mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1558915 - Use infallible nsIURI::SchemeIs in netwerk/. r=baku 

Sorry I had some problems figuring out who can review netwerk/. Most people seem to be on PTO.

Differential Revision: https://phabricator.services.mozilla.com/D41175

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Tom Schuster 2019-08-08 13:02:36 +00:00
Родитель 87b85ea3b1
Коммит d2d9c3ff60
20 изменённых файлов: 97 добавлений и 220 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

4
netwerk/base/LoadInfo.cpp
Просмотреть файл

@ -270,9 +270,7 @@ LoadInfo::LoadInfo(
if (uri) {
// Checking https not secure context as http://localhost can't be
// upgraded
bool isHttpsScheme;
nsresult rv = uri->SchemeIs("https", &isHttpsScheme);
if (NS_SUCCEEDED(rv) && isHttpsScheme) {
if (uri->SchemeIs("https")) {
if (nsMixedContentBlocker::ShouldUpgradeMixedDisplayContent()) {
mBrowserUpgradeInsecureRequests = true;
} else {

16
netwerk/base/Predictor.cpp
Просмотреть файл

@ -123,13 +123,7 @@ static bool IsNullOrHttp(nsIURI* uri) {
return true;
}
bool isHTTP = false;
uri->SchemeIs("http", &isHTTP);
if (!isHTTP) {
uri->SchemeIs("https", &isHTTP);
}
return isHTTP;
return uri->SchemeIs("http") || uri->SchemeIs("https");
}
// Listener for the speculative DNS requests we'll fire off, which just ignores
@ -833,9 +827,7 @@ void Predictor::PredictForLink(nsIURI* targetURI, nsIURI* sourceURI,
}
if (!StaticPrefs::network_predictor_enable_hover_on_ssl()) {
bool isSSL = false;
sourceURI->SchemeIs("https", &isSSL);
if (isSSL) {
if (sourceURI->SchemeIs("https")) {
// We don't want to predict from an HTTPS page, to avoid info leakage
PREDICTOR_LOG((" Not predicting for link hover - on an SSL page"));
return;
@ -1351,10 +1343,8 @@ bool Predictor::RunPredictions(nsIURI* referrer,
mDNSListener, nullptr, originAttributes,
getter_AddRefs(tmpCancelable));
bool isHttps;
uri->SchemeIs("https", &isHttps);
// Fetch esni keys if needed.
if (sEsniEnabled && isHttps) {
if (sEsniEnabled && uri->SchemeIs("https")) {
nsAutoCString esniHost;
esniHost.Append("_esni.");
esniHost.Append(hostname);

3
netwerk/base/nsDNSPrefetch.cpp
Просмотреть файл

@ -38,8 +38,7 @@ nsDNSPrefetch::nsDNSPrefetch(nsIURI* aURI,
mStoreTiming(storeTiming),
mListener(do_GetWeakReference(aListener)) {
aURI->GetAsciiHost(mHostname);
mIsHttps = false;
aURI->SchemeIs("https", &mIsHttps);
mIsHttps = aURI->SchemeIs("https");
}
nsresult nsDNSPrefetch::Prefetch(uint16_t flags) {

4
netwerk/base/nsIOService.cpp
Просмотреть файл

@ -1732,9 +1732,7 @@ nsresult nsIOService::SpeculativeConnectInternal(
bool aAnonymous) {
NS_ENSURE_ARG(aURI);
bool isHTTP, isHTTPS;
if (!(NS_SUCCEEDED(aURI->SchemeIs("http", &isHTTP)) && isHTTP) &&
!(NS_SUCCEEDED(aURI->SchemeIs("https", &isHTTPS)) && isHTTPS)) {
if (!aURI->SchemeIs("http") && !aURI->SchemeIs("https")) {
// We don't speculatively connect to non-HTTP[S] URIs.
return NS_OK;
}

17
netwerk/base/nsNetUtil.cpp
Просмотреть файл

@ -2545,8 +2545,7 @@ bool NS_IsHSTSUpgradeRedirect(nsIChannel* aOldChannel, nsIChannel* aNewChannel,
return false;
}
bool isHttp;
if (NS_FAILED(oldURI->SchemeIs("http", &isHttp)) || !isHttp) {
if (!oldURI->SchemeIs("http")) {
return false;
}
@ -2662,8 +2661,7 @@ void net_EnsurePSMInit() {
bool NS_IsAboutBlank(nsIURI* uri) {
// GetSpec can be expensive for some URIs, so check the scheme first.
bool isAbout = false;
if (NS_FAILED(uri->SchemeIs("about", &isAbout)) || !isAbout) {
if (!uri->SchemeIs("about")) {
return false;
}
@ -2767,9 +2765,7 @@ nsresult NS_ShouldSecureUpgrade(
// data (it is read-only).
// if the connection is not using SSL and either the exact host matches or
// a superdomain wants to force HTTPS, do it.
bool isHttps = false;
nsresult rv = aURI->SchemeIs("https", &isHttps);
NS_ENSURE_SUCCESS(rv, rv);
bool isHttps = aURI->SchemeIs("https");
if (!isHttps &&
!nsMixedContentBlocker::IsPotentiallyTrustworthyLoopbackURL(aURI)) {
@ -2876,7 +2872,7 @@ nsresult NS_ShouldSecureUpgrade(
if (!storageReady && gSocketTransportService && aResultCallback) {
nsCOMPtr<nsIURI> uri = aURI;
nsCOMPtr<nsISiteSecurityService> service = sss;
rv = gSocketTransportService->Dispatch(
nsresult rv = gSocketTransportService->Dispatch(
NS_NewRunnableFunction(
"net::NS_ShouldSecureUpgrade",
[service{std::move(service)}, uri{std::move(uri)}, flags(flags),
@ -2906,7 +2902,7 @@ nsresult NS_ShouldSecureUpgrade(
return rv;
}
rv = sss->IsSecureURI(nsISiteSecurityService::HEADER_HSTS, aURI, flags,
nsresult rv = sss->IsSecureURI(nsISiteSecurityService::HEADER_HSTS, aURI, flags,
aOriginAttributes, nullptr, &hstsSource, &isStsHost);
// if the SSS check fails, it's likely because this load is on a
@ -2974,8 +2970,7 @@ nsresult NS_CompareLoadInfoAndLoadContext(nsIChannel* aChannel) {
nsINode* node = loadInfo->LoadingNode();
if (node) {
nsIURI* uri = node->OwnerDoc()->GetDocumentURI();
nsresult rv = uri->SchemeIs("about", &isAboutPage);
NS_ENSURE_SUCCESS(rv, rv);
isAboutPage = uri->SchemeIs("about");
}
if (isAboutPage) {

3
netwerk/cookie/CookieServiceChild.cpp
Просмотреть файл

@ -290,10 +290,9 @@ void CookieServiceChild::GetCookieStringFromCookieHashTable(
}
nsAutoCString hostFromURI, pathFromURI;
bool isSecure;
aHostURI->GetAsciiHost(hostFromURI);
aHostURI->GetPathQueryRef(pathFromURI);
aHostURI->SchemeIs("https", &isSecure);
bool isSecure = aHostURI->SchemeIs("https");
int64_t currentTimeInUsec = PR_Now();
int64_t currentTime = currentTimeInUsec / PR_USEC_PER_SEC;

73
netwerk/cookie/nsCookieService.cpp
Просмотреть файл

@ -3048,10 +3048,7 @@ void nsCookieService::GetCookiesForURI(
// check if aHostURI is using an https secure protocol.
// if it isn't, then we can't send a secure cookie over the connection.
// if SchemeIs fails, assume an insecure connection, to be on the safe side
bool isSecure;
if (NS_FAILED(aHostURI->SchemeIs("https", &isSecure))) {
isSecure = false;
}
bool isSecure = aHostURI->SchemeIs("https");
nsCookie* cookie;
int64_t currentTimeInUsec = PR_Now();
@ -3233,35 +3230,32 @@ bool nsCookieService::CanSetCookie(nsIURI* aHostURI, const nsCookieKey& aKey,
// 1 = nonsecure and "https:"
// 2 = secure and "http:"
// 3 = secure and "https:"
bool isHTTPS = true;
nsresult rv = aHostURI->SchemeIs("https", &isHTTPS);
if (NS_SUCCEEDED(rv)) {
Telemetry::Accumulate(
Telemetry::COOKIE_SCHEME_SECURITY,
((aCookieData.isSecure()) ? 0x02 : 0x00) | ((isHTTPS) ? 0x01 : 0x00));
bool isHTTPS = aHostURI->SchemeIs("https");
Telemetry::Accumulate(
Telemetry::COOKIE_SCHEME_SECURITY,
((aCookieData.isSecure()) ? 0x02 : 0x00) | ((isHTTPS) ? 0x01 : 0x00));
// Collect telemetry on how often are first- and third-party cookies set
// from HTTPS origins:
//
// 0 (000) = first-party and "http:"
// 1 (001) = first-party and "http:" with bogus Secure cookie flag?!
// 2 (010) = first-party and "https:"
// 3 (011) = first-party and "https:" with Secure cookie flag
// 4 (100) = third-party and "http:"
// 5 (101) = third-party and "http:" with bogus Secure cookie flag?!
// 6 (110) = third-party and "https:"
// 7 (111) = third-party and "https:" with Secure cookie flag
if (aThirdPartyUtil) {
bool isThirdParty = true;
// Collect telemetry on how often are first- and third-party cookies set
// from HTTPS origins:
//
// 0 (000) = first-party and "http:"
// 1 (001) = first-party and "http:" with bogus Secure cookie flag?!
// 2 (010) = first-party and "https:"
// 3 (011) = first-party and "https:" with Secure cookie flag
// 4 (100) = third-party and "http:"
// 5 (101) = third-party and "http:" with bogus Secure cookie flag?!
// 6 (110) = third-party and "https:"
// 7 (111) = third-party and "https:" with Secure cookie flag
if (aThirdPartyUtil) {
bool isThirdParty = true;
if (aChannel) {
aThirdPartyUtil->IsThirdPartyChannel(aChannel, aHostURI, &isThirdParty);
}
Telemetry::Accumulate(Telemetry::COOKIE_SCHEME_HTTPS,
(isThirdParty ? 0x04 : 0x00) |
(isHTTPS ? 0x02 : 0x00) |
(aCookieData.isSecure() ? 0x01 : 0x00));
if (aChannel) {
aThirdPartyUtil->IsThirdPartyChannel(aChannel, aHostURI, &isThirdParty);
}
Telemetry::Accumulate(Telemetry::COOKIE_SCHEME_HTTPS,
(isThirdParty ? 0x04 : 0x00) |
(isHTTPS ? 0x02 : 0x00) |
(aCookieData.isSecure() ? 0x01 : 0x00));
}
int64_t currentTimeInUsec = PR_Now();
@ -3457,8 +3451,8 @@ void nsCookieService::AddInternal(const nsCookieKey& aKey, nsCookie* aCookie,
aCookie->Path(), exactIter);
bool foundSecureExact = foundCookie && exactIter.Cookie()->IsSecure();
bool isSecure = true;
if (aHostURI && NS_FAILED(aHostURI->SchemeIs("https", &isSecure))) {
isSecure = false;
if (aHostURI) {
isSecure = aHostURI->SchemeIs("https");
}
bool oldCookieIsSession = false;
// Step1, call FindSecureCookie(). FindSecureCookie() would
@ -3917,10 +3911,8 @@ nsresult nsCookieService::GetBaseDomain(nsIEffectiveTLDService* aTLDService,
return NS_ERROR_INVALID_ARG;
// block any URIs without a host that aren't file:// URIs.
if (aBaseDomain.IsEmpty()) {
bool isFileURI = false;
aHostURI->SchemeIs("file", &isFileURI);
if (!isFileURI) return NS_ERROR_INVALID_ARG;
if (aBaseDomain.IsEmpty() && !aHostURI->SchemeIs("file")) {
return NS_ERROR_INVALID_ARG;
}
return NS_OK;
@ -3997,8 +3989,7 @@ CookieStatus nsCookieService::CheckPrefs(
*aRejectedReason = 0;
// don't let ftp sites get/set cookies (could be a security issue)
bool ftp;
if (NS_SUCCEEDED(aHostURI->SchemeIs("ftp", &ftp)) && ftp) {
if (aHostURI->SchemeIs("ftp")) {
COOKIE_LOGFAILURE(aCookieHeader.IsVoid() ? GET_COOKIE : SET_COOKIE,
aHostURI, aCookieHeader, "ftp sites cannot read cookies");
return STATUS_REJECTED_WITH_ERROR;
@ -4096,9 +4087,9 @@ CookieStatus nsCookieService::CheckPrefs(
}
if (StaticPrefs::network_cookie_thirdparty_nonsecureSessionOnly()) {
bool isHTTPS = false;
aHostURI->SchemeIs("https", &isHTTPS);
if (!isHTTPS) return STATUS_ACCEPT_SESSION;
if (!aHostURI->SchemeIs("https")) {
return STATUS_ACCEPT_SESSION;
}
}
}

15
netwerk/protocol/about/nsAboutCacheEntry.cpp
Просмотреть файл

@ -330,19 +330,14 @@ nsresult nsAboutCacheEntry::Channel::WriteCacheEntryDescription(
// Test if the key is actually a URI
nsCOMPtr<nsIURI> uri;
bool isJS = false;
bool isData = false;
rv = NS_NewURI(getter_AddRefs(uri), str);
// javascript: and data: URLs should not be linkified
// since clicking them can cause scripts to run - bug 162584
if (NS_SUCCEEDED(rv)) {
uri->SchemeIs("javascript", &isJS);
uri->SchemeIs("data", &isData);
}
nsAutoCString escapedStr;
nsAppendEscapedHTML(str, escapedStr);
if (NS_SUCCEEDED(rv) && !(isJS || isData)) {
// javascript: and data: URLs should not be linkified
// since clicking them can cause scripts to run - bug 162584
if (NS_SUCCEEDED(rv) && !(uri->SchemeIs("javascript") || uri->SchemeIs("data"))) {
buffer.AppendLiteral("<a href=\"");
buffer.Append(escapedStr);
buffer.AppendLiteral("\">");

10
netwerk/protocol/about/nsAboutProtocolUtils.h
Просмотреть файл

@ -14,14 +14,8 @@
inline MOZ_MUST_USE nsresult NS_GetAboutModuleName(nsIURI* aAboutURI,
nsCString& aModule) {
#ifdef DEBUG
{
bool isAbout;
NS_ASSERTION(
NS_SUCCEEDED(aAboutURI->SchemeIs("about", &isAbout)) && isAbout,
"should be used only on about: URIs");
}
#endif
NS_ASSERTION(aAboutURI->SchemeIs("about"),
"should be used only on about: URIs");
nsresult rv = aAboutURI->GetPathQueryRef(aModule);
NS_ENSURE_SUCCESS(rv, rv);

6
netwerk/protocol/http/Http2Session.cpp
Просмотреть файл

@ -1992,8 +1992,7 @@ nsresult Http2Session::RecvPushPromise(Http2Session* self) {
if (NS_SUCCEEDED(rv) && pushedPort == -1) {
// Need to get the right default port, so TestJoinConnection below can
// check things correctly. See bug 1397621.
bool isHttp = false;
if (NS_SUCCEEDED(pushedOrigin->SchemeIs("http", &isHttp)) && isHttp) {
if (pushedOrigin->SchemeIs("http")) {
pushedPort = NS_HTTP_DEFAULT_PORT;
} else {
pushedPort = NS_HTTPS_DEFAULT_PORT;
@ -2788,8 +2787,7 @@ nsresult Http2Session::RecvOrigin(Http2Session* self) {
LOG3(("Http2Session::RecvOrigin %p origin frame string %s parsed OK\n",
self, originString.get()));
bool isHttps = false;
if (NS_FAILED(originURL->SchemeIs("https", &isHttps)) || !isHttps) {
if (!originURL->SchemeIs("https")) {
LOG3(("Http2Session::RecvOrigin %p origin frame not https\n", self));
continue;
}

17
netwerk/protocol/http/HttpBaseChannel.cpp
Просмотреть файл

@ -354,12 +354,9 @@ nsresult HttpBaseChannel::Init(nsIURI* aURI, uint32_t aCaps,
// Construct connection info object
nsAutoCString host;
int32_t port = -1;
bool isHTTPS = false;
bool isHTTPS = mURI->SchemeIs("https");
nsresult rv = mURI->SchemeIs("https", &isHTTPS);
if (NS_FAILED(rv)) return rv;
rv = mURI->GetAsciiHost(host);
nsresult rv = mURI->GetAsciiHost(host);
if (NS_FAILED(rv)) return rv;
// Reject the URL if it doesn't specify a host
@ -1227,9 +1224,7 @@ HttpBaseChannel::DoApplyContentConversions(nsIStreamListener* aNextListener,
break;
}
bool isHTTPS = false;
mURI->SchemeIs("https", &isHTTPS);
if (gHttpHandler->IsAcceptableEncoding(val, isHTTPS)) {
if (gHttpHandler->IsAcceptableEncoding(val, mURI->SchemeIs("https"))) {
nsCOMPtr<nsIStreamConverterService> serv;
rv = gHttpHandler->GetStreamConverterService(getter_AddRefs(serv));
@ -3128,8 +3123,7 @@ nsresult HttpBaseChannel::SetupReplacementChannel(nsIURI* newURI,
// set, then allow the flag to apply to the redirected channel as well.
// since we force set INHIBIT_PERSISTENT_CACHING on all HTTPS channels,
// we only need to check if the original channel was using SSL.
bool usingSSL = false;
rv = mURI->SchemeIs("https", &usingSSL);
bool usingSSL = mURI->SchemeIs("https");
if (NS_SUCCEEDED(rv) && usingSSL) newLoadFlags &= ~INHIBIT_PERSISTENT_CACHING;
// Do not pass along LOAD_CHECK_OFFLINE_CACHE
@ -4265,8 +4259,7 @@ HttpBaseChannel::GetNativeServerTiming(
nsTArray<nsCOMPtr<nsIServerTiming>>& aServerTiming) {
aServerTiming.Clear();
bool isHTTPS = false;
if (NS_SUCCEEDED(mURI->SchemeIs("https", &isHTTPS)) && isHTTPS) {
if (mURI->SchemeIs("https")) {
ParseServerTimingHeader(mResponseHead, aServerTiming);
ParseServerTimingHeader(mResponseTrailers, aServerTiming);
}

7
netwerk/protocol/http/HttpChannelChild.cpp
Просмотреть файл

@ -3927,18 +3927,15 @@ mozilla::ipc::IPCResult HttpChannelChild::RecvIssueDeprecationWarning(
}
bool HttpChannelChild::ShouldInterceptURI(nsIURI* aURI, bool& aShouldUpgrade) {
bool isHttps = false;
nsresult rv = aURI->SchemeIs("https", &isHttps);
NS_ENSURE_SUCCESS(rv, false);
nsCOMPtr<nsIPrincipal> resultPrincipal;
if (!isHttps && mLoadInfo) {
if (!aURI->SchemeIs("https") && mLoadInfo) {
nsContentUtils::GetSecurityManager()->GetChannelResultPrincipal(
this, getter_AddRefs(resultPrincipal));
}
OriginAttributes originAttributes;
NS_ENSURE_TRUE(NS_GetOriginAttributes(this, originAttributes), false);
bool notused = false;
rv = NS_ShouldSecureUpgrade(aURI, mLoadInfo, resultPrincipal,
nsresult rv = NS_ShouldSecureUpgrade(aURI, mLoadInfo, resultPrincipal,
mPrivateBrowsing, mAllowSTS, originAttributes,
aShouldUpgrade, nullptr, notused);
NS_ENSURE_SUCCESS(rv, false);

10
netwerk/protocol/http/nsCORSListenerProxy.cpp
Просмотреть файл

@ -832,12 +832,9 @@ bool CheckUpgradeInsecureRequestsPreventsCORS(
nsCOMPtr<nsIURI> channelURI;
nsresult rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(channelURI));
NS_ENSURE_SUCCESS(rv, false);
bool isHttpScheme = false;
rv = channelURI->SchemeIs("http", &isHttpScheme);
NS_ENSURE_SUCCESS(rv, false);
// upgrade insecure requests is only applicable to http requests
if (!isHttpScheme) {
if (!channelURI->SchemeIs("http")) {
return false;
}
@ -893,10 +890,7 @@ nsresult nsCORSListenerProxy::UpdateChannel(nsIChannel* aChannel,
// exempt data URIs from the same origin check.
if (aAllowDataURI == DataURIHandling::Allow && originalURI == uri) {
bool dataScheme = false;
rv = uri->SchemeIs("data", &dataScheme);
NS_ENSURE_SUCCESS(rv, rv);
if (dataScheme) {
if (uri->SchemeIs("data")) {
return NS_OK;
}
if (loadInfo->GetAboutBlankInherits() && NS_IsAboutBlank(uri)) {

57
netwerk/protocol/http/nsHttpChannel.cpp
Просмотреть файл

@ -537,11 +537,8 @@ nsresult nsHttpChannel::OnBeforeConnect() {
NS_ENSURE_SUCCESS(rv, rv);
}
bool isHttps = false;
rv = mURI->SchemeIs("https", &isHttps);
NS_ENSURE_SUCCESS(rv, rv);
nsCOMPtr<nsIPrincipal> resultPrincipal;
if (!isHttps && mLoadInfo) {
if (!mURI->SchemeIs("https") && mLoadInfo) {
nsContentUtils::GetSecurityManager()->GetChannelResultPrincipal(
this, getter_AddRefs(resultPrincipal));
}
@ -549,15 +546,12 @@ nsresult nsHttpChannel::OnBeforeConnect() {
if (!NS_GetOriginAttributes(this, originAttributes)) {
return NS_ERROR_FAILURE;
}
bool isHttp = false;
rv = mURI->SchemeIs("http", &isHttp);
NS_ENSURE_SUCCESS(rv, rv);
// At this point it is no longer possible to call
// HttpBaseChannel::UpgradeToSecure.
mUpgradableToSecure = false;
bool shouldUpgrade = mUpgradeToSecure;
if (isHttp) {
if (mURI->SchemeIs("http")) {
if (!shouldUpgrade) {
// Make sure http channel is released on main thread.
// See bug 1539148 for details.
@ -729,10 +723,7 @@ nsresult nsHttpChannel::ConnectOnTailUnblock() {
SpeculativeConnect();
// open a cache entry for this channel...
bool isHttps = false;
rv = mURI->SchemeIs("https", &isHttps);
NS_ENSURE_SUCCESS(rv, rv);
rv = OpenCacheEntry(isHttps);
rv = OpenCacheEntry(mURI->SchemeIs("https"));
// do not continue if asyncOpenCacheEntry is in progress
if (AwaitingCacheCallbacks()) {
@ -2174,18 +2165,15 @@ nsresult nsHttpChannel::ProcessSingleSecurityHeader(
* it's an HTTPS connection.
*/
nsresult nsHttpChannel::ProcessSecurityHeaders() {
nsresult rv;
bool isHttps = false;
rv = mURI->SchemeIs("https", &isHttps);
NS_ENSURE_SUCCESS(rv, rv);
// If this channel is not loading securely, STS or PKP doesn't do anything.
// In the case of HSTS, the upgrade to HTTPS takes place earlier in the
// channel load process.
if (!isHttps) return NS_OK;
if (!mURI->SchemeIs("https")) {
return NS_OK;
}
nsAutoCString asciiHost;
rv = mURI->GetAsciiHost(asciiHost);
nsresult rv = mURI->GetAsciiHost(asciiHost);
NS_ENSURE_SUCCESS(rv, NS_OK);
// If the channel is not a hostname, but rather an IP, do not process STS
@ -2267,9 +2255,7 @@ void nsHttpChannel::ProcessSecurityReport(nsresult status) {
}
bool nsHttpChannel::IsHTTPS() {
bool isHttps;
if (NS_FAILED(mURI->SchemeIs("https", &isHttps)) || !isHttps) return false;
return true;
return mURI->SchemeIs("https");
}
void nsHttpChannel::ProcessSSLInformation() {
@ -2909,11 +2895,7 @@ nsresult nsHttpChannel::ContinueProcessResponse4(nsresult rv) {
bool doNotRender = DoNotRender3xxBody(rv);
if (rv == NS_ERROR_DOM_BAD_URI && mRedirectURI) {
bool isHTTP = false;
if (NS_FAILED(mRedirectURI->SchemeIs("http", &isHTTP))) isHTTP = false;
if (!isHTTP && NS_FAILED(mRedirectURI->SchemeIs("https", &isHTTP)))
isHTTP = false;
bool isHTTP = mRedirectURI->SchemeIs("http") || mRedirectURI->SchemeIs("https");
if (!isHTTP) {
// This was a blocked attempt to redirect and subvert the system by
// redirecting to another protocol (perhaps javascript:)
@ -4385,9 +4367,7 @@ nsHttpChannel::OnCacheEntryCheck(nsICacheEntry* entry,
}
}
bool isHttps = false;
rv = mURI->SchemeIs("https", &isHttps);
NS_ENSURE_SUCCESS(rv, rv);
bool isHttps = mURI->SchemeIs("https");
bool doValidation = false;
bool doBackgroundValidation = false;
@ -4812,10 +4792,7 @@ nsresult nsHttpChannel::OnOfflineCacheEntryAvailable(
" looking for a regular cache entry",
this));
bool isHttps = false;
rv = mURI->SchemeIs("https", &isHttps);
NS_ENSURE_SUCCESS(rv, rv);
bool isHttps = mURI->SchemeIs("https");
rv = OpenCacheEntryInternal(isHttps, nullptr,
false /* don't allow appcache lookups */);
if (NS_FAILED(rv)) {
@ -4994,11 +4971,7 @@ nsresult nsHttpChannel::OpenCacheInputStream(nsICacheEntry* cacheEntry,
bool checkingAppCacheEntry) {
nsresult rv;
bool isHttps = false;
rv = mURI->SchemeIs("https", &isHttps);
NS_ENSURE_SUCCESS(rv, rv);
if (isHttps) {
if (mURI->SchemeIs("https")) {
rv = cacheEntry->GetSecurityInfo(getter_AddRefs(mCachedSecurityInfo));
if (NS_FAILED(rv)) {
LOG(("failed to parse security-info [channel=%p, entry=%p]", this,
@ -5467,9 +5440,8 @@ void nsHttpChannel::UpdateInhibitPersistentCachingFlag() {
if (mResponseHead->NoStore()) mLoadFlags |= INHIBIT_PERSISTENT_CACHING;
// Only cache SSL content on disk if the pref is set
bool isHttps;
if (!gHttpHandler->IsPersistentHttpsCachingEnabled() &&
NS_SUCCEEDED(mURI->SchemeIs("https", &isHttps)) && isHttps) {
mURI->SchemeIs("https")) {
mLoadFlags |= INHIBIT_PERSISTENT_CACHING;
}
}
@ -6562,10 +6534,9 @@ nsresult nsHttpChannel::BeginConnect() {
nsAutoCString host;
nsAutoCString scheme;
int32_t port = -1;
bool isHttps = false;
bool isHttps = mURI->SchemeIs("https");
rv = mURI->GetScheme(scheme);
if (NS_SUCCEEDED(rv)) rv = mURI->SchemeIs("https", &isHttps);
if (NS_SUCCEEDED(rv)) rv = mURI->GetAsciiHost(host);
if (NS_SUCCEEDED(rv)) rv = mURI->GetPort(&port);
if (NS_SUCCEEDED(rv)) mURI->GetUsername(mUsername);

28
netwerk/protocol/http/nsHttpHandler.cpp
Просмотреть файл

@ -1999,18 +1999,10 @@ nsHttpHandler::NewChannel(nsIURI* uri, nsILoadInfo* aLoadInfo,
NS_ENSURE_ARG_POINTER(uri);
NS_ENSURE_ARG_POINTER(result);
bool isHttp = false, isHttps = false;
// Verify that we have been given a valid scheme
nsresult rv = uri->SchemeIs("http", &isHttp);
if (NS_FAILED(rv)) return rv;
if (!isHttp) {
rv = uri->SchemeIs("https", &isHttps);
if (NS_FAILED(rv)) return rv;
if (!isHttps) {
NS_WARNING("Invalid URI scheme");
return NS_ERROR_UNEXPECTED;
}
if (!uri->SchemeIs("http") && !uri->SchemeIs("https")) {
NS_WARNING("Invalid URI scheme");
return NS_ERROR_UNEXPECTED;
}
return NewProxiedChannel(uri, nullptr, 0, nullptr, aLoadInfo, result);
@ -2049,10 +2041,6 @@ nsHttpHandler::NewProxiedChannel(nsIURI* uri, nsIProxyInfo* givenProxyInfo,
NS_ENSURE_ARG(proxyInfo);
}
bool https;
nsresult rv = uri->SchemeIs("https", &https);
if (NS_FAILED(rv)) return rv;
if (IsNeckoChild()) {
httpChannel = new HttpChannelChild();
} else {
@ -2072,7 +2060,7 @@ nsHttpHandler::NewProxiedChannel(nsIURI* uri, nsIProxyInfo* givenProxyInfo,
}
uint64_t channelId;
rv = NewChannelId(channelId);
nsresult rv = NewChannelId(channelId);
NS_ENSURE_SUCCESS(rv, rv);
nsContentPolicyType contentPolicyType =
@ -2429,11 +2417,7 @@ nsresult nsHttpHandler::SpeculativeConnectInternal(
return NS_ERROR_UNEXPECTED;
// Construct connection info object
bool usingSSL = false;
rv = aURI->SchemeIs("https", &usingSSL);
if (NS_FAILED(rv)) return rv;
if (usingSSL && !mSpeculativeConnectEnabled) {
if (aURI->SchemeIs("https") && !mSpeculativeConnectEnabled) {
return NS_ERROR_UNEXPECTED;
}
@ -2454,7 +2438,7 @@ nsresult nsHttpHandler::SpeculativeConnectInternal(
// and all of its consumers.
RefPtr<nsHttpConnectionInfo> ci = new nsHttpConnectionInfo(
host, port, EmptyCString(), username, EmptyCString(), nullptr,
originAttributes, usingSSL);
originAttributes, aURI->SchemeIs("https"));
ci->SetAnonymous(anonymous);
return SpeculativeConnect(ci, aCallbacks);

8
netwerk/protocol/res/ExtensionProtocolHandler.cpp
Просмотреть файл

@ -681,9 +681,7 @@ Result<nsCOMPtr<nsIInputStream>, nsresult> ExtensionProtocolHandler::NewStream(
// these requests ordinarily come from the child's ExtensionProtocolHandler.
// Ensure this request is for a moz-extension URI. A rogue child process
// could send us any URI.
bool isExtScheme = false;
if (NS_FAILED(aChildURI->SchemeIs(EXTENSION_SCHEME, &isExtScheme)) ||
!isExtScheme) {
if (!aChildURI->SchemeIs(EXTENSION_SCHEME)) {
return Err(NS_ERROR_UNKNOWN_PROTOCOL);
}
@ -799,9 +797,7 @@ Result<Ok, nsresult> ExtensionProtocolHandler::NewFD(
nsresult rv;
// Ensure this is a moz-extension URI
bool isExtScheme = false;
if (NS_FAILED(aChildURI->SchemeIs(EXTENSION_SCHEME, &isExtScheme)) ||
!isExtScheme) {
if (!aChildURI->SchemeIs(EXTENSION_SCHEME)) {
return Err(NS_ERROR_UNKNOWN_PROTOCOL);
}

4
netwerk/protocol/websocket/WebSocketChannel.cpp
Просмотреть файл

@ -3075,9 +3075,7 @@ WebSocketChannel::AsyncOnChannelRedirect(
NS_ENSURE_SUCCESS(rv, rv);
// newuri is expected to be http or https
bool newuriIsHttps = false;
rv = newuri->SchemeIs("https", &newuriIsHttps);
NS_ENSURE_SUCCESS(rv, rv);
bool newuriIsHttps = newuri->SchemeIs("https");
if (!mAutoFollowRedirects) {
// Even if redirects configured off, still allow them for HTTP Strict

21
netwerk/streamconv/converters/nsIndexedToHTML.cpp
Просмотреть файл

@ -126,13 +126,9 @@ nsresult nsIndexedToHTML::DoOnStartRequest(nsIRequest* request,
rv = channel->GetOriginalURI(getter_AddRefs(uri));
if (NS_FAILED(rv)) return rv;
bool isResource = false;
rv = uri->SchemeIs("resource", &isResource);
if (NS_FAILED(rv)) return rv;
// We use the original URI for the title and parent link when it's a
// resource:// url, instead of the jar:file:// url it resolves to.
if (!isResource) {
if (!uri->SchemeIs("resource")) {
rv = channel->GetURI(getter_AddRefs(uri));
if (NS_FAILED(rv)) return rv;
}
@ -174,9 +170,7 @@ nsresult nsIndexedToHTML::DoOnStartRequest(nsIRequest* request,
// would muck up the XUL display
// - bbaetz
bool isScheme = false;
bool isSchemeFile = false;
if (NS_SUCCEEDED(uri->SchemeIs("ftp", &isScheme)) && isScheme) {
if (uri->SchemeIs("ftp")) {
// strip out the password here, so it doesn't show in the page title
// This is done by the 300: line generation in ftp, but we don't use
// that - see above
@ -199,8 +193,7 @@ nsresult nsIndexedToHTML::DoOnStartRequest(nsIRequest* request,
rv = uri->Resolve(NS_LITERAL_CSTRING(".."), parentStr);
if (NS_FAILED(rv)) return rv;
}
} else if (NS_SUCCEEDED(uri->SchemeIs("file", &isSchemeFile)) &&
isSchemeFile) {
} else if (uri->SchemeIs("file")) {
nsCOMPtr<nsIFileURL> fileUrl = do_QueryInterface(uri);
nsCOMPtr<nsIFile> file;
rv = fileUrl->GetFile(getter_AddRefs(file));
@ -224,7 +217,7 @@ nsresult nsIndexedToHTML::DoOnStartRequest(nsIRequest* request,
// Directory index will be always encoded in UTF-8 if this is file url
buffer.AppendLiteral("<meta charset=\"UTF-8\">\n");
} else if (NS_SUCCEEDED(uri->SchemeIs("jar", &isScheme)) && isScheme) {
} else if (uri->SchemeIs("jar")) {
nsAutoCString path;
rv = uri->GetPathQueryRef(path);
if (NS_FAILED(rv)) return rv;
@ -515,7 +508,7 @@ nsresult nsIndexedToHTML::DoOnStartRequest(nsIRequest* request,
// 1. file URL may be encoded in platform charset for backward compatibility
// 2. query part may not be encoded in UTF-8 (see bug 261929)
// so try the platform's default if this is file url
if (NS_FAILED(rv) && isSchemeFile && !NS_IsNativeUTF8()) {
if (NS_FAILED(rv) && uri->SchemeIs("file") && !NS_IsNativeUTF8()) {
auto encoding = mozilla::dom::FallbackEncoding::FromLocale();
nsAutoCString charset;
encoding->Name(charset);
@ -552,7 +545,7 @@ nsresult nsIndexedToHTML::DoOnStartRequest(nsIRequest* request,
// will prematurely close the string. Go ahead an
// add a base href, but only do so if we're not
// dealing with a resource URI.
if (!isResource) {
if (!uri->SchemeIs("resource")) {
buffer.AppendLiteral("<base href=\"");
nsAppendEscapedHTML(baseUri, buffer);
buffer.AppendLiteral("\" />\n");
@ -584,7 +577,7 @@ nsresult nsIndexedToHTML::DoOnStartRequest(nsIRequest* request,
buffer.AppendLiteral("</a></p>\n");
}
if (isSchemeFile) {
if (uri->SchemeIs("file")) {
nsAutoString showHiddenText;
rv = mBundle->GetStringFromName("ShowHidden", showHiddenText);
if (NS_FAILED(rv)) return rv;

7
netwerk/streamconv/converters/nsUnknownDecoder.cpp
Просмотреть файл

@ -365,12 +365,7 @@ bool nsUnknownDecoder::AllowSniffing(nsIRequest* aRequest) {
return false;
}
bool isLocalFile = false;
if (NS_FAILED(uri->SchemeIs("file", &isLocalFile)) || isLocalFile) {
return false;
}
return true;
return !uri->SchemeIs("file");
}
/**

7
netwerk/url-classifier/nsChannelClassifier.cpp
Просмотреть файл

@ -163,10 +163,9 @@ nsresult nsChannelClassifier::StartInternal() {
NS_ENSURE_SUCCESS(rv, rv);
// Don't bother checking certain types of URIs.
bool isAbout = false;
rv = uri->SchemeIs("about", &isAbout);
NS_ENSURE_SUCCESS(rv, rv);
if (isAbout) return NS_ERROR_UNEXPECTED;
if (uri->SchemeIs("about")) {
return NS_ERROR_UNEXPECTED;
}
bool hasFlags;
rv = NS_URIChainHasFlags(uri, nsIProtocolHandler::URI_DANGEROUS_TO_LOAD,