2014-07-10 10:56:37 +04:00
|
|
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
2015-02-13 22:36:47 +03:00
|
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
2014-07-10 10:56:37 +04:00
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
|
|
|
|
|
|
#include "mozilla/LoadInfo.h"
|
|
|
|
|
|
|
|
|
|
#include "mozilla/Assertions.h"
|
2017-11-16 21:15:09 +03:00
|
|
|
#include "mozilla/dom/ClientIPCTypes.h"
|
|
|
|
|
#include "mozilla/dom/ClientSource.h"
|
2018-01-24 19:17:31 +03:00
|
|
|
#include "mozilla/dom/PerformanceStorage.h"
|
2017-11-03 15:23:11 +03:00
|
|
|
#include "mozilla/dom/TabChild.h"
|
2015-07-20 05:11:03 +03:00
|
|
|
#include "mozilla/dom/ToJSValue.h"
|
2018-07-17 22:37:48 +03:00
|
|
|
#include "mozilla/NullPrincipal.h"
|
2015-12-01 00:25:29 +03:00
|
|
|
#include "mozIThirdPartyUtil.h"
|
2015-05-08 22:52:49 +03:00
|
|
|
#include "nsFrameLoader.h"
|
2016-05-31 12:14:00 +03:00
|
|
|
#include "nsIContentSecurityPolicy.h"
|
2015-05-08 22:52:49 +03:00
|
|
|
#include "nsIDocShell.h"
|
2014-07-17 00:16:12 +04:00
|
|
|
#include "nsIDocument.h"
|
2018-03-22 05:43:17 +03:00
|
|
|
#include "nsIFrameLoaderOwner.h"
|
2016-01-09 04:20:50 +03:00
|
|
|
#include "nsIInterfaceRequestorUtils.h"
|
2014-07-10 10:56:37 +04:00
|
|
|
#include "nsISupportsImpl.h"
|
|
|
|
|
#include "nsISupportsUtils.h"
|
2018-09-06 17:01:58 +03:00
|
|
|
#include "nsIXPConnect.h"
|
2015-06-17 07:18:16 +03:00
|
|
|
#include "nsContentUtils.h"
|
2016-04-14 02:30:16 +03:00
|
|
|
#include "nsDocShell.h"
|
2015-12-01 00:25:29 +03:00
|
|
|
#include "nsGlobalWindow.h"
|
2018-03-04 17:33:33 +03:00
|
|
|
#include "nsMixedContentBlocker.h"
|
2017-05-25 20:42:00 +03:00
|
|
|
#include "nsRedirectHistoryEntry.h"
|
2018-10-25 11:44:12 +03:00
|
|
|
#include "nsSandboxFlags.h"
|
2018-03-06 09:07:00 +03:00
|
|
|
#include "LoadInfo.h"
|
2014-07-10 10:56:37 +04:00
|
|
|
|
2016-01-09 04:20:50 +03:00
|
|
|
using namespace mozilla::dom;
|
|
|
|
|
|
2014-07-10 10:56:37 +04:00
|
|
|
namespace mozilla {
|
2016-05-19 05:02:57 +03:00
|
|
|
namespace net {
|
2014-07-10 10:56:37 +04:00
|
|
|
|
2017-09-07 00:25:23 +03:00
|
|
|
static uint64_t
|
2017-09-29 00:55:43 +03:00
|
|
|
FindTopOuterWindowID(nsPIDOMWindowOuter* aOuter)
|
2017-09-07 00:25:23 +03:00
|
|
|
{
|
|
|
|
|
nsCOMPtr<nsPIDOMWindowOuter> outer = aOuter;
|
|
|
|
|
while (nsCOMPtr<nsPIDOMWindowOuter> parent = outer->GetScriptableParentOrNull()) {
|
|
|
|
|
outer = parent;
|
|
|
|
|
}
|
|
|
|
|
return outer->WindowID();
|
|
|
|
|
}
|
|
|
|
|
|
2014-11-14 19:55:59 +03:00
|
|
|
LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
|
|
|
|
|
nsIPrincipal* aTriggeringPrincipal,
|
2014-07-17 00:16:12 +04:00
|
|
|
nsINode* aLoadingContext,
|
|
|
|
|
nsSecurityFlags aSecurityFlags,
|
2018-01-23 18:38:54 +03:00
|
|
|
nsContentPolicyType aContentPolicyType,
|
|
|
|
|
const Maybe<mozilla::dom::ClientInfo>& aLoadingClientInfo,
|
|
|
|
|
const Maybe<mozilla::dom::ServiceWorkerDescriptor>& aController)
|
2014-12-11 02:36:03 +03:00
|
|
|
: mLoadingPrincipal(aLoadingContext ?
|
|
|
|
|
aLoadingContext->NodePrincipal() : aLoadingPrincipal)
|
2014-11-14 19:55:59 +03:00
|
|
|
, mTriggeringPrincipal(aTriggeringPrincipal ?
|
2014-12-11 02:36:03 +03:00
|
|
|
aTriggeringPrincipal : mLoadingPrincipal.get())
|
2016-11-08 09:23:12 +03:00
|
|
|
, mPrincipalToInherit(nullptr)
|
2018-01-23 18:38:54 +03:00
|
|
|
, mClientInfo(aLoadingClientInfo)
|
|
|
|
|
, mController(aController)
|
2014-07-17 00:16:12 +04:00
|
|
|
, mLoadingContext(do_GetWeakReference(aLoadingContext))
|
2017-09-05 19:01:07 +03:00
|
|
|
, mContextForTopLevelLoad(nullptr)
|
2014-07-17 00:16:12 +04:00
|
|
|
, mSecurityFlags(aSecurityFlags)
|
2015-10-19 21:14:54 +03:00
|
|
|
, mInternalContentPolicyType(aContentPolicyType)
|
2015-10-22 21:07:32 +03:00
|
|
|
, mTainting(LoadTainting::Basic)
|
2015-07-10 23:57:55 +03:00
|
|
|
, mUpgradeInsecureRequests(false)
|
2018-02-05 18:37:27 +03:00
|
|
|
, mBrowserUpgradeInsecureRequests(false)
|
2018-03-04 17:33:33 +03:00
|
|
|
, mBrowserWouldUpgradeInsecureRequests(false)
|
2016-03-14 13:56:52 +03:00
|
|
|
, mVerifySignedContent(false)
|
2016-03-16 06:13:26 +03:00
|
|
|
, mEnforceSRI(false)
|
2017-11-08 22:01:41 +03:00
|
|
|
, mForceAllowDataURI(false)
|
2018-02-18 21:52:52 +03:00
|
|
|
, mAllowInsecureRedirectToDataURI(false)
|
2018-03-29 12:14:35 +03:00
|
|
|
, mSkipContentPolicyCheckForWebRequest(false)
|
2017-11-05 07:06:20 +03:00
|
|
|
, mOriginalFrameSrcLoad(false)
|
2016-07-18 09:35:13 +03:00
|
|
|
, mForceInheritPrincipalDropped(false)
|
2015-05-08 22:52:49 +03:00
|
|
|
, mInnerWindowID(0)
|
|
|
|
|
, mOuterWindowID(0)
|
|
|
|
|
, mParentOuterWindowID(0)
|
2017-09-07 00:25:23 +03:00
|
|
|
, mTopOuterWindowID(0)
|
2016-06-27 03:42:00 +03:00
|
|
|
, mFrameOuterWindowID(0)
|
2015-07-20 05:11:57 +03:00
|
|
|
, mEnforceSecurity(false)
|
|
|
|
|
, mInitialSecurityCheckDone(false)
|
2016-03-26 00:47:31 +03:00
|
|
|
, mIsThirdPartyContext(false)
|
2018-01-23 18:38:51 +03:00
|
|
|
, mIsDocshellReload(false)
|
2018-08-01 07:35:24 +03:00
|
|
|
, mSendCSPViolationEvents(true)
|
2018-09-07 21:43:11 +03:00
|
|
|
, mTrackerBlockedReason(mozilla::Telemetry::LABELS_DOCUMENT_ANALYTICS_TRACKER_FASTBLOCKED::all)
|
2015-12-07 02:33:14 +03:00
|
|
|
, mForcePreflight(false)
|
|
|
|
|
, mIsPreflight(false)
|
2017-11-03 15:23:11 +03:00
|
|
|
, mLoadTriggeredFromExternal(false)
|
2017-11-03 10:37:35 +03:00
|
|
|
, mServiceWorkerTaintingSynthesized(false)
|
2018-08-16 18:29:22 +03:00
|
|
|
, mIsTracker(false)
|
|
|
|
|
, mIsTrackerBlocked(false)
|
2018-08-31 14:21:17 +03:00
|
|
|
, mDocumentHasUserInteracted(false)
|
2018-09-28 22:12:10 +03:00
|
|
|
, mDocumentHasLoaded(false)
|
2014-07-10 10:56:37 +04:00
|
|
|
{
|
2014-12-11 02:36:03 +03:00
|
|
|
MOZ_ASSERT(mLoadingPrincipal);
|
2014-11-14 19:55:59 +03:00
|
|
|
MOZ_ASSERT(mTriggeringPrincipal);
|
2016-04-14 02:30:36 +03:00
|
|
|
|
|
|
|
|
#ifdef DEBUG
|
|
|
|
|
// TYPE_DOCUMENT loads initiated by javascript tests will go through
|
|
|
|
|
// nsIOService and use the wrong constructor. Don't enforce the
|
|
|
|
|
// !TYPE_DOCUMENT check in those cases
|
|
|
|
|
bool skipContentTypeCheck = false;
|
|
|
|
|
skipContentTypeCheck = Preferences::GetBool("network.loadinfo.skip_type_assertion");
|
|
|
|
|
#endif
|
|
|
|
|
|
2016-04-14 02:30:16 +03:00
|
|
|
// This constructor shouldn't be used for TYPE_DOCUMENT loads that don't
|
|
|
|
|
// have a loadingPrincipal
|
2018-03-29 13:16:23 +03:00
|
|
|
MOZ_ASSERT(skipContentTypeCheck || mLoadingPrincipal ||
|
2016-04-14 02:30:36 +03:00
|
|
|
mInternalContentPolicyType != nsIContentPolicy::TYPE_DOCUMENT);
|
2014-12-11 02:36:03 +03:00
|
|
|
|
2018-01-23 18:38:54 +03:00
|
|
|
// We should only get an explicit controller for subresource requests.
|
|
|
|
|
MOZ_DIAGNOSTIC_ASSERT(
|
|
|
|
|
aController.isNothing() ||
|
|
|
|
|
!nsContentUtils::IsNonSubresourceInternalPolicyType(mInternalContentPolicyType));
|
|
|
|
|
|
2016-03-26 00:47:31 +03:00
|
|
|
// TODO(bug 1259873): Above, we initialize mIsThirdPartyContext to false meaning
|
|
|
|
|
// that consumers of LoadInfo that don't pass a context or pass a context from
|
|
|
|
|
// which we can't find a window will default to assuming that they're 1st
|
|
|
|
|
// party. It would be nice if we could default "safe" and assume that we are
|
|
|
|
|
// 3rd party until proven otherwise.
|
|
|
|
|
|
2014-12-11 02:36:03 +03:00
|
|
|
// if consumers pass both, aLoadingContext and aLoadingPrincipal
|
|
|
|
|
// then the loadingPrincipal must be the same as the node's principal
|
|
|
|
|
MOZ_ASSERT(!aLoadingContext || !aLoadingPrincipal ||
|
|
|
|
|
aLoadingContext->NodePrincipal() == aLoadingPrincipal);
|
|
|
|
|
|
2014-07-17 00:16:12 +04:00
|
|
|
// if the load is sandboxed, we can not also inherit the principal
|
|
|
|
|
if (mSecurityFlags & nsILoadInfo::SEC_SANDBOXED) {
|
2017-01-10 22:46:30 +03:00
|
|
|
mForceInheritPrincipalDropped =
|
|
|
|
|
(mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
|
|
|
|
|
mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
|
2014-07-17 00:16:12 +04:00
|
|
|
}
|
2015-05-08 22:52:49 +03:00
|
|
|
|
2018-10-25 11:44:12 +03:00
|
|
|
uint32_t externalType =
|
|
|
|
|
nsContentUtils::InternalContentPolicyTypeToExternal(aContentPolicyType);
|
|
|
|
|
|
2015-05-08 22:52:49 +03:00
|
|
|
if (aLoadingContext) {
|
2017-11-21 23:13:05 +03:00
|
|
|
// Ensure that all network requests for a window client have the ClientInfo
|
2018-01-23 18:38:54 +03:00
|
|
|
// properly set. Workers must currently pass the loading ClientInfo explicitly.
|
|
|
|
|
// We allow main thread requests to explicitly pass the value as well.
|
|
|
|
|
if (mClientInfo.isNothing()) {
|
|
|
|
|
mClientInfo = aLoadingContext->OwnerDoc()->GetClientInfo();
|
|
|
|
|
}
|
2017-11-21 23:13:05 +03:00
|
|
|
|
2018-01-23 18:38:52 +03:00
|
|
|
// For subresource loads set the service worker based on the calling
|
2018-01-23 18:38:54 +03:00
|
|
|
// context's controller. Workers must currently pass the controller in
|
|
|
|
|
// explicitly. We allow main thread requests to explicitly pass the value
|
|
|
|
|
// as well, but otherwise extract from the loading context here.
|
|
|
|
|
if (mController.isNothing() &&
|
|
|
|
|
!nsContentUtils::IsNonSubresourceInternalPolicyType(mInternalContentPolicyType)) {
|
2018-01-23 18:38:52 +03:00
|
|
|
mController = aLoadingContext->OwnerDoc()->GetController();
|
|
|
|
|
}
|
|
|
|
|
|
2016-03-12 07:28:00 +03:00
|
|
|
nsCOMPtr<nsPIDOMWindowOuter> contextOuter = aLoadingContext->OwnerDoc()->GetWindow();
|
|
|
|
|
if (contextOuter) {
|
|
|
|
|
ComputeIsThirdPartyContext(contextOuter);
|
2016-06-27 03:42:00 +03:00
|
|
|
mOuterWindowID = contextOuter->WindowID();
|
|
|
|
|
nsCOMPtr<nsPIDOMWindowOuter> parent = contextOuter->GetScriptableParent();
|
|
|
|
|
mParentOuterWindowID = parent ? parent->WindowID() : mOuterWindowID;
|
2017-09-29 00:55:43 +03:00
|
|
|
mTopOuterWindowID = FindTopOuterWindowID(contextOuter);
|
2018-07-10 11:09:59 +03:00
|
|
|
|
|
|
|
|
nsGlobalWindowInner* innerWindow =
|
|
|
|
|
nsGlobalWindowInner::Cast(contextOuter->GetCurrentInnerWindow());
|
|
|
|
|
if (innerWindow) {
|
2018-08-10 21:55:27 +03:00
|
|
|
mTopLevelPrincipal = innerWindow->GetTopLevelPrincipal();
|
2018-10-25 11:44:12 +03:00
|
|
|
|
|
|
|
|
// The top-level-storage-area-principal is not null only for the first
|
|
|
|
|
// level of iframes (null for top-level contexts, and null for
|
|
|
|
|
// sub-iframes). If we are loading a sub-document resource, we must
|
|
|
|
|
// calculate what the top-level-storage-area-principal will be for the
|
|
|
|
|
// new context.
|
|
|
|
|
if (externalType != nsIContentPolicy::TYPE_SUBDOCUMENT) {
|
|
|
|
|
mTopLevelStorageAreaPrincipal =
|
|
|
|
|
innerWindow->GetTopLevelStorageAreaPrincipal();
|
|
|
|
|
} else if (contextOuter->IsTopLevelWindow()) {
|
|
|
|
|
nsIDocument* doc = innerWindow->GetExtantDoc();
|
|
|
|
|
if (!doc || ((doc->GetSandboxFlags() & SANDBOXED_STORAGE_ACCESS) == 0 &&
|
|
|
|
|
!nsContentUtils::IsInPrivateBrowsing(doc))) {
|
|
|
|
|
mTopLevelStorageAreaPrincipal = innerWindow->GetPrincipal();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-28 22:12:10 +03:00
|
|
|
mDocumentHasLoaded = innerWindow->IsDocumentLoaded();
|
|
|
|
|
|
|
|
|
|
if (innerWindow->IsFrame()) {
|
|
|
|
|
// For resources within iframes, we actually want the
|
|
|
|
|
// top-level document's flag, not the iframe document's.
|
|
|
|
|
mDocumentHasLoaded = false;
|
|
|
|
|
nsGlobalWindowOuter* topOuter = innerWindow->GetScriptableTopInternal();
|
|
|
|
|
if (topOuter) {
|
|
|
|
|
nsGlobalWindowInner* topInner =
|
|
|
|
|
nsGlobalWindowInner::Cast(topOuter->GetCurrentInnerWindow());
|
|
|
|
|
if (topInner) {
|
|
|
|
|
mDocumentHasLoaded = topInner->IsDocumentLoaded();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2018-07-10 11:09:59 +03:00
|
|
|
}
|
2016-03-12 07:28:00 +03:00
|
|
|
}
|
|
|
|
|
|
2016-06-27 03:42:00 +03:00
|
|
|
mInnerWindowID = aLoadingContext->OwnerDoc()->InnerWindowID();
|
2017-10-10 19:54:00 +03:00
|
|
|
mAncestorPrincipals = aLoadingContext->OwnerDoc()->AncestorPrincipals();
|
|
|
|
|
mAncestorOuterWindowIDs = aLoadingContext->OwnerDoc()->AncestorOuterWindowIDs();
|
|
|
|
|
MOZ_DIAGNOSTIC_ASSERT(mAncestorPrincipals.Length() == mAncestorOuterWindowIDs.Length());
|
2018-08-31 14:21:17 +03:00
|
|
|
mDocumentHasUserInteracted = aLoadingContext->OwnerDoc()->UserHasInteracted();
|
2015-05-08 22:52:49 +03:00
|
|
|
|
|
|
|
|
// When the element being loaded is a frame, we choose the frame's window
|
|
|
|
|
// for the window ID and the frame element's window as the parent
|
|
|
|
|
// window. This is the behavior that Chrome exposes to add-ons.
|
2016-03-12 07:28:00 +03:00
|
|
|
// NB: If the frameLoaderOwner doesn't have a frame loader, then the load
|
|
|
|
|
// must be coming from an object (such as a plugin) that's loaded into it
|
|
|
|
|
// instead of a document being loaded. In that case, treat this object like
|
|
|
|
|
// any other non-document-loading element.
|
|
|
|
|
nsCOMPtr<nsIFrameLoaderOwner> frameLoaderOwner =
|
|
|
|
|
do_QueryInterface(aLoadingContext);
|
2018-03-22 05:43:15 +03:00
|
|
|
RefPtr<nsFrameLoader> fl = frameLoaderOwner ?
|
2016-03-12 07:28:00 +03:00
|
|
|
frameLoaderOwner->GetFrameLoader() : nullptr;
|
|
|
|
|
if (fl) {
|
2018-03-22 05:43:15 +03:00
|
|
|
nsCOMPtr<nsIDocShell> docShell = fl->GetDocShell(IgnoreErrors());
|
|
|
|
|
if (docShell) {
|
2016-06-27 03:42:00 +03:00
|
|
|
nsCOMPtr<nsPIDOMWindowOuter> outerWindow = do_GetInterface(docShell);
|
|
|
|
|
if (outerWindow) {
|
|
|
|
|
mFrameOuterWindowID = outerWindow->WindowID();
|
|
|
|
|
}
|
2015-05-08 22:52:49 +03:00
|
|
|
}
|
|
|
|
|
}
|
2015-07-10 23:57:55 +03:00
|
|
|
|
2016-01-14 23:38:15 +03:00
|
|
|
// if the document forces all requests to be upgraded from http to https, then
|
|
|
|
|
// we should do that for all requests. If it only forces preloads to be upgraded
|
|
|
|
|
// then we should enforce upgrade insecure requests only for preloads.
|
|
|
|
|
mUpgradeInsecureRequests =
|
|
|
|
|
aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(false) ||
|
|
|
|
|
(nsContentUtils::IsPreloadType(mInternalContentPolicyType) &&
|
|
|
|
|
aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(true));
|
2016-03-16 06:13:26 +03:00
|
|
|
|
2018-02-05 18:37:27 +03:00
|
|
|
if (nsContentUtils::IsUpgradableDisplayType(externalType)) {
|
|
|
|
|
nsCOMPtr<nsIURI> uri;
|
|
|
|
|
mLoadingPrincipal->GetURI(getter_AddRefs(uri));
|
|
|
|
|
if (uri) {
|
|
|
|
|
// Checking https not secure context as http://localhost can't be upgraded
|
|
|
|
|
bool isHttpsScheme;
|
|
|
|
|
nsresult rv = uri->SchemeIs("https", &isHttpsScheme);
|
|
|
|
|
if (NS_SUCCEEDED(rv) && isHttpsScheme) {
|
2018-03-04 17:33:33 +03:00
|
|
|
if (nsMixedContentBlocker::ShouldUpgradeMixedDisplayContent()) {
|
|
|
|
|
mBrowserUpgradeInsecureRequests = true;
|
|
|
|
|
} else {
|
|
|
|
|
mBrowserWouldUpgradeInsecureRequests = true;
|
|
|
|
|
}
|
2018-02-05 18:37:27 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2016-03-16 06:13:26 +03:00
|
|
|
// if owner doc has content signature, we enforce SRI
|
|
|
|
|
nsCOMPtr<nsIChannel> channel = aLoadingContext->OwnerDoc()->GetChannel();
|
|
|
|
|
if (channel) {
|
|
|
|
|
nsCOMPtr<nsILoadInfo> loadInfo = channel->GetLoadInfo();
|
|
|
|
|
if (loadInfo) {
|
2016-08-12 08:19:29 +03:00
|
|
|
mEnforceSRI = loadInfo->GetVerifySignedContent();
|
2016-03-16 06:13:26 +03:00
|
|
|
}
|
|
|
|
|
}
|
2015-05-08 22:52:49 +03:00
|
|
|
}
|
2015-10-22 00:47:00 +03:00
|
|
|
|
2017-03-08 09:41:20 +03:00
|
|
|
// If CSP requires SRI (require-sri-for), then store that information
|
|
|
|
|
// in the loadInfo so we can enforce SRI before loading the subresource.
|
|
|
|
|
if (!mEnforceSRI) {
|
|
|
|
|
// do not look into the CSP if already true:
|
|
|
|
|
// a CSP saying that SRI isn't needed should not
|
|
|
|
|
// overrule GetVerifySignedContent
|
|
|
|
|
if (aLoadingPrincipal) {
|
|
|
|
|
nsCOMPtr<nsIContentSecurityPolicy> csp;
|
|
|
|
|
aLoadingPrincipal->GetCsp(getter_AddRefs(csp));
|
|
|
|
|
uint32_t externalType =
|
|
|
|
|
nsContentUtils::InternalContentPolicyTypeToExternal(aContentPolicyType);
|
|
|
|
|
// csp could be null if loading principal is system principal
|
|
|
|
|
if (csp) {
|
|
|
|
|
csp->RequireSRIForType(externalType, &mEnforceSRI);
|
|
|
|
|
}
|
|
|
|
|
// if CSP is delivered via a meta tag, it's speculatively available
|
|
|
|
|
// as 'preloadCSP'. If we are preloading a script or style, we have
|
|
|
|
|
// to apply that speculative 'preloadCSP' for such loads.
|
|
|
|
|
if (!mEnforceSRI && nsContentUtils::IsPreloadType(aContentPolicyType)) {
|
|
|
|
|
nsCOMPtr<nsIContentSecurityPolicy> preloadCSP;
|
|
|
|
|
aLoadingPrincipal->GetPreloadCsp(getter_AddRefs(preloadCSP));
|
|
|
|
|
if (preloadCSP) {
|
|
|
|
|
preloadCSP->RequireSRIForType(externalType, &mEnforceSRI);
|
2016-05-31 12:14:00 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2017-03-08 09:41:20 +03:00
|
|
|
}
|
2016-05-31 12:14:00 +03:00
|
|
|
|
2017-03-08 09:41:51 +03:00
|
|
|
mOriginAttributes = mLoadingPrincipal->OriginAttributesRef();
|
2016-08-31 00:54:58 +03:00
|
|
|
|
|
|
|
|
// We need to do this after inheriting the document's origin attributes
|
|
|
|
|
// above, in case the loading principal ends up being the system principal.
|
|
|
|
|
if (aLoadingContext) {
|
|
|
|
|
nsCOMPtr<nsILoadContext> loadContext =
|
|
|
|
|
aLoadingContext->OwnerDoc()->GetLoadContext();
|
|
|
|
|
nsCOMPtr<nsIDocShell> docShell = aLoadingContext->OwnerDoc()->GetDocShell();
|
|
|
|
|
if (loadContext && docShell &&
|
|
|
|
|
docShell->ItemType() == nsIDocShellTreeItem::typeContent) {
|
|
|
|
|
bool usePrivateBrowsing;
|
|
|
|
|
nsresult rv = loadContext->GetUsePrivateBrowsing(&usePrivateBrowsing);
|
|
|
|
|
if (NS_SUCCEEDED(rv)) {
|
|
|
|
|
mOriginAttributes.SyncAttributesWithPrivateBrowsing(usePrivateBrowsing);
|
2016-04-13 11:22:49 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-04 09:05:38 +03:00
|
|
|
// For chrome docshell, the mPrivateBrowsingId remains 0 even its
|
|
|
|
|
// UsePrivateBrowsing() is true, so we only update the mPrivateBrowsingId in
|
|
|
|
|
// origin attributes if the type of the docshell is content.
|
|
|
|
|
if (aLoadingContext) {
|
|
|
|
|
nsCOMPtr<nsIDocShell> docShell = aLoadingContext->OwnerDoc()->GetDocShell();
|
|
|
|
|
if (docShell) {
|
2016-08-31 00:54:58 +03:00
|
|
|
if (docShell->ItemType() == nsIDocShellTreeItem::typeChrome) {
|
2016-08-04 09:05:38 +03:00
|
|
|
MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0,
|
|
|
|
|
"chrome docshell shouldn't have mPrivateBrowsingId set.");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2016-03-04 19:54:07 +03:00
|
|
|
}
|
|
|
|
|
|
2016-04-14 02:30:16 +03:00
|
|
|
/* Constructor takes an outer window, but no loadingNode or loadingPrincipal.
|
|
|
|
|
* This constructor should only be used for TYPE_DOCUMENT loads, since they
|
|
|
|
|
* have a null loadingNode and loadingPrincipal.
|
|
|
|
|
*/
|
2016-03-04 19:54:07 +03:00
|
|
|
LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow,
|
|
|
|
|
nsIPrincipal* aTriggeringPrincipal,
|
2017-09-05 19:01:07 +03:00
|
|
|
nsISupports* aContextForTopLevelLoad,
|
2016-03-04 19:54:07 +03:00
|
|
|
nsSecurityFlags aSecurityFlags)
|
2016-04-14 02:30:16 +03:00
|
|
|
: mLoadingPrincipal(nullptr)
|
2016-03-04 19:54:07 +03:00
|
|
|
, mTriggeringPrincipal(aTriggeringPrincipal)
|
2016-11-08 09:23:12 +03:00
|
|
|
, mPrincipalToInherit(nullptr)
|
2017-09-05 19:01:07 +03:00
|
|
|
, mContextForTopLevelLoad(do_GetWeakReference(aContextForTopLevelLoad))
|
2016-03-04 19:54:07 +03:00
|
|
|
, mSecurityFlags(aSecurityFlags)
|
|
|
|
|
, mInternalContentPolicyType(nsIContentPolicy::TYPE_DOCUMENT)
|
|
|
|
|
, mTainting(LoadTainting::Basic)
|
|
|
|
|
, mUpgradeInsecureRequests(false)
|
2018-02-05 18:37:27 +03:00
|
|
|
, mBrowserUpgradeInsecureRequests(false)
|
2018-03-04 17:33:33 +03:00
|
|
|
, mBrowserWouldUpgradeInsecureRequests(false)
|
2016-03-14 13:56:52 +03:00
|
|
|
, mVerifySignedContent(false)
|
2016-03-16 06:13:26 +03:00
|
|
|
, mEnforceSRI(false)
|
2017-11-08 22:01:41 +03:00
|
|
|
, mForceAllowDataURI(false)
|
2018-02-18 21:52:52 +03:00
|
|
|
, mAllowInsecureRedirectToDataURI(false)
|
2018-03-29 12:14:35 +03:00
|
|
|
, mSkipContentPolicyCheckForWebRequest(false)
|
2017-11-05 07:06:20 +03:00
|
|
|
, mOriginalFrameSrcLoad(false)
|
2016-07-18 09:35:13 +03:00
|
|
|
, mForceInheritPrincipalDropped(false)
|
2016-03-04 19:54:07 +03:00
|
|
|
, mInnerWindowID(0)
|
|
|
|
|
, mOuterWindowID(0)
|
|
|
|
|
, mParentOuterWindowID(0)
|
2017-09-07 00:25:23 +03:00
|
|
|
, mTopOuterWindowID(0)
|
2016-06-27 03:42:00 +03:00
|
|
|
, mFrameOuterWindowID(0)
|
2016-03-04 19:54:07 +03:00
|
|
|
, mEnforceSecurity(false)
|
|
|
|
|
, mInitialSecurityCheckDone(false)
|
|
|
|
|
, mIsThirdPartyContext(false) // NB: TYPE_DOCUMENT implies not third-party.
|
2018-01-23 18:38:51 +03:00
|
|
|
, mIsDocshellReload(false)
|
2018-08-01 07:35:24 +03:00
|
|
|
, mSendCSPViolationEvents(true)
|
2018-09-07 21:43:11 +03:00
|
|
|
, mTrackerBlockedReason(mozilla::Telemetry::LABELS_DOCUMENT_ANALYTICS_TRACKER_FASTBLOCKED::all)
|
2016-03-04 19:54:07 +03:00
|
|
|
, mForcePreflight(false)
|
|
|
|
|
, mIsPreflight(false)
|
2017-11-03 15:23:11 +03:00
|
|
|
, mLoadTriggeredFromExternal(false)
|
2017-11-03 10:37:35 +03:00
|
|
|
, mServiceWorkerTaintingSynthesized(false)
|
2018-08-16 18:29:22 +03:00
|
|
|
, mIsTracker(false)
|
|
|
|
|
, mIsTrackerBlocked(false)
|
2018-08-31 14:21:17 +03:00
|
|
|
, mDocumentHasUserInteracted(false)
|
2018-09-28 22:12:10 +03:00
|
|
|
, mDocumentHasLoaded(false)
|
2016-03-04 19:54:07 +03:00
|
|
|
{
|
|
|
|
|
// Top-level loads are never third-party
|
|
|
|
|
// Grab the information we can out of the window.
|
|
|
|
|
MOZ_ASSERT(aOuterWindow);
|
2016-04-14 02:30:16 +03:00
|
|
|
MOZ_ASSERT(mTriggeringPrincipal);
|
2016-03-04 19:54:07 +03:00
|
|
|
|
|
|
|
|
// if the load is sandboxed, we can not also inherit the principal
|
|
|
|
|
if (mSecurityFlags & nsILoadInfo::SEC_SANDBOXED) {
|
2017-01-10 22:46:30 +03:00
|
|
|
mForceInheritPrincipalDropped =
|
|
|
|
|
(mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
|
|
|
|
|
mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
|
2016-03-04 19:54:07 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// NB: Ignore the current inner window since we're navigating away from it.
|
|
|
|
|
mOuterWindowID = aOuterWindow->WindowID();
|
|
|
|
|
|
|
|
|
|
// TODO We can have a parent without a frame element in some cases dealing
|
|
|
|
|
// with the hidden window.
|
|
|
|
|
nsCOMPtr<nsPIDOMWindowOuter> parent = aOuterWindow->GetScriptableParent();
|
|
|
|
|
mParentOuterWindowID = parent ? parent->WindowID() : 0;
|
2017-09-29 00:55:43 +03:00
|
|
|
mTopOuterWindowID = FindTopOuterWindowID(aOuterWindow);
|
2016-03-04 19:54:07 +03:00
|
|
|
|
2018-07-10 11:09:59 +03:00
|
|
|
nsGlobalWindowInner* innerWindow =
|
|
|
|
|
nsGlobalWindowInner::Cast(aOuterWindow->GetCurrentInnerWindow());
|
|
|
|
|
if (innerWindow) {
|
2018-08-10 21:55:27 +03:00
|
|
|
mTopLevelPrincipal = innerWindow->GetTopLevelPrincipal();
|
2018-10-25 11:44:12 +03:00
|
|
|
// mTopLevelStorageAreaPrincipal is always null for top-level document
|
|
|
|
|
// loading.
|
2018-07-10 11:09:59 +03:00
|
|
|
}
|
|
|
|
|
|
2016-04-14 02:30:16 +03:00
|
|
|
// get the docshell from the outerwindow, and then get the originattributes
|
|
|
|
|
nsCOMPtr<nsIDocShell> docShell = aOuterWindow->GetDocShell();
|
|
|
|
|
MOZ_ASSERT(docShell);
|
2017-03-08 09:41:51 +03:00
|
|
|
mOriginAttributes = nsDocShell::Cast(docShell)->GetOriginAttributes();
|
2017-10-10 19:54:00 +03:00
|
|
|
mAncestorPrincipals = nsDocShell::Cast(docShell)->AncestorPrincipals();
|
|
|
|
|
mAncestorOuterWindowIDs = nsDocShell::Cast(docShell)->AncestorOuterWindowIDs();
|
|
|
|
|
MOZ_DIAGNOSTIC_ASSERT(mAncestorPrincipals.Length() == mAncestorOuterWindowIDs.Length());
|
2016-08-04 09:05:38 +03:00
|
|
|
|
2017-03-08 09:41:51 +03:00
|
|
|
#ifdef DEBUG
|
2016-08-31 00:54:58 +03:00
|
|
|
if (docShell->ItemType() == nsIDocShellTreeItem::typeChrome) {
|
2017-03-08 09:41:51 +03:00
|
|
|
MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0,
|
2016-08-04 09:05:38 +03:00
|
|
|
"chrome docshell shouldn't have mPrivateBrowsingId set.");
|
|
|
|
|
}
|
2017-03-08 09:41:51 +03:00
|
|
|
#endif
|
2014-07-10 10:56:37 +04:00
|
|
|
}
|
|
|
|
|
|
2015-09-24 23:42:02 +03:00
|
|
|
LoadInfo::LoadInfo(const LoadInfo& rhs)
|
|
|
|
|
: mLoadingPrincipal(rhs.mLoadingPrincipal)
|
|
|
|
|
, mTriggeringPrincipal(rhs.mTriggeringPrincipal)
|
2016-09-20 09:35:45 +03:00
|
|
|
, mPrincipalToInherit(rhs.mPrincipalToInherit)
|
2017-02-01 01:56:15 +03:00
|
|
|
, mSandboxedLoadingPrincipal(rhs.mSandboxedLoadingPrincipal)
|
2018-08-10 21:55:27 +03:00
|
|
|
, mTopLevelPrincipal(rhs.mTopLevelPrincipal)
|
2018-07-13 13:02:19 +03:00
|
|
|
, mTopLevelStorageAreaPrincipal(rhs.mTopLevelStorageAreaPrincipal)
|
2017-05-30 19:07:59 +03:00
|
|
|
, mResultPrincipalURI(rhs.mResultPrincipalURI)
|
2017-11-16 21:15:09 +03:00
|
|
|
, mClientInfo(rhs.mClientInfo)
|
|
|
|
|
// mReservedClientSource must be handled specially during redirect
|
|
|
|
|
// mReservedClientInfo must be handled specially during redirect
|
|
|
|
|
// mInitialClientInfo must be handled specially during redirect
|
2017-12-06 04:45:23 +03:00
|
|
|
, mController(rhs.mController)
|
2018-01-24 19:17:31 +03:00
|
|
|
, mPerformanceStorage(rhs.mPerformanceStorage)
|
2015-09-24 23:42:02 +03:00
|
|
|
, mLoadingContext(rhs.mLoadingContext)
|
2017-09-05 19:01:07 +03:00
|
|
|
, mContextForTopLevelLoad(rhs.mContextForTopLevelLoad)
|
2015-09-24 23:42:02 +03:00
|
|
|
, mSecurityFlags(rhs.mSecurityFlags)
|
2015-10-19 21:14:54 +03:00
|
|
|
, mInternalContentPolicyType(rhs.mInternalContentPolicyType)
|
2015-11-01 01:20:48 +03:00
|
|
|
, mTainting(rhs.mTainting)
|
2015-09-24 23:42:02 +03:00
|
|
|
, mUpgradeInsecureRequests(rhs.mUpgradeInsecureRequests)
|
2018-02-05 18:37:27 +03:00
|
|
|
, mBrowserUpgradeInsecureRequests(rhs.mBrowserUpgradeInsecureRequests)
|
2018-03-04 17:33:33 +03:00
|
|
|
, mBrowserWouldUpgradeInsecureRequests(rhs.mBrowserWouldUpgradeInsecureRequests)
|
2016-03-14 13:56:52 +03:00
|
|
|
, mVerifySignedContent(rhs.mVerifySignedContent)
|
2016-03-16 06:13:26 +03:00
|
|
|
, mEnforceSRI(rhs.mEnforceSRI)
|
2017-11-08 22:01:41 +03:00
|
|
|
, mForceAllowDataURI(rhs.mForceAllowDataURI)
|
2018-02-18 21:52:52 +03:00
|
|
|
, mAllowInsecureRedirectToDataURI(rhs.mAllowInsecureRedirectToDataURI)
|
2018-03-29 12:14:35 +03:00
|
|
|
, mSkipContentPolicyCheckForWebRequest(rhs.mSkipContentPolicyCheckForWebRequest)
|
2017-11-05 07:06:20 +03:00
|
|
|
, mOriginalFrameSrcLoad(rhs.mOriginalFrameSrcLoad)
|
2016-07-18 09:35:13 +03:00
|
|
|
, mForceInheritPrincipalDropped(rhs.mForceInheritPrincipalDropped)
|
2015-09-24 23:42:02 +03:00
|
|
|
, mInnerWindowID(rhs.mInnerWindowID)
|
|
|
|
|
, mOuterWindowID(rhs.mOuterWindowID)
|
|
|
|
|
, mParentOuterWindowID(rhs.mParentOuterWindowID)
|
2017-09-07 00:25:23 +03:00
|
|
|
, mTopOuterWindowID(rhs.mTopOuterWindowID)
|
2016-06-27 03:42:00 +03:00
|
|
|
, mFrameOuterWindowID(rhs.mFrameOuterWindowID)
|
2015-11-01 01:20:48 +03:00
|
|
|
, mEnforceSecurity(rhs.mEnforceSecurity)
|
|
|
|
|
, mInitialSecurityCheckDone(rhs.mInitialSecurityCheckDone)
|
2015-12-01 00:25:29 +03:00
|
|
|
, mIsThirdPartyContext(rhs.mIsThirdPartyContext)
|
2018-01-23 18:38:51 +03:00
|
|
|
, mIsDocshellReload(rhs.mIsDocshellReload)
|
2018-08-01 07:35:24 +03:00
|
|
|
, mSendCSPViolationEvents(rhs.mSendCSPViolationEvents)
|
2015-11-01 01:20:48 +03:00
|
|
|
, mOriginAttributes(rhs.mOriginAttributes)
|
|
|
|
|
, mRedirectChainIncludingInternalRedirects(
|
|
|
|
|
rhs.mRedirectChainIncludingInternalRedirects)
|
|
|
|
|
, mRedirectChain(rhs.mRedirectChain)
|
2017-10-10 19:54:00 +03:00
|
|
|
, mAncestorPrincipals(rhs.mAncestorPrincipals)
|
|
|
|
|
, mAncestorOuterWindowIDs(rhs.mAncestorOuterWindowIDs)
|
2015-12-07 02:33:14 +03:00
|
|
|
, mCorsUnsafeHeaders(rhs.mCorsUnsafeHeaders)
|
2018-09-07 21:43:11 +03:00
|
|
|
, mTrackerBlockedReason(rhs.mTrackerBlockedReason)
|
2015-12-07 02:33:14 +03:00
|
|
|
, mForcePreflight(rhs.mForcePreflight)
|
|
|
|
|
, mIsPreflight(rhs.mIsPreflight)
|
2017-11-03 15:23:11 +03:00
|
|
|
, mLoadTriggeredFromExternal(rhs.mLoadTriggeredFromExternal)
|
2018-06-11 04:44:38 +03:00
|
|
|
// mServiceWorkerTaintingSynthesized must be handled specially during redirect
|
|
|
|
|
, mServiceWorkerTaintingSynthesized(false)
|
2018-08-16 18:29:22 +03:00
|
|
|
, mIsTracker(rhs.mIsTracker)
|
|
|
|
|
, mIsTrackerBlocked(rhs.mIsTrackerBlocked)
|
2018-08-31 14:21:17 +03:00
|
|
|
, mDocumentHasUserInteracted(rhs.mDocumentHasUserInteracted)
|
2018-09-28 22:12:10 +03:00
|
|
|
, mDocumentHasLoaded(rhs.mDocumentHasLoaded)
|
2015-09-24 23:42:02 +03:00
|
|
|
{
|
|
|
|
|
}
|
|
|
|
|
|
2015-01-08 02:51:20 +03:00
|
|
|
LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
|
|
|
|
|
nsIPrincipal* aTriggeringPrincipal,
|
2016-09-20 09:35:45 +03:00
|
|
|
nsIPrincipal* aPrincipalToInherit,
|
2017-02-01 01:56:15 +03:00
|
|
|
nsIPrincipal* aSandboxedLoadingPrincipal,
|
2018-08-10 21:55:27 +03:00
|
|
|
nsIPrincipal* aTopLevelPrincipal,
|
2018-07-13 13:02:19 +03:00
|
|
|
nsIPrincipal* aTopLevelStorageAreaPrincipal,
|
2017-05-30 19:07:59 +03:00
|
|
|
nsIURI* aResultPrincipalURI,
|
2018-01-23 18:38:52 +03:00
|
|
|
const Maybe<ClientInfo>& aClientInfo,
|
|
|
|
|
const Maybe<ClientInfo>& aReservedClientInfo,
|
|
|
|
|
const Maybe<ClientInfo>& aInitialClientInfo,
|
2018-01-23 18:38:52 +03:00
|
|
|
const Maybe<ServiceWorkerDescriptor>& aController,
|
2015-01-08 02:51:20 +03:00
|
|
|
nsSecurityFlags aSecurityFlags,
|
|
|
|
|
nsContentPolicyType aContentPolicyType,
|
2015-12-07 02:33:15 +03:00
|
|
|
LoadTainting aTainting,
|
2015-07-10 23:57:55 +03:00
|
|
|
bool aUpgradeInsecureRequests,
|
2018-02-05 18:37:27 +03:00
|
|
|
bool aBrowserUpgradeInsecureRequests,
|
2018-03-04 17:33:33 +03:00
|
|
|
bool aBrowserWouldUpgradeInsecureRequests,
|
2016-03-14 13:56:52 +03:00
|
|
|
bool aVerifySignedContent,
|
2016-03-16 06:13:26 +03:00
|
|
|
bool aEnforceSRI,
|
2017-11-08 22:01:41 +03:00
|
|
|
bool aForceAllowDataURI,
|
2018-02-18 21:52:52 +03:00
|
|
|
bool aAllowInsecureRedirectToDataURI,
|
2018-03-29 12:14:35 +03:00
|
|
|
bool aSkipContentPolicyCheckForWebRequest,
|
2016-07-18 09:35:13 +03:00
|
|
|
bool aForceInheritPrincipalDropped,
|
2015-05-08 22:52:49 +03:00
|
|
|
uint64_t aInnerWindowID,
|
|
|
|
|
uint64_t aOuterWindowID,
|
2015-07-20 05:11:03 +03:00
|
|
|
uint64_t aParentOuterWindowID,
|
2017-09-07 00:25:23 +03:00
|
|
|
uint64_t aTopOuterWindowID,
|
2016-06-27 03:42:00 +03:00
|
|
|
uint64_t aFrameOuterWindowID,
|
2015-07-20 05:11:57 +03:00
|
|
|
bool aEnforceSecurity,
|
|
|
|
|
bool aInitialSecurityCheckDone,
|
2015-12-01 00:25:29 +03:00
|
|
|
bool aIsThirdPartyContext,
|
2018-01-23 18:38:51 +03:00
|
|
|
bool aIsDocshellReload,
|
2018-08-01 07:35:24 +03:00
|
|
|
bool aSendCSPViolationEvents,
|
2017-01-12 19:38:48 +03:00
|
|
|
const OriginAttributes& aOriginAttributes,
|
2017-05-25 20:42:00 +03:00
|
|
|
RedirectHistoryArray& aRedirectChainIncludingInternalRedirects,
|
|
|
|
|
RedirectHistoryArray& aRedirectChain,
|
2017-10-10 19:54:00 +03:00
|
|
|
nsTArray<nsCOMPtr<nsIPrincipal>>&& aAncestorPrincipals,
|
|
|
|
|
const nsTArray<uint64_t>& aAncestorOuterWindowIDs,
|
2015-12-07 02:33:14 +03:00
|
|
|
const nsTArray<nsCString>& aCorsUnsafeHeaders,
|
|
|
|
|
bool aForcePreflight,
|
Bug 1246540 - HSTS Priming Proof of Concept. r=ckerschb, r=mayhemer, r=jld, r=smaug, r=dkeeler, r=jmaher, p=ally
HSTS priming changes the order of mixed-content blocking and HSTS
upgrades, and adds a priming request to check if a mixed-content load is
accesible over HTTPS and the server supports upgrading via the
Strict-Transport-Security header.
Every call site that uses AsyncOpen2 passes through the mixed-content
blocker, and has a LoadInfo. If the mixed-content blocker marks the load as
needing HSTS priming, nsHttpChannel will build and send an HSTS priming
request on the same URI with the scheme upgraded to HTTPS. If the server
allows the upgrade, then channel performs an internal redirect to the HTTPS URI,
otherwise use the result of mixed-content blocker to allow or block the
load.
nsISiteSecurityService adds an optional boolean out parameter to
determine if the HSTS state is already cached for negative assertions.
If the host has been probed within the previous 24 hours, no HSTS
priming check will be sent.
MozReview-Commit-ID: ES1JruCtDdX
--HG--
extra : rebase_source : 2ac6c93c49f2862fc0b9e595eb0598cd1ea4bedf
2016-09-27 18:27:00 +03:00
|
|
|
bool aIsPreflight,
|
2017-11-03 15:23:11 +03:00
|
|
|
bool aLoadTriggeredFromExternal,
|
2018-08-31 14:21:17 +03:00
|
|
|
bool aServiceWorkerTaintingSynthesized,
|
2018-09-28 22:12:10 +03:00
|
|
|
bool aDocumentHasUserInteracted,
|
|
|
|
|
bool aDocumentHasLoaded)
|
2015-01-08 02:51:20 +03:00
|
|
|
: mLoadingPrincipal(aLoadingPrincipal)
|
|
|
|
|
, mTriggeringPrincipal(aTriggeringPrincipal)
|
2016-09-20 09:35:45 +03:00
|
|
|
, mPrincipalToInherit(aPrincipalToInherit)
|
2018-08-10 21:55:27 +03:00
|
|
|
, mTopLevelPrincipal(aTopLevelPrincipal)
|
2018-07-13 13:02:19 +03:00
|
|
|
, mTopLevelStorageAreaPrincipal(aTopLevelStorageAreaPrincipal)
|
2017-05-30 19:07:59 +03:00
|
|
|
, mResultPrincipalURI(aResultPrincipalURI)
|
2018-01-23 18:38:52 +03:00
|
|
|
, mClientInfo(aClientInfo)
|
|
|
|
|
, mReservedClientInfo(aReservedClientInfo)
|
|
|
|
|
, mInitialClientInfo(aInitialClientInfo)
|
2018-01-23 18:38:52 +03:00
|
|
|
, mController(aController)
|
2015-01-08 02:51:20 +03:00
|
|
|
, mSecurityFlags(aSecurityFlags)
|
2015-10-19 21:14:54 +03:00
|
|
|
, mInternalContentPolicyType(aContentPolicyType)
|
2015-12-07 02:33:15 +03:00
|
|
|
, mTainting(aTainting)
|
2015-07-10 23:57:55 +03:00
|
|
|
, mUpgradeInsecureRequests(aUpgradeInsecureRequests)
|
2018-02-05 18:37:27 +03:00
|
|
|
, mBrowserUpgradeInsecureRequests(aBrowserUpgradeInsecureRequests)
|
2018-03-04 17:33:33 +03:00
|
|
|
, mBrowserWouldUpgradeInsecureRequests(aBrowserWouldUpgradeInsecureRequests)
|
2016-03-14 13:56:52 +03:00
|
|
|
, mVerifySignedContent(aVerifySignedContent)
|
2016-03-16 06:13:26 +03:00
|
|
|
, mEnforceSRI(aEnforceSRI)
|
2017-11-08 22:01:41 +03:00
|
|
|
, mForceAllowDataURI(aForceAllowDataURI)
|
2018-02-18 21:52:52 +03:00
|
|
|
, mAllowInsecureRedirectToDataURI(aAllowInsecureRedirectToDataURI)
|
2018-03-29 12:14:35 +03:00
|
|
|
, mSkipContentPolicyCheckForWebRequest(aSkipContentPolicyCheckForWebRequest)
|
2017-11-05 07:06:20 +03:00
|
|
|
, mOriginalFrameSrcLoad(false)
|
2016-07-18 09:35:13 +03:00
|
|
|
, mForceInheritPrincipalDropped(aForceInheritPrincipalDropped)
|
2015-01-08 02:51:20 +03:00
|
|
|
, mInnerWindowID(aInnerWindowID)
|
2015-05-08 22:52:49 +03:00
|
|
|
, mOuterWindowID(aOuterWindowID)
|
|
|
|
|
, mParentOuterWindowID(aParentOuterWindowID)
|
2017-09-07 00:25:23 +03:00
|
|
|
, mTopOuterWindowID(aTopOuterWindowID)
|
2016-06-27 03:42:00 +03:00
|
|
|
, mFrameOuterWindowID(aFrameOuterWindowID)
|
2015-07-20 05:11:57 +03:00
|
|
|
, mEnforceSecurity(aEnforceSecurity)
|
|
|
|
|
, mInitialSecurityCheckDone(aInitialSecurityCheckDone)
|
2015-12-01 00:25:29 +03:00
|
|
|
, mIsThirdPartyContext(aIsThirdPartyContext)
|
2018-01-23 18:38:51 +03:00
|
|
|
, mIsDocshellReload(aIsDocshellReload)
|
2018-08-01 07:35:24 +03:00
|
|
|
, mSendCSPViolationEvents(aSendCSPViolationEvents)
|
2015-10-22 00:47:00 +03:00
|
|
|
, mOriginAttributes(aOriginAttributes)
|
2018-05-30 22:15:35 +03:00
|
|
|
, mAncestorPrincipals(std::move(aAncestorPrincipals))
|
2017-10-10 19:54:00 +03:00
|
|
|
, mAncestorOuterWindowIDs(aAncestorOuterWindowIDs)
|
2015-12-07 02:33:14 +03:00
|
|
|
, mCorsUnsafeHeaders(aCorsUnsafeHeaders)
|
2018-09-07 21:43:11 +03:00
|
|
|
, mTrackerBlockedReason(mozilla::Telemetry::LABELS_DOCUMENT_ANALYTICS_TRACKER_FASTBLOCKED::all)
|
2015-12-07 02:33:14 +03:00
|
|
|
, mForcePreflight(aForcePreflight)
|
|
|
|
|
, mIsPreflight(aIsPreflight)
|
2017-11-03 15:23:11 +03:00
|
|
|
, mLoadTriggeredFromExternal(aLoadTriggeredFromExternal)
|
2017-11-03 10:37:35 +03:00
|
|
|
, mServiceWorkerTaintingSynthesized(aServiceWorkerTaintingSynthesized)
|
2018-08-16 18:29:22 +03:00
|
|
|
, mIsTracker(false)
|
|
|
|
|
, mIsTrackerBlocked(false)
|
2018-08-31 14:21:17 +03:00
|
|
|
, mDocumentHasUserInteracted(aDocumentHasUserInteracted)
|
2018-09-28 22:12:10 +03:00
|
|
|
, mDocumentHasLoaded(aDocumentHasLoaded)
|
2015-01-08 02:51:20 +03:00
|
|
|
{
|
2016-04-14 02:30:16 +03:00
|
|
|
// Only top level TYPE_DOCUMENT loads can have a null loadingPrincipal
|
|
|
|
|
MOZ_ASSERT(mLoadingPrincipal || aContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT);
|
2015-01-08 02:51:20 +03:00
|
|
|
MOZ_ASSERT(mTriggeringPrincipal);
|
2015-07-20 05:11:03 +03:00
|
|
|
|
2015-11-01 01:18:59 +03:00
|
|
|
mRedirectChainIncludingInternalRedirects.SwapElements(
|
|
|
|
|
aRedirectChainIncludingInternalRedirects);
|
|
|
|
|
|
2015-07-20 05:11:03 +03:00
|
|
|
mRedirectChain.SwapElements(aRedirectChain);
|
2015-01-08 02:51:20 +03:00
|
|
|
}
|
|
|
|
|
|
2015-12-01 00:25:29 +03:00
|
|
|
void
|
2016-01-30 20:05:36 +03:00
|
|
|
LoadInfo::ComputeIsThirdPartyContext(nsPIDOMWindowOuter* aOuterWindow)
|
2015-12-01 00:25:29 +03:00
|
|
|
{
|
|
|
|
|
nsContentPolicyType type =
|
|
|
|
|
nsContentUtils::InternalContentPolicyTypeToExternal(mInternalContentPolicyType);
|
|
|
|
|
if (type == nsIContentPolicy::TYPE_DOCUMENT) {
|
|
|
|
|
// Top-level loads are never third-party.
|
|
|
|
|
mIsThirdPartyContext = false;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsCOMPtr<mozIThirdPartyUtil> util(do_GetService(THIRDPARTYUTIL_CONTRACTID));
|
|
|
|
|
if (NS_WARN_IF(!util)) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2016-03-12 07:28:00 +03:00
|
|
|
util->IsThirdPartyWindow(aOuterWindow, nullptr, &mIsThirdPartyContext);
|
2015-12-01 00:25:29 +03:00
|
|
|
}
|
|
|
|
|
|
2014-07-10 10:56:37 +04:00
|
|
|
NS_IMPL_ISUPPORTS(LoadInfo, nsILoadInfo)
|
|
|
|
|
|
2015-09-24 23:42:02 +03:00
|
|
|
already_AddRefed<nsILoadInfo>
|
|
|
|
|
LoadInfo::Clone() const
|
|
|
|
|
{
|
2015-10-18 08:24:48 +03:00
|
|
|
RefPtr<LoadInfo> copy(new LoadInfo(*this));
|
2015-09-24 23:42:02 +03:00
|
|
|
return copy.forget();
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-22 18:15:06 +03:00
|
|
|
already_AddRefed<nsILoadInfo>
|
|
|
|
|
LoadInfo::CloneWithNewSecFlags(nsSecurityFlags aSecurityFlags) const
|
|
|
|
|
{
|
|
|
|
|
RefPtr<LoadInfo> copy(new LoadInfo(*this));
|
|
|
|
|
copy->mSecurityFlags = aSecurityFlags;
|
|
|
|
|
return copy.forget();
|
|
|
|
|
}
|
|
|
|
|
|
2015-11-01 01:20:48 +03:00
|
|
|
already_AddRefed<nsILoadInfo>
|
|
|
|
|
LoadInfo::CloneForNewRequest() const
|
|
|
|
|
{
|
|
|
|
|
RefPtr<LoadInfo> copy(new LoadInfo(*this));
|
|
|
|
|
copy->mEnforceSecurity = false;
|
|
|
|
|
copy->mInitialSecurityCheckDone = false;
|
|
|
|
|
copy->mRedirectChainIncludingInternalRedirects.Clear();
|
|
|
|
|
copy->mRedirectChain.Clear();
|
2017-07-06 12:10:00 +03:00
|
|
|
copy->mResultPrincipalURI = nullptr;
|
2015-11-01 01:20:48 +03:00
|
|
|
return copy.forget();
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-10 10:56:37 +04:00
|
|
|
NS_IMETHODIMP
|
2014-11-14 19:55:59 +03:00
|
|
|
LoadInfo::GetLoadingPrincipal(nsIPrincipal** aLoadingPrincipal)
|
2014-07-10 10:56:37 +04:00
|
|
|
{
|
2016-04-14 02:30:33 +03:00
|
|
|
NS_IF_ADDREF(*aLoadingPrincipal = mLoadingPrincipal);
|
2014-07-10 10:56:37 +04:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsIPrincipal*
|
|
|
|
|
LoadInfo::LoadingPrincipal()
|
|
|
|
|
{
|
2014-11-14 19:55:59 +03:00
|
|
|
return mLoadingPrincipal;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetTriggeringPrincipal(nsIPrincipal** aTriggeringPrincipal)
|
|
|
|
|
{
|
|
|
|
|
NS_ADDREF(*aTriggeringPrincipal = mTriggeringPrincipal);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsIPrincipal*
|
|
|
|
|
LoadInfo::TriggeringPrincipal()
|
|
|
|
|
{
|
|
|
|
|
return mTriggeringPrincipal;
|
2014-07-10 10:56:37 +04:00
|
|
|
}
|
|
|
|
|
|
2016-09-20 09:35:45 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetPrincipalToInherit(nsIPrincipal** aPrincipalToInherit)
|
|
|
|
|
{
|
2016-11-08 09:23:12 +03:00
|
|
|
NS_IF_ADDREF(*aPrincipalToInherit = mPrincipalToInherit);
|
2016-09-20 09:35:45 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetPrincipalToInherit(nsIPrincipal* aPrincipalToInherit)
|
|
|
|
|
{
|
|
|
|
|
MOZ_ASSERT(aPrincipalToInherit, "must be a valid principal to inherit");
|
|
|
|
|
mPrincipalToInherit = aPrincipalToInherit;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsIPrincipal*
|
|
|
|
|
LoadInfo::PrincipalToInherit()
|
|
|
|
|
{
|
|
|
|
|
return mPrincipalToInherit;
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-03 05:56:27 +03:00
|
|
|
nsIPrincipal*
|
|
|
|
|
LoadInfo::FindPrincipalToInherit(nsIChannel* aChannel)
|
|
|
|
|
{
|
|
|
|
|
if (mPrincipalToInherit) {
|
|
|
|
|
return mPrincipalToInherit;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsCOMPtr<nsIURI> uri = mResultPrincipalURI;
|
|
|
|
|
if (!uri) {
|
|
|
|
|
Unused << aChannel->GetOriginalURI(getter_AddRefs(uri));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
auto prin = BasePrincipal::Cast(mTriggeringPrincipal);
|
2017-11-23 01:20:26 +03:00
|
|
|
return prin->PrincipalToInherit(uri);
|
2017-11-03 05:56:27 +03:00
|
|
|
}
|
|
|
|
|
|
2018-11-20 04:17:53 +03:00
|
|
|
nsIPrincipal*
|
|
|
|
|
LoadInfo::GetSandboxedLoadingPrincipal()
|
2017-02-01 01:56:15 +03:00
|
|
|
{
|
|
|
|
|
if (!(mSecurityFlags & nsILoadInfo::SEC_SANDBOXED)) {
|
2018-11-20 04:17:53 +03:00
|
|
|
return nullptr;
|
2017-02-01 01:56:15 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!mSandboxedLoadingPrincipal) {
|
|
|
|
|
if (mLoadingPrincipal) {
|
|
|
|
|
mSandboxedLoadingPrincipal =
|
2017-03-22 13:38:40 +03:00
|
|
|
NullPrincipal::CreateWithInheritedAttributes(mLoadingPrincipal);
|
2017-02-01 01:56:15 +03:00
|
|
|
} else {
|
|
|
|
|
OriginAttributes attrs(mOriginAttributes);
|
2017-03-22 13:38:40 +03:00
|
|
|
mSandboxedLoadingPrincipal = NullPrincipal::Create(attrs);
|
2017-02-01 01:56:15 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
MOZ_ASSERT(mSandboxedLoadingPrincipal);
|
|
|
|
|
|
2018-11-20 04:17:53 +03:00
|
|
|
return mSandboxedLoadingPrincipal;
|
2018-08-10 21:55:27 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsIPrincipal*
|
2018-11-20 04:17:53 +03:00
|
|
|
LoadInfo::GetTopLevelPrincipal()
|
2018-08-10 21:55:27 +03:00
|
|
|
{
|
|
|
|
|
return mTopLevelPrincipal;
|
|
|
|
|
}
|
|
|
|
|
|
2018-07-13 13:02:19 +03:00
|
|
|
nsIPrincipal*
|
2018-11-20 04:17:53 +03:00
|
|
|
LoadInfo::GetTopLevelStorageAreaPrincipal()
|
2018-07-13 13:02:19 +03:00
|
|
|
{
|
|
|
|
|
return mTopLevelStorageAreaPrincipal;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-17 00:16:12 +04:00
|
|
|
NS_IMETHODIMP
|
2018-05-11 20:46:15 +03:00
|
|
|
LoadInfo::GetLoadingDocument(nsIDocument** aResult)
|
2014-07-17 00:16:12 +04:00
|
|
|
{
|
|
|
|
|
nsCOMPtr<nsINode> node = do_QueryReferent(mLoadingContext);
|
|
|
|
|
if (node) {
|
2018-05-11 20:46:15 +03:00
|
|
|
nsCOMPtr<nsIDocument> context = node->OwnerDoc();
|
2015-02-13 22:36:37 +03:00
|
|
|
context.forget(aResult);
|
2014-07-17 00:16:12 +04:00
|
|
|
}
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsINode*
|
|
|
|
|
LoadInfo::LoadingNode()
|
|
|
|
|
{
|
|
|
|
|
nsCOMPtr<nsINode> node = do_QueryReferent(mLoadingContext);
|
|
|
|
|
return node;
|
|
|
|
|
}
|
|
|
|
|
|
2018-05-30 22:21:18 +03:00
|
|
|
already_AddRefed<nsISupports>
|
2017-09-05 19:01:07 +03:00
|
|
|
LoadInfo::ContextForTopLevelLoad()
|
|
|
|
|
{
|
|
|
|
|
// Most likely you want to query LoadingNode() instead of
|
|
|
|
|
// ContextForTopLevelLoad() if this assertion fires.
|
|
|
|
|
MOZ_ASSERT(mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
|
|
|
|
|
"should only query this context for top level document loads");
|
|
|
|
|
nsCOMPtr<nsISupports> context = do_QueryReferent(mContextForTopLevelLoad);
|
2018-05-30 22:21:18 +03:00
|
|
|
return context.forget();
|
2017-09-05 19:01:07 +03:00
|
|
|
}
|
|
|
|
|
|
2018-03-29 13:16:23 +03:00
|
|
|
already_AddRefed<nsISupports>
|
|
|
|
|
LoadInfo::GetLoadingContext()
|
|
|
|
|
{
|
|
|
|
|
nsCOMPtr<nsISupports> context;
|
|
|
|
|
if (mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT) {
|
|
|
|
|
context = ContextForTopLevelLoad();
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
context = LoadingNode();
|
|
|
|
|
}
|
|
|
|
|
return context.forget();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetLoadingContextXPCOM(nsISupports** aResult)
|
|
|
|
|
{
|
|
|
|
|
nsCOMPtr<nsISupports> context = GetLoadingContext();
|
|
|
|
|
context.forget(aResult);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-17 00:16:12 +04:00
|
|
|
NS_IMETHODIMP
|
2015-02-13 22:36:37 +03:00
|
|
|
LoadInfo::GetSecurityFlags(nsSecurityFlags* aResult)
|
2014-07-17 00:16:12 +04:00
|
|
|
{
|
2015-02-13 22:36:37 +03:00
|
|
|
*aResult = mSecurityFlags;
|
2014-07-17 00:16:12 +04:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-20 05:11:57 +03:00
|
|
|
NS_IMETHODIMP
|
2015-12-01 00:25:29 +03:00
|
|
|
LoadInfo::GetSecurityMode(uint32_t* aFlags)
|
2015-07-20 05:11:57 +03:00
|
|
|
{
|
|
|
|
|
*aFlags = (mSecurityFlags &
|
|
|
|
|
(nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS |
|
|
|
|
|
nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED |
|
|
|
|
|
nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS |
|
|
|
|
|
nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL |
|
|
|
|
|
nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS));
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-12-01 00:25:29 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetIsInThirdPartyContext(bool* aIsInThirdPartyContext)
|
|
|
|
|
{
|
|
|
|
|
*aIsInThirdPartyContext = mIsThirdPartyContext;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-12-07 02:33:15 +03:00
|
|
|
static const uint32_t sCookiePolicyMask =
|
|
|
|
|
nsILoadInfo::SEC_COOKIES_DEFAULT |
|
|
|
|
|
nsILoadInfo::SEC_COOKIES_INCLUDE |
|
|
|
|
|
nsILoadInfo::SEC_COOKIES_SAME_ORIGIN |
|
|
|
|
|
nsILoadInfo::SEC_COOKIES_OMIT;
|
|
|
|
|
|
2015-07-20 05:11:57 +03:00
|
|
|
NS_IMETHODIMP
|
2015-12-07 02:33:15 +03:00
|
|
|
LoadInfo::GetCookiePolicy(uint32_t *aResult)
|
2015-07-20 05:11:57 +03:00
|
|
|
{
|
2015-12-07 02:33:15 +03:00
|
|
|
uint32_t policy = mSecurityFlags & sCookiePolicyMask;
|
|
|
|
|
if (policy == nsILoadInfo::SEC_COOKIES_DEFAULT) {
|
|
|
|
|
policy = (mSecurityFlags & SEC_REQUIRE_CORS_DATA_INHERITS) ?
|
|
|
|
|
nsILoadInfo::SEC_COOKIES_SAME_ORIGIN : nsILoadInfo::SEC_COOKIES_INCLUDE;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*aResult = policy;
|
2015-07-20 05:11:57 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-12-07 02:33:15 +03:00
|
|
|
void
|
|
|
|
|
LoadInfo::SetIncludeCookiesSecFlag()
|
|
|
|
|
{
|
|
|
|
|
MOZ_ASSERT(!mEnforceSecurity,
|
|
|
|
|
"Request should not have been opened yet");
|
|
|
|
|
MOZ_ASSERT((mSecurityFlags & sCookiePolicyMask) ==
|
|
|
|
|
nsILoadInfo::SEC_COOKIES_DEFAULT);
|
|
|
|
|
mSecurityFlags = (mSecurityFlags & ~sCookiePolicyMask) |
|
|
|
|
|
nsILoadInfo::SEC_COOKIES_INCLUDE;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-10 10:56:37 +04:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetForceInheritPrincipal(bool* aInheritPrincipal)
|
|
|
|
|
{
|
2015-02-13 22:36:37 +03:00
|
|
|
*aInheritPrincipal =
|
|
|
|
|
(mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
|
2014-07-10 10:56:37 +04:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2016-10-05 22:19:51 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetForceInheritPrincipalOverruleOwner(bool* aInheritPrincipal)
|
|
|
|
|
{
|
|
|
|
|
*aInheritPrincipal =
|
|
|
|
|
(mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-10 10:56:37 +04:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetLoadingSandboxed(bool* aLoadingSandboxed)
|
|
|
|
|
{
|
2014-07-17 00:16:12 +04:00
|
|
|
*aLoadingSandboxed = (mSecurityFlags & nsILoadInfo::SEC_SANDBOXED);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-20 05:11:57 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetAboutBlankInherits(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult =
|
|
|
|
|
(mSecurityFlags & nsILoadInfo::SEC_ABOUT_BLANK_INHERITS);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-15 04:59:35 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetAllowChrome(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult =
|
|
|
|
|
(mSecurityFlags & nsILoadInfo::SEC_ALLOW_CHROME);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
2016-05-24 00:57:31 +03:00
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetDisallowScript(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult =
|
|
|
|
|
(mSecurityFlags & nsILoadInfo::SEC_DISALLOW_SCRIPT);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-15 04:59:35 +03:00
|
|
|
|
2015-11-24 05:47:10 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetDontFollowRedirects(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult =
|
|
|
|
|
(mSecurityFlags & nsILoadInfo::SEC_DONT_FOLLOW_REDIRECTS);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-16 04:47:14 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetLoadErrorPage(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult =
|
|
|
|
|
(mSecurityFlags & nsILoadInfo::SEC_LOAD_ERROR_PAGE);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-23 18:38:51 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetIsDocshellReload(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = mIsDocshellReload;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetIsDocshellReload(bool aValue)
|
|
|
|
|
{
|
|
|
|
|
mIsDocshellReload = aValue;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2018-08-01 07:35:24 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetSendCSPViolationEvents(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = mSendCSPViolationEvents;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetSendCSPViolationEvents(bool aValue)
|
|
|
|
|
{
|
|
|
|
|
mSendCSPViolationEvents = aValue;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2014-07-17 00:16:12 +04:00
|
|
|
NS_IMETHODIMP
|
2015-10-19 21:14:54 +03:00
|
|
|
LoadInfo::GetExternalContentPolicyType(nsContentPolicyType* aResult)
|
2014-07-17 00:16:12 +04:00
|
|
|
{
|
2015-10-19 21:14:54 +03:00
|
|
|
*aResult = nsContentUtils::InternalContentPolicyTypeToExternal(mInternalContentPolicyType);
|
2014-07-10 10:56:37 +04:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-17 07:18:16 +03:00
|
|
|
nsContentPolicyType
|
|
|
|
|
LoadInfo::InternalContentPolicyType()
|
|
|
|
|
{
|
2015-10-19 21:14:54 +03:00
|
|
|
return mInternalContentPolicyType;
|
2015-06-17 07:18:16 +03:00
|
|
|
}
|
|
|
|
|
|
2015-07-10 23:57:55 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetUpgradeInsecureRequests(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = mUpgradeInsecureRequests;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2018-02-05 18:37:27 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetBrowserUpgradeInsecureRequests(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = mBrowserUpgradeInsecureRequests;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-04 17:33:33 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetBrowserWouldUpgradeInsecureRequests(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = mBrowserWouldUpgradeInsecureRequests;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2016-03-14 13:56:52 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetVerifySignedContent(bool aVerifySignedContent)
|
|
|
|
|
{
|
|
|
|
|
MOZ_ASSERT(mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
|
|
|
|
|
"can only verify content for TYPE_DOCUMENT");
|
|
|
|
|
mVerifySignedContent = aVerifySignedContent;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetVerifySignedContent(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = mVerifySignedContent;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2016-03-16 06:13:26 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetEnforceSRI(bool aEnforceSRI)
|
|
|
|
|
{
|
|
|
|
|
mEnforceSRI = aEnforceSRI;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetEnforceSRI(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = mEnforceSRI;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2016-07-18 09:35:13 +03:00
|
|
|
NS_IMETHODIMP
|
2017-11-08 22:01:41 +03:00
|
|
|
LoadInfo::SetForceAllowDataURI(bool aForceAllowDataURI)
|
|
|
|
|
{
|
|
|
|
|
MOZ_ASSERT(!mForceAllowDataURI ||
|
|
|
|
|
mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
|
|
|
|
|
"can only allow data URI navigation for TYPE_DOCUMENT");
|
|
|
|
|
mForceAllowDataURI = aForceAllowDataURI;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetForceAllowDataURI(bool* aForceAllowDataURI)
|
|
|
|
|
{
|
|
|
|
|
*aForceAllowDataURI = mForceAllowDataURI;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2018-02-18 21:52:52 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetAllowInsecureRedirectToDataURI(bool aAllowInsecureRedirectToDataURI)
|
|
|
|
|
{
|
|
|
|
|
mAllowInsecureRedirectToDataURI = aAllowInsecureRedirectToDataURI;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetAllowInsecureRedirectToDataURI(bool* aAllowInsecureRedirectToDataURI)
|
|
|
|
|
{
|
|
|
|
|
*aAllowInsecureRedirectToDataURI = mAllowInsecureRedirectToDataURI;
|
|
|
|
|
return NS_OK;
|
2017-11-08 22:01:41 +03:00
|
|
|
}
|
|
|
|
|
|
2018-03-29 12:14:35 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetSkipContentPolicyCheckForWebRequest(bool aSkip)
|
|
|
|
|
{
|
|
|
|
|
mSkipContentPolicyCheckForWebRequest = aSkip;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetSkipContentPolicyCheckForWebRequest(bool* aSkip)
|
|
|
|
|
{
|
|
|
|
|
*aSkip = mSkipContentPolicyCheckForWebRequest;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-05 07:06:20 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetOriginalFrameSrcLoad(bool aOriginalFrameSrcLoad)
|
|
|
|
|
{
|
|
|
|
|
mOriginalFrameSrcLoad = aOriginalFrameSrcLoad;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetOriginalFrameSrcLoad(bool* aOriginalFrameSrcLoad)
|
|
|
|
|
{
|
|
|
|
|
*aOriginalFrameSrcLoad = mOriginalFrameSrcLoad;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-08 22:01:41 +03:00
|
|
|
NS_IMETHODIMP
|
2016-07-18 09:35:13 +03:00
|
|
|
LoadInfo::GetForceInheritPrincipalDropped(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = mForceInheritPrincipalDropped;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-01-08 02:51:20 +03:00
|
|
|
NS_IMETHODIMP
|
2015-05-08 22:52:49 +03:00
|
|
|
LoadInfo::GetInnerWindowID(uint64_t* aResult)
|
2015-01-08 02:51:20 +03:00
|
|
|
{
|
2015-02-13 22:36:37 +03:00
|
|
|
*aResult = mInnerWindowID;
|
2015-01-08 02:51:20 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-08 22:52:49 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetOuterWindowID(uint64_t* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = mOuterWindowID;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetParentOuterWindowID(uint64_t* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = mParentOuterWindowID;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-07 00:25:23 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetTopOuterWindowID(uint64_t* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = mTopOuterWindowID;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-27 03:42:00 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetFrameOuterWindowID(uint64_t* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = mFrameOuterWindowID;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-22 00:47:00 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetScriptableOriginAttributes(JSContext* aCx,
|
|
|
|
|
JS::MutableHandle<JS::Value> aOriginAttributes)
|
|
|
|
|
{
|
|
|
|
|
if (NS_WARN_IF(!ToJSValue(aCx, mOriginAttributes, aOriginAttributes))) {
|
|
|
|
|
return NS_ERROR_FAILURE;
|
|
|
|
|
}
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2016-10-05 22:19:51 +03:00
|
|
|
NS_IMETHODIMP
|
2017-04-03 21:06:53 +03:00
|
|
|
LoadInfo::ResetPrincipalToInheritToNullPrincipal()
|
2016-10-05 22:19:51 +03:00
|
|
|
{
|
|
|
|
|
// take the originAttributes from the LoadInfo and create
|
|
|
|
|
// a new NullPrincipal using those origin attributes.
|
2017-03-08 09:41:51 +03:00
|
|
|
nsCOMPtr<nsIPrincipal> newNullPrincipal =
|
2017-03-22 13:38:40 +03:00
|
|
|
NullPrincipal::Create(mOriginAttributes);
|
2016-10-05 22:19:51 +03:00
|
|
|
|
|
|
|
|
mPrincipalToInherit = newNullPrincipal;
|
|
|
|
|
|
|
|
|
|
// setting SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER will overrule
|
|
|
|
|
// any non null owner set on the channel and will return the principal
|
|
|
|
|
// form the loadinfo instead.
|
|
|
|
|
mSecurityFlags |= SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER;
|
|
|
|
|
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-22 00:47:00 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetScriptableOriginAttributes(JSContext* aCx,
|
|
|
|
|
JS::Handle<JS::Value> aOriginAttributes)
|
|
|
|
|
{
|
2017-01-12 19:38:48 +03:00
|
|
|
OriginAttributes attrs;
|
2015-10-22 00:47:00 +03:00
|
|
|
if (!aOriginAttributes.isObject() || !attrs.Init(aCx, aOriginAttributes)) {
|
|
|
|
|
return NS_ERROR_INVALID_ARG;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
mOriginAttributes = attrs;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsresult
|
2017-01-12 19:38:48 +03:00
|
|
|
LoadInfo::GetOriginAttributes(mozilla::OriginAttributes* aOriginAttributes)
|
2015-10-22 00:47:00 +03:00
|
|
|
{
|
|
|
|
|
NS_ENSURE_ARG(aOriginAttributes);
|
|
|
|
|
*aOriginAttributes = mOriginAttributes;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsresult
|
2017-01-12 19:38:48 +03:00
|
|
|
LoadInfo::SetOriginAttributes(const mozilla::OriginAttributes& aOriginAttributes)
|
2015-10-22 00:47:00 +03:00
|
|
|
{
|
|
|
|
|
mOriginAttributes = aOriginAttributes;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-20 05:11:57 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetEnforceSecurity(bool aEnforceSecurity)
|
|
|
|
|
{
|
|
|
|
|
// Indicates whether the channel was openend using AsyncOpen2. Once set
|
|
|
|
|
// to true, it must remain true throughout the lifetime of the channel.
|
|
|
|
|
// Setting it to anything else than true will be discarded.
|
|
|
|
|
MOZ_ASSERT(aEnforceSecurity, "aEnforceSecurity must be true");
|
|
|
|
|
mEnforceSecurity = mEnforceSecurity || aEnforceSecurity;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetEnforceSecurity(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = mEnforceSecurity;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetInitialSecurityCheckDone(bool aInitialSecurityCheckDone)
|
|
|
|
|
{
|
|
|
|
|
// Indicates whether the channel was ever evaluated by the
|
|
|
|
|
// ContentSecurityManager. Once set to true, this flag must
|
|
|
|
|
// remain true throughout the lifetime of the channel.
|
|
|
|
|
// Setting it to anything else than true will be discarded.
|
|
|
|
|
MOZ_ASSERT(aInitialSecurityCheckDone, "aInitialSecurityCheckDone must be true");
|
|
|
|
|
mInitialSecurityCheckDone = mInitialSecurityCheckDone || aInitialSecurityCheckDone;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetInitialSecurityCheckDone(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = mInitialSecurityCheckDone;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-20 05:11:03 +03:00
|
|
|
NS_IMETHODIMP
|
2017-05-25 20:42:00 +03:00
|
|
|
LoadInfo::AppendRedirectHistoryEntry(nsIRedirectHistoryEntry* aEntry,
|
|
|
|
|
bool aIsInternalRedirect)
|
2015-07-20 05:11:03 +03:00
|
|
|
{
|
2017-05-25 20:42:00 +03:00
|
|
|
NS_ENSURE_ARG(aEntry);
|
2015-11-01 01:22:01 +03:00
|
|
|
MOZ_ASSERT(NS_IsMainThread());
|
|
|
|
|
|
2017-05-25 20:42:00 +03:00
|
|
|
mRedirectChainIncludingInternalRedirects.AppendElement(aEntry);
|
2015-11-01 01:18:59 +03:00
|
|
|
if (!aIsInternalRedirect) {
|
2017-05-25 20:42:00 +03:00
|
|
|
mRedirectChain.AppendElement(aEntry);
|
2015-11-01 01:18:59 +03:00
|
|
|
}
|
2015-07-20 05:11:03 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-11-01 01:18:59 +03:00
|
|
|
NS_IMETHODIMP
|
2017-05-25 20:42:00 +03:00
|
|
|
LoadInfo::GetRedirects(JSContext* aCx, JS::MutableHandle<JS::Value> aRedirects,
|
|
|
|
|
const RedirectHistoryArray& aArray)
|
2015-11-01 01:18:59 +03:00
|
|
|
{
|
2017-05-25 20:42:00 +03:00
|
|
|
JS::Rooted<JSObject*> redirects(aCx, JS_NewArrayObject(aCx, aArray.Length()));
|
|
|
|
|
NS_ENSURE_TRUE(redirects, NS_ERROR_OUT_OF_MEMORY);
|
|
|
|
|
|
|
|
|
|
JS::Rooted<JSObject*> global(aCx, JS::CurrentGlobalOrNull(aCx));
|
|
|
|
|
NS_ENSURE_TRUE(global, NS_ERROR_UNEXPECTED);
|
|
|
|
|
|
2018-09-06 17:01:58 +03:00
|
|
|
nsCOMPtr<nsIXPConnect> xpc = nsIXPConnect::XPConnect();
|
2017-05-25 20:42:00 +03:00
|
|
|
|
|
|
|
|
for (size_t idx = 0; idx < aArray.Length(); idx++) {
|
|
|
|
|
JS::RootedObject jsobj(aCx);
|
|
|
|
|
nsresult rv = xpc->WrapNative(aCx, global, aArray[idx],
|
|
|
|
|
NS_GET_IID(nsIRedirectHistoryEntry),
|
|
|
|
|
jsobj.address());
|
|
|
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
|
NS_ENSURE_STATE(jsobj);
|
|
|
|
|
|
|
|
|
|
bool rc = JS_DefineElement(aCx, redirects, idx, jsobj, JSPROP_ENUMERATE);
|
|
|
|
|
NS_ENSURE_TRUE(rc, NS_ERROR_UNEXPECTED);
|
2015-11-01 01:18:59 +03:00
|
|
|
}
|
2017-05-25 20:42:00 +03:00
|
|
|
|
|
|
|
|
aRedirects.setObject(*redirects);
|
2015-11-01 01:18:59 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-25 20:42:00 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetRedirectChainIncludingInternalRedirects(JSContext* aCx, JS::MutableHandle<JS::Value> aChain)
|
|
|
|
|
{
|
|
|
|
|
return GetRedirects(aCx, aChain, mRedirectChainIncludingInternalRedirects);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const RedirectHistoryArray&
|
2015-11-01 01:18:59 +03:00
|
|
|
LoadInfo::RedirectChainIncludingInternalRedirects()
|
|
|
|
|
{
|
|
|
|
|
return mRedirectChainIncludingInternalRedirects;
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-20 05:11:03 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetRedirectChain(JSContext* aCx, JS::MutableHandle<JS::Value> aChain)
|
|
|
|
|
{
|
2017-05-25 20:42:00 +03:00
|
|
|
return GetRedirects(aCx, aChain, mRedirectChain);
|
2015-07-20 05:11:03 +03:00
|
|
|
}
|
|
|
|
|
|
2017-05-25 20:42:00 +03:00
|
|
|
const RedirectHistoryArray&
|
2015-07-20 05:11:03 +03:00
|
|
|
LoadInfo::RedirectChain()
|
|
|
|
|
{
|
|
|
|
|
return mRedirectChain;
|
|
|
|
|
}
|
|
|
|
|
|
2017-10-10 19:54:00 +03:00
|
|
|
const nsTArray<nsCOMPtr<nsIPrincipal>>&
|
|
|
|
|
LoadInfo::AncestorPrincipals()
|
|
|
|
|
{
|
|
|
|
|
return mAncestorPrincipals;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const nsTArray<uint64_t>&
|
|
|
|
|
LoadInfo::AncestorOuterWindowIDs()
|
|
|
|
|
{
|
|
|
|
|
return mAncestorOuterWindowIDs;
|
|
|
|
|
}
|
|
|
|
|
|
2015-12-07 02:33:14 +03:00
|
|
|
void
|
|
|
|
|
LoadInfo::SetCorsPreflightInfo(const nsTArray<nsCString>& aHeaders,
|
|
|
|
|
bool aForcePreflight)
|
|
|
|
|
{
|
|
|
|
|
MOZ_ASSERT(GetSecurityMode() == nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS);
|
|
|
|
|
MOZ_ASSERT(!mInitialSecurityCheckDone);
|
|
|
|
|
mCorsUnsafeHeaders = aHeaders;
|
|
|
|
|
mForcePreflight = aForcePreflight;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const nsTArray<nsCString>&
|
|
|
|
|
LoadInfo::CorsUnsafeHeaders()
|
|
|
|
|
{
|
|
|
|
|
return mCorsUnsafeHeaders;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetForcePreflight(bool* aForcePreflight)
|
|
|
|
|
{
|
|
|
|
|
*aForcePreflight = mForcePreflight;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
LoadInfo::SetIsPreflight()
|
|
|
|
|
{
|
|
|
|
|
MOZ_ASSERT(GetSecurityMode() == nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS);
|
|
|
|
|
MOZ_ASSERT(!mInitialSecurityCheckDone);
|
|
|
|
|
mIsPreflight = true;
|
|
|
|
|
}
|
|
|
|
|
|
2017-01-23 17:29:44 +03:00
|
|
|
void
|
|
|
|
|
LoadInfo::SetUpgradeInsecureRequests()
|
|
|
|
|
{
|
|
|
|
|
mUpgradeInsecureRequests = true;
|
|
|
|
|
}
|
|
|
|
|
|
2018-02-05 18:37:27 +03:00
|
|
|
void
|
|
|
|
|
LoadInfo::SetBrowserUpgradeInsecureRequests()
|
|
|
|
|
{
|
|
|
|
|
mBrowserUpgradeInsecureRequests = true;
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-04 17:33:33 +03:00
|
|
|
void
|
|
|
|
|
LoadInfo::SetBrowserWouldUpgradeInsecureRequests()
|
|
|
|
|
{
|
|
|
|
|
mBrowserWouldUpgradeInsecureRequests = true;
|
|
|
|
|
}
|
|
|
|
|
|
2015-12-07 02:33:14 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetIsPreflight(bool* aIsPreflight)
|
|
|
|
|
{
|
|
|
|
|
*aIsPreflight = mIsPreflight;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-03 15:23:11 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetLoadTriggeredFromExternal(bool aLoadTriggeredFromExternal)
|
|
|
|
|
{
|
|
|
|
|
MOZ_ASSERT(!aLoadTriggeredFromExternal ||
|
|
|
|
|
mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
|
|
|
|
|
"can only set load triggered from external for TYPE_DOCUMENT");
|
|
|
|
|
mLoadTriggeredFromExternal = aLoadTriggeredFromExternal;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetLoadTriggeredFromExternal(bool* aLoadTriggeredFromExternal)
|
|
|
|
|
{
|
|
|
|
|
*aLoadTriggeredFromExternal = mLoadTriggeredFromExternal;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-03 10:37:35 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetServiceWorkerTaintingSynthesized(bool* aServiceWorkerTaintingSynthesized)
|
|
|
|
|
{
|
|
|
|
|
MOZ_ASSERT(aServiceWorkerTaintingSynthesized);
|
|
|
|
|
*aServiceWorkerTaintingSynthesized = mServiceWorkerTaintingSynthesized;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-22 21:07:32 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetTainting(uint32_t* aTaintingOut)
|
|
|
|
|
{
|
|
|
|
|
MOZ_ASSERT(aTaintingOut);
|
|
|
|
|
*aTaintingOut = static_cast<uint32_t>(mTainting);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::MaybeIncreaseTainting(uint32_t aTainting)
|
|
|
|
|
{
|
|
|
|
|
NS_ENSURE_ARG(aTainting <= TAINTING_OPAQUE);
|
2017-11-03 10:37:35 +03:00
|
|
|
|
|
|
|
|
// Skip if the tainting has been set by the service worker.
|
|
|
|
|
if (mServiceWorkerTaintingSynthesized) {
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-22 21:07:32 +03:00
|
|
|
LoadTainting tainting = static_cast<LoadTainting>(aTainting);
|
|
|
|
|
if (tainting > mTainting) {
|
|
|
|
|
mTainting = tainting;
|
|
|
|
|
}
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-07 18:34:51 +03:00
|
|
|
void
|
|
|
|
|
LoadInfo::SynthesizeServiceWorkerTainting(LoadTainting aTainting)
|
|
|
|
|
{
|
|
|
|
|
MOZ_DIAGNOSTIC_ASSERT(aTainting <= LoadTainting::Opaque);
|
|
|
|
|
mTainting = aTainting;
|
2017-11-03 10:37:35 +03:00
|
|
|
|
|
|
|
|
// Flag to prevent the tainting from being increased.
|
|
|
|
|
mServiceWorkerTaintingSynthesized = true;
|
2017-06-07 18:34:51 +03:00
|
|
|
}
|
|
|
|
|
|
2018-08-16 18:29:22 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetIsTracker(bool *aIsTracker)
|
|
|
|
|
{
|
|
|
|
|
MOZ_ASSERT(aIsTracker);
|
|
|
|
|
*aIsTracker = mIsTracker;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetIsTracker(bool aIsTracker)
|
|
|
|
|
{
|
|
|
|
|
mIsTracker = aIsTracker;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetIsTrackerBlocked(bool *aIsTrackerBlocked)
|
|
|
|
|
{
|
|
|
|
|
MOZ_ASSERT(aIsTrackerBlocked);
|
|
|
|
|
*aIsTrackerBlocked = mIsTrackerBlocked;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetIsTrackerBlocked(bool aIsTrackerBlocked)
|
|
|
|
|
{
|
|
|
|
|
mIsTrackerBlocked = aIsTrackerBlocked;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-07 21:43:11 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetTrackerBlockedReason(mozilla::Telemetry::LABELS_DOCUMENT_ANALYTICS_TRACKER_FASTBLOCKED *aLabel)
|
|
|
|
|
{
|
|
|
|
|
MOZ_ASSERT(aLabel);
|
|
|
|
|
*aLabel = mTrackerBlockedReason;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetTrackerBlockedReason(mozilla::Telemetry::LABELS_DOCUMENT_ANALYTICS_TRACKER_FASTBLOCKED aLabel)
|
|
|
|
|
{
|
|
|
|
|
mTrackerBlockedReason = aLabel;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2018-08-31 14:21:17 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetDocumentHasUserInteracted(bool *aDocumentHasUserInteracted)
|
|
|
|
|
{
|
|
|
|
|
MOZ_ASSERT(aDocumentHasUserInteracted);
|
|
|
|
|
*aDocumentHasUserInteracted = mDocumentHasUserInteracted;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetDocumentHasUserInteracted(bool aDocumentHasUserInteracted)
|
|
|
|
|
{
|
|
|
|
|
mDocumentHasUserInteracted = aDocumentHasUserInteracted;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-28 22:12:10 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetDocumentHasLoaded(bool *aDocumentHasLoaded)
|
|
|
|
|
{
|
|
|
|
|
MOZ_ASSERT(aDocumentHasLoaded);
|
|
|
|
|
*aDocumentHasLoaded = mDocumentHasLoaded;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetDocumentHasLoaded(bool aDocumentHasLoaded)
|
|
|
|
|
{
|
|
|
|
|
mDocumentHasLoaded = aDocumentHasLoaded;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-22 04:46:09 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetIsTopLevelLoad(bool *aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = mFrameOuterWindowID ? mFrameOuterWindowID == mOuterWindowID
|
|
|
|
|
: mParentOuterWindowID == mOuterWindowID;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-30 19:07:59 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetResultPrincipalURI(nsIURI **aURI)
|
|
|
|
|
{
|
|
|
|
|
NS_IF_ADDREF(*aURI = mResultPrincipalURI);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetResultPrincipalURI(nsIURI *aURI)
|
|
|
|
|
{
|
|
|
|
|
mResultPrincipalURI = aURI;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-16 21:15:09 +03:00
|
|
|
void
|
|
|
|
|
LoadInfo::SetClientInfo(const ClientInfo& aClientInfo)
|
|
|
|
|
{
|
|
|
|
|
mClientInfo.emplace(aClientInfo);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const Maybe<ClientInfo>&
|
|
|
|
|
LoadInfo::GetClientInfo()
|
|
|
|
|
{
|
|
|
|
|
return mClientInfo;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
LoadInfo::GiveReservedClientSource(UniquePtr<ClientSource>&& aClientSource)
|
|
|
|
|
{
|
|
|
|
|
MOZ_DIAGNOSTIC_ASSERT(aClientSource);
|
2018-05-30 22:15:35 +03:00
|
|
|
mReservedClientSource = std::move(aClientSource);
|
2017-11-16 21:15:09 +03:00
|
|
|
SetReservedClientInfo(mReservedClientSource->Info());
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
UniquePtr<ClientSource>
|
|
|
|
|
LoadInfo::TakeReservedClientSource()
|
|
|
|
|
{
|
|
|
|
|
if (mReservedClientSource) {
|
|
|
|
|
// If the reserved ClientInfo was set due to a ClientSource being present,
|
|
|
|
|
// then clear that info object when the ClientSource is taken.
|
|
|
|
|
mReservedClientInfo.reset();
|
|
|
|
|
}
|
2018-05-30 22:15:35 +03:00
|
|
|
return std::move(mReservedClientSource);
|
2017-11-16 21:15:09 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
LoadInfo::SetReservedClientInfo(const ClientInfo& aClientInfo)
|
|
|
|
|
{
|
|
|
|
|
MOZ_DIAGNOSTIC_ASSERT(mInitialClientInfo.isNothing());
|
2018-06-04 19:26:51 +03:00
|
|
|
// Treat assignments of the same value as a no-op. The emplace below
|
|
|
|
|
// will normally assert when overwriting an existing value.
|
|
|
|
|
if (mReservedClientInfo.isSome() && mReservedClientInfo.ref() == aClientInfo) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2017-11-16 21:15:09 +03:00
|
|
|
mReservedClientInfo.emplace(aClientInfo);
|
|
|
|
|
}
|
|
|
|
|
|
2018-06-22 18:09:00 +03:00
|
|
|
void
|
|
|
|
|
LoadInfo::OverrideReservedClientInfoInParent(const ClientInfo& aClientInfo)
|
|
|
|
|
{
|
|
|
|
|
// This should only be called to handle redirects in the parent process.
|
|
|
|
|
MOZ_ASSERT(XRE_GetProcessType() == GeckoProcessType_Default);
|
|
|
|
|
|
|
|
|
|
mInitialClientInfo.reset();
|
|
|
|
|
mReservedClientInfo.reset();
|
|
|
|
|
mReservedClientInfo.emplace(aClientInfo);
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-16 21:15:09 +03:00
|
|
|
const Maybe<ClientInfo>&
|
|
|
|
|
LoadInfo::GetReservedClientInfo()
|
|
|
|
|
{
|
|
|
|
|
return mReservedClientInfo;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
LoadInfo::SetInitialClientInfo(const ClientInfo& aClientInfo)
|
|
|
|
|
{
|
|
|
|
|
MOZ_DIAGNOSTIC_ASSERT(!mReservedClientSource);
|
|
|
|
|
MOZ_DIAGNOSTIC_ASSERT(mReservedClientInfo.isNothing());
|
2018-06-04 19:26:51 +03:00
|
|
|
// Treat assignments of the same value as a no-op. The emplace below
|
|
|
|
|
// will normally assert when overwriting an existing value.
|
|
|
|
|
if (mInitialClientInfo.isSome() && mInitialClientInfo.ref() == aClientInfo) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2017-11-16 21:15:09 +03:00
|
|
|
mInitialClientInfo.emplace(aClientInfo);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const Maybe<ClientInfo>&
|
|
|
|
|
LoadInfo::GetInitialClientInfo()
|
|
|
|
|
{
|
|
|
|
|
return mInitialClientInfo;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
LoadInfo::SetController(const ServiceWorkerDescriptor& aServiceWorker)
|
|
|
|
|
{
|
|
|
|
|
mController.emplace(aServiceWorker);
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-06 04:45:23 +03:00
|
|
|
void
|
|
|
|
|
LoadInfo::ClearController()
|
|
|
|
|
{
|
|
|
|
|
mController.reset();
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-16 21:15:09 +03:00
|
|
|
const Maybe<ServiceWorkerDescriptor>&
|
|
|
|
|
LoadInfo::GetController()
|
|
|
|
|
{
|
|
|
|
|
return mController;
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-24 19:17:31 +03:00
|
|
|
void
|
|
|
|
|
LoadInfo::SetPerformanceStorage(PerformanceStorage* aPerformanceStorage)
|
|
|
|
|
{
|
|
|
|
|
mPerformanceStorage = aPerformanceStorage;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
PerformanceStorage*
|
|
|
|
|
LoadInfo::GetPerformanceStorage()
|
|
|
|
|
{
|
|
|
|
|
return mPerformanceStorage;
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-23 09:17:13 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::GetCspEventListener(nsICSPEventListener** aCSPEventListener)
|
|
|
|
|
{
|
|
|
|
|
NS_IF_ADDREF(*aCSPEventListener = mCSPEventListener);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
LoadInfo::SetCspEventListener(nsICSPEventListener* aCSPEventListener)
|
|
|
|
|
{
|
|
|
|
|
mCSPEventListener = aCSPEventListener;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2016-05-19 05:02:57 +03:00
|
|
|
} // namespace net
|
2014-07-10 10:56:37 +04:00
|
|
|
} // namespace mozilla
|
