Bug 418354 - Redirects should go through Mixed Content Blocker. r=smaug, ckerschb

2014-10-18 13:21:06 -07:00 · 2014-10-18 13:21:06 -07:00 · 3b463e2709
--- a/content/base/src/nsMixedContentBlocker.cpp
+++ b/content/base/src/nsMixedContentBlocker.cpp
@ -26,6 +26,10 @@
 #include "nsIWebNavigation.h"
 #include "nsLoadGroup.h"
 #include "nsIScriptError.h"
+#include "nsIURI.h"
+#include "nsIChannelEventSink.h"
+#include "nsAsyncRedirectVerifyHelper.h"
+#include "mozilla/LoadInfo.h"

 #include "prlog.h"

@ -150,7 +154,7 @@ nsMixedContentBlocker::~nsMixedContentBlocker()
 {
 }

-NS_IMPL_ISUPPORTS(nsMixedContentBlocker, nsIContentPolicy)
+NS_IMPL_ISUPPORTS(nsMixedContentBlocker, nsIContentPolicy, nsIChannelEventSink)

 static void
 LogMixedContentMessage(MixedContentTypes aClassification,
@ -190,6 +194,87 @@ LogMixedContentMessage(MixedContentTypes aClassification,
                                  messageLookupKey.get(), strings, ArrayLength(strings));
 }

+
+
+/* nsIChannelEventSink implementation
+ * This code is called when a request is redirected.
+ * We check the channel associated with the new uri is allowed to load
+ * in the current context
+ */
+NS_IMETHODIMP
+nsMixedContentBlocker::AsyncOnChannelRedirect(nsIChannel* aOldChannel,
+                                              nsIChannel* aNewChannel,
+                                              uint32_t aFlags,
+                                              nsIAsyncVerifyRedirectCallback* aCallback)
+{
+  nsAsyncRedirectAutoCallback autoCallback(aCallback);
+
+  if (!aOldChannel) {
+    NS_ERROR("No channel when evaluating mixed content!");
+    return NS_ERROR_FAILURE;
+  }
+
+  nsresult rv;
+  nsCOMPtr<nsIURI> oldUri;
+  rv = aOldChannel->GetURI(getter_AddRefs(oldUri));
+  NS_ENSURE_SUCCESS(rv, rv);
+
+  nsCOMPtr<nsIURI> newUri;
+  rv = aNewChannel->GetURI(getter_AddRefs(newUri));
+  NS_ENSURE_SUCCESS(rv, rv);
+
+  // Get the loading Info from the old channel
+  nsCOMPtr<nsILoadInfo> loadInfo;
+  rv = aOldChannel->GetLoadInfo(getter_AddRefs(loadInfo));
+  NS_ENSURE_SUCCESS(rv, rv);
+  if (!loadInfo) {
+    // XXX: We want to have a loadInfo on all channels, but we don't yet.
+    // If an addon creates a channel, they may not set loadinfo. If that
+    // channel redirects from one page to another page, we would get caught
+    // in this code path. Hence, we have to return NS_OK. Once we have more
+    // confidence that all channels have loadinfo, we can change this to
+    // a failure. See bug 1077201.
+    return NS_OK;
+  }
+
+  uint32_t contentPolicyType = loadInfo->GetContentPolicyType();
+  nsCOMPtr<nsIPrincipal> requestingPrincipal = loadInfo->LoadingPrincipal();
+
+  // Since we are calling shouldLoad() directly on redirects, we don't go through the code
+  // in nsContentPolicyUtils::NS_CheckContentLoadPolicy(). Hence, we have to
+  // duplicate parts of it here.
+  nsCOMPtr<nsIURI> requestingLocation;
+  if (requestingPrincipal) {
+    // We check to see if the loadingPrincipal is systemPrincipal and return
+    // early if it is
+    if (nsContentUtils::IsSystemPrincipal(requestingPrincipal)) {
+      return NS_OK;
+    }
+    // We set the requestingLocation from the RequestingPrincipal.
+    rv = requestingPrincipal->GetURI(getter_AddRefs(requestingLocation));
+    NS_ENSURE_SUCCESS(rv, rv);
+  }
+
+  int16_t decision = REJECT_REQUEST;
+  rv = ShouldLoad(contentPolicyType,
+                  newUri,
+                  requestingLocation,
+                  loadInfo->LoadingNode(),
+                  EmptyCString(),       // aMimeGuess
+                  nullptr,              // aExtra
+                  requestingPrincipal,
+                  &decision);
+  NS_ENSURE_SUCCESS(rv, rv);
+
+  // If the channel is about to load mixed content, abort the channel
+  if (!NS_CP_ACCEPTED(decision)) {
+    autoCallback.DontCallback();
+    return NS_BINDING_FAILED;
+  }
+
+  return NS_OK;
+}
+
 NS_IMETHODIMP
 nsMixedContentBlocker::ShouldLoad(uint32_t aContentType,
                                  nsIURI* aContentLocation,
--- a/content/base/src/nsMixedContentBlocker.h
+++ b/content/base/src/nsMixedContentBlocker.h
@ -23,14 +23,18 @@ enum MixedContentTypes {
 };

 #include "nsIContentPolicy.h"
+#include "nsIChannel.h"
+#include "nsIChannelEventSink.h"

-class nsMixedContentBlocker : public nsIContentPolicy
+class nsMixedContentBlocker : public nsIContentPolicy,
+                              public nsIChannelEventSink
 {
  virtual ~nsMixedContentBlocker();

 public:
  NS_DECL_ISUPPORTS
  NS_DECL_NSICONTENTPOLICY
+  NS_DECL_NSICHANNELEVENTSINK

  nsMixedContentBlocker();
  static bool sBlockMixedScript;
--- a/layout/build/nsLayoutModule.cpp
+++ b/layout/build/nsLayoutModule.cpp
@ -1245,6 +1245,7 @@ static const mozilla::Module::CategoryEntry kLayoutCategories[] = {
  { "content-policy", "CSPService", CSPSERVICE_CONTRACTID },
  { "content-policy", NS_MIXEDCONTENTBLOCKER_CONTRACTID, NS_MIXEDCONTENTBLOCKER_CONTRACTID },
  { "net-channel-event-sinks", "CSPService", CSPSERVICE_CONTRACTID },
+  { "net-channel-event-sinks", NS_MIXEDCONTENTBLOCKER_CONTRACTID, NS_MIXEDCONTENTBLOCKER_CONTRACTID },
  { "app-startup", "Script Security Manager", "service," NS_SCRIPTSECURITYMANAGER_CONTRACTID },
  { TOPIC_WEB_APP_CLEAR_DATA, "QuotaManager", "service," QUOTA_MANAGER_CONTRACTID },
 #ifdef MOZ_WIDGET_GONK