зеркало из https://github.com/mozilla/pjs.git
Bug 536301 - e10s HTTPS: securityInfo. r=jduell, sr=kaie
This commit is contained in:
Honza Bambas
Родитель
f3834d184d
Коммит
a232312c25
|
|
@ -83,6 +83,7 @@ LOCAL_INCLUDES += \
|
|||
-I$(srcdir)/../src/geolocation \
|
||||
-I$(topsrcdir)/chrome/src \
|
||||
-I$(topsrcdir)/uriloader/exthandler \
|
||||
-I$(srcdir)/../../netwerk/base/src \
|
||||
$(NULL)
|
||||
|
||||
CXXFLAGS += $(TK_CFLAGS)
|
||||
|
|
|
|||
|
|
@ -91,7 +91,10 @@ parent:
|
|||
NotifyStatusChange(nsresult status,
|
||||
nsString message);
|
||||
|
||||
NotifySecurityChange(PRUint32 aState);
|
||||
NotifySecurityChange(PRUint32 aState,
|
||||
PRBool aUseSSLStatusObject,
|
||||
nsString aTooltip,
|
||||
nsCString aSecInfoAsString);
|
||||
|
||||
sync RefreshAttempted(nsCString uri, PRInt32 millis,
|
||||
bool sameURI) returns (bool retval);
|
||||
|
|
|
|||
|
|
@ -46,6 +46,8 @@
|
|||
#include "nsComponentManagerUtils.h"
|
||||
#include "nsIBaseWindow.h"
|
||||
#include "nsIDOMWindow.h"
|
||||
#include "nsIWebProgress.h"
|
||||
#include "nsIDocShell.h"
|
||||
#include "nsIDocShellTreeItem.h"
|
||||
#include "nsThreadUtils.h"
|
||||
#include "nsIInterfaceRequestorUtils.h"
|
||||
|
|
@ -78,6 +80,9 @@
|
|||
#include "nsIDOMDocument.h"
|
||||
#include "nsIScriptGlobalObject.h"
|
||||
#include "nsWeakReference.h"
|
||||
#include "nsISecureBrowserUI.h"
|
||||
#include "nsISSLStatusProvider.h"
|
||||
#include "nsSerializationHelper.h"
|
||||
|
||||
#ifdef MOZ_WIDGET_QT
|
||||
#include <QX11EmbedWidget>
|
||||
|
|
@ -552,7 +557,56 @@ TabChild::OnSecurityChange(nsIWebProgress *aWebProgress,
|
|||
nsIRequest *aRequest,
|
||||
PRUint32 aState)
|
||||
{
|
||||
SendNotifySecurityChange(aState);
|
||||
nsCString secInfoAsString;
|
||||
if (aState & nsIWebProgressListener::STATE_IS_SECURE) {
|
||||
nsCOMPtr<nsIChannel> channel = do_QueryInterface(aRequest);
|
||||
if (channel) {
|
||||
nsCOMPtr<nsISupports> secInfoSupports;
|
||||
channel->GetSecurityInfo(getter_AddRefs(secInfoSupports));
|
||||
|
||||
nsCOMPtr<nsISerializable> secInfoSerializable =
|
||||
do_QueryInterface(secInfoSupports);
|
||||
NS_SerializeToString(secInfoSerializable, secInfoAsString);
|
||||
}
|
||||
}
|
||||
|
||||
PRBool useSSLStatusObject = PR_FALSE;
|
||||
nsAutoString securityTooltip;
|
||||
nsCOMPtr<nsIDocShell> docShell = do_QueryInterface(aWebProgress);
|
||||
if (docShell) {
|
||||
nsCOMPtr<nsISecureBrowserUI> secureUI;
|
||||
docShell->GetSecurityUI(getter_AddRefs(secureUI));
|
||||
if (secureUI) {
|
||||
secureUI->GetTooltipText(securityTooltip);
|
||||
nsCOMPtr<nsISupports> supports;
|
||||
nsCOMPtr<nsISSLStatusProvider> provider = do_QueryInterface(secureUI);
|
||||
nsresult rv = provider->GetSSLStatus(getter_AddRefs(supports));
|
||||
if (NS_SUCCEEDED(rv) && supports) {
|
||||
/*
|
||||
* useSSLStatusObject: Security UI internally holds 4 states: secure, mixed,
|
||||
* broken, no security. In cases of secure, mixed and broken it holds reference
|
||||
* to a valid SSL status object. But, in case of the 'broken' state it doesn't
|
||||
* return the SSL status object (returns null), in contrary to the 'mixed' state
|
||||
* for which it returns.
|
||||
*
|
||||
* However, mixed and broken states are both reported to the upper level
|
||||
* as nsIWebProgressListener::STATE_IS_BROKEN, i.e. states are merged,
|
||||
* so we cannot determine, if to return the status object or not.
|
||||
*
|
||||
* TabParent is extracting the SSL status object from the security info
|
||||
* serialization (string). SSL status object is always present there
|
||||
* even security UI implementation doesn't present it. This argument
|
||||
* tells the parent if the SSL status object is being presented by
|
||||
* the security UI here, on the child process, and so if it has to be
|
||||
* presented also on the parent process.
|
||||
*/
|
||||
useSSLStatusObject = PR_TRUE;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
SendNotifySecurityChange(aState, useSSLStatusObject, securityTooltip,
|
||||
secInfoAsString);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -52,6 +52,7 @@
|
|||
#include "nsIDOMEventTarget.h"
|
||||
#include "nsIWindowWatcher.h"
|
||||
#include "nsIDOMWindow.h"
|
||||
#include "nsIIdentityInfo.h"
|
||||
#include "nsPIDOMWindow.h"
|
||||
#include "TabChild.h"
|
||||
#include "nsIDOMEvent.h"
|
||||
|
|
@ -65,9 +66,9 @@
|
|||
#include "nsIDOMNSHTMLFrameElement.h"
|
||||
#include "nsIDialogCreator.h"
|
||||
#include "nsThreadUtils.h"
|
||||
#include "nsSerializationHelper.h"
|
||||
#include "nsIPromptFactory.h"
|
||||
#include "nsIContent.h"
|
||||
|
||||
#include "mozilla/unused.h"
|
||||
|
||||
using mozilla::ipc::DocumentRendererParent;
|
||||
|
|
@ -82,9 +83,10 @@ using mozilla::dom::ContentParent;
|
|||
namespace mozilla {
|
||||
namespace dom {
|
||||
|
||||
NS_IMPL_ISUPPORTS3(TabParent, nsITabParent, nsIWebProgress, nsIAuthPromptProvider)
|
||||
NS_IMPL_ISUPPORTS5(TabParent, nsITabParent, nsIWebProgress, nsIAuthPromptProvider, nsISSLStatusProvider, nsISecureBrowserUI)
|
||||
|
||||
TabParent::TabParent()
|
||||
: mSecurityState(nsIWebProgressListener::STATE_IS_INSECURE)
|
||||
{
|
||||
}
|
||||
|
||||
|
|
@ -283,7 +285,10 @@ TabParent::RecvNotifyStatusChange(const nsresult& status,
|
|||
}
|
||||
|
||||
bool
|
||||
TabParent::RecvNotifySecurityChange(const PRUint32& aState)
|
||||
TabParent::RecvNotifySecurityChange(const PRUint32& aState,
|
||||
const PRBool& aUseSSLStatusObject,
|
||||
const nsString& aTooltip,
|
||||
const nsCString& aSecInfoAsString)
|
||||
{
|
||||
/*
|
||||
* First notify any listeners of the new state info...
|
||||
|
|
@ -292,6 +297,32 @@ TabParent::RecvNotifySecurityChange(const PRUint32& aState)
|
|||
* get removed from the list it won't affect our iteration
|
||||
*/
|
||||
|
||||
mSecurityState = aState;
|
||||
mSecurityTooltipText = aTooltip;
|
||||
|
||||
if (!aSecInfoAsString.IsEmpty()) {
|
||||
nsCOMPtr<nsISupports> secInfoSupports;
|
||||
nsresult rv = NS_DeserializeObject(aSecInfoAsString, getter_AddRefs(secInfoSupports));
|
||||
|
||||
if (NS_SUCCEEDED(rv)) {
|
||||
nsCOMPtr<nsIIdentityInfo> idInfo = do_QueryInterface(secInfoSupports);
|
||||
if (idInfo) {
|
||||
PRBool isEV;
|
||||
if (NS_SUCCEEDED(idInfo->GetIsExtendedValidation(&isEV)) && isEV)
|
||||
mSecurityState |= nsIWebProgressListener::STATE_IDENTITY_EV_TOPLEVEL;
|
||||
}
|
||||
}
|
||||
|
||||
mSecurityStatusObject = nsnull;
|
||||
if (aUseSSLStatusObject)
|
||||
{
|
||||
nsCOMPtr<nsISSLStatusProvider> sslStatusProvider =
|
||||
do_QueryInterface(secInfoSupports);
|
||||
if (sslStatusProvider)
|
||||
sslStatusProvider->GetSSLStatus(getter_AddRefs(mSecurityStatusObject));
|
||||
}
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIWebProgressListener> listener;
|
||||
PRUint32 count = mListenerInfoList.Length();
|
||||
|
||||
|
|
@ -308,7 +339,7 @@ TabParent::RecvNotifySecurityChange(const PRUint32& aState)
|
|||
continue;
|
||||
}
|
||||
|
||||
listener->OnSecurityChange(this, nsnull, aState);
|
||||
listener->OnSecurityChange(this, nsnull, mSecurityState);
|
||||
}
|
||||
|
||||
return true;
|
||||
|
|
@ -411,6 +442,35 @@ TabParent::Activate()
|
|||
unused << SendActivate();
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
TabParent::Init(nsIDOMWindow *window)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
TabParent::GetState(PRUint32 *aState)
|
||||
{
|
||||
NS_ENSURE_ARG(aState);
|
||||
*aState = mSecurityState;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
TabParent::GetTooltipText(nsAString & aTooltipText)
|
||||
{
|
||||
aTooltipText = mSecurityTooltipText;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
TabParent::GetSSLStatus(nsISupports ** aStatus)
|
||||
{
|
||||
NS_IF_ADDREF(*aStatus = mSecurityStatusObject);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
||||
mozilla::ipc::PDocumentRendererParent*
|
||||
TabParent::AllocPDocumentRenderer(const PRInt32& x,
|
||||
const PRInt32& y, const PRInt32& w, const PRInt32& h, const nsString& bgcolor,
|
||||
|
|
|
|||
|
|
@ -52,6 +52,8 @@
|
|||
#include "nsWeakReference.h"
|
||||
#include "nsIDialogParamBlock.h"
|
||||
#include "nsIAuthPromptProvider.h"
|
||||
#include "nsISSLStatusProvider.h"
|
||||
#include "nsISecureBrowserUI.h"
|
||||
|
||||
class nsFrameLoader;
|
||||
class nsIURI;
|
||||
|
|
@ -92,6 +94,8 @@ class TabParent : public PBrowserParent
|
|||
, public nsITabParent
|
||||
, public nsIWebProgress
|
||||
, public nsIAuthPromptProvider
|
||||
, public nsISecureBrowserUI
|
||||
, public nsISSLStatusProvider
|
||||
{
|
||||
public:
|
||||
TabParent();
|
||||
|
|
@ -112,7 +116,11 @@ public:
|
|||
virtual bool RecvNotifyLocationChange(const nsCString& aUri);
|
||||
virtual bool RecvNotifyStatusChange(const nsresult& status,
|
||||
const nsString& message);
|
||||
virtual bool RecvNotifySecurityChange(const PRUint32& aState);
|
||||
virtual bool RecvNotifySecurityChange(const PRUint32& aState,
|
||||
const PRBool& aUseSSLStatusObject,
|
||||
const nsString& aTooltip,
|
||||
const nsCString& aSecInfoAsString);
|
||||
|
||||
virtual bool RecvRefreshAttempted(const nsCString& aURI,
|
||||
const PRInt32& aMillis,
|
||||
const bool& aSameURI,
|
||||
|
|
@ -188,6 +196,8 @@ public:
|
|||
NS_DECL_ISUPPORTS
|
||||
NS_DECL_NSIWEBPROGRESS
|
||||
NS_DECL_NSIAUTHPROMPTPROVIDER
|
||||
NS_DECL_NSISECUREBROWSERUI
|
||||
NS_DECL_NSISSLSTATUSPROVIDER
|
||||
|
||||
void HandleDelayedDialogs();
|
||||
protected:
|
||||
|
|
@ -224,6 +234,10 @@ protected:
|
|||
|
||||
PRBool ShouldDelayDialogs();
|
||||
|
||||
PRUint32 mSecurityState;
|
||||
nsString mSecurityTooltipText;
|
||||
nsCOMPtr<nsISupports> mSecurityStatusObject;
|
||||
|
||||
private:
|
||||
already_AddRefed<nsFrameLoader> GetFrameLoader() const;
|
||||
};
|
||||
|
|
|
|||
|
|
@ -49,6 +49,7 @@
|
|||
#include "nsHttpHandler.h"
|
||||
#include "nsMimeTypes.h"
|
||||
#include "nsNetUtil.h"
|
||||
#include "nsSerializationHelper.h"
|
||||
|
||||
namespace mozilla {
|
||||
namespace net {
|
||||
|
|
@ -91,6 +92,7 @@ HttpChannelChild::HttpChannelChild()
|
|||
, mSendResumeAt(false)
|
||||
, mSuspendCount(0)
|
||||
, mIPCOpen(false)
|
||||
, mKeptAlive(false)
|
||||
, mQueuePhase(PHASE_UNQUEUED)
|
||||
{
|
||||
LOG(("Creating HttpChannelChild @%x\n", this));
|
||||
|
|
@ -107,7 +109,29 @@ HttpChannelChild::~HttpChannelChild()
|
|||
|
||||
// Override nsHashPropertyBag's AddRef: we don't need thread-safe refcnt
|
||||
NS_IMPL_ADDREF(HttpChannelChild)
|
||||
NS_IMPL_RELEASE(HttpChannelChild)
|
||||
|
||||
NS_IMETHODIMP_(nsrefcnt) HttpChannelChild::Release()
|
||||
{
|
||||
NS_PRECONDITION(0 != mRefCnt, "dup release");
|
||||
NS_ASSERT_OWNINGTHREAD(HttpChannelChild);
|
||||
--mRefCnt;
|
||||
NS_LOG_RELEASE(this, mRefCnt, "HttpChannelChild");
|
||||
|
||||
if (mRefCnt == 1 && mKeptAlive && mIPCOpen) {
|
||||
mKeptAlive = false;
|
||||
// Send_delete calls NeckoChild::DeallocPHttpChannel, which will release
|
||||
// again to refcount==0
|
||||
PHttpChannelChild::Send__delete__(this);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (mRefCnt == 0) {
|
||||
mRefCnt = 1; /* stabilize */
|
||||
delete this;
|
||||
return 0;
|
||||
}
|
||||
return mRefCnt;
|
||||
}
|
||||
|
||||
NS_INTERFACE_MAP_BEGIN(HttpChannelChild)
|
||||
NS_INTERFACE_MAP_ENTRY(nsIRequest)
|
||||
|
|
@ -123,6 +147,7 @@ NS_INTERFACE_MAP_BEGIN(HttpChannelChild)
|
|||
NS_INTERFACE_MAP_ENTRY(nsIApplicationCacheContainer)
|
||||
NS_INTERFACE_MAP_ENTRY(nsIApplicationCacheChannel)
|
||||
NS_INTERFACE_MAP_ENTRY(nsIAsyncVerifyRedirectCallback)
|
||||
NS_INTERFACE_MAP_ENTRY_CONDITIONAL(nsIAssociatedContentSecurity, GetAssociatedContentSecurity())
|
||||
NS_INTERFACE_MAP_END_INHERITING(HttpBaseChannel)
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
|
|
@ -191,7 +216,8 @@ class StartRequestEvent : public ChildChannelEvent
|
|||
const PRBool& isFromCache,
|
||||
const PRBool& cacheEntryAvailable,
|
||||
const PRUint32& cacheExpirationTime,
|
||||
const nsCString& cachedCharset)
|
||||
const nsCString& cachedCharset,
|
||||
const nsCString& securityInfoSerialization)
|
||||
: mChild(child)
|
||||
, mResponseHead(responseHead)
|
||||
, mUseResponseHead(useResponseHead)
|
||||
|
|
@ -199,13 +225,14 @@ class StartRequestEvent : public ChildChannelEvent
|
|||
, mCacheEntryAvailable(cacheEntryAvailable)
|
||||
, mCacheExpirationTime(cacheExpirationTime)
|
||||
, mCachedCharset(cachedCharset)
|
||||
, mSecurityInfoSerialization(securityInfoSerialization)
|
||||
{}
|
||||
|
||||
void Run()
|
||||
{
|
||||
mChild->OnStartRequest(mResponseHead, mUseResponseHead, mIsFromCache,
|
||||
mCacheEntryAvailable, mCacheExpirationTime,
|
||||
mCachedCharset);
|
||||
mCachedCharset, mSecurityInfoSerialization);
|
||||
}
|
||||
private:
|
||||
HttpChannelChild* mChild;
|
||||
|
|
@ -215,6 +242,7 @@ class StartRequestEvent : public ChildChannelEvent
|
|||
PRBool mCacheEntryAvailable;
|
||||
PRUint32 mCacheExpirationTime;
|
||||
nsCString mCachedCharset;
|
||||
nsCString mSecurityInfoSerialization;
|
||||
};
|
||||
|
||||
bool
|
||||
|
|
@ -223,15 +251,18 @@ HttpChannelChild::RecvOnStartRequest(const nsHttpResponseHead& responseHead,
|
|||
const PRBool& isFromCache,
|
||||
const PRBool& cacheEntryAvailable,
|
||||
const PRUint32& cacheExpirationTime,
|
||||
const nsCString& cachedCharset)
|
||||
const nsCString& cachedCharset,
|
||||
const nsCString& securityInfoSerialization)
|
||||
{
|
||||
if (ShouldEnqueue()) {
|
||||
EnqueueEvent(new StartRequestEvent(this, responseHead, useResponseHead,
|
||||
isFromCache, cacheEntryAvailable,
|
||||
cacheExpirationTime, cachedCharset));
|
||||
cacheExpirationTime, cachedCharset,
|
||||
securityInfoSerialization));
|
||||
} else {
|
||||
OnStartRequest(responseHead, useResponseHead, isFromCache,
|
||||
cacheEntryAvailable, cacheExpirationTime, cachedCharset);
|
||||
cacheEntryAvailable, cacheExpirationTime, cachedCharset,
|
||||
securityInfoSerialization);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
|
@ -242,12 +273,18 @@ HttpChannelChild::OnStartRequest(const nsHttpResponseHead& responseHead,
|
|||
const PRBool& isFromCache,
|
||||
const PRBool& cacheEntryAvailable,
|
||||
const PRUint32& cacheExpirationTime,
|
||||
const nsCString& cachedCharset)
|
||||
const nsCString& cachedCharset,
|
||||
const nsCString& securityInfoSerialization)
|
||||
{
|
||||
LOG(("HttpChannelChild::RecvOnStartRequest [this=%x]\n", this));
|
||||
|
||||
if (useResponseHead && !mCanceled)
|
||||
mResponseHead = new nsHttpResponseHead(responseHead);
|
||||
|
||||
if (!securityInfoSerialization.IsEmpty()) {
|
||||
NS_DeserializeObject(securityInfoSerialization,
|
||||
getter_AddRefs(mSecurityInfo));
|
||||
}
|
||||
|
||||
mIsFromCache = isFromCache;
|
||||
mCacheEntryAvailable = cacheEntryAvailable;
|
||||
|
|
@ -379,14 +416,19 @@ HttpChannelChild::OnStopRequest(const nsresult& statusCode)
|
|||
mListener = 0;
|
||||
mListenerContext = 0;
|
||||
mCacheEntryAvailable = PR_FALSE;
|
||||
|
||||
if (mLoadGroup)
|
||||
mLoadGroup->RemoveRequest(this, nsnull, statusCode);
|
||||
}
|
||||
|
||||
// This calls NeckoChild::DeallocPHttpChannel(), which deletes |this| if IPDL
|
||||
// holds the last reference. Don't rely on |this| existing after here.
|
||||
PHttpChannelChild::Send__delete__(this);
|
||||
if (!(mLoadFlags & LOAD_DOCUMENT_URI)) {
|
||||
// This calls NeckoChild::DeallocPHttpChannel(), which deletes |this| if IPDL
|
||||
// holds the last reference. Don't rely on |this| existing after here.
|
||||
PHttpChannelChild::Send__delete__(this);
|
||||
} else {
|
||||
// We need to keep the document loading channel alive for further
|
||||
// communication, mainly for collecting a security state values.
|
||||
mKeptAlive = true;
|
||||
}
|
||||
}
|
||||
|
||||
class ProgressEvent : public ChildChannelEvent
|
||||
|
|
@ -755,9 +797,8 @@ HttpChannelChild::Resume()
|
|||
NS_IMETHODIMP
|
||||
HttpChannelChild::GetSecurityInfo(nsISupports **aSecurityInfo)
|
||||
{
|
||||
// FIXME: Stub for bug 536301 .
|
||||
NS_ENSURE_ARG_POINTER(aSecurityInfo);
|
||||
*aSecurityInfo = 0;
|
||||
NS_IF_ADDREF(*aSecurityInfo = mSecurityInfo);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
|
@ -1076,6 +1117,137 @@ HttpChannelChild::SetChooseApplicationCache(PRBool aChooseApplicationCache)
|
|||
return NS_OK;
|
||||
}
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
// HttpChannelChild::nsIAssociatedContentSecurity
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
bool
|
||||
HttpChannelChild::GetAssociatedContentSecurity(
|
||||
nsIAssociatedContentSecurity** _result)
|
||||
{
|
||||
if (!mSecurityInfo)
|
||||
return false;
|
||||
|
||||
nsCOMPtr<nsIAssociatedContentSecurity> assoc =
|
||||
do_QueryInterface(mSecurityInfo);
|
||||
if (!assoc)
|
||||
return false;
|
||||
|
||||
if (_result)
|
||||
assoc.forget(_result);
|
||||
return true;
|
||||
}
|
||||
|
||||
/* attribute unsigned long countSubRequestsHighSecurity; */
|
||||
NS_IMETHODIMP
|
||||
HttpChannelChild::GetCountSubRequestsHighSecurity(
|
||||
PRInt32 *aSubRequestsHighSecurity)
|
||||
{
|
||||
nsCOMPtr<nsIAssociatedContentSecurity> assoc;
|
||||
if (!GetAssociatedContentSecurity(getter_AddRefs(assoc)))
|
||||
return NS_OK;
|
||||
|
||||
return assoc->GetCountSubRequestsHighSecurity(aSubRequestsHighSecurity);
|
||||
}
|
||||
NS_IMETHODIMP
|
||||
HttpChannelChild::SetCountSubRequestsHighSecurity(
|
||||
PRInt32 aSubRequestsHighSecurity)
|
||||
{
|
||||
nsCOMPtr<nsIAssociatedContentSecurity> assoc;
|
||||
if (!GetAssociatedContentSecurity(getter_AddRefs(assoc)))
|
||||
return NS_OK;
|
||||
|
||||
return assoc->SetCountSubRequestsHighSecurity(aSubRequestsHighSecurity);
|
||||
}
|
||||
|
||||
/* attribute unsigned long countSubRequestsLowSecurity; */
|
||||
NS_IMETHODIMP
|
||||
HttpChannelChild::GetCountSubRequestsLowSecurity(
|
||||
PRInt32 *aSubRequestsLowSecurity)
|
||||
{
|
||||
nsCOMPtr<nsIAssociatedContentSecurity> assoc;
|
||||
if (!GetAssociatedContentSecurity(getter_AddRefs(assoc)))
|
||||
return NS_OK;
|
||||
|
||||
return assoc->GetCountSubRequestsLowSecurity(aSubRequestsLowSecurity);
|
||||
}
|
||||
NS_IMETHODIMP
|
||||
HttpChannelChild::SetCountSubRequestsLowSecurity(
|
||||
PRInt32 aSubRequestsLowSecurity)
|
||||
{
|
||||
nsCOMPtr<nsIAssociatedContentSecurity> assoc;
|
||||
if (!GetAssociatedContentSecurity(getter_AddRefs(assoc)))
|
||||
return NS_OK;
|
||||
|
||||
return assoc->SetCountSubRequestsLowSecurity(aSubRequestsLowSecurity);
|
||||
}
|
||||
|
||||
/* attribute unsigned long countSubRequestsBrokenSecurity; */
|
||||
NS_IMETHODIMP
|
||||
HttpChannelChild::GetCountSubRequestsBrokenSecurity(
|
||||
PRInt32 *aSubRequestsBrokenSecurity)
|
||||
{
|
||||
nsCOMPtr<nsIAssociatedContentSecurity> assoc;
|
||||
if (!GetAssociatedContentSecurity(getter_AddRefs(assoc)))
|
||||
return NS_OK;
|
||||
|
||||
return assoc->GetCountSubRequestsBrokenSecurity(aSubRequestsBrokenSecurity);
|
||||
}
|
||||
NS_IMETHODIMP
|
||||
HttpChannelChild::SetCountSubRequestsBrokenSecurity(
|
||||
PRInt32 aSubRequestsBrokenSecurity)
|
||||
{
|
||||
nsCOMPtr<nsIAssociatedContentSecurity> assoc;
|
||||
if (!GetAssociatedContentSecurity(getter_AddRefs(assoc)))
|
||||
return NS_OK;
|
||||
|
||||
return assoc->SetCountSubRequestsBrokenSecurity(aSubRequestsBrokenSecurity);
|
||||
}
|
||||
|
||||
/* attribute unsigned long countSubRequestsNoSecurity; */
|
||||
NS_IMETHODIMP
|
||||
HttpChannelChild::GetCountSubRequestsNoSecurity(PRInt32 *aSubRequestsNoSecurity)
|
||||
{
|
||||
nsCOMPtr<nsIAssociatedContentSecurity> assoc;
|
||||
if (!GetAssociatedContentSecurity(getter_AddRefs(assoc)))
|
||||
return NS_OK;
|
||||
|
||||
return assoc->GetCountSubRequestsNoSecurity(aSubRequestsNoSecurity);
|
||||
}
|
||||
NS_IMETHODIMP
|
||||
HttpChannelChild::SetCountSubRequestsNoSecurity(PRInt32 aSubRequestsNoSecurity)
|
||||
{
|
||||
nsCOMPtr<nsIAssociatedContentSecurity> assoc;
|
||||
if (!GetAssociatedContentSecurity(getter_AddRefs(assoc)))
|
||||
return NS_OK;
|
||||
|
||||
return assoc->SetCountSubRequestsNoSecurity(aSubRequestsNoSecurity);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
HttpChannelChild::Flush()
|
||||
{
|
||||
nsCOMPtr<nsIAssociatedContentSecurity> assoc;
|
||||
if (!GetAssociatedContentSecurity(getter_AddRefs(assoc)))
|
||||
return NS_OK;
|
||||
|
||||
nsresult rv;
|
||||
PRInt32 hi, low, broken, no;
|
||||
|
||||
rv = assoc->GetCountSubRequestsHighSecurity(&hi);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
rv = assoc->GetCountSubRequestsLowSecurity(&low);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
rv = assoc->GetCountSubRequestsBrokenSecurity(&broken);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
rv = assoc->GetCountSubRequestsNoSecurity(&no);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
if (mIPCOpen)
|
||||
SendUpdateAssociatedContentSecurity(hi, low, broken, no);
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
//------------------------------------------------------------------------------
|
||||
|
||||
|
|
|
|||
|
|
@ -60,21 +60,13 @@
|
|||
#include "nsIProxiedChannel.h"
|
||||
#include "nsITraceableChannel.h"
|
||||
#include "nsIAsyncVerifyRedirectCallback.h"
|
||||
#include "nsIAssociatedContentSecurity.h"
|
||||
|
||||
namespace mozilla {
|
||||
namespace net {
|
||||
|
||||
class ChildChannelEvent;
|
||||
|
||||
// TODO: replace with IPDL states: bug 536319
|
||||
enum HttpChannelChildState {
|
||||
HCC_NEW,
|
||||
HCC_OPENED,
|
||||
HCC_ONSTART,
|
||||
HCC_ONDATA,
|
||||
HCC_ONSTOP
|
||||
};
|
||||
|
||||
class HttpChannelChild : public PHttpChannelChild
|
||||
, public HttpBaseChannel
|
||||
, public nsICacheInfoChannel
|
||||
|
|
@ -83,6 +75,7 @@ class HttpChannelChild : public PHttpChannelChild
|
|||
, public nsITraceableChannel
|
||||
, public nsIApplicationCacheChannel
|
||||
, public nsIAsyncVerifyRedirectCallback
|
||||
, public nsIAssociatedContentSecurity
|
||||
{
|
||||
public:
|
||||
NS_DECL_ISUPPORTS_INHERITED
|
||||
|
|
@ -93,6 +86,7 @@ public:
|
|||
NS_DECL_NSIAPPLICATIONCACHECONTAINER
|
||||
NS_DECL_NSIAPPLICATIONCACHECHANNEL
|
||||
NS_DECL_NSIASYNCVERIFYREDIRECTCALLBACK
|
||||
NS_DECL_NSIASSOCIATEDCONTENTSECURITY
|
||||
|
||||
HttpChannelChild();
|
||||
virtual ~HttpChannelChild();
|
||||
|
|
@ -133,7 +127,8 @@ protected:
|
|||
const PRBool& isFromCache,
|
||||
const PRBool& cacheEntryAvailable,
|
||||
const PRUint32& cacheExpirationTime,
|
||||
const nsCString& cachedCharset);
|
||||
const nsCString& cachedCharset,
|
||||
const nsCString& securityInfoSerialization);
|
||||
bool RecvOnDataAvailable(const nsCString& data,
|
||||
const PRUint32& offset,
|
||||
const PRUint32& count);
|
||||
|
|
@ -147,10 +142,13 @@ protected:
|
|||
const nsHttpResponseHead& responseHead);
|
||||
bool RecvRedirect3Complete();
|
||||
|
||||
bool GetAssociatedContentSecurity(nsIAssociatedContentSecurity** res = nsnull);
|
||||
|
||||
private:
|
||||
RequestHeaderTuples mRequestHeaders;
|
||||
nsRefPtr<HttpChannelChild> mRedirectChannelChild;
|
||||
nsCOMPtr<nsIURI> mRedirectOriginalURI;
|
||||
nsCOMPtr<nsISupports> mSecurityInfo;
|
||||
|
||||
PRPackedBool mIsFromCache;
|
||||
PRPackedBool mCacheEntryAvailable;
|
||||
|
|
@ -163,6 +161,7 @@ private:
|
|||
PRUint32 mSuspendCount;
|
||||
|
||||
bool mIPCOpen;
|
||||
bool mKeptAlive;
|
||||
|
||||
// Workaround for Necko re-entrancy dangers. We buffer IPDL messages in a
|
||||
// queue if still dispatching previous one(s) to listeners/observers.
|
||||
|
|
@ -188,7 +187,8 @@ private:
|
|||
const PRBool& isFromCache,
|
||||
const PRBool& cacheEntryAvailable,
|
||||
const PRUint32& cacheExpirationTime,
|
||||
const nsCString& cachedCharset);
|
||||
const nsCString& cachedCharset,
|
||||
const nsCString& securityInfoSerialization);
|
||||
void OnDataAvailable(const nsCString& data,
|
||||
const PRUint32& offset,
|
||||
const PRUint32& count);
|
||||
|
|
|
|||
|
|
@ -51,6 +51,9 @@
|
|||
#include "nsIDocShellTreeItem.h"
|
||||
#include "nsIBadCertListener2.h"
|
||||
#include "nsICacheEntryDescriptor.h"
|
||||
#include "nsSerializationHelper.h"
|
||||
#include "nsISerializable.h"
|
||||
#include "nsIAssociatedContentSecurity.h"
|
||||
|
||||
namespace mozilla {
|
||||
namespace net {
|
||||
|
|
@ -224,6 +227,29 @@ HttpChannelParent::RecvSetCacheTokenCachedCharset(const nsCString& charset)
|
|||
return true;
|
||||
}
|
||||
|
||||
bool
|
||||
HttpChannelParent::RecvUpdateAssociatedContentSecurity(const PRInt32& high,
|
||||
const PRInt32& low,
|
||||
const PRInt32& broken,
|
||||
const PRInt32& no)
|
||||
{
|
||||
nsHttpChannel *chan = static_cast<nsHttpChannel *>(mChannel.get());
|
||||
|
||||
nsCOMPtr<nsISupports> secInfo;
|
||||
chan->GetSecurityInfo(getter_AddRefs(secInfo));
|
||||
|
||||
nsCOMPtr<nsIAssociatedContentSecurity> assoc = do_QueryInterface(secInfo);
|
||||
if (!assoc)
|
||||
return true;
|
||||
|
||||
assoc->SetCountSubRequestsHighSecurity(high);
|
||||
assoc->SetCountSubRequestsLowSecurity(low);
|
||||
assoc->SetCountSubRequestsBrokenSecurity(broken);
|
||||
assoc->SetCountSubRequestsNoSecurity(no);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
bool
|
||||
HttpChannelParent::RecvRedirect2Result(const nsresult& result,
|
||||
const RequestHeaderTuples& changedHeaders)
|
||||
|
|
@ -251,7 +277,7 @@ HttpChannelParent::OnStartRequest(nsIRequest *aRequest, nsISupports *aContext)
|
|||
|
||||
PRBool isFromCache = false;
|
||||
chan->IsFromCache(&isFromCache);
|
||||
PRUint32 expirationTime;
|
||||
PRUint32 expirationTime = nsICache::NO_EXPIRATION_TIME;
|
||||
chan->GetCacheTokenExpirationTime(&expirationTime);
|
||||
nsCString cachedCharset;
|
||||
chan->GetCacheTokenCachedCharset(cachedCharset);
|
||||
|
|
@ -260,11 +286,21 @@ HttpChannelParent::OnStartRequest(nsIRequest *aRequest, nsISupports *aContext)
|
|||
// It could be already released by nsHttpChannel at that time.
|
||||
chan->GetCacheToken(getter_AddRefs(mCacheDescriptor));
|
||||
|
||||
nsCString secInfoSerialization;
|
||||
nsCOMPtr<nsISupports> secInfoSupp;
|
||||
chan->GetSecurityInfo(getter_AddRefs(secInfoSupp));
|
||||
if (secInfoSupp) {
|
||||
nsCOMPtr<nsISerializable> secInfoSer = do_QueryInterface(secInfoSupp);
|
||||
if (secInfoSer)
|
||||
NS_SerializeToString(secInfoSer, secInfoSerialization);
|
||||
}
|
||||
|
||||
if (mIPCClosed ||
|
||||
!SendOnStartRequest(responseHead ? *responseHead : nsHttpResponseHead(),
|
||||
!!responseHead, isFromCache,
|
||||
mCacheDescriptor ? PR_TRUE : PR_FALSE,
|
||||
expirationTime, cachedCharset)) {
|
||||
expirationTime, cachedCharset, secInfoSerialization))
|
||||
{
|
||||
return NS_ERROR_UNEXPECTED;
|
||||
}
|
||||
return NS_OK;
|
||||
|
|
|
|||
|
|
@ -105,6 +105,10 @@ protected:
|
|||
virtual bool RecvCancel(const nsresult& status);
|
||||
virtual bool RecvRedirect2Result(const nsresult& result,
|
||||
const RequestHeaderTuples& changedHeaders);
|
||||
virtual bool RecvUpdateAssociatedContentSecurity(const PRInt32& high,
|
||||
const PRInt32& low,
|
||||
const PRInt32& broken,
|
||||
const PRInt32& no);
|
||||
|
||||
virtual void ActorDestroy(ActorDestroyReason why);
|
||||
|
||||
|
|
|
|||
|
|
@ -82,6 +82,10 @@ parent:
|
|||
|
||||
SetCacheTokenCachedCharset(nsCString charset);
|
||||
|
||||
UpdateAssociatedContentSecurity(PRInt32 high,
|
||||
PRInt32 low,
|
||||
PRInt32 broken,
|
||||
PRInt32 no);
|
||||
Suspend();
|
||||
Resume();
|
||||
|
||||
|
|
@ -96,7 +100,8 @@ child:
|
|||
PRBool isFromCache,
|
||||
PRBool cacheEntryAvailable,
|
||||
PRUint32 cacheExpirationTime,
|
||||
nsCString cachedCharset);
|
||||
nsCString cachedCharset,
|
||||
nsCString securityInfoSerialization);
|
||||
|
||||
OnDataAvailable(nsCString data,
|
||||
PRUint32 offset,
|
||||
|
|
|
|||
|
|
@ -567,7 +567,12 @@ nsSecureBrowserUIImpl::EvaluateAndUpdateSecurityState(nsIRequest* aRequest, nsIS
|
|||
PR_LOG(gSecureDocLog, PR_LOG_DEBUG,
|
||||
("SecureUI:%p: remember securityInfo %p\n", this,
|
||||
info));
|
||||
mCurrentToplevelSecurityInfo = info;
|
||||
nsCOMPtr<nsIAssociatedContentSecurity> associatedContentSecurityFromRequest =
|
||||
do_QueryInterface(aRequest);
|
||||
if (associatedContentSecurityFromRequest)
|
||||
mCurrentToplevelSecurityInfo = aRequest;
|
||||
else
|
||||
mCurrentToplevelSecurityInfo = info;
|
||||
}
|
||||
|
||||
return UpdateSecurityState(aRequest, withNewLocation,
|
||||
|
|
@ -1106,6 +1111,7 @@ nsSecureBrowserUIImpl::OnStateChange(nsIWebProgress* aWebProgress,
|
|||
prevContentSecurity->SetCountSubRequestsLowSecurity(saveSubLow);
|
||||
prevContentSecurity->SetCountSubRequestsBrokenSecurity(saveSubBroken);
|
||||
prevContentSecurity->SetCountSubRequestsNoSecurity(saveSubNo);
|
||||
prevContentSecurity->Flush();
|
||||
}
|
||||
|
||||
PRBool retrieveAssociatedState = PR_FALSE;
|
||||
|
|
|
|||
|
|
@ -46,11 +46,12 @@
|
|||
|
||||
#include "nsISupports.idl"
|
||||
|
||||
[scriptable, uuid(8DB92DDE-799F-4d33-80F7-459CAC800DC9)]
|
||||
[scriptable, uuid(6AC9A699-D12A-45dc-9B02-9E5E0DD831B9)]
|
||||
interface nsIAssociatedContentSecurity : nsISupports
|
||||
{
|
||||
attribute long countSubRequestsHighSecurity;
|
||||
attribute long countSubRequestsLowSecurity;
|
||||
attribute long countSubRequestsBrokenSecurity;
|
||||
attribute long countSubRequestsNoSecurity;
|
||||
void flush();
|
||||
};
|
||||
|
|
|
|||
|
|
@ -511,6 +511,10 @@ NS_IMETHODIMP nsNSSSocketInfo::SetCountSubRequestsNoSecurity(PRInt32 aSubRequest
|
|||
mSubRequestsNoSecurity = aSubRequestsNoSecurity;
|
||||
return NS_OK;
|
||||
}
|
||||
NS_IMETHODIMP nsNSSSocketInfo::Flush()
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsNSSSocketInfo::GetShortSecurityDescription(PRUnichar** aText) {
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче