mirror of
https://github.com/roytam1/palemoon27.git
synced 2026-05-26 14:30:27 +00:00
roytam1
758c789ddc
- Bug 1198572 - Add telemetry for how often HSTS would fix mixed content problems r=smaug r=tanvi (1abeb434a4) - Bug 1181683 - Mark ping and beacon as blockable mixed content instead of optionally blockable. r=smaug (ab4b612439) - Bug 1148732 - When checking a document's scheme, check the innermost uri. r=dveditz, smaug (f03eef9b3a) - put back source RegExp (112cbc1797) - Bug 1026520 - CSP: Inline report sending into allows - csp changes (r=dveditz) (f835967ad3) - Bug 1026520 - CSP: Inline report sending into allows - callsite updates (r=dveditz) (39b200f027) - Bug 1026520 - CSP: Inline report sending into allows - test updates (r=dveditz) (6a9dd4d859) - Bug 1201822 - Update web-platform-tests expected data to revision d0571e01e1a2e4b8c5f696af2f81cbc1be9a5842, a=testonly (851485e4f9) - Bug 1026520 - CSP: Inline report sending into allows - web platform test updates (r=deveditz) (0fbb9ce2c7) - Bug 1612470 - Remove Document.hasScriptsBlockedBySandbox and Document.inlineScriptAllowedByCSP. r=bzbarsky (840ec6ebfb) - Bug 1192333 - Use channel->ascynOpen2 in dom/xslt/xslt/txMozillaStyleheetCompiler.cpp (r=sicking) (73989dc9d2) - Bug 1186843 - Don't recreate message manager. r=smaug (d4e2e28136) - Bug 1209361 - Add missing includes to dom/base. r=mccr8 (702a9b0c21) - Bug 1209621 - Add a way to get the TabParent for the content-primary tab, r=mconley (7d8a7e501f) - Bug 1209001 - Fix OOM handling when creating ModuleObject r=terrence (e5b9fc8db3) - Bug 1183289 - Run fewer CGC tests r=sfink (d529983340) - Bug 1204692 - Add arm64-sim variant to the autospider.sh script. r=sstangl (8f46c42105) - Bug 1183289 - Partially revert previous patch so jstests get run with default jitflags only r=me (97d1721e43) - Bug 1210924 - Do not fire read barriers when using ReadBarriered in a boolean context; r=sfink (697885508c) - code style and reshuffle (1b55c0f721) - Bug 1207821 - Change the initialized length of an unboxed array in some places without triggering pre barriers, r=jandem. (92452a2db0) - Bug 1074935 - Add SPS pseudo frames for JSRope flattening; r=jandem (5589064dc1) - Bug 1184423 - Properly report OOM when initializing the RematerizedFrameTable fails; r=shu (60d964e1ca) - Bug 1201575 - Give copied FrameIter::Data the cx of the current frame. (r=jimb) (af5e59d95a) - Bug 1204725 - IonMonkey: Check result when copying frame iter data, r=nbp (7de175e301) - Bug 1184423 - Properly report OOM when adding a rematerialized frame to the current JitActivation fails; r=shu (a00c310833) - Bug 1210391 - Module scopes are currently not cacheable r=jandem (b42adeb292) - pointer style (30f967d1ee) - Bug 1199221 - Implement JS::ubi::Node::size for js::ObjectGroup referents; r=sfink (364cbff290) - Bug 1199219 - Implement JS::ubi::Node::size for js::Shape referents; r=sfink (683d11d589) - Bug 1199220 - Implement JS::ubi::Node::size for js::BaseShape referents; r=sfink (a9e1c02cbc) - Bug 1200482: Make Debugger respect 'enabled' flag when setting allocation tracking hook on debuggee compartments, and check that it does. r=fitzgen (cf203e12e0) - Bug 1177508 - Truncate the stack more aggressively in adoptAsyncStack. r=fitzgen (c335f6dcd5) - Bug 1209989 - Implicitly attach a PRThread to native threads when first used as a PRThread in the PosixNSPR implementation. r=terrence (c9d771fb47) - Bug 1206640: Fix an implicit constructor in PosixNSPR.cpp; r=nbp (178312c0f2) - Bug 1204863 - Ignore frames from self-hosted scripts; r=shu (4b8cd11832) - Bug 1180047: Debugger.prototype.findObjects should not return objects that must not be exposed to JS. r=fitzgen (634f19195b) - Bug 1208908 - Fix a conditional statement in BytecodeRangeWithPosition::updatePosition(); r=ejpbruel (e58c656255) - some profiler and crash import (d5b8b4f798) - Bug 1185532: Turn on the NPAPI process sandbox for Windows 64-bit flash by default. r=bsmedberg (5aa8fa8a6e) - Bug 1194488: Whitelist specific plugins for async init; r=jimm (7c78723689) - Bug 1200698: Rename async plugin init pref; r=bsmedberg (df37e5833e) - Bug 1184068: Ensure that mShutdown is not incorrectly set from true to false if plugin crashes during CallNP_Shutdown; r=jimm Bug 1202024: Initialize plugin details and quirks in parent on first run for async init. r=aklotz (934d877d8c) - missing bit of Bug 1119878 Part 2 (3a0dd8afc1) - Bug 1209351 (part 6) - Optimize nsTHashTable::RemoveEntry() usage in toolkit/. r=froydnj. (810fbbab89) - Bug 1209351 (part 1) - Add an overloading of nsTHashTable::RemoveEntry() that takes an already-found entry. r=froydnj. (45d6181461) - Bug 1209351 (part 2) - Optimize nsTHashTable::RemoveEntry() usage in dom/. r=bz. (bdb19ed49f) - Bug 1209351 (part 3) - Optimize nsTHashTable::RemoveEntry() usage in gfx/. r=jrmuizel. (dc29a2b97f) - Bug 1209351 (part 4) - Optimize nsTHashTable::RemoveEntry() usage in netwerk/. r=michal.novotny. (3be1f09b5c) - Bug 1209351 (part 5) - Optimize nsTHashTable::RemoveEntry() usage in security/. r=keeler. (47999463fe)
396 lines
14 KiB
C++
396 lines
14 KiB
C++
#include "nsContentSecurityManager.h"
|
|
#include "nsIChannel.h"
|
|
#include "nsIStreamListener.h"
|
|
#include "nsILoadInfo.h"
|
|
#include "nsContentUtils.h"
|
|
#include "nsCORSListenerProxy.h"
|
|
#include "nsIStreamListener.h"
|
|
|
|
#include "mozilla/dom/Element.h"
|
|
|
|
NS_IMPL_ISUPPORTS(nsContentSecurityManager, nsIContentSecurityManager)
|
|
|
|
nsresult
|
|
ValidateSecurityFlags(nsILoadInfo* aLoadInfo)
|
|
{
|
|
nsSecurityFlags securityMode = aLoadInfo->GetSecurityMode();
|
|
|
|
if (securityMode != nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS &&
|
|
securityMode != nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED &&
|
|
securityMode != nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS &&
|
|
securityMode != nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL &&
|
|
securityMode != nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS) {
|
|
MOZ_ASSERT(false, "need one securityflag from nsILoadInfo to perform security checks");
|
|
return NS_ERROR_FAILURE;
|
|
}
|
|
|
|
// make sure that cors-with-credentials is only used in combination with CORS.
|
|
if (aLoadInfo->GetRequireCorsWithCredentials() &&
|
|
securityMode != nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS) {
|
|
MOZ_ASSERT(false, "can not use cors-with-credentials without cors");
|
|
return NS_ERROR_FAILURE;
|
|
}
|
|
// all good, found the right security flags
|
|
return NS_OK;
|
|
}
|
|
|
|
static bool SchemeIs(nsIURI* aURI, const char* aScheme)
|
|
{
|
|
nsCOMPtr<nsIURI> baseURI = NS_GetInnermostURI(aURI);
|
|
NS_ENSURE_TRUE(baseURI, false);
|
|
|
|
bool isScheme = false;
|
|
return NS_SUCCEEDED(baseURI->SchemeIs(aScheme, &isScheme)) && isScheme;
|
|
}
|
|
|
|
nsresult
|
|
DoCheckLoadURIChecks(nsIURI* aURI, nsILoadInfo* aLoadInfo)
|
|
{
|
|
nsresult rv = NS_OK;
|
|
|
|
nsCOMPtr<nsIPrincipal> loadingPrincipal = aLoadInfo->LoadingPrincipal();
|
|
uint32_t flags = nsIScriptSecurityManager::STANDARD;
|
|
if (aLoadInfo->GetAllowChrome()) {
|
|
flags |= nsIScriptSecurityManager::ALLOW_CHROME;
|
|
}
|
|
|
|
rv = nsContentUtils::GetSecurityManager()->
|
|
CheckLoadURIWithPrincipal(loadingPrincipal,
|
|
aURI,
|
|
flags);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
// If the loadingPrincipal and the triggeringPrincipal are different, then make
|
|
// sure the triggeringPrincipal is allowed to access that URI.
|
|
nsCOMPtr<nsIPrincipal> triggeringPrincipal = aLoadInfo->TriggeringPrincipal();
|
|
if (loadingPrincipal != triggeringPrincipal) {
|
|
rv = nsContentUtils::GetSecurityManager()->
|
|
CheckLoadURIWithPrincipal(triggeringPrincipal,
|
|
aURI,
|
|
flags);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
}
|
|
return NS_OK;
|
|
}
|
|
|
|
nsresult
|
|
DoSOPChecks(nsIURI* aURI, nsILoadInfo* aLoadInfo)
|
|
{
|
|
if (aLoadInfo->GetAllowChrome() && SchemeIs(aURI, "chrome")) {
|
|
// Enforce same-origin policy, except to chrome.
|
|
return DoCheckLoadURIChecks(aURI, aLoadInfo);
|
|
}
|
|
|
|
nsIPrincipal* loadingPrincipal = aLoadInfo->LoadingPrincipal();
|
|
bool sameOriginDataInherits =
|
|
aLoadInfo->GetSecurityMode() == nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS;
|
|
return loadingPrincipal->CheckMayLoad(aURI,
|
|
true, // report to console
|
|
sameOriginDataInherits);
|
|
}
|
|
|
|
nsresult
|
|
DoCORSChecks(nsIChannel* aChannel, nsILoadInfo* aLoadInfo,
|
|
nsCOMPtr<nsIStreamListener>& aInAndOutListener)
|
|
{
|
|
MOZ_ASSERT(aInAndOutListener, "can not perform CORS checks without a listener");
|
|
|
|
// No need to set up CORS if TriggeringPrincipal is the SystemPrincipal.
|
|
// For example, allow user stylesheets to load XBL from external files
|
|
// without requiring CORS.
|
|
if (nsContentUtils::IsSystemPrincipal(aLoadInfo->TriggeringPrincipal())) {
|
|
return NS_OK;
|
|
}
|
|
|
|
nsIPrincipal* loadingPrincipal = aLoadInfo->LoadingPrincipal();
|
|
nsRefPtr<nsCORSListenerProxy> corsListener =
|
|
new nsCORSListenerProxy(aInAndOutListener,
|
|
loadingPrincipal,
|
|
aLoadInfo->GetRequireCorsWithCredentials());
|
|
// XXX: @arg: DataURIHandling::Allow
|
|
// lets use DataURIHandling::Allow for now and then decide on callsite basis. see also:
|
|
// http://mxr.mozilla.org/mozilla-central/source/dom/security/nsCORSListenerProxy.h#33
|
|
nsresult rv = corsListener->Init(aChannel, DataURIHandling::Allow);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
aInAndOutListener = corsListener;
|
|
return NS_OK;
|
|
}
|
|
|
|
nsresult
|
|
DoContentSecurityChecks(nsIURI* aURI, nsILoadInfo* aLoadInfo)
|
|
{
|
|
nsContentPolicyType contentPolicyType = aLoadInfo->GetExternalContentPolicyType();
|
|
nsCString mimeTypeGuess;
|
|
nsCOMPtr<nsINode> requestingContext = nullptr;
|
|
nsContentPolicyType internalContentPolicyType =
|
|
aLoadInfo->InternalContentPolicyType();
|
|
|
|
switch(contentPolicyType) {
|
|
case nsIContentPolicy::TYPE_OTHER: {
|
|
mimeTypeGuess = EmptyCString();
|
|
requestingContext = aLoadInfo->LoadingNode();
|
|
break;
|
|
}
|
|
|
|
case nsIContentPolicy::TYPE_SCRIPT:
|
|
case nsIContentPolicy::TYPE_IMAGE:
|
|
case nsIContentPolicy::TYPE_STYLESHEET:
|
|
case nsIContentPolicy::TYPE_OBJECT:
|
|
case nsIContentPolicy::TYPE_DOCUMENT: {
|
|
MOZ_ASSERT(false, "contentPolicyType not supported yet");
|
|
break;
|
|
}
|
|
|
|
case nsIContentPolicy::TYPE_SUBDOCUMENT: {
|
|
mimeTypeGuess = NS_LITERAL_CSTRING("text/html");
|
|
requestingContext = aLoadInfo->LoadingNode();
|
|
MOZ_ASSERT(!requestingContext ||
|
|
requestingContext->NodeType() == nsIDOMNode::DOCUMENT_NODE,
|
|
"type_subdocument requires requestingContext of type Document");
|
|
break;
|
|
}
|
|
|
|
case nsIContentPolicy::TYPE_REFRESH: {
|
|
MOZ_ASSERT(false, "contentPolicyType not supported yet");
|
|
break;
|
|
}
|
|
|
|
case nsIContentPolicy::TYPE_XBL: {
|
|
mimeTypeGuess = EmptyCString();
|
|
requestingContext = aLoadInfo->LoadingNode();
|
|
break;
|
|
}
|
|
|
|
case nsIContentPolicy::TYPE_PING: {
|
|
mimeTypeGuess = EmptyCString();
|
|
requestingContext = aLoadInfo->LoadingNode();
|
|
break;
|
|
}
|
|
|
|
case nsIContentPolicy::TYPE_XMLHTTPREQUEST: {
|
|
// alias nsIContentPolicy::TYPE_DATAREQUEST:
|
|
requestingContext = aLoadInfo->LoadingNode();
|
|
MOZ_ASSERT(!requestingContext ||
|
|
requestingContext->NodeType() == nsIDOMNode::DOCUMENT_NODE,
|
|
"type_xml requires requestingContext of type Document");
|
|
|
|
if (internalContentPolicyType ==
|
|
nsIContentPolicy::TYPE_INTERNAL_XMLHTTPREQUEST) {
|
|
mimeTypeGuess = NS_LITERAL_CSTRING("application/xml");
|
|
}
|
|
else {
|
|
MOZ_ASSERT(internalContentPolicyType ==
|
|
nsIContentPolicy::TYPE_INTERNAL_EVENTSOURCE,
|
|
"can not set mime type guess for unexpected internal type");
|
|
mimeTypeGuess = NS_LITERAL_CSTRING(TEXT_EVENT_STREAM);
|
|
}
|
|
break;
|
|
}
|
|
|
|
case nsIContentPolicy::TYPE_OBJECT_SUBREQUEST: {
|
|
mimeTypeGuess = EmptyCString();
|
|
requestingContext = aLoadInfo->LoadingNode();
|
|
MOZ_ASSERT(!requestingContext ||
|
|
requestingContext->NodeType() == nsIDOMNode::ELEMENT_NODE,
|
|
"type_subrequest requires requestingContext of type Element");
|
|
break;
|
|
}
|
|
|
|
case nsIContentPolicy::TYPE_DTD:
|
|
case nsIContentPolicy::TYPE_FONT: {
|
|
MOZ_ASSERT(false, "contentPolicyType not supported yet");
|
|
break;
|
|
}
|
|
|
|
case nsIContentPolicy::TYPE_MEDIA: {
|
|
if (internalContentPolicyType == nsIContentPolicy::TYPE_INTERNAL_TRACK) {
|
|
mimeTypeGuess = NS_LITERAL_CSTRING("text/vtt");
|
|
}
|
|
else {
|
|
mimeTypeGuess = EmptyCString();
|
|
}
|
|
requestingContext = aLoadInfo->LoadingNode();
|
|
MOZ_ASSERT(!requestingContext ||
|
|
requestingContext->NodeType() == nsIDOMNode::ELEMENT_NODE,
|
|
"type_media requires requestingContext of type Element");
|
|
break;
|
|
}
|
|
|
|
case nsIContentPolicy::TYPE_WEBSOCKET:
|
|
case nsIContentPolicy::TYPE_CSP_REPORT: {
|
|
MOZ_ASSERT(false, "contentPolicyType not supported yet");
|
|
break;
|
|
}
|
|
|
|
case nsIContentPolicy::TYPE_XSLT: {
|
|
mimeTypeGuess = NS_LITERAL_CSTRING("application/xml");
|
|
requestingContext = aLoadInfo->LoadingNode();
|
|
MOZ_ASSERT(!requestingContext ||
|
|
requestingContext->NodeType() == nsIDOMNode::DOCUMENT_NODE,
|
|
"type_xslt requires requestingContext of type Document");
|
|
break;
|
|
}
|
|
|
|
case nsIContentPolicy::TYPE_BEACON: {
|
|
mimeTypeGuess = EmptyCString();
|
|
requestingContext = aLoadInfo->LoadingNode();
|
|
MOZ_ASSERT(!requestingContext ||
|
|
requestingContext->NodeType() == nsIDOMNode::DOCUMENT_NODE,
|
|
"type_beacon requires requestingContext of type Document");
|
|
break;
|
|
}
|
|
|
|
case nsIContentPolicy::TYPE_FETCH:
|
|
case nsIContentPolicy::TYPE_IMAGESET: {
|
|
MOZ_ASSERT(false, "contentPolicyType not supported yet");
|
|
break;
|
|
}
|
|
|
|
case nsIContentPolicy::TYPE_WEB_MANIFEST: {
|
|
mimeTypeGuess = NS_LITERAL_CSTRING("application/manifest+json");
|
|
requestingContext = aLoadInfo->LoadingNode();
|
|
break;
|
|
}
|
|
|
|
default:
|
|
// nsIContentPolicy::TYPE_INVALID
|
|
MOZ_ASSERT(false, "can not perform security check without a valid contentType");
|
|
}
|
|
|
|
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
|
|
nsresult rv = NS_CheckContentLoadPolicy(contentPolicyType,
|
|
aURI,
|
|
aLoadInfo->LoadingPrincipal(),
|
|
requestingContext,
|
|
mimeTypeGuess,
|
|
nullptr, //extra,
|
|
&shouldLoad,
|
|
nsContentUtils::GetContentPolicy(),
|
|
nsContentUtils::GetSecurityManager());
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
if (NS_CP_REJECTED(shouldLoad)) {
|
|
return NS_ERROR_CONTENT_BLOCKED;
|
|
}
|
|
return NS_OK;
|
|
}
|
|
|
|
/*
|
|
* Based on the security flags provided in the loadInfo of the channel,
|
|
* doContentSecurityCheck() performs the following content security checks
|
|
* before opening the channel:
|
|
*
|
|
* (1) Same Origin Policy Check (if applicable)
|
|
* (2) Allow Cross Origin but perform sanity checks whether a principal
|
|
* is allowed to access the following URL.
|
|
* (3) Perform CORS check (if applicable)
|
|
* (4) ContentPolicy checks (Content-Security-Policy, Mixed Content, ...)
|
|
*
|
|
* @param aChannel
|
|
* The channel to perform the security checks on.
|
|
* @param aInAndOutListener
|
|
* The streamListener that is passed to channel->AsyncOpen2() that is now potentially
|
|
* wrappend within nsCORSListenerProxy() and becomes the corsListener that now needs
|
|
* to be set as new streamListener on the channel.
|
|
*/
|
|
nsresult
|
|
nsContentSecurityManager::doContentSecurityCheck(nsIChannel* aChannel,
|
|
nsCOMPtr<nsIStreamListener>& aInAndOutListener)
|
|
{
|
|
NS_ENSURE_ARG(aChannel);
|
|
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->GetLoadInfo();
|
|
|
|
if (!loadInfo) {
|
|
MOZ_ASSERT(false, "channel needs to have loadInfo to perform security checks");
|
|
return NS_ERROR_UNEXPECTED;
|
|
}
|
|
|
|
// make sure that only one of the five security flags is set in the loadinfo
|
|
// e.g. do not require same origin and allow cross origin at the same time
|
|
nsresult rv = ValidateSecurityFlags(loadInfo);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
// lets store the initialSecurityCheckDone flag which indicates whether the channel
|
|
// was initialy evaluated by the contentSecurityManager. Once the inital
|
|
// asyncOpen() of the channel went through the contentSecurityManager then
|
|
// redirects do not have perform all the security checks, e.g. no reason
|
|
// to setup CORS again.
|
|
bool initialSecurityCheckDone = loadInfo->GetInitialSecurityCheckDone();
|
|
|
|
// now lets set the initalSecurityFlag for subsequent calls
|
|
rv = loadInfo->SetInitialSecurityCheckDone(true);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
// since aChannel was openend using asyncOpen2() we have to make sure
|
|
// that redirects of that channel also get openend using asyncOpen2()
|
|
// please note that some implementations of ::AsyncOpen2 might already
|
|
// have set that flag to true (e.g. nsViewSourceChannel) in which case
|
|
// we just set the flag again.
|
|
rv = loadInfo->SetEnforceSecurity(true);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
nsCOMPtr<nsIURI> finalChannelURI;
|
|
rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(finalChannelURI));
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
nsSecurityFlags securityMode = loadInfo->GetSecurityMode();
|
|
|
|
// Allow subresource loads if TriggeringPrincipal is the SystemPrincipal.
|
|
// For example, allow user stylesheets to load XBL from external files.
|
|
if (nsContentUtils::IsSystemPrincipal(loadInfo->TriggeringPrincipal()) &&
|
|
loadInfo->GetExternalContentPolicyType() != nsIContentPolicy::TYPE_DOCUMENT &&
|
|
loadInfo->GetExternalContentPolicyType() != nsIContentPolicy::TYPE_SUBDOCUMENT) {
|
|
return NS_OK;
|
|
}
|
|
|
|
// if none of the REQUIRE_SAME_ORIGIN flags are set, then SOP does not apply
|
|
if ((securityMode == nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS) ||
|
|
(securityMode == nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED)) {
|
|
rv = DoSOPChecks(finalChannelURI, loadInfo);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
}
|
|
|
|
// if dealing with a redirected channel then we only enforce SOP
|
|
// and can return at this point.
|
|
if (initialSecurityCheckDone) {
|
|
return NS_OK;
|
|
}
|
|
|
|
if ((securityMode == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS) ||
|
|
(securityMode == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL)) {
|
|
// Please note that DoCheckLoadURIChecks should only be enforced for
|
|
// cross origin requests. If the flag SEC_REQUIRE_CORS_DATA_INHERITS is set
|
|
// within the loadInfo, then then CheckLoadURIWithPrincipal is performed
|
|
// within nsCorsListenerProxy
|
|
rv = DoCheckLoadURIChecks(finalChannelURI, loadInfo);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
}
|
|
|
|
if (securityMode == nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS) {
|
|
rv = DoCORSChecks(aChannel, loadInfo, aInAndOutListener);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
}
|
|
|
|
// Perform all ContentPolicy checks (MixedContent, CSP, ...)
|
|
rv = DoContentSecurityChecks(finalChannelURI, loadInfo);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
// all security checks passed - lets allow the load
|
|
return NS_OK;
|
|
}
|
|
|
|
|
|
// ==== nsIContentSecurityManager implementation =====
|
|
|
|
NS_IMETHODIMP
|
|
nsContentSecurityManager::PerformSecurityCheck(nsIChannel* aChannel,
|
|
nsIStreamListener* aStreamListener,
|
|
nsIStreamListener** outStreamListener)
|
|
{
|
|
nsCOMPtr<nsIStreamListener> inAndOutListener = aStreamListener;
|
|
nsresult rv = doContentSecurityCheck(aChannel, inAndOutListener);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
inAndOutListener.forget(outStreamListener);
|
|
return NS_OK;
|
|
}
|