2014-10-02 21:59:20 +04:00
|
|
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
|
|
|
|
#include "mozilla/dom/InternalHeaders.h"
|
|
|
|
|
2016-06-07 12:46:03 +03:00
|
|
|
#include "mozilla/dom/FetchTypes.h"
|
2014-10-02 21:59:20 +04:00
|
|
|
#include "mozilla/ErrorResult.h"
|
|
|
|
|
|
|
|
#include "nsCharSeparatedTokenizer.h"
|
|
|
|
#include "nsContentUtils.h"
|
2017-02-14 18:06:39 +03:00
|
|
|
#include "nsIHttpHeaderVisitor.h"
|
2014-10-02 21:59:20 +04:00
|
|
|
#include "nsNetUtil.h"
|
|
|
|
#include "nsReadableUtils.h"
|
|
|
|
|
|
|
|
namespace mozilla {
|
|
|
|
namespace dom {
|
|
|
|
|
2015-04-16 22:00:15 +03:00
|
|
|
InternalHeaders::InternalHeaders(const nsTArray<Entry>&& aHeaders,
|
2015-03-02 16:08:00 +03:00
|
|
|
HeadersGuardEnum aGuard)
|
2017-09-17 12:18:20 +03:00
|
|
|
: mGuard(aGuard), mList(aHeaders), mListDirty(true) {}
|
2015-03-02 16:08:00 +03:00
|
|
|
|
2016-06-07 12:46:03 +03:00
|
|
|
InternalHeaders::InternalHeaders(
|
|
|
|
const nsTArray<HeadersEntry>& aHeadersEntryList, HeadersGuardEnum aGuard)
|
2017-09-17 12:18:20 +03:00
|
|
|
: mGuard(aGuard), mListDirty(true) {
|
2016-06-07 12:46:03 +03:00
|
|
|
for (const HeadersEntry& headersEntry : aHeadersEntryList) {
|
|
|
|
mList.AppendElement(Entry(headersEntry.name(), headersEntry.value()));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void InternalHeaders::ToIPC(nsTArray<HeadersEntry>& aIPCHeaders,
|
|
|
|
HeadersGuardEnum& aGuard) {
|
|
|
|
aGuard = mGuard;
|
|
|
|
|
|
|
|
aIPCHeaders.Clear();
|
|
|
|
for (Entry& entry : mList) {
|
|
|
|
aIPCHeaders.AppendElement(HeadersEntry(entry.mName, entry.mValue));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-04-16 09:34:05 +03:00
|
|
|
bool InternalHeaders::IsValidHeaderValue(const nsCString& aLowerName,
|
|
|
|
const nsCString& aNormalizedValue,
|
|
|
|
ErrorResult& aRv) {
|
|
|
|
// Steps 2 to 6 for ::Set() and ::Append() in the spec.
|
|
|
|
|
|
|
|
// Step 2
|
|
|
|
if (IsInvalidName(aLowerName, aRv) || IsInvalidValue(aNormalizedValue, aRv)) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Step 3
|
|
|
|
if (IsImmutable(aRv)) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Step 4
|
|
|
|
if (mGuard == HeadersGuardEnum::Request &&
|
|
|
|
IsForbiddenRequestHeader(aLowerName)) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Step 5
|
|
|
|
if (mGuard == HeadersGuardEnum::Request_no_cors) {
|
|
|
|
nsAutoCString tempValue;
|
|
|
|
Get(aLowerName, tempValue, aRv);
|
|
|
|
|
|
|
|
if (tempValue.IsVoid()) {
|
|
|
|
tempValue = aNormalizedValue;
|
|
|
|
} else {
|
|
|
|
tempValue.Append(", ");
|
|
|
|
tempValue.Append(aNormalizedValue);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!nsContentUtils::IsCORSSafelistedRequestHeader(aLowerName, tempValue)) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Step 6
|
|
|
|
else if (IsForbiddenResponseHeader(aLowerName)) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2014-10-02 21:59:20 +04:00
|
|
|
void InternalHeaders::Append(const nsACString& aName, const nsACString& aValue,
|
|
|
|
ErrorResult& aRv) {
|
2019-04-16 09:34:05 +03:00
|
|
|
// Step 1
|
2017-04-10 11:15:29 +03:00
|
|
|
nsAutoCString trimValue;
|
|
|
|
NS_TrimHTTPWhitespace(aValue, trimValue);
|
2014-10-02 21:59:20 +04:00
|
|
|
|
2019-04-16 09:34:05 +03:00
|
|
|
// Steps 2 to 6
|
|
|
|
nsAutoCString lowerName;
|
|
|
|
ToLowerCase(aName, lowerName);
|
|
|
|
if (!IsValidHeaderValue(lowerName, trimValue, aRv)) {
|
2014-10-02 21:59:20 +04:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2019-04-16 09:34:05 +03:00
|
|
|
// Step 7
|
2018-12-19 17:48:30 +03:00
|
|
|
nsAutoCString name(aName);
|
|
|
|
ReuseExistingNameIfExists(name);
|
2017-09-17 12:18:20 +03:00
|
|
|
SetListDirty();
|
2018-12-19 17:48:30 +03:00
|
|
|
mList.AppendElement(Entry(name, trimValue));
|
2019-04-16 09:34:05 +03:00
|
|
|
|
|
|
|
// Step 8
|
|
|
|
if (mGuard == HeadersGuardEnum::Request_no_cors) {
|
|
|
|
RemovePrivilegedNoCorsRequestHeaders();
|
|
|
|
}
|
2014-10-02 21:59:20 +04:00
|
|
|
}
|
|
|
|
|
2019-04-16 09:34:05 +03:00
|
|
|
void InternalHeaders::RemovePrivilegedNoCorsRequestHeaders() {
|
|
|
|
bool dirty = false;
|
2014-10-02 21:59:20 +04:00
|
|
|
|
2019-04-16 09:34:05 +03:00
|
|
|
// remove in reverse order to minimize copying
|
|
|
|
for (int32_t i = mList.Length() - 1; i >= 0; --i) {
|
|
|
|
if (IsPrivilegedNoCorsRequestHeaderName(mList[i].mName)) {
|
|
|
|
mList.RemoveElementAt(i);
|
|
|
|
dirty = true;
|
|
|
|
}
|
2014-10-02 21:59:20 +04:00
|
|
|
}
|
|
|
|
|
2019-04-16 09:34:05 +03:00
|
|
|
if (dirty) {
|
|
|
|
SetListDirty();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
bool InternalHeaders::DeleteInternal(const nsCString& aLowerName,
|
|
|
|
ErrorResult& aRv) {
|
|
|
|
bool dirty = false;
|
2017-09-17 12:18:20 +03:00
|
|
|
|
2014-10-02 21:59:20 +04:00
|
|
|
// remove in reverse order to minimize copying
|
|
|
|
for (int32_t i = mList.Length() - 1; i >= 0; --i) {
|
2019-04-16 09:34:05 +03:00
|
|
|
if (mList[i].mName.EqualsIgnoreCase(aLowerName.get())) {
|
2014-10-02 21:59:20 +04:00
|
|
|
mList.RemoveElementAt(i);
|
2019-04-16 09:34:05 +03:00
|
|
|
dirty = true;
|
2014-10-02 21:59:20 +04:00
|
|
|
}
|
|
|
|
}
|
2019-04-16 09:34:05 +03:00
|
|
|
|
|
|
|
if (dirty) {
|
|
|
|
SetListDirty();
|
|
|
|
}
|
|
|
|
|
|
|
|
return dirty;
|
|
|
|
}
|
|
|
|
|
|
|
|
void InternalHeaders::Delete(const nsACString& aName, ErrorResult& aRv) {
|
|
|
|
nsAutoCString lowerName;
|
|
|
|
ToLowerCase(aName, lowerName);
|
|
|
|
|
|
|
|
// Step 1
|
|
|
|
if (IsInvalidName(lowerName, aRv)) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Step 2
|
|
|
|
if (IsImmutable(aRv)) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Step 3
|
|
|
|
if (IsForbiddenRequestHeader(lowerName)) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Step 4
|
|
|
|
if (mGuard == HeadersGuardEnum::Request_no_cors &&
|
|
|
|
!IsNoCorsSafelistedRequestHeaderName(lowerName) &&
|
|
|
|
!IsPrivilegedNoCorsRequestHeaderName(lowerName)) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Step 5
|
|
|
|
if (IsForbiddenResponseHeader(lowerName)) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Steps 6 and 7
|
|
|
|
if (!DeleteInternal(lowerName, aRv)) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Step 8
|
|
|
|
if (mGuard == HeadersGuardEnum::Request_no_cors) {
|
|
|
|
RemovePrivilegedNoCorsRequestHeaders();
|
|
|
|
}
|
2014-10-02 21:59:20 +04:00
|
|
|
}
|
|
|
|
|
2016-10-10 20:20:14 +03:00
|
|
|
void InternalHeaders::Get(const nsACString& aName, nsACString& aValue,
|
|
|
|
ErrorResult& aRv) const {
|
2014-10-02 21:59:20 +04:00
|
|
|
nsAutoCString lowerName;
|
|
|
|
ToLowerCase(aName, lowerName);
|
|
|
|
|
|
|
|
if (IsInvalidName(lowerName, aRv)) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2019-04-16 09:34:05 +03:00
|
|
|
GetInternal(lowerName, aValue, aRv);
|
|
|
|
}
|
|
|
|
|
|
|
|
void InternalHeaders::GetInternal(const nsCString& aLowerName,
|
|
|
|
nsACString& aValue, ErrorResult& aRv) const {
|
2017-04-07 10:33:38 +03:00
|
|
|
const char* delimiter = ", ";
|
2016-10-10 20:20:14 +03:00
|
|
|
bool firstValueFound = false;
|
|
|
|
|
2014-10-02 21:59:20 +04:00
|
|
|
for (uint32_t i = 0; i < mList.Length(); ++i) {
|
2019-04-16 09:34:05 +03:00
|
|
|
if (mList[i].mName.EqualsIgnoreCase(aLowerName.get())) {
|
2016-10-10 20:20:14 +03:00
|
|
|
if (firstValueFound) {
|
|
|
|
aValue += delimiter;
|
|
|
|
}
|
|
|
|
aValue += mList[i].mValue;
|
|
|
|
firstValueFound = true;
|
2014-10-02 21:59:20 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// No value found, so return null to content
|
2016-10-10 20:20:14 +03:00
|
|
|
if (!firstValueFound) {
|
|
|
|
aValue.SetIsVoid(true);
|
|
|
|
}
|
2014-10-02 21:59:20 +04:00
|
|
|
}
|
|
|
|
|
2016-10-10 20:20:14 +03:00
|
|
|
void InternalHeaders::GetFirst(const nsACString& aName, nsACString& aValue,
|
|
|
|
ErrorResult& aRv) const {
|
2014-10-02 21:59:20 +04:00
|
|
|
nsAutoCString lowerName;
|
|
|
|
ToLowerCase(aName, lowerName);
|
|
|
|
|
|
|
|
if (IsInvalidName(lowerName, aRv)) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
for (uint32_t i = 0; i < mList.Length(); ++i) {
|
2018-12-19 17:48:30 +03:00
|
|
|
if (mList[i].mName.EqualsIgnoreCase(lowerName.get())) {
|
2016-10-10 20:20:14 +03:00
|
|
|
aValue = mList[i].mValue;
|
|
|
|
return;
|
2014-10-02 21:59:20 +04:00
|
|
|
}
|
|
|
|
}
|
2016-10-10 20:20:14 +03:00
|
|
|
|
|
|
|
// No value found, so return null to content
|
|
|
|
aValue.SetIsVoid(true);
|
2014-10-02 21:59:20 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
bool InternalHeaders::Has(const nsACString& aName, ErrorResult& aRv) const {
|
|
|
|
nsAutoCString lowerName;
|
|
|
|
ToLowerCase(aName, lowerName);
|
|
|
|
|
|
|
|
if (IsInvalidName(lowerName, aRv)) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
for (uint32_t i = 0; i < mList.Length(); ++i) {
|
2018-12-19 17:48:30 +03:00
|
|
|
if (mList[i].mName.EqualsIgnoreCase(lowerName.get())) {
|
2014-10-02 21:59:20 +04:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
void InternalHeaders::Set(const nsACString& aName, const nsACString& aValue,
|
|
|
|
ErrorResult& aRv) {
|
2019-04-16 09:34:05 +03:00
|
|
|
// Step 1
|
2017-04-10 11:15:29 +03:00
|
|
|
nsAutoCString trimValue;
|
|
|
|
NS_TrimHTTPWhitespace(aValue, trimValue);
|
2014-10-02 21:59:20 +04:00
|
|
|
|
2019-04-16 09:34:05 +03:00
|
|
|
// Steps 2 to 6
|
|
|
|
nsAutoCString lowerName;
|
|
|
|
ToLowerCase(aName, lowerName);
|
|
|
|
if (!IsValidHeaderValue(lowerName, trimValue, aRv)) {
|
2014-10-02 21:59:20 +04:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2019-04-16 09:34:05 +03:00
|
|
|
// Step 7
|
2017-09-17 12:18:20 +03:00
|
|
|
SetListDirty();
|
|
|
|
|
2014-10-02 21:59:20 +04:00
|
|
|
int32_t firstIndex = INT32_MAX;
|
|
|
|
|
|
|
|
// remove in reverse order to minimize copying
|
|
|
|
for (int32_t i = mList.Length() - 1; i >= 0; --i) {
|
2018-12-19 17:48:30 +03:00
|
|
|
if (mList[i].mName.EqualsIgnoreCase(lowerName.get())) {
|
2014-10-02 21:59:20 +04:00
|
|
|
firstIndex = std::min(firstIndex, i);
|
|
|
|
mList.RemoveElementAt(i);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (firstIndex < INT32_MAX) {
|
|
|
|
Entry* entry = mList.InsertElementAt(firstIndex);
|
2018-12-19 17:48:30 +03:00
|
|
|
entry->mName = aName;
|
2017-04-10 11:15:29 +03:00
|
|
|
entry->mValue = trimValue;
|
2014-10-02 21:59:20 +04:00
|
|
|
} else {
|
2018-12-19 17:48:30 +03:00
|
|
|
mList.AppendElement(Entry(aName, trimValue));
|
2014-10-02 21:59:20 +04:00
|
|
|
}
|
2019-04-16 09:34:05 +03:00
|
|
|
|
|
|
|
// Step 8
|
|
|
|
if (mGuard == HeadersGuardEnum::Request_no_cors) {
|
|
|
|
RemovePrivilegedNoCorsRequestHeaders();
|
|
|
|
}
|
2014-10-02 21:59:20 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
void InternalHeaders::Clear() {
|
2017-09-17 12:18:20 +03:00
|
|
|
SetListDirty();
|
2014-10-02 21:59:20 +04:00
|
|
|
mList.Clear();
|
|
|
|
}
|
|
|
|
|
|
|
|
void InternalHeaders::SetGuard(HeadersGuardEnum aGuard, ErrorResult& aRv) {
|
2015-10-27 19:23:34 +03:00
|
|
|
// The guard is only checked during ::Set() and ::Append() in the spec. It
|
|
|
|
// does not require revalidating headers already set.
|
2014-10-02 21:59:20 +04:00
|
|
|
mGuard = aGuard;
|
|
|
|
}
|
|
|
|
|
2020-02-20 19:53:06 +03:00
|
|
|
InternalHeaders::~InternalHeaders() = default;
|
2014-10-02 21:59:20 +04:00
|
|
|
|
2019-04-16 09:34:05 +03:00
|
|
|
// static
|
|
|
|
bool InternalHeaders::IsNoCorsSafelistedRequestHeaderName(
|
|
|
|
const nsCString& aName) {
|
|
|
|
return aName.EqualsIgnoreCase("accept") ||
|
|
|
|
aName.EqualsIgnoreCase("accept-language") ||
|
|
|
|
aName.EqualsIgnoreCase("content-language") ||
|
|
|
|
aName.EqualsIgnoreCase("content-type");
|
|
|
|
}
|
|
|
|
|
|
|
|
// static
|
|
|
|
bool InternalHeaders::IsPrivilegedNoCorsRequestHeaderName(
|
|
|
|
const nsCString& aName) {
|
|
|
|
return aName.EqualsIgnoreCase("range");
|
|
|
|
}
|
|
|
|
|
2014-10-02 21:59:20 +04:00
|
|
|
// static
|
2018-12-19 17:48:30 +03:00
|
|
|
bool InternalHeaders::IsSimpleHeader(const nsCString& aName,
|
2014-10-02 21:59:20 +04:00
|
|
|
const nsACString& aValue) {
|
2018-11-14 14:45:46 +03:00
|
|
|
if (aValue.Length() > 128) {
|
|
|
|
return false;
|
|
|
|
}
|
2014-10-02 21:59:20 +04:00
|
|
|
// Note, we must allow a null content-type value here to support
|
|
|
|
// get("content-type"), but the IsInvalidValue() check will prevent null
|
|
|
|
// from being set or appended.
|
2018-12-19 17:48:30 +03:00
|
|
|
return (aName.EqualsIgnoreCase("accept") &&
|
2018-11-14 14:45:46 +03:00
|
|
|
nsContentUtils::IsAllowedNonCorsAccept(aValue)) ||
|
2018-12-19 17:48:30 +03:00
|
|
|
(aName.EqualsIgnoreCase("accept-language") &&
|
2018-11-14 14:45:46 +03:00
|
|
|
nsContentUtils::IsAllowedNonCorsLanguage(aValue)) ||
|
2018-12-19 17:48:30 +03:00
|
|
|
(aName.EqualsIgnoreCase("content-language") &&
|
2018-11-14 14:45:46 +03:00
|
|
|
nsContentUtils::IsAllowedNonCorsLanguage(aValue)) ||
|
2018-12-19 17:48:30 +03:00
|
|
|
(aName.EqualsIgnoreCase("content-type") &&
|
2014-10-02 21:59:20 +04:00
|
|
|
nsContentUtils::IsAllowedNonCorsContentType(aValue));
|
|
|
|
}
|
|
|
|
|
2016-03-03 02:09:30 +03:00
|
|
|
// static
|
2018-12-19 17:48:30 +03:00
|
|
|
bool InternalHeaders::IsRevalidationHeader(const nsCString& aName) {
|
|
|
|
return aName.EqualsIgnoreCase("if-modified-since") ||
|
|
|
|
aName.EqualsIgnoreCase("if-none-match") ||
|
|
|
|
aName.EqualsIgnoreCase("if-unmodified-since") ||
|
|
|
|
aName.EqualsIgnoreCase("if-match") ||
|
|
|
|
aName.EqualsIgnoreCase("if-range");
|
2016-03-03 02:09:30 +03:00
|
|
|
}
|
|
|
|
|
2014-10-02 21:59:20 +04:00
|
|
|
// static
|
|
|
|
bool InternalHeaders::IsInvalidName(const nsACString& aName, ErrorResult& aRv) {
|
|
|
|
if (!NS_IsValidHTTPToken(aName)) {
|
|
|
|
NS_ConvertUTF8toUTF16 label(aName);
|
2015-11-20 21:36:46 +03:00
|
|
|
aRv.ThrowTypeError<MSG_INVALID_HEADER_NAME>(label);
|
2014-10-02 21:59:20 +04:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
// static
|
|
|
|
bool InternalHeaders::IsInvalidValue(const nsACString& aValue,
|
|
|
|
ErrorResult& aRv) {
|
|
|
|
if (!NS_IsReasonableHTTPHeaderValue(aValue)) {
|
|
|
|
NS_ConvertUTF8toUTF16 label(aValue);
|
2015-11-20 21:36:46 +03:00
|
|
|
aRv.ThrowTypeError<MSG_INVALID_HEADER_VALUE>(label);
|
2014-10-02 21:59:20 +04:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool InternalHeaders::IsImmutable(ErrorResult& aRv) const {
|
|
|
|
if (mGuard == HeadersGuardEnum::Immutable) {
|
2019-09-20 05:19:18 +03:00
|
|
|
aRv.ThrowTypeError(u"Headers are immutable and cannot be modified.");
|
2014-10-02 21:59:20 +04:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2018-12-19 17:48:30 +03:00
|
|
|
bool InternalHeaders::IsForbiddenRequestHeader(const nsCString& aName) const {
|
2014-10-02 21:59:20 +04:00
|
|
|
return mGuard == HeadersGuardEnum::Request &&
|
|
|
|
nsContentUtils::IsForbiddenRequestHeader(aName);
|
|
|
|
}
|
|
|
|
|
|
|
|
bool InternalHeaders::IsForbiddenRequestNoCorsHeader(
|
2018-12-19 17:48:30 +03:00
|
|
|
const nsCString& aName) const {
|
2014-10-02 21:59:20 +04:00
|
|
|
return mGuard == HeadersGuardEnum::Request_no_cors &&
|
|
|
|
!IsSimpleHeader(aName, EmptyCString());
|
|
|
|
}
|
|
|
|
|
|
|
|
bool InternalHeaders::IsForbiddenRequestNoCorsHeader(
|
2018-12-19 17:48:30 +03:00
|
|
|
const nsCString& aName, const nsACString& aValue) const {
|
2014-10-02 21:59:20 +04:00
|
|
|
return mGuard == HeadersGuardEnum::Request_no_cors &&
|
|
|
|
!IsSimpleHeader(aName, aValue);
|
|
|
|
}
|
|
|
|
|
2018-12-19 17:48:30 +03:00
|
|
|
bool InternalHeaders::IsForbiddenResponseHeader(const nsCString& aName) const {
|
2014-10-02 21:59:20 +04:00
|
|
|
return mGuard == HeadersGuardEnum::Response &&
|
|
|
|
nsContentUtils::IsForbiddenResponseHeader(aName);
|
|
|
|
}
|
|
|
|
|
|
|
|
void InternalHeaders::Fill(const InternalHeaders& aInit, ErrorResult& aRv) {
|
|
|
|
const nsTArray<Entry>& list = aInit.mList;
|
|
|
|
for (uint32_t i = 0; i < list.Length() && !aRv.Failed(); ++i) {
|
|
|
|
const Entry& entry = list[i];
|
|
|
|
Append(entry.mName, entry.mValue, aRv);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void InternalHeaders::Fill(const Sequence<Sequence<nsCString>>& aInit,
|
|
|
|
ErrorResult& aRv) {
|
|
|
|
for (uint32_t i = 0; i < aInit.Length() && !aRv.Failed(); ++i) {
|
|
|
|
const Sequence<nsCString>& tuple = aInit[i];
|
|
|
|
if (tuple.Length() != 2) {
|
2019-09-20 05:19:18 +03:00
|
|
|
aRv.ThrowTypeError(
|
|
|
|
u"Headers require name/value tuples when being initialized by a "
|
|
|
|
u"sequence.");
|
2014-10-02 21:59:20 +04:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
Append(tuple[0], tuple[1], aRv);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-02-15 08:01:35 +03:00
|
|
|
void InternalHeaders::Fill(const Record<nsCString, nsCString>& aInit,
|
|
|
|
ErrorResult& aRv) {
|
2017-02-15 08:00:00 +03:00
|
|
|
for (auto& entry : aInit.Entries()) {
|
2017-02-15 08:01:39 +03:00
|
|
|
Append(entry.mKey, entry.mValue, aRv);
|
2017-02-15 08:00:00 +03:00
|
|
|
if (aRv.Failed()) {
|
|
|
|
return;
|
|
|
|
}
|
2014-10-02 21:59:20 +04:00
|
|
|
}
|
|
|
|
}
|
2014-10-06 22:01:20 +04:00
|
|
|
|
2017-02-14 18:06:39 +03:00
|
|
|
namespace {
|
|
|
|
|
|
|
|
class FillHeaders final : public nsIHttpHeaderVisitor {
|
|
|
|
RefPtr<InternalHeaders> mInternalHeaders;
|
|
|
|
|
|
|
|
~FillHeaders() = default;
|
|
|
|
|
|
|
|
public:
|
|
|
|
NS_DECL_ISUPPORTS
|
|
|
|
|
|
|
|
explicit FillHeaders(InternalHeaders* aInternalHeaders)
|
|
|
|
: mInternalHeaders(aInternalHeaders) {
|
|
|
|
MOZ_DIAGNOSTIC_ASSERT(mInternalHeaders);
|
|
|
|
}
|
|
|
|
|
|
|
|
NS_IMETHOD
|
|
|
|
VisitHeader(const nsACString& aHeader, const nsACString& aValue) override {
|
2018-02-01 22:21:14 +03:00
|
|
|
mInternalHeaders->Append(aHeader, aValue, IgnoreErrors());
|
2017-02-14 18:06:39 +03:00
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
NS_IMPL_ISUPPORTS(FillHeaders, nsIHttpHeaderVisitor)
|
|
|
|
|
|
|
|
} // namespace
|
|
|
|
|
|
|
|
void InternalHeaders::FillResponseHeaders(nsIRequest* aRequest) {
|
|
|
|
nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aRequest);
|
|
|
|
if (!httpChannel) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
RefPtr<FillHeaders> visitor = new FillHeaders(this);
|
2016-12-20 06:49:32 +03:00
|
|
|
nsresult rv = httpChannel->VisitResponseHeaders(visitor);
|
|
|
|
if (NS_FAILED(rv)) {
|
|
|
|
NS_WARNING("failed to fill headers");
|
|
|
|
}
|
2017-02-14 18:06:39 +03:00
|
|
|
}
|
|
|
|
|
2014-10-06 22:01:20 +04:00
|
|
|
bool InternalHeaders::HasOnlySimpleHeaders() const {
|
|
|
|
for (uint32_t i = 0; i < mList.Length(); ++i) {
|
|
|
|
if (!IsSimpleHeader(mList[i].mName, mList[i].mValue)) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2016-03-03 02:09:30 +03:00
|
|
|
bool InternalHeaders::HasRevalidationHeaders() const {
|
|
|
|
for (uint32_t i = 0; i < mList.Length(); ++i) {
|
|
|
|
if (IsRevalidationHeader(mList[i].mName)) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2014-10-06 22:01:20 +04:00
|
|
|
// static
|
|
|
|
already_AddRefed<InternalHeaders> InternalHeaders::BasicHeaders(
|
|
|
|
InternalHeaders* aHeaders) {
|
2015-10-18 08:24:48 +03:00
|
|
|
RefPtr<InternalHeaders> basic = new InternalHeaders(*aHeaders);
|
2014-10-06 22:01:20 +04:00
|
|
|
ErrorResult result;
|
|
|
|
// The Set-Cookie headers cannot be invalid mutable headers, so the Delete
|
|
|
|
// must succeed.
|
|
|
|
basic->Delete(NS_LITERAL_CSTRING("Set-Cookie"), result);
|
|
|
|
MOZ_ASSERT(!result.Failed());
|
|
|
|
basic->Delete(NS_LITERAL_CSTRING("Set-Cookie2"), result);
|
|
|
|
MOZ_ASSERT(!result.Failed());
|
|
|
|
return basic.forget();
|
|
|
|
}
|
|
|
|
|
|
|
|
// static
|
|
|
|
already_AddRefed<InternalHeaders> InternalHeaders::CORSHeaders(
|
2019-07-16 11:50:14 +03:00
|
|
|
InternalHeaders* aHeaders, RequestCredentials aCredentialsMode) {
|
2015-10-18 08:24:48 +03:00
|
|
|
RefPtr<InternalHeaders> cors = new InternalHeaders(aHeaders->mGuard);
|
2014-10-06 22:01:20 +04:00
|
|
|
ErrorResult result;
|
|
|
|
|
2015-01-08 02:50:54 +03:00
|
|
|
nsAutoCString acExposedNames;
|
2019-04-16 09:34:05 +03:00
|
|
|
aHeaders->Get(NS_LITERAL_CSTRING("Access-Control-Expose-Headers"),
|
|
|
|
acExposedNames, result);
|
2014-10-06 22:01:20 +04:00
|
|
|
MOZ_ASSERT(!result.Failed());
|
|
|
|
|
2019-07-16 11:50:14 +03:00
|
|
|
bool allowAllHeaders = false;
|
2016-02-02 18:36:30 +03:00
|
|
|
AutoTArray<nsCString, 5> exposeNamesArray;
|
2015-01-08 02:50:54 +03:00
|
|
|
nsCCharSeparatedTokenizer exposeTokens(acExposedNames, ',');
|
|
|
|
while (exposeTokens.hasMoreTokens()) {
|
|
|
|
const nsDependentCSubstring& token = exposeTokens.nextToken();
|
|
|
|
if (token.IsEmpty()) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!NS_IsValidHTTPToken(token)) {
|
|
|
|
NS_WARNING(
|
|
|
|
"Got invalid HTTP token in Access-Control-Expose-Headers. Header "
|
|
|
|
"value is:");
|
|
|
|
NS_WARNING(acExposedNames.get());
|
|
|
|
exposeNamesArray.Clear();
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2019-07-16 11:50:14 +03:00
|
|
|
if (token.EqualsLiteral("*") &&
|
|
|
|
aCredentialsMode != RequestCredentials::Include) {
|
|
|
|
allowAllHeaders = true;
|
|
|
|
}
|
|
|
|
|
2015-01-08 02:50:54 +03:00
|
|
|
exposeNamesArray.AppendElement(token);
|
|
|
|
}
|
|
|
|
|
2014-10-06 22:01:20 +04:00
|
|
|
nsCaseInsensitiveCStringArrayComparator comp;
|
|
|
|
for (uint32_t i = 0; i < aHeaders->mList.Length(); ++i) {
|
|
|
|
const Entry& entry = aHeaders->mList[i];
|
2019-07-16 11:50:14 +03:00
|
|
|
if (allowAllHeaders) {
|
|
|
|
cors->Append(entry.mName, entry.mValue, result);
|
|
|
|
MOZ_ASSERT(!result.Failed());
|
|
|
|
} else if (entry.mName.EqualsIgnoreCase("cache-control") ||
|
|
|
|
entry.mName.EqualsIgnoreCase("content-language") ||
|
|
|
|
entry.mName.EqualsIgnoreCase("content-type") ||
|
|
|
|
entry.mName.EqualsIgnoreCase("expires") ||
|
|
|
|
entry.mName.EqualsIgnoreCase("last-modified") ||
|
|
|
|
entry.mName.EqualsIgnoreCase("pragma") ||
|
|
|
|
exposeNamesArray.Contains(entry.mName, comp)) {
|
2014-10-06 22:01:20 +04:00
|
|
|
cors->Append(entry.mName, entry.mValue, result);
|
|
|
|
MOZ_ASSERT(!result.Failed());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return cors.forget();
|
|
|
|
}
|
2014-12-10 09:35:22 +03:00
|
|
|
|
|
|
|
void InternalHeaders::GetEntries(
|
|
|
|
nsTArray<InternalHeaders::Entry>& aEntries) const {
|
|
|
|
MOZ_ASSERT(aEntries.IsEmpty());
|
|
|
|
aEntries.AppendElements(mList);
|
|
|
|
}
|
2015-01-08 02:50:54 +03:00
|
|
|
|
|
|
|
void InternalHeaders::GetUnsafeHeaders(nsTArray<nsCString>& aNames) const {
|
|
|
|
MOZ_ASSERT(aNames.IsEmpty());
|
|
|
|
for (uint32_t i = 0; i < mList.Length(); ++i) {
|
|
|
|
const Entry& header = mList[i];
|
|
|
|
if (!InternalHeaders::IsSimpleHeader(header.mName, header.mValue)) {
|
|
|
|
aNames.AppendElement(header.mName);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2015-07-13 18:25:42 +03:00
|
|
|
|
2017-09-17 12:18:20 +03:00
|
|
|
void InternalHeaders::MaybeSortList() {
|
|
|
|
class Comparator {
|
|
|
|
public:
|
|
|
|
bool Equals(const Entry& aA, const Entry& aB) const {
|
|
|
|
return aA.mName == aB.mName;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool LessThan(const Entry& aA, const Entry& aB) const {
|
|
|
|
return aA.mName < aB.mName;
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
if (!mListDirty) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
mListDirty = false;
|
|
|
|
|
|
|
|
Comparator comparator;
|
|
|
|
|
|
|
|
mSortedList.Clear();
|
|
|
|
for (const Entry& entry : mList) {
|
|
|
|
bool found = false;
|
|
|
|
for (Entry& sortedEntry : mSortedList) {
|
2018-12-19 17:48:30 +03:00
|
|
|
if (sortedEntry.mName.EqualsIgnoreCase(entry.mName.get())) {
|
2017-09-17 12:18:20 +03:00
|
|
|
sortedEntry.mValue += ", ";
|
|
|
|
sortedEntry.mValue += entry.mValue;
|
|
|
|
found = true;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!found) {
|
2018-12-19 17:48:30 +03:00
|
|
|
Entry newEntry = entry;
|
|
|
|
ToLowerCase(newEntry.mName);
|
|
|
|
mSortedList.InsertElementSorted(newEntry, comparator);
|
2017-09-17 12:18:20 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void InternalHeaders::SetListDirty() {
|
|
|
|
mSortedList.Clear();
|
|
|
|
mListDirty = true;
|
|
|
|
}
|
|
|
|
|
2018-12-19 17:48:30 +03:00
|
|
|
void InternalHeaders::ReuseExistingNameIfExists(nsCString& aName) const {
|
|
|
|
for (const Entry& entry : mList) {
|
|
|
|
if (entry.mName.EqualsIgnoreCase(aName.get())) {
|
|
|
|
aName = entry.mName;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-10-02 21:59:20 +04:00
|
|
|
} // namespace dom
|
|
|
|
} // namespace mozilla
|