mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1504085 - P1 refactor ReferrerInfo for reuse referrer-policy algorithm r=tnguyen 

Differential Revision: https://phabricator.services.mozilla.com/D34453

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Junior Hsu 2019-06-14 21:10:41 +00:00
Родитель 421936227c
Коммит e8ba0890cc
2 изменённых файлов: 29 добавлений и 21 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

22
dom/security/ReferrerInfo.cpp
Просмотреть файл

@ -208,13 +208,17 @@ bool ReferrerInfo::ShouldResponseInheritReferrerInfo(nsIChannel* aChannel) {
return aboutSpec.EqualsLiteral("about:srcdoc");
}
nsresult ReferrerInfo::HandleSecureToInsecureReferral(nsIURI* aURI,
bool& aAllowed) const {
/* static */
nsresult ReferrerInfo::HandleSecureToInsecureReferral(nsIURI* aOriginalURI,
nsIURI* aURI,
uint32_t aPolicy,
bool& aAllowed) {
NS_ENSURE_ARG(aOriginalURI);
NS_ENSURE_ARG(aURI);
aAllowed = false;
bool referrerIsHttpsScheme;
nsresult rv = mOriginalReferrer->SchemeIs("https", &referrerIsHttpsScheme);
nsresult rv = aOriginalURI->SchemeIs("https", &referrerIsHttpsScheme);
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}
@ -234,9 +238,9 @@ nsresult ReferrerInfo::HandleSecureToInsecureReferral(nsIURI* aURI,
// policy is "unsafe-url", "origin", or "origin-when-cross-origin".
// in other referrer policies, https->http is not allowed...
if (mPolicy != nsIHttpChannel::REFERRER_POLICY_UNSAFE_URL &&
mPolicy != nsIHttpChannel::REFERRER_POLICY_ORIGIN_WHEN_XORIGIN &&
mPolicy != nsIHttpChannel::REFERRER_POLICY_ORIGIN && !uriIsHttpsScheme) {
if (aPolicy != nsIHttpChannel::REFERRER_POLICY_UNSAFE_URL &&
aPolicy != nsIHttpChannel::REFERRER_POLICY_ORIGIN_WHEN_XORIGIN &&
aPolicy != nsIHttpChannel::REFERRER_POLICY_ORIGIN && !uriIsHttpsScheme) {
return NS_OK;
}
@ -357,7 +361,8 @@ nsresult ReferrerInfo::HandleUserReferrerSendingPolicy(nsIHttpChannel* aChannel,
return NS_OK;
}
bool ReferrerInfo::IsCrossOriginRequest(nsIHttpChannel* aChannel) const {
/* static */
bool ReferrerInfo::IsCrossOriginRequest(nsIHttpChannel* aChannel) {
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
nsCOMPtr<nsIURI> triggeringURI;
@ -789,7 +794,8 @@ nsresult ReferrerInfo::ComputeReferrer(nsIHttpChannel* aChannel) {
}
bool isSecureToInsecureAllowed = false;
rv = HandleSecureToInsecureReferral(uri, isSecureToInsecureAllowed);
rv = HandleSecureToInsecureReferral(mOriginalReferrer, uri, mPolicy,
isSecureToInsecureAllowed);
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}

28
dom/security/ReferrerInfo.h
Просмотреть файл

@ -102,6 +102,21 @@ class ReferrerInfo : public nsIReferrerInfo {
*/
static bool HideOnionReferrerSource();
/*
* Check whether referrer is allowed to send in secure to insecure scenario.
*/
static nsresult HandleSecureToInsecureReferral(nsIURI* aOriginalURI,
nsIURI* aURI, uint32_t aPolicy,
bool& aAllowed);
/**
* Returns true if the given channel is cross-origin request
*
* Computing whether the request is cross-origin may be expensive, so please
* do that in cases where we're going to use this information later on.
*/
static bool IsCrossOriginRequest(nsIHttpChannel* aChannel);
/**
* Return default referrer policy which is controlled by user
* prefs:
@ -180,19 +195,6 @@ class ReferrerInfo : public nsIReferrerInfo {
*/
bool HasRelNoReferrer(nsINode* aNode) const;
/**
* Returns true if the given channel is cross-origin request
*
* Computing whether the request is cross-origin may be expensive, so please
* do that in cases where we're going to use this information later on.
*/
bool IsCrossOriginRequest(nsIHttpChannel* aChannel) const;
/*
* Check whether referrer is allowed to send in secure to insecure scenario.
*/
nsresult HandleSecureToInsecureReferral(nsIURI* aURI, bool& aAllowed) const;
/*
* Handle user controlled pref network.http.referer.XOriginPolicy
*/