelStorageAreaPrincipal = innerWindow->GetPrincipal();
|
|
|
|
|
}
|
2019-04-12 08:31:32 +03:00
|
|
|
|
|
|
|
|
// If this is the first level iframe, innerWindow is our top-level
|
|
|
|
|
// principal.
|
|
|
|
|
if (!mTopLevelPrincipal) {
|
|
|
|
|
mTopLevelPrincipal = innerWindow->GetPrincipal();
|
|
|
|
|
}
|
2018-10-25 11:44:12 +03:00
|
|
|
}
|
|
|
|
|
|
2018-09-28 22:12:10 +03:00
|
|
|
mDocumentHasLoaded = innerWindow->IsDocumentLoaded();
|
|
|
|
|
|
2020-06-17 21:01:02 +03:00
|
|
|
if (bc->IsFrame()) {
|
2018-09-28 22:12:10 +03:00
|
|
|
// For resources within iframes, we actually want the
|
|
|
|
|
// top-level document's flag, not the iframe document's.
|
|
|
|
|
mDocumentHasLoaded = false;
|
2020-06-17 21:01:02 +03:00
|
|
|
// FIXME: This is not Fission-compatible. The flag needs to be moved
|
|
|
|
|
// from the document to the WindowContext, and the check updated
|
|
|
|
|
// accordingly.
|
2018-09-28 22:12:10 +03:00
|
|
|
nsGlobalWindowOuter* topOuter =
|
2019-07-26 19:48:31 +03:00
|
|
|
innerWindow->GetInProcessScriptableTopInternal();
|
2018-09-28 22:12:10 +03:00
|
|
|
if (topOuter) {
|
|
|
|
|
nsGlobalWindowInner* topInner =
|
|
|
|
|
nsGlobalWindowInner::Cast(topOuter->GetCurrentInnerWindow());
|
|
|
|
|
if (topInner) {
|
|
|
|
|
mDocumentHasLoaded = topInner->IsDocumentLoaded();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2018-07-10 11:09:59 +03:00
|
|
|
}
|
2019-03-08 12:00:06 +03:00
|
|
|
|
|
|
|
|
// Let's inherit the cookie behavior and permission from the parent
|
|
|
|
|
// document.
|
2020-03-04 11:59:08 +03:00
|
|
|
mCookieJarSettings = aLoadingContext->OwnerDoc()->CookieJarSettings();
|
2016-03-12 07:28:00 +03:00
|
|
|
}
|
|
|
|
|
|
2016-06-27 03:42:00 +03:00
|
|
|
mInnerWindowID = aLoadingContext->OwnerDoc()->InnerWindowID();
|
2020-05-19 15:50:39 +03:00
|
|
|
RefPtr<WindowContext> ctx = WindowContext::GetById(mInnerWindowID);
|
|
|
|
|
if (ctx) {
|
|
|
|
|
mLoadingEmbedderPolicy = ctx->GetEmbedderPolicy();
|
|
|
|
|
}
|
2018-08-31 14:21:17 +03:00
|
|
|
mDocumentHasUserInteracted =
|
|
|
|
|
aLoadingContext->OwnerDoc()->UserHasInteracted();
|
2015-05-08 22:52:49 +03:00
|
|
|
|
2020-05-26 14:45:21 +03:00
|
|
|
// Inherit HTTPS-Only Mode flags from parent document
|
|
|
|
|
mHttpsOnlyStatus |= aLoadingContext->OwnerDoc()->HttpsOnlyStatus();
|
|
|
|
|
|
2015-05-08 22:52:49 +03:00
|
|
|
// When the element being loaded is a frame, we choose the frame's window
|
|
|
|
|
// for the window ID and the frame element's window as the parent
|
|
|
|
|
// window. This is the behavior that Chrome exposes to add-ons.
|
2016-03-12 07:28:00 +03:00
|
|
|
// NB: If the frameLoaderOwner doesn't have a frame loader, then the load
|
|
|
|
|
// must be coming from an object (such as a plugin) that's loaded into it
|
|
|
|
|
// instead of a document being loaded. In that case, treat this object like
|
|
|
|
|
// any other non-document-loading element.
|
2019-02-16 01:20:53 +03:00
|
|
|
RefPtr<nsFrameLoaderOwner> frameLoaderOwner =
|
|
|
|
|
do_QueryObject(aLoadingContext);
|
2018-03-22 05:43:15 +03:00
|
|
|
RefPtr<nsFrameLoader> fl =
|
2016-03-12 07:28:00 +03:00
|
|
|
frameLoaderOwner ? frameLoaderOwner->GetFrameLoader() : nullptr;
|
|
|
|
|
if (fl) {
|
2018-03-22 05:43:15 +03:00
|
|
|
nsCOMPtr<nsIDocShell> docShell = fl->GetDocShell(IgnoreErrors());
|
|
|
|
|
if (docShell) {
|
2016-06-27 03:42:00 +03:00
|
|
|
nsCOMPtr<nsPIDOMWindowOuter> outerWindow = do_GetInterface(docShell);
|
|
|
|
|
if (outerWindow) {
|
2019-02-15 22:49:04 +03:00
|
|
|
RefPtr<dom::BrowsingContext> bc = outerWindow->GetBrowsingContext();
|
|
|
|
|
mFrameBrowsingContextID = bc ? bc->Id() : 0;
|
2016-06-27 03:42:00 +03:00
|
|
|
}
|
2015-05-08 22:52:49 +03:00
|
|
|
}
|
|
|
|
|
}
|
2015-07-10 23:57:55 +03:00
|
|
|
|
2019-10-01 00:33:28 +03:00
|
|
|
// if the document forces all mixed content to be blocked, then we
|
|
|
|
|
// store that bit for all requests on the loadinfo.
|
|
|
|
|
mBlockAllMixedContent =
|
|
|
|
|
aLoadingContext->OwnerDoc()->GetBlockAllMixedContent(false) ||
|
|
|
|
|
(nsContentUtils::IsPreloadType(mInternalContentPolicyType) &&
|
|
|
|
|
aLoadingContext->OwnerDoc()->GetBlockAllMixedContent(true));
|
|
|
|
|
|
2016-01-14 23:38:15 +03:00
|
|
|
// if the document forces all requests to be upgraded from http to https,
|
|
|
|
|
// then we should do that for all requests. If it only forces preloads to be
|
|
|
|
|
// upgraded then we should enforce upgrade insecure requests only for
|
|
|
|
|
// preloads.
|
|
|
|
|
mUpgradeInsecureRequests =
|
|
|
|
|
aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(false) ||
|
|
|
|
|
(nsContentUtils::IsPreloadType(mInternalContentPolicyType) &&
|
|
|
|
|
aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(true));
|
2016-03-16 06:13:26 +03:00
|
|
|
|
2018-02-05 18:37:27 +03:00
|
|
|
if (nsContentUtils::IsUpgradableDisplayType(externalType)) {
|
2019-09-26 13:47:16 +03:00
|
|
|
if (mLoadingPrincipal->SchemeIs("https")) {
|
2020-03-19 03:54:29 +03:00
|
|
|
if (StaticPrefs::security_mixed_content_upgrade_display_content()) {
|
2019-09-26 13:47:16 +03:00
|
|
|
mBrowserUpgradeInsecureRequests = true;
|
|
|
|
|
} else {
|
|
|
|
|
mBrowserWouldUpgradeInsecureRequests = true;
|
2018-02-05 18:37:27 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2015-05-08 22:52:49 +03:00
|
|
|
}
|
2017-03-08 09:41:51 +03:00
|
|
|
mOriginAttributes = mLoadingPrincipal->OriginAttributesRef();
|
2016-08-31 00:54:58 +03:00
|
|
|
|
|
|
|
|
// We need to do this after inheriting the document's origin attributes
|
|
|
|
|
// above, in case the loading principal ends up being the system principal.
|
|
|
|
|
if (aLoadingContext) {
|
|
|
|
|
nsCOMPtr<nsILoadContext> loadContext =
|
|
|
|
|
aLoadingContext->OwnerDoc()->GetLoadContext();
|
|
|
|
|
nsCOMPtr<nsIDocShell> docShell = aLoadingContext->OwnerDoc()->GetDocShell();
|
|
|
|
|
if (loadContext && docShell &&
|
2019-12-17 00:15:13 +03:00
|
|
|
docShell->GetBrowsingContext()->IsContent()) {
|
2016-08-31 00:54:58 +03:00
|
|
|
bool usePrivateBrowsing;
|
|
|
|
|
nsresult rv = loadContext->GetUsePrivateBrowsing(&usePrivateBrowsing);
|
|
|
|
|
if (NS_SUCCEEDED(rv)) {
|
|
|
|
|
mOriginAttributes.SyncAttributesWithPrivateBrowsing(usePrivateBrowsing);
|
2016-04-13 11:22:49 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-04 09:05:38 +03:00
|
|
|
// For chrome docshell, the mPrivateBrowsingId remains 0 even its
|
|
|
|
|
// UsePrivateBrowsing() is true, so we only update the mPrivateBrowsingId in
|
|
|
|
|
// origin attributes if the type of the docshell is content.
|
|
|
|
|
if (aLoadingContext) {
|
|
|
|
|
nsCOMPtr<nsIDocShell> docShell = aLoadingContext->OwnerDoc()->GetDocShell();
|
|
|
|
|
if (docShell) {
|
2019-12-17 00:15:13 +03:00
|
|
|
if (docShell->GetBrowsingContext()->IsChrome()) {
|
2016-08-04 09:05:38 +03:00
|
|
|
MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0,
|
|
|
|
|
"chrome docshell shouldn't have mPrivateBrowsingId set.");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-04-10 13:56:57 +03:00
|
|
|
|
|
|
|
|
// in case this is a loadinfo for a parser generated script, then we store
|
|
|
|
|
// that bit of information so CSP strict-dynamic can query it.
|
|
|
|
|
if (!nsContentUtils::IsPreloadType(mInternalContentPolicyType)) {
|
|
|
|
|
nsCOMPtr<nsIScriptElement> script = do_QueryInterface(aLoadingContext);
|
|
|
|
|
if (script && script->GetParserCreated() != mozilla::dom::NOT_FROM_PARSER) {
|
|
|
|
|
mParserCreatedScript = true;
|
|
|
|
|
}
|
|
|
|
|
}
|
2016-03-04 19:54:07 +03:00
|
|
|
}
|
|
|
|
|
|
2016-04-14 02:30:16 +03:00
|
|
|
/* Constructor takes an outer window, but no loadingNode or loadingPrincipal.
|
|
|
|
|
* This constructor should only be used for TYPE_DOCUMENT loads, since they
|
|
|
|
|
* have a null loadingNode and loadingPrincipal.
|
|
|
|
|
*/
|
2016-03-04 19:54:07 +03:00
|
|
|
LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow,
|
|
|
|
|
nsIPrincipal* aTriggeringPrincipal,
|
2017-09-05 19:01:07 +03:00
|
|
|
nsISupports* aContextForTopLevelLoad,
|
2020-01-15 11:02:57 +03:00
|
|
|
nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags)
|
2020-07-21 04:00:53 +03:00
|
|
|
: mTriggeringPrincipal(aTriggeringPrincipal),
|
2017-09-05 19:01:07 +03:00
|
|
|
mContextForTopLevelLoad(do_GetWeakReference(aContextForTopLevelLoad)),
|
2016-03-04 19:54:07 +03:00
|
|
|
mSecurityFlags(aSecurityFlags),
|
2020-01-15 11:02:57 +03:00
|
|
|
mSandboxFlags(aSandboxFlags),
|
2020-07-29 14:43:23 +03:00
|
|
|
mTriggeringSandboxFlags(0),
|
2020-07-21 04:00:53 +03:00
|
|
|
mInternalContentPolicyType(nsIContentPolicy::TYPE_DOCUMENT) {
|
2016-03-04 19:54:07 +03:00
|
|
|
// Top-level loads are never third-party
|
|
|
|
|
// Grab the information we can out of the window.
|
|
|
|
|
MOZ_ASSERT(aOuterWindow);
|
2016-04-14 02:30:16 +03:00
|
|
|
MOZ_ASSERT(mTriggeringPrincipal);
|
2016-03-04 19:54:07 +03:00
|
|
|
|
|
|
|
|
// if the load is sandboxed, we can not also inherit the principal
|
2020-01-15 11:02:57 +03:00
|
|
|
if (mSandboxFlags & SANDBOXED_ORIGIN) {
|
2017-01-10 22:46:30 +03:00
|
|
|
mForceInheritPrincipalDropped =
|
|
|
|
|
(mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
|
|
|
|
|
mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
|
2016-03-04 19:54:07 +03:00
|
|
|
}
|
|
|
|
|
|
2019-01-24 00:06:59 +03:00
|
|
|
RefPtr<BrowsingContext> bc = aOuterWindow->GetBrowsingContext();
|
|
|
|
|
mBrowsingContextID = bc ? bc->Id() : 0;
|
2016-03-04 19:54:07 +03:00
|
|
|
|
2020-03-04 05:51:49 +03:00
|
|
|
// This should be removed in bug 1618557
|
2018-07-10 11:09:59 +03:00
|
|
|
nsGlobalWindowInner* innerWindow =
|
|
|
|
|
nsGlobalWindowInner::Cast(aOuterWindow->GetCurrentInnerWindow());
|
|
|
|
|
if (innerWindow) {
|
2019-10-24 15:57:21 +03:00
|
|
|
mTopLevelPrincipal = innerWindow->GetTopLevelAntiTrackingPrincipal();
|
2018-10-25 11:44:12 +03:00
|
|
|
// mTopLevelStorageAreaPrincipal is always null for top-level document
|
|
|
|
|
// loading.
|
2018-07-10 11:09:59 +03:00
|
|
|
}
|
|
|
|
|
|
2016-04-14 02:30:16 +03:00
|
|
|
// get the docshell from the outerwindow, and then get the originattributes
|
|
|
|
|
nsCOMPtr<nsIDocShell> docShell = aOuterWindow->GetDocShell();
|
|
|
|
|
MOZ_ASSERT(docShell);
|
2017-03-08 09:41:51 +03:00
|
|
|
mOriginAttributes = nsDocShell::Cast(docShell)->GetOriginAttributes();
|
2020-03-04 05:51:49 +03:00
|
|
|
|
|
|
|
|
// We sometimes use this constructor for security checks for outer windows
|
|
|
|
|
// that aren't top level.
|
|
|
|
|
if (aSecurityFlags != nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK) {
|
2020-06-22 17:26:49 +03:00
|
|
|
MOZ_ASSERT(aOuterWindow->GetBrowsingContext()->IsTop());
|
2020-03-04 05:51:49 +03:00
|
|
|
}
|
2016-08-04 09:05:38 +03:00
|
|
|
|
2017-03-08 09:41:51 +03:00
|
|
|
#ifdef DEBUG
|
2019-12-17 00:15:13 +03:00
|
|
|
if (docShell->GetBrowsingContext()->IsChrome()) {
|
2017-03-08 09:41:51 +03:00
|
|
|
MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0,
|
2016-08-04 09:05:38 +03:00
|
|
|
"chrome docshell shouldn't have mPrivateBrowsingId set.");
|
|
|
|
|
}
|
2017-03-08 09:41:51 +03:00
|
|
|
#endif
|
2019-03-08 12:00:06 +03:00
|
|
|
|
|
|
|
|
// Let's take the current cookie behavior and current cookie permission
|
|
|
|
|
// for the documents' loadInfo. Note that for any other loadInfos,
|
|
|
|
|
// cookieBehavior will be BEHAVIOR_REJECT for security reasons.
|
2020-03-04 11:59:08 +03:00
|
|
|
mCookieJarSettings = CookieJarSettings::Create();
|
2014-07-10 10:56:37 +04:00
|
|
|
}
|
|
|
|
|
|
2020-03-01 07:17:05 +03:00
|
|
|
LoadInfo::LoadInfo(dom::CanonicalBrowsingContext* aBrowsingContext,
|
|
|
|
|
nsIPrincipal* aTriggeringPrincipal,
|
|
|
|
|
const OriginAttributes& aOriginAttributes,
|
2020-07-17 20:13:33 +03:00
|
|
|
nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags)
|
2020-07-21 04:00:53 +03:00
|
|
|
: mTriggeringPrincipal(aTriggeringPrincipal),
|
2020-03-01 07:17:05 +03:00
|
|
|
mSecurityFlags(aSecurityFlags),
|
|
|
|
|
mSandboxFlags(aSandboxFlags),
|
2020-07-29 14:43:23 +03:00
|
|
|
mTriggeringSandboxFlags(0),
|
2020-07-21 04:00:53 +03:00
|
|
|
mInternalContentPolicyType(nsIContentPolicy::TYPE_DOCUMENT) {
|
2020-03-01 07:17:05 +03:00
|
|
|
// Top-level loads are never third-party
|
|
|
|
|
// Grab the information we can out of the window.
|
|
|
|
|
MOZ_ASSERT(aBrowsingContext);
|
|
|
|
|
MOZ_ASSERT(mTriggeringPrincipal);
|
|
|
|
|
MOZ_ASSERT(aSecurityFlags !=
|
|
|
|
|
nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK);
|
|
|
|
|
|
|
|
|
|
// if the load is sandboxed, we can not also inherit the principal
|
|
|
|
|
if (mSandboxFlags & SANDBOXED_ORIGIN) {
|
|
|
|
|
mForceInheritPrincipalDropped =
|
|
|
|
|
(mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
|
|
|
|
|
mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
mBrowsingContextID = aBrowsingContext->Id();
|
|
|
|
|
mOriginAttributes = aOriginAttributes;
|
|
|
|
|
|
|
|
|
|
#ifdef DEBUG
|
|
|
|
|
if (aBrowsingContext->IsChrome()) {
|
|
|
|
|
MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0,
|
|
|
|
|
"chrome docshell shouldn't have mPrivateBrowsingId set.");
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
// Let's take the current cookie behavior and current cookie permission
|
|
|
|
|
// for the documents' loadInfo. Note that for any other loadInfos,
|
|
|
|
|
// cookieBehavior will be BEHAVIOR_REJECT for security reasons.
|
2020-03-04 11:59:08 +03:00
|
|
|
mCookieJarSettings = CookieJarSettings::Create();
|
2020-03-01 07:17:05 +03:00
|
|
|
}
|
|
|
|
|
|
2020-06-05 03:39:30 +03:00
|
|
|
LoadInfo::LoadInfo(dom::WindowGlobalParent* aParentWGP,
|
2020-04-15 21:53:06 +03:00
|
|
|
nsIPrincipal* aTriggeringPrincipal,
|
2020-06-05 03:39:30 +03:00
|
|
|
nsContentPolicyType aContentPolicyType,
|
|
|
|
|
nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags)
|
2020-07-21 04:00:53 +03:00
|
|
|
: mTriggeringPrincipal(aTriggeringPrincipal),
|
2020-04-15 21:53:06 +03:00
|
|
|
mSecurityFlags(aSecurityFlags),
|
|
|
|
|
mSandboxFlags(aSandboxFlags),
|
2020-07-21 04:00:53 +03:00
|
|
|
mInternalContentPolicyType(aContentPolicyType) {
|
2020-06-05 03:39:30 +03:00
|
|
|
CanonicalBrowsingContext* parentBC = aParentWGP->BrowsingContext();
|
2020-05-04 17:26:34 +03:00
|
|
|
MOZ_ASSERT(parentBC);
|
2020-07-08 00:14:34 +03:00
|
|
|
ComputeAncestors(parentBC, mAncestorPrincipals, mAncestorBrowsingContextIDs);
|
2020-04-15 21:53:06 +03:00
|
|
|
|
Bug 1631859 - Part 1: Fill out ancestor principals and outer window IDs for LoadInfo only in the parent, r=kmag,extension-reviewers
Keeping a list of ancestor principals in a LoadInfo object, that, at times,
exists in the content process, is not secure. Since ancestor principals are
only ever needed to create a list of frameAncestors, which, in turn, are only
ever accessed from the parent process, we can assemble lists of ancestor
principals and outer windowIDs whenever we are in the parent process and are
either 1) creating a LoadInfo object or 2) deserializing a LoadInfoArgs struct,
received from content process, into a LoadInfo object.
Differential Revision: https://phabricator.services.mozilla.com/D78406
2020-06-08 22:58:14 +03:00
|
|
|
RefPtr<WindowGlobalParent> topLevelWGP = aParentWGP->TopWindowContext();
|
2020-04-15 21:53:06 +03:00
|
|
|
|
|
|
|
|
// if the load is sandboxed, we can not also inherit the principal
|
|
|
|
|
if (mSandboxFlags & SANDBOXED_ORIGIN) {
|
|
|
|
|
mForceInheritPrincipalDropped =
|
|
|
|
|
(mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
|
|
|
|
|
mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Ensure that all network requests for a window client have the ClientInfo
|
|
|
|
|
// properly set.
|
2020-06-05 03:39:30 +03:00
|
|
|
mClientInfo = aParentWGP->GetClientInfo();
|
|
|
|
|
mLoadingPrincipal = aParentWGP->DocumentPrincipal();
|
|
|
|
|
ComputeIsThirdPartyContext(aParentWGP);
|
2020-04-15 21:53:06 +03:00
|
|
|
|
2020-05-04 17:26:34 +03:00
|
|
|
mBrowsingContextID = parentBC->Id();
|
2020-04-15 21:53:06 +03:00
|
|
|
|
|
|
|
|
// Let's inherit the cookie behavior and permission from the embedder
|
|
|
|
|
// document.
|
2020-06-05 03:39:30 +03:00
|
|
|
mCookieJarSettings = aParentWGP->CookieJarSettings();
|
2020-05-04 17:26:34 +03:00
|
|
|
if (parentBC->IsContentSubframe()) {
|
2020-04-15 21:53:06 +03:00
|
|
|
mDocumentHasLoaded = false;
|
|
|
|
|
} else {
|
2020-06-05 03:39:30 +03:00
|
|
|
mDocumentHasLoaded = aParentWGP->DocumentHasLoaded();
|
2020-04-15 21:53:06 +03:00
|
|
|
}
|
|
|
|
|
if (topLevelWGP->BrowsingContext()->IsTop()) {
|
|
|
|
|
if (mCookieJarSettings) {
|
|
|
|
|
bool stopAtOurLevel = mCookieJarSettings->GetCookieBehavior() ==
|
|
|
|
|
nsICookieService::BEHAVIOR_REJECT_TRACKER;
|
|
|
|
|
if (!stopAtOurLevel ||
|
2020-06-05 03:39:30 +03:00
|
|
|
topLevelWGP->OuterWindowId() != aParentWGP->OuterWindowId()) {
|
2020-04-15 21:53:06 +03:00
|
|
|
mTopLevelPrincipal = topLevelWGP->DocumentPrincipal();
|
|
|
|
|
}
|
|
|
|
|
}
|
2020-05-04 17:26:34 +03:00
|
|
|
if (parentBC->IsContentSubframe()) {
|
2020-04-15 21:53:06 +03:00
|
|
|
// For resources within iframes, we actually want the
|
|
|
|
|
// top-level document's flag, not the iframe document's.
|
|
|
|
|
mDocumentHasLoaded = topLevelWGP->DocumentHasLoaded();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// The top-level-storage-area-principal is not null only for the first
|
|
|
|
|
// level of iframes (null for top-level contexts, and null for
|
|
|
|
|
// sub-iframes). If we are loading a sub-document resource, we must
|
|
|
|
|
// calculate what the top-level-storage-area-principal will be for the
|
|
|
|
|
// new context.
|
2020-05-04 17:26:34 +03:00
|
|
|
if (parentBC->IsTop()) {
|
2020-06-05 03:39:30 +03:00
|
|
|
if (!Document::StorageAccessSandboxed(aParentWGP->SandboxFlags())) {
|
|
|
|
|
mTopLevelStorageAreaPrincipal = aParentWGP->DocumentPrincipal();
|
2020-04-15 21:53:06 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// If this is the first level iframe, embedder WindowGlobalParent's document
|
|
|
|
|
// principal is our top-level principal.
|
|
|
|
|
if (!mTopLevelPrincipal) {
|
2020-06-05 03:39:30 +03:00
|
|
|
mTopLevelPrincipal = aParentWGP->DocumentPrincipal();
|
2020-04-15 21:53:06 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-06-05 03:39:30 +03:00
|
|
|
mInnerWindowID = aParentWGP->InnerWindowId();
|
|
|
|
|
mDocumentHasUserInteracted = aParentWGP->DocumentHasUserInteracted();
|
2020-04-15 21:53:06 +03:00
|
|
|
|
|
|
|
|
// if the document forces all mixed content to be blocked, then we
|
|
|
|
|
// store that bit for all requests on the loadinfo.
|
2020-06-05 03:39:30 +03:00
|
|
|
mBlockAllMixedContent = aParentWGP->GetDocumentBlockAllMixedContent();
|
2020-04-15 21:53:06 +03:00
|
|
|
|
|
|
|
|
// if the document forces all requests to be upgraded from http to https,
|
|
|
|
|
// then we should do that for all requests. If it only forces preloads to be
|
|
|
|
|
// upgraded then we should enforce upgrade insecure requests only for
|
|
|
|
|
// preloads.
|
2020-06-05 03:39:30 +03:00
|
|
|
mUpgradeInsecureRequests = aParentWGP->GetDocumentUpgradeInsecureRequests();
|
2020-04-15 21:53:06 +03:00
|
|
|
mOriginAttributes = mLoadingPrincipal->OriginAttributesRef();
|
|
|
|
|
|
|
|
|
|
// We need to do this after inheriting the document's origin attributes
|
|
|
|
|
// above, in case the loading principal ends up being the system principal.
|
2020-05-04 17:26:34 +03:00
|
|
|
if (parentBC->IsContent()) {
|
2020-04-15 21:53:06 +03:00
|
|
|
mOriginAttributes.SyncAttributesWithPrivateBrowsing(
|
2020-05-04 17:26:34 +03:00
|
|
|
parentBC->UsePrivateBrowsing());
|
2020-04-15 21:53:06 +03:00
|
|
|
}
|
|
|
|
|
|
2020-06-05 03:39:30 +03:00
|
|
|
mHttpsOnlyStatus |= aParentWGP->HttpsOnlyStatus();
|
2020-05-26 14:45:21 +03:00
|
|
|
|
2020-04-15 21:53:06 +03:00
|
|
|
// For chrome BC, the mPrivateBrowsingId remains 0 even its
|
|
|
|
|
// UsePrivateBrowsing() is true, so we only update the mPrivateBrowsingId in
|
|
|
|
|
// origin attributes if the type of the BC is content.
|
2020-05-04 17:26:34 +03:00
|
|
|
if (parentBC->IsChrome()) {
|
2020-04-15 21:53:06 +03:00
|
|
|
MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0,
|
|
|
|
|
"chrome docshell shouldn't have mPrivateBrowsingId set.");
|
|
|
|
|
}
|
2020-05-19 15:50:39 +03:00
|
|
|
|
|
|
|
|
RefPtr<WindowContext> ctx = WindowContext::GetById(mInnerWindowID);
|
|
|
|
|
if (ctx) {
|
|
|
|
|
mLoadingEmbedderPolicy = ctx->GetEmbedderPolicy();
|
|
|
|
|
}
|
2020-04-15 21:53:06 +03:00
|
|
|
}
|
|
|
|
|
|
2020-07-21 04:01:00 +03:00
|
|
|
// Used for TYPE_FRAME or TYPE_IFRAME load.
|
2020-06-05 03:39:30 +03:00
|
|
|
LoadInfo::LoadInfo(dom::CanonicalBrowsingContext* aBrowsingContext,
|
|
|
|
|
nsIPrincipal* aTriggeringPrincipal,
|
2020-07-17 20:13:33 +03:00
|
|
|
nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags)
|
2020-06-05 03:39:30 +03:00
|
|
|
: LoadInfo(aBrowsingContext->GetParentWindowContext(), aTriggeringPrincipal,
|
|
|
|
|
InternalContentPolicyTypeForFrame(aBrowsingContext),
|
|
|
|
|
aSecurityFlags, aSandboxFlags) {
|
|
|
|
|
mFrameBrowsingContextID = aBrowsingContext->Id();
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-24 23:42:02 +03:00
|
|
|
LoadInfo::LoadInfo(const LoadInfo& rhs)
|
|
|
|
|
: mLoadingPrincipal(rhs.mLoadingPrincipal),
|
|
|
|
|
mTriggeringPrincipal(rhs.mTriggeringPrincipal),
|
2016-09-20 09:35:45 +03:00
|
|
|
mPrincipalToInherit(rhs.mPrincipalToInherit),
|
2017-02-01 01:56:15 +03:00
|
|
|
mSandboxedLoadingPrincipal(rhs.mSandboxedLoadingPrincipal),
|
2018-08-10 21:55:27 +03:00
|
|
|
mTopLevelPrincipal(rhs.mTopLevelPrincipal),
|
2018-07-13 13:02:19 +03:00
|
|
|
mTopLevelStorageAreaPrincipal(rhs.mTopLevelStorageAreaPrincipal),
|
2017-05-30 19:07:59 +03:00
|
|
|
mResultPrincipalURI(rhs.mResultPrincipalURI),
|
2020-03-04 11:59:08 +03:00
|
|
|
mCookieJarSettings(rhs.mCookieJarSettings),
|
2019-05-22 02:14:27 +03:00
|
|
|
mCspToInherit(rhs.mCspToInherit),
|
2019-01-24 00:06:59 +03:00
|
|
|
mClientInfo(rhs.mClientInfo),
|
2017-11-16 21:15:09 +03:00
|
|
|
// mReservedClientSource must be handled specially during redirect
|
|
|
|
|
// mReservedClientInfo must be handled specially during redirect
|
|
|
|
|
// mInitialClientInfo must be handled specially during redirect
|
2017-12-06 04:45:23 +03:00
|
|
|
mController(rhs.mController),
|
2018-01-24 19:17:31 +03:00
|
|
|
mPerformanceStorage(rhs.mPerformanceStorage),
|
2015-09-24 23:42:02 +03:00
|
|
|
mLoadingContext(rhs.mLoadingContext),
|
2017-09-05 19:01:07 +03:00
|
|
|
mContextForTopLevelLoad(rhs.mContextForTopLevelLoad),
|
2015-09-24 23:42:02 +03:00
|
|
|
mSecurityFlags(rhs.mSecurityFlags),
|
2020-01-15 11:02:57 +03:00
|
|
|
mSandboxFlags(rhs.mSandboxFlags),
|
2020-07-29 14:43:23 +03:00
|
|
|
mTriggeringSandboxFlags(rhs.mTriggeringSandboxFlags),
|
2015-10-19 21:14:54 +03:00
|
|
|
mInternalContentPolicyType(rhs.mInternalContentPolicyType),
|
2015-11-01 01:20:48 +03:00
|
|
|
mTainting(rhs.mTainting),
|
2019-10-01 00:33:28 +03:00
|
|
|
mBlockAllMixedContent(rhs.mBlockAllMixedContent),
|
2015-09-24 23:42:02 +03:00
|
|
|
mUpgradeInsecureRequests(rhs.mUpgradeInsecureRequests),
|
2018-02-05 18:37:27 +03:00
|
|
|
mBrowserUpgradeInsecureRequests(rhs.mBrowserUpgradeInsecureRequests),
|
2018-03-04 17:33:33 +03:00
|
|
|
mBrowserWouldUpgradeInsecureRequests(
|
|
|
|
|
rhs.mBrowserWouldUpgradeInsecureRequests),
|
2017-11-08 22:01:41 +03:00
|
|
|
mForceAllowDataURI(rhs.mForceAllowDataURI),
|
2018-02-18 21:52:52 +03:00
|
|
|
mAllowInsecureRedirectToDataURI(rhs.mAllowInsecureRedirectToDataURI),
|
2019-06-13 12:57:13 +03:00
|
|
|
mBypassCORSChecks(rhs.mBypassCORSChecks),
|
2018-03-29 12:14:35 +03:00
|
|
|
mSkipContentPolicyCheckForWebRequest(
|
|
|
|
|
rhs.mSkipContentPolicyCheckForWebRequest),
|
2017-11-05 07:06:20 +03:00
|
|
|
mOriginalFrameSrcLoad(rhs.mOriginalFrameSrcLoad),
|
2016-07-18 09:35:13 +03:00
|
|
|
mForceInheritPrincipalDropped(rhs.mForceInheritPrincipalDropped),
|
2015-09-24 23:42:02 +03:00
|
|
|
mInnerWindowID(rhs.mInnerWindowID),
|
2019-01-24 00:06:59 +03:00
|
|
|
mBrowsingContextID(rhs.mBrowsingContextID),
|
2019-02-19 19:21:45 +03:00
|
|
|
mFrameBrowsingContextID(rhs.mFrameBrowsingContextID),
|
2015-11-01 01:20:48 +03:00
|
|
|
mInitialSecurityCheckDone(rhs.mInitialSecurityCheckDone),
|
2015-12-01 00:25:29 +03:00
|
|
|
mIsThirdPartyContext(rhs.mIsThirdPartyContext),
|
2020-05-13 16:38:41 +03:00
|
|
|
mIsThirdPartyContextToTopWindow(rhs.mIsThirdPartyContextToTopWindow),
|
2019-07-22 16:41:47 +03:00
|
|
|
mIsFormSubmission(rhs.mIsFormSubmission),
|
2018-08-01 07:35:24 +03:00
|
|
|
mSendCSPViolationEvents(rhs.mSendCSPViolationEvents),
|
2015-11-01 01:20:48 +03:00
|
|
|
mOriginAttributes(rhs.mOriginAttributes),
|
|
|
|
|
mRedirectChainIncludingInternalRedirects(
|
2020-05-05 13:40:36 +03:00
|
|
|
rhs.mRedirectChainIncludingInternalRedirects.Clone()),
|
|
|
|
|
mRedirectChain(rhs.mRedirectChain.Clone()),
|
|
|
|
|
mAncestorPrincipals(rhs.mAncestorPrincipals.Clone()),
|
2020-07-08 00:14:42 +03:00
|
|
|
mAncestorBrowsingContextIDs(rhs.mAncestorBrowsingContextIDs.Clone()),
|
2020-05-05 13:40:36 +03:00
|
|
|
mCorsUnsafeHeaders(rhs.mCorsUnsafeHeaders.Clone()),
|
2019-04-26 13:59:41 +03:00
|
|
|
mRequestBlockingReason(rhs.mRequestBlockingReason),
|
2015-12-07 02:33:14 +03:00
|
|
|
mForcePreflight(rhs.mForcePreflight),
|
|
|
|
|
mIsPreflight(rhs.mIsPreflight),
|
2019-01-24 00:06:59 +03:00
|
|
|
mLoadTriggeredFromExternal(rhs.mLoadTriggeredFromExternal),
|
2018-06-11 04:44:38 +03:00
|
|
|
// mServiceWorkerTaintingSynthesized must be handled specially during
|
|
|
|
|
// redirect
|
|
|
|
|
mServiceWorkerTaintingSynthesized(false),
|
2018-08-31 14:21:17 +03:00
|
|
|
mDocumentHasUserInteracted(rhs.mDocumentHasUserInteracted),
|
2018-09-28 22:12:10 +03:00
|
|
|
mDocumentHasLoaded(rhs.mDocumentHasLoaded),
|
2020-01-21 21:18:32 +03:00
|
|
|
mAllowListFutureDocumentsCreatedFromThisRedirectChain(
|
|
|
|
|
rhs.mAllowListFutureDocumentsCreatedFromThisRedirectChain),
|
2019-02-13 22:45:29 +03:00
|
|
|
mCspNonce(rhs.mCspNonce),
|
2019-07-31 19:59:53 +03:00
|
|
|
mSkipContentSniffing(rhs.mSkipContentSniffing),
|
2020-03-27 20:09:15 +03:00
|
|
|
mHttpsOnlyStatus(rhs.mHttpsOnlyStatus),
|
2020-04-16 11:04:26 +03:00
|
|
|
mHasValidUserGestureActivation(rhs.mHasValidUserGestureActivation),
|
2020-04-07 14:55:20 +03:00
|
|
|
mAllowDeprecatedSystemRequests(rhs.mAllowDeprecatedSystemRequests),
|
2020-06-29 12:34:54 +03:00
|
|
|
mIsInDevToolsContext(rhs.mIsInDevToolsContext),
|
2020-04-10 13:56:57 +03:00
|
|
|
mParserCreatedScript(rhs.mParserCreatedScript),
|
2020-03-30 17:10:07 +03:00
|
|
|
mHasStoragePermission(rhs.mHasStoragePermission),
|
2020-05-19 15:50:39 +03:00
|
|
|
mIsFromProcessingFrameAttributes(rhs.mIsFromProcessingFrameAttributes),
|
|
|
|
|
mLoadingEmbedderPolicy(rhs.mLoadingEmbedderPolicy) {}
|
2018-11-30 13:46:48 +03:00
|
|
|
|
2015-01-08 02:51:20 +03:00
|
|
|
LoadInfo::LoadInfo(
|
|
|
|
|
nsIPrincipal* aLoadingPrincipal, nsIPrincipal* aTriggeringPrincipal,
|
2017-02-01 01:56:15 +03:00
|
|
|
nsIPrincipal* aPrincipalToInherit, nsIPrincipal* aSandboxedLoadingPrincipal,
|
2018-08-10 21:55:27 +03:00
|
|
|
nsIPrincipal* aTopLevelPrincipal,
|
2018-07-13 13:02:19 +03:00
|
|
|
nsIPrincipal* aTopLevelStorageAreaPrincipal, nsIURI* aResultPrincipalURI,
|
2020-03-04 11:59:08 +03:00
|
|
|
nsICookieJarSettings* aCookieJarSettings,
|
|
|
|
|
nsIContentSecurityPolicy* aCspToInherit,
|
2019-05-22 02:14:27 +03:00
|
|
|
const Maybe<ClientInfo>& aClientInfo,
|
2018-01-23 18:38:52 +03:00
|
|
|
const Maybe<ClientInfo>& aReservedClientInfo,
|
|
|
|
|
const Maybe<ClientInfo>& aInitialClientInfo,
|
2018-01-23 18:38:52 +03:00
|
|
|
const Maybe<ServiceWorkerDescriptor>& aController,
|
2020-01-15 11:02:57 +03:00
|
|
|
nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags,
|
2020-07-29 14:43:23 +03:00
|
|
|
uint32_t aTriggeringSandboxFlags, nsContentPolicyType aContentPolicyType,
|
|
|
|
|
LoadTainting aTainting, bool aBlockAllMixedContent,
|
|
|
|
|
bool aUpgradeInsecureRequests, bool aBrowserUpgradeInsecureRequests,
|
2019-04-27 01:21:36 +03:00
|
|
|
bool aBrowserWouldUpgradeInsecureRequests, bool aForceAllowDataURI,
|
2019-06-13 12:57:13 +03:00
|
|
|
bool aAllowInsecureRedirectToDataURI, bool aBypassCORSChecks,
|
2018-03-29 12:14:35 +03:00
|
|
|
bool aSkipContentPolicyCheckForWebRequest,
|
2016-07-18 09:35:13 +03:00
|
|
|
bool aForceInheritPrincipalDropped, uint64_t aInnerWindowID,
|
2019-02-15 22:49:04 +03:00
|
|
|
uint64_t aBrowsingContextID, uint64_t aFrameBrowsingContextID,
|
2019-02-09 04:12:53 +03:00
|
|
|
bool aInitialSecurityCheckDone, bool aIsThirdPartyContext,
|
2020-05-13 16:38:41 +03:00
|
|
|
bool aIsThirdPartyContextToTopWindow, bool aIsFormSubmission,
|
|
|
|
|
bool aSendCSPViolationEvents, const OriginAttributes& aOriginAttributes,
|
2020-08-04 14:27:07 +03:00
|
|
|
RedirectHistoryArray&& aRedirectChainIncludingInternalRedirects,
|
|
|
|
|
RedirectHistoryArray&& aRedirectChain,
|
2017-10-10 19:54:00 +03:00
|
|
|
nsTArray<nsCOMPtr<nsIPrincipal>>&& aAncestorPrincipals,
|
2020-07-08 00:14:42 +03:00
|
|
|
const nsTArray<uint64_t>& aAncestorBrowsingContextIDs,
|
2015-12-07 02:33:14 +03:00
|
|
|
const nsTArray<nsCString>& aCorsUnsafeHeaders, bool aForcePreflight,
|
2017-11-03 15:23:11 +03:00
|
|
|
bool aIsPreflight, bool aLoadTriggeredFromExternal,
|
2018-08-31 14:21:17 +03:00
|
|
|
bool aServiceWorkerTaintingSynthesized, bool aDocumentHasUserInteracted,
|
2020-01-21 21:18:32 +03:00
|
|
|
bool aDocumentHasLoaded,
|
|
|
|
|
bool aAllowListFutureDocumentsCreatedFromThisRedirectChain,
|
|
|
|
|
const nsAString& aCspNonce, bool aSkipContentSniffing,
|
2020-04-16 11:04:26 +03:00
|
|
|
uint32_t aHttpsOnlyStatus, bool aHasValidUserGestureActivation,
|
2020-06-29 12:34:54 +03:00
|
|
|
bool aAllowDeprecatedSystemRequests, bool aIsInDevToolsContext,
|
|
|
|
|
bool aParserCreatedScript, bool aHasStoragePermission,
|
|
|
|
|
uint32_t aRequestBlockingReason, nsINode* aLoadingContext,
|
2020-05-19 15:50:39 +03:00
|
|
|
nsILoadInfo::CrossOriginEmbedderPolicy aLoadingEmbedderPolicy)
|
2015-01-08 02:51:20 +03:00
|
|
|
: mLoadingPrincipal(aLoadingPrincipal),
|
|
|
|
|
mTriggeringPrincipal(aTriggeringPrincipal),
|
2016-09-20 09:35:45 +03:00
|
|
|
mPrincipalToInherit(aPrincipalToInherit),
|
2018-08-10 21:55:27 +03:00
|
|
|
mTopLevelPrincipal(aTopLevelPrincipal),
|
2018-07-13 13:02:19 +03:00
|
|
|
mTopLevelStorageAreaPrincipal(aTopLevelStorageAreaPrincipal),
|
2017-05-30 19:07:59 +03:00
|
|
|
mResultPrincipalURI(aResultPrincipalURI),
|
2020-03-04 11:59:08 +03:00
|
|
|
mCookieJarSettings(aCookieJarSettings),
|
2019-05-22 02:14:27 +03:00
|
|
|
mCspToInherit(aCspToInherit),
|
2018-01-23 18:38:52 +03:00
|
|
|
mClientInfo(aClientInfo),
|
|
|
|
|
mReservedClientInfo(aReservedClientInfo),
|
|
|
|
|
mInitialClientInfo(aInitialClientInfo),
|
2018-01-23 18:38:52 +03:00
|
|
|
mController(aController),
|
2019-08-08 03:52:39 +03:00
|
|
|
mLoadingContext(do_GetWeakReference(aLoadingContext)),
|
2015-01-08 02:51:20 +03:00
|
|
|
mSecurityFlags(aSecurityFlags),
|
2020-01-15 11:02:57 +03:00
|
|
|
mSandboxFlags(aSandboxFlags),
|
2020-07-29 14:43:23 +03:00
|
|
|
mTriggeringSandboxFlags(aTriggeringSandboxFlags),
|
2015-10-19 21:14:54 +03:00
|
|
|
mInternalContentPolicyType(aContentPolicyType),
|
2015-12-07 02:33:15 +03:00
|
|
|
mTainting(aTainting),
|
2019-10-01 00:33:28 +03:00
|
|
|
mBlockAllMixedContent(aBlockAllMixedContent),
|
2015-07-10 23:57:55 +03:00
|
|
|
mUpgradeInsecureRequests(aUpgradeInsecureRequests),
|
2018-02-05 18:37:27 +03:00
|
|
|
mBrowserUpgradeInsecureRequests(aBrowserUpgradeInsecureRequests),
|
2018-03-04 17:33:33 +03:00
|
|
|
mBrowserWouldUpgradeInsecureRequests(
|
|
|
|
|
aBrowserWouldUpgradeInsecureRequests),
|
2017-11-08 22:01:41 +03:00
|
|
|
mForceAllowDataURI(aForceAllowDataURI),
|
2018-02-18 21:52:52 +03:00
|
|
|
mAllowInsecureRedirectToDataURI(aAllowInsecureRedirectToDataURI),
|
2019-06-13 12:57:13 +03:00
|
|
|
mBypassCORSChecks(aBypassCORSChecks),
|
2018-03-29 12:14:35 +03:00
|
|
|
mSkipContentPolicyCheckForWebRequest(
|
|
|
|
|
aSkipContentPolicyCheckForWebRequest),
|
2020-09-23 01:53:37 +03:00
|
|
|
mOriginalFrameSrcLoad(false),
|
2016-07-18 09:35:13 +03:00
|
|
|
mForceInheritPrincipalDropped(aForceInheritPrincipalDropped),
|
2015-01-08 02:51:20 +03:00
|
|
|
mInnerWindowID(aInnerWindowID),
|
2019-01-24 00:06:59 +03:00
|
|
|
mBrowsingContextID(aBrowsingContextID),
|
2019-02-15 22:49:04 +03:00
|
|
|
mFrameBrowsingContextID(aFrameBrowsingContextID),
|
2015-07-20 05:11:57 +03:00
|
|
|
mInitialSecurityCheckDone(aInitialSecurityCheckDone),
|
2015-12-01 00:25:29 +03:00
|
|
|
mIsThirdPartyContext(aIsThirdPartyContext),
|
2020-05-13 16:38:41 +03:00
|
|
|
mIsThirdPartyContextToTopWindow(aIsThirdPartyContextToTopWindow),
|
2019-07-22 16:41:47 +03:00
|
|
|
mIsFormSubmission(aIsFormSubmission),
|
2018-08-01 07:35:24 +03:00
|
|
|
mSendCSPViolationEvents(aSendCSPViolationEvents),
|
2015-10-22 00:47:00 +03:00
|
|
|
mOriginAttributes(aOriginAttributes),
|
2020-08-04 14:27:07 +03:00
|
|
|
mRedirectChainIncludingInternalRedirects(
|
|
|
|
|
std::move(aRedirectChainIncludingInternalRedirects)),
|
|
|
|
|
mRedirectChain(std::move(aRedirectChain)),
|
2018-05-30 22:15:35 +03:00
|
|
|
mAncestorPrincipals(std::move(aAncestorPrincipals)),
|
2020-07-08 00:14:42 +03:00
|
|
|
mAncestorBrowsingContextIDs(aAncestorBrowsingContextIDs.Clone()),
|
2020-05-05 13:40:36 +03:00
|
|
|
mCorsUnsafeHeaders(aCorsUnsafeHeaders.Clone()),
|
2019-04-26 13:59:41 +03:00
|
|
|
mRequestBlockingReason(aRequestBlockingReason),
|
2015-12-07 02:33:14 +03:00
|
|
|
mForcePreflight(aForcePreflight),
|
|
|
|
|
mIsPreflight(aIsPreflight),
|
2017-11-03 15:23:11 +03:00
|
|
|
mLoadTriggeredFromExternal(aLoadTriggeredFromExternal),
|
2017-11-03 10:37:35 +03:00
|
|
|
mServiceWorkerTaintingSynthesized(aServiceWorkerTaintingSynthesized),
|
2018-08-31 14:21:17 +03:00
|
|
|
mDocumentHasUserInteracted(aDocumentHasUserInteracted),
|
2018-09-28 22:12:10 +03:00
|
|
|
mDocumentHasLoaded(aDocumentHasLoaded),
|
2020-01-21 21:18:32 +03:00
|
|
|
mAllowListFutureDocumentsCreatedFromThisRedirectChain(
|
|
|
|
|
aAllowListFutureDocumentsCreatedFromThisRedirectChain),
|
2019-02-13 22:45:29 +03:00
|
|
|
mCspNonce(aCspNonce),
|
2019-07-31 19:59:53 +03:00
|
|
|
mSkipContentSniffing(aSkipContentSniffing),
|
2020-03-27 20:09:15 +03:00
|
|
|
mHttpsOnlyStatus(aHttpsOnlyStatus),
|
2020-04-16 11:04:26 +03:00
|
|
|
mHasValidUserGestureActivation(aHasValidUserGestureActivation),
|
2020-04-07 14:55:20 +03:00
|
|
|
mAllowDeprecatedSystemRequests(aAllowDeprecatedSystemRequests),
|
2020-06-29 12:34:54 +03:00
|
|
|
mIsInDevToolsContext(aIsInDevToolsContext),
|
2020-04-10 13:56:57 +03:00
|
|
|
mParserCreatedScript(aParserCreatedScript),
|
2020-03-30 17:10:07 +03:00
|
|
|
mHasStoragePermission(aHasStoragePermission),
|
2020-05-19 15:50:39 +03:00
|
|
|
mIsFromProcessingFrameAttributes(false),
|
|
|
|
|
mLoadingEmbedderPolicy(aLoadingEmbedderPolicy) {
|
2016-04-14 02:30:16 +03:00
|
|
|
// Only top level TYPE_DOCUMENT loads can have a null loadingPrincipal
|
|
|
|
|
MOZ_ASSERT(mLoadingPrincipal ||
|
|
|
|
|
aContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT);
|
2015-01-08 02:51:20 +03:00
|
|
|
MOZ_ASSERT(mTriggeringPrincipal);
|
|
|
|
|
}
|
|
|
|
|
|
Bug 1631859 - Part 1: Fill out ancestor principals and outer window IDs for LoadInfo only in the parent, r=kmag,extension-reviewers
Keeping a list of ancestor principals in a LoadInfo object, that, at times,
exists in the content process, is not secure. Since ancestor principals are
only ever needed to create a list of frameAncestors, which, in turn, are only
ever accessed from the parent process, we can assemble lists of ancestor
principals and outer windowIDs whenever we are in the parent process and are
either 1) creating a LoadInfo object or 2) deserializing a LoadInfoArgs struct,
received from content process, into a LoadInfo object.
Differential Revision: https://phabricator.services.mozilla.com/D78406
2020-06-08 22:58:14 +03:00
|
|
|
// static
|
|
|
|
|
void LoadInfo::ComputeAncestors(
|
|
|
|
|
CanonicalBrowsingContext* aBC,
|
|
|
|
|
nsTArray<nsCOMPtr<nsIPrincipal>>& aAncestorPrincipals,
|
2020-07-08 00:14:34 +03:00
|
|
|
nsTArray<uint64_t>& aBrowsingContextIDs) {
|
Bug 1631859 - Part 1: Fill out ancestor principals and outer window IDs for LoadInfo only in the parent, r=kmag,extension-reviewers
Keeping a list of ancestor principals in a LoadInfo object, that, at times,
exists in the content process, is not secure. Since ancestor principals are
only ever needed to create a list of frameAncestors, which, in turn, are only
ever accessed from the parent process, we can assemble lists of ancestor
principals and outer windowIDs whenever we are in the parent process and are
either 1) creating a LoadInfo object or 2) deserializing a LoadInfoArgs struct,
received from content process, into a LoadInfo object.
Differential Revision: https://phabricator.services.mozilla.com/D78406
2020-06-08 22:58:14 +03:00
|
|
|
MOZ_ASSERT(aAncestorPrincipals.IsEmpty());
|
2020-07-08 00:14:34 +03:00
|
|
|
MOZ_ASSERT(aBrowsingContextIDs.IsEmpty());
|
Bug 1631859 - Part 1: Fill out ancestor principals and outer window IDs for LoadInfo only in the parent, r=kmag,extension-reviewers
Keeping a list of ancestor principals in a LoadInfo object, that, at times,
exists in the content process, is not secure. Since ancestor principals are
only ever needed to create a list of frameAncestors, which, in turn, are only
ever accessed from the parent process, we can assemble lists of ancestor
principals and outer windowIDs whenever we are in the parent process and are
either 1) creating a LoadInfo object or 2) deserializing a LoadInfoArgs struct,
received from content process, into a LoadInfo object.
Differential Revision: https://phabricator.services.mozilla.com/D78406
2020-06-08 22:58:14 +03:00
|
|
|
CanonicalBrowsingContext* ancestorBC = aBC;
|
|
|
|
|
// Iterate over ancestor WindowGlobalParents, collecting principals and outer
|
|
|
|
|
// window IDs.
|
|
|
|
|
while (WindowGlobalParent* ancestorWGP =
|
|
|
|
|
ancestorBC->GetParentWindowContext()) {
|
2020-07-08 00:14:42 +03:00
|
|
|
ancestorBC = ancestorWGP->BrowsingContext();
|
|
|
|
|
|
Bug 1631859 - Part 1: Fill out ancestor principals and outer window IDs for LoadInfo only in the parent, r=kmag,extension-reviewers
Keeping a list of ancestor principals in a LoadInfo object, that, at times,
exists in the content process, is not secure. Since ancestor principals are
only ever needed to create a list of frameAncestors, which, in turn, are only
ever accessed from the parent process, we can assemble lists of ancestor
principals and outer windowIDs whenever we are in the parent process and are
either 1) creating a LoadInfo object or 2) deserializing a LoadInfoArgs struct,
received from content process, into a LoadInfo object.
Differential Revision: https://phabricator.services.mozilla.com/D78406
2020-06-08 22:58:14 +03:00
|
|
|
nsCOMPtr<nsIPrincipal> parentPrincipal = ancestorWGP->DocumentPrincipal();
|
|
|
|
|
MOZ_ASSERT(parentPrincipal, "Ancestor principal is null");
|
|
|
|
|
aAncestorPrincipals.AppendElement(parentPrincipal.forget());
|
2020-07-08 00:14:42 +03:00
|
|
|
aBrowsingContextIDs.AppendElement(ancestorBC->Id());
|
Bug 1631859 - Part 1: Fill out ancestor principals and outer window IDs for LoadInfo only in the parent, r=kmag,extension-reviewers
Keeping a list of ancestor principals in a LoadInfo object, that, at times,
exists in the content process, is not secure. Since ancestor principals are
only ever needed to create a list of frameAncestors, which, in turn, are only
ever accessed from the parent process, we can assemble lists of ancestor
principals and outer windowIDs whenever we are in the parent process and are
either 1) creating a LoadInfo object or 2) deserializing a LoadInfoArgs struct,
received from content process, into a LoadInfo object.
Differential Revision: https://phabricator.services.mozilla.com/D78406
2020-06-08 22:58:14 +03:00
|
|
|
}
|
|
|
|
|
}
|
2016-01-30 20:05:36 +03:00
|
|
|
void LoadInfo::ComputeIsThirdPartyContext(nsPIDOMWindowOuter* aOuterWindow) {
|
2015-12-01 00:25:29 +03:00
|
|
|
nsContentPolicyType type =
|
|
|
|
|
nsContentUtils::InternalContentPolicyTypeToExternal(
|
|
|
|
|
mInternalContentPolicyType);
|
|
|
|
|
if (type == nsIContentPolicy::TYPE_DOCUMENT) {
|
|
|
|
|
// Top-level loads are never third-party.
|
|
|
|
|
mIsThirdPartyContext = false;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsCOMPtr<mozIThirdPartyUtil> util(do_GetService(THIRDPARTYUTIL_CONTRACTID));
|
|
|
|
|
if (NS_WARN_IF(!util)) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2016-03-12 07:28:00 +03:00
|
|
|
util->IsThirdPartyWindow(aOuterWindow, nullptr, &mIsThirdPartyContext);
|
2015-12-01 00:25:29 +03:00
|
|
|
}
|
|
|
|
|
|
2020-04-15 21:53:06 +03:00
|
|
|
void LoadInfo::ComputeIsThirdPartyContext(dom::WindowGlobalParent* aGlobal) {
|
|
|
|
|
if (nsILoadInfo::GetExternalContentPolicyType() ==
|
|
|
|
|
nsIContentPolicy::TYPE_DOCUMENT) {
|
|
|
|
|
// Top-level loads are never third-party.
|
|
|
|
|
mIsThirdPartyContext = false;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ThirdPartyUtil* thirdPartyUtil = ThirdPartyUtil::GetInstance();
|
|
|
|
|
if (!thirdPartyUtil) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
thirdPartyUtil->IsThirdPartyGlobal(aGlobal, &mIsThirdPartyContext);
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-10 10:56:37 +04:00
|
|
|
NS_IMPL_ISUPPORTS(LoadInfo, nsILoadInfo)
|
|
|
|
|
|
2015-09-24 23:42:02 +03:00
|
|
|
already_AddRefed<nsILoadInfo> LoadInfo::Clone() const {
|
2015-10-18 08:24:48 +03:00
|
|
|
RefPtr<LoadInfo> copy(new LoadInfo(*this));
|
2015-09-24 23:42:02 +03:00
|
|
|
return copy.forget();
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-22 18:15:06 +03:00
|
|
|
already_AddRefed<nsILoadInfo> LoadInfo::CloneWithNewSecFlags(
|
|
|
|
|
nsSecurityFlags aSecurityFlags) const {
|
|
|
|
|
RefPtr<LoadInfo> copy(new LoadInfo(*this));
|
|
|
|
|
copy->mSecurityFlags = aSecurityFlags;
|
|
|
|
|
return copy.forget();
|
|
|
|
|
}
|
|
|
|
|
|
2015-11-01 01:20:48 +03:00
|
|
|
already_AddRefed<nsILoadInfo> LoadInfo::CloneForNewRequest() const {
|
|
|
|
|
RefPtr<LoadInfo> copy(new LoadInfo(*this));
|
|
|
|
|
copy->mInitialSecurityCheckDone = false;
|
|
|
|
|
copy->mRedirectChainIncludingInternalRedirects.Clear();
|
|
|
|
|
copy->mRedirectChain.Clear();
|
2017-07-06 12:10:00 +03:00
|
|
|
copy->mResultPrincipalURI = nullptr;
|
2015-11-01 01:20:48 +03:00
|
|
|
return copy.forget();
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-10 10:56:37 +04:00
|
|
|
NS_IMETHODIMP
|
2014-11-14 19:55:59 +03:00
|
|
|
LoadInfo::GetLoadingPrincipal(nsIPrincipal** aLoadingPrincipal) {
|
2016-04-14 02:30:33 +03:00
|
|
|
NS_IF_ADDREF(*aLoadingPrincipal = mLoadingPrincipal);
|
2014-07-10 10:56:37 +04:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2020-04-06 21:57:36 +03:00
|
|
|
nsIPrincipal* LoadInfo::VirtualGetLoadingPrincipal() {
|
|
|
|
|
return mLoadingPrincipal;
|
|
|
|
|
}
|
2014-11-14 19:55:59 +03:00
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetTriggeringPrincipal(nsIPrincipal** aTriggeringPrincipal) {
|
2020-03-17 18:05:26 +03:00
|
|
|
*aTriggeringPrincipal = do_AddRef(mTriggeringPrincipal).take();
|
2014-11-14 19:55:59 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsIPrincipal* LoadInfo::TriggeringPrincipal() { return mTriggeringPrincipal; }
|
2014-07-10 10:56:37 +04:00
|
|
|
|
2016-09-20 09:35:45 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetPrincipalToInherit(nsIPrincipal** aPrincipalToInherit) {
|
2016-11-08 09:23:12 +03:00
|
|
|
NS_IF_ADDREF(*aPrincipalToInherit = mPrincipalToInherit);
|
2016-09-20 09:35:45 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetPrincipalToInherit(nsIPrincipal* aPrincipalToInherit) {
|
|
|
|
|
MOZ_ASSERT(aPrincipalToInherit, "must be a valid principal to inherit");
|
|
|
|
|
mPrincipalToInherit = aPrincipalToInherit;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsIPrincipal* LoadInfo::PrincipalToInherit() { return mPrincipalToInherit; }
|
|
|
|
|
|
2017-11-03 05:56:27 +03:00
|
|
|
nsIPrincipal* LoadInfo::FindPrincipalToInherit(nsIChannel* aChannel) {
|
|
|
|
|
if (mPrincipalToInherit) {
|
|
|
|
|
return mPrincipalToInherit;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsCOMPtr<nsIURI> uri = mResultPrincipalURI;
|
|
|
|
|
if (!uri) {
|
|
|
|
|
Unused << aChannel->GetOriginalURI(getter_AddRefs(uri));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
auto prin = BasePrincipal::Cast(mTriggeringPrincipal);
|
2017-11-23 01:20:26 +03:00
|
|
|
return prin->PrincipalToInherit(uri);
|
2017-11-03 05:56:27 +03:00
|
|
|
}
|
|
|
|
|
|
2018-11-20 04:17:53 +03:00
|
|
|
nsIPrincipal* LoadInfo::GetSandboxedLoadingPrincipal() {
|
2020-01-15 11:02:57 +03:00
|
|
|
if (!(mSandboxFlags & SANDBOXED_ORIGIN)) {
|
2018-11-20 04:17:53 +03:00
|
|
|
return nullptr;
|
2017-02-01 01:56:15 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!mSandboxedLoadingPrincipal) {
|
|
|
|
|
if (mLoadingPrincipal) {
|
|
|
|
|
mSandboxedLoadingPrincipal =
|
2017-03-22 13:38:40 +03:00
|
|
|
NullPrincipal::CreateWithInheritedAttributes(mLoadingPrincipal);
|
2017-02-01 01:56:15 +03:00
|
|
|
} else {
|
|
|
|
|
OriginAttributes attrs(mOriginAttributes);
|
2017-03-22 13:38:40 +03:00
|
|
|
mSandboxedLoadingPrincipal = NullPrincipal::Create(attrs);
|
2017-02-01 01:56:15 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
MOZ_ASSERT(mSandboxedLoadingPrincipal);
|
|
|
|
|
|
2018-11-20 04:17:53 +03:00
|
|
|
return mSandboxedLoadingPrincipal;
|
2018-08-10 21:55:27 +03:00
|
|
|
}
|
|
|
|
|
|
2018-11-20 04:17:53 +03:00
|
|
|
nsIPrincipal* LoadInfo::GetTopLevelPrincipal() { return mTopLevelPrincipal; }
|
2018-08-10 21:55:27 +03:00
|
|
|
|
2018-11-20 04:17:53 +03:00
|
|
|
nsIPrincipal* LoadInfo::GetTopLevelStorageAreaPrincipal() {
|
2018-07-13 13:02:19 +03:00
|
|
|
return mTopLevelStorageAreaPrincipal;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-17 00:16:12 +04:00
|
|
|
NS_IMETHODIMP
|
2019-01-02 16:05:23 +03:00
|
|
|
LoadInfo::GetLoadingDocument(Document** aResult) {
|
|
|
|
|
if (nsCOMPtr<nsINode> node = do_QueryReferent(mLoadingContext)) {
|
|
|
|
|
RefPtr<Document> context = node->OwnerDoc();
|
2015-02-13 22:36:37 +03:00
|
|
|
context.forget(aResult);
|
2014-07-17 00:16:12 +04:00
|
|
|
}
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsINode* LoadInfo::LoadingNode() {
|
|
|
|
|
nsCOMPtr<nsINode> node = do_QueryReferent(mLoadingContext);
|
|
|
|
|
return node;
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-05 19:01:07 +03:00
|
|
|
already_AddRefed<nsISupports> LoadInfo::ContextForTopLevelLoad() {
|
|
|
|
|
// Most likely you want to query LoadingNode() instead of
|
|
|
|
|
// ContextForTopLevelLoad() if this assertion fires.
|
|
|
|
|
MOZ_ASSERT(mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
|
|
|
|
|
"should only query this context for top level document loads");
|
|
|
|
|
nsCOMPtr<nsISupports> context = do_QueryReferent(mContextForTopLevelLoad);
|
2018-05-30 22:21:18 +03:00
|
|
|
return context.forget();
|
2017-09-05 19:01:07 +03:00
|
|
|
}
|
|
|
|
|
|
2018-03-29 13:16:23 +03:00
|
|
|
already_AddRefed<nsISupports> LoadInfo::GetLoadingContext() {
|
|
|
|
|
nsCOMPtr<nsISupports> context;
|
|
|
|
|
if (mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT) {
|
|
|
|
|
context = ContextForTopLevelLoad();
|
|
|
|
|
} else {
|
|
|
|
|
context = LoadingNode();
|
|
|
|
|
}
|
|
|
|
|
return context.forget();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetLoadingContextXPCOM(nsISupports** aResult) {
|
|
|
|
|
nsCOMPtr<nsISupports> context = GetLoadingContext();
|
|
|
|
|
context.forget(aResult);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-17 00:16:12 +04:00
|
|
|
NS_IMETHODIMP
|
2015-02-13 22:36:37 +03:00
|
|
|
LoadInfo::GetSecurityFlags(nsSecurityFlags* aResult) {
|
|
|
|
|
*aResult = mSecurityFlags;
|
2014-07-17 00:16:12 +04:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2020-01-15 11:02:57 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetSandboxFlags(uint32_t* aResult) {
|
|
|
|
|
*aResult = mSandboxFlags;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-29 14:43:23 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetTriggeringSandboxFlags(uint32_t* aResult) {
|
|
|
|
|
*aResult = mTriggeringSandboxFlags;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetTriggeringSandboxFlags(uint32_t aFlags) {
|
|
|
|
|
mTriggeringSandboxFlags = aFlags;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-20 05:11:57 +03:00
|
|
|
NS_IMETHODIMP
|
2015-12-01 00:25:29 +03:00
|
|
|
LoadInfo::GetSecurityMode(uint32_t* aFlags) {
|
2020-07-15 14:20:45 +03:00
|
|
|
*aFlags = (mSecurityFlags &
|
|
|
|
|
(nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_INHERITS_SEC_CONTEXT |
|
|
|
|
|
nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED |
|
|
|
|
|
nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_INHERITS_SEC_CONTEXT |
|
|
|
|
|
nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL |
|
|
|
|
|
nsILoadInfo::SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT));
|
2015-07-20 05:11:57 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-12-01 00:25:29 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetIsInThirdPartyContext(bool* aIsInThirdPartyContext) {
|
|
|
|
|
*aIsInThirdPartyContext = mIsThirdPartyContext;
|
|
|
|
|
return NS_OK;
|
2020-06-17 23:18:23 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetIsInThirdPartyContext(bool aIsInThirdPartyContext) {
|
|
|
|
|
mIsThirdPartyContext = aIsInThirdPartyContext;
|
|
|
|
|
return NS_OK;
|
2015-12-01 00:25:29 +03:00
|
|
|
}
|
|
|
|
|
|
2020-05-13 16:38:41 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetIsThirdPartyContextToTopWindow(
|
|
|
|
|
bool* aIsThirdPartyContextToTopWindow) {
|
|
|
|
|
*aIsThirdPartyContextToTopWindow = mIsThirdPartyContextToTopWindow;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetIsThirdPartyContextToTopWindow(
|
|
|
|
|
bool aIsThirdPartyContextToTopWindow) {
|
|
|
|
|
mIsThirdPartyContextToTopWindow = aIsThirdPartyContextToTopWindow;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-12-07 02:33:15 +03:00
|
|
|
static const uint32_t sCookiePolicyMask =
|
|
|
|
|
nsILoadInfo::SEC_COOKIES_DEFAULT | nsILoadInfo::SEC_COOKIES_INCLUDE |
|
|
|
|
|
nsILoadInfo::SEC_COOKIES_SAME_ORIGIN | nsILoadInfo::SEC_COOKIES_OMIT;
|
|
|
|
|
|
2015-07-20 05:11:57 +03:00
|
|
|
NS_IMETHODIMP
|
2015-12-07 02:33:15 +03:00
|
|
|
LoadInfo::GetCookiePolicy(uint32_t* aResult) {
|
|
|
|
|
uint32_t policy = mSecurityFlags & sCookiePolicyMask;
|
|
|
|
|
if (policy == nsILoadInfo::SEC_COOKIES_DEFAULT) {
|
2020-07-15 14:20:45 +03:00
|
|
|
policy = (mSecurityFlags & SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT)
|
2015-12-07 02:33:15 +03:00
|
|
|
? nsILoadInfo::SEC_COOKIES_SAME_ORIGIN
|
|
|
|
|
: nsILoadInfo::SEC_COOKIES_INCLUDE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*aResult = policy;
|
2015-07-20 05:11:57 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2019-03-08 12:04:11 +03:00
|
|
|
namespace {
|
|
|
|
|
|
2020-03-04 11:59:08 +03:00
|
|
|
already_AddRefed<nsICookieJarSettings> CreateCookieJarSettings(
|
2019-03-08 12:04:11 +03:00
|
|
|
nsContentPolicyType aContentPolicyType) {
|
2020-03-04 11:59:08 +03:00
|
|
|
if (StaticPrefs::network_cookieJarSettings_unblocked_for_testing()) {
|
|
|
|
|
return CookieJarSettings::Create();
|
2019-03-08 12:04:11 +03:00
|
|
|
}
|
|
|
|
|
|
2020-03-04 11:59:08 +03:00
|
|
|
// These contentPolictTypes require a real CookieJarSettings because favicon
|
|
|
|
|
// and save-as requests must send cookies. Anything else should not
|
|
|
|
|
// send/receive cookies.
|
2019-03-08 12:04:11 +03:00
|
|
|
if (aContentPolicyType == nsIContentPolicy::TYPE_INTERNAL_IMAGE_FAVICON ||
|
|
|
|
|
aContentPolicyType == nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD) {
|
2020-03-04 11:59:08 +03:00
|
|
|
return CookieJarSettings::Create();
|
2019-03-08 12:04:11 +03:00
|
|
|
}
|
|
|
|
|
|
2020-03-04 11:59:21 +03:00
|
|
|
return CookieJarSettings::GetBlockingAll();
|
2019-03-08 12:04:11 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
} // namespace
|
|
|
|
|
|
2019-03-08 12:00:06 +03:00
|
|
|
NS_IMETHODIMP
|
2020-03-04 11:59:08 +03:00
|
|
|
LoadInfo::GetCookieJarSettings(nsICookieJarSettings** aCookieJarSettings) {
|
|
|
|
|
if (!mCookieJarSettings) {
|
|
|
|
|
mCookieJarSettings = CreateCookieJarSettings(mInternalContentPolicyType);
|
2019-03-08 12:00:06 +03:00
|
|
|
}
|
|
|
|
|
|
2020-03-04 11:59:08 +03:00
|
|
|
nsCOMPtr<nsICookieJarSettings> cookieJarSettings = mCookieJarSettings;
|
|
|
|
|
cookieJarSettings.forget(aCookieJarSettings);
|
2019-03-08 12:00:06 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2019-03-08 12:04:11 +03:00
|
|
|
NS_IMETHODIMP
|
2020-03-04 11:59:08 +03:00
|
|
|
LoadInfo::SetCookieJarSettings(nsICookieJarSettings* aCookieJarSettings) {
|
|
|
|
|
MOZ_ASSERT(aCookieJarSettings);
|
|
|
|
|
// We allow the overwrite of CookieJarSettings.
|
|
|
|
|
mCookieJarSettings = aCookieJarSettings;
|
2019-03-08 12:04:11 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-30 17:10:07 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetHasStoragePermission(bool* aHasStoragePermission) {
|
|
|
|
|
*aHasStoragePermission = mHasStoragePermission;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetHasStoragePermission(bool aHasStoragePermission) {
|
|
|
|
|
mHasStoragePermission = aHasStoragePermission;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-12-07 02:33:15 +03:00
|
|
|
void LoadInfo::SetIncludeCookiesSecFlag() {
|
|
|
|
|
MOZ_ASSERT((mSecurityFlags & sCookiePolicyMask) ==
|
|
|
|
|
nsILoadInfo::SEC_COOKIES_DEFAULT);
|
|
|
|
|
mSecurityFlags =
|
|
|
|
|
(mSecurityFlags & ~sCookiePolicyMask) | nsILoadInfo::SEC_COOKIES_INCLUDE;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-10 10:56:37 +04:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetForceInheritPrincipal(bool* aInheritPrincipal) {
|
2015-02-13 22:36:37 +03:00
|
|
|
*aInheritPrincipal =
|
|
|
|
|
(mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
|
2014-07-10 10:56:37 +04:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2016-10-05 22:19:51 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetForceInheritPrincipalOverruleOwner(bool* aInheritPrincipal) {
|
|
|
|
|
*aInheritPrincipal =
|
|
|
|
|
(mSecurityFlags &
|
|
|
|
|
nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-10 10:56:37 +04:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetLoadingSandboxed(bool* aLoadingSandboxed) {
|
2020-01-15 11:02:57 +03:00
|
|
|
*aLoadingSandboxed = (mSandboxFlags & SANDBOXED_ORIGIN);
|
2014-07-17 00:16:12 +04:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-20 05:11:57 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetAboutBlankInherits(bool* aResult) {
|
|
|
|
|
*aResult = (mSecurityFlags & nsILoadInfo::SEC_ABOUT_BLANK_INHERITS);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-15 04:59:35 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetAllowChrome(bool* aResult) {
|
|
|
|
|
*aResult = (mSecurityFlags & nsILoadInfo::SEC_ALLOW_CHROME);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
2016-05-24 00:57:31 +03:00
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetDisallowScript(bool* aResult) {
|
|
|
|
|
*aResult = (mSecurityFlags & nsILoadInfo::SEC_DISALLOW_SCRIPT);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-11-24 05:47:10 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetDontFollowRedirects(bool* aResult) {
|
|
|
|
|
*aResult = (mSecurityFlags & nsILoadInfo::SEC_DONT_FOLLOW_REDIRECTS);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-16 04:47:14 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetLoadErrorPage(bool* aResult) {
|
|
|
|
|
*aResult = (mSecurityFlags & nsILoadInfo::SEC_LOAD_ERROR_PAGE);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-22 16:41:47 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetIsFormSubmission(bool* aResult) {
|
|
|
|
|
*aResult = mIsFormSubmission;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetIsFormSubmission(bool aValue) {
|
|
|
|
|
mIsFormSubmission = aValue;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2018-08-01 07:35:24 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetSendCSPViolationEvents(bool* aResult) {
|
|
|
|
|
*aResult = mSendCSPViolationEvents;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetSendCSPViolationEvents(bool aValue) {
|
|
|
|
|
mSendCSPViolationEvents = aValue;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-17 00:16:12 +04:00
|
|
|
NS_IMETHODIMP
|
2015-10-19 21:14:54 +03:00
|
|
|
LoadInfo::GetExternalContentPolicyType(nsContentPolicyType* aResult) {
|
|
|
|
|
*aResult = nsContentUtils::InternalContentPolicyTypeToExternal(
|
|
|
|
|
mInternalContentPolicyType);
|
2014-07-10 10:56:37 +04:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-17 07:18:16 +03:00
|
|
|
nsContentPolicyType LoadInfo::InternalContentPolicyType() {
|
2015-10-19 21:14:54 +03:00
|
|
|
return mInternalContentPolicyType;
|
2015-06-17 07:18:16 +03:00
|
|
|
}
|
|
|
|
|
|
2019-10-01 00:33:28 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetBlockAllMixedContent(bool* aResult) {
|
|
|
|
|
*aResult = mBlockAllMixedContent;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-10 23:57:55 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetUpgradeInsecureRequests(bool* aResult) {
|
|
|
|
|
*aResult = mUpgradeInsecureRequests;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2018-02-05 18:37:27 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetBrowserUpgradeInsecureRequests(bool* aResult) {
|
|
|
|
|
*aResult = mBrowserUpgradeInsecureRequests;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-04 17:33:33 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetBrowserWouldUpgradeInsecureRequests(bool* aResult) {
|
|
|
|
|
*aResult = mBrowserWouldUpgradeInsecureRequests;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2016-07-18 09:35:13 +03:00
|
|
|
NS_IMETHODIMP
|
2017-11-08 22:01:41 +03:00
|
|
|
LoadInfo::SetForceAllowDataURI(bool aForceAllowDataURI) {
|
|
|
|
|
MOZ_ASSERT(!mForceAllowDataURI ||
|
|
|
|
|
mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
|
|
|
|
|
"can only allow data URI navigation for TYPE_DOCUMENT");
|
|
|
|
|
mForceAllowDataURI = aForceAllowDataURI;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetForceAllowDataURI(bool* aForceAllowDataURI) {
|
|
|
|
|
*aForceAllowDataURI = mForceAllowDataURI;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2018-02-18 21:52:52 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetAllowInsecureRedirectToDataURI(
|
|
|
|
|
bool aAllowInsecureRedirectToDataURI) {
|
|
|
|
|
mAllowInsecureRedirectToDataURI = aAllowInsecureRedirectToDataURI;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetAllowInsecureRedirectToDataURI(
|
|
|
|
|
bool* aAllowInsecureRedirectToDataURI) {
|
|
|
|
|
*aAllowInsecureRedirectToDataURI = mAllowInsecureRedirectToDataURI;
|
|
|
|
|
return NS_OK;
|
2017-11-08 22:01:41 +03:00
|
|
|
}
|
|
|
|
|
|
2019-06-13 12:57:13 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetBypassCORSChecks(bool aBypassCORSChecks) {
|
|
|
|
|
mBypassCORSChecks = aBypassCORSChecks;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetBypassCORSChecks(bool* aBypassCORSChecks) {
|
|
|
|
|
*aBypassCORSChecks = mBypassCORSChecks;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-29 12:14:35 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetSkipContentPolicyCheckForWebRequest(bool aSkip) {
|
|
|
|
|
mSkipContentPolicyCheckForWebRequest = aSkip;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetSkipContentPolicyCheckForWebRequest(bool* aSkip) {
|
|
|
|
|
*aSkip = mSkipContentPolicyCheckForWebRequest;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-05 07:06:20 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetOriginalFrameSrcLoad(bool aOriginalFrameSrcLoad) {
|
|
|
|
|
mOriginalFrameSrcLoad = aOriginalFrameSrcLoad;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetOriginalFrameSrcLoad(bool* aOriginalFrameSrcLoad) {
|
|
|
|
|
*aOriginalFrameSrcLoad = mOriginalFrameSrcLoad;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-08 22:01:41 +03:00
|
|
|
NS_IMETHODIMP
|
2016-07-18 09:35:13 +03:00
|
|
|
LoadInfo::GetForceInheritPrincipalDropped(bool* aResult) {
|
|
|
|
|
*aResult = mForceInheritPrincipalDropped;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-01-08 02:51:20 +03:00
|
|
|
NS_IMETHODIMP
|
2015-05-08 22:52:49 +03:00
|
|
|
LoadInfo::GetInnerWindowID(uint64_t* aResult) {
|
2015-02-13 22:36:37 +03:00
|
|
|
*aResult = mInnerWindowID;
|
2015-01-08 02:51:20 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2019-01-24 00:06:59 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetBrowsingContextID(uint64_t* aResult) {
|
|
|
|
|
*aResult = mBrowsingContextID;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2019-02-15 22:49:04 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetFrameBrowsingContextID(uint64_t* aResult) {
|
|
|
|
|
*aResult = mFrameBrowsingContextID;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2020-02-26 02:17:53 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetTargetBrowsingContextID(uint64_t* aResult) {
|
|
|
|
|
return (nsILoadInfo::GetExternalContentPolicyType() ==
|
|
|
|
|
nsIContentPolicy::TYPE_SUBDOCUMENT)
|
|
|
|
|
? GetFrameBrowsingContextID(aResult)
|
|
|
|
|
: GetBrowsingContextID(aResult);
|
|
|
|
|
}
|
|
|
|
|
|
2019-01-24 00:06:59 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetBrowsingContext(dom::BrowsingContext** aResult) {
|
|
|
|
|
*aResult = BrowsingContext::Get(mBrowsingContextID).take();
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2019-02-15 22:49:04 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetFrameBrowsingContext(dom::BrowsingContext** aResult) {
|
|
|
|
|
*aResult = BrowsingContext::Get(mFrameBrowsingContextID).take();
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2020-02-26 02:17:53 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetTargetBrowsingContext(dom::BrowsingContext** aResult) {
|
|
|
|
|
uint64_t targetBrowsingContextID = 0;
|
|
|
|
|
MOZ_ALWAYS_SUCCEEDS(GetTargetBrowsingContextID(&targetBrowsingContextID));
|
|
|
|
|
*aResult = BrowsingContext::Get(targetBrowsingContextID).take();
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-22 00:47:00 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetScriptableOriginAttributes(
|
|
|
|
|
JSContext* aCx, JS::MutableHandle<JS::Value> aOriginAttributes) {
|
|
|
|
|
if (NS_WARN_IF(!ToJSValue(aCx, mOriginAttributes, aOriginAttributes))) {
|
|
|
|
|
return NS_ERROR_FAILURE;
|
|
|
|
|
}
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2016-10-05 22:19:51 +03:00
|
|
|
NS_IMETHODIMP
|
2017-04-03 21:06:53 +03:00
|
|
|
LoadInfo::ResetPrincipalToInheritToNullPrincipal() {
|
2016-10-05 22:19:51 +03:00
|
|
|
// take the originAttributes from the LoadInfo and create
|
|
|
|
|
// a new NullPrincipal using those origin attributes.
|
2017-03-08 09:41:51 +03:00
|
|
|
nsCOMPtr<nsIPrincipal> newNullPrincipal =
|
2017-03-22 13:38:40 +03:00
|
|
|
NullPrincipal::Create(mOriginAttributes);
|
2016-10-05 22:19:51 +03:00
|
|
|
|
|
|
|
|
mPrincipalToInherit = newNullPrincipal;
|
|
|
|
|
|
|
|
|
|
// setting SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER will overrule
|
|
|
|
|
// any non null owner set on the channel and will return the principal
|
|
|
|
|
// form the loadinfo instead.
|
|
|
|
|
mSecurityFlags |= SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER;
|
|
|
|
|
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-22 00:47:00 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetScriptableOriginAttributes(
|
|
|
|
|
JSContext* aCx, JS::Handle<JS::Value> aOriginAttributes) {
|
2017-01-12 19:38:48 +03:00
|
|
|
OriginAttributes attrs;
|
2015-10-22 00:47:00 +03:00
|
|
|
if (!aOriginAttributes.isObject() || !attrs.Init(aCx, aOriginAttributes)) {
|
|
|
|
|
return NS_ERROR_INVALID_ARG;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
mOriginAttributes = attrs;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-01-12 19:38:48 +03:00
|
|
|
nsresult LoadInfo::GetOriginAttributes(
|
|
|
|
|
mozilla::OriginAttributes* aOriginAttributes) {
|
2015-10-22 00:47:00 +03:00
|
|
|
NS_ENSURE_ARG(aOriginAttributes);
|
|
|
|
|
*aOriginAttributes = mOriginAttributes;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-01-12 19:38:48 +03:00
|
|
|
nsresult LoadInfo::SetOriginAttributes(
|
|
|
|
|
const mozilla::OriginAttributes& aOriginAttributes) {
|
2015-10-22 00:47:00 +03:00
|
|
|
mOriginAttributes = aOriginAttributes;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-20 05:11:57 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetInitialSecurityCheckDone(bool aInitialSecurityCheckDone) {
|
|
|
|
|
// Indicates whether the channel was ever evaluated by the
|
|
|
|
|
// ContentSecurityManager. Once set to true, this flag must
|
|
|
|
|
// remain true throughout the lifetime of the channel.
|
|
|
|
|
// Setting it to anything else than true will be discarded.
|
|
|
|
|
MOZ_ASSERT(aInitialSecurityCheckDone,
|
|
|
|
|
"aInitialSecurityCheckDone must be true");
|
|
|
|
|
mInitialSecurityCheckDone =
|
|
|
|
|
mInitialSecurityCheckDone || aInitialSecurityCheckDone;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetInitialSecurityCheckDone(bool* aResult) {
|
|
|
|
|
*aResult = mInitialSecurityCheckDone;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-20 05:11:03 +03:00
|
|
|
NS_IMETHODIMP
|
2017-05-25 20:42:00 +03:00
|
|
|
LoadInfo::AppendRedirectHistoryEntry(nsIRedirectHistoryEntry* aEntry,
|
|
|
|
|
bool aIsInternalRedirect) {
|
|
|
|
|
NS_ENSURE_ARG(aEntry);
|
2015-11-01 01:22:01 +03:00
|
|
|
MOZ_ASSERT(NS_IsMainThread());
|
|
|
|
|
|
2017-05-25 20:42:00 +03:00
|
|
|
mRedirectChainIncludingInternalRedirects.AppendElement(aEntry);
|
2015-11-01 01:18:59 +03:00
|
|
|
if (!aIsInternalRedirect) {
|
2017-05-25 20:42:00 +03:00
|
|
|
mRedirectChain.AppendElement(aEntry);
|
2015-11-01 01:18:59 +03:00
|
|
|
}
|
2015-07-20 05:11:03 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-11-01 01:18:59 +03:00
|
|
|
NS_IMETHODIMP
|
2017-05-25 20:42:00 +03:00
|
|
|
LoadInfo::GetRedirects(JSContext* aCx, JS::MutableHandle<JS::Value> aRedirects,
|
|
|
|
|
const RedirectHistoryArray& aArray) {
|
2019-12-11 09:17:44 +03:00
|
|
|
JS::Rooted<JSObject*> redirects(aCx,
|
|
|
|
|
JS::NewArrayObject(aCx, aArray.Length()));
|
2017-05-25 20:42:00 +03:00
|
|
|
NS_ENSURE_TRUE(redirects, NS_ERROR_OUT_OF_MEMORY);
|
|
|
|
|
|
|
|
|
|
JS::Rooted<JSObject*> global(aCx, JS::CurrentGlobalOrNull(aCx));
|
|
|
|
|
NS_ENSURE_TRUE(global, NS_ERROR_UNEXPECTED);
|
|
|
|
|
|
2018-09-06 17:01:58 +03:00
|
|
|
nsCOMPtr<nsIXPConnect> xpc = nsIXPConnect::XPConnect();
|
2017-05-25 20:42:00 +03:00
|
|
|
|
|
|
|
|
for (size_t idx = 0; idx < aArray.Length(); idx++) {
|
|
|
|
|
JS::RootedObject jsobj(aCx);
|
|
|
|
|
nsresult rv =
|
|
|
|
|
xpc->WrapNative(aCx, global, aArray[idx],
|
|
|
|
|
NS_GET_IID(nsIRedirectHistoryEntry), jsobj.address());
|
|
|
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
|
NS_ENSURE_STATE(jsobj);
|
|
|
|
|
|
|
|
|
|
bool rc = JS_DefineElement(aCx, redirects, idx, jsobj, JSPROP_ENUMERATE);
|
|
|
|
|
NS_ENSURE_TRUE(rc, NS_ERROR_UNEXPECTED);
|
2015-11-01 01:18:59 +03:00
|
|
|
}
|
2017-05-25 20:42:00 +03:00
|
|
|
|
|
|
|
|
aRedirects.setObject(*redirects);
|
2015-11-01 01:18:59 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-25 20:42:00 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetRedirectChainIncludingInternalRedirects(
|
|
|
|
|
JSContext* aCx, JS::MutableHandle<JS::Value> aChain) {
|
|
|
|
|
return GetRedirects(aCx, aChain, mRedirectChainIncludingInternalRedirects);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const RedirectHistoryArray&
|
2015-11-01 01:18:59 +03:00
|
|
|
LoadInfo::RedirectChainIncludingInternalRedirects() {
|
|
|
|
|
return mRedirectChainIncludingInternalRedirects;
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-20 05:11:03 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetRedirectChain(JSContext* aCx,
|
|
|
|
|
JS::MutableHandle<JS::Value> aChain) {
|
2017-05-25 20:42:00 +03:00
|
|
|
return GetRedirects(aCx, aChain, mRedirectChain);
|
2015-07-20 05:11:03 +03:00
|
|
|
}
|
|
|
|
|
|
2017-05-25 20:42:00 +03:00
|
|
|
const RedirectHistoryArray& LoadInfo::RedirectChain() { return mRedirectChain; }
|
2015-07-20 05:11:03 +03:00
|
|
|
|
2017-10-10 19:54:00 +03:00
|
|
|
const nsTArray<nsCOMPtr<nsIPrincipal>>& LoadInfo::AncestorPrincipals() {
|
|
|
|
|
return mAncestorPrincipals;
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-08 00:14:42 +03:00
|
|
|
const nsTArray<uint64_t>& LoadInfo::AncestorBrowsingContextIDs() {
|
|
|
|
|
return mAncestorBrowsingContextIDs;
|
|
|
|
|
}
|
|
|
|
|
|
2015-12-07 02:33:14 +03:00
|
|
|
void LoadInfo::SetCorsPreflightInfo(const nsTArray<nsCString>& aHeaders,
|
|
|
|
|
bool aForcePreflight) {
|
2020-07-15 14:20:45 +03:00
|
|
|
MOZ_ASSERT(GetSecurityMode() ==
|
|
|
|
|
nsILoadInfo::SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT);
|
2015-12-07 02:33:14 +03:00
|
|
|
MOZ_ASSERT(!mInitialSecurityCheckDone);
|
2020-05-05 13:40:36 +03:00
|
|
|
mCorsUnsafeHeaders = aHeaders.Clone();
|
2015-12-07 02:33:14 +03:00
|
|
|
mForcePreflight = aForcePreflight;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const nsTArray<nsCString>& LoadInfo::CorsUnsafeHeaders() {
|
|
|
|
|
return mCorsUnsafeHeaders;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetForcePreflight(bool* aForcePreflight) {
|
|
|
|
|
*aForcePreflight = mForcePreflight;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void LoadInfo::SetIsPreflight() {
|
2020-07-15 14:20:45 +03:00
|
|
|
MOZ_ASSERT(GetSecurityMode() ==
|
|
|
|
|
nsILoadInfo::SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT);
|
2015-12-07 02:33:14 +03:00
|
|
|
MOZ_ASSERT(!mInitialSecurityCheckDone);
|
|
|
|
|
mIsPreflight = true;
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-25 11:14:10 +03:00
|
|
|
void LoadInfo::SetUpgradeInsecureRequests(bool aValue) {
|
|
|
|
|
mUpgradeInsecureRequests = aValue;
|
|
|
|
|
}
|
2017-01-23 17:29:44 +03:00
|
|
|
|
2018-02-05 18:37:27 +03:00
|
|
|
void LoadInfo::SetBrowserUpgradeInsecureRequests() {
|
|
|
|
|
mBrowserUpgradeInsecureRequests = true;
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-04 17:33:33 +03:00
|
|
|
void LoadInfo::SetBrowserWouldUpgradeInsecureRequests() {
|
|
|
|
|
mBrowserWouldUpgradeInsecureRequests = true;
|
|
|
|
|
}
|
|
|
|
|
|
2015-12-07 02:33:14 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetIsPreflight(bool* aIsPreflight) {
|
|
|
|
|
*aIsPreflight = mIsPreflight;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-03 15:23:11 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetLoadTriggeredFromExternal(bool aLoadTriggeredFromExternal) {
|
|
|
|
|
MOZ_ASSERT(!aLoadTriggeredFromExternal ||
|
|
|
|
|
mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
|
|
|
|
|
"can only set load triggered from external for TYPE_DOCUMENT");
|
|
|
|
|
mLoadTriggeredFromExternal = aLoadTriggeredFromExternal;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetLoadTriggeredFromExternal(bool* aLoadTriggeredFromExternal) {
|
|
|
|
|
*aLoadTriggeredFromExternal = mLoadTriggeredFromExternal;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-03 10:37:35 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetServiceWorkerTaintingSynthesized(
|
|
|
|
|
bool* aServiceWorkerTaintingSynthesized) {
|
|
|
|
|
MOZ_ASSERT(aServiceWorkerTaintingSynthesized);
|
|
|
|
|
*aServiceWorkerTaintingSynthesized = mServiceWorkerTaintingSynthesized;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-22 21:07:32 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetTainting(uint32_t* aTaintingOut) {
|
|
|
|
|
MOZ_ASSERT(aTaintingOut);
|
|
|
|
|
*aTaintingOut = static_cast<uint32_t>(mTainting);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::MaybeIncreaseTainting(uint32_t aTainting) {
|
|
|
|
|
NS_ENSURE_ARG(aTainting <= TAINTING_OPAQUE);
|
2017-11-03 10:37:35 +03:00
|
|
|
|
|
|
|
|
// Skip if the tainting has been set by the service worker.
|
|
|
|
|
if (mServiceWorkerTaintingSynthesized) {
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-22 21:07:32 +03:00
|
|
|
LoadTainting tainting = static_cast<LoadTainting>(aTainting);
|
|
|
|
|
if (tainting > mTainting) {
|
|
|
|
|
mTainting = tainting;
|
|
|
|
|
}
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-07 18:34:51 +03:00
|
|
|
void LoadInfo::SynthesizeServiceWorkerTainting(LoadTainting aTainting) {
|
|
|
|
|
MOZ_DIAGNOSTIC_ASSERT(aTainting <= LoadTainting::Opaque);
|
|
|
|
|
mTainting = aTainting;
|
2017-11-03 10:37:35 +03:00
|
|
|
|
|
|
|
|
// Flag to prevent the tainting from being increased.
|
|
|
|
|
mServiceWorkerTaintingSynthesized = true;
|
2017-06-07 18:34:51 +03:00
|
|
|
}
|
|
|
|
|
|
2018-08-31 14:21:17 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetDocumentHasUserInteracted(bool* aDocumentHasUserInteracted) {
|
|
|
|
|
MOZ_ASSERT(aDocumentHasUserInteracted);
|
|
|
|
|
*aDocumentHasUserInteracted = mDocumentHasUserInteracted;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetDocumentHasUserInteracted(bool aDocumentHasUserInteracted) {
|
|
|
|
|
mDocumentHasUserInteracted = aDocumentHasUserInteracted;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-28 22:12:10 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetDocumentHasLoaded(bool* aDocumentHasLoaded) {
|
|
|
|
|
MOZ_ASSERT(aDocumentHasLoaded);
|
|
|
|
|
*aDocumentHasLoaded = mDocumentHasLoaded;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetDocumentHasLoaded(bool aDocumentHasLoaded) {
|
|
|
|
|
mDocumentHasLoaded = aDocumentHasLoaded;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2020-01-21 21:18:32 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetAllowListFutureDocumentsCreatedFromThisRedirectChain(
|
|
|
|
|
bool* aValue) {
|
|
|
|
|
MOZ_ASSERT(aValue);
|
|
|
|
|
*aValue = mAllowListFutureDocumentsCreatedFromThisRedirectChain;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetAllowListFutureDocumentsCreatedFromThisRedirectChain(bool aValue) {
|
|
|
|
|
mAllowListFutureDocumentsCreatedFromThisRedirectChain = aValue;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2019-02-13 22:45:29 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetCspNonce(nsAString& aCspNonce) {
|
|
|
|
|
aCspNonce = mCspNonce;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetCspNonce(const nsAString& aCspNonce) {
|
|
|
|
|
MOZ_ASSERT(!mInitialSecurityCheckDone,
|
|
|
|
|
"setting the nonce is only allowed before any sec checks");
|
|
|
|
|
mCspNonce = aCspNonce;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-31 19:59:53 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetSkipContentSniffing(bool* aSkipContentSniffing) {
|
|
|
|
|
*aSkipContentSniffing = mSkipContentSniffing;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetSkipContentSniffing(bool aSkipContentSniffing) {
|
|
|
|
|
mSkipContentSniffing = aSkipContentSniffing;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-17 22:24:31 +03:00
|
|
|
NS_IMETHODIMP
|
2020-03-27 20:09:15 +03:00
|
|
|
LoadInfo::GetHttpsOnlyStatus(uint32_t* aHttpsOnlyStatus) {
|
|
|
|
|
*aHttpsOnlyStatus = mHttpsOnlyStatus;
|
2020-03-17 22:24:31 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
2020-03-27 20:09:15 +03:00
|
|
|
LoadInfo::SetHttpsOnlyStatus(uint32_t aHttpsOnlyStatus) {
|
|
|
|
|
mHttpsOnlyStatus = aHttpsOnlyStatus;
|
2020-03-17 22:24:31 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2020-04-16 11:04:26 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetHasValidUserGestureActivation(
|
|
|
|
|
bool* aHasValidUserGestureActivation) {
|
|
|
|
|
*aHasValidUserGestureActivation = mHasValidUserGestureActivation;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetHasValidUserGestureActivation(
|
|
|
|
|
bool aHasValidUserGestureActivation) {
|
|
|
|
|
mHasValidUserGestureActivation = aHasValidUserGestureActivation;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2020-04-07 14:55:20 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetAllowDeprecatedSystemRequests(
|
|
|
|
|
bool* aAllowDeprecatedSystemRequests) {
|
|
|
|
|
*aAllowDeprecatedSystemRequests = mAllowDeprecatedSystemRequests;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetAllowDeprecatedSystemRequests(
|
|
|
|
|
bool aAllowDeprecatedSystemRequests) {
|
|
|
|
|
mAllowDeprecatedSystemRequests = aAllowDeprecatedSystemRequests;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2020-06-29 12:34:54 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetIsInDevToolsContext(bool* aIsInDevToolsContext) {
|
|
|
|
|
*aIsInDevToolsContext = mIsInDevToolsContext;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetIsInDevToolsContext(bool aIsInDevToolsContext) {
|
|
|
|
|
mIsInDevToolsContext = aIsInDevToolsContext;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2020-04-10 13:56:57 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetParserCreatedScript(bool* aParserCreatedScript) {
|
|
|
|
|
*aParserCreatedScript = mParserCreatedScript;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetParserCreatedScript(bool aParserCreatedScript) {
|
|
|
|
|
mParserCreatedScript = aParserCreatedScript;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-22 04:46:09 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetIsTopLevelLoad(bool* aResult) {
|
2020-07-17 20:13:26 +03:00
|
|
|
RefPtr<dom::BrowsingContext> bc;
|
|
|
|
|
GetTargetBrowsingContext(getter_AddRefs(bc));
|
|
|
|
|
*aResult = !bc || bc->IsTop();
|
2016-08-22 04:46:09 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2018-11-21 19:28:20 +03:00
|
|
|
void LoadInfo::SetIsFromProcessingFrameAttributes() {
|
|
|
|
|
mIsFromProcessingFrameAttributes = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetIsFromProcessingFrameAttributes(
|
|
|
|
|
bool* aIsFromProcessingFrameAttributes) {
|
|
|
|
|
MOZ_ASSERT(aIsFromProcessingFrameAttributes);
|
|
|
|
|
*aIsFromProcessingFrameAttributes = mIsFromProcessingFrameAttributes;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-30 19:07:59 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetResultPrincipalURI(nsIURI** aURI) {
|
|
|
|
|
NS_IF_ADDREF(*aURI = mResultPrincipalURI);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetResultPrincipalURI(nsIURI* aURI) {
|
|
|
|
|
mResultPrincipalURI = aURI;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2019-04-26 13:59:41 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetRequestBlockingReason(uint32_t aReason) {
|
|
|
|
|
mRequestBlockingReason = aReason;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetRequestBlockingReason(uint32_t* aReason) {
|
|
|
|
|
*aReason = mRequestBlockingReason;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-16 21:15:09 +03:00
|
|
|
void LoadInfo::SetClientInfo(const ClientInfo& aClientInfo) {
|
|
|
|
|
mClientInfo.emplace(aClientInfo);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const Maybe<ClientInfo>& LoadInfo::GetClientInfo() { return mClientInfo; }
|
|
|
|
|
|
|
|
|
|
void LoadInfo::GiveReservedClientSource(
|
|
|
|
|
UniquePtr<ClientSource>&& aClientSource) {
|
|
|
|
|
MOZ_DIAGNOSTIC_ASSERT(aClientSource);
|
2018-05-30 22:15:35 +03:00
|
|
|
mReservedClientSource = std::move(aClientSource);
|
2017-11-16 21:15:09 +03:00
|
|
|
SetReservedClientInfo(mReservedClientSource->Info());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
UniquePtr<ClientSource> LoadInfo::TakeReservedClientSource() {
|
|
|
|
|
if (mReservedClientSource) {
|
|
|
|
|
// If the reserved ClientInfo was set due to a ClientSource being present,
|
|
|
|
|
// then clear that info object when the ClientSource is taken.
|
|
|
|
|
mReservedClientInfo.reset();
|
|
|
|
|
}
|
2018-05-30 22:15:35 +03:00
|
|
|
return std::move(mReservedClientSource);
|
2017-11-16 21:15:09 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void LoadInfo::SetReservedClientInfo(const ClientInfo& aClientInfo) {
|
|
|
|
|
MOZ_DIAGNOSTIC_ASSERT(mInitialClientInfo.isNothing());
|
2018-06-04 19:26:51 +03:00
|
|
|
// Treat assignments of the same value as a no-op. The emplace below
|
|
|
|
|
// will normally assert when overwriting an existing value.
|
|
|
|
|
if (mReservedClientInfo.isSome() &&
|
|
|
|
|
mReservedClientInfo.ref() == aClientInfo) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2017-11-16 21:15:09 +03:00
|
|
|
mReservedClientInfo.emplace(aClientInfo);
|
|
|
|
|
}
|
|
|
|
|
|
2018-06-22 18:09:00 +03:00
|
|
|
void LoadInfo::OverrideReservedClientInfoInParent(
|
|
|
|
|
const ClientInfo& aClientInfo) {
|
|
|
|
|
// This should only be called to handle redirects in the parent process.
|
|
|
|
|
MOZ_ASSERT(XRE_GetProcessType() == GeckoProcessType_Default);
|
|
|
|
|
|
|
|
|
|
mInitialClientInfo.reset();
|
|
|
|
|
mReservedClientInfo.reset();
|
|
|
|
|
mReservedClientInfo.emplace(aClientInfo);
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-16 21:15:09 +03:00
|
|
|
const Maybe<ClientInfo>& LoadInfo::GetReservedClientInfo() {
|
|
|
|
|
return mReservedClientInfo;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void LoadInfo::SetInitialClientInfo(const ClientInfo& aClientInfo) {
|
|
|
|
|
MOZ_DIAGNOSTIC_ASSERT(!mReservedClientSource);
|
|
|
|
|
MOZ_DIAGNOSTIC_ASSERT(mReservedClientInfo.isNothing());
|
2018-06-04 19:26:51 +03:00
|
|
|
// Treat assignments of the same value as a no-op. The emplace below
|
|
|
|
|
// will normally assert when overwriting an existing value.
|
|
|
|
|
if (mInitialClientInfo.isSome() && mInitialClientInfo.ref() == aClientInfo) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2017-11-16 21:15:09 +03:00
|
|
|
mInitialClientInfo.emplace(aClientInfo);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const Maybe<ClientInfo>& LoadInfo::GetInitialClientInfo() {
|
|
|
|
|
return mInitialClientInfo;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void LoadInfo::SetController(const ServiceWorkerDescriptor& aServiceWorker) {
|
|
|
|
|
mController.emplace(aServiceWorker);
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-06 04:45:23 +03:00
|
|
|
void LoadInfo::ClearController() { mController.reset(); }
|
|
|
|
|
|
2017-11-16 21:15:09 +03:00
|
|
|
const Maybe<ServiceWorkerDescriptor>& LoadInfo::GetController() {
|
|
|
|
|
return mController;
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-24 19:17:31 +03:00
|
|
|
void LoadInfo::SetPerformanceStorage(PerformanceStorage* aPerformanceStorage) {
|
|
|
|
|
mPerformanceStorage = aPerformanceStorage;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
PerformanceStorage* LoadInfo::GetPerformanceStorage() {
|
2019-08-08 03:50:24 +03:00
|
|
|
if (mPerformanceStorage) {
|
|
|
|
|
return mPerformanceStorage;
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-21 04:01:05 +03:00
|
|
|
auto* innerWindow = nsGlobalWindowInner::GetInnerWindowWithId(mInnerWindowID);
|
|
|
|
|
if (!innerWindow) {
|
2019-08-08 03:50:24 +03:00
|
|
|
return nullptr;
|
|
|
|
|
}
|
|
|
|
|
|
2020-07-21 04:01:05 +03:00
|
|
|
if (!TriggeringPrincipal()->Equals(innerWindow->GetPrincipal())) {
|
2019-08-08 03:50:24 +03:00
|
|
|
return nullptr;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (nsILoadInfo::GetExternalContentPolicyType() ==
|
|
|
|
|
nsIContentPolicy::TYPE_SUBDOCUMENT &&
|
|
|
|
|
!GetIsFromProcessingFrameAttributes()) {
|
|
|
|
|
// We only report loads caused by processing the attributes of the
|
|
|
|
|
// browsing context container.
|
|
|
|
|
return nullptr;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
mozilla::dom::Performance* performance = innerWindow->GetPerformance();
|
|
|
|
|
if (!performance) {
|
|
|
|
|
return nullptr;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return performance->AsPerformanceStorage();
|
2018-01-24 19:17:31 +03:00
|
|
|
}
|
|
|
|
|
|
2018-10-23 09:17:13 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetCspEventListener(nsICSPEventListener** aCSPEventListener) {
|
|
|
|
|
NS_IF_ADDREF(*aCSPEventListener = mCSPEventListener);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetCspEventListener(nsICSPEventListener* aCSPEventListener) {
|
|
|
|
|
mCSPEventListener = aCSPEventListener;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2020-03-25 16:04:35 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetInternalContentPolicyType(nsContentPolicyType* aResult) {
|
|
|
|
|
*aResult = mInternalContentPolicyType;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-19 15:50:39 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetLoadingEmbedderPolicy(
|
|
|
|
|
nsILoadInfo::CrossOriginEmbedderPolicy* aOutPolicy) {
|
|
|
|
|
*aOutPolicy = mLoadingEmbedderPolicy;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetLoadingEmbedderPolicy(
|
|
|
|
|
nsILoadInfo::CrossOriginEmbedderPolicy aPolicy) {
|
|
|
|
|
mLoadingEmbedderPolicy = aPolicy;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2019-05-22 02:14:27 +03:00
|
|
|
already_AddRefed<nsIContentSecurityPolicy> LoadInfo::GetCsp() {
|
|
|
|
|
// Before querying the CSP from the client we have to check if the
|
|
|
|
|
// triggeringPrincipal originates from an addon and potentially
|
|
|
|
|
// overrides the CSP stored within the client.
|
|
|
|
|
if (mLoadingPrincipal && BasePrincipal::Cast(mTriggeringPrincipal)
|
|
|
|
|
->OverridesCSP(mLoadingPrincipal)) {
|
|
|
|
|
nsCOMPtr<nsIExpandedPrincipal> ep = do_QueryInterface(mTriggeringPrincipal);
|
|
|
|
|
nsCOMPtr<nsIContentSecurityPolicy> addonCSP;
|
|
|
|
|
if (ep) {
|
|
|
|
|
addonCSP = ep->GetCsp();
|
|
|
|
|
}
|
|
|
|
|
return addonCSP.forget();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (mClientInfo.isNothing()) {
|
|
|
|
|
return nullptr;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsCOMPtr<nsINode> node = do_QueryReferent(mLoadingContext);
|
|
|
|
|
RefPtr<Document> doc = node ? node->OwnerDoc() : nullptr;
|
|
|
|
|
|
|
|
|
|
// If the client is of type window, then we return the cached CSP
|
|
|
|
|
// stored on the document instead of having to deserialize the CSP
|
|
|
|
|
// from the ClientInfo.
|
|
|
|
|
if (doc && mClientInfo->Type() == ClientType::Window) {
|
|
|
|
|
nsCOMPtr<nsIContentSecurityPolicy> docCSP = doc->GetCsp();
|
|
|
|
|
return docCSP.forget();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Maybe<mozilla::ipc::CSPInfo> cspInfo = mClientInfo->GetCspInfo();
|
|
|
|
|
if (cspInfo.isNothing()) {
|
|
|
|
|
return nullptr;
|
|
|
|
|
}
|
|
|
|
|
nsCOMPtr<nsIContentSecurityPolicy> clientCSP =
|
|
|
|
|
CSPInfoToCSP(cspInfo.ref(), doc);
|
|
|
|
|
return clientCSP.forget();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
already_AddRefed<nsIContentSecurityPolicy> LoadInfo::GetPreloadCsp() {
|
|
|
|
|
if (mClientInfo.isNothing()) {
|
|
|
|
|
return nullptr;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsCOMPtr<nsINode> node = do_QueryReferent(mLoadingContext);
|
|
|
|
|
RefPtr<Document> doc = node ? node->OwnerDoc() : nullptr;
|
|
|
|
|
|
|
|
|
|
// If the client is of type window, then we return the cached CSP
|
|
|
|
|
// stored on the document instead of having to deserialize the CSP
|
|
|
|
|
// from the ClientInfo.
|
|
|
|
|
if (doc && mClientInfo->Type() == ClientType::Window) {
|
|
|
|
|
nsCOMPtr<nsIContentSecurityPolicy> preloadCsp = doc->GetPreloadCsp();
|
|
|
|
|
return preloadCsp.forget();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Maybe<mozilla::ipc::CSPInfo> cspInfo = mClientInfo->GetPreloadCspInfo();
|
|
|
|
|
if (cspInfo.isNothing()) {
|
|
|
|
|
return nullptr;
|
|
|
|
|
}
|
|
|
|
|
nsCOMPtr<nsIContentSecurityPolicy> preloadCSP =
|
|
|
|
|
CSPInfoToCSP(cspInfo.ref(), doc);
|
|
|
|
|
return preloadCSP.forget();
|
|
|
|
|
}
|
|
|
|
|
|
2019-06-06 23:19:56 +03:00
|
|
|
already_AddRefed<nsIContentSecurityPolicy> LoadInfo::GetCspToInherit() {
|
|
|
|
|
nsCOMPtr<nsIContentSecurityPolicy> cspToInherit = mCspToInherit;
|
|
|
|
|
return cspToInherit.forget();
|
|
|
|
|
}
|
|
|
|
|
|
2016-05-19 05:02:57 +03:00
|
|
|
} // namespace net
|
2014-07-10 10:56:37 +04:00
|
|
|
} // namespace mozilla
|
