Bug 1279148 - Clarify non-nullness of nsHeaderVisitor::{mXHR,mHttpChannel}. r=baku.

--HG-- extra : rebase_source : 9bdd59d568c92bd465671f894a07603c75aa182c
2016-06-09 16:11:00 +10:00 · 2016-06-09 16:11:00 +10:00 · 1ef1cfa948
--- a/dom/base/nsXMLHttpRequest.cpp
+++ b/dom/base/nsXMLHttpRequest.cpp
@ -995,7 +995,7 @@ nsXMLHttpRequest::GetResponse(JSContext* aCx,
 }

 bool
-nsXMLHttpRequest::IsCrossSiteCORSRequest()
+nsXMLHttpRequest::IsCrossSiteCORSRequest() const
 {
  if (!mChannel) {
    return false;
@ -1197,10 +1197,10 @@ nsXMLHttpRequest::SlowAbort()
 /*Method that checks if it is safe to expose a header value to the client.
 It is used to check what headers are exposed for CORS requests.*/
 bool
-nsXMLHttpRequest::IsSafeHeader(const nsACString& header, nsIHttpChannel* httpChannel)
+nsXMLHttpRequest::IsSafeHeader(const nsACString& aHeader, NotNull<nsIHttpChannel*> aHttpChannel) const
 {
  // See bug #380418. Hide "Set-Cookie" headers from non-chrome scripts.
-  if (!IsSystemXHR() && nsContentUtils::IsForbiddenResponseHeader(header)) {
+  if (!IsSystemXHR() && nsContentUtils::IsForbiddenResponseHeader(aHeader)) {
    NS_WARNING("blocked access to response header");
    return false;
  }
@ -1223,14 +1223,14 @@ nsXMLHttpRequest::IsSafeHeader(const nsACString& header, nsIHttpChannel* httpCha
    "last-modified", "pragma"
  };
  for (uint32_t i = 0; i < ArrayLength(kCrossOriginSafeHeaders); ++i) {
-    if (header.LowerCaseEqualsASCII(kCrossOriginSafeHeaders[i])) {
+    if (aHeader.LowerCaseEqualsASCII(kCrossOriginSafeHeaders[i])) {
      return true;
    }
  }
  nsAutoCString headerVal;
  // The "Access-Control-Expose-Headers" header contains a comma separated
  // list of method names.
-  httpChannel->
+  aHttpChannel->
      GetResponseHeader(NS_LITERAL_CSTRING("Access-Control-Expose-Headers"),
                        headerVal);
  nsCCharSeparatedTokenizer exposeTokens(headerVal, ',');
@ -1243,7 +1243,7 @@ nsXMLHttpRequest::IsSafeHeader(const nsACString& header, nsIHttpChannel* httpCha
    if (!NS_IsValidHTTPToken(token)) {
      return false;
    }
-    if (header.Equals(token, nsCaseInsensitiveCStringComparator())) {
+    if (aHeader.Equals(token, nsCaseInsensitiveCStringComparator())) {
      isSafe = true;
    }
  }
@ -1264,7 +1264,8 @@ nsXMLHttpRequest::GetAllResponseHeaders(nsCString& aResponseHeaders)
  }

  if (nsCOMPtr<nsIHttpChannel> httpChannel = GetCurrentHttpChannel()) {
-    RefPtr<nsHeaderVisitor> visitor = new nsHeaderVisitor(this, httpChannel);
+    RefPtr<nsHeaderVisitor> visitor =
+      new nsHeaderVisitor(*this, WrapNotNull(httpChannel));
    if (NS_SUCCEEDED(httpChannel->VisitResponseHeaders(visitor))) {
      aResponseHeaders = visitor->Headers();
    }
@ -1358,7 +1359,7 @@ nsXMLHttpRequest::GetResponseHeader(const nsACString& header,
  }

  // Check for dangerous headers
-  if (!IsSafeHeader(header, httpChannel)) {
+  if (!IsSafeHeader(header, WrapNotNull(httpChannel))) {
    return;
  }

@ -1458,7 +1459,7 @@ nsXMLHttpRequest::GetCurrentJARChannel()
 }

 bool
-nsXMLHttpRequest::IsSystemXHR()
+nsXMLHttpRequest::IsSystemXHR() const
 {
  return mIsSystem || nsContentUtils::IsSystemPrincipal(mPrincipal);
 }
@ -3648,7 +3649,7 @@ NS_IMPL_ISUPPORTS(nsXMLHttpRequest::nsHeaderVisitor, nsIHttpHeaderVisitor)
 NS_IMETHODIMP nsXMLHttpRequest::
 nsHeaderVisitor::VisitHeader(const nsACString &header, const nsACString &value)
 {
-  if (mXHR->IsSafeHeader(header, mHttpChannel)) {
+  if (mXHR.IsSafeHeader(header, mHttpChannel)) {
    mHeaders.Append(header);
    mHeaders.AppendLiteral(": ");
    mHeaders.Append(value);
--- a/dom/base/nsXMLHttpRequest.h
+++ b/dom/base/nsXMLHttpRequest.h
@ -7,7 +7,6 @@
 #ifndef nsXMLHttpRequest_h__
 #define nsXMLHttpRequest_h__

-#include "mozilla/Attributes.h"
 #include "nsIXMLHttpRequest.h"
 #include "nsISupportsUtils.h"
 #include "nsString.h"
@ -30,8 +29,10 @@
 #include "nsIXPConnect.h"
 #include "nsIInputStream.h"
 #include "mozilla/Assertions.h"
+#include "mozilla/Attributes.h"
 #include "mozilla/DOMEventTargetHelper.h"
 #include "mozilla/MemoryReporting.h"
+#include "mozilla/NotNull.h"
 #include "mozilla/dom/TypedArray.h"
 #include "mozilla/dom/XMLHttpRequestBinding.h"

@ -423,7 +424,7 @@ private:
    return Send(Nullable<RequestBody>(aBody));
  }

-  bool IsCrossSiteCORSRequest();
+  bool IsCrossSiteCORSRequest() const;
  bool IsDeniedCrossSiteCORSRequest();

  // Tell our channel what network interface ID we were told to use.
@ -515,7 +516,8 @@ public:
    }
  }
  void GetAllResponseHeaders(nsCString& aResponseHeaders);
-  bool IsSafeHeader(const nsACString& aHeaderName, nsIHttpChannel* aHttpChannel);
+  bool IsSafeHeader(const nsACString& aHeaderName,
+                    mozilla::NotNull<nsIHttpChannel*> aHttpChannel) const;
  void OverrideMimeType(const nsAString& aMimeType)
  {
    // XXX Should we do some validation here?
@ -615,7 +617,7 @@ protected:
  already_AddRefed<nsIHttpChannel> GetCurrentHttpChannel();
  already_AddRefed<nsIJARChannel> GetCurrentJARChannel();

-  bool IsSystemXHR();
+  bool IsSystemXHR() const;

  void ChangeStateToDone();

@ -643,15 +645,16 @@ protected:
  public:
    NS_DECL_ISUPPORTS
    NS_DECL_NSIHTTPHEADERVISITOR
-    nsHeaderVisitor(nsXMLHttpRequest* aXMLHttpRequest, nsIHttpChannel* aHttpChannel)
+    nsHeaderVisitor(const nsXMLHttpRequest& aXMLHttpRequest,
+                    mozilla::NotNull<nsIHttpChannel*> aHttpChannel)
      : mXHR(aXMLHttpRequest), mHttpChannel(aHttpChannel) {}
    const nsACString &Headers() { return mHeaders; }
  private:
    virtual ~nsHeaderVisitor() {}

    nsCString mHeaders;
-    nsXMLHttpRequest* mXHR;
-    nsCOMPtr<nsIHttpChannel> mHttpChannel;
+    const nsXMLHttpRequest& mXHR;
+    mozilla::NotNull<nsCOMPtr<nsIHttpChannel>> mHttpChannel;
  };

  // The bytes of our response body. Only used for DEFAULT, ARRAYBUFFER and