Line data Source code
1 : /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 : /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 : /* This Source Code Form is subject to the terms of the Mozilla Public
4 : * License, v. 2.0. If a copy of the MPL was not distributed with this
5 : * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6 :
7 : #include "mozilla/LoadInfo.h"
8 :
9 : #include "mozilla/Assertions.h"
10 : #include "mozilla/dom/ToJSValue.h"
11 : #include "mozIThirdPartyUtil.h"
12 : #include "nsFrameLoader.h"
13 : #include "nsIContentSecurityPolicy.h"
14 : #include "nsIDocShell.h"
15 : #include "nsIDocument.h"
16 : #include "nsIDOMDocument.h"
17 : #include "nsIFrameLoader.h"
18 : #include "nsIInterfaceRequestorUtils.h"
19 : #include "nsISupportsImpl.h"
20 : #include "nsISupportsUtils.h"
21 : #include "nsContentUtils.h"
22 : #include "nsDocShell.h"
23 : #include "nsGlobalWindow.h"
24 : #include "NullPrincipal.h"
25 : #include "nsRedirectHistoryEntry.h"
26 :
27 : using namespace mozilla::dom;
28 :
29 : namespace mozilla {
30 : namespace net {
31 :
32 1185 : LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
33 : nsIPrincipal* aTriggeringPrincipal,
34 : nsINode* aLoadingContext,
35 : nsSecurityFlags aSecurityFlags,
36 1185 : nsContentPolicyType aContentPolicyType)
37 : : mLoadingPrincipal(aLoadingContext ?
38 : aLoadingContext->NodePrincipal() : aLoadingPrincipal)
39 : , mTriggeringPrincipal(aTriggeringPrincipal ?
40 1134 : aTriggeringPrincipal : mLoadingPrincipal.get())
41 : , mPrincipalToInherit(nullptr)
42 2370 : , mLoadingContext(do_GetWeakReference(aLoadingContext))
43 : , mSecurityFlags(aSecurityFlags)
44 : , mInternalContentPolicyType(aContentPolicyType)
45 : , mTainting(LoadTainting::Basic)
46 : , mUpgradeInsecureRequests(false)
47 : , mVerifySignedContent(false)
48 : , mEnforceSRI(false)
49 : , mForceInheritPrincipalDropped(false)
50 : , mInnerWindowID(0)
51 : , mOuterWindowID(0)
52 : , mParentOuterWindowID(0)
53 : , mFrameOuterWindowID(0)
54 : , mEnforceSecurity(false)
55 : , mInitialSecurityCheckDone(false)
56 : , mIsThirdPartyContext(false)
57 : , mForcePreflight(false)
58 : , mIsPreflight(false)
59 : , mForceHSTSPriming(false)
60 : , mMixedContentWouldBlock(false)
61 : , mIsHSTSPriming(false)
62 4689 : , mIsHSTSPrimingUpgrade(false)
63 : {
64 1185 : MOZ_ASSERT(mLoadingPrincipal);
65 1185 : MOZ_ASSERT(mTriggeringPrincipal);
66 :
67 : #ifdef DEBUG
68 : // TYPE_DOCUMENT loads initiated by javascript tests will go through
69 : // nsIOService and use the wrong constructor. Don't enforce the
70 : // !TYPE_DOCUMENT check in those cases
71 1185 : bool skipContentTypeCheck = false;
72 1185 : skipContentTypeCheck = Preferences::GetBool("network.loadinfo.skip_type_assertion");
73 : #endif
74 :
75 : // This constructor shouldn't be used for TYPE_DOCUMENT loads that don't
76 : // have a loadingPrincipal
77 1185 : MOZ_ASSERT(skipContentTypeCheck ||
78 : mInternalContentPolicyType != nsIContentPolicy::TYPE_DOCUMENT);
79 :
80 : // TODO(bug 1259873): Above, we initialize mIsThirdPartyContext to false meaning
81 : // that consumers of LoadInfo that don't pass a context or pass a context from
82 : // which we can't find a window will default to assuming that they're 1st
83 : // party. It would be nice if we could default "safe" and assume that we are
84 : // 3rd party until proven otherwise.
85 :
86 : // if consumers pass both, aLoadingContext and aLoadingPrincipal
87 : // then the loadingPrincipal must be the same as the node's principal
88 1185 : MOZ_ASSERT(!aLoadingContext || !aLoadingPrincipal ||
89 : aLoadingContext->NodePrincipal() == aLoadingPrincipal);
90 :
91 : // if the load is sandboxed, we can not also inherit the principal
92 1185 : if (mSecurityFlags & nsILoadInfo::SEC_SANDBOXED) {
93 3 : mForceInheritPrincipalDropped =
94 3 : (mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
95 3 : mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
96 : }
97 :
98 1185 : if (aLoadingContext) {
99 110 : nsCOMPtr<nsPIDOMWindowOuter> contextOuter = aLoadingContext->OwnerDoc()->GetWindow();
100 55 : if (contextOuter) {
101 55 : ComputeIsThirdPartyContext(contextOuter);
102 55 : mOuterWindowID = contextOuter->WindowID();
103 110 : nsCOMPtr<nsPIDOMWindowOuter> parent = contextOuter->GetScriptableParent();
104 55 : mParentOuterWindowID = parent ? parent->WindowID() : mOuterWindowID;
105 : }
106 :
107 55 : mInnerWindowID = aLoadingContext->OwnerDoc()->InnerWindowID();
108 :
109 : // When the element being loaded is a frame, we choose the frame's window
110 : // for the window ID and the frame element's window as the parent
111 : // window. This is the behavior that Chrome exposes to add-ons.
112 : // NB: If the frameLoaderOwner doesn't have a frame loader, then the load
113 : // must be coming from an object (such as a plugin) that's loaded into it
114 : // instead of a document being loaded. In that case, treat this object like
115 : // any other non-document-loading element.
116 : nsCOMPtr<nsIFrameLoaderOwner> frameLoaderOwner =
117 110 : do_QueryInterface(aLoadingContext);
118 112 : nsCOMPtr<nsIFrameLoader> fl = frameLoaderOwner ?
119 167 : frameLoaderOwner->GetFrameLoader() : nullptr;
120 55 : if (fl) {
121 2 : nsCOMPtr<nsIDocShell> docShell;
122 1 : if (NS_SUCCEEDED(fl->GetDocShell(getter_AddRefs(docShell))) && docShell) {
123 2 : nsCOMPtr<nsPIDOMWindowOuter> outerWindow = do_GetInterface(docShell);
124 1 : if (outerWindow) {
125 1 : mFrameOuterWindowID = outerWindow->WindowID();
126 : }
127 : }
128 : }
129 :
130 : // if the document forces all requests to be upgraded from http to https, then
131 : // we should do that for all requests. If it only forces preloads to be upgraded
132 : // then we should enforce upgrade insecure requests only for preloads.
133 55 : mUpgradeInsecureRequests =
134 110 : aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(false) ||
135 59 : (nsContentUtils::IsPreloadType(mInternalContentPolicyType) &&
136 4 : aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(true));
137 :
138 : // if owner doc has content signature, we enforce SRI
139 110 : nsCOMPtr<nsIChannel> channel = aLoadingContext->OwnerDoc()->GetChannel();
140 55 : if (channel) {
141 110 : nsCOMPtr<nsILoadInfo> loadInfo = channel->GetLoadInfo();
142 55 : if (loadInfo) {
143 55 : mEnforceSRI = loadInfo->GetVerifySignedContent();
144 : }
145 : }
146 : }
147 :
148 : // If CSP requires SRI (require-sri-for), then store that information
149 : // in the loadInfo so we can enforce SRI before loading the subresource.
150 1185 : if (!mEnforceSRI) {
151 : // do not look into the CSP if already true:
152 : // a CSP saying that SRI isn't needed should not
153 : // overrule GetVerifySignedContent
154 1185 : if (aLoadingPrincipal) {
155 2370 : nsCOMPtr<nsIContentSecurityPolicy> csp;
156 1185 : aLoadingPrincipal->GetCsp(getter_AddRefs(csp));
157 : uint32_t externalType =
158 1185 : nsContentUtils::InternalContentPolicyTypeToExternal(aContentPolicyType);
159 : // csp could be null if loading principal is system principal
160 1185 : if (csp) {
161 0 : csp->RequireSRIForType(externalType, &mEnforceSRI);
162 : }
163 : // if CSP is delivered via a meta tag, it's speculatively available
164 : // as 'preloadCSP'. If we are preloading a script or style, we have
165 : // to apply that speculative 'preloadCSP' for such loads.
166 1185 : if (!mEnforceSRI && nsContentUtils::IsPreloadType(aContentPolicyType)) {
167 8 : nsCOMPtr<nsIContentSecurityPolicy> preloadCSP;
168 4 : aLoadingPrincipal->GetPreloadCsp(getter_AddRefs(preloadCSP));
169 4 : if (preloadCSP) {
170 0 : preloadCSP->RequireSRIForType(externalType, &mEnforceSRI);
171 : }
172 : }
173 : }
174 : }
175 :
176 1185 : mOriginAttributes = mLoadingPrincipal->OriginAttributesRef();
177 :
178 : // We need to do this after inheriting the document's origin attributes
179 : // above, in case the loading principal ends up being the system principal.
180 1185 : if (aLoadingContext) {
181 : nsCOMPtr<nsILoadContext> loadContext =
182 110 : aLoadingContext->OwnerDoc()->GetLoadContext();
183 110 : nsCOMPtr<nsIDocShell> docShell = aLoadingContext->OwnerDoc()->GetDocShell();
184 110 : if (loadContext && docShell &&
185 55 : docShell->ItemType() == nsIDocShellTreeItem::typeContent) {
186 : bool usePrivateBrowsing;
187 5 : nsresult rv = loadContext->GetUsePrivateBrowsing(&usePrivateBrowsing);
188 5 : if (NS_SUCCEEDED(rv)) {
189 5 : mOriginAttributes.SyncAttributesWithPrivateBrowsing(usePrivateBrowsing);
190 : }
191 : }
192 : }
193 :
194 : // For chrome docshell, the mPrivateBrowsingId remains 0 even its
195 : // UsePrivateBrowsing() is true, so we only update the mPrivateBrowsingId in
196 : // origin attributes if the type of the docshell is content.
197 1185 : if (aLoadingContext) {
198 110 : nsCOMPtr<nsIDocShell> docShell = aLoadingContext->OwnerDoc()->GetDocShell();
199 55 : if (docShell) {
200 55 : if (docShell->ItemType() == nsIDocShellTreeItem::typeChrome) {
201 50 : MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0,
202 : "chrome docshell shouldn't have mPrivateBrowsingId set.");
203 : }
204 : }
205 : }
206 1185 : }
207 :
208 : /* Constructor takes an outer window, but no loadingNode or loadingPrincipal.
209 : * This constructor should only be used for TYPE_DOCUMENT loads, since they
210 : * have a null loadingNode and loadingPrincipal.
211 : */
212 5 : LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow,
213 : nsIPrincipal* aTriggeringPrincipal,
214 5 : nsSecurityFlags aSecurityFlags)
215 : : mLoadingPrincipal(nullptr)
216 : , mTriggeringPrincipal(aTriggeringPrincipal)
217 : , mPrincipalToInherit(nullptr)
218 : , mSecurityFlags(aSecurityFlags)
219 : , mInternalContentPolicyType(nsIContentPolicy::TYPE_DOCUMENT)
220 : , mTainting(LoadTainting::Basic)
221 : , mUpgradeInsecureRequests(false)
222 : , mVerifySignedContent(false)
223 : , mEnforceSRI(false)
224 : , mForceInheritPrincipalDropped(false)
225 : , mInnerWindowID(0)
226 : , mOuterWindowID(0)
227 : , mParentOuterWindowID(0)
228 : , mFrameOuterWindowID(0)
229 : , mEnforceSecurity(false)
230 : , mInitialSecurityCheckDone(false)
231 : , mIsThirdPartyContext(false) // NB: TYPE_DOCUMENT implies not third-party.
232 : , mForcePreflight(false)
233 : , mIsPreflight(false)
234 : , mForceHSTSPriming(false)
235 : , mMixedContentWouldBlock(false)
236 : , mIsHSTSPriming(false)
237 5 : , mIsHSTSPrimingUpgrade(false)
238 : {
239 : // Top-level loads are never third-party
240 : // Grab the information we can out of the window.
241 5 : MOZ_ASSERT(aOuterWindow);
242 5 : MOZ_ASSERT(mTriggeringPrincipal);
243 :
244 : // if the load is sandboxed, we can not also inherit the principal
245 5 : if (mSecurityFlags & nsILoadInfo::SEC_SANDBOXED) {
246 0 : mForceInheritPrincipalDropped =
247 0 : (mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
248 0 : mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
249 : }
250 :
251 : // NB: Ignore the current inner window since we're navigating away from it.
252 5 : mOuterWindowID = aOuterWindow->WindowID();
253 :
254 : // TODO We can have a parent without a frame element in some cases dealing
255 : // with the hidden window.
256 10 : nsCOMPtr<nsPIDOMWindowOuter> parent = aOuterWindow->GetScriptableParent();
257 5 : mParentOuterWindowID = parent ? parent->WindowID() : 0;
258 :
259 : // get the docshell from the outerwindow, and then get the originattributes
260 10 : nsCOMPtr<nsIDocShell> docShell = aOuterWindow->GetDocShell();
261 5 : MOZ_ASSERT(docShell);
262 5 : mOriginAttributes = nsDocShell::Cast(docShell)->GetOriginAttributes();
263 :
264 : #ifdef DEBUG
265 5 : if (docShell->ItemType() == nsIDocShellTreeItem::typeChrome) {
266 2 : MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0,
267 : "chrome docshell shouldn't have mPrivateBrowsingId set.");
268 : }
269 : #endif
270 5 : }
271 :
272 0 : LoadInfo::LoadInfo(const LoadInfo& rhs)
273 : : mLoadingPrincipal(rhs.mLoadingPrincipal)
274 : , mTriggeringPrincipal(rhs.mTriggeringPrincipal)
275 : , mPrincipalToInherit(rhs.mPrincipalToInherit)
276 : , mSandboxedLoadingPrincipal(rhs.mSandboxedLoadingPrincipal)
277 : , mResultPrincipalURI(rhs.mResultPrincipalURI)
278 : , mLoadingContext(rhs.mLoadingContext)
279 0 : , mSecurityFlags(rhs.mSecurityFlags)
280 0 : , mInternalContentPolicyType(rhs.mInternalContentPolicyType)
281 0 : , mTainting(rhs.mTainting)
282 0 : , mUpgradeInsecureRequests(rhs.mUpgradeInsecureRequests)
283 0 : , mVerifySignedContent(rhs.mVerifySignedContent)
284 0 : , mEnforceSRI(rhs.mEnforceSRI)
285 0 : , mForceInheritPrincipalDropped(rhs.mForceInheritPrincipalDropped)
286 0 : , mInnerWindowID(rhs.mInnerWindowID)
287 0 : , mOuterWindowID(rhs.mOuterWindowID)
288 0 : , mParentOuterWindowID(rhs.mParentOuterWindowID)
289 0 : , mFrameOuterWindowID(rhs.mFrameOuterWindowID)
290 0 : , mEnforceSecurity(rhs.mEnforceSecurity)
291 0 : , mInitialSecurityCheckDone(rhs.mInitialSecurityCheckDone)
292 0 : , mIsThirdPartyContext(rhs.mIsThirdPartyContext)
293 : , mOriginAttributes(rhs.mOriginAttributes)
294 : , mRedirectChainIncludingInternalRedirects(
295 : rhs.mRedirectChainIncludingInternalRedirects)
296 : , mRedirectChain(rhs.mRedirectChain)
297 : , mCorsUnsafeHeaders(rhs.mCorsUnsafeHeaders)
298 0 : , mForcePreflight(rhs.mForcePreflight)
299 0 : , mIsPreflight(rhs.mIsPreflight)
300 0 : , mForceHSTSPriming(rhs.mForceHSTSPriming)
301 0 : , mMixedContentWouldBlock(rhs.mMixedContentWouldBlock)
302 0 : , mIsHSTSPriming(rhs.mIsHSTSPriming)
303 0 : , mIsHSTSPrimingUpgrade(rhs.mIsHSTSPrimingUpgrade)
304 : {
305 0 : }
306 :
307 3 : LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
308 : nsIPrincipal* aTriggeringPrincipal,
309 : nsIPrincipal* aPrincipalToInherit,
310 : nsIPrincipal* aSandboxedLoadingPrincipal,
311 : nsIURI* aResultPrincipalURI,
312 : nsSecurityFlags aSecurityFlags,
313 : nsContentPolicyType aContentPolicyType,
314 : LoadTainting aTainting,
315 : bool aUpgradeInsecureRequests,
316 : bool aVerifySignedContent,
317 : bool aEnforceSRI,
318 : bool aForceInheritPrincipalDropped,
319 : uint64_t aInnerWindowID,
320 : uint64_t aOuterWindowID,
321 : uint64_t aParentOuterWindowID,
322 : uint64_t aFrameOuterWindowID,
323 : bool aEnforceSecurity,
324 : bool aInitialSecurityCheckDone,
325 : bool aIsThirdPartyContext,
326 : const OriginAttributes& aOriginAttributes,
327 : RedirectHistoryArray& aRedirectChainIncludingInternalRedirects,
328 : RedirectHistoryArray& aRedirectChain,
329 : const nsTArray<nsCString>& aCorsUnsafeHeaders,
330 : bool aForcePreflight,
331 : bool aIsPreflight,
332 : bool aForceHSTSPriming,
333 : bool aMixedContentWouldBlock,
334 : bool aIsHSTSPriming,
335 3 : bool aIsHSTSPrimingUpgrade)
336 : : mLoadingPrincipal(aLoadingPrincipal)
337 : , mTriggeringPrincipal(aTriggeringPrincipal)
338 : , mPrincipalToInherit(aPrincipalToInherit)
339 : , mResultPrincipalURI(aResultPrincipalURI)
340 : , mSecurityFlags(aSecurityFlags)
341 : , mInternalContentPolicyType(aContentPolicyType)
342 : , mTainting(aTainting)
343 : , mUpgradeInsecureRequests(aUpgradeInsecureRequests)
344 : , mVerifySignedContent(aVerifySignedContent)
345 : , mEnforceSRI(aEnforceSRI)
346 : , mForceInheritPrincipalDropped(aForceInheritPrincipalDropped)
347 : , mInnerWindowID(aInnerWindowID)
348 : , mOuterWindowID(aOuterWindowID)
349 : , mParentOuterWindowID(aParentOuterWindowID)
350 : , mFrameOuterWindowID(aFrameOuterWindowID)
351 : , mEnforceSecurity(aEnforceSecurity)
352 : , mInitialSecurityCheckDone(aInitialSecurityCheckDone)
353 : , mIsThirdPartyContext(aIsThirdPartyContext)
354 : , mOriginAttributes(aOriginAttributes)
355 : , mCorsUnsafeHeaders(aCorsUnsafeHeaders)
356 : , mForcePreflight(aForcePreflight)
357 : , mIsPreflight(aIsPreflight)
358 : , mForceHSTSPriming (aForceHSTSPriming)
359 : , mMixedContentWouldBlock(aMixedContentWouldBlock)
360 : , mIsHSTSPriming(aIsHSTSPriming)
361 3 : , mIsHSTSPrimingUpgrade(aIsHSTSPrimingUpgrade)
362 : {
363 : // Only top level TYPE_DOCUMENT loads can have a null loadingPrincipal
364 3 : MOZ_ASSERT(mLoadingPrincipal || aContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT);
365 3 : MOZ_ASSERT(mTriggeringPrincipal);
366 :
367 3 : mRedirectChainIncludingInternalRedirects.SwapElements(
368 3 : aRedirectChainIncludingInternalRedirects);
369 :
370 3 : mRedirectChain.SwapElements(aRedirectChain);
371 3 : }
372 :
373 1156 : LoadInfo::~LoadInfo()
374 : {
375 1156 : }
376 :
377 : void
378 55 : LoadInfo::ComputeIsThirdPartyContext(nsPIDOMWindowOuter* aOuterWindow)
379 : {
380 : nsContentPolicyType type =
381 55 : nsContentUtils::InternalContentPolicyTypeToExternal(mInternalContentPolicyType);
382 55 : if (type == nsIContentPolicy::TYPE_DOCUMENT) {
383 : // Top-level loads are never third-party.
384 0 : mIsThirdPartyContext = false;
385 0 : return;
386 : }
387 :
388 110 : nsCOMPtr<mozIThirdPartyUtil> util(do_GetService(THIRDPARTYUTIL_CONTRACTID));
389 55 : if (NS_WARN_IF(!util)) {
390 0 : return;
391 : }
392 :
393 55 : util->IsThirdPartyWindow(aOuterWindow, nullptr, &mIsThirdPartyContext);
394 : }
395 :
396 45580 : NS_IMPL_ISUPPORTS(LoadInfo, nsILoadInfo)
397 :
398 : already_AddRefed<nsILoadInfo>
399 0 : LoadInfo::Clone() const
400 : {
401 0 : RefPtr<LoadInfo> copy(new LoadInfo(*this));
402 0 : return copy.forget();
403 : }
404 :
405 : already_AddRefed<nsILoadInfo>
406 0 : LoadInfo::CloneWithNewSecFlags(nsSecurityFlags aSecurityFlags) const
407 : {
408 0 : RefPtr<LoadInfo> copy(new LoadInfo(*this));
409 0 : copy->mSecurityFlags = aSecurityFlags;
410 0 : return copy.forget();
411 : }
412 :
413 : already_AddRefed<nsILoadInfo>
414 0 : LoadInfo::CloneForNewRequest() const
415 : {
416 0 : RefPtr<LoadInfo> copy(new LoadInfo(*this));
417 0 : copy->mEnforceSecurity = false;
418 0 : copy->mInitialSecurityCheckDone = false;
419 0 : copy->mRedirectChainIncludingInternalRedirects.Clear();
420 0 : copy->mRedirectChain.Clear();
421 0 : copy->mResultPrincipalURI = nullptr;
422 0 : return copy.forget();
423 : }
424 :
425 : NS_IMETHODIMP
426 0 : LoadInfo::GetLoadingPrincipal(nsIPrincipal** aLoadingPrincipal)
427 : {
428 0 : NS_IF_ADDREF(*aLoadingPrincipal = mLoadingPrincipal);
429 0 : return NS_OK;
430 : }
431 :
432 : nsIPrincipal*
433 311 : LoadInfo::LoadingPrincipal()
434 : {
435 311 : return mLoadingPrincipal;
436 : }
437 :
438 : NS_IMETHODIMP
439 0 : LoadInfo::GetTriggeringPrincipal(nsIPrincipal** aTriggeringPrincipal)
440 : {
441 0 : NS_ADDREF(*aTriggeringPrincipal = mTriggeringPrincipal);
442 0 : return NS_OK;
443 : }
444 :
445 : nsIPrincipal*
446 341 : LoadInfo::TriggeringPrincipal()
447 : {
448 341 : return mTriggeringPrincipal;
449 : }
450 :
451 : NS_IMETHODIMP
452 0 : LoadInfo::GetPrincipalToInherit(nsIPrincipal** aPrincipalToInherit)
453 : {
454 0 : NS_IF_ADDREF(*aPrincipalToInherit = mPrincipalToInherit);
455 0 : return NS_OK;
456 : }
457 :
458 : NS_IMETHODIMP
459 7 : LoadInfo::SetPrincipalToInherit(nsIPrincipal* aPrincipalToInherit)
460 : {
461 7 : MOZ_ASSERT(aPrincipalToInherit, "must be a valid principal to inherit");
462 7 : mPrincipalToInherit = aPrincipalToInherit;
463 7 : return NS_OK;
464 : }
465 :
466 : nsIPrincipal*
467 95 : LoadInfo::PrincipalToInherit()
468 : {
469 95 : return mPrincipalToInherit;
470 : }
471 :
472 : NS_IMETHODIMP
473 0 : LoadInfo::GetSandboxedLoadingPrincipal(nsIPrincipal** aPrincipal)
474 : {
475 0 : if (!(mSecurityFlags & nsILoadInfo::SEC_SANDBOXED)) {
476 0 : *aPrincipal = nullptr;
477 0 : return NS_OK;
478 : }
479 :
480 0 : if (!mSandboxedLoadingPrincipal) {
481 0 : if (mLoadingPrincipal) {
482 : mSandboxedLoadingPrincipal =
483 0 : NullPrincipal::CreateWithInheritedAttributes(mLoadingPrincipal);
484 : } else {
485 0 : OriginAttributes attrs(mOriginAttributes);
486 0 : mSandboxedLoadingPrincipal = NullPrincipal::Create(attrs);
487 : }
488 : }
489 0 : MOZ_ASSERT(mSandboxedLoadingPrincipal);
490 :
491 0 : nsCOMPtr<nsIPrincipal> copy(mSandboxedLoadingPrincipal);
492 0 : copy.forget(aPrincipal);
493 0 : return NS_OK;
494 : }
495 :
496 : NS_IMETHODIMP
497 1254 : LoadInfo::GetLoadingDocument(nsIDOMDocument** aResult)
498 : {
499 2508 : nsCOMPtr<nsINode> node = do_QueryReferent(mLoadingContext);
500 1254 : if (node) {
501 214 : nsCOMPtr<nsIDOMDocument> context = do_QueryInterface(node->OwnerDoc());
502 107 : context.forget(aResult);
503 : }
504 2508 : return NS_OK;
505 : }
506 :
507 : nsINode*
508 234 : LoadInfo::LoadingNode()
509 : {
510 468 : nsCOMPtr<nsINode> node = do_QueryReferent(mLoadingContext);
511 468 : return node;
512 : }
513 :
514 : NS_IMETHODIMP
515 3 : LoadInfo::GetSecurityFlags(nsSecurityFlags* aResult)
516 : {
517 3 : *aResult = mSecurityFlags;
518 3 : return NS_OK;
519 : }
520 :
521 : NS_IMETHODIMP
522 791 : LoadInfo::GetSecurityMode(uint32_t* aFlags)
523 : {
524 791 : *aFlags = (mSecurityFlags &
525 : (nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS |
526 : nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED |
527 : nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS |
528 : nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL |
529 : nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS));
530 791 : return NS_OK;
531 : }
532 :
533 : NS_IMETHODIMP
534 12 : LoadInfo::GetIsInThirdPartyContext(bool* aIsInThirdPartyContext)
535 : {
536 12 : *aIsInThirdPartyContext = mIsThirdPartyContext;
537 12 : return NS_OK;
538 : }
539 :
540 : static const uint32_t sCookiePolicyMask =
541 : nsILoadInfo::SEC_COOKIES_DEFAULT |
542 : nsILoadInfo::SEC_COOKIES_INCLUDE |
543 : nsILoadInfo::SEC_COOKIES_SAME_ORIGIN |
544 : nsILoadInfo::SEC_COOKIES_OMIT;
545 :
546 : NS_IMETHODIMP
547 187 : LoadInfo::GetCookiePolicy(uint32_t *aResult)
548 : {
549 187 : uint32_t policy = mSecurityFlags & sCookiePolicyMask;
550 187 : if (policy == nsILoadInfo::SEC_COOKIES_DEFAULT) {
551 186 : policy = (mSecurityFlags & SEC_REQUIRE_CORS_DATA_INHERITS) ?
552 : nsILoadInfo::SEC_COOKIES_SAME_ORIGIN : nsILoadInfo::SEC_COOKIES_INCLUDE;
553 : }
554 :
555 187 : *aResult = policy;
556 187 : return NS_OK;
557 : }
558 :
559 : void
560 0 : LoadInfo::SetIncludeCookiesSecFlag()
561 : {
562 0 : MOZ_ASSERT(!mEnforceSecurity,
563 : "Request should not have been opened yet");
564 0 : MOZ_ASSERT((mSecurityFlags & sCookiePolicyMask) ==
565 : nsILoadInfo::SEC_COOKIES_DEFAULT);
566 0 : mSecurityFlags = (mSecurityFlags & ~sCookiePolicyMask) |
567 : nsILoadInfo::SEC_COOKIES_INCLUDE;
568 0 : }
569 :
570 : NS_IMETHODIMP
571 107 : LoadInfo::GetForceInheritPrincipal(bool* aInheritPrincipal)
572 : {
573 107 : *aInheritPrincipal =
574 107 : (mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
575 107 : return NS_OK;
576 : }
577 :
578 : NS_IMETHODIMP
579 120 : LoadInfo::GetForceInheritPrincipalOverruleOwner(bool* aInheritPrincipal)
580 : {
581 120 : *aInheritPrincipal =
582 120 : (mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER);
583 120 : return NS_OK;
584 : }
585 :
586 : NS_IMETHODIMP
587 2464 : LoadInfo::GetLoadingSandboxed(bool* aLoadingSandboxed)
588 : {
589 2464 : *aLoadingSandboxed = (mSecurityFlags & nsILoadInfo::SEC_SANDBOXED);
590 2464 : return NS_OK;
591 : }
592 :
593 : NS_IMETHODIMP
594 133 : LoadInfo::GetAboutBlankInherits(bool* aResult)
595 : {
596 133 : *aResult =
597 133 : (mSecurityFlags & nsILoadInfo::SEC_ABOUT_BLANK_INHERITS);
598 133 : return NS_OK;
599 : }
600 :
601 : NS_IMETHODIMP
602 52 : LoadInfo::GetAllowChrome(bool* aResult)
603 : {
604 52 : *aResult =
605 52 : (mSecurityFlags & nsILoadInfo::SEC_ALLOW_CHROME);
606 52 : return NS_OK;
607 : }
608 :
609 : NS_IMETHODIMP
610 52 : LoadInfo::GetDisallowScript(bool* aResult)
611 : {
612 52 : *aResult =
613 52 : (mSecurityFlags & nsILoadInfo::SEC_DISALLOW_SCRIPT);
614 52 : return NS_OK;
615 : }
616 :
617 :
618 : NS_IMETHODIMP
619 0 : LoadInfo::GetDontFollowRedirects(bool* aResult)
620 : {
621 0 : *aResult =
622 0 : (mSecurityFlags & nsILoadInfo::SEC_DONT_FOLLOW_REDIRECTS);
623 0 : return NS_OK;
624 : }
625 :
626 : NS_IMETHODIMP
627 3 : LoadInfo::GetLoadErrorPage(bool* aResult)
628 : {
629 3 : *aResult =
630 3 : (mSecurityFlags & nsILoadInfo::SEC_LOAD_ERROR_PAGE);
631 3 : return NS_OK;
632 : }
633 :
634 : NS_IMETHODIMP
635 736 : LoadInfo::GetExternalContentPolicyType(nsContentPolicyType* aResult)
636 : {
637 736 : *aResult = nsContentUtils::InternalContentPolicyTypeToExternal(mInternalContentPolicyType);
638 736 : return NS_OK;
639 : }
640 :
641 : nsContentPolicyType
642 253 : LoadInfo::InternalContentPolicyType()
643 : {
644 253 : return mInternalContentPolicyType;
645 : }
646 :
647 : NS_IMETHODIMP
648 12 : LoadInfo::GetUpgradeInsecureRequests(bool* aResult)
649 : {
650 12 : *aResult = mUpgradeInsecureRequests;
651 12 : return NS_OK;
652 : }
653 :
654 : NS_IMETHODIMP
655 0 : LoadInfo::SetVerifySignedContent(bool aVerifySignedContent)
656 : {
657 0 : MOZ_ASSERT(mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
658 : "can only verify content for TYPE_DOCUMENT");
659 0 : mVerifySignedContent = aVerifySignedContent;
660 0 : return NS_OK;
661 : }
662 :
663 : NS_IMETHODIMP
664 92 : LoadInfo::GetVerifySignedContent(bool* aResult)
665 : {
666 92 : *aResult = mVerifySignedContent;
667 92 : return NS_OK;
668 : }
669 :
670 : NS_IMETHODIMP
671 0 : LoadInfo::SetEnforceSRI(bool aEnforceSRI)
672 : {
673 0 : mEnforceSRI = aEnforceSRI;
674 0 : return NS_OK;
675 : }
676 :
677 : NS_IMETHODIMP
678 68 : LoadInfo::GetEnforceSRI(bool* aResult)
679 : {
680 68 : *aResult = mEnforceSRI;
681 68 : return NS_OK;
682 : }
683 :
684 : NS_IMETHODIMP
685 3 : LoadInfo::GetForceInheritPrincipalDropped(bool* aResult)
686 : {
687 3 : *aResult = mForceInheritPrincipalDropped;
688 3 : return NS_OK;
689 : }
690 :
691 : NS_IMETHODIMP
692 3 : LoadInfo::GetInnerWindowID(uint64_t* aResult)
693 : {
694 3 : *aResult = mInnerWindowID;
695 3 : return NS_OK;
696 : }
697 :
698 : NS_IMETHODIMP
699 1150 : LoadInfo::GetOuterWindowID(uint64_t* aResult)
700 : {
701 1150 : *aResult = mOuterWindowID;
702 1150 : return NS_OK;
703 : }
704 :
705 : NS_IMETHODIMP
706 3 : LoadInfo::GetParentOuterWindowID(uint64_t* aResult)
707 : {
708 3 : *aResult = mParentOuterWindowID;
709 3 : return NS_OK;
710 : }
711 :
712 : NS_IMETHODIMP
713 3 : LoadInfo::GetFrameOuterWindowID(uint64_t* aResult)
714 : {
715 3 : *aResult = mFrameOuterWindowID;
716 3 : return NS_OK;
717 : }
718 :
719 : NS_IMETHODIMP
720 0 : LoadInfo::GetScriptableOriginAttributes(JSContext* aCx,
721 : JS::MutableHandle<JS::Value> aOriginAttributes)
722 : {
723 0 : if (NS_WARN_IF(!ToJSValue(aCx, mOriginAttributes, aOriginAttributes))) {
724 0 : return NS_ERROR_FAILURE;
725 : }
726 0 : return NS_OK;
727 : }
728 :
729 : NS_IMETHODIMP
730 0 : LoadInfo::ResetPrincipalToInheritToNullPrincipal()
731 : {
732 : // take the originAttributes from the LoadInfo and create
733 : // a new NullPrincipal using those origin attributes.
734 : nsCOMPtr<nsIPrincipal> newNullPrincipal =
735 0 : NullPrincipal::Create(mOriginAttributes);
736 :
737 0 : mPrincipalToInherit = newNullPrincipal;
738 :
739 : // setting SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER will overrule
740 : // any non null owner set on the channel and will return the principal
741 : // form the loadinfo instead.
742 0 : mSecurityFlags |= SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER;
743 :
744 0 : return NS_OK;
745 : }
746 :
747 : NS_IMETHODIMP
748 0 : LoadInfo::SetScriptableOriginAttributes(JSContext* aCx,
749 : JS::Handle<JS::Value> aOriginAttributes)
750 : {
751 0 : OriginAttributes attrs;
752 0 : if (!aOriginAttributes.isObject() || !attrs.Init(aCx, aOriginAttributes)) {
753 0 : return NS_ERROR_INVALID_ARG;
754 : }
755 :
756 0 : mOriginAttributes = attrs;
757 0 : return NS_OK;
758 : }
759 :
760 : nsresult
761 225 : LoadInfo::GetOriginAttributes(mozilla::OriginAttributes* aOriginAttributes)
762 : {
763 225 : NS_ENSURE_ARG(aOriginAttributes);
764 225 : *aOriginAttributes = mOriginAttributes;
765 225 : return NS_OK;
766 : }
767 :
768 : nsresult
769 8 : LoadInfo::SetOriginAttributes(const mozilla::OriginAttributes& aOriginAttributes)
770 : {
771 8 : mOriginAttributes = aOriginAttributes;
772 8 : return NS_OK;
773 : }
774 :
775 : NS_IMETHODIMP
776 187 : LoadInfo::SetEnforceSecurity(bool aEnforceSecurity)
777 : {
778 : // Indicates whether the channel was openend using AsyncOpen2. Once set
779 : // to true, it must remain true throughout the lifetime of the channel.
780 : // Setting it to anything else than true will be discarded.
781 187 : MOZ_ASSERT(aEnforceSecurity, "aEnforceSecurity must be true");
782 187 : mEnforceSecurity = mEnforceSecurity || aEnforceSecurity;
783 187 : return NS_OK;
784 : }
785 :
786 : NS_IMETHODIMP
787 6 : LoadInfo::GetEnforceSecurity(bool* aResult)
788 : {
789 6 : *aResult = mEnforceSecurity;
790 6 : return NS_OK;
791 : }
792 :
793 : NS_IMETHODIMP
794 187 : LoadInfo::SetInitialSecurityCheckDone(bool aInitialSecurityCheckDone)
795 : {
796 : // Indicates whether the channel was ever evaluated by the
797 : // ContentSecurityManager. Once set to true, this flag must
798 : // remain true throughout the lifetime of the channel.
799 : // Setting it to anything else than true will be discarded.
800 187 : MOZ_ASSERT(aInitialSecurityCheckDone, "aInitialSecurityCheckDone must be true");
801 187 : mInitialSecurityCheckDone = mInitialSecurityCheckDone || aInitialSecurityCheckDone;
802 187 : return NS_OK;
803 : }
804 :
805 : NS_IMETHODIMP
806 268 : LoadInfo::GetInitialSecurityCheckDone(bool* aResult)
807 : {
808 268 : *aResult = mInitialSecurityCheckDone;
809 268 : return NS_OK;
810 : }
811 :
812 : NS_IMETHODIMP
813 0 : LoadInfo::AppendRedirectHistoryEntry(nsIRedirectHistoryEntry* aEntry,
814 : bool aIsInternalRedirect)
815 : {
816 0 : NS_ENSURE_ARG(aEntry);
817 0 : MOZ_ASSERT(NS_IsMainThread());
818 :
819 0 : mRedirectChainIncludingInternalRedirects.AppendElement(aEntry);
820 0 : if (!aIsInternalRedirect) {
821 0 : mRedirectChain.AppendElement(aEntry);
822 : }
823 0 : return NS_OK;
824 : }
825 :
826 : NS_IMETHODIMP
827 0 : LoadInfo::GetRedirects(JSContext* aCx, JS::MutableHandle<JS::Value> aRedirects,
828 : const RedirectHistoryArray& aArray)
829 : {
830 0 : JS::Rooted<JSObject*> redirects(aCx, JS_NewArrayObject(aCx, aArray.Length()));
831 0 : NS_ENSURE_TRUE(redirects, NS_ERROR_OUT_OF_MEMORY);
832 :
833 0 : JS::Rooted<JSObject*> global(aCx, JS::CurrentGlobalOrNull(aCx));
834 0 : NS_ENSURE_TRUE(global, NS_ERROR_UNEXPECTED);
835 :
836 0 : nsCOMPtr<nsIXPConnect> xpc = mozilla::services::GetXPConnect();
837 :
838 0 : for (size_t idx = 0; idx < aArray.Length(); idx++) {
839 0 : JS::RootedObject jsobj(aCx);
840 0 : nsresult rv = xpc->WrapNative(aCx, global, aArray[idx],
841 : NS_GET_IID(nsIRedirectHistoryEntry),
842 0 : jsobj.address());
843 0 : NS_ENSURE_SUCCESS(rv, rv);
844 0 : NS_ENSURE_STATE(jsobj);
845 :
846 0 : bool rc = JS_DefineElement(aCx, redirects, idx, jsobj, JSPROP_ENUMERATE);
847 0 : NS_ENSURE_TRUE(rc, NS_ERROR_UNEXPECTED);
848 : }
849 :
850 0 : aRedirects.setObject(*redirects);
851 0 : return NS_OK;
852 : }
853 :
854 : NS_IMETHODIMP
855 0 : LoadInfo::GetRedirectChainIncludingInternalRedirects(JSContext* aCx, JS::MutableHandle<JS::Value> aChain)
856 : {
857 0 : return GetRedirects(aCx, aChain, mRedirectChainIncludingInternalRedirects);
858 : }
859 :
860 : const RedirectHistoryArray&
861 3 : LoadInfo::RedirectChainIncludingInternalRedirects()
862 : {
863 3 : return mRedirectChainIncludingInternalRedirects;
864 : }
865 :
866 : NS_IMETHODIMP
867 0 : LoadInfo::GetRedirectChain(JSContext* aCx, JS::MutableHandle<JS::Value> aChain)
868 : {
869 0 : return GetRedirects(aCx, aChain, mRedirectChain);
870 : }
871 :
872 : const RedirectHistoryArray&
873 157 : LoadInfo::RedirectChain()
874 : {
875 157 : return mRedirectChain;
876 : }
877 :
878 : void
879 1 : LoadInfo::SetCorsPreflightInfo(const nsTArray<nsCString>& aHeaders,
880 : bool aForcePreflight)
881 : {
882 1 : MOZ_ASSERT(GetSecurityMode() == nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS);
883 1 : MOZ_ASSERT(!mInitialSecurityCheckDone);
884 1 : mCorsUnsafeHeaders = aHeaders;
885 1 : mForcePreflight = aForcePreflight;
886 1 : }
887 :
888 : const nsTArray<nsCString>&
889 3 : LoadInfo::CorsUnsafeHeaders()
890 : {
891 3 : return mCorsUnsafeHeaders;
892 : }
893 :
894 : NS_IMETHODIMP
895 3 : LoadInfo::GetForcePreflight(bool* aForcePreflight)
896 : {
897 3 : *aForcePreflight = mForcePreflight;
898 3 : return NS_OK;
899 : }
900 :
901 : void
902 0 : LoadInfo::SetIsPreflight()
903 : {
904 0 : MOZ_ASSERT(GetSecurityMode() == nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS);
905 0 : MOZ_ASSERT(!mInitialSecurityCheckDone);
906 0 : mIsPreflight = true;
907 0 : }
908 :
909 : void
910 0 : LoadInfo::SetUpgradeInsecureRequests()
911 : {
912 0 : mUpgradeInsecureRequests = true;
913 0 : }
914 :
915 : NS_IMETHODIMP
916 3 : LoadInfo::GetIsPreflight(bool* aIsPreflight)
917 : {
918 3 : *aIsPreflight = mIsPreflight;
919 3 : return NS_OK;
920 : }
921 :
922 : NS_IMETHODIMP
923 18 : LoadInfo::GetForceHSTSPriming(bool* aForceHSTSPriming)
924 : {
925 18 : *aForceHSTSPriming = mForceHSTSPriming;
926 18 : return NS_OK;
927 : }
928 :
929 : NS_IMETHODIMP
930 3 : LoadInfo::GetMixedContentWouldBlock(bool *aMixedContentWouldBlock)
931 : {
932 3 : *aMixedContentWouldBlock = mMixedContentWouldBlock;
933 3 : return NS_OK;
934 : }
935 :
936 : void
937 0 : LoadInfo::SetHSTSPriming(bool aMixedContentWouldBlock)
938 : {
939 0 : mForceHSTSPriming = true;
940 0 : mMixedContentWouldBlock = aMixedContentWouldBlock;
941 0 : }
942 :
943 : void
944 0 : LoadInfo::ClearHSTSPriming()
945 : {
946 0 : mForceHSTSPriming = false;
947 0 : mMixedContentWouldBlock = false;
948 0 : }
949 :
950 : NS_IMETHODIMP
951 0 : LoadInfo::SetIsHSTSPriming(bool aIsHSTSPriming)
952 : {
953 0 : MOZ_ASSERT(aIsHSTSPriming);
954 0 : mIsHSTSPriming = aIsHSTSPriming;
955 0 : return NS_OK;
956 : }
957 :
958 : NS_IMETHODIMP
959 9 : LoadInfo::GetIsHSTSPriming(bool* aIsHSTSPriming)
960 : {
961 9 : MOZ_ASSERT(aIsHSTSPriming);
962 9 : *aIsHSTSPriming = mIsHSTSPriming;
963 9 : return NS_OK;
964 : }
965 :
966 : NS_IMETHODIMP
967 0 : LoadInfo::SetIsHSTSPrimingUpgrade(bool aIsHSTSPrimingUpgrade)
968 : {
969 0 : MOZ_ASSERT(aIsHSTSPrimingUpgrade);
970 0 : mIsHSTSPrimingUpgrade = aIsHSTSPrimingUpgrade;
971 0 : return NS_OK;
972 : }
973 :
974 : NS_IMETHODIMP
975 9 : LoadInfo::GetIsHSTSPrimingUpgrade(bool* aIsHSTSPrimingUpgrade)
976 : {
977 9 : MOZ_ASSERT(aIsHSTSPrimingUpgrade);
978 9 : *aIsHSTSPrimingUpgrade = mIsHSTSPrimingUpgrade;
979 9 : return NS_OK;
980 : }
981 :
982 : NS_IMETHODIMP
983 114 : LoadInfo::GetTainting(uint32_t* aTaintingOut)
984 : {
985 114 : MOZ_ASSERT(aTaintingOut);
986 114 : *aTaintingOut = static_cast<uint32_t>(mTainting);
987 114 : return NS_OK;
988 : }
989 :
990 : NS_IMETHODIMP
991 2 : LoadInfo::MaybeIncreaseTainting(uint32_t aTainting)
992 : {
993 2 : NS_ENSURE_ARG(aTainting <= TAINTING_OPAQUE);
994 2 : LoadTainting tainting = static_cast<LoadTainting>(aTainting);
995 2 : if (tainting > mTainting) {
996 2 : mTainting = tainting;
997 : }
998 2 : return NS_OK;
999 : }
1000 :
1001 : void
1002 0 : LoadInfo::SynthesizeServiceWorkerTainting(LoadTainting aTainting)
1003 : {
1004 0 : MOZ_DIAGNOSTIC_ASSERT(aTainting <= LoadTainting::Opaque);
1005 0 : mTainting = aTainting;
1006 0 : }
1007 :
1008 : NS_IMETHODIMP
1009 1 : LoadInfo::GetIsTopLevelLoad(bool *aResult)
1010 : {
1011 2 : *aResult = mFrameOuterWindowID ? mFrameOuterWindowID == mOuterWindowID
1012 1 : : mParentOuterWindowID == mOuterWindowID;
1013 1 : return NS_OK;
1014 : }
1015 :
1016 : NS_IMETHODIMP
1017 1888 : LoadInfo::GetResultPrincipalURI(nsIURI **aURI)
1018 : {
1019 1888 : NS_IF_ADDREF(*aURI = mResultPrincipalURI);
1020 1888 : return NS_OK;
1021 : }
1022 :
1023 : NS_IMETHODIMP
1024 2248 : LoadInfo::SetResultPrincipalURI(nsIURI *aURI)
1025 : {
1026 2248 : mResultPrincipalURI = aURI;
1027 2248 : return NS_OK;
1028 : }
1029 :
1030 : } // namespace net
1031 : } // namespace mozilla
|
