Bug 1660822 - Add isLocalIpAdress to nsIPrincipal r=ckerschb

Differential Revision: https://phabricator.services.mozilla.com/D82919

caps/BasePrincipal.cpp

@@ -877,6 +877,26 @@ NS_IMETHODIMP BasePrincipal::GetIsIpAddress(bool* aIsIpAddress) {
   return NS_OK;
 }
 
+NS_IMETHODIMP BasePrincipal::GetIsLocalIpAddress(bool* aIsIpAddress) {
+  *aIsIpAddress = false;
+
+  nsCOMPtr<nsIURI> prinURI;
+  nsresult rv = GetURI(getter_AddRefs(prinURI));
+  if (NS_FAILED(rv) || !prinURI) {
+    return NS_OK;
+  }
+
+  nsCOMPtr<nsIIOService> ioService = do_GetIOService(&rv);
+  if (NS_FAILED(rv) || !ioService) {
+    return NS_OK;
+  }
+  rv = ioService->HostnameIsLocalIPAddress(prinURI, aIsIpAddress);
+  if (NS_FAILED(rv)) {
+    *aIsIpAddress = false;
+  }
+  return NS_OK;
+}
+
 NS_IMETHODIMP
 BasePrincipal::GetScheme(nsACString& aScheme) {
   aScheme.Truncate();

caps/BasePrincipal.h

@@ -140,6 +140,7 @@ class BasePrincipal : public nsJSPrincipals {
   NS_IMETHOD GetFilePath(nsACString& aResult) override;
   NS_IMETHOD GetOriginSuffix(nsACString& aOriginSuffix) final;
   NS_IMETHOD GetIsIpAddress(bool* aIsIpAddress) override;
+  NS_IMETHOD GetIsLocalIpAddress(bool* aIsIpAddress) override;
   NS_IMETHOD GetIsOnion(bool* aIsOnion) override;
   NS_IMETHOD GetIsInIsolatedMozBrowserElement(
       bool* aIsInIsolatedMozBrowserElement) final;

caps/nsIPrincipal.idl

@@ -533,6 +533,12 @@ interface nsIPrincipal : nsISerializable
      * Returns if the principal is for an IP address.
      */
     [infallible] readonly attribute boolean isIpAddress;
+
+    /**
+     * Returns if the principal is for a local IP address.
+     */
+    [infallible] readonly attribute boolean isLocalIpAddress;
+
 };
 
 /**

toolkit/components/passwordmgr/InsecurePasswordUtils.jsm

@@ -118,22 +118,17 @@ this.InsecurePasswordUtils = {
   },
 
   _isPrincipalForLocalIPAddress(aPrincipal) {
-    try {
-      let uri = aPrincipal.URI;
-      if (Services.io.hostnameIsLocalIPAddress(uri)) {
-        log.debug("hasInsecureLoginForms: detected local IP address:", uri);
-        return true;
-      }
-    } catch (e) {
+    let res = aPrincipal.isLocalIpAddress;
+    if (res) {
       log.debug(
-        "hasInsecureLoginForms: unable to check for local IP address:",
-        e
+        "hasInsecureLoginForms: detected local IP address:",
+        aPrincipal.asciispec
       );
     }
-    return false;
+    return res;
   },
 
-  /**
+  /**s
    * Checks if there are insecure password fields present on the form's document
    * i.e. passwords inside forms with http action, inside iframes with http src,
    * or on insecure web pages.