Bug 1376309 - Allow localhost ws:// connections from secure origins. r=jkt

We already allow HTTPS origins to use to plain HTTP active content when using
loopback URLs such as http://127.0.0.1. Lets extend this to WebSocket
connections as well to match Chrome.

Differential Revision: https://phabricator.services.mozilla.com/D38290

--HG--
extra : moz-landing-system : lando

dom/security/nsMixedContentBlocker.cpp

@@ -371,17 +371,18 @@ nsMixedContentBlocker::ShouldLoad(nsIURI* aContentLocation,
   return rv;
 }
 
-bool nsMixedContentBlocker::IsPotentiallyTrustworthyLoopbackURL(nsIURI* aURL) {
-  nsAutoCString host;
-  nsresult rv = aURL->GetHost(host);
-  NS_ENSURE_SUCCESS(rv, false);
+bool nsMixedContentBlocker::IsPotentiallyTrustworthyLoopbackHost(
+    const nsACString& aAsciiHost) {
+  return aAsciiHost.EqualsLiteral("127.0.0.1") ||
+         aAsciiHost.EqualsLiteral("::1") ||
+         aAsciiHost.EqualsLiteral("localhost");
+}
 
-  // We could also allow 'localhost' (if we can guarantee that it resolves
-  // to a loopback address), but Chrome doesn't support it as of writing. For
-  // web compat, lets only allow what Chrome allows.
-  // see also https://bugzilla.mozilla.org/show_bug.cgi?id=1220810
-  return host.EqualsLiteral("127.0.0.1") || host.EqualsLiteral("::1") ||
-         host.EqualsLiteral("localhost");
+bool nsMixedContentBlocker::IsPotentiallyTrustworthyLoopbackURL(nsIURI* aURL) {
+  nsAutoCString asciiHost;
+  nsresult rv = aURL->GetAsciiHost(asciiHost);
+  NS_ENSURE_SUCCESS(rv, false);
+  return IsPotentiallyTrustworthyLoopbackHost(asciiHost);
 }
 
 /* Maybe we have a .onion URL. Treat it as whitelisted as well if

dom/security/nsMixedContentBlocker.h

@@ -49,6 +49,8 @@ class nsMixedContentBlocker : public nsIContentPolicy,
 
   // See:
   // https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy
+  static bool IsPotentiallyTrustworthyLoopbackHost(
+      const nsACString& aAsciiHost);
   static bool IsPotentiallyTrustworthyLoopbackURL(nsIURI* aURL);
   static bool IsPotentiallyTrustworthyOnion(nsIURI* aURL);
   static bool IsPotentiallyTrustworthyOrigin(nsIURI* aURI);

dom/websocket/WebSocket.cpp

@@ -18,6 +18,7 @@
 #include "mozilla/dom/MessageEventBinding.h"
 #include "mozilla/dom/nsCSPContext.h"
 #include "mozilla/dom/nsCSPUtils.h"
+#include "mozilla/dom/nsMixedContentBlocker.h"
 #include "mozilla/dom/ScriptSettings.h"
 #include "mozilla/dom/SerializedStackHolder.h"
 #include "mozilla/dom/WorkerPrivate.h"
@@ -1611,7 +1612,9 @@ nsresult WebSocketImpl::Init(JSContext* aCx, nsIPrincipal* aLoadingPrincipal,
   // Don't allow https:// to open ws://
   if (!mIsServerSide && !mSecure &&
       !Preferences::GetBool("network.websocket.allowInsecureFromHTTPS",
-                            false)) {
+                            false) &&
+      !nsMixedContentBlocker::IsPotentiallyTrustworthyLoopbackHost(
+          mAsciiHost)) {
     nsCOMPtr<nsIURI> originURI;
     if (aLoadingPrincipal) {
       aLoadingPrincipal->GetURI(getter_AddRefs(originURI));