mirror of
https://github.com/roytam1/palemoon27.git
synced 2026-05-26 13:48:43 +00:00
import changes from `dev' branch of rmottola/Arctic-Fox:
- Bug 1143922 - Add AsyncOpen2 to nsIChannel and perform security checs when opening a channel - securitymanager (r=sicking,tanvi) (4b78431d8)
- Bug 1143922 - Add AsyncOpen2 to nsIChannel and perform security checks when opening a channel - channel changes (r=mcmanus,sicking) (139445975)
- Bug 1143922 - Add AsyncOpen2 to nsIChannel and perform security checks when opening a channel - scriptSecurityManager changes (r=sicking,bholley) (03d83542d)
- Bug 1143922 - Add AsyncOpen2 to nsIChannel and perform security checks when opening a channel - media element changes (r=sicking,tanvi) (e0d73c36e)
- Bug 1182540 - Use channel->ascynOpen2 in dom/html/HTMLTrackElement.cpp (r=sicking) (c5eb0950d)
- Bug 1182537 - Use channel->ascynOpen2 in dom/base/Navigator.cpp (r=sicking,bz) (8721fd908)
- Bug 1182539 - Use channel->ascynOpen2 in dom/base/nsDocument.cpp (r=sicking) (6dcc65084)
- Bug 1182543 - Use channel->ascynOpen2 in dom/plugins/base/nsPluginHost.cpp (r=sicking) (341de1b91)
- Bug 1188637 - Use channel->ascynOpen2 in dom/base/EventSource.cpp (r=sicking) (e41da5e03)
- Bug 1167356 - Handle return value of DataSourceSurface::Map wherever possible. r=Bas (78286f883)
- missing uuid of 1089255 (c3790f3b5)
- Bug 1174307 - Add some internal content policy types for the purpose of reflecting them on RequestContext; r=sicking (93722c3e6)
- missing bit of Bug 1124951 (72545d143)
This commit is contained in:
@@ -336,6 +336,26 @@ nsScriptSecurityManager::GetChannelResultPrincipal(nsIChannel* aChannel,
|
||||
NS_ADDREF(*aPrincipal = loadInfo->TriggeringPrincipal());
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsSecurityFlags securityFlags = loadInfo->GetSecurityMode();
|
||||
if (securityFlags == nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS ||
|
||||
securityFlags == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS ||
|
||||
securityFlags == nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS) {
|
||||
|
||||
nsCOMPtr<nsIURI> uri;
|
||||
nsresult rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(uri));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
nsCOMPtr<nsIPrincipal> triggeringPrincipal = loadInfo->TriggeringPrincipal();
|
||||
bool inheritForAboutBlank = loadInfo->GetAboutBlankInherits();
|
||||
|
||||
if (nsContentUtils::ChannelShouldInheritPrincipal(triggeringPrincipal,
|
||||
uri,
|
||||
inheritForAboutBlank,
|
||||
false)) {
|
||||
triggeringPrincipal.forget(aPrincipal);
|
||||
return NS_OK;
|
||||
}
|
||||
}
|
||||
}
|
||||
return GetChannelURIPrincipal(aChannel, aPrincipal);
|
||||
}
|
||||
|
||||
+27
-73
@@ -552,9 +552,14 @@ EventSource::AsyncOnChannelRedirect(nsIChannel *aOldChannel,
|
||||
rv = NS_GetFinalChannelURI(aNewChannel, getter_AddRefs(newURI));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
if (!CheckCanRequestSrc(newURI)) {
|
||||
DispatchFailConnection();
|
||||
return NS_ERROR_DOM_SECURITY_ERR;
|
||||
bool isValidScheme =
|
||||
(NS_SUCCEEDED(newURI->SchemeIs("http", &isValidScheme)) && isValidScheme) ||
|
||||
(NS_SUCCEEDED(newURI->SchemeIs("https", &isValidScheme)) && isValidScheme);
|
||||
|
||||
rv = CheckInnerWindowCorrectness();
|
||||
if (NS_FAILED(rv) || !isValidScheme) {
|
||||
DispatchFailConnection();
|
||||
return NS_ERROR_DOM_SECURITY_ERR;
|
||||
}
|
||||
|
||||
// Prepare to receive callback
|
||||
@@ -745,9 +750,12 @@ EventSource::InitChannelAndRequestEventSource()
|
||||
return NS_ERROR_ABORT;
|
||||
}
|
||||
|
||||
// eventsource validation
|
||||
bool isValidScheme =
|
||||
(NS_SUCCEEDED(mSrc->SchemeIs("http", &isValidScheme)) && isValidScheme) ||
|
||||
(NS_SUCCEEDED(mSrc->SchemeIs("https", &isValidScheme)) && isValidScheme);
|
||||
|
||||
if (!CheckCanRequestSrc()) {
|
||||
nsresult rv = CheckInnerWindowCorrectness();
|
||||
if (NS_FAILED(rv) || !isValidScheme) {
|
||||
DispatchFailConnection();
|
||||
return NS_ERROR_DOM_SECURITY_ERR;
|
||||
}
|
||||
@@ -755,18 +763,24 @@ EventSource::InitChannelAndRequestEventSource()
|
||||
nsLoadFlags loadFlags;
|
||||
loadFlags = nsIRequest::LOAD_BACKGROUND | nsIRequest::LOAD_BYPASS_CACHE;
|
||||
|
||||
nsresult rv;
|
||||
nsIScriptContext* sc = GetContextForEventHandlers(&rv);
|
||||
nsCOMPtr<nsIDocument> doc =
|
||||
nsContentUtils::GetDocumentFromScriptContext(sc);
|
||||
|
||||
nsSecurityFlags securityFlags =
|
||||
nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS;
|
||||
|
||||
if (mWithCredentials) {
|
||||
securityFlags |= nsILoadInfo::SEC_REQUIRE_CORS_WITH_CREDENTIALS;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIChannel> channel;
|
||||
// If we have the document, use it
|
||||
if (doc) {
|
||||
rv = NS_NewChannel(getter_AddRefs(channel),
|
||||
mSrc,
|
||||
doc,
|
||||
nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL,
|
||||
securityFlags,
|
||||
nsIContentPolicy::TYPE_DATAREQUEST,
|
||||
mLoadGroup, // loadGroup
|
||||
nullptr, // aCallbacks
|
||||
@@ -776,7 +790,7 @@ EventSource::InitChannelAndRequestEventSource()
|
||||
rv = NS_NewChannel(getter_AddRefs(channel),
|
||||
mSrc,
|
||||
mPrincipal,
|
||||
nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL,
|
||||
securityFlags,
|
||||
nsIContentPolicy::TYPE_DATAREQUEST,
|
||||
mLoadGroup, // loadGroup
|
||||
nullptr, // aCallbacks
|
||||
@@ -798,16 +812,13 @@ EventSource::InitChannelAndRequestEventSource()
|
||||
mHttpChannel->SetNotificationCallbacks(this);
|
||||
}
|
||||
|
||||
nsRefPtr<nsCORSListenerProxy> listener =
|
||||
new nsCORSListenerProxy(this, mPrincipal, mWithCredentials);
|
||||
rv = listener->Init(mHttpChannel, DataURIHandling::Allow);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Start reading from the channel
|
||||
rv = mHttpChannel->AsyncOpen(listener, nullptr);
|
||||
if (NS_SUCCEEDED(rv)) {
|
||||
mWaitingForOnStopRequest = true;
|
||||
rv = mHttpChannel->AsyncOpen2(this);
|
||||
if (NS_FAILED(rv)) {
|
||||
DispatchFailConnection();
|
||||
return rv;
|
||||
}
|
||||
mWaitingForOnStopRequest = true;
|
||||
return rv;
|
||||
}
|
||||
|
||||
@@ -1078,63 +1089,6 @@ EventSource::FailConnection()
|
||||
}
|
||||
}
|
||||
|
||||
bool
|
||||
EventSource::CheckCanRequestSrc(nsIURI* aSrc)
|
||||
{
|
||||
if (mReadyState == CLOSED) {
|
||||
return false;
|
||||
}
|
||||
|
||||
bool isValidURI = false;
|
||||
bool isValidContentLoadPolicy = false;
|
||||
bool isValidProtocol = false;
|
||||
|
||||
nsCOMPtr<nsIURI> srcToTest = aSrc ? aSrc : mSrc.get();
|
||||
NS_ENSURE_TRUE(srcToTest, false);
|
||||
|
||||
uint32_t aCheckURIFlags =
|
||||
nsIScriptSecurityManager::DISALLOW_INHERIT_PRINCIPAL |
|
||||
nsIScriptSecurityManager::DISALLOW_SCRIPT;
|
||||
|
||||
nsresult rv = nsContentUtils::GetSecurityManager()->
|
||||
CheckLoadURIWithPrincipal(mPrincipal,
|
||||
srcToTest,
|
||||
aCheckURIFlags);
|
||||
isValidURI = NS_SUCCEEDED(rv);
|
||||
|
||||
// After the security manager, the content-policy check
|
||||
|
||||
nsIScriptContext* sc = GetContextForEventHandlers(&rv);
|
||||
nsCOMPtr<nsIDocument> doc =
|
||||
nsContentUtils::GetDocumentFromScriptContext(sc);
|
||||
|
||||
// mScriptContext should be initialized because of GetBaseURI() above.
|
||||
// Still need to consider the case that doc is nullptr however.
|
||||
rv = CheckInnerWindowCorrectness();
|
||||
NS_ENSURE_SUCCESS(rv, false);
|
||||
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
|
||||
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_DATAREQUEST,
|
||||
srcToTest,
|
||||
mPrincipal,
|
||||
doc,
|
||||
NS_LITERAL_CSTRING(TEXT_EVENT_STREAM),
|
||||
nullptr, // extra
|
||||
&shouldLoad,
|
||||
nsContentUtils::GetContentPolicy(),
|
||||
nsContentUtils::GetSecurityManager());
|
||||
isValidContentLoadPolicy = NS_SUCCEEDED(rv) && NS_CP_ACCEPTED(shouldLoad);
|
||||
|
||||
nsAutoCString targetURIScheme;
|
||||
rv = srcToTest->GetScheme(targetURIScheme);
|
||||
if (NS_SUCCEEDED(rv)) {
|
||||
// We only have the http support for now
|
||||
isValidProtocol = targetURIScheme.EqualsLiteral("http") ||
|
||||
targetURIScheme.EqualsLiteral("https");
|
||||
}
|
||||
|
||||
return isValidURI && isValidContentLoadPolicy && isValidProtocol;
|
||||
}
|
||||
|
||||
// static
|
||||
void
|
||||
EventSource::TimerCallback(nsITimer* aTimer, void* aClosure)
|
||||
|
||||
@@ -145,7 +145,6 @@ protected:
|
||||
nsresult ResetEvent();
|
||||
nsresult DispatchCurrentMessageEvent();
|
||||
nsresult ParseCharacter(char16_t aChr);
|
||||
bool CheckCanRequestSrc(nsIURI* aSrc = nullptr); // if null, it tests mSrc
|
||||
nsresult CheckHealthOfRequestCallback(nsIRequest *aRequestCallback);
|
||||
nsresult OnRedirectVerifyCallback(nsresult result);
|
||||
|
||||
|
||||
+33
-77
@@ -68,7 +68,6 @@
|
||||
#include "nsComponentManagerUtils.h"
|
||||
#include "nsIStringStream.h"
|
||||
#include "nsIHttpChannel.h"
|
||||
#include "nsIHttpChannelInternal.h"
|
||||
#include "TimeManager.h"
|
||||
#include "DeviceStorage.h"
|
||||
#include "nsIDOMNavigatorSystemMessages.h"
|
||||
@@ -76,8 +75,6 @@
|
||||
#include "nsIAppsService.h"
|
||||
#include "mozIApplication.h"
|
||||
#include "WidgetUtils.h"
|
||||
#include "mozIThirdPartyUtil.h"
|
||||
#include "nsINetworkInterceptController.h"
|
||||
|
||||
#ifdef MOZ_MEDIA_NAVIGATOR
|
||||
#include "mozilla/dom/MediaDevices.h"
|
||||
@@ -107,7 +104,6 @@
|
||||
|
||||
#include "nsIUploadChannel2.h"
|
||||
#include "nsFormData.h"
|
||||
#include "nsIPrivateBrowsingChannel.h"
|
||||
#include "nsIDocShell.h"
|
||||
|
||||
#include "WorkerPrivate.h"
|
||||
@@ -1030,22 +1026,32 @@ class BeaconStreamListener final : public nsIStreamListener
|
||||
~BeaconStreamListener() {}
|
||||
|
||||
public:
|
||||
BeaconStreamListener() {}
|
||||
BeaconStreamListener() : mLoadGroup(nullptr) {}
|
||||
|
||||
void SetLoadGroup(nsILoadGroup* aLoadGroup) {
|
||||
mLoadGroup = aLoadGroup;
|
||||
}
|
||||
|
||||
NS_DECL_ISUPPORTS
|
||||
NS_DECL_NSISTREAMLISTENER
|
||||
NS_DECL_NSIREQUESTOBSERVER
|
||||
|
||||
private:
|
||||
nsCOMPtr<nsILoadGroup> mLoadGroup;
|
||||
|
||||
};
|
||||
|
||||
NS_IMPL_ISUPPORTS(BeaconStreamListener,
|
||||
nsIStreamListener,
|
||||
nsIRequestObserver)
|
||||
|
||||
|
||||
NS_IMETHODIMP
|
||||
BeaconStreamListener::OnStartRequest(nsIRequest *aRequest,
|
||||
nsISupports *aContext)
|
||||
{
|
||||
// release the loadgroup first
|
||||
mLoadGroup = nullptr;
|
||||
|
||||
aRequest->Cancel(NS_ERROR_NET_INTERRUPT);
|
||||
return NS_BINDING_ABORTED;
|
||||
}
|
||||
@@ -1102,34 +1108,10 @@ Navigator::SendBeacon(const nsAString& aUrl,
|
||||
return false;
|
||||
}
|
||||
|
||||
// Check whether this is a sane URI to load
|
||||
// Explicitly disallow things like chrome:, javascript:, and data: URIs
|
||||
nsCOMPtr<nsIPrincipal> principal = doc->NodePrincipal();
|
||||
nsCOMPtr<nsIScriptSecurityManager> secMan = nsContentUtils::GetSecurityManager();
|
||||
uint32_t flags = nsIScriptSecurityManager::DISALLOW_INHERIT_PRINCIPAL
|
||||
& nsIScriptSecurityManager::DISALLOW_SCRIPT;
|
||||
rv = secMan->CheckLoadURIWithPrincipal(principal,
|
||||
uri,
|
||||
flags);
|
||||
if (NS_FAILED(rv)) {
|
||||
// Bad URI
|
||||
aRv.Throw(rv);
|
||||
return false;
|
||||
}
|
||||
|
||||
// Check whether the CSP allows us to load
|
||||
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
|
||||
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_BEACON,
|
||||
uri,
|
||||
principal,
|
||||
doc,
|
||||
EmptyCString(), //mime guess
|
||||
nullptr, //extra
|
||||
&shouldLoad,
|
||||
nsContentUtils::GetContentPolicy(),
|
||||
nsContentUtils::GetSecurityManager());
|
||||
if (NS_FAILED(rv) || NS_CP_REJECTED(shouldLoad)) {
|
||||
// Disallowed by content policy
|
||||
// Explicitly disallow loading data: URIs
|
||||
bool isDataScheme = false;
|
||||
rv = uri->SchemeIs("data", &isDataScheme);
|
||||
if (NS_FAILED(rv) || isDataScheme) {
|
||||
aRv.Throw(NS_ERROR_CONTENT_BLOCKED);
|
||||
return false;
|
||||
}
|
||||
@@ -1138,7 +1120,7 @@ Navigator::SendBeacon(const nsAString& aUrl,
|
||||
rv = NS_NewChannel(getter_AddRefs(channel),
|
||||
uri,
|
||||
doc,
|
||||
nsILoadInfo::SEC_NORMAL,
|
||||
nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS,
|
||||
nsIContentPolicy::TYPE_BEACON);
|
||||
|
||||
if (NS_FAILED(rv)) {
|
||||
@@ -1146,18 +1128,6 @@ Navigator::SendBeacon(const nsAString& aUrl,
|
||||
return false;
|
||||
}
|
||||
|
||||
nsIDocShell* docShell = mWindow->GetDocShell();
|
||||
nsCOMPtr<nsIPrivateBrowsingChannel> pbChannel = do_QueryInterface(channel);
|
||||
if (pbChannel) {
|
||||
nsCOMPtr<nsILoadContext> loadContext = do_QueryInterface(docShell);
|
||||
if (loadContext) {
|
||||
rv = pbChannel->SetPrivate(loadContext->UsePrivateBrowsing());
|
||||
if (NS_FAILED(rv)) {
|
||||
NS_WARNING("Setting the privacy status on the beacon channel failed");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(channel);
|
||||
if (!httpChannel) {
|
||||
// Beacon spec only supports HTTP requests at this time
|
||||
@@ -1166,25 +1136,6 @@ Navigator::SendBeacon(const nsAString& aUrl,
|
||||
}
|
||||
httpChannel->SetReferrer(documentURI);
|
||||
|
||||
// Anything that will need to refer to the window during the request
|
||||
// will need to be done now. For example, detection of whether any
|
||||
// cookies set by this request are foreign. Note that ThirdPartyUtil
|
||||
// (nsIThirdPartyUtil.isThirdPartyChannel) does a secondary check between
|
||||
// the channel URI and the cookie URI even when forceAllowThirdPartyCookie
|
||||
// is set, so this is safe with regard to redirects.
|
||||
nsCOMPtr<nsIHttpChannelInternal> httpChannelInternal(do_QueryInterface(channel));
|
||||
nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil = do_GetService(THIRDPARTYUTIL_CONTRACTID);
|
||||
if (!httpChannelInternal) {
|
||||
aRv.Throw(NS_ERROR_DOM_BAD_URI);
|
||||
return false;
|
||||
}
|
||||
bool isForeign = true;
|
||||
thirdPartyUtil->IsThirdPartyWindow(mWindow, uri, &isForeign);
|
||||
uint32_t thirdPartyFlags = isForeign ?
|
||||
0 :
|
||||
nsIHttpChannelInternal::THIRD_PARTY_FORCE_ALLOW;
|
||||
httpChannelInternal->SetThirdPartyFlags(thirdPartyFlags);
|
||||
|
||||
nsCString mimeType;
|
||||
if (!aData.IsNull()) {
|
||||
nsCOMPtr<nsIInputStream> in;
|
||||
@@ -1271,17 +1222,18 @@ Navigator::SendBeacon(const nsAString& aUrl,
|
||||
cos->AddClassFlags(nsIClassOfService::Background);
|
||||
}
|
||||
|
||||
nsRefPtr<nsCORSListenerProxy> cors = new nsCORSListenerProxy(new BeaconStreamListener(),
|
||||
principal,
|
||||
true);
|
||||
// The channel needs to have a loadgroup associated with it, so that we can
|
||||
// cancel the channel and any redirected channels it may create.
|
||||
nsCOMPtr<nsILoadGroup> loadGroup = do_CreateInstance(NS_LOADGROUP_CONTRACTID);
|
||||
nsCOMPtr<nsIInterfaceRequestor> callbacks =
|
||||
do_QueryInterface(mWindow->GetDocShell());
|
||||
loadGroup->SetNotificationCallbacks(callbacks);
|
||||
channel->SetLoadGroup(loadGroup);
|
||||
|
||||
rv = cors->Init(channel, DataURIHandling::Allow);
|
||||
NS_ENSURE_SUCCESS(rv, false);
|
||||
|
||||
nsCOMPtr<nsINetworkInterceptController> interceptController = do_QueryInterface(docShell);
|
||||
cors->SetInterceptController(interceptController);
|
||||
nsRefPtr<BeaconStreamListener> beaconListener = new BeaconStreamListener();
|
||||
|
||||
// Start a preflight if cross-origin and content type is not whitelisted
|
||||
nsCOMPtr<nsIScriptSecurityManager> secMan = nsContentUtils::GetSecurityManager();
|
||||
rv = secMan->CheckSameOriginURI(documentURI, uri, false);
|
||||
bool crossOrigin = NS_FAILED(rv);
|
||||
nsAutoCString contentType, parsedCharset;
|
||||
@@ -1301,18 +1253,22 @@ Navigator::SendBeacon(const nsAString& aUrl,
|
||||
nsTArray<nsCString> unsafeHeaders;
|
||||
unsafeHeaders.AppendElement(NS_LITERAL_CSTRING("Content-Type"));
|
||||
rv = NS_StartCORSPreflight(channel,
|
||||
cors,
|
||||
principal,
|
||||
beaconListener,
|
||||
doc->NodePrincipal(),
|
||||
true,
|
||||
unsafeHeaders,
|
||||
getter_AddRefs(preflightChannel));
|
||||
} else {
|
||||
rv = channel->AsyncOpen(cors, nullptr);
|
||||
rv = channel->AsyncOpen2(beaconListener);
|
||||
}
|
||||
if (NS_FAILED(rv)) {
|
||||
aRv.Throw(rv);
|
||||
return false;
|
||||
}
|
||||
// make the beaconListener hold a strong reference to the loadgroup
|
||||
// which is released in ::OnStartRequest
|
||||
beaconListener->SetLoadGroup(loadGroup);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
@@ -74,7 +74,7 @@ nsContentPolicy::~nsContentPolicy()
|
||||
inline nsresult
|
||||
nsContentPolicy::CheckPolicy(CPMethod policyMethod,
|
||||
SCPMethod simplePolicyMethod,
|
||||
uint32_t contentType,
|
||||
nsContentPolicyType contentType,
|
||||
nsIURI *contentLocation,
|
||||
nsIURI *requestingLocation,
|
||||
nsISupports *requestingContext,
|
||||
@@ -141,7 +141,7 @@ nsContentPolicy::CheckPolicy(CPMethod policyMethod,
|
||||
int32_t count = entries.Count();
|
||||
for (int32_t i = 0; i < count; i++) {
|
||||
/* check the appropriate policy */
|
||||
rv = (entries[i]->*policyMethod)(contentType, contentLocation,
|
||||
rv = (entries[i]->*policyMethod)(externalType, contentLocation,
|
||||
requestingLocation, requestingContext,
|
||||
mimeType, extra, requestPrincipal,
|
||||
decision);
|
||||
@@ -186,7 +186,7 @@ nsContentPolicy::CheckPolicy(CPMethod policyMethod,
|
||||
count = simpleEntries.Count();
|
||||
for (int32_t i = 0; i < count; i++) {
|
||||
/* check the appropriate policy */
|
||||
rv = (simpleEntries[i]->*simplePolicyMethod)(contentType, contentLocation,
|
||||
rv = (simpleEntries[i]->*simplePolicyMethod)(externalType, contentLocation,
|
||||
requestingLocation,
|
||||
topFrameElement, isTopLevel,
|
||||
mimeType, extra, requestPrincipal,
|
||||
|
||||
@@ -49,7 +49,7 @@ class nsContentPolicy : public nsIContentPolicy
|
||||
//Helper method that applies policyMethod across all policies in mPolicies
|
||||
// with the given parameters
|
||||
nsresult CheckPolicy(CPMethod policyMethod, SCPMethod simplePolicyMethod,
|
||||
uint32_t contentType,
|
||||
nsContentPolicyType contentType,
|
||||
nsIURI *aURI, nsIURI *origURI,
|
||||
nsISupports *requestingContext,
|
||||
const nsACString &mimeGuess, nsISupports *extra,
|
||||
|
||||
@@ -93,28 +93,38 @@ inline const char *
|
||||
NS_CP_ContentTypeName(uint32_t contentType)
|
||||
{
|
||||
switch (contentType) {
|
||||
CASE_RETURN( TYPE_OTHER );
|
||||
CASE_RETURN( TYPE_SCRIPT );
|
||||
CASE_RETURN( TYPE_IMAGE );
|
||||
CASE_RETURN( TYPE_STYLESHEET );
|
||||
CASE_RETURN( TYPE_OBJECT );
|
||||
CASE_RETURN( TYPE_DOCUMENT );
|
||||
CASE_RETURN( TYPE_SUBDOCUMENT );
|
||||
CASE_RETURN( TYPE_REFRESH );
|
||||
CASE_RETURN( TYPE_XBL );
|
||||
CASE_RETURN( TYPE_PING );
|
||||
CASE_RETURN( TYPE_XMLHTTPREQUEST );
|
||||
CASE_RETURN( TYPE_OBJECT_SUBREQUEST );
|
||||
CASE_RETURN( TYPE_DTD );
|
||||
CASE_RETURN( TYPE_FONT );
|
||||
CASE_RETURN( TYPE_MEDIA );
|
||||
CASE_RETURN( TYPE_WEBSOCKET );
|
||||
CASE_RETURN( TYPE_CSP_REPORT );
|
||||
CASE_RETURN( TYPE_XSLT );
|
||||
CASE_RETURN( TYPE_BEACON );
|
||||
CASE_RETURN( TYPE_FETCH );
|
||||
CASE_RETURN( TYPE_IMAGESET );
|
||||
CASE_RETURN( TYPE_WEB_MANIFEST );
|
||||
CASE_RETURN( TYPE_OTHER );
|
||||
CASE_RETURN( TYPE_SCRIPT );
|
||||
CASE_RETURN( TYPE_IMAGE );
|
||||
CASE_RETURN( TYPE_STYLESHEET );
|
||||
CASE_RETURN( TYPE_OBJECT );
|
||||
CASE_RETURN( TYPE_DOCUMENT );
|
||||
CASE_RETURN( TYPE_SUBDOCUMENT );
|
||||
CASE_RETURN( TYPE_REFRESH );
|
||||
CASE_RETURN( TYPE_XBL );
|
||||
CASE_RETURN( TYPE_PING );
|
||||
CASE_RETURN( TYPE_XMLHTTPREQUEST );
|
||||
CASE_RETURN( TYPE_OBJECT_SUBREQUEST );
|
||||
CASE_RETURN( TYPE_DTD );
|
||||
CASE_RETURN( TYPE_FONT );
|
||||
CASE_RETURN( TYPE_MEDIA );
|
||||
CASE_RETURN( TYPE_WEBSOCKET );
|
||||
CASE_RETURN( TYPE_CSP_REPORT );
|
||||
CASE_RETURN( TYPE_XSLT );
|
||||
CASE_RETURN( TYPE_BEACON );
|
||||
CASE_RETURN( TYPE_FETCH );
|
||||
CASE_RETURN( TYPE_IMAGESET );
|
||||
CASE_RETURN( TYPE_WEB_MANIFEST );
|
||||
CASE_RETURN( TYPE_INTERNAL_SCRIPT );
|
||||
CASE_RETURN( TYPE_INTERNAL_WORKER );
|
||||
CASE_RETURN( TYPE_INTERNAL_SHARED_WORKER );
|
||||
CASE_RETURN( TYPE_INTERNAL_EMBED );
|
||||
CASE_RETURN( TYPE_INTERNAL_OBJECT );
|
||||
CASE_RETURN( TYPE_INTERNAL_FRAME );
|
||||
CASE_RETURN( TYPE_INTERNAL_IFRAME );
|
||||
CASE_RETURN( TYPE_INTERNAL_AUDIO );
|
||||
CASE_RETURN( TYPE_INTERNAL_VIDEO );
|
||||
CASE_RETURN( TYPE_INTERNAL_TRACK );
|
||||
default:
|
||||
return "<Unknown Type>";
|
||||
}
|
||||
|
||||
+32
-44
@@ -7399,48 +7399,6 @@ nsContentUtils::CallOnAllRemoteChildren(nsIDOMWindow* aWindow,
|
||||
}
|
||||
}
|
||||
|
||||
/* static */
|
||||
nsContentPolicyType
|
||||
nsContentUtils::InternalContentPolicyTypeToExternal(nsContentPolicyType aType)
|
||||
{
|
||||
switch (aType) {
|
||||
case nsIContentPolicy::TYPE_INTERNAL_SCRIPT:
|
||||
case nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD:
|
||||
case nsIContentPolicy::TYPE_INTERNAL_WORKER:
|
||||
case nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER:
|
||||
case nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER:
|
||||
return nsIContentPolicy::TYPE_SCRIPT;
|
||||
|
||||
case nsIContentPolicy::TYPE_INTERNAL_EMBED:
|
||||
case nsIContentPolicy::TYPE_INTERNAL_OBJECT:
|
||||
return nsIContentPolicy::TYPE_OBJECT;
|
||||
|
||||
case nsIContentPolicy::TYPE_INTERNAL_FRAME:
|
||||
case nsIContentPolicy::TYPE_INTERNAL_IFRAME:
|
||||
return nsIContentPolicy::TYPE_SUBDOCUMENT;
|
||||
|
||||
case nsIContentPolicy::TYPE_INTERNAL_AUDIO:
|
||||
case nsIContentPolicy::TYPE_INTERNAL_VIDEO:
|
||||
case nsIContentPolicy::TYPE_INTERNAL_TRACK:
|
||||
return nsIContentPolicy::TYPE_MEDIA;
|
||||
|
||||
case nsIContentPolicy::TYPE_INTERNAL_XMLHTTPREQUEST:
|
||||
case nsIContentPolicy::TYPE_INTERNAL_EVENTSOURCE:
|
||||
return nsIContentPolicy::TYPE_XMLHTTPREQUEST;
|
||||
|
||||
case nsIContentPolicy::TYPE_INTERNAL_IMAGE:
|
||||
case nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD:
|
||||
return nsIContentPolicy::TYPE_IMAGE;
|
||||
|
||||
case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET:
|
||||
case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD:
|
||||
return nsIContentPolicy::TYPE_STYLESHEET;
|
||||
|
||||
default:
|
||||
return aType;
|
||||
}
|
||||
}
|
||||
|
||||
/* static */
|
||||
nsContentPolicyType
|
||||
nsContentUtils::InternalContentPolicyTypeToExternalOrMCBInternal(nsContentPolicyType aType)
|
||||
@@ -7669,7 +7627,9 @@ nsContentUtils::GetSurfaceData(mozilla::gfx::DataSourceSurface* aSurface,
|
||||
size_t* aLength, int32_t* aStride)
|
||||
{
|
||||
mozilla::gfx::DataSourceSurface::MappedSurface map;
|
||||
aSurface->Map(mozilla::gfx::DataSourceSurface::MapType::READ, &map);
|
||||
if (NS_WARN_IF(!aSurface->Map(mozilla::gfx::DataSourceSurface::MapType::READ, &map))) {
|
||||
return nullptr;
|
||||
}
|
||||
mozilla::gfx::IntSize size = aSurface->GetSize();
|
||||
mozilla::CheckedInt32 requiredBytes =
|
||||
mozilla::CheckedInt32(map.mStride) * mozilla::CheckedInt32(size.height);
|
||||
@@ -8056,6 +8016,34 @@ nsContentUtils::GetWindowRoot(nsIDocument* aDoc)
|
||||
}
|
||||
|
||||
|
||||
/* static */
|
||||
nsContentPolicyType
|
||||
nsContentUtils::InternalContentPolicyTypeToExternal(nsContentPolicyType aType)
|
||||
{
|
||||
switch (aType) {
|
||||
case nsIContentPolicy::TYPE_INTERNAL_SCRIPT:
|
||||
case nsIContentPolicy::TYPE_INTERNAL_WORKER:
|
||||
case nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER:
|
||||
return nsIContentPolicy::TYPE_SCRIPT;
|
||||
|
||||
case nsIContentPolicy::TYPE_INTERNAL_EMBED:
|
||||
case nsIContentPolicy::TYPE_INTERNAL_OBJECT:
|
||||
return nsIContentPolicy::TYPE_OBJECT;
|
||||
|
||||
case nsIContentPolicy::TYPE_INTERNAL_FRAME:
|
||||
case nsIContentPolicy::TYPE_INTERNAL_IFRAME:
|
||||
return nsIContentPolicy::TYPE_SUBDOCUMENT;
|
||||
|
||||
case nsIContentPolicy::TYPE_INTERNAL_AUDIO:
|
||||
case nsIContentPolicy::TYPE_INTERNAL_VIDEO:
|
||||
case nsIContentPolicy::TYPE_INTERNAL_TRACK:
|
||||
return nsIContentPolicy::TYPE_MEDIA;
|
||||
|
||||
default:
|
||||
return aType;
|
||||
}
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsContentUtils::SetFetchReferrerURIWithPolicy(nsIPrincipal* aPrincipal,
|
||||
nsIDocument* aDoc,
|
||||
@@ -8104,4 +8092,4 @@ nsContentUtils::SetFetchReferrerURIWithPolicy(nsIPrincipal* aPrincipal,
|
||||
|
||||
net::ReferrerPolicy referrerPolicy = aDoc->GetReferrerPolicy();
|
||||
return aChannel->SetReferrerWithPolicy(referrerURI, referrerPolicy);
|
||||
}
|
||||
}
|
||||
|
||||
+6
-41
@@ -1273,57 +1273,22 @@ nsExternalResourceMap::PendingLoad::StartLoad(nsIURI* aURI,
|
||||
NS_PRECONDITION(aURI, "Must have a URI");
|
||||
NS_PRECONDITION(aRequestingNode, "Must have a node");
|
||||
|
||||
// Time to start a load. First, the security checks.
|
||||
nsCOMPtr<nsILoadGroup> loadGroup =
|
||||
aRequestingNode->OwnerDoc()->GetDocumentLoadGroup();
|
||||
|
||||
nsIPrincipal* requestingPrincipal = aRequestingNode->NodePrincipal();
|
||||
|
||||
nsresult rv = nsContentUtils::GetSecurityManager()->
|
||||
CheckLoadURIWithPrincipal(requestingPrincipal, aURI,
|
||||
nsIScriptSecurityManager::STANDARD);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Allow data URIs and other URI's that inherit their principal by passing
|
||||
// true as the 3rd argument of CheckMayLoad, since we want
|
||||
// to allow external resources from data URIs regardless of the difference
|
||||
// in URI scheme.
|
||||
rv = requestingPrincipal->CheckMayLoad(aURI, true, true);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
|
||||
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_OTHER,
|
||||
aURI,
|
||||
requestingPrincipal,
|
||||
aRequestingNode,
|
||||
EmptyCString(), //mime guess
|
||||
nullptr, //extra
|
||||
&shouldLoad,
|
||||
nsContentUtils::GetContentPolicy(),
|
||||
nsContentUtils::GetSecurityManager());
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
if (NS_CP_REJECTED(shouldLoad)) {
|
||||
// Disallowed by content policy
|
||||
return NS_ERROR_CONTENT_BLOCKED;
|
||||
}
|
||||
|
||||
nsIDocument* doc = aRequestingNode->OwnerDoc();
|
||||
|
||||
nsCOMPtr<nsIInterfaceRequestor> req = nsContentUtils::SameOriginChecker();
|
||||
|
||||
nsCOMPtr<nsILoadGroup> loadGroup = doc->GetDocumentLoadGroup();
|
||||
nsresult rv = NS_OK;
|
||||
nsCOMPtr<nsIChannel> channel;
|
||||
rv = NS_NewChannel(getter_AddRefs(channel),
|
||||
aURI,
|
||||
aRequestingNode,
|
||||
nsILoadInfo::SEC_NORMAL,
|
||||
nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS,
|
||||
nsIContentPolicy::TYPE_OTHER,
|
||||
loadGroup,
|
||||
req); // aCallbacks
|
||||
|
||||
loadGroup);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
mURI = aURI;
|
||||
|
||||
return channel->AsyncOpen(this, nullptr);
|
||||
return channel->AsyncOpen2(this);
|
||||
}
|
||||
|
||||
NS_IMPL_ISUPPORTS(nsExternalResourceMap::LoadgroupCallbacks,
|
||||
|
||||
@@ -20,7 +20,7 @@ interface nsIPrincipal;
|
||||
* by launching a dialog to prompt the user for something).
|
||||
*/
|
||||
|
||||
[scriptable,uuid(cb978019-0c5b-4067-abb6-c914461208c1)]
|
||||
[scriptable,uuid(b545899e-42bd-434c-8fec-a0af3448ea15)]
|
||||
interface nsIContentPolicy : nsIContentPolicyBase
|
||||
{
|
||||
/**
|
||||
|
||||
@@ -24,7 +24,7 @@ typedef unsigned long nsContentPolicyType;
|
||||
* by launching a dialog to prompt the user for something).
|
||||
*/
|
||||
|
||||
[scriptable,uuid(21bb54b0-ab3c-11e4-bcd8-0800200c9a66)]
|
||||
[scriptable,uuid(11b8d725-7c2b-429e-b51f-8b5b542d5009)]
|
||||
interface nsIContentPolicyBase : nsISupports
|
||||
{
|
||||
/**
|
||||
@@ -57,6 +57,10 @@ interface nsIContentPolicyBase : nsISupports
|
||||
* Implementations of nsIContentPolicy should treat this the same way they
|
||||
* treat unknown types, because existing users of TYPE_OTHER may be converted
|
||||
* to use new content types.
|
||||
*
|
||||
* Note that the TYPE_INTERNAL_* constants are never passed to content
|
||||
* policy implementations. They are mapped to other TYPE_* constants, and
|
||||
* are only intended for internal usage inside Gecko.
|
||||
*/
|
||||
const nsContentPolicyType TYPE_OTHER = 1;
|
||||
|
||||
|
||||
@@ -28,7 +28,7 @@ interface nsIDOMElement;
|
||||
* by launching a dialog to prompt the user for something).
|
||||
*/
|
||||
|
||||
[scriptable,uuid(704b4b8e-2287-498a-9c0a-d1bde547a2d4)]
|
||||
[scriptable,uuid(b181c97c-9d67-4da1-95a0-e0a202e1807c)]
|
||||
interface nsISimpleContentPolicy : nsIContentPolicyBase
|
||||
{
|
||||
/**
|
||||
|
||||
@@ -1161,25 +1161,6 @@ nsresult HTMLMediaElement::LoadResource()
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
MOZ_ASSERT(IsAnyOfHTMLElements(nsGkAtoms::audio, nsGkAtoms::video));
|
||||
nsContentPolicyType contentPolicyType = IsHTMLElement(nsGkAtoms::audio) ?
|
||||
nsIContentPolicy::TYPE_INTERNAL_AUDIO : nsIContentPolicy::TYPE_INTERNAL_VIDEO;
|
||||
|
||||
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
|
||||
nsresult rv = NS_CheckContentLoadPolicy(contentPolicyType,
|
||||
mLoadingSrc,
|
||||
NodePrincipal(),
|
||||
static_cast<Element*>(this),
|
||||
EmptyCString(), // mime type
|
||||
nullptr, // extra
|
||||
&shouldLoad,
|
||||
nsContentUtils::GetContentPolicy(),
|
||||
nsContentUtils::GetSecurityManager());
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
if (NS_CP_REJECTED(shouldLoad)) {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
// Set the media element's CORS mode only when loading a resource
|
||||
mCORSMode = AttrValueToCORSMode(GetParsedAttr(nsGkAtoms::crossorigin));
|
||||
|
||||
@@ -1193,7 +1174,7 @@ nsresult HTMLMediaElement::LoadResource()
|
||||
|
||||
if (IsMediaStreamURI(mLoadingSrc)) {
|
||||
nsRefPtr<DOMMediaStream> stream;
|
||||
rv = NS_GetStreamForMediaStreamURI(mLoadingSrc, getter_AddRefs(stream));
|
||||
nsresult rv = NS_GetStreamForMediaStreamURI(mLoadingSrc, getter_AddRefs(stream));
|
||||
if (NS_FAILED(rv)) {
|
||||
nsCString specUTF8;
|
||||
mLoadingSrc->GetSpec(specUTF8);
|
||||
@@ -1208,7 +1189,7 @@ nsresult HTMLMediaElement::LoadResource()
|
||||
|
||||
if (IsMediaSourceURI(mLoadingSrc)) {
|
||||
nsRefPtr<MediaSource> source;
|
||||
rv = NS_GetSourceForMediaSourceURI(mLoadingSrc, getter_AddRefs(source));
|
||||
nsresult rv = NS_GetSourceForMediaSourceURI(mLoadingSrc, getter_AddRefs(source));
|
||||
if (NS_FAILED(rv)) {
|
||||
nsCString specUTF8;
|
||||
mLoadingSrc->GetSpec(specUTF8);
|
||||
@@ -1235,27 +1216,31 @@ nsresult HTMLMediaElement::LoadResource()
|
||||
return FinishDecoderSetup(decoder, resource, nullptr, nullptr);
|
||||
}
|
||||
|
||||
nsSecurityFlags securityFlags = nsILoadInfo::SEC_NORMAL;
|
||||
if (nsContentUtils::ChannelShouldInheritPrincipal(NodePrincipal(),
|
||||
mLoadingSrc,
|
||||
false, // aInheritForAboutBlank
|
||||
false // aForceInherit
|
||||
)) {
|
||||
securityFlags = nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
|
||||
// determine what security checks need to be performed in AsyncOpen2().
|
||||
nsSecurityFlags securityFlags =
|
||||
ShouldCheckAllowOrigin() ? nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS :
|
||||
nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS;
|
||||
|
||||
if (GetCORSMode() == CORS_USE_CREDENTIALS) {
|
||||
securityFlags |= nsILoadInfo::SEC_REQUIRE_CORS_WITH_CREDENTIALS;
|
||||
}
|
||||
|
||||
MOZ_ASSERT(IsAnyOfHTMLElements(nsGkAtoms::audio, nsGkAtoms::video));
|
||||
nsContentPolicyType contentPolicyType = IsHTMLElement(nsGkAtoms::audio) ?
|
||||
nsIContentPolicy::TYPE_INTERNAL_AUDIO : nsIContentPolicy::TYPE_INTERNAL_VIDEO;
|
||||
|
||||
nsCOMPtr<nsILoadGroup> loadGroup = GetDocumentLoadGroup();
|
||||
nsCOMPtr<nsIChannel> channel;
|
||||
rv = NS_NewChannel(getter_AddRefs(channel),
|
||||
mLoadingSrc,
|
||||
static_cast<Element*>(this),
|
||||
securityFlags,
|
||||
contentPolicyType,
|
||||
loadGroup,
|
||||
nullptr, // aCallbacks
|
||||
nsICachingChannel::LOAD_BYPASS_LOCAL_CACHE_IF_BUSY |
|
||||
nsIChannel::LOAD_MEDIA_SNIFFER_OVERRIDES_CONTENT_TYPE |
|
||||
nsIChannel::LOAD_CALL_CONTENT_SNIFFERS);
|
||||
nsresult rv = NS_NewChannel(getter_AddRefs(channel),
|
||||
mLoadingSrc,
|
||||
static_cast<Element*>(this),
|
||||
securityFlags,
|
||||
contentPolicyType,
|
||||
loadGroup,
|
||||
nullptr, // aCallbacks
|
||||
nsICachingChannel::LOAD_BYPASS_LOCAL_CACHE_IF_BUSY |
|
||||
nsIChannel::LOAD_MEDIA_SNIFFER_OVERRIDES_CONTENT_TYPE |
|
||||
nsIChannel::LOAD_CALL_CONTENT_SNIFFERS);
|
||||
|
||||
NS_ENSURE_SUCCESS(rv,rv);
|
||||
|
||||
@@ -1269,24 +1254,6 @@ nsresult HTMLMediaElement::LoadResource()
|
||||
|
||||
channel->SetNotificationCallbacks(loadListener);
|
||||
|
||||
nsCOMPtr<nsIStreamListener> listener;
|
||||
if (ShouldCheckAllowOrigin()) {
|
||||
nsRefPtr<nsCORSListenerProxy> corsListener =
|
||||
new nsCORSListenerProxy(loadListener,
|
||||
NodePrincipal(),
|
||||
GetCORSMode() == CORS_USE_CREDENTIALS);
|
||||
rv = corsListener->Init(channel, DataURIHandling::Allow);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
listener = corsListener;
|
||||
} else {
|
||||
rv = nsContentUtils::GetSecurityManager()->
|
||||
CheckLoadURIWithPrincipal(NodePrincipal(),
|
||||
mLoadingSrc,
|
||||
nsIScriptSecurityManager::STANDARD);
|
||||
listener = loadListener;
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIHttpChannel> hc = do_QueryInterface(channel);
|
||||
if (hc) {
|
||||
// Use a byte range request from the start of the resource.
|
||||
@@ -1299,7 +1266,7 @@ nsresult HTMLMediaElement::LoadResource()
|
||||
SetRequestHeaders(hc);
|
||||
}
|
||||
|
||||
rv = channel->AsyncOpen(listener, nullptr);
|
||||
rv = channel->AsyncOpen2(loadListener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Else the channel must be open and starting to download. If it encounters
|
||||
|
||||
@@ -203,26 +203,6 @@ HTMLTrackElement::LoadResource()
|
||||
mChannel = nullptr;
|
||||
}
|
||||
|
||||
rv = nsContentUtils::GetSecurityManager()->
|
||||
CheckLoadURIWithPrincipal(NodePrincipal(), uri,
|
||||
nsIScriptSecurityManager::STANDARD);
|
||||
NS_ENSURE_TRUE_VOID(NS_SUCCEEDED(rv));
|
||||
|
||||
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
|
||||
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_INTERNAL_TRACK,
|
||||
uri,
|
||||
NodePrincipal(),
|
||||
static_cast<Element*>(this),
|
||||
NS_LITERAL_CSTRING("text/vtt"), // mime type
|
||||
nullptr, // extra
|
||||
&shouldLoad,
|
||||
nsContentUtils::GetContentPolicy(),
|
||||
nsContentUtils::GetSecurityManager());
|
||||
NS_ENSURE_TRUE_VOID(NS_SUCCEEDED(rv));
|
||||
if (NS_CP_REJECTED(shouldLoad)) {
|
||||
return;
|
||||
}
|
||||
|
||||
// We may already have a TextTrack at this point if GetTrack() has already
|
||||
// been called. This happens, for instance, if script tries to get the
|
||||
// TextTrack before its mTrackElement has been bound to the DOM tree.
|
||||
@@ -235,7 +215,7 @@ HTMLTrackElement::LoadResource()
|
||||
rv = NS_NewChannel(getter_AddRefs(channel),
|
||||
uri,
|
||||
static_cast<Element*>(this),
|
||||
nsILoadInfo::SEC_NORMAL,
|
||||
nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS,
|
||||
nsIContentPolicy::TYPE_INTERNAL_TRACK,
|
||||
loadGroup);
|
||||
|
||||
@@ -247,7 +227,7 @@ HTMLTrackElement::LoadResource()
|
||||
channel->SetNotificationCallbacks(mListener);
|
||||
|
||||
LOG(LogLevel::Debug, ("opening webvtt channel"));
|
||||
rv = channel->AsyncOpen(mListener, nullptr);
|
||||
rv = channel->AsyncOpen2(mListener);
|
||||
NS_ENSURE_TRUE_VOID(NS_SUCCEEDED(rv));
|
||||
|
||||
mChannel = channel;
|
||||
|
||||
@@ -3102,7 +3102,9 @@ public:
|
||||
NS_IMETHOD GetContentLength(int64_t*) NO_IMPL
|
||||
NS_IMETHOD SetContentLength(int64_t) NO_IMPL
|
||||
NS_IMETHOD Open(nsIInputStream**) NO_IMPL
|
||||
NS_IMETHOD Open2(nsIInputStream**) NO_IMPL
|
||||
NS_IMETHOD AsyncOpen(nsIStreamListener*, nsISupports*) NO_IMPL
|
||||
NS_IMETHOD AsyncOpen2(nsIStreamListener*) NO_IMPL
|
||||
NS_IMETHOD GetContentDisposition(uint32_t*) NO_IMPL
|
||||
NS_IMETHOD SetContentDisposition(uint32_t) NO_IMPL
|
||||
NS_IMETHOD GetContentDispositionFilename(nsAString&) NO_IMPL
|
||||
|
||||
@@ -50,6 +50,7 @@
|
||||
#include "nsSandboxFlags.h"
|
||||
#include "mozilla/dom/ScriptSettings.h"
|
||||
#include "nsILoadInfo.h"
|
||||
#include "nsContentSecurityManager.h"
|
||||
|
||||
#include "mozilla/ipc/URIUtils.h"
|
||||
|
||||
@@ -552,6 +553,15 @@ nsJSChannel::Open(nsIInputStream **aResult)
|
||||
return mStreamChannel->Open(aResult);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsJSChannel::Open2(nsIInputStream** aStream)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return Open(aStream);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsJSChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext)
|
||||
{
|
||||
@@ -663,6 +673,15 @@ nsJSChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext)
|
||||
return rv;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsJSChannel::AsyncOpen2(nsIStreamListener *aListener)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener = aListener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return AsyncOpen(listener, nullptr);
|
||||
}
|
||||
|
||||
void
|
||||
nsJSChannel::EvaluateScript()
|
||||
{
|
||||
|
||||
@@ -477,11 +477,12 @@ nsresult nsPluginHost::GetURLWithHeaders(nsNPAPIPluginInstance* pluginInst,
|
||||
if (!target && !streamListener)
|
||||
return NS_ERROR_ILLEGAL_VALUE;
|
||||
|
||||
nsresult rv = DoURLLoadSecurityCheck(pluginInst, url);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
nsresult rv = NS_OK;
|
||||
|
||||
if (target) {
|
||||
rv = DoURLLoadSecurityCheck(pluginInst, url);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
nsRefPtr<nsPluginInstanceOwner> owner = pluginInst->GetOwner();
|
||||
if (owner) {
|
||||
if ((0 == PL_strcmp(target, "newwindow")) ||
|
||||
@@ -525,10 +526,6 @@ nsresult nsPluginHost::PostURL(nsISupports* pluginInst,
|
||||
|
||||
nsNPAPIPluginInstance* instance = static_cast<nsNPAPIPluginInstance*>(pluginInst);
|
||||
|
||||
rv = DoURLLoadSecurityCheck(instance, url);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
|
||||
nsCOMPtr<nsIInputStream> postStream;
|
||||
if (isFile) {
|
||||
nsCOMPtr<nsIFile> file;
|
||||
@@ -570,6 +567,9 @@ nsresult nsPluginHost::PostURL(nsISupports* pluginInst,
|
||||
}
|
||||
|
||||
if (target) {
|
||||
rv = DoURLLoadSecurityCheck(instance, url);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
nsRefPtr<nsPluginInstanceOwner> owner = instance->GetOwner();
|
||||
if (owner) {
|
||||
if ((0 == PL_strcmp(target, "newwindow")) ||
|
||||
@@ -3064,8 +3064,13 @@ nsresult nsPluginHost::NewPluginURLStream(const nsString& aURL,
|
||||
absUrl.Assign(aURL);
|
||||
|
||||
rv = NS_NewURI(getter_AddRefs(url), absUrl);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
nsRefPtr<nsPluginStreamListenerPeer> listenerPeer = new nsPluginStreamListenerPeer();
|
||||
NS_ENSURE_TRUE(listenerPeer, NS_ERROR_OUT_OF_MEMORY);
|
||||
|
||||
rv = listenerPeer->Initialize(url, aInstance, aListener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
nsCOMPtr<nsIDOMElement> element;
|
||||
nsCOMPtr<nsIDocument> doc;
|
||||
@@ -3073,63 +3078,24 @@ nsresult nsPluginHost::NewPluginURLStream(const nsString& aURL,
|
||||
owner->GetDOMElement(getter_AddRefs(element));
|
||||
owner->GetDocument(getter_AddRefs(doc));
|
||||
}
|
||||
nsCOMPtr<nsIPrincipal> principal = doc ? doc->NodePrincipal() : nullptr;
|
||||
|
||||
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
|
||||
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_OBJECT_SUBREQUEST,
|
||||
url,
|
||||
principal,
|
||||
element,
|
||||
EmptyCString(), //mime guess
|
||||
nullptr, //extra
|
||||
&shouldLoad);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
if (NS_CP_REJECTED(shouldLoad)) {
|
||||
// Disallowed by content policy
|
||||
return NS_ERROR_CONTENT_BLOCKED;
|
||||
}
|
||||
|
||||
nsRefPtr<nsPluginStreamListenerPeer> listenerPeer = new nsPluginStreamListenerPeer();
|
||||
if (!listenerPeer)
|
||||
return NS_ERROR_OUT_OF_MEMORY;
|
||||
|
||||
rv = listenerPeer->Initialize(url, aInstance, aListener);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
nsCOMPtr<nsINode> requestingNode(do_QueryInterface(element));
|
||||
NS_ENSURE_TRUE(requestingNode, NS_ERROR_FAILURE);
|
||||
|
||||
nsCOMPtr<nsIChannel> channel;
|
||||
// @arg loadgroup:
|
||||
// do not add this internal plugin's channel on the
|
||||
// load group otherwise this channel could be canceled
|
||||
// form |nsDocShell::OnLinkClickSync| bug 166613
|
||||
nsCOMPtr<nsIChannel> channel;
|
||||
nsCOMPtr<nsINode> requestingNode(do_QueryInterface(element));
|
||||
if (requestingNode) {
|
||||
rv = NS_NewChannel(getter_AddRefs(channel),
|
||||
url,
|
||||
requestingNode,
|
||||
nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL,
|
||||
nsIContentPolicy::TYPE_OBJECT_SUBREQUEST,
|
||||
nullptr, // aLoadGroup
|
||||
listenerPeer);
|
||||
}
|
||||
else {
|
||||
// in this else branch we really don't know where the load is coming
|
||||
// from and in fact should use something better than just using
|
||||
// a nullPrincipal as the loadingPrincipal.
|
||||
principal = nsNullPrincipal::Create();
|
||||
NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE);
|
||||
rv = NS_NewChannel(getter_AddRefs(channel),
|
||||
url,
|
||||
principal,
|
||||
nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL,
|
||||
nsIContentPolicy::TYPE_OBJECT_SUBREQUEST,
|
||||
nullptr, // aLoadGroup
|
||||
listenerPeer);
|
||||
}
|
||||
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
rv = NS_NewChannel(getter_AddRefs(channel),
|
||||
url,
|
||||
requestingNode,
|
||||
nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS |
|
||||
nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL,
|
||||
nsIContentPolicy::TYPE_OBJECT_SUBREQUEST,
|
||||
nullptr, // aLoadGroup
|
||||
listenerPeer);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
if (doc) {
|
||||
// And if it's a script allow it to execute against the
|
||||
@@ -3189,7 +3155,7 @@ nsresult nsPluginHost::NewPluginURLStream(const nsString& aURL,
|
||||
NS_ENSURE_SUCCESS(rv,rv);
|
||||
}
|
||||
}
|
||||
rv = channel->AsyncOpen(listenerPeer, nullptr);
|
||||
rv = channel->AsyncOpen2(listenerPeer);
|
||||
if (NS_SUCCEEDED(rv))
|
||||
listenerPeer->TrackRequest(channel);
|
||||
return rv;
|
||||
|
||||
@@ -7,6 +7,7 @@
|
||||
TEST_DIRS += ['test']
|
||||
|
||||
EXPORTS.mozilla.dom += [
|
||||
'nsContentSecurityManager.h',
|
||||
'nsCSPContext.h',
|
||||
'nsCSPService.h',
|
||||
'nsCSPUtils.h',
|
||||
@@ -16,10 +17,12 @@ EXPORTS.mozilla.dom += [
|
||||
]
|
||||
|
||||
EXPORTS += [
|
||||
'nsContentSecurityManager.h',
|
||||
'nsCORSListenerProxy.h'
|
||||
]
|
||||
|
||||
UNIFIED_SOURCES += [
|
||||
'nsContentSecurityManager.cpp',
|
||||
'nsCORSListenerProxy.cpp',
|
||||
'nsCSPContext.cpp',
|
||||
'nsCSPParser.cpp',
|
||||
|
||||
@@ -105,6 +105,9 @@ CSPService::ShouldLoad(uint32_t aContentType,
|
||||
nsIPrincipal *aRequestPrincipal,
|
||||
int16_t *aDecision)
|
||||
{
|
||||
MOZ_ASSERT(aContentType == nsContentUtils::InternalContentPolicyTypeToExternal(aContentType),
|
||||
"We should only see external content policy types here.");
|
||||
|
||||
if (!aContentLocation) {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
@@ -0,0 +1,305 @@
|
||||
#include "nsContentSecurityManager.h"
|
||||
#include "nsIChannel.h"
|
||||
#include "nsIStreamListener.h"
|
||||
#include "nsILoadInfo.h"
|
||||
#include "nsContentUtils.h"
|
||||
#include "nsCORSListenerProxy.h"
|
||||
#include "nsIStreamListener.h"
|
||||
|
||||
#include "mozilla/dom/Element.h"
|
||||
|
||||
nsresult
|
||||
ValidateSecurityFlags(nsILoadInfo* aLoadInfo)
|
||||
{
|
||||
nsSecurityFlags securityMode = aLoadInfo->GetSecurityMode();
|
||||
|
||||
if (securityMode != nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS &&
|
||||
securityMode != nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED &&
|
||||
securityMode != nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS &&
|
||||
securityMode != nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL &&
|
||||
securityMode != nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS) {
|
||||
MOZ_ASSERT(false, "need one securityflag from nsILoadInfo to perform security checks");
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
// make sure that cors-with-credentials is only used in combination with CORS.
|
||||
if (aLoadInfo->GetRequireCorsWithCredentials() &&
|
||||
securityMode != nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS) {
|
||||
MOZ_ASSERT(false, "can not use cors-with-credentials without cors");
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
// all good, found the right security flags
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsresult
|
||||
DoSOPChecks(nsIURI* aURI, nsILoadInfo* aLoadInfo)
|
||||
{
|
||||
nsSecurityFlags securityMode = aLoadInfo->GetSecurityMode();
|
||||
|
||||
// if none of the REQUIRE_SAME_ORIGIN flags are set, then SOP does not apply
|
||||
if ((securityMode != nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS) &&
|
||||
(securityMode != nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED)) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsIPrincipal* loadingPrincipal = aLoadInfo->LoadingPrincipal();
|
||||
bool sameOriginDataInherits =
|
||||
securityMode == nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS;
|
||||
return loadingPrincipal->CheckMayLoad(aURI,
|
||||
true, // report to console
|
||||
sameOriginDataInherits);
|
||||
}
|
||||
|
||||
nsresult
|
||||
DoCheckLoadURIChecks(nsIURI* aURI, nsILoadInfo* aLoadInfo)
|
||||
{
|
||||
nsresult rv = NS_OK;
|
||||
nsSecurityFlags securityMode = aLoadInfo->GetSecurityMode();
|
||||
// Please note that checkLoadURIWithPrincipal should only be enforced for
|
||||
// cross origin requests. If the flag SEC_REQUIRE_CORS_DATA_INHERITS is set
|
||||
// within the loadInfo, then then CheckLoadURIWithPrincipal is performed
|
||||
// within nsCorsListenerProxy
|
||||
if ((securityMode != nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS) &&
|
||||
(securityMode != nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL)) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIPrincipal> loadingPrincipal = aLoadInfo->LoadingPrincipal();
|
||||
// XXX: @arg nsIScriptSecurityManager::STANDARD
|
||||
// lets use STANDARD for now and evaluate on a callsite basis, see also:
|
||||
// http://mxr.mozilla.org/mozilla-central/source/caps/nsIScriptSecurityManager.idl#62
|
||||
rv = nsContentUtils::GetSecurityManager()->
|
||||
CheckLoadURIWithPrincipal(loadingPrincipal,
|
||||
aURI,
|
||||
nsIScriptSecurityManager::STANDARD);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// If the loadingPrincipal and the triggeringPrincipal are different, then make
|
||||
// sure the triggeringPrincipal is allowed to access that URI.
|
||||
nsCOMPtr<nsIPrincipal> triggeringPrincipal = aLoadInfo->TriggeringPrincipal();
|
||||
if (loadingPrincipal != triggeringPrincipal) {
|
||||
rv = nsContentUtils::GetSecurityManager()->
|
||||
CheckLoadURIWithPrincipal(triggeringPrincipal,
|
||||
aURI,
|
||||
nsIScriptSecurityManager::STANDARD);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsresult
|
||||
DoCORSChecks(nsIChannel* aChannel, nsILoadInfo* aLoadInfo,
|
||||
nsCOMPtr<nsIStreamListener>& aInAndOutListener)
|
||||
{
|
||||
if (aLoadInfo->GetSecurityMode() != nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsIPrincipal* loadingPrincipal = aLoadInfo->LoadingPrincipal();
|
||||
nsRefPtr<nsCORSListenerProxy> corsListener =
|
||||
new nsCORSListenerProxy(aInAndOutListener,
|
||||
loadingPrincipal,
|
||||
aLoadInfo->GetRequireCorsWithCredentials());
|
||||
// XXX: @arg: DataURIHandling::Allow
|
||||
// lets use DataURIHandling::Allow for now and then decide on callsite basis. see also:
|
||||
// http://mxr.mozilla.org/mozilla-central/source/dom/security/nsCORSListenerProxy.h#33
|
||||
nsresult rv = corsListener->Init(aChannel, DataURIHandling::Allow);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
aInAndOutListener = corsListener;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsresult
|
||||
DoContentSecurityChecks(nsIURI* aURI, nsILoadInfo* aLoadInfo)
|
||||
{
|
||||
nsContentPolicyType contentPolicyType = aLoadInfo->GetExternalContentPolicyType();
|
||||
nsCString mimeTypeGuess;
|
||||
nsCOMPtr<nsINode> requestingContext = nullptr;
|
||||
|
||||
switch(contentPolicyType) {
|
||||
case nsIContentPolicy::TYPE_OTHER: {
|
||||
mimeTypeGuess = EmptyCString();
|
||||
requestingContext = aLoadInfo->LoadingNode();
|
||||
break;
|
||||
}
|
||||
|
||||
case nsIContentPolicy::TYPE_SCRIPT:
|
||||
case nsIContentPolicy::TYPE_IMAGE:
|
||||
case nsIContentPolicy::TYPE_STYLESHEET:
|
||||
case nsIContentPolicy::TYPE_OBJECT:
|
||||
case nsIContentPolicy::TYPE_DOCUMENT:
|
||||
case nsIContentPolicy::TYPE_SUBDOCUMENT:
|
||||
case nsIContentPolicy::TYPE_REFRESH:
|
||||
case nsIContentPolicy::TYPE_XBL:
|
||||
case nsIContentPolicy::TYPE_PING: {
|
||||
MOZ_ASSERT(false, "contentPolicyType not supported yet");
|
||||
break;
|
||||
}
|
||||
|
||||
case nsIContentPolicy::TYPE_XMLHTTPREQUEST: {
|
||||
// alias nsIContentPolicy::TYPE_DATAREQUEST:
|
||||
mimeTypeGuess = NS_LITERAL_CSTRING(TEXT_EVENT_STREAM);
|
||||
requestingContext = aLoadInfo->LoadingNode();
|
||||
break;
|
||||
}
|
||||
|
||||
|
||||
case nsIContentPolicy::TYPE_OBJECT_SUBREQUEST: {
|
||||
mimeTypeGuess = EmptyCString();
|
||||
requestingContext = aLoadInfo->LoadingNode();
|
||||
MOZ_ASSERT(!requestingContext ||
|
||||
requestingContext->NodeType() == nsIDOMNode::ELEMENT_NODE,
|
||||
"type_subrequest requires requestingContext of type Element");
|
||||
break;
|
||||
}
|
||||
|
||||
case nsIContentPolicy::TYPE_DTD:
|
||||
case nsIContentPolicy::TYPE_FONT: {
|
||||
MOZ_ASSERT(false, "contentPolicyType not supported yet");
|
||||
break;
|
||||
}
|
||||
|
||||
case nsIContentPolicy::TYPE_MEDIA: {
|
||||
nsContentPolicyType internalContentPolicyType =
|
||||
aLoadInfo->InternalContentPolicyType();
|
||||
|
||||
if (internalContentPolicyType == nsIContentPolicy::TYPE_INTERNAL_TRACK) {
|
||||
mimeTypeGuess = NS_LITERAL_CSTRING("text/vtt");
|
||||
}
|
||||
else {
|
||||
mimeTypeGuess = EmptyCString();
|
||||
}
|
||||
requestingContext = aLoadInfo->LoadingNode();
|
||||
MOZ_ASSERT(!requestingContext ||
|
||||
requestingContext->NodeType() == nsIDOMNode::ELEMENT_NODE,
|
||||
"type_media requires requestingContext of type Element");
|
||||
break;
|
||||
}
|
||||
|
||||
case nsIContentPolicy::TYPE_WEBSOCKET:
|
||||
case nsIContentPolicy::TYPE_CSP_REPORT:
|
||||
case nsIContentPolicy::TYPE_XSLT: {
|
||||
MOZ_ASSERT(false, "contentPolicyType not supported yet");
|
||||
break;
|
||||
}
|
||||
|
||||
case nsIContentPolicy::TYPE_BEACON: {
|
||||
mimeTypeGuess = EmptyCString();
|
||||
requestingContext = aLoadInfo->LoadingNode();
|
||||
MOZ_ASSERT(!requestingContext ||
|
||||
requestingContext->NodeType() == nsIDOMNode::DOCUMENT_NODE,
|
||||
"type_beacon requires requestingContext of type Document");
|
||||
break;
|
||||
}
|
||||
|
||||
case nsIContentPolicy::TYPE_FETCH:
|
||||
case nsIContentPolicy::TYPE_IMAGESET: {
|
||||
MOZ_ASSERT(false, "contentPolicyType not supported yet");
|
||||
break;
|
||||
}
|
||||
|
||||
default:
|
||||
// nsIContentPolicy::TYPE_INVALID
|
||||
MOZ_ASSERT(false, "can not perform security check without a valid contentType");
|
||||
}
|
||||
|
||||
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
|
||||
nsresult rv = NS_CheckContentLoadPolicy(contentPolicyType,
|
||||
aURI,
|
||||
aLoadInfo->LoadingPrincipal(),
|
||||
requestingContext,
|
||||
mimeTypeGuess,
|
||||
nullptr, //extra,
|
||||
&shouldLoad,
|
||||
nsContentUtils::GetContentPolicy(),
|
||||
nsContentUtils::GetSecurityManager());
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
if (NS_CP_REJECTED(shouldLoad)) {
|
||||
return NS_ERROR_CONTENT_BLOCKED;
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
/*
|
||||
* Based on the security flags provided in the loadInfo of the channel,
|
||||
* doContentSecurityCheck() performs the following content security checks
|
||||
* before opening the channel:
|
||||
*
|
||||
* (1) Same Origin Policy Check (if applicable)
|
||||
* (2) Allow Cross Origin but perform sanity checks whether a principal
|
||||
* is allowed to access the following URL.
|
||||
* (3) Perform CORS check (if applicable)
|
||||
* (4) ContentPolicy checks (Content-Security-Policy, Mixed Content, ...)
|
||||
*
|
||||
* @param aChannel
|
||||
* The channel to perform the security checks on.
|
||||
* @param aInAndOutListener
|
||||
* The streamListener that is passed to channel->AsyncOpen2() that is now potentially
|
||||
* wrappend within nsCORSListenerProxy() and becomes the corsListener that now needs
|
||||
* to be set as new streamListener on the channel.
|
||||
*/
|
||||
nsresult
|
||||
nsContentSecurityManager::doContentSecurityCheck(nsIChannel* aChannel,
|
||||
nsCOMPtr<nsIStreamListener>& aInAndOutListener)
|
||||
{
|
||||
NS_ENSURE_ARG(aChannel);
|
||||
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->GetLoadInfo();
|
||||
|
||||
if (!loadInfo) {
|
||||
MOZ_ASSERT(false, "channel needs to have loadInfo to perform security checks");
|
||||
return NS_ERROR_UNEXPECTED;
|
||||
}
|
||||
|
||||
// make sure that only one of the five security flags is set in the loadinfo
|
||||
// e.g. do not require same origin and allow cross origin at the same time
|
||||
nsresult rv = ValidateSecurityFlags(loadInfo);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// lets store the initialSecurityCheckDone flag which indicates whether the channel
|
||||
// was initialy evaluated by the contentSecurityManager. Once the inital
|
||||
// asyncOpen() of the channel went through the contentSecurityManager then
|
||||
// redirects do not have perform all the security checks, e.g. no reason
|
||||
// to setup CORS again.
|
||||
bool initialSecurityCheckDone = loadInfo->GetInitialSecurityCheckDone();
|
||||
|
||||
// now lets set the initalSecurityFlag for subsequent calls
|
||||
rv = loadInfo->SetInitialSecurityCheckDone(true);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// since aChannel was openend using asyncOpen2() we have to make sure
|
||||
// that redirects of that channel also get openend using asyncOpen2()
|
||||
// please note that some implementations of ::AsyncOpen2 might already
|
||||
// have set that flag to true (e.g. nsViewSourceChannel) in which case
|
||||
// we just set the flag again.
|
||||
rv = loadInfo->SetEnforceSecurity(true);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
nsCOMPtr<nsIURI> finalChannelURI;
|
||||
rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(finalChannelURI));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Perform Same Origin Policy check
|
||||
rv = DoSOPChecks(finalChannelURI, loadInfo);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// if dealing with a redirected channel then we only enforce SOP
|
||||
// and can return at this point.
|
||||
if (initialSecurityCheckDone) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
rv = DoCheckLoadURIChecks(finalChannelURI, loadInfo);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Check if CORS needs to be set up
|
||||
rv = DoCORSChecks(aChannel, loadInfo, aInAndOutListener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Perform all ContentPolicy checks (MixedContent, CSP, ...)
|
||||
rv = DoContentSecurityChecks(finalChannelURI, loadInfo);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// all security checks passed - lets allow the load
|
||||
return NS_OK;
|
||||
}
|
||||
@@ -0,0 +1,24 @@
|
||||
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
||||
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
|
||||
#ifndef nsContentSecurityManager_h___
|
||||
#define nsContentSecurityManager_h___
|
||||
|
||||
#include "nsIChannel.h"
|
||||
class nsIStreamListener;
|
||||
|
||||
class nsContentSecurityManager
|
||||
{
|
||||
private:
|
||||
nsContentSecurityManager() {}
|
||||
virtual ~nsContentSecurityManager() {}
|
||||
|
||||
public:
|
||||
static nsresult doContentSecurityCheck(nsIChannel* aChannel,
|
||||
nsCOMPtr<nsIStreamListener>& aInAndOutListener);
|
||||
};
|
||||
|
||||
#endif /* nsContentSecurityManager_h___ */
|
||||
@@ -353,6 +353,9 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
|
||||
aContentType == nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER;
|
||||
aContentType = nsContentUtils::InternalContentPolicyTypeToExternal(aContentType);
|
||||
|
||||
MOZ_ASSERT(aContentType == nsContentUtils::InternalContentPolicyTypeToExternal(aContentType),
|
||||
"We should only see external content policy types here.");
|
||||
|
||||
// Assume active (high risk) content and blocked by default
|
||||
MixedContentTypes classification = eMixedScript;
|
||||
// Make decision to block/reject by default
|
||||
|
||||
@@ -22,7 +22,8 @@
|
||||
#define BEHAVIOR_NOFOREIGN 3
|
||||
|
||||
// From nsIContentPolicy
|
||||
static const char *kTypeString[] = {"other",
|
||||
static const char *kTypeString[] = {
|
||||
"other",
|
||||
"script",
|
||||
"image",
|
||||
"stylesheet",
|
||||
@@ -43,7 +44,18 @@ static const char *kTypeString[] = {"other",
|
||||
"beacon",
|
||||
"fetch",
|
||||
"imageset",
|
||||
"manifest"};
|
||||
"manifest",
|
||||
"", // TYPE_INTERNAL_SCRIPT
|
||||
"", // TYPE_INTERNAL_WORKER
|
||||
"", // TYPE_INTERNAL_SHARED_WORKER
|
||||
"", // TYPE_INTERNAL_EMBED
|
||||
"", // TYPE_INTERNAL_OBJECT
|
||||
"", // TYPE_INTERNAL_FRAME
|
||||
"", // TYPE_INTERNAL_IFRAME
|
||||
"", // TYPE_INTERNAL_AUDIO
|
||||
"", // TYPE_INTERNAL_VIDEO
|
||||
"" // TYPE_INTERNAL_TRACK
|
||||
};
|
||||
|
||||
#define NUMBER_OF_TYPES MOZ_ARRAY_LENGTH(kTypeString)
|
||||
uint8_t nsContentBlocker::mBehaviorPref[NUMBER_OF_TYPES];
|
||||
@@ -119,7 +131,8 @@ nsContentBlocker::PrefChanged(nsIPrefBranch *aPrefBranch,
|
||||
#define PREF_CHANGED(_P) (!aPref || !strcmp(aPref, _P))
|
||||
|
||||
for(uint32_t i = 0; i < NUMBER_OF_TYPES; ++i) {
|
||||
if (PREF_CHANGED(kTypeString[i]) &&
|
||||
if (*kTypeString[i] &&
|
||||
PREF_CHANGED(kTypeString[i]) &&
|
||||
NS_SUCCEEDED(aPrefBranch->GetIntPref(kTypeString[i], &val)))
|
||||
mBehaviorPref[i] = LIMIT(val, 1, 3, 1);
|
||||
}
|
||||
@@ -243,6 +256,13 @@ nsContentBlocker::TestPermission(nsIURI *aCurrentURI,
|
||||
bool *aFromPrefs)
|
||||
{
|
||||
*aFromPrefs = false;
|
||||
|
||||
if (!*kTypeString[aContentType - 1]) {
|
||||
// Disallow internal content policy types, they should not be used here.
|
||||
*aPermission = false;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// This default will also get used if there is an unknown value in the
|
||||
// permission list, or if the permission manager returns unknown values.
|
||||
*aPermission = true;
|
||||
|
||||
@@ -25,6 +25,7 @@
|
||||
#include "nsTArray.h"
|
||||
#include "nsObjCExceptions.h"
|
||||
#include "nsProxyRelease.h"
|
||||
#include "nsContentSecurityManager.h"
|
||||
|
||||
#include <Cocoa/Cocoa.h>
|
||||
|
||||
@@ -177,6 +178,15 @@ nsIconChannel::Open(nsIInputStream** _retval)
|
||||
return MakeInputStream(_retval, false);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsIconChannel::Open2(nsIInputStream** aStream)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return Open(aStream);
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsIconChannel::ExtractIconInfoFromUrl(nsIFile** aLocalFile,
|
||||
uint32_t* aDesiredImageSize,
|
||||
@@ -236,6 +246,15 @@ nsIconChannel::AsyncOpen(nsIStreamListener* aListener,
|
||||
return rv;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsIconChannel::AsyncOpen2(nsIStreamListener* aListener)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener = aListener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return AsyncOpen(listener, nullptr);
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsIconChannel::MakeInputStream(nsIInputStream** _retval,
|
||||
bool aNonBlocking)
|
||||
|
||||
@@ -26,6 +26,7 @@
|
||||
#include "nsCExternalHandlerService.h"
|
||||
#include "nsDirectoryServiceDefs.h"
|
||||
#include "nsProxyRelease.h"
|
||||
#include "nsContentSecurityManager.h"
|
||||
|
||||
#ifdef _WIN32_WINNT
|
||||
#undef _WIN32_WINNT
|
||||
@@ -198,6 +199,15 @@ nsIconChannel::Open(nsIInputStream** _retval)
|
||||
return MakeInputStream(_retval, false);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsIconChannel::Open2(nsIInputStream** aStream)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return Open(aStream);
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsIconChannel::ExtractIconInfoFromUrl(nsIFile** aLocalFile,
|
||||
uint32_t* aDesiredImageSize, nsCString& aContentType,
|
||||
@@ -253,6 +263,15 @@ nsIconChannel::AsyncOpen(nsIStreamListener* aListener,
|
||||
return rv;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsIconChannel::AsyncOpen2(nsIStreamListener* aListener)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener = aListener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return AsyncOpen(listener, nullptr);
|
||||
}
|
||||
|
||||
static DWORD
|
||||
GetSpecialFolderIcon(nsIFile* aFile, int aFolder,
|
||||
SHFILEINFOW* aSFI, UINT aInfoFlags)
|
||||
|
||||
@@ -15,6 +15,7 @@
|
||||
#include "nsIViewSourceChannel.h"
|
||||
#include "nsContentUtils.h"
|
||||
#include "nsProxyRelease.h"
|
||||
#include "nsContentSecurityManager.h"
|
||||
|
||||
#include "nsIScriptSecurityManager.h"
|
||||
#include "nsIPrincipal.h"
|
||||
@@ -864,6 +865,15 @@ nsJARChannel::Open(nsIInputStream **stream)
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsJARChannel::Open2(nsIInputStream** aStream)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return Open(aStream);
|
||||
}
|
||||
|
||||
bool
|
||||
nsJARChannel::ShouldIntercept()
|
||||
{
|
||||
@@ -975,6 +985,20 @@ nsJARChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *ctx)
|
||||
return ContinueAsyncOpen();
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsJARChannel::AsyncOpen2(nsIStreamListener *aListener)
|
||||
{
|
||||
if (!mLoadInfo) {
|
||||
MOZ_ASSERT(mLoadInfo, "can not enforce security without loadInfo");
|
||||
return NS_ERROR_UNEXPECTED;
|
||||
}
|
||||
// setting the flag on the loadInfo indicates that the underlying
|
||||
// channel will be openend using AsyncOpen2() and hence performs
|
||||
// the necessary security checks.
|
||||
mLoadInfo->SetEnforceSecurity(true);
|
||||
return AsyncOpen(aListener, nullptr);
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsJARChannel::ContinueAsyncOpen()
|
||||
{
|
||||
@@ -993,8 +1017,6 @@ nsJARChannel::ContinueAsyncOpen()
|
||||
// Not a local file...
|
||||
// kick off an async download of the base URI...
|
||||
nsCOMPtr<nsIStreamListener> downloader = new MemoryDownloader(this);
|
||||
// Since we might not have a loadinfo on all channels yet
|
||||
// we have to provide default arguments in case mLoadInfo is null;
|
||||
uint32_t loadFlags =
|
||||
mLoadFlags & ~(LOAD_DOCUMENT_URI | LOAD_CALL_CONTENT_SNIFFERS);
|
||||
rv = NS_NewChannelInternal(getter_AddRefs(channel),
|
||||
@@ -1009,7 +1031,12 @@ nsJARChannel::ContinueAsyncOpen()
|
||||
mListener = nullptr;
|
||||
return rv;
|
||||
}
|
||||
rv = channel->AsyncOpen(downloader, nullptr);
|
||||
if (mLoadInfo && mLoadInfo->GetEnforceSecurity()) {
|
||||
rv = channel->AsyncOpen2(downloader);
|
||||
}
|
||||
else {
|
||||
rv = channel->AsyncOpen(downloader, nullptr);
|
||||
}
|
||||
} else if (mOpeningRemote) {
|
||||
// nothing to do: already asked parent to open file.
|
||||
} else {
|
||||
|
||||
@@ -20,6 +20,7 @@
|
||||
#include "nsAsyncRedirectVerifyHelper.h"
|
||||
#include "nsProxyRelease.h"
|
||||
#include "nsXULAppAPI.h"
|
||||
#include "nsContentSecurityManager.h"
|
||||
#include "mozilla/LoadInfo.h"
|
||||
|
||||
static PLDHashOperator
|
||||
@@ -169,7 +170,14 @@ nsBaseChannel::ContinueRedirect()
|
||||
// with the redirect.
|
||||
|
||||
if (mOpenRedirectChannel) {
|
||||
nsresult rv = mRedirectChannel->AsyncOpen(mListener, mListenerContext);
|
||||
nsresult rv = NS_OK;
|
||||
if (mLoadInfo && mLoadInfo->GetEnforceSecurity()) {
|
||||
MOZ_ASSERT(!mListenerContext, "mListenerContext should be null!");
|
||||
rv = mRedirectChannel->AsyncOpen2(mListener);
|
||||
}
|
||||
else {
|
||||
rv = mRedirectChannel->AsyncOpen(mListener, mListenerContext);
|
||||
}
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
// Append the initial uri of the channel to the redirectChain
|
||||
// after the channel got openend successfully.
|
||||
@@ -628,6 +636,15 @@ nsBaseChannel::Open(nsIInputStream **result)
|
||||
return rv;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsBaseChannel::Open2(nsIInputStream** aStream)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return Open(aStream);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsBaseChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *ctxt)
|
||||
{
|
||||
@@ -675,6 +692,15 @@ nsBaseChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *ctxt)
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsBaseChannel::AsyncOpen2(nsIStreamListener *aListener)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener = aListener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return AsyncOpen(listener, nullptr);
|
||||
}
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
// nsBaseChannel::nsITransportEventSink
|
||||
|
||||
|
||||
@@ -29,7 +29,7 @@ interface nsIStreamListener;
|
||||
*
|
||||
* This interface must be used only from the XPCOM main thread.
|
||||
*/
|
||||
[scriptable, uuid(1bc48693-c45d-45f4-8ab1-46e323037fe1)]
|
||||
[scriptable, uuid(cc3bff29-324e-4704-9eeb-1b8a62c4a9dc)]
|
||||
interface nsIChannel : nsIRequest
|
||||
{
|
||||
/**
|
||||
@@ -146,6 +146,11 @@ interface nsIChannel : nsIRequest
|
||||
*/
|
||||
nsIInputStream open();
|
||||
|
||||
/**
|
||||
* Performs content security check and calls open()
|
||||
*/
|
||||
nsIInputStream open2();
|
||||
|
||||
/**
|
||||
* Asynchronously open this channel. Data is fed to the specified stream
|
||||
* listener as it becomes available. The stream listener's methods are
|
||||
@@ -179,6 +184,11 @@ interface nsIChannel : nsIRequest
|
||||
*/
|
||||
void asyncOpen(in nsIStreamListener aListener, in nsISupports aContext);
|
||||
|
||||
/**
|
||||
* Performs content security check and calls asyncOpen().
|
||||
*/
|
||||
void asyncOpen2(in nsIStreamListener aListener);
|
||||
|
||||
/**************************************************************************
|
||||
* Channel specific load flags:
|
||||
*
|
||||
|
||||
@@ -14,6 +14,7 @@
|
||||
#include "nsILoadInfo.h"
|
||||
#include "nsXULAppAPI.h"
|
||||
#include "nsPrincipal.h"
|
||||
#include "nsContentSecurityManager.h"
|
||||
|
||||
#include "mozilla/dom/ScriptSettings.h"
|
||||
#include "mozilla/Preferences.h"
|
||||
@@ -99,6 +100,15 @@ NS_IMETHODIMP DummyChannel::Open(nsIInputStream**)
|
||||
return NS_ERROR_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
DummyChannel::Open2(nsIInputStream** aStream)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return Open(aStream);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP DummyChannel::AsyncOpen(nsIStreamListener* aListener, nsISupports* aContext)
|
||||
{
|
||||
mListener = aListener;
|
||||
@@ -116,6 +126,15 @@ NS_IMETHODIMP DummyChannel::AsyncOpen(nsIStreamListener* aListener, nsISupports*
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
DummyChannel::AsyncOpen2(nsIStreamListener* aListener)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener = aListener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return AsyncOpen(listener, nullptr);
|
||||
}
|
||||
|
||||
// nsIJarChannel, needed for XHR to turn NS_ERROR_FILE_NOT_FOUND into
|
||||
// a 404 error.
|
||||
NS_IMETHODIMP DummyChannel::GetIsUnsafe(bool *aResult)
|
||||
|
||||
@@ -39,6 +39,7 @@
|
||||
#include "nsINetworkInterceptController.h"
|
||||
#include "mozIThirdPartyUtil.h"
|
||||
#include "nsStreamUtils.h"
|
||||
#include "nsContentSecurityManager.h"
|
||||
|
||||
#include <algorithm>
|
||||
|
||||
@@ -517,6 +518,15 @@ HttpBaseChannel::Open(nsIInputStream **aResult)
|
||||
return NS_ImplementChannelOpen(this, aResult);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
HttpBaseChannel::Open2(nsIInputStream** aStream)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return Open(aStream);
|
||||
}
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
// HttpBaseChannel::nsIUploadChannel
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
@@ -118,6 +118,7 @@ public:
|
||||
NS_IMETHOD GetContentLength(int64_t *aContentLength) override;
|
||||
NS_IMETHOD SetContentLength(int64_t aContentLength) override;
|
||||
NS_IMETHOD Open(nsIInputStream **aResult) override;
|
||||
NS_IMETHOD Open2(nsIInputStream **aResult) override;
|
||||
|
||||
// nsIEncodedChannel
|
||||
NS_IMETHOD GetApplyConversion(bool *value) override;
|
||||
|
||||
@@ -33,6 +33,7 @@
|
||||
#include "InterceptedChannel.h"
|
||||
#include "nsPerformance.h"
|
||||
#include "mozIThirdPartyUtil.h"
|
||||
#include "nsContentSecurityManager.h"
|
||||
|
||||
#ifdef OS_POSIX
|
||||
#include "chrome/common/file_descriptor_set_posix.h"
|
||||
@@ -1553,6 +1554,15 @@ HttpChannelChild::AsyncOpen(nsIStreamListener *listener, nsISupports *aContext)
|
||||
return ContinueAsyncOpen();
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
HttpChannelChild::AsyncOpen2(nsIStreamListener *aListener)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener = aListener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return AsyncOpen(listener, nullptr);
|
||||
}
|
||||
|
||||
nsresult
|
||||
HttpChannelChild::ContinueAsyncOpen()
|
||||
{
|
||||
|
||||
@@ -74,6 +74,8 @@ public:
|
||||
// nsIChannel
|
||||
NS_IMETHOD GetSecurityInfo(nsISupports **aSecurityInfo) override;
|
||||
NS_IMETHOD AsyncOpen(nsIStreamListener *listener, nsISupports *aContext) override;
|
||||
NS_IMETHOD AsyncOpen2(nsIStreamListener *aListener) override;
|
||||
|
||||
// HttpBaseChannel::nsIHttpChannel
|
||||
NS_IMETHOD SetRequestHeader(const nsACString& aHeader,
|
||||
const nsACString& aValue,
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
|
||||
#include "NullHttpChannel.h"
|
||||
#include "nsContentUtils.h"
|
||||
#include "nsContentSecurityManager.h"
|
||||
#include "nsIScriptSecurityManager.h"
|
||||
|
||||
namespace mozilla {
|
||||
@@ -302,12 +303,30 @@ NullHttpChannel::Open(nsIInputStream * *_retval)
|
||||
return NS_ERROR_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
NullHttpChannel::Open2(nsIInputStream** aStream)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return Open(aStream);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
NullHttpChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext)
|
||||
{
|
||||
return NS_ERROR_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
NullHttpChannel::AsyncOpen2(nsIStreamListener *aListener)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener = aListener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return AsyncOpen(listener, nullptr);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
NullHttpChannel::GetContentDisposition(uint32_t *aContentDisposition)
|
||||
{
|
||||
|
||||
@@ -52,6 +52,7 @@
|
||||
#include "nsISSLSocketControl.h"
|
||||
#include "sslt.h"
|
||||
#include "nsContentUtils.h"
|
||||
#include "nsContentSecurityManager.h"
|
||||
#include "nsIClassOfService.h"
|
||||
#include "nsIPermissionManager.h"
|
||||
#include "nsIPrincipal.h"
|
||||
@@ -2016,10 +2017,14 @@ nsHttpChannel::OpenRedirectChannel(nsresult rv)
|
||||
}
|
||||
|
||||
// open new channel
|
||||
rv = mRedirectChannel->AsyncOpen(mListener, mListenerContext);
|
||||
if (NS_FAILED(rv)) {
|
||||
return rv;
|
||||
if (mLoadInfo && mLoadInfo->GetEnforceSecurity()) {
|
||||
MOZ_ASSERT(!mListenerContext, "mListenerContext should be null!");
|
||||
rv = mRedirectChannel->AsyncOpen2(mListener);
|
||||
}
|
||||
else {
|
||||
rv = mRedirectChannel->AsyncOpen(mListener, mListenerContext);
|
||||
}
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
mStatus = NS_BINDING_REDIRECTED;
|
||||
|
||||
@@ -2079,9 +2084,14 @@ nsHttpChannel::ContinueDoReplaceWithProxy(nsresult rv)
|
||||
mRedirectChannel->SetOriginalURI(mOriginalURI);
|
||||
|
||||
// open new channel
|
||||
rv = mRedirectChannel->AsyncOpen(mListener, mListenerContext);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
if (mLoadInfo && mLoadInfo->GetEnforceSecurity()) {
|
||||
MOZ_ASSERT(!mListenerContext, "mListenerContext should be null!");
|
||||
rv = mRedirectChannel->AsyncOpen2(mListener);
|
||||
}
|
||||
else {
|
||||
rv = mRedirectChannel->AsyncOpen(mListener, mListenerContext);
|
||||
}
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
mStatus = NS_BINDING_REDIRECTED;
|
||||
|
||||
@@ -2739,9 +2749,14 @@ nsHttpChannel::ContinueProcessFallback(nsresult rv)
|
||||
// Make sure to do this _after_ calling OnChannelRedirect
|
||||
mRedirectChannel->SetOriginalURI(mOriginalURI);
|
||||
|
||||
rv = mRedirectChannel->AsyncOpen(mListener, mListenerContext);
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
if (mLoadInfo && mLoadInfo->GetEnforceSecurity()) {
|
||||
MOZ_ASSERT(!mListenerContext, "mListenerContext should be null!");
|
||||
rv = mRedirectChannel->AsyncOpen2(mListener);
|
||||
}
|
||||
else {
|
||||
rv = mRedirectChannel->AsyncOpen(mListener, mListenerContext);
|
||||
}
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// close down this channel
|
||||
Cancel(NS_BINDING_REDIRECTED);
|
||||
@@ -4649,10 +4664,14 @@ nsHttpChannel::ContinueProcessRedirection(nsresult rv)
|
||||
// should really be handled by the event sink implementation.
|
||||
|
||||
// begin loading the new channel
|
||||
rv = mRedirectChannel->AsyncOpen(mListener, mListenerContext);
|
||||
|
||||
if (NS_FAILED(rv))
|
||||
return rv;
|
||||
if (mLoadInfo && mLoadInfo->GetEnforceSecurity()) {
|
||||
MOZ_ASSERT(!mListenerContext, "mListenerContext should be null!");
|
||||
rv = mRedirectChannel->AsyncOpen2(mListener);
|
||||
}
|
||||
else {
|
||||
rv = mRedirectChannel->AsyncOpen(mListener, mListenerContext);
|
||||
}
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// close down this channel
|
||||
Cancel(NS_BINDING_REDIRECTED);
|
||||
@@ -4919,6 +4938,15 @@ nsHttpChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *context)
|
||||
return rv;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsHttpChannel::AsyncOpen2(nsIStreamListener *aListener)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener = aListener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return AsyncOpen(listener, nullptr);
|
||||
}
|
||||
|
||||
// BeginConnect() will not call AsyncAbort() on an error and if AsyncAbort needs
|
||||
// to be called the function calling BeginConnect will need to call AsyncAbort.
|
||||
// If BeginConnect is called from AsyncOpen, AsyncnAbort doesn't need to be
|
||||
|
||||
@@ -126,6 +126,7 @@ public:
|
||||
// nsIChannel
|
||||
NS_IMETHOD GetSecurityInfo(nsISupports **aSecurityInfo) override;
|
||||
NS_IMETHOD AsyncOpen(nsIStreamListener *listener, nsISupports *aContext) override;
|
||||
NS_IMETHOD AsyncOpen2(nsIStreamListener *aListener) override;
|
||||
// nsIHttpChannelInternal
|
||||
NS_IMETHOD SetupFallbackChannel(const char *aFallbackKey) override;
|
||||
// nsISupportsPriority
|
||||
|
||||
@@ -4,6 +4,7 @@
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
|
||||
#include "nsContentSecurityManager.h"
|
||||
#include "RtspChannelChild.h"
|
||||
#include "mozilla/ipc/URIUtils.h"
|
||||
#include "nsServiceManagerUtils.h"
|
||||
@@ -135,6 +136,15 @@ RtspChannelChild::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext)
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
RtspChannelChild::AsyncOpen2(nsIStreamListener *aListener)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener = aListener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return AsyncOpen(listener, nullptr);
|
||||
}
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
// nsBaseChannel::nsIStreamListener::nsIRequestObserver
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
@@ -43,6 +43,7 @@ public:
|
||||
NS_IMETHOD GetContentType(nsACString & aContentType) override final;
|
||||
NS_IMETHOD AsyncOpen(nsIStreamListener *listener, nsISupports *aContext)
|
||||
override final;
|
||||
NS_IMETHOD AsyncOpen2(nsIStreamListener *listener) override final;
|
||||
|
||||
// nsBaseChannel::nsIStreamListener::nsIRequestObserver
|
||||
NS_IMETHOD OnStartRequest(nsIRequest *aRequest, nsISupports *aContext)
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
|
||||
#include "RtspChannelParent.h"
|
||||
#include "nsContentSecurityManager.h"
|
||||
|
||||
using namespace mozilla::ipc;
|
||||
|
||||
@@ -72,6 +73,12 @@ RtspChannelParent::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
RtspChannelParent::AsyncOpen2(nsIStreamListener *aListener)
|
||||
{
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
// nsBaseChannel::nsIStreamListener::nsIRequestObserver
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
@@ -40,6 +40,7 @@ public:
|
||||
NS_IMETHOD GetContentType(nsACString & aContentType) override final;
|
||||
NS_IMETHOD AsyncOpen(nsIStreamListener *listener,
|
||||
nsISupports *aContext) override final;
|
||||
NS_IMETHOD AsyncOpen2(nsIStreamListener *listener) override final;
|
||||
|
||||
// nsBaseChannel::nsIStreamListener::nsIRequestObserver
|
||||
NS_IMETHOD OnStartRequest(nsIRequest *aRequest,
|
||||
|
||||
@@ -10,6 +10,7 @@
|
||||
#include "nsNetUtil.h"
|
||||
#include "nsContentUtils.h"
|
||||
#include "nsIHttpHeaderVisitor.h"
|
||||
#include "nsContentSecurityManager.h"
|
||||
#include "nsNullPrincipal.h"
|
||||
#include "nsServiceManagerUtils.h"
|
||||
|
||||
@@ -224,14 +225,36 @@ nsViewSourceChannel::Open(nsIInputStream **_retval)
|
||||
{
|
||||
NS_ENSURE_TRUE(mChannel, NS_ERROR_FAILURE);
|
||||
|
||||
nsresult rv = mChannel->Open(_retval);
|
||||
nsresult rv = NS_OK;
|
||||
nsCOMPtr<nsILoadInfo> loadInfo = mChannel->GetLoadInfo();
|
||||
if (loadInfo && loadInfo->GetEnforceSecurity()) {
|
||||
mChannel->Open2(_retval);
|
||||
}
|
||||
else {
|
||||
mChannel->Open(_retval);
|
||||
}
|
||||
if (NS_SUCCEEDED(rv)) {
|
||||
mOpened = true;
|
||||
}
|
||||
|
||||
return rv;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsViewSourceChannel::Open2(nsIInputStream** aStream)
|
||||
{
|
||||
NS_ENSURE_TRUE(mChannel, NS_ERROR_FAILURE);
|
||||
nsCOMPtr<nsILoadInfo> loadInfo = mChannel->GetLoadInfo();
|
||||
if(!loadInfo) {
|
||||
MOZ_ASSERT(loadInfo, "can not enforce security without loadInfo");
|
||||
return NS_ERROR_UNEXPECTED;
|
||||
}
|
||||
// setting the flag on the loadInfo indicates that the underlying
|
||||
// channel will be openend using Open2() and hence performs
|
||||
// the necessary security checks.
|
||||
loadInfo->SetEnforceSecurity(true);
|
||||
return Open(aStream);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsViewSourceChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *ctxt)
|
||||
{
|
||||
@@ -251,7 +274,14 @@ nsViewSourceChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *ctxt)
|
||||
loadGroup->AddRequest(static_cast<nsIViewSourceChannel*>
|
||||
(this), nullptr);
|
||||
|
||||
nsresult rv = mChannel->AsyncOpen(this, ctxt);
|
||||
nsresult rv = NS_OK;
|
||||
nsCOMPtr<nsILoadInfo> loadInfo = mChannel->GetLoadInfo();
|
||||
if (loadInfo && loadInfo->GetEnforceSecurity()) {
|
||||
rv = mChannel->AsyncOpen2(this);
|
||||
}
|
||||
else {
|
||||
rv = mChannel->AsyncOpen(this, ctxt);
|
||||
}
|
||||
|
||||
if (NS_FAILED(rv) && loadGroup)
|
||||
loadGroup->RemoveRequest(static_cast<nsIViewSourceChannel*>
|
||||
@@ -265,6 +295,20 @@ nsViewSourceChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *ctxt)
|
||||
return rv;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsViewSourceChannel::AsyncOpen2(nsIStreamListener *aListener)
|
||||
{
|
||||
nsCOMPtr<nsILoadInfo> loadInfo = mChannel->GetLoadInfo();
|
||||
if(!loadInfo) {
|
||||
MOZ_ASSERT(loadInfo, "can not enforce security without loadInfo");
|
||||
return NS_ERROR_UNEXPECTED;
|
||||
}
|
||||
// setting the flag on the loadInfo indicates that the underlying
|
||||
// channel will be openend using AsyncOpen2() and hence performs
|
||||
// the necessary security checks.
|
||||
loadInfo->SetEnforceSecurity(true);
|
||||
return AsyncOpen(aListener, nullptr);
|
||||
}
|
||||
/*
|
||||
* Both the view source channel and mChannel are added to the
|
||||
* loadgroup. There should never be more than one request in the
|
||||
|
||||
@@ -21,6 +21,7 @@
|
||||
#include "SerializedLoadContext.h"
|
||||
#include "mozilla/ipc/BackgroundUtils.h"
|
||||
#include "nsProxyRelease.h"
|
||||
#include "nsContentSecurityManager.h"
|
||||
|
||||
using namespace mozilla::ipc;
|
||||
using namespace mozilla::dom;
|
||||
@@ -622,6 +623,15 @@ WyciwygChannelChild::Open(nsIInputStream **_retval)
|
||||
return NS_ERROR_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
WyciwygChannelChild::Open2(nsIInputStream** aStream)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return Open(aStream);
|
||||
}
|
||||
|
||||
static mozilla::dom::TabChild*
|
||||
GetTabChild(nsIChannel* aChannel)
|
||||
{
|
||||
@@ -672,6 +682,15 @@ WyciwygChannelChild::AsyncOpen(nsIStreamListener *aListener, nsISupports *aConte
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
WyciwygChannelChild::AsyncOpen2(nsIStreamListener *aListener)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener = aListener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return AsyncOpen(listener, nullptr);
|
||||
}
|
||||
|
||||
//-----------------------------------------------------------------------------
|
||||
// nsIWyciwygChannel
|
||||
//-----------------------------------------------------------------------------
|
||||
|
||||
@@ -27,6 +27,7 @@
|
||||
#include "mozilla/DebugOnly.h"
|
||||
#include "mozilla/unused.h"
|
||||
#include "nsProxyRelease.h"
|
||||
#include "nsContentSecurityManager.h"
|
||||
|
||||
typedef mozilla::net::LoadContextInfo LoadContextInfo;
|
||||
|
||||
@@ -418,6 +419,15 @@ nsWyciwygChannel::Open(nsIInputStream ** aReturn)
|
||||
return NS_ERROR_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsWyciwygChannel::Open2(nsIInputStream** aStream)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return Open(aStream);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsWyciwygChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *ctx)
|
||||
{
|
||||
@@ -454,6 +464,15 @@ nsWyciwygChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *ctx)
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsWyciwygChannel::AsyncOpen2(nsIStreamListener *aListener)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener = aListener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return AsyncOpen(listener, nullptr);
|
||||
}
|
||||
|
||||
//////////////////////////////////////////////////////////////////////////////
|
||||
// nsIWyciwygChannel
|
||||
//////////////////////////////////////////////////////////////////////////////
|
||||
|
||||
@@ -15,6 +15,7 @@
|
||||
#include "nsIStreamConverterService.h"
|
||||
#include "nsIPackagedAppService.h"
|
||||
#include <algorithm>
|
||||
#include "nsContentSecurityManager.h"
|
||||
#include "nsHttp.h"
|
||||
|
||||
//
|
||||
@@ -204,6 +205,15 @@ nsPartChannel::Open(nsIInputStream **result)
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsPartChannel::Open2(nsIInputStream** aStream)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return Open(aStream);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsPartChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext)
|
||||
{
|
||||
@@ -211,6 +221,15 @@ nsPartChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext)
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsPartChannel::AsyncOpen2(nsIStreamListener *aListener)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener = aListener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return AsyncOpen(listener, nullptr);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsPartChannel::GetLoadFlags(nsLoadFlags *aLoadFlags)
|
||||
{
|
||||
|
||||
@@ -489,7 +489,7 @@ exports.fetch = function fetch(aURL, aOptions={ loadFromCache: true,
|
||||
Services.scriptSecurityManager.getSystemPrincipal(),
|
||||
null, // aTriggeringPrincipal
|
||||
Ci.nsILoadInfo.SEC_NORMAL,
|
||||
aOptions.policy);
|
||||
Ci.nsIContentPolicy.TYPE_OTHER);
|
||||
} catch (ex) {
|
||||
deferred.reject(ex);
|
||||
}
|
||||
|
||||
@@ -274,6 +274,12 @@ ExternalHelperAppParent::Open(nsIInputStream **aResult)
|
||||
return NS_ERROR_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
ExternalHelperAppParent::Open2(nsIInputStream** aStream)
|
||||
{
|
||||
return NS_ERROR_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
ExternalHelperAppParent::AsyncOpen(nsIStreamListener *aListener,
|
||||
nsISupports *aContext)
|
||||
@@ -281,6 +287,12 @@ ExternalHelperAppParent::AsyncOpen(nsIStreamListener *aListener,
|
||||
return NS_ERROR_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
ExternalHelperAppParent::AsyncOpen2(nsIStreamListener *aListener)
|
||||
{
|
||||
return NS_ERROR_NOT_IMPLEMENTED;
|
||||
}
|
||||
|
||||
|
||||
NS_IMETHODIMP
|
||||
ExternalHelperAppParent::GetLoadFlags(nsLoadFlags *aLoadFlags)
|
||||
|
||||
@@ -19,6 +19,7 @@
|
||||
#include "nsIPrefService.h"
|
||||
#include "nsIPrompt.h"
|
||||
#include "nsNetUtil.h"
|
||||
#include "nsContentSecurityManager.h"
|
||||
#include "nsExternalHelperAppService.h"
|
||||
|
||||
// used to dispatch urls to default protocol handlers
|
||||
@@ -177,6 +178,14 @@ NS_IMETHODIMP nsExtProtocolChannel::Open(nsIInputStream **_retval)
|
||||
return OpenURL();
|
||||
}
|
||||
|
||||
NS_IMETHODIMP nsExtProtocolChannel::Open2(nsIInputStream** aStream)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return Open(aStream);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP nsExtProtocolChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *ctxt)
|
||||
{
|
||||
NS_ENSURE_ARG_POINTER(listener);
|
||||
@@ -187,6 +196,14 @@ NS_IMETHODIMP nsExtProtocolChannel::AsyncOpen(nsIStreamListener *listener, nsISu
|
||||
return OpenURL();
|
||||
}
|
||||
|
||||
NS_IMETHODIMP nsExtProtocolChannel::AsyncOpen2(nsIStreamListener *aListener)
|
||||
{
|
||||
nsCOMPtr<nsIStreamListener> listener = aListener;
|
||||
nsresult rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
return AsyncOpen(listener, nullptr);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP nsExtProtocolChannel::GetLoadFlags(nsLoadFlags *aLoadFlags)
|
||||
{
|
||||
*aLoadFlags = mLoadFlags;
|
||||
|
||||
Reference in New Issue
Block a user