Fixing bug 253121. Make wyciwyg channels and documents carry the source channels security info. r=darin@meer.net, sr=bzbarsky@mit.edu

content/base/public/nsIDocument.h

@@ -607,6 +607,16 @@ public:
                               PRBool aDocumentDefaultType,
                               nsIContent** aResult) = 0;
 
+  // Get the security info (i.e. SSL state etc) that the document got
+  // from the channel/document that created the content of the
+  // document.
+  //
+  // @see nsIChannel
+  nsISupports *GetSecurityInfo()
+  {
+    return mSecurityInfo;
+  }
+
 protected:
   nsString mDocumentTitle;
   nsCOMPtr<nsIURI> mDocumentURI;
@@ -638,6 +648,9 @@ protected:
 
   nsXPIDLCString mContentLanguage;
   nsCString mContentType;
+
+  // The document's security info
+  nsCOMPtr<nsISupports> mSecurityInfo;
 };
 
 

content/base/src/nsDocument.cpp

@@ -725,6 +725,8 @@ nsDocument::ResetToURI(nsIURI *aURI, nsILoadGroup *aLoadGroup)
   mDocumentTitle.Truncate();
 
   mPrincipal = nsnull;
+  mSecurityInfo = nsnull;
+
   mDocumentLoadGroup = nsnull;
 
   // Delete references to sub-documents and kill the subdocument map,

content/html/document/public/nsIWyciwygChannel.idl

@@ -1,4 +1,4 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* ***** BEGIN LICENSE BLOCK *****
  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  *
@@ -48,13 +48,18 @@
 [scriptable, uuid (c36730c0-a3b9-4732-9973-c5e7dbe0dabe)]
 interface nsIWyciwygChannel : nsIChannel
 {
-    /**
+  /**
-     * Append data to the cache entry; opens the cache entry if necessary.
+   * Append data to the cache entry; opens the cache entry if necessary.
-     */
+   */
-    void writeToCacheEntry(in AString aData);
+  void writeToCacheEntry(in AString aData);
 
-    /**
+  /**
-     * Close the cache entry; subsequent writes have undefined behavior.
+   * Close the cache entry; subsequent writes have undefined behavior.
-     */
+   */
-    void closeCacheEntry(in nsresult reason);
+  void closeCacheEntry(in nsresult reason);
+
+  /**
+   * Set the wyciwyg channels security info
+   */
+  void setSecurityInfo(in nsISupports aSecurityInfo);
 };

content/html/document/src/nsHTMLDocument.cpp

@@ -723,6 +723,9 @@ nsHTMLDocument::StartDocumentLoad(const char* aCommand,
     return rv;
   }
 
+  // Store the security info for future use with wyciwyg channels.
+  aChannel->GetSecurityInfo(getter_AddRefs(mSecurityInfo));
+
   // Stash away a pointer to our channel (we need this for cookies)
   mChannel = aChannel;
 
@@ -1968,6 +1971,17 @@ nsHTMLDocument::OpenCommon(nsIURI* aSourceURI, const nsACString& aContentType,
     return NS_OK;
   }
 
+  nsCOMPtr<nsIDocument> callingDoc =
+    do_QueryInterface(nsContentUtils::GetDocumentFromCaller());
+
+  // Grab a reference to the calling documents security info (if any)
+  // as it may be lost in the call to Reset().
+  nsCOMPtr<nsISupports> securityInfo;
+
+  if (callingDoc) {
+    securityInfo = callingDoc->GetSecurityInfo();
+  }
+
   nsCOMPtr<nsIDocShell> docshell = do_QueryReferent(mDocumentContainer);
   nsresult rv = NS_OK;
 
@@ -2073,6 +2087,10 @@ nsHTMLDocument::OpenCommon(nsIURI* aSourceURI, const nsACString& aContentType,
     mRootContent = root;
   }
 
+  // Store the security info of the caller now that we're done
+  // resetting the document.
+  mSecurityInfo = securityInfo;
+
   mParser = do_CreateInstance(kCParserCID, &rv);
 
   // This will be propagated to the parser when someone actually calls write()
@@ -3507,11 +3525,14 @@ nsHTMLDocument::CreateAndAddWyciwygChannel(void)
   nsCOMPtr<nsIChannel> channel;
   // Create a wyciwyg Channel
   rv = NS_NewChannel(getter_AddRefs(channel), wcwgURI);
-  if (NS_SUCCEEDED(rv) && channel) {
+  NS_ENSURE_SUCCESS(rv, rv);
-    mWyciwygChannel = do_QueryInterface(channel);
+
-    // Inherit load flags from the original document's channel
+  mWyciwygChannel = do_QueryInterface(channel);
-    channel->SetLoadFlags(mLoadFlags);
+
-  }
+  mWyciwygChannel->SetSecurityInfo(mSecurityInfo);
+
+  // Inherit load flags from the original document's channel
+  channel->SetLoadFlags(mLoadFlags);
 
   nsCOMPtr<nsILoadGroup> loadGroup = GetDocumentLoadGroup();
 

content/html/document/src/nsWyciwygChannel.cpp

@@ -245,7 +245,9 @@ nsWyciwygChannel::SetNotificationCallbacks(nsIInterfaceRequestor* aNotificationC
 NS_IMETHODIMP 
 nsWyciwygChannel::GetSecurityInfo(nsISupports * *aSecurityInfo)
 {
-  return NS_ERROR_NOT_IMPLEMENTED;
+  NS_IF_ADDREF(*aSecurityInfo = mSecurityInfo);
+
+  return NS_OK;
 }
 
 NS_IMETHODIMP
@@ -348,6 +350,10 @@ nsWyciwygChannel::WriteToCacheEntry(const nsAString &aData)
     if (NS_FAILED(rv)) return rv;
   }
 
+  if (mSecurityInfo) {
+    mCacheEntry->SetSecurityInfo(mSecurityInfo);
+  }
+
   PRUint32 out;
   if (!mCacheOutputStream) {
     // Get the outputstream from the cache entry.
@@ -382,6 +388,14 @@ nsWyciwygChannel::CloseCacheEntry(nsresult reason)
   return NS_OK;
 }
 
+NS_IMETHODIMP
+nsWyciwygChannel::SetSecurityInfo(nsISupports *aSecurityInfo)
+{
+  mSecurityInfo = aSecurityInfo;
+
+  return NS_OK;
+}
+
 //////////////////////////////////////////////////////////////////////////////
 // nsICachelistener
 //////////////////////////////////////////////////////////////////////////////
@@ -554,6 +568,9 @@ nsWyciwygChannel::ReadFromCache()
   NS_ENSURE_TRUE(mCacheEntry, NS_ERROR_FAILURE);
   nsresult rv;
 
+  // Get the stored security info
+  mCacheEntry->GetSecurityInfo(getter_AddRefs(mSecurityInfo));
+
   // Get a transport to the cached data...
   rv = mCacheEntry->OpenInputStream(0, getter_AddRefs(mCacheInputStream));
   if (NS_FAILED(rv))

content/html/document/src/nsWyciwygChannel.h

@@ -104,6 +104,8 @@ protected:
     nsCOMPtr<nsICacheEntryDescriptor>   mCacheEntry;
     nsCOMPtr<nsIOutputStream>           mCacheOutputStream;
     nsCOMPtr<nsIInputStream>            mCacheInputStream;
+
+    nsCOMPtr<nsISupports>               mSecurityInfo;
 };
 
 #endif /* nsWyciwygChannel_h___ */

security/manager/boot/src/nsSecureBrowserUIImpl.cpp

@@ -538,22 +538,6 @@ nsSecureBrowserUIImpl::OnStateChange(nsIWebProgress* aWebProgress,
         // If a document loading gets triggered, we will see more events.
         return NS_OK;
       }
-
-      if (NS_SUCCEEDED(uri->SchemeIs("wyciwyg", &vs)) && vs)
-      {
-        // We ignore everything caused by wycywig == document.write/writeln
-        // and assume the same security status
-        // Unfortunately, this results in different lock icon states
-        // when using "back".
-        // 1) goto secure page => secure lock icon
-        // 2) trigger document.writeln() => still secure lock icon
-        //    (because we not change lock icon)
-        // 3) go to a different insecure page => insecure lock icon
-        // 4) press "back" button => still insecure lock icon
-        // To fix this, we could try to remember the security state in the 
-        // wyciwyg channel object.
-        return NS_OK;
-      }
     }
   }