roytam1/palemoon27
1
0
Fork 0
mirror of https://github.com/roytam1/palemoon27.git synced 2026-05-26 14:18:48 +00:00
Code Issues Projects Releases Wiki Activity

import changes from `dev' branch of rmottola/Arctic-Fox:

Browse Source 
- Bug 1172382 - Enable AccessibleCaret on B2G. r=roc (f5c58c2798)
- remove duplicated (8823cc4a43)
- Bug 1219310 - part 1 - ask the prefs file for its size directly; r=njn (93073cbc5e)
- Bug 1219310 - part 2 - keep track of how much pref file we have read; r=njn (6a2a10a8b1)
- Bug 1213123 - Make Preferences::SetString accept char16ptr_t instead of char16_t*. r=froydnj (a895a36861)
- Bug 1216901 - Make the FasterMake backend reticulate splines when moz.build or jar.mn files are modified. r=mshal (ed4ec93b18)
- Bug 1219122 - Move webapprt.ini definition to moz.build. - Add corresponding webpprt files. (da6bc91b5c)
- Bug 1219126 - Move greprefs.js definition in moz.build. r=mshal (52f404c935)
- code style (1b1e543834)
- Bug 1162690 - Remove malformed uri warning in nsURLParser::ParseURL r=mcmanus (8534fcebb7)
- Bug 1163028 - URL: stop escaping [ and ] in path r=mcmanus (f2f3deec40)
- Bug 1163030 - URL: stop escaping ` in query r=mcmanus (17d6c07640)
- Bug 1191423 - Disallow illegal characters in cookies set via HTTP. r=jduell (b1786d140f)
- Bug 1210235 - Skip package verification if pref out or no signature. The package would be treated unsigned. r=valentin (63870dd7ef)
- Bug 1216062 - Notify OnStartSignedPackagedRequest with package identifier. r=valentin. (81a14af3db)
- Bug 1214079 - Doom the package cache if the signature verification failed. r=valentin (83824c2d5d)
- Bug 1178448 - Use imported CA in developer mode. r=keeler,valentin (b9cf64b477)
- Bug 1216469 - Bypass verification for signed packages from trust origins. r=valentin (a36d0a6d2f)
- Bug 1218284 - Match signed packages' with trust origin without suffix. r=valentin (45529dc7df)
- Bug 412457 - should unescape hostname first, then perform IDNA r=mcmanus (23ebe47574)
- Bug 1217316 - Remove for-each from netwerk/. r=jduell (8d0ca69e9e)
- Bug 1208847 - Add telemetry to measure how often secure cookies are set from non-secure origins r=mcmanus (57ecf3651d)
- Bug 1165267 - Part 1: Replace appId and inBrowser by originAttributes v2. r=honzab (7710301407)
- Bug 1165267 - Fix downgrading issue by restoring appId and inBrowserElement columns v3. r=honzab (3e8b8e4dfb)
- Bug 1221049 - Use originAttributes from TabContext. r=kanru (5eaebe3b28)
- Bug 1197944 - Change pref so that the http auth dialog is presented for sub resources as well. r=jduell (e3a7e2a1a7)
- Bug 1202421 - Rename the network.auth.allow-subresource-auth pref. r=michal (87e29e1fdf)
- Bug 1213577 - Use OriginAttributes in nsHttpAuthManager, r=mcmanus (33d0a25ac4)
- Bug 961049 - Part 1: Remove unused members and methods; r=baku (0f3e6de06b)
This commit is contained in:
roytam1
2023-03-10 15:32:42 +08:00
parent 40ee015dc8
commit 33f0551ea5
84 changed files with 2551 additions and 591 deletions
Download Patch File Download Diff File Expand all files Collapse all files
netwerk/protocol/http/nsHttpChannelAuthProvider.cpp
+23 -32
View File
@@ -43,19 +43,16 @@ namespace net {
#define MAX_DISPLAYED_HOST_LENGTH 64
static void
GetAppIdAndBrowserStatus(nsIChannel* aChan, uint32_t* aAppId, bool* aInBrowserElem)
GetOriginAttributesSuffix(nsIChannel* aChan, nsACString &aSuffix)
{
nsCOMPtr<nsILoadContext> loadContext;
OriginAttributes oa;
// Deliberately ignoring the result and going with defaults
if (aChan) {
NS_QueryNotificationCallbacks(aChan, loadContext);
}
if (!loadContext) {
*aAppId = NECKO_NO_APP_ID;
*aInBrowserElem = false;
} else {
loadContext->GetAppId(aAppId);
loadContext->GetIsInBrowserElement(aInBrowserElem);
NS_GetOriginAttributes(aChan, oa);
}
oa.CreateSuffix(aSuffix);
}
nsHttpChannelAuthProvider::nsHttpChannelAuthProvider()
@@ -77,15 +74,15 @@ nsHttpChannelAuthProvider::~nsHttpChannelAuthProvider()
}
uint32_t nsHttpChannelAuthProvider::sAuthAllowPref =
SUBRESOURCE_AUTH_DIALOG_DISALLOW_CROSS_ORIGIN;
SUBRESOURCE_AUTH_DIALOG_ALLOW_ALL;
void
nsHttpChannelAuthProvider::InitializePrefs()
{
MOZ_ASSERT(NS_IsMainThread());
mozilla::Preferences::AddUintVarCache(&sAuthAllowPref,
"network.auth.allow-subresource-auth",
SUBRESOURCE_AUTH_DIALOG_DISALLOW_CROSS_ORIGIN);
"network.auth.subresource-http-auth-allow",
SUBRESOURCE_AUTH_DIALOG_ALLOW_ALL);
}
NS_IMETHODIMP
@@ -404,9 +401,8 @@ nsHttpChannelAuthProvider::GenCredsAndSetEntry(nsIHttpAuthenticator *auth,
nsHttpAuthCache *authCache = gHttpHandler->AuthCache(mIsPrivate);
nsCOMPtr<nsIChannel> chan = do_QueryInterface(mAuthChannel);
uint32_t appId;
bool isInBrowserElement;
GetAppIdAndBrowserStatus(chan, &appId, &isInBrowserElement);
nsAutoCString suffix;
GetOriginAttributesSuffix(chan, suffix);
// create a cache entry. we do this even though we don't yet know that
// these credentials are valid b/c we need to avoid prompting the user
@@ -417,7 +413,7 @@ nsHttpChannelAuthProvider::GenCredsAndSetEntry(nsIHttpAuthenticator *auth,
rv = authCache->SetAuthEntry(scheme, host, port, directory, realm,
saveCreds ? *result : nullptr,
saveChallenge ? challenge : nullptr,
appId, isInBrowserElement,
suffix,
saveIdentity ? &ident : nullptr,
sessionState);
return rv;
@@ -678,9 +674,8 @@ nsHttpChannelAuthProvider::GetCredentialsForChallenge(const char *challenge,
}
nsCOMPtr<nsIChannel> chan = do_QueryInterface(mAuthChannel);
uint32_t appId;
bool isInBrowserElement;
GetAppIdAndBrowserStatus(chan, &appId, &isInBrowserElement);
nsAutoCString suffix;
GetOriginAttributesSuffix(chan, suffix);
//
// if we already tried some credentials for this transaction, then
@@ -690,8 +685,7 @@ nsHttpChannelAuthProvider::GetCredentialsForChallenge(const char *challenge,
//
nsHttpAuthEntry *entry = nullptr;
authCache->GetAuthEntryForDomain(scheme.get(), host, port,
realm.get(), appId,
isInBrowserElement, &entry);
realm.get(), suffix, &entry);
// hold reference to the auth session state (in case we clear our
// reference to the entry).
@@ -722,7 +716,7 @@ nsHttpChannelAuthProvider::GetCredentialsForChallenge(const char *challenge,
// corresponding entry from the auth cache.
authCache->ClearAuthEntry(scheme.get(), host,
port, realm.get(),
appId, isInBrowserElement);
suffix);
entry = nullptr;
ident->Clear();
}
@@ -1107,15 +1101,13 @@ NS_IMETHODIMP nsHttpChannelAuthProvider::OnAuthAvailable(nsISupports *aContext,
ParseRealm(mCurrentChallenge.get(), realm);
nsCOMPtr<nsIChannel> chan = do_QueryInterface(mAuthChannel);
uint32_t appId;
bool isInBrowserElement;
GetAppIdAndBrowserStatus(chan, &appId, &isInBrowserElement);
nsAutoCString suffix;
GetOriginAttributesSuffix(chan, suffix);
nsHttpAuthCache *authCache = gHttpHandler->AuthCache(mIsPrivate);
nsHttpAuthEntry *entry = nullptr;
authCache->GetAuthEntryForDomain(scheme.get(), host, port,
realm.get(), appId,
isInBrowserElement,
realm.get(), suffix,
&entry);
nsCOMPtr<nsISupports> sessionStateGrip;
@@ -1365,12 +1357,11 @@ nsHttpChannelAuthProvider::SetAuthorizationHeader(nsHttpAuthCache *authCache,
}
nsCOMPtr<nsIChannel> chan = do_QueryInterface(mAuthChannel);
uint32_t appId;
bool isInBrowserElement;
GetAppIdAndBrowserStatus(chan, &appId, &isInBrowserElement);
nsAutoCString suffix;
GetOriginAttributesSuffix(chan, suffix);
rv = authCache->GetAuthEntryForPath(scheme, host, port, path,
appId, isInBrowserElement, &entry);
suffix, &entry);
if (NS_SUCCEEDED(rv)) {
// if we are trying to add a header for origin server auth and if the
// URL contains an explicit username, then try the given username first.