зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1630372 - remove geturi in nsNetUtil.cpp r=ckerschb,necko-reviewers,valentin
Differential Revision: https://phabricator.services.mozilla.com/D71091
This commit is contained in:
Sebastian Streich
Родитель
61bd7eec68
Коммит
f5124517c8
|
|
@ -479,6 +479,18 @@ BasePrincipal::IsThirdPartyPrincipal(nsIPrincipal* aPrin, bool* aRes) {
|
|||
}
|
||||
return aPrin->IsThirdPartyURI(prinURI, aRes);
|
||||
}
|
||||
NS_IMETHODIMP
|
||||
BasePrincipal::IsThirdPartyChannel(nsIChannel* aChan, bool* aRes) {
|
||||
*aRes = true;
|
||||
nsCOMPtr<nsIURI> prinURI;
|
||||
nsresult rv = GetURI(getter_AddRefs(prinURI));
|
||||
if (NS_FAILED(rv) || !prinURI) {
|
||||
return NS_OK;
|
||||
}
|
||||
ThirdPartyUtil* thirdPartyUtil = ThirdPartyUtil::GetInstance();
|
||||
|
||||
return thirdPartyUtil->IsThirdPartyChannel(aChan, prinURI, aRes);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
BasePrincipal::IsSameOrigin(nsIURI* aURI, bool aIsPrivateWin, bool* aRes) {
|
||||
|
|
|
|||
|
|
@ -144,6 +144,7 @@ class BasePrincipal : public nsJSPrincipals {
|
|||
NS_IMETHOD GetSiteOrigin(nsACString& aOrigin) override;
|
||||
NS_IMETHOD IsThirdPartyURI(nsIURI* uri, bool* aRes) override;
|
||||
NS_IMETHOD IsThirdPartyPrincipal(nsIPrincipal* uri, bool* aRes) override;
|
||||
NS_IMETHOD IsThirdPartyChannel(nsIChannel* aChannel, bool* aRes) override;
|
||||
NS_IMETHOD GetIsOriginPotentiallyTrustworthy(bool* aResult) override;
|
||||
NS_IMETHOD IsSameOrigin(nsIURI* aURI, bool aIsPrivateWin,
|
||||
bool* aRes) override;
|
||||
|
|
|
|||
|
|
@ -9,6 +9,8 @@
|
|||
#include "nsISerializable.idl"
|
||||
#include "nsIAboutModule.idl"
|
||||
#include "nsIReferrerInfo.idl"
|
||||
interface nsIChannel;
|
||||
|
||||
|
||||
%{C++
|
||||
struct JSPrincipals;
|
||||
|
|
@ -165,7 +167,7 @@ interface nsIPrincipal : nsISerializable
|
|||
in unsigned long long innerWindowID);
|
||||
|
||||
/**
|
||||
* Checks if the provided URI is concidered third-party to the
|
||||
* Checks if the provided URI is considered third-party to the
|
||||
* URI of the principal.
|
||||
* Returns true if the URI is third-party.
|
||||
*
|
||||
|
|
@ -174,7 +176,7 @@ interface nsIPrincipal : nsISerializable
|
|||
boolean isThirdPartyURI(in nsIURI uri);
|
||||
|
||||
/**
|
||||
* Checks if the provided principal is concidered third-party to the
|
||||
* Checks if the provided principal is considered third-party to the
|
||||
* URI of the Principal.
|
||||
* Returns true if the principal is third-party.
|
||||
*
|
||||
|
|
@ -182,6 +184,16 @@ interface nsIPrincipal : nsISerializable
|
|||
*/
|
||||
boolean isThirdPartyPrincipal(in nsIPrincipal principal);
|
||||
|
||||
/**
|
||||
* Checks if the provided channel is considered third-party to the
|
||||
* URI of the principal.
|
||||
* Returns true if the channel is third-party.
|
||||
* Returns false if the Principal is a System Principal
|
||||
*
|
||||
* @param channel - The Channel to check
|
||||
*/
|
||||
boolean isThirdPartyChannel(in nsIChannel channel);
|
||||
|
||||
/**
|
||||
* A dictionary of the non-default origin attributes associated with this
|
||||
* nsIPrincipal.
|
||||
|
|
|
|||
|
|
@ -2035,7 +2035,8 @@ bool NS_HasBeenCrossOrigin(nsIChannel* aChannel, bool aReport) {
|
|||
}
|
||||
|
||||
nsCOMPtr<nsIURI> uri;
|
||||
principal->GetURI(getter_AddRefs(uri));
|
||||
auto* basePrin = BasePrincipal::Cast(principal);
|
||||
basePrin->GetURI(getter_AddRefs(uri));
|
||||
if (!uri) {
|
||||
return true;
|
||||
}
|
||||
|
|
@ -2114,28 +2115,30 @@ bool NS_IsSameSiteForeign(nsIChannel* aChannel, nsIURI* aHostURI) {
|
|||
return false;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIURI> uri;
|
||||
bool isForeign = true;
|
||||
nsresult rv;
|
||||
if (loadInfo->GetExternalContentPolicyType() ==
|
||||
nsIContentPolicy::TYPE_DOCUMENT) {
|
||||
// for loads of TYPE_DOCUMENT we query the hostURI from the
|
||||
// triggeringPrincipal which returns the URI of the document that caused the
|
||||
// navigation.
|
||||
loadInfo->TriggeringPrincipal()->GetURI(getter_AddRefs(uri));
|
||||
rv = loadInfo->TriggeringPrincipal()->IsThirdPartyChannel(aChannel,
|
||||
&isForeign);
|
||||
if (NS_FAILED(rv)) {
|
||||
return true;
|
||||
}
|
||||
} else {
|
||||
uri = aHostURI;
|
||||
nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil =
|
||||
do_GetService(THIRDPARTYUTIL_CONTRACTID);
|
||||
if (!thirdPartyUtil) {
|
||||
return true;
|
||||
}
|
||||
thirdPartyUtil->IsThirdPartyChannel(aChannel, aHostURI, &isForeign);
|
||||
}
|
||||
|
||||
nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil =
|
||||
do_GetService(THIRDPARTYUTIL_CONTRACTID);
|
||||
if (!thirdPartyUtil) {
|
||||
return false;
|
||||
}
|
||||
|
||||
bool isForeign = true;
|
||||
nsresult rv = thirdPartyUtil->IsThirdPartyChannel(aChannel, uri, &isForeign);
|
||||
// if we are dealing with a cross origin request, we can return here
|
||||
// because we already know the request is 'foreign'.
|
||||
if (NS_FAILED(rv) || isForeign) {
|
||||
if (isForeign) {
|
||||
return true;
|
||||
}
|
||||
|
||||
|
|
@ -2146,11 +2149,8 @@ bool NS_IsSameSiteForeign(nsIChannel* aChannel, nsIURI* aHostURI) {
|
|||
// foreign.
|
||||
if (loadInfo->GetExternalContentPolicyType() ==
|
||||
nsIContentPolicy::TYPE_SUBDOCUMENT) {
|
||||
nsCOMPtr<nsIURI> triggeringPrincipalURI;
|
||||
loadInfo->TriggeringPrincipal()->GetURI(
|
||||
getter_AddRefs(triggeringPrincipalURI));
|
||||
rv = thirdPartyUtil->IsThirdPartyChannel(aChannel, triggeringPrincipalURI,
|
||||
&isForeign);
|
||||
rv = loadInfo->TriggeringPrincipal()->IsThirdPartyChannel(aChannel,
|
||||
&isForeign);
|
||||
if (NS_FAILED(rv) || isForeign) {
|
||||
return true;
|
||||
}
|
||||
|
|
@ -2161,13 +2161,10 @@ bool NS_IsSameSiteForeign(nsIChannel* aChannel, nsIURI* aHostURI) {
|
|||
// with regards to CSRF.
|
||||
|
||||
nsCOMPtr<nsIPrincipal> redirectPrincipal;
|
||||
nsCOMPtr<nsIURI> redirectURI;
|
||||
for (nsIRedirectHistoryEntry* entry : loadInfo->RedirectChain()) {
|
||||
entry->GetPrincipal(getter_AddRefs(redirectPrincipal));
|
||||
if (redirectPrincipal) {
|
||||
redirectPrincipal->GetURI(getter_AddRefs(redirectURI));
|
||||
rv = thirdPartyUtil->IsThirdPartyChannel(aChannel, redirectURI,
|
||||
&isForeign);
|
||||
rv = redirectPrincipal->IsThirdPartyChannel(aChannel, &isForeign);
|
||||
// if at any point we encounter a cross-origin redirect we can return.
|
||||
if (NS_FAILED(rv) || isForeign) {
|
||||
return true;
|
||||
|
|
@ -2409,7 +2406,8 @@ bool NS_SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI,
|
|||
if (BlobURLProtocolHandler::GetBlobURLPrincipal(
|
||||
sourceBaseURI, getter_AddRefs(sourceBlobPrincipal))) {
|
||||
nsCOMPtr<nsIURI> sourceBlobOwnerURI;
|
||||
rv = sourceBlobPrincipal->GetURI(getter_AddRefs(sourceBlobOwnerURI));
|
||||
auto* basePrin = BasePrincipal::Cast(sourceBlobPrincipal);
|
||||
rv = basePrin->GetURI(getter_AddRefs(sourceBlobOwnerURI));
|
||||
if (NS_SUCCEEDED(rv)) {
|
||||
sourceBaseURI = sourceBlobOwnerURI;
|
||||
}
|
||||
|
|
@ -2419,7 +2417,8 @@ bool NS_SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI,
|
|||
if (BlobURLProtocolHandler::GetBlobURLPrincipal(
|
||||
targetBaseURI, getter_AddRefs(targetBlobPrincipal))) {
|
||||
nsCOMPtr<nsIURI> targetBlobOwnerURI;
|
||||
rv = targetBlobPrincipal->GetURI(getter_AddRefs(targetBlobOwnerURI));
|
||||
auto* basePrin = BasePrincipal::Cast(targetBlobPrincipal);
|
||||
rv = basePrin->GetURI(getter_AddRefs(targetBlobOwnerURI));
|
||||
if (NS_SUCCEEDED(rv)) {
|
||||
targetBaseURI = targetBlobOwnerURI;
|
||||
}
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче