From e8ba0890cc301b88e1bcbb7a24f6af81d5006469 Mon Sep 17 00:00:00 2001 From: Junior Hsu Date: Fri, 14 Jun 2019 21:10:41 +0000 Subject: [PATCH] Bug 1504085 - P1 refactor ReferrerInfo for reuse referrer-policy algorithm r=tnguyen Differential Revision: https://phabricator.services.mozilla.com/D34453 --HG-- extra : moz-landing-system : lando --- dom/security/ReferrerInfo.cpp | 22 ++++++++++++++-------- dom/security/ReferrerInfo.h | 28 +++++++++++++++------------- 2 files changed, 29 insertions(+), 21 deletions(-) diff --git a/dom/security/ReferrerInfo.cpp b/dom/security/ReferrerInfo.cpp index 2955627abb30..665b950dc0a3 100644 --- a/dom/security/ReferrerInfo.cpp +++ b/dom/security/ReferrerInfo.cpp @@ -208,13 +208,17 @@ bool ReferrerInfo::ShouldResponseInheritReferrerInfo(nsIChannel* aChannel) { return aboutSpec.EqualsLiteral("about:srcdoc"); } -nsresult ReferrerInfo::HandleSecureToInsecureReferral(nsIURI* aURI, - bool& aAllowed) const { +/* static */ +nsresult ReferrerInfo::HandleSecureToInsecureReferral(nsIURI* aOriginalURI, + nsIURI* aURI, + uint32_t aPolicy, + bool& aAllowed) { + NS_ENSURE_ARG(aOriginalURI); NS_ENSURE_ARG(aURI); aAllowed = false; bool referrerIsHttpsScheme; - nsresult rv = mOriginalReferrer->SchemeIs("https", &referrerIsHttpsScheme); + nsresult rv = aOriginalURI->SchemeIs("https", &referrerIsHttpsScheme); if (NS_WARN_IF(NS_FAILED(rv))) { return rv; } @@ -234,9 +238,9 @@ nsresult ReferrerInfo::HandleSecureToInsecureReferral(nsIURI* aURI, // policy is "unsafe-url", "origin", or "origin-when-cross-origin". // in other referrer policies, https->http is not allowed... - if (mPolicy != nsIHttpChannel::REFERRER_POLICY_UNSAFE_URL && - mPolicy != nsIHttpChannel::REFERRER_POLICY_ORIGIN_WHEN_XORIGIN && - mPolicy != nsIHttpChannel::REFERRER_POLICY_ORIGIN && !uriIsHttpsScheme) { + if (aPolicy != nsIHttpChannel::REFERRER_POLICY_UNSAFE_URL && + aPolicy != nsIHttpChannel::REFERRER_POLICY_ORIGIN_WHEN_XORIGIN && + aPolicy != nsIHttpChannel::REFERRER_POLICY_ORIGIN && !uriIsHttpsScheme) { return NS_OK; } @@ -357,7 +361,8 @@ nsresult ReferrerInfo::HandleUserReferrerSendingPolicy(nsIHttpChannel* aChannel, return NS_OK; } -bool ReferrerInfo::IsCrossOriginRequest(nsIHttpChannel* aChannel) const { +/* static */ +bool ReferrerInfo::IsCrossOriginRequest(nsIHttpChannel* aChannel) { nsCOMPtr loadInfo = aChannel->LoadInfo(); nsCOMPtr triggeringURI; @@ -789,7 +794,8 @@ nsresult ReferrerInfo::ComputeReferrer(nsIHttpChannel* aChannel) { } bool isSecureToInsecureAllowed = false; - rv = HandleSecureToInsecureReferral(uri, isSecureToInsecureAllowed); + rv = HandleSecureToInsecureReferral(mOriginalReferrer, uri, mPolicy, + isSecureToInsecureAllowed); if (NS_WARN_IF(NS_FAILED(rv))) { return rv; } diff --git a/dom/security/ReferrerInfo.h b/dom/security/ReferrerInfo.h index f14e565ff54a..fd29a98668cd 100644 --- a/dom/security/ReferrerInfo.h +++ b/dom/security/ReferrerInfo.h @@ -102,6 +102,21 @@ class ReferrerInfo : public nsIReferrerInfo { */ static bool HideOnionReferrerSource(); + /* + * Check whether referrer is allowed to send in secure to insecure scenario. + */ + static nsresult HandleSecureToInsecureReferral(nsIURI* aOriginalURI, + nsIURI* aURI, uint32_t aPolicy, + bool& aAllowed); + + /** + * Returns true if the given channel is cross-origin request + * + * Computing whether the request is cross-origin may be expensive, so please + * do that in cases where we're going to use this information later on. + */ + static bool IsCrossOriginRequest(nsIHttpChannel* aChannel); + /** * Return default referrer policy which is controlled by user * prefs: @@ -180,19 +195,6 @@ class ReferrerInfo : public nsIReferrerInfo { */ bool HasRelNoReferrer(nsINode* aNode) const; - /** - * Returns true if the given channel is cross-origin request - * - * Computing whether the request is cross-origin may be expensive, so please - * do that in cases where we're going to use this information later on. - */ - bool IsCrossOriginRequest(nsIHttpChannel* aChannel) const; - - /* - * Check whether referrer is allowed to send in secure to insecure scenario. - */ - nsresult HandleSecureToInsecureReferral(nsIURI* aURI, bool& aAllowed) const; - /* * Handle user controlled pref network.http.referer.XOriginPolicy */