Bug 1139297 - Implement CSP upgrade-insecure-requests directive - loadinfo changes (r=sicking,sworkman)

--HG--
extra : rebase_source : 3582ac42bcd0cc0dee332505880c2a65d87964eb

ipc/glue/BackgroundUtils.cpp

@@ -233,6 +233,7 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo,
     NS_ENSURE_SUCCESS(rv, rv);
     aLoadInfoArgs->securityFlags() = aLoadInfo->GetSecurityFlags();
     aLoadInfoArgs->contentPolicyType() = aLoadInfo->GetContentPolicyType();
+    aLoadInfoArgs->upgradeInsecureRequests() = aLoadInfo->GetUpgradeInsecureRequests();
     aLoadInfoArgs->innerWindowID() = aLoadInfo->GetInnerWindowID();
     aLoadInfoArgs->outerWindowID() = aLoadInfo->GetOuterWindowID();
     aLoadInfoArgs->parentOuterWindowID() = aLoadInfo->GetParentOuterWindowID();
@@ -248,6 +249,7 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo,
   NS_ENSURE_SUCCESS(rv, rv);
   aLoadInfoArgs->securityFlags() = nsILoadInfo::SEC_NORMAL;
   aLoadInfoArgs->contentPolicyType() = nsIContentPolicy::TYPE_OTHER;
+  aLoadInfoArgs->upgradeInsecureRequests() = false;
   aLoadInfoArgs->innerWindowID() = 0;
   aLoadInfoArgs->outerWindowID() = 0;
   aLoadInfoArgs->parentOuterWindowID() = 0;
@@ -271,6 +273,7 @@ LoadInfoArgsToLoadInfo(const mozilla::net::LoadInfoArgs& aLoadInfoArgs,
                           triggeringPrincipal,
                           aLoadInfoArgs.securityFlags(),
                           aLoadInfoArgs.contentPolicyType(),
+                          aLoadInfoArgs.upgradeInsecureRequests(),
                           aLoadInfoArgs.innerWindowID(),
                           aLoadInfoArgs.outerWindowID(),
                           aLoadInfoArgs.parentOuterWindowID());

netwerk/base/LoadInfo.cpp

@@ -32,6 +32,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
   , mSecurityFlags(aSecurityFlags)
   , mContentPolicyType(aContentPolicyType)
   , mBaseURI(aBaseURI)
+  , mUpgradeInsecureRequests(false)
   , mInnerWindowID(0)
   , mOuterWindowID(0)
   , mParentOuterWindowID(0)
@@ -76,6 +77,8 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
       nsCOMPtr<nsPIDOMWindow> piParent = do_QueryInterface(parent);
       mParentOuterWindowID = piParent->WindowID();
     }
+
+    mUpgradeInsecureRequests = aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests();
   }
 }
 
@@ -83,6 +86,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
                    nsIPrincipal* aTriggeringPrincipal,
                    nsSecurityFlags aSecurityFlags,
                    nsContentPolicyType aContentPolicyType,
+                   bool aUpgradeInsecureRequests,
                    uint64_t aInnerWindowID,
                    uint64_t aOuterWindowID,
                    uint64_t aParentOuterWindowID)
@@ -90,6 +94,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
   , mTriggeringPrincipal(aTriggeringPrincipal)
   , mSecurityFlags(aSecurityFlags)
   , mContentPolicyType(aContentPolicyType)
+  , mUpgradeInsecureRequests(aUpgradeInsecureRequests)
   , mInnerWindowID(aInnerWindowID)
   , mOuterWindowID(aOuterWindowID)
   , mParentOuterWindowID(aParentOuterWindowID)
@@ -197,6 +202,13 @@ LoadInfo::BaseURI()
   return mBaseURI;
 }
 
+NS_IMETHODIMP
+LoadInfo::GetUpgradeInsecureRequests(bool* aResult)
+{
+  *aResult = mUpgradeInsecureRequests;
+  return NS_OK;
+}
+
 NS_IMETHODIMP
 LoadInfo::GetInnerWindowID(uint64_t* aResult)
 {

netwerk/base/LoadInfo.h

@@ -58,6 +58,7 @@ private:
            nsIPrincipal* aTriggeringPrincipal,
            nsSecurityFlags aSecurityFlags,
            nsContentPolicyType aContentPolicyType,
+           bool aUpgradeInsecureRequests,
            uint64_t aInnerWindowID,
            uint64_t aOuterWindowID,
            uint64_t aParentOuterWindowID);
@@ -70,13 +71,14 @@ private:
 
   nsCOMPtr<nsIPrincipal> mLoadingPrincipal;
   nsCOMPtr<nsIPrincipal> mTriggeringPrincipal;
-  nsWeakPtr mLoadingContext;
-  nsSecurityFlags mSecurityFlags;
-  nsContentPolicyType mContentPolicyType;
-  nsCOMPtr<nsIURI> mBaseURI;
-  uint64_t mInnerWindowID;
-  uint64_t mOuterWindowID;
-  uint64_t mParentOuterWindowID;
+  nsWeakPtr              mLoadingContext;
+  nsSecurityFlags        mSecurityFlags;
+  nsContentPolicyType    mContentPolicyType;
+  nsCOMPtr<nsIURI>       mBaseURI;
+  bool                   mUpgradeInsecureRequests;
+  uint64_t               mInnerWindowID;
+  uint64_t               mOuterWindowID;
+  uint64_t               mParentOuterWindowID;
 };
 
 } // namespace mozilla

netwerk/base/nsILoadInfo.idl

@@ -17,7 +17,7 @@ typedef unsigned long nsSecurityFlags;
 /**
  * An nsILoadOwner represents per-load information about who started the load.
  */
-[scriptable, builtinclass, uuid(f6bce897-1a4a-4664-b96b-abacd6543e95)]
+[scriptable, builtinclass, uuid(6b7f8798-3c28-44fc-8b1a-cd613eb826c5)]
 interface nsILoadInfo : nsISupports
 {
   /**
@@ -197,6 +197,27 @@ interface nsILoadInfo : nsISupports
   [noscript, notxpcom, nostdcall, binaryname(BaseURI)]
   nsIURI binaryBaseURI();
 
+  /**
+   * Returns true if document or any of the documents ancestors
+   * up to the toplevel document make use of the CSP directive
+   * 'upgrade-insecure-requests'. Used to identify upgrade
+   * requests in e10s where the loadingDocument is not available.
+   *
+   * Warning: If the loadingDocument is null, then the
+   * upgradeInsecureRequests is false.
+   */
+  readonly attribute boolean upgradeInsecureRequests;
+
+%{ C++
+  inline bool GetUpgradeInsecureRequests()
+  {
+    bool result;
+    mozilla::DebugOnly<nsresult> rv = GetUpgradeInsecureRequests(&result);
+    MOZ_ASSERT(NS_SUCCEEDED(rv));
+    return result;
+  }
+%}
+
   /**
    * Typically these are the window IDs of the window in which the element being
    * loaded lives. However, if the element being loaded is <frame

netwerk/ipc/NeckoChannelParams.ipdlh

@@ -30,6 +30,7 @@ struct LoadInfoArgs
   PrincipalInfo triggeringPrincipalInfo;
   uint32_t      securityFlags;
   uint32_t      contentPolicyType;
+  bool          upgradeInsecureRequests;
   uint64_t      innerWindowID;
   uint64_t      outerWindowID;
   uint64_t      parentOuterWindowID;