зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1635992 - Use LoadInfo and WindowContext in nsMixedContentBlocker instead of the docshell and Document. r=ckerschb
Differential Revision: https://phabricator.services.mozilla.com/D74169
This commit is contained in:
Matt Woodrow
Родитель
fce5746949
Коммит
66e1e333d1
|
|
@ -15,6 +15,7 @@
|
||||||
#include "nsIWebProgressListener.h"
|
#include "nsIWebProgressListener.h"
|
||||||
#include "nsContentUtils.h"
|
#include "nsContentUtils.h"
|
||||||
#include "mozilla/dom/BrowsingContext.h"
|
#include "mozilla/dom/BrowsingContext.h"
|
||||||
|
#include "mozilla/dom/WindowContext.h"
|
||||||
#include "mozilla/dom/Document.h"
|
#include "mozilla/dom/Document.h"
|
||||||
#include "nsIChannel.h"
|
#include "nsIChannel.h"
|
||||||
#include "nsIParentChannel.h"
|
#include "nsIParentChannel.h"
|
||||||
|
|
@ -510,8 +511,8 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
|
||||||
nsCOMPtr<nsISupports> requestingContext = aLoadInfo->GetLoadingContext();
|
nsCOMPtr<nsISupports> requestingContext = aLoadInfo->GetLoadingContext();
|
||||||
nsCOMPtr<nsIPrincipal> loadingPrincipal = aLoadInfo->GetLoadingPrincipal();
|
nsCOMPtr<nsIPrincipal> loadingPrincipal = aLoadInfo->GetLoadingPrincipal();
|
||||||
nsCOMPtr<nsIPrincipal> triggeringPrincipal = aLoadInfo->TriggeringPrincipal();
|
nsCOMPtr<nsIPrincipal> triggeringPrincipal = aLoadInfo->TriggeringPrincipal();
|
||||||
|
RefPtr<WindowContext> requestingWindow =
|
||||||
bool isPreload = nsContentUtils::IsPreloadType(contentType);
|
WindowContext::GetById(aLoadInfo->GetInnerWindowID());
|
||||||
|
|
||||||
// The content policy type that we receive may be an internal type for
|
// The content policy type that we receive may be an internal type for
|
||||||
// scripts. Let's remember if we have seen a worker type, and reset it to the
|
// scripts. Let's remember if we have seen a worker type, and reset it to the
|
||||||
|
|
@ -786,10 +787,9 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
|
||||||
}
|
}
|
||||||
// Otherwise, we must have a docshell
|
// Otherwise, we must have a docshell
|
||||||
NS_ENSURE_TRUE(docShell, NS_OK);
|
NS_ENSURE_TRUE(docShell, NS_OK);
|
||||||
|
NS_ENSURE_TRUE(requestingWindow, NS_OK);
|
||||||
|
|
||||||
Document* document = docShell->GetDocument();
|
if (isHttpScheme && aLoadInfo->GetUpgradeInsecureRequests()) {
|
||||||
MOZ_ASSERT(document, "Expected a document");
|
|
||||||
if (isHttpScheme && document->GetUpgradeInsecureRequests(isPreload)) {
|
|
||||||
*aDecision = ACCEPT;
|
*aDecision = ACCEPT;
|
||||||
return NS_OK;
|
return NS_OK;
|
||||||
}
|
}
|
||||||
|
|
@ -812,7 +812,7 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
|
||||||
// Block all non secure loads in case the CSP directive is present. Please
|
// Block all non secure loads in case the CSP directive is present. Please
|
||||||
// note that at this point we already know, based on |schemeSecure| that the
|
// note that at this point we already know, based on |schemeSecure| that the
|
||||||
// load is not secure, so we can bail out early at this point.
|
// load is not secure, so we can bail out early at this point.
|
||||||
if (document->GetBlockAllMixedContent(isPreload)) {
|
if (aLoadInfo->GetBlockAllMixedContent()) {
|
||||||
// log a message to the console before returning.
|
// log a message to the console before returning.
|
||||||
nsAutoCString spec;
|
nsAutoCString spec;
|
||||||
nsresult rv = aContentLocation->GetSpec(spec);
|
nsresult rv = aContentLocation->GetSpec(spec);
|
||||||
|
|
@ -821,25 +821,23 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
|
||||||
AutoTArray<nsString, 1> params;
|
AutoTArray<nsString, 1> params;
|
||||||
CopyUTF8toUTF16(spec, *params.AppendElement());
|
CopyUTF8toUTF16(spec, *params.AppendElement());
|
||||||
|
|
||||||
CSP_LogLocalizedStr(
|
CSP_LogLocalizedStr("blockAllMixedContent", params,
|
||||||
"blockAllMixedContent", params,
|
|
||||||
EmptyString(), // aSourceFile
|
EmptyString(), // aSourceFile
|
||||||
EmptyString(), // aScriptSample
|
EmptyString(), // aScriptSample
|
||||||
0, // aLineNumber
|
0, // aLineNumber
|
||||||
0, // aColumnNumber
|
0, // aColumnNumber
|
||||||
nsIScriptError::errorFlag, NS_LITERAL_CSTRING("blockAllMixedContent"),
|
nsIScriptError::errorFlag,
|
||||||
document->InnerWindowID(),
|
NS_LITERAL_CSTRING("blockAllMixedContent"),
|
||||||
!!document->NodePrincipal()->OriginAttributesRef().mPrivateBrowsingId);
|
requestingWindow->Id(),
|
||||||
|
!!aLoadInfo->GetOriginAttributes().mPrivateBrowsingId);
|
||||||
*aDecision = REJECT_REQUEST;
|
*aDecision = REJECT_REQUEST;
|
||||||
return NS_OK;
|
return NS_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Determine if the rootDoc is https and if the user decided to allow Mixed
|
// Determine if the rootDoc is https and if the user decided to allow Mixed
|
||||||
// Content
|
// Content
|
||||||
RefPtr<BrowsingContext> bc = docShell->GetBrowsingContext();
|
WindowContext* topWC = requestingWindow->TopWindowContext();
|
||||||
RefPtr<BrowsingContext> rootBC = bc->Top();
|
bool rootHasSecureConnection = topWC->GetBrowsingContext()->GetIsSecure();
|
||||||
bool rootHasSecureConnection = rootBC->GetIsSecure();
|
|
||||||
WindowContext* topWC = bc->GetTopWindowContext();
|
|
||||||
bool allowMixedContent = topWC->GetAllowMixedContent();
|
bool allowMixedContent = topWC->GetAllowMixedContent();
|
||||||
|
|
||||||
// When navigating an iframe, the iframe may be https
|
// When navigating an iframe, the iframe may be https
|
||||||
|
|
@ -848,11 +846,10 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
|
||||||
if (contentType == TYPE_SUBDOCUMENT && !rootHasSecureConnection) {
|
if (contentType == TYPE_SUBDOCUMENT && !rootHasSecureConnection) {
|
||||||
bool httpsParentExists = false;
|
bool httpsParentExists = false;
|
||||||
|
|
||||||
RefPtr<BrowsingContext> curBC = docShell->GetBrowsingContext();
|
RefPtr<WindowContext> curWindow = requestingWindow;
|
||||||
|
while (!httpsParentExists && curWindow) {
|
||||||
while (!httpsParentExists && curBC) {
|
httpsParentExists = curWindow->GetBrowsingContext()->GetIsSecure();
|
||||||
httpsParentExists = curBC->GetIsSecure();
|
curWindow = curWindow->GetParentWindowContext();
|
||||||
curBC = curBC->GetParent();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!httpsParentExists) {
|
if (!httpsParentExists) {
|
||||||
|
|
@ -862,7 +859,7 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get the root document from the rootShell
|
// Get the root document from the rootShell
|
||||||
nsCOMPtr<nsIDocShell> rootShell = rootBC->GetDocShell();
|
nsCOMPtr<nsIDocShell> rootShell = topWC->GetBrowsingContext()->GetDocShell();
|
||||||
nsCOMPtr<Document> rootDoc = rootShell ? rootShell->GetDocument() : nullptr;
|
nsCOMPtr<Document> rootDoc = rootShell ? rootShell->GetDocument() : nullptr;
|
||||||
|
|
||||||
// TODO Fission: Bug 1631405: Make Mixed Content UI fission compatible
|
// TODO Fission: Bug 1631405: Make Mixed Content UI fission compatible
|
||||||
|
|
|
||||||
Загрузка…
Ссылка в новой задаче