mirror of
https://github.com/roytam1/palemoon27.git
synced 2026-05-26 14:18:48 +00:00
roytam1
50e77397ba
- bug 1204614 - use h2 per stream flow control to deal with suspended channels r=hurley (1f8f4fe7f1) - bug 1142384 - eventtokenbucket thread management r=hurley (a7bbb17cf8) - bug 1179560 - some 421 retries dont work r=hurley (57b9d738e7) - bug 1187239 - ontransportstatus SENDING_TO should not use request stream re-entrantly r=hurley r=bz (ca9fe4e299) - bug 1196882 - dont enforce h1 framing on non 2xx r=bagder (5fbafc06af) - bug 1206771 - fix reentrantFlag compiler warning on >= beta r=jduell (de1fbf71cd) - bug 1148237 restart verifier null pattern r=honzab (32953a08dd) - Bug 1166349: Use a fallible allocation in nsXMLHttpRequest::StreamReaderFunc. r=smaug (36825e2213) - Bug 1199796 - Refactor Request and XHR request method validation. r=nsm (95639c3097) - Bug 1154411 - Do not close same fd twice r=bent (d92f48ce05) - Bug 1199862 - In the case of a DivertToParent a message or error prompt may block in a OnStartRequest or OnDataAvailable and therefore we need to suspend receiving further OnDataAvailable or OnStopRequest, etc. r=jduell (05d42bb4ac) - Bug 1206894 - Enable asynchronous dispatching of fetch events; r=jdm (e74982babf) - Bug 1176073 - Missing mIPCClosed check in SendReportSecurityMessage. r=honza (369d25cf44) - missing bits of Bug 1184971 - Expose cookieBehavior and cookieLifetimePolicy preference variants from nsICookieService. r=ehsan (311867e5b0) - Bug 1184275 - Remove warnings that URI is not a file URI. r=jduell (19cde2bb7f) - Bug 1184798 - Ensure workers loads are treated as non-subresource fetches. r=jdm (996df180be) - Bug 1187217 - Fix deref nullptr loadInfo in nsDocShell::LoadStream. r=bz (6e734e7688) - code style (9b783b1235) - Bug 1184260 - Remove warning if GetRootScrollFrame returns null in GetCurScrollPos. r=smaug (7d667886f5) - Bug 1196290 - Do not update orientation lock when app docshell is activated. r=smaug (1c42abec55) - Bug 1191178 - Part 1: Add a function to check frame timing preference value. r=smaug (cb6fa1b1e4) - Bug 1191178 - Part 0: Fix unified build in dom/base. Add missing headers and sorting them. r=smaug (64814477f7) - Bug 1191178 - Part 0.1: GetSriLog() is needed to avoid unified build failure. r=francois (80e29ae34a) - Bug 1191178 - Part 0.2: Include nsBaseHashTable in nsScriptNameSpaceManager.h explicitly to avoid unified build errors. r=njn (cf98949e2d) - Bug 1191178 - Part 2: Add PerformanceRenderTiming and PerformanceCompositeTiming. r=smaug (954df4283c) - Bug 1163545 - Bypass AppCache completely when Service Workers supported & registered, r=jdm (2ee23b3ee9) - Bug 1192946 - Use channel->ascynOpen2 in widget/windows/WinUtils.cpp (r=sicking) (931b4d6bee) - Bug 1048048 - add preload content policy types for images (r=seth) (824b404ee1) - Bug 895274 part.11 Rename NS_KEY_DOWN to eKeyDown r=smaug (411fd23491) - Bug 895274 part.12 Rename NS_KEY_BEFORE_DOWN to eBeforeKeyDown r=smaug (2246daafa8) - Bug 895274 part.13 Rename NS_KEY_AFTERE_DOWN to eAfterKeyDown r=smaug (3be7824e25) - Bug 895274 part.14 Rename NS_KEY_BEFORE_UP to eBeforeKeyUp r=smaug (a93199c8c9) - Bug 895274 part.15 Rename NS_KEY_AFTER_UP to eAfterKeyUp r=smaug (57d0905783) - Bug 895274 part.16 Rename NS_RESIZE to eResize r=smaug (7833338de2) - Bug 895274 part.17 Rename NS_SCROLL_EVENT to eScroll r=smaug (ff6d0cdfd4) - Bug 895274 part.95 Rename NS_MUTATION_NODEINSERTEDINTODOCUMENT to eLegacyNodeInsertedIntoDocument r=smaug (3f3d730ee2) - Bug 895274 part.96 Rename NS_MUTATION_START to eLegacyMutationEventFirst r=smaug (98c31b5e38) - Bug 895274 part.97 Rename NS_MUTATION_NODEREMOVEDFROMDOCUMENT to eLegacyNodeRemovedFromDocument r=smaug (1ba815caae) - Bug 895274 part.98 Rename NS_MUTATION_CHARACTERDATAMODIFIED to eLegacyCharacterDataModified r=smaug (16e625cbb6) - Bug 895274 part.99 Rename NS_MUTATION_SUBTREEMODIFIED to eLegacySubtreeModified r=smaug (7ec172cef7) - Bug 895274 part.100 Rename NS_MUTATION_NODEINSERTED to eLegacyNodeInserted r=smaug (a4d22eb9cd) - Bug 895274 part.101 Rename NS_MUTATION_NODEREMOVED to eLegacyNodeRemoved r=smaug (746766bc0a) - Bug 895274 part.102 Rename NS_MUTATION_ATTRMODIFIED to eLegacyAttrModified r=smaug (eef12e69bc) - Bug 895274 part.103 Rename NS_MUTATION_END to eLegacyMutationEventLast r=smaug (d3b375d3fe) - Bug 895274 part.149 Rename NS_USER_DEFINED_EVENT to eUnidentifiedEvent r=smaug (0fe272aa46) - Bug 1205533 - Fix and disallow warnings in gfx/qcms/. r=jrmuizel. (6cf4efeb47) - Bug 1188347 - Properly handle OOM during script cloning. r=jandem (93934b2aff) - Bug 1188347 - Part 2: Fix bustage. r=jandem (61fcb2b899) - Bug 1175442 Make nsContentUtils::SendKeyEvent() take nsIWidget* rather than nsCOMPtr<nsIWidget> r=smaug (2115e04234) - Bug 1188347 - Part 3: Only run test relying on debug builds in debug builds. r=bustage (25e84b0a2c) - Bug 1188347 - Part 4: Root LazyScript* in CloneScriptIntoFunction. r=bustage (18dd9e84ca) - spacing (b45fe5d45b) - Bug 1162791 - Add-ons should be enabled by default when installed r=ferjm (d5062d5592) - Bug 1173666 - Expose the URL of the page that calls mozApps.connect to the app exposing the port. r=ferjm, r=baku (74b106fac5) - Bug 1191516 - Make checkInstalled return a DOMApplication object. r=fabrice (01dfb29190)
376 lines
12 KiB
C++
376 lines
12 KiB
C++
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#include "ThirdPartyUtil.h"
|
|
#include "nsNetCID.h"
|
|
#include "nsNetUtil.h"
|
|
#include "nsIChannel.h"
|
|
#include "nsIServiceManager.h"
|
|
#include "nsIHttpChannelInternal.h"
|
|
#include "nsIDOMWindow.h"
|
|
#include "nsILoadContext.h"
|
|
#include "nsIPrincipal.h"
|
|
#include "nsIScriptObjectPrincipal.h"
|
|
#include "nsIURI.h"
|
|
#include "nsThreadUtils.h"
|
|
#include "mozilla/Logging.h"
|
|
|
|
NS_IMPL_ISUPPORTS(ThirdPartyUtil, mozIThirdPartyUtil)
|
|
|
|
//
|
|
// NSPR_LOG_MODULES=thirdPartyUtil:5
|
|
//
|
|
static PRLogModuleInfo *gThirdPartyLog;
|
|
#undef LOG
|
|
#define LOG(args) MOZ_LOG(gThirdPartyLog, mozilla::LogLevel::Debug, args)
|
|
|
|
nsresult
|
|
ThirdPartyUtil::Init()
|
|
{
|
|
NS_ENSURE_TRUE(NS_IsMainThread(), NS_ERROR_NOT_AVAILABLE);
|
|
|
|
nsresult rv;
|
|
mTLDService = do_GetService(NS_EFFECTIVETLDSERVICE_CONTRACTID, &rv);
|
|
|
|
if (!gThirdPartyLog)
|
|
gThirdPartyLog = PR_NewLogModule("thirdPartyUtil");
|
|
|
|
return rv;
|
|
}
|
|
|
|
// Determine if aFirstDomain is a different base domain to aSecondURI; or, if
|
|
// the concept of base domain does not apply, determine if the two hosts are not
|
|
// string-identical.
|
|
nsresult
|
|
ThirdPartyUtil::IsThirdPartyInternal(const nsCString& aFirstDomain,
|
|
nsIURI* aSecondURI,
|
|
bool* aResult)
|
|
{
|
|
NS_ENSURE_ARG(aSecondURI);
|
|
|
|
// Get the base domain for aSecondURI.
|
|
nsCString secondDomain;
|
|
nsresult rv = GetBaseDomain(aSecondURI, secondDomain);
|
|
if (NS_FAILED(rv))
|
|
return rv;
|
|
|
|
// Check strict equality.
|
|
*aResult = aFirstDomain != secondDomain;
|
|
return NS_OK;
|
|
}
|
|
|
|
// Get the URI associated with a window.
|
|
NS_IMETHODIMP
|
|
ThirdPartyUtil::GetURIFromWindow(nsIDOMWindow* aWin, nsIURI** result)
|
|
{
|
|
nsresult rv;
|
|
nsCOMPtr<nsIScriptObjectPrincipal> scriptObjPrin = do_QueryInterface(aWin);
|
|
if (!scriptObjPrin) {
|
|
return NS_ERROR_INVALID_ARG;
|
|
}
|
|
|
|
nsIPrincipal* prin = scriptObjPrin->GetPrincipal();
|
|
if (!prin) {
|
|
return NS_ERROR_INVALID_ARG;
|
|
}
|
|
|
|
if (prin->GetIsNullPrincipal()) {
|
|
LOG(("ThirdPartyUtil::GetURIFromWindow can't use null principal\n"));
|
|
return NS_ERROR_INVALID_ARG;
|
|
}
|
|
|
|
rv = prin->GetURI(result);
|
|
return rv;
|
|
}
|
|
|
|
// Determine if aFirstURI is third party with respect to aSecondURI. See docs
|
|
// for mozIThirdPartyUtil.
|
|
NS_IMETHODIMP
|
|
ThirdPartyUtil::IsThirdPartyURI(nsIURI* aFirstURI,
|
|
nsIURI* aSecondURI,
|
|
bool* aResult)
|
|
{
|
|
NS_ENSURE_ARG(aFirstURI);
|
|
NS_ENSURE_ARG(aSecondURI);
|
|
NS_ASSERTION(aResult, "null outparam pointer");
|
|
|
|
nsCString firstHost;
|
|
nsresult rv = GetBaseDomain(aFirstURI, firstHost);
|
|
if (NS_FAILED(rv))
|
|
return rv;
|
|
|
|
return IsThirdPartyInternal(firstHost, aSecondURI, aResult);
|
|
}
|
|
|
|
// Determine if any URI of the window hierarchy of aWindow is foreign with
|
|
// respect to aSecondURI. See docs for mozIThirdPartyUtil.
|
|
NS_IMETHODIMP
|
|
ThirdPartyUtil::IsThirdPartyWindow(nsIDOMWindow* aWindow,
|
|
nsIURI* aURI,
|
|
bool* aResult)
|
|
{
|
|
NS_ENSURE_ARG(aWindow);
|
|
NS_ASSERTION(aResult, "null outparam pointer");
|
|
|
|
bool result;
|
|
|
|
// Get the URI of the window, and its base domain.
|
|
nsresult rv;
|
|
nsCOMPtr<nsIURI> currentURI;
|
|
rv = GetURIFromWindow(aWindow, getter_AddRefs(currentURI));
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
nsCString bottomDomain;
|
|
rv = GetBaseDomain(currentURI, bottomDomain);
|
|
if (NS_FAILED(rv))
|
|
return rv;
|
|
|
|
if (aURI) {
|
|
// Determine whether aURI is foreign with respect to currentURI.
|
|
rv = IsThirdPartyInternal(bottomDomain, aURI, &result);
|
|
if (NS_FAILED(rv))
|
|
return rv;
|
|
|
|
if (result) {
|
|
*aResult = true;
|
|
return NS_OK;
|
|
}
|
|
}
|
|
|
|
nsCOMPtr<nsPIDOMWindow> current = do_QueryInterface(aWindow), parent;
|
|
nsCOMPtr<nsIURI> parentURI;
|
|
do {
|
|
// We use GetScriptableParent rather than GetParent because we consider
|
|
// <iframe mozbrowser/mozapp> to be a top-level frame.
|
|
parent = current->GetScriptableParent();
|
|
|
|
if (SameCOMIdentity(parent, current)) {
|
|
// We're at the topmost content window. We already know the answer.
|
|
*aResult = false;
|
|
return NS_OK;
|
|
}
|
|
|
|
rv = GetURIFromWindow(parent, getter_AddRefs(parentURI));
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
rv = IsThirdPartyInternal(bottomDomain, parentURI, &result);
|
|
if (NS_FAILED(rv))
|
|
return rv;
|
|
|
|
if (result) {
|
|
*aResult = true;
|
|
return NS_OK;
|
|
}
|
|
|
|
current = parent;
|
|
currentURI = parentURI;
|
|
} while (1);
|
|
|
|
NS_NOTREACHED("should've returned");
|
|
return NS_ERROR_UNEXPECTED;
|
|
}
|
|
|
|
// Determine if the URI associated with aChannel or any URI of the window
|
|
// hierarchy associated with the channel is foreign with respect to aSecondURI.
|
|
// See docs for mozIThirdPartyUtil.
|
|
NS_IMETHODIMP
|
|
ThirdPartyUtil::IsThirdPartyChannel(nsIChannel* aChannel,
|
|
nsIURI* aURI,
|
|
bool* aResult)
|
|
{
|
|
NS_ENSURE_ARG(aChannel);
|
|
NS_ASSERTION(aResult, "null outparam pointer");
|
|
|
|
nsresult rv;
|
|
bool doForce = false;
|
|
bool checkWindowChain = true;
|
|
bool parentIsThird = false;
|
|
nsCOMPtr<nsIHttpChannelInternal> httpChannelInternal =
|
|
do_QueryInterface(aChannel);
|
|
if (httpChannelInternal) {
|
|
uint32_t flags;
|
|
rv = httpChannelInternal->GetThirdPartyFlags(&flags);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
doForce = (flags & nsIHttpChannelInternal::THIRD_PARTY_FORCE_ALLOW);
|
|
|
|
// If aURI was not supplied, and we're forcing, then we're by definition
|
|
// not foreign. If aURI was supplied, we still want to check whether it's
|
|
// foreign with respect to the channel URI. (The forcing only applies to
|
|
// whatever window hierarchy exists above the channel.)
|
|
if (doForce && !aURI) {
|
|
*aResult = false;
|
|
return NS_OK;
|
|
}
|
|
|
|
if (flags & nsIHttpChannelInternal::THIRD_PARTY_PARENT_IS_THIRD_PARTY) {
|
|
// Check that the two PARENT_IS_{THIRD,SAME}_PARTY are mutually exclusive.
|
|
MOZ_ASSERT(!(flags & nsIHttpChannelInternal::THIRD_PARTY_PARENT_IS_SAME_PARTY));
|
|
|
|
// If we're not forcing and we know that the window chain of the channel
|
|
// is third party, then we know now that we're third party.
|
|
if (!doForce) {
|
|
*aResult = true;
|
|
return NS_OK;
|
|
}
|
|
|
|
checkWindowChain = false;
|
|
parentIsThird = true;
|
|
} else {
|
|
// In e10s, we can't check the parent chain in the parent, so we do so
|
|
// in the child and send the result to the parent.
|
|
// Note that we only check the window chain if neither
|
|
// THIRD_PARTY_PARENT_IS_* flag is set.
|
|
checkWindowChain = !(flags & nsIHttpChannelInternal::THIRD_PARTY_PARENT_IS_SAME_PARTY);
|
|
parentIsThird = false;
|
|
}
|
|
}
|
|
|
|
// Obtain the URI from the channel, and its base domain.
|
|
nsCOMPtr<nsIURI> channelURI;
|
|
aChannel->GetURI(getter_AddRefs(channelURI));
|
|
NS_ENSURE_TRUE(channelURI, NS_ERROR_INVALID_ARG);
|
|
|
|
nsCString channelDomain;
|
|
rv = GetBaseDomain(channelURI, channelDomain);
|
|
if (NS_FAILED(rv))
|
|
return rv;
|
|
|
|
if (aURI) {
|
|
// Determine whether aURI is foreign with respect to channelURI.
|
|
bool result;
|
|
rv = IsThirdPartyInternal(channelDomain, aURI, &result);
|
|
if (NS_FAILED(rv))
|
|
return rv;
|
|
|
|
// If it's foreign, or we're forcing, we're done.
|
|
if (result || doForce) {
|
|
*aResult = result;
|
|
return NS_OK;
|
|
}
|
|
}
|
|
|
|
// If we've already computed this in the child process, we're done.
|
|
if (!checkWindowChain) {
|
|
*aResult = parentIsThird;
|
|
return NS_OK;
|
|
}
|
|
|
|
// Find the associated window and its parent window.
|
|
nsCOMPtr<nsILoadContext> ctx;
|
|
NS_QueryNotificationCallbacks(aChannel, ctx);
|
|
if (!ctx) return NS_ERROR_INVALID_ARG;
|
|
|
|
// If there is no window, the consumer kicking off the load didn't provide one
|
|
// to the channel. This is limited to loads of certain types of resources. If
|
|
// those loads require cookies, the forceAllowThirdPartyCookie property should
|
|
// be set on the channel.
|
|
nsCOMPtr<nsIDOMWindow> ourWin;
|
|
ctx->GetAssociatedWindow(getter_AddRefs(ourWin));
|
|
if (!ourWin) return NS_ERROR_INVALID_ARG;
|
|
|
|
// We use GetScriptableParent rather than GetParent because we consider
|
|
// <iframe mozbrowser/mozapp> to be a top-level frame.
|
|
nsCOMPtr<nsPIDOMWindow> ourPWin = do_QueryInterface(ourWin);
|
|
nsCOMPtr<nsPIDOMWindow> parentWin = ourPWin->GetScriptableParent();
|
|
NS_ENSURE_TRUE(parentWin, NS_ERROR_INVALID_ARG);
|
|
|
|
// Check whether this is the document channel for this window (representing a
|
|
// load of a new page). In that situation we want to avoid comparing
|
|
// channelURI to ourWin, since what's in ourWin right now will be replaced as
|
|
// the channel loads. This covers the case of a freshly kicked-off load
|
|
// (e.g. the user typing something in the location bar, or clicking on a
|
|
// bookmark), where the window's URI hasn't yet been set, and will be bogus.
|
|
// It also covers situations where a subframe is navigated to someting that
|
|
// is same-origin with all its ancestors. This is a bit of a nasty hack, but
|
|
// we will hopefully flag these channels better later.
|
|
nsLoadFlags flags;
|
|
rv = aChannel->GetLoadFlags(&flags);
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
if (flags & nsIChannel::LOAD_DOCUMENT_URI) {
|
|
if (SameCOMIdentity(ourWin, parentWin)) {
|
|
// We only need to compare aURI to the channel URI -- the window's will be
|
|
// bogus. We already know the answer.
|
|
*aResult = false;
|
|
return NS_OK;
|
|
}
|
|
|
|
// Make sure to still compare to ourWin's ancestors
|
|
ourWin = parentWin;
|
|
}
|
|
|
|
// Check the window hierarchy. This covers most cases for an ordinary page
|
|
// load from the location bar.
|
|
return IsThirdPartyWindow(ourWin, channelURI, aResult);
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
ThirdPartyUtil::GetTopWindowForChannel(nsIChannel* aChannel, nsIDOMWindow** aWin)
|
|
{
|
|
NS_ENSURE_ARG(aWin);
|
|
|
|
// Find the associated window and its parent window.
|
|
nsCOMPtr<nsILoadContext> ctx;
|
|
NS_QueryNotificationCallbacks(aChannel, ctx);
|
|
if (!ctx) {
|
|
return NS_ERROR_INVALID_ARG;
|
|
}
|
|
|
|
nsCOMPtr<nsIDOMWindow> window;
|
|
ctx->GetAssociatedWindow(getter_AddRefs(window));
|
|
nsCOMPtr<nsPIDOMWindow> top = do_QueryInterface(window);
|
|
if (!window) {
|
|
return NS_ERROR_INVALID_ARG;
|
|
}
|
|
|
|
top = top->GetTop();
|
|
top.forget(aWin);
|
|
return NS_OK;
|
|
}
|
|
|
|
// Get the base domain for aHostURI; e.g. for "www.bbc.co.uk", this would be
|
|
// "bbc.co.uk". Only properly-formed URI's are tolerated, though a trailing
|
|
// dot may be present. If aHostURI is an IP address, an alias such as
|
|
// 'localhost', an eTLD such as 'co.uk', or the empty string, aBaseDomain will
|
|
// be the exact host. The result of this function should only be used in exact
|
|
// string comparisons, since substring comparisons will not be valid for the
|
|
// special cases elided above.
|
|
NS_IMETHODIMP
|
|
ThirdPartyUtil::GetBaseDomain(nsIURI* aHostURI,
|
|
nsACString& aBaseDomain)
|
|
{
|
|
// Get the base domain. this will fail if the host contains a leading dot,
|
|
// more than one trailing dot, or is otherwise malformed.
|
|
nsresult rv = mTLDService->GetBaseDomain(aHostURI, 0, aBaseDomain);
|
|
if (rv == NS_ERROR_HOST_IS_IP_ADDRESS ||
|
|
rv == NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS) {
|
|
// aHostURI is either an IP address, an alias such as 'localhost', an eTLD
|
|
// such as 'co.uk', or the empty string. Uses the normalized host in such
|
|
// cases.
|
|
rv = aHostURI->GetAsciiHost(aBaseDomain);
|
|
}
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
// aHostURI (and thus aBaseDomain) may be the string '.'. If so, fail.
|
|
if (aBaseDomain.Length() == 1 && aBaseDomain.Last() == '.')
|
|
return NS_ERROR_INVALID_ARG;
|
|
|
|
// Reject any URIs without a host that aren't file:// URIs. This makes it the
|
|
// only way we can get a base domain consisting of the empty string, which
|
|
// means we can safely perform foreign tests on such URIs where "not foreign"
|
|
// means "the involved URIs are all file://".
|
|
if (aBaseDomain.IsEmpty()) {
|
|
bool isFileURI = false;
|
|
aHostURI->SchemeIs("file", &isFileURI);
|
|
if (!isFileURI) {
|
|
return NS_ERROR_INVALID_ARG;
|
|
}
|
|
}
|
|
|
|
return NS_OK;
|
|
}
|