Fixing bug 253121. Make wyciwyg channels and documents carry the source channels security info. r=darin@meer.net, sr=bzbarsky@mit.edu

2004-07-28 00:26:58 +00:00 · 2004-07-28 00:26:58 +00:00 · 282f75a3f0
--- a/content/base/public/nsIDocument.h
+++ b/content/base/public/nsIDocument.h
@ -607,6 +607,16 @@ public:
                              PRBool aDocumentDefaultType,
                              nsIContent** aResult) = 0;

+  // Get the security info (i.e. SSL state etc) that the document got
+  // from the channel/document that created the content of the
+  // document.
+  //
+  // @see nsIChannel
+  nsISupports *GetSecurityInfo()
+  {
+    return mSecurityInfo;
+  }
+
 protected:
  nsString mDocumentTitle;
  nsCOMPtr<nsIURI> mDocumentURI;
@ -638,6 +648,9 @@ protected:

  nsXPIDLCString mContentLanguage;
  nsCString mContentType;
+
+  // The document's security info
+  nsCOMPtr<nsISupports> mSecurityInfo;
 };


--- a/content/base/src/nsDocument.cpp
+++ b/content/base/src/nsDocument.cpp
@ -725,6 +725,8 @@ nsDocument::ResetToURI(nsIURI *aURI, nsILoadGroup *aLoadGroup)
  mDocumentTitle.Truncate();

  mPrincipal = nsnull;
+  mSecurityInfo = nsnull;
+
  mDocumentLoadGroup = nsnull;

  // Delete references to sub-documents and kill the subdocument map,
--- a/content/html/document/public/nsIWyciwygChannel.idl
+++ b/content/html/document/public/nsIWyciwygChannel.idl
@ -1,4 +1,4 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* ***** BEGIN LICENSE BLOCK *****
 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
 *
@ -48,13 +48,18 @@
 [scriptable, uuid (c36730c0-a3b9-4732-9973-c5e7dbe0dabe)]
 interface nsIWyciwygChannel : nsIChannel
 {
-    /**
-     * Append data to the cache entry; opens the cache entry if necessary.
-     */
-    void writeToCacheEntry(in AString aData);
+  /**
+   * Append data to the cache entry; opens the cache entry if necessary.
+   */
+  void writeToCacheEntry(in AString aData);

-    /**
-     * Close the cache entry; subsequent writes have undefined behavior.
-     */
-    void closeCacheEntry(in nsresult reason);
+  /**
+   * Close the cache entry; subsequent writes have undefined behavior.
+   */
+  void closeCacheEntry(in nsresult reason);
+
+  /**
+   * Set the wyciwyg channels security info
+   */
+  void setSecurityInfo(in nsISupports aSecurityInfo);
 };
--- a/content/html/document/src/nsHTMLDocument.cpp
+++ b/content/html/document/src/nsHTMLDocument.cpp
@ -723,6 +723,9 @@ nsHTMLDocument::StartDocumentLoad(const char* aCommand,
    return rv;
  }

+  // Store the security info for future use with wyciwyg channels.
+  aChannel->GetSecurityInfo(getter_AddRefs(mSecurityInfo));
+
  // Stash away a pointer to our channel (we need this for cookies)
  mChannel = aChannel;

@ -1968,6 +1971,17 @@ nsHTMLDocument::OpenCommon(nsIURI* aSourceURI, const nsACString& aContentType,
    return NS_OK;
  }

+  nsCOMPtr<nsIDocument> callingDoc =
+    do_QueryInterface(nsContentUtils::GetDocumentFromCaller());
+
+  // Grab a reference to the calling documents security info (if any)
+  // as it may be lost in the call to Reset().
+  nsCOMPtr<nsISupports> securityInfo;
+
+  if (callingDoc) {
+    securityInfo = callingDoc->GetSecurityInfo();
+  }
+
  nsCOMPtr<nsIDocShell> docshell = do_QueryReferent(mDocumentContainer);
  nsresult rv = NS_OK;

@ -2073,6 +2087,10 @@ nsHTMLDocument::OpenCommon(nsIURI* aSourceURI, const nsACString& aContentType,
    mRootContent = root;
  }

+  // Store the security info of the caller now that we're done
+  // resetting the document.
+  mSecurityInfo = securityInfo;
+
  mParser = do_CreateInstance(kCParserCID, &rv);

  // This will be propagated to the parser when someone actually calls write()
@ -3507,11 +3525,14 @@ nsHTMLDocument::CreateAndAddWyciwygChannel(void)
  nsCOMPtr<nsIChannel> channel;
  // Create a wyciwyg Channel
  rv = NS_NewChannel(getter_AddRefs(channel), wcwgURI);
-  if (NS_SUCCEEDED(rv) && channel) {
-    mWyciwygChannel = do_QueryInterface(channel);
-    // Inherit load flags from the original document's channel
-    channel->SetLoadFlags(mLoadFlags);
-  }
+  NS_ENSURE_SUCCESS(rv, rv);
+
+  mWyciwygChannel = do_QueryInterface(channel);
+
+  mWyciwygChannel->SetSecurityInfo(mSecurityInfo);
+
+  // Inherit load flags from the original document's channel
+  channel->SetLoadFlags(mLoadFlags);

  nsCOMPtr<nsILoadGroup> loadGroup = GetDocumentLoadGroup();

--- a/content/html/document/src/nsWyciwygChannel.cpp
+++ b/content/html/document/src/nsWyciwygChannel.cpp
@ -245,7 +245,9 @@ nsWyciwygChannel::SetNotificationCallbacks(nsIInterfaceRequestor* aNotificationC
 NS_IMETHODIMP 
 nsWyciwygChannel::GetSecurityInfo(nsISupports * *aSecurityInfo)
 {
-  return NS_ERROR_NOT_IMPLEMENTED;
+  NS_IF_ADDREF(*aSecurityInfo = mSecurityInfo);
+
+  return NS_OK;
 }

 NS_IMETHODIMP
@ -348,6 +350,10 @@ nsWyciwygChannel::WriteToCacheEntry(const nsAString &aData)
    if (NS_FAILED(rv)) return rv;
  }

+  if (mSecurityInfo) {
+    mCacheEntry->SetSecurityInfo(mSecurityInfo);
+  }
+
  PRUint32 out;
  if (!mCacheOutputStream) {
    // Get the outputstream from the cache entry.
@ -382,6 +388,14 @@ nsWyciwygChannel::CloseCacheEntry(nsresult reason)
  return NS_OK;
 }

+NS_IMETHODIMP
+nsWyciwygChannel::SetSecurityInfo(nsISupports *aSecurityInfo)
+{
+  mSecurityInfo = aSecurityInfo;
+
+  return NS_OK;
+}
+
 //////////////////////////////////////////////////////////////////////////////
 // nsICachelistener
 //////////////////////////////////////////////////////////////////////////////
@ -554,6 +568,9 @@ nsWyciwygChannel::ReadFromCache()
  NS_ENSURE_TRUE(mCacheEntry, NS_ERROR_FAILURE);
  nsresult rv;

+  // Get the stored security info
+  mCacheEntry->GetSecurityInfo(getter_AddRefs(mSecurityInfo));
+
  // Get a transport to the cached data...
  rv = mCacheEntry->OpenInputStream(0, getter_AddRefs(mCacheInputStream));
  if (NS_FAILED(rv))
--- a/content/html/document/src/nsWyciwygChannel.h
+++ b/content/html/document/src/nsWyciwygChannel.h
@ -104,6 +104,8 @@ protected:
    nsCOMPtr<nsICacheEntryDescriptor>   mCacheEntry;
    nsCOMPtr<nsIOutputStream>           mCacheOutputStream;
    nsCOMPtr<nsIInputStream>            mCacheInputStream;
+
+    nsCOMPtr<nsISupports>               mSecurityInfo;
 };

 #endif /* nsWyciwygChannel_h___ */
--- a/security/manager/boot/src/nsSecureBrowserUIImpl.cpp
+++ b/security/manager/boot/src/nsSecureBrowserUIImpl.cpp
@ -538,22 +538,6 @@ nsSecureBrowserUIImpl::OnStateChange(nsIWebProgress* aWebProgress,
        // If a document loading gets triggered, we will see more events.
        return NS_OK;
      }
-
-      if (NS_SUCCEEDED(uri->SchemeIs("wyciwyg", &vs)) && vs)
-      {
-        // We ignore everything caused by wycywig == document.write/writeln
-        // and assume the same security status
-        // Unfortunately, this results in different lock icon states
-        // when using "back".
-        // 1) goto secure page => secure lock icon
-        // 2) trigger document.writeln() => still secure lock icon
-        //    (because we not change lock icon)
-        // 3) go to a different insecure page => insecure lock icon
-        // 4) press "back" button => still insecure lock icon
-        // To fix this, we could try to remember the security state in the 
-        // wyciwyg channel object.
-        return NS_OK;
-      }
    }
  }