diff --git a/netwerk/protocol/http/EarlyHintPreloader.cpp b/netwerk/protocol/http/EarlyHintPreloader.cpp
index b58351c644bc..e1fc25fd0ef2 100644
--- a/netwerk/protocol/http/EarlyHintPreloader.cpp
+++ b/netwerk/protocol/http/EarlyHintPreloader.cpp
@@ -164,11 +164,8 @@ void EarlyHintPreloader::MaybeCreateAndInsertPreload(
// use the base uri
NS_ENSURE_SUCCESS_VOID(aHeader.NewResolveHref(getter_AddRefs(uri), aBaseURI));
- // Only make same origin preloads, the fromPrivateWindow is only read when
- // reportError is enabled, so setting both to false is safe.
- if (NS_FAILED(nsContentUtils::GetSecurityManager()->CheckSameOriginURI(
- aBaseURI, uri, /* reportError */ false,
- /* fromPrivateWindow */ false))) {
+ // only preload secure context urls
+ if (!uri->SchemeIs("https")) {
return;
}
@@ -324,12 +321,8 @@ EarlyHintPreloader::AsyncOnChannelRedirect(
return NS_OK;
}
- // abort the request if redirecting to cross origin resource, the
- // fromPrivateWindow is only read when reportError is enabled, so setting both
- // to false is safe.
- if (NS_FAILED(nsContentUtils::GetSecurityManager()->CheckSameOriginURI(
- mURI, newURI, /* reportError */ false,
- /* fromPrivateWindow */ false))) {
+ // abort the request if redirecting to insecure context
+ if (!newURI->SchemeIs("https")) {
callback->OnRedirectVerifyCallback(NS_ERROR_ABORT);
return NS_OK;
}
diff --git a/netwerk/test/browser/103_preload.html b/netwerk/test/browser/103_preload.html
index 7cbb63719fc2..9583815cfbb9 100644
--- a/netwerk/test/browser/103_preload.html
+++ b/netwerk/test/browser/103_preload.html
@@ -1,6 +1,6 @@
-
+
diff --git a/netwerk/test/browser/103_preload.html^informationalResponse^ b/netwerk/test/browser/103_preload.html^informationalResponse^
index f81602830bbc..b95a96e74bf9 100644
--- a/netwerk/test/browser/103_preload.html^informationalResponse^
+++ b/netwerk/test/browser/103_preload.html^informationalResponse^
@@ -1,2 +1,2 @@
HTTP 103 Too Early
-Link: ; rel=preload; as=image
+Link: ; rel=preload; as=image
diff --git a/netwerk/test/browser/103_preload_anchor.html b/netwerk/test/browser/103_preload_anchor.html
index ebb14ac61183..c12fe920724e 100644
--- a/netwerk/test/browser/103_preload_anchor.html
+++ b/netwerk/test/browser/103_preload_anchor.html
@@ -1,6 +1,6 @@
-
+
diff --git a/netwerk/test/browser/103_preload_and_404.html^informationalResponse^ b/netwerk/test/browser/103_preload_and_404.html^informationalResponse^
index 51d9ddb8fd64..78cb7efea460 100644
--- a/netwerk/test/browser/103_preload_and_404.html^informationalResponse^
+++ b/netwerk/test/browser/103_preload_and_404.html^informationalResponse^
@@ -1,2 +1,2 @@
HTTP 103 Early Hints
-Link: ; rel=preload; as=image
+Link: ; rel=preload; as=image
diff --git a/netwerk/test/browser/103_preload_csp_imgsrc_none.html b/netwerk/test/browser/103_preload_csp_imgsrc_none.html
index 377f80f537fd..367e80a6b3df 100644
--- a/netwerk/test/browser/103_preload_csp_imgsrc_none.html
+++ b/netwerk/test/browser/103_preload_csp_imgsrc_none.html
@@ -1,6 +1,6 @@
-
+
diff --git a/netwerk/test/browser/103_preload_csp_imgsrc_none.html^informationalResponse^ b/netwerk/test/browser/103_preload_csp_imgsrc_none.html^informationalResponse^
index eaaec189a9df..d82224fd0710 100644
--- a/netwerk/test/browser/103_preload_csp_imgsrc_none.html^informationalResponse^
+++ b/netwerk/test/browser/103_preload_csp_imgsrc_none.html^informationalResponse^
@@ -1,2 +1,2 @@
HTTP 103 Too Early
-Link: ; rel=preload; as=image
+Link: ; rel=preload; as=image
diff --git a/netwerk/test/browser/browser_103_error.js b/netwerk/test/browser/browser_103_error.js
index 3773faba044c..2879d922caee 100644
--- a/netwerk/test/browser/browser_103_error.js
+++ b/netwerk/test/browser/browser_103_error.js
@@ -4,11 +4,6 @@
"use strict";
-Services.prefs.setCharPref(
- "dom.securecontext.allowlist",
- "example.com,example.net"
-);
-
Services.prefs.setBoolPref("network.early-hints.enabled", true);
const {
@@ -23,8 +18,8 @@ const {
add_task(async function test_103_error_400() {
await test_hint_preload(
"test_103_error_400",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_error.sjs?400",
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_error.sjs?400",
{ hinted: 1, normal: 1 }
);
});
@@ -33,8 +28,8 @@ add_task(async function test_103_error_400() {
add_task(async function test_103_error_401() {
await test_hint_preload(
"test_103_error_401",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_error.sjs?401",
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_error.sjs?401",
{ hinted: 1, normal: 1 }
);
});
@@ -43,8 +38,8 @@ add_task(async function test_103_error_401() {
add_task(async function test_103_error_403() {
await test_hint_preload(
"test_103_error_403",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_error.sjs?403",
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_error.sjs?403",
{ hinted: 1, normal: 1 }
);
});
@@ -53,8 +48,8 @@ add_task(async function test_103_error_403() {
add_task(async function test_103_error_404() {
await test_hint_preload(
"test_103_error_404",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_error.sjs?404",
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_error.sjs?404",
{ hinted: 1, normal: 1 }
);
});
@@ -63,8 +58,8 @@ add_task(async function test_103_error_404() {
add_task(async function test_103_error_408() {
await test_hint_preload(
"test_103_error_408",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_error.sjs?408",
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_error.sjs?408",
{ hinted: 1, normal: 1 }
);
});
@@ -73,8 +68,8 @@ add_task(async function test_103_error_408() {
add_task(async function test_103_error_410() {
await test_hint_preload(
"test_103_error_410",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_error.sjs?410",
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_error.sjs?410",
{ hinted: 1, normal: 0 }
);
});
@@ -83,8 +78,8 @@ add_task(async function test_103_error_410() {
add_task(async function test_103_error_429() {
await test_hint_preload(
"test_103_error_429",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_error.sjs?429",
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_error.sjs?429",
{ hinted: 1, normal: 1 }
);
});
@@ -93,8 +88,8 @@ add_task(async function test_103_error_429() {
add_task(async function test_103_error_500() {
await test_hint_preload(
"test_103_error_500",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_error.sjs?500",
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_error.sjs?500",
{ hinted: 1, normal: 1 }
);
});
@@ -103,8 +98,8 @@ add_task(async function test_103_error_500() {
add_task(async function test_103_error_502() {
await test_hint_preload(
"test_103_error_502",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_error.sjs?502",
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_error.sjs?502",
{ hinted: 1, normal: 1 }
);
});
@@ -113,8 +108,8 @@ add_task(async function test_103_error_502() {
add_task(async function test_103_error_503() {
await test_hint_preload(
"test_103_error_503",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_error.sjs?503",
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_error.sjs?503",
{ hinted: 1, normal: 1 }
);
});
@@ -123,8 +118,8 @@ add_task(async function test_103_error_503() {
add_task(async function test_103_error_504() {
await test_hint_preload(
"test_103_error_504",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_error.sjs?504",
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_error.sjs?504",
{ hinted: 1, normal: 1 }
);
});
diff --git a/netwerk/test/browser/browser_103_preload.js b/netwerk/test/browser/browser_103_preload.js
index 7e9d957761d4..12c73a320965 100644
--- a/netwerk/test/browser/browser_103_preload.js
+++ b/netwerk/test/browser/browser_103_preload.js
@@ -4,11 +4,6 @@
"use strict";
-Services.prefs.setCharPref(
- "dom.securecontext.allowlist",
- "example.com,example.net"
-);
-
Services.prefs.setBoolPref("network.early-hints.enabled", true);
const {
@@ -26,15 +21,15 @@ const {
add_task(async function test_103_two_preload_responses() {
await test_hint_preload_internal(
"103_two_preload_responses",
- "http://example.com",
+ "https://example.com",
[
[
- "http://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
+ "https://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
Services.uuid.generateUUID().toString(),
],
["", "new_response"], // empty string to indicate new early hint response
[
- "http://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
+ "https://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
Services.uuid.generateUUID().toString(),
],
],
@@ -46,15 +41,15 @@ add_task(async function test_103_two_preload_responses() {
add_task(async function test_103_two_link_header() {
await test_hint_preload_internal(
"103_two_link_header",
- "http://example.com",
+ "https://example.com",
[
[
- "http://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
+ "https://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
Services.uuid.generateUUID().toString(),
],
["", ""], // empty string to indicate new early hint response
[
- "http://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
+ "https://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
Services.uuid.generateUUID().toString(),
],
],
@@ -66,14 +61,14 @@ add_task(async function test_103_two_link_header() {
add_task(async function test_103_two_links() {
await test_hint_preload_internal(
"103_two_links",
- "http://example.com",
+ "https://example.com",
[
[
- "http://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
+ "https://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
Services.uuid.generateUUID().toString(),
],
[
- "http://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
+ "https://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
Services.uuid.generateUUID().toString(),
],
],
@@ -88,15 +83,15 @@ add_task(async function test_103_preload_twice() {
let uuid = Services.uuid.generateUUID();
await test_hint_preload(
"test_103_preload_twice_1",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
{ hinted: 1, normal: 0 },
uuid
);
await test_hint_preload(
"test_103_preload_twice_2",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
{ hinted: 0, normal: 0 },
uuid
);
@@ -107,8 +102,8 @@ add_task(async function test_103_preload_disabled() {
Services.prefs.setBoolPref("network.early-hints.enabled", false);
await test_hint_preload(
"test_103_preload_disabled",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
{ hinted: 0, normal: 1 }
);
Services.prefs.setBoolPref("network.early-hints.enabled", true);
@@ -128,8 +123,8 @@ add_task(async function test_103_preload_https() {
add_task(async function test_103_preload() {
await test_hint_preload(
"test_103_preload",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
{ hinted: 1, normal: 0 }
);
});
@@ -138,9 +133,9 @@ add_task(async function test_103_preload() {
add_task(async function test_103_preload_cor() {
await test_hint_preload(
"test_103_preload_cor",
- "http://example.com",
- "http://example.net/browser/netwerk/test/browser/early_hint_pixel.sjs",
- { hinted: 0, normal: 1 }
+ "https://example.com",
+ "https://example.net/browser/netwerk/test/browser/early_hint_pixel.sjs",
+ { hinted: 1, normal: 0 }
);
});
@@ -148,7 +143,7 @@ add_task(async function test_103_preload_cor() {
add_task(async function test_103_preload_insecure_cor() {
await test_hint_preload(
"test_103_preload_insecure_cor",
- "http://example.com",
+ "https://example.com",
"http://mochi.test:8888/browser/netwerk/test/browser/early_hint_pixel.sjs",
{ hinted: 0, normal: 1 }
);
@@ -158,7 +153,7 @@ add_task(async function test_103_preload_insecure_cor() {
add_task(async function test_103_relative_preload() {
await test_hint_preload(
"test_103_relative_preload",
- "http://example.com",
+ "https://example.com",
"/browser/netwerk/test/browser/early_hint_pixel.sjs",
{ hinted: 1, normal: 0 }
);
@@ -178,8 +173,8 @@ add_task(async function test_103_insecure_preload() {
add_task(async function test_103_redirect_same_origin() {
await test_hint_preload(
"test_103_redirect_same_origin",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_redirect.sjs?http://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_redirect.sjs?https://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs",
{ hinted: 2, normal: 0 } // successful preload of redirect and resulting image
);
});
@@ -188,9 +183,9 @@ add_task(async function test_103_redirect_same_origin() {
add_task(async function test_103_redirect_cross_origin() {
await test_hint_preload(
"test_103_redirect_cross_origin",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_redirect.sjs?http://example.net/browser/netwerk/test/browser/early_hint_pixel.sjs",
- { hinted: 1, normal: 1 } // successful load of redirect in preload, but image loaded via normal load
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_redirect.sjs?https://example.net/browser/netwerk/test/browser/early_hint_pixel.sjs",
+ { hinted: 2, normal: 0 } // successful load of redirect in preload, but image loaded via normal load
);
});
@@ -198,8 +193,8 @@ add_task(async function test_103_redirect_cross_origin() {
add_task(async function test_103_redirect_insecure_cross_origin() {
await test_hint_preload(
"test_103_redirect_insecure_cross_origin",
- "http://example.com",
- "http://example.com/browser/netwerk/test/browser/early_hint_redirect.sjs?http://mochi.test:8888/browser/netwerk/test/browser/early_hint_pixel.sjs",
+ "https://example.com",
+ "https://example.com/browser/netwerk/test/browser/early_hint_redirect.sjs?http://mochi.test:8888/browser/netwerk/test/browser/early_hint_pixel.sjs",
{ hinted: 1, normal: 1 }
);
});
@@ -228,7 +223,7 @@ add_task(async function test_103_preload_redirect_mixed_content() {
add_task(async function test_103_preload_only_file() {
await test_hint_preload(
"test_103_preload_only_file",
- "http://example.com",
+ "https://example.com",
"early_hint_pixel.sjs",
{ hinted: 1, normal: 0 }
);
@@ -240,12 +235,12 @@ add_task(async function test_preload_csp_imgsrc_none() {
let headers = new Headers();
headers.append("X-Early-Hint-Count-Start", "");
await fetch(
- "http://example.com/browser/netwerk/test/browser/early_hint_pixel_count.sjs",
+ "https://example.com/browser/netwerk/test/browser/early_hint_pixel_count.sjs",
{ headers }
);
let requestUrl =
- "http://example.com/browser/netwerk/test/browser/103_preload_csp_imgsrc_none.html";
+ "https://example.com/browser/netwerk/test/browser/103_preload_csp_imgsrc_none.html";
await BrowserTestUtils.withNewTab(
{
@@ -256,7 +251,7 @@ add_task(async function test_preload_csp_imgsrc_none() {
async function(browser) {
let noImgLoaded = await SpecialPowers.spawn(browser, [], function() {
let loadInfo = content.performance.getEntriesByName(
- "http://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs?1ac2a5e1-90c7-4171-b0f0-676f7d899af3"
+ "https://example.com/browser/netwerk/test/browser/early_hint_pixel.sjs?1ac2a5e1-90c7-4171-b0f0-676f7d899af3"
);
return loadInfo.every(entry => entry.decodedBodySize === 0);
});
@@ -268,7 +263,7 @@ add_task(async function test_preload_csp_imgsrc_none() {
);
let gotRequestCount = await fetch(
- "http://example.com/browser/netwerk/test/browser/early_hint_pixel_count.sjs"
+ "https://example.com/browser/netwerk/test/browser/early_hint_pixel_count.sjs"
).then(response => response.json());
let expectedRequestCount = { hinted: 1, normal: 0 };
@@ -295,12 +290,12 @@ add_task(async function test_103_iframe() {
let headers = new Headers();
headers.append("X-Early-Hint-Count-Start", "");
await fetch(
- "http://example.com/browser/netwerk/test/browser/early_hint_pixel_count.sjs",
+ "https://example.com/browser/netwerk/test/browser/early_hint_pixel_count.sjs",
{ headers }
);
let iframeUri =
- "http://example.com/browser/netwerk/test/browser/103_preload_iframe.html";
+ "https://example.com/browser/netwerk/test/browser/103_preload_iframe.html";
await BrowserTestUtils.withNewTab(
{
@@ -312,7 +307,7 @@ add_task(async function test_103_iframe() {
);
let gotRequestCount = await fetch(
- "http://example.com/browser/netwerk/test/browser/early_hint_pixel_count.sjs"
+ "https://example.com/browser/netwerk/test/browser/early_hint_pixel_count.sjs"
).then(response => response.json());
let expectedRequestCount = { hinted: 0, normal: 1 };
@@ -339,12 +334,12 @@ add_task(async function test_103_anchor() {
let headers = new Headers();
headers.append("X-Early-Hint-Count-Start", "");
await fetch(
- "http://example.com/browser/netwerk/test/browser/early_hint_pixel_count.sjs",
+ "https://example.com/browser/netwerk/test/browser/early_hint_pixel_count.sjs",
{ headers }
);
let anchorUri =
- "http://example.com/browser/netwerk/test/browser/103_preload_anchor.html";
+ "https://example.com/browser/netwerk/test/browser/103_preload_anchor.html";
await BrowserTestUtils.withNewTab(
{
@@ -356,7 +351,7 @@ add_task(async function test_103_anchor() {
);
let gotRequestCount = await fetch(
- "http://example.com/browser/netwerk/test/browser/early_hint_pixel_count.sjs"
+ "https://example.com/browser/netwerk/test/browser/early_hint_pixel_count.sjs"
).then(response => response.json());
await Assert.deepEqual(