Bug 1398229 - Save-link-as feature should use the loading principal - part 3 - implementation of nsIContentPolicy.TYPE_SAVE_AS_DOWNLOAD, r=ckerschb, r=tanvi

This commit is contained in:
Andrea Marchesini 2017-11-16 12:27:01 +01:00
Родитель 5ed6994506
Коммит 97baa05333
7 изменённых файлов: 24 добавлений и 1 удалений

Просмотреть файл

@ -114,6 +114,7 @@ NS_CP_ContentTypeName(uint32_t contentType)
CASE_RETURN( TYPE_FETCH );
CASE_RETURN( TYPE_IMAGESET );
CASE_RETURN( TYPE_WEB_MANIFEST );
CASE_RETURN( TYPE_SAVEAS_DOWNLOAD );
CASE_RETURN( TYPE_INTERNAL_SCRIPT );
CASE_RETURN( TYPE_INTERNAL_WORKER );
CASE_RETURN( TYPE_INTERNAL_SHARED_WORKER );

Просмотреть файл

@ -181,6 +181,11 @@ interface nsIContentPolicy : nsISupports
*/
const nsContentPolicyType TYPE_WEB_MANIFEST = 22;
/**
* Indicates an save-as link download from the front-end code.
*/
const nsContentPolicyType TYPE_SAVEAS_DOWNLOAD = 43;
/**
* Indicates an internal constant for scripts loaded through script
* elements.

1
dom/cache/DBSchema.cpp поставляемый
Просмотреть файл

@ -311,6 +311,7 @@ static_assert(nsIContentPolicy::TYPE_INVALID == 0 &&
nsIContentPolicy::TYPE_FETCH == 20 &&
nsIContentPolicy::TYPE_IMAGESET == 21 &&
nsIContentPolicy::TYPE_WEB_MANIFEST == 22 &&
nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD == 43 &&
nsIContentPolicy::TYPE_INTERNAL_SCRIPT == 23 &&
nsIContentPolicy::TYPE_INTERNAL_WORKER == 24 &&
nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER == 25 &&

Просмотреть файл

@ -324,6 +324,9 @@ InternalRequest::MapContentPolicyTypeToRequestContext(nsContentPolicyType aConte
case nsIContentPolicy::TYPE_WEB_MANIFEST:
context = RequestContext::Manifest;
break;
case nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD:
context = RequestContext::Internal;
break;
default:
MOZ_ASSERT(false, "Unhandled nsContentPolicyType value");
break;

Просмотреть файл

@ -53,7 +53,7 @@ namespace dom {
* image | TYPE_INTERNAL_IMAGE, TYPE_INTERNAL_IMAGE_PRELOAD, TYPE_INTERNAL_IMAGE_FAVICON
* imageset | TYPE_IMAGESET
* import | Not supported by Gecko
* internal | TYPE_DOCUMENT, TYPE_XBL, TYPE_OTHER
* internal | TYPE_DOCUMENT, TYPE_XBL, TYPE_OTHER, TYPE_SAVEAS_DOWNLOAD
* location |
* manifest | TYPE_WEB_MANIFEST
* object | TYPE_INTERNAL_OBJECT

Просмотреть файл

@ -480,6 +480,12 @@ DoContentSecurityChecks(nsIChannel* aChannel, nsILoadInfo* aLoadInfo)
break;
}
case nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD: {
mimeTypeGuess = EmptyCString();
requestingContext = aLoadInfo->LoadingNode();
break;
}
default:
// nsIContentPolicy::TYPE_INVALID
MOZ_ASSERT(false, "can not perform security check without a valid contentType");

Просмотреть файл

@ -576,6 +576,13 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
*aDecision = ACCEPT;
return NS_OK;
// Creating insecure connections for a save-as link download is acceptable.
// This download is completely disconnected from the docShell, but still
// using the same loading principal.
case TYPE_SAVEAS_DOWNLOAD:
*aDecision = ACCEPT;
return NS_OK;
// Static display content is considered moderate risk for mixed content so
// these will be blocked according to the mixed display preference
case TYPE_IMAGE: