mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-08 10:44:56 +00:00
Bug 1233098 - Refactor CSP upgrade insecure requests flag within loadInfo (r=sicking)
This commit is contained in:
parent
238b5ed942
commit
071f422450
@ -1561,7 +1561,7 @@ WebSocketImpl::Init(JSContext* aCx,
|
|||||||
// to reflect that upgrade. Please note that we can not upgrade from ws:
|
// to reflect that upgrade. Please note that we can not upgrade from ws:
|
||||||
// to wss: before performing content policy checks because CSP needs to
|
// to wss: before performing content policy checks because CSP needs to
|
||||||
// send reports in case the scheme is about to be upgraded.
|
// send reports in case the scheme is about to be upgraded.
|
||||||
if (!mSecure && originDoc && originDoc->GetUpgradeInsecureRequests()) {
|
if (!mSecure && originDoc && originDoc->GetUpgradeInsecureRequests(false)) {
|
||||||
// let's use the old specification before the upgrade for logging
|
// let's use the old specification before the upgrade for logging
|
||||||
NS_ConvertUTF8toUTF16 reportSpec(mURI);
|
NS_ConvertUTF8toUTF16 reportSpec(mURI);
|
||||||
|
|
||||||
|
@ -116,8 +116,8 @@ nsContentPolicy::CheckPolicy(CPMethod policyMethod,
|
|||||||
nsContentPolicyType externalType =
|
nsContentPolicyType externalType =
|
||||||
nsContentUtils::InternalContentPolicyTypeToExternal(contentType);
|
nsContentUtils::InternalContentPolicyTypeToExternal(contentType);
|
||||||
|
|
||||||
nsContentPolicyType externalTypeOrScript =
|
nsContentPolicyType externalTypeOrMCBInternal =
|
||||||
nsContentUtils::InternalContentPolicyTypeToExternalOrScript(contentType);
|
nsContentUtils::InternalContentPolicyTypeToExternalOrMCBInternal(contentType);
|
||||||
|
|
||||||
nsContentPolicyType externalTypeOrCSPInternal =
|
nsContentPolicyType externalTypeOrCSPInternal =
|
||||||
nsContentUtils::InternalContentPolicyTypeToExternalOrCSPInternal(contentType);
|
nsContentUtils::InternalContentPolicyTypeToExternalOrCSPInternal(contentType);
|
||||||
@ -140,11 +140,13 @@ nsContentPolicy::CheckPolicy(CPMethod policyMethod,
|
|||||||
/* check the appropriate policy */
|
/* check the appropriate policy */
|
||||||
// Send the internal content policy type to the mixed content blocker
|
// Send the internal content policy type to the mixed content blocker
|
||||||
// which needs to know about TYPE_INTERNAL_WORKER,
|
// which needs to know about TYPE_INTERNAL_WORKER,
|
||||||
// TYPE_INTERNAL_SHARED_WORKER and TYPE_INTERNAL_SERVICE_WORKER.
|
// TYPE_INTERNAL_SHARED_WORKER and TYPE_INTERNAL_SERVICE_WORKER
|
||||||
|
// and also preloads: TYPE_INTERNAL_SCRIPT_PRELOAD,
|
||||||
|
// TYPE_INTERNAL_IMAGE_PRELOAD, TYPE_INTERNAL_STYLESHEET_PRELOAD
|
||||||
bool isMixedContentBlocker = mixedContentBlocker == entries[i];
|
bool isMixedContentBlocker = mixedContentBlocker == entries[i];
|
||||||
nsContentPolicyType type = externalType;
|
nsContentPolicyType type = externalType;
|
||||||
if (isMixedContentBlocker) {
|
if (isMixedContentBlocker) {
|
||||||
type = externalTypeOrScript;
|
type = externalTypeOrMCBInternal;
|
||||||
}
|
}
|
||||||
// Send the internal content policy type for CSP which needs to
|
// Send the internal content policy type for CSP which needs to
|
||||||
// know about preloads and workers, in particular:
|
// know about preloads and workers, in particular:
|
||||||
|
@ -7991,7 +7991,7 @@ nsContentUtils::InternalContentPolicyTypeToExternal(nsContentPolicyType aType)
|
|||||||
|
|
||||||
/* static */
|
/* static */
|
||||||
nsContentPolicyType
|
nsContentPolicyType
|
||||||
nsContentUtils::InternalContentPolicyTypeToExternalOrScript(nsContentPolicyType aType)
|
nsContentUtils::InternalContentPolicyTypeToExternalOrMCBInternal(nsContentPolicyType aType)
|
||||||
{
|
{
|
||||||
switch (aType) {
|
switch (aType) {
|
||||||
case nsIContentPolicy::TYPE_INTERNAL_SCRIPT:
|
case nsIContentPolicy::TYPE_INTERNAL_SCRIPT:
|
||||||
@ -8001,7 +8001,7 @@ nsContentUtils::InternalContentPolicyTypeToExternalOrScript(nsContentPolicyType
|
|||||||
return aType;
|
return aType;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
return InternalContentPolicyTypeToExternal(aType);
|
return InternalContentPolicyTypeToExternalOrPreload(aType);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -986,16 +986,18 @@ public:
|
|||||||
static nsContentPolicyType InternalContentPolicyTypeToExternal(nsContentPolicyType aType);
|
static nsContentPolicyType InternalContentPolicyTypeToExternal(nsContentPolicyType aType);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Map internal content policy types to external ones or script types:
|
* Map internal content policy types to external ones or script types or preload types:
|
||||||
* * TYPE_INTERNAL_SCRIPT
|
* * TYPE_INTERNAL_SCRIPT
|
||||||
* * TYPE_INTERNAL_WORKER
|
* * TYPE_INTERNAL_WORKER
|
||||||
* * TYPE_INTERNAL_SHARED_WORKER
|
* * TYPE_INTERNAL_SHARED_WORKER
|
||||||
* * TYPE_INTERNAL_SERVICE_WORKER
|
* * TYPE_INTERNAL_SERVICE_WORKER
|
||||||
*
|
* * TYPE_INTERNAL_SCRIPT_PRELOAD
|
||||||
|
* * TYPE_INTERNAL_IMAGE_PRELOAD
|
||||||
|
* * TYPE_INTERNAL_STYLESHEET_PRELOAD
|
||||||
*
|
*
|
||||||
* Note: DO NOT call this function unless you know what you're doing!
|
* Note: DO NOT call this function unless you know what you're doing!
|
||||||
*/
|
*/
|
||||||
static nsContentPolicyType InternalContentPolicyTypeToExternalOrScript(nsContentPolicyType aType);
|
static nsContentPolicyType InternalContentPolicyTypeToExternalOrMCBInternal(nsContentPolicyType aType);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Map internal content policy types to external ones or preload types:
|
* Map internal content policy types to external ones or preload types:
|
||||||
|
@ -2550,12 +2550,12 @@ nsDocument::StartDocumentLoad(const char* aCommand, nsIChannel* aChannel,
|
|||||||
treeItem->GetSameTypeParent(getter_AddRefs(sameTypeParent));
|
treeItem->GetSameTypeParent(getter_AddRefs(sameTypeParent));
|
||||||
if (sameTypeParent) {
|
if (sameTypeParent) {
|
||||||
mUpgradeInsecureRequests =
|
mUpgradeInsecureRequests =
|
||||||
sameTypeParent->GetDocument()->GetUpgradeInsecureRequests();
|
sameTypeParent->GetDocument()->GetUpgradeInsecureRequests(false);
|
||||||
// if the parent document makes use of upgrade-insecure-requests
|
// if the parent document makes use of upgrade-insecure-requests
|
||||||
// then subdocument preloads should always be upgraded.
|
// then subdocument preloads should always be upgraded.
|
||||||
mUpgradeInsecurePreloads =
|
mUpgradeInsecurePreloads =
|
||||||
mUpgradeInsecureRequests ||
|
mUpgradeInsecureRequests ||
|
||||||
sameTypeParent->GetDocument()->GetUpgradeInsecurePreloads();
|
sameTypeParent->GetDocument()->GetUpgradeInsecureRequests(true);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -321,18 +321,13 @@ public:
|
|||||||
* of the document's ancestors up to the toplevel document makes use
|
* of the document's ancestors up to the toplevel document makes use
|
||||||
* of the CSP directive 'upgrade-insecure-requests'.
|
* of the CSP directive 'upgrade-insecure-requests'.
|
||||||
*/
|
*/
|
||||||
bool GetUpgradeInsecureRequests() const
|
bool GetUpgradeInsecureRequests(bool aPreload) const
|
||||||
{
|
|
||||||
return mUpgradeInsecureRequests;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Same as GetUpgradeInsecureRequests() but *only* for preloads.
|
|
||||||
*/
|
|
||||||
bool GetUpgradeInsecurePreloads() const
|
|
||||||
{
|
{
|
||||||
|
if (aPreload) {
|
||||||
return mUpgradeInsecurePreloads;
|
return mUpgradeInsecurePreloads;
|
||||||
}
|
}
|
||||||
|
return mUpgradeInsecureRequests;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set the principal responsible for this document.
|
* Set the principal responsible for this document.
|
||||||
|
@ -1746,7 +1746,7 @@ HTMLFormElement::GetActionURL(nsIURI** aActionURL,
|
|||||||
bool isHttpScheme = false;
|
bool isHttpScheme = false;
|
||||||
rv = actionURL->SchemeIs("http", &isHttpScheme);
|
rv = actionURL->SchemeIs("http", &isHttpScheme);
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
if (isHttpScheme && document->GetUpgradeInsecureRequests()) {
|
if (isHttpScheme && document->GetUpgradeInsecureRequests(false)) {
|
||||||
// let's use the old specification before the upgrade for logging
|
// let's use the old specification before the upgrade for logging
|
||||||
nsAutoCString spec;
|
nsAutoCString spec;
|
||||||
rv = actionURL->GetSpec(spec);
|
rv = actionURL->GetSpec(spec);
|
||||||
|
@ -310,7 +310,7 @@ nsMixedContentBlocker::AsyncOnChannelRedirect(nsIChannel* aOldChannel,
|
|||||||
}
|
}
|
||||||
|
|
||||||
int16_t decision = REJECT_REQUEST;
|
int16_t decision = REJECT_REQUEST;
|
||||||
rv = ShouldLoad(nsContentUtils::InternalContentPolicyTypeToExternalOrScript(contentPolicyType),
|
rv = ShouldLoad(nsContentUtils::InternalContentPolicyTypeToExternalOrMCBInternal(contentPolicyType),
|
||||||
newUri,
|
newUri,
|
||||||
requestingLocation,
|
requestingLocation,
|
||||||
loadInfo->LoadingNode(),
|
loadInfo->LoadingNode(),
|
||||||
@ -378,9 +378,11 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
|
|||||||
// to them.
|
// to them.
|
||||||
MOZ_ASSERT(NS_IsMainThread());
|
MOZ_ASSERT(NS_IsMainThread());
|
||||||
|
|
||||||
MOZ_ASSERT(aContentType == nsContentUtils::InternalContentPolicyTypeToExternalOrScript(aContentType),
|
MOZ_ASSERT(aContentType == nsContentUtils::InternalContentPolicyTypeToExternalOrMCBInternal(aContentType),
|
||||||
"We should only see external content policy types here.");
|
"We should only see external content policy types here.");
|
||||||
|
|
||||||
|
bool isPreload = nsContentUtils::IsPreloadType(aContentType);
|
||||||
|
|
||||||
// The content policy type that we receive may be an internal type for
|
// The content policy type that we receive may be an internal type for
|
||||||
// scripts. Let's remember if we have seen a worker type, and reset it to the
|
// scripts. Let's remember if we have seen a worker type, and reset it to the
|
||||||
// external type in all cases right now.
|
// external type in all cases right now.
|
||||||
@ -668,7 +670,7 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
|
|||||||
bool isHttpScheme = false;
|
bool isHttpScheme = false;
|
||||||
rv = aContentLocation->SchemeIs("http", &isHttpScheme);
|
rv = aContentLocation->SchemeIs("http", &isHttpScheme);
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
if (isHttpScheme && docShell->GetDocument()->GetUpgradeInsecureRequests()) {
|
if (isHttpScheme && docShell->GetDocument()->GetUpgradeInsecureRequests(isPreload)) {
|
||||||
*aDecision = ACCEPT;
|
*aDecision = ACCEPT;
|
||||||
return NS_OK;
|
return NS_OK;
|
||||||
}
|
}
|
||||||
|
@ -244,7 +244,6 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo,
|
|||||||
aLoadInfo->InternalContentPolicyType(),
|
aLoadInfo->InternalContentPolicyType(),
|
||||||
static_cast<uint32_t>(aLoadInfo->GetTainting()),
|
static_cast<uint32_t>(aLoadInfo->GetTainting()),
|
||||||
aLoadInfo->GetUpgradeInsecureRequests(),
|
aLoadInfo->GetUpgradeInsecureRequests(),
|
||||||
aLoadInfo->GetUpgradeInsecurePreloads(),
|
|
||||||
aLoadInfo->GetInnerWindowID(),
|
aLoadInfo->GetInnerWindowID(),
|
||||||
aLoadInfo->GetOuterWindowID(),
|
aLoadInfo->GetOuterWindowID(),
|
||||||
aLoadInfo->GetParentOuterWindowID(),
|
aLoadInfo->GetParentOuterWindowID(),
|
||||||
@ -304,7 +303,6 @@ LoadInfoArgsToLoadInfo(const OptionalLoadInfoArgs& aOptionalLoadInfoArgs,
|
|||||||
loadInfoArgs.contentPolicyType(),
|
loadInfoArgs.contentPolicyType(),
|
||||||
static_cast<LoadTainting>(loadInfoArgs.tainting()),
|
static_cast<LoadTainting>(loadInfoArgs.tainting()),
|
||||||
loadInfoArgs.upgradeInsecureRequests(),
|
loadInfoArgs.upgradeInsecureRequests(),
|
||||||
loadInfoArgs.upgradeInsecurePreloads(),
|
|
||||||
loadInfoArgs.innerWindowID(),
|
loadInfoArgs.innerWindowID(),
|
||||||
loadInfoArgs.outerWindowID(),
|
loadInfoArgs.outerWindowID(),
|
||||||
loadInfoArgs.parentOuterWindowID(),
|
loadInfoArgs.parentOuterWindowID(),
|
||||||
|
@ -38,7 +38,6 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
|
|||||||
, mInternalContentPolicyType(aContentPolicyType)
|
, mInternalContentPolicyType(aContentPolicyType)
|
||||||
, mTainting(LoadTainting::Basic)
|
, mTainting(LoadTainting::Basic)
|
||||||
, mUpgradeInsecureRequests(false)
|
, mUpgradeInsecureRequests(false)
|
||||||
, mUpgradeInsecurePreloads(false)
|
|
||||||
, mInnerWindowID(0)
|
, mInnerWindowID(0)
|
||||||
, mOuterWindowID(0)
|
, mOuterWindowID(0)
|
||||||
, mParentOuterWindowID(0)
|
, mParentOuterWindowID(0)
|
||||||
@ -89,8 +88,13 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
|
|||||||
ComputeIsThirdPartyContext(outerWindow);
|
ComputeIsThirdPartyContext(outerWindow);
|
||||||
}
|
}
|
||||||
|
|
||||||
mUpgradeInsecureRequests = aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests();
|
// if the document forces all requests to be upgraded from http to https, then
|
||||||
mUpgradeInsecurePreloads = aLoadingContext->OwnerDoc()->GetUpgradeInsecurePreloads();
|
// we should do that for all requests. If it only forces preloads to be upgraded
|
||||||
|
// then we should enforce upgrade insecure requests only for preloads.
|
||||||
|
mUpgradeInsecureRequests =
|
||||||
|
aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(false) ||
|
||||||
|
(nsContentUtils::IsPreloadType(mInternalContentPolicyType) &&
|
||||||
|
aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(true));
|
||||||
}
|
}
|
||||||
|
|
||||||
const PrincipalOriginAttributes attrs = BasePrincipal::Cast(mLoadingPrincipal)->OriginAttributesRef();
|
const PrincipalOriginAttributes attrs = BasePrincipal::Cast(mLoadingPrincipal)->OriginAttributesRef();
|
||||||
@ -105,7 +109,6 @@ LoadInfo::LoadInfo(const LoadInfo& rhs)
|
|||||||
, mInternalContentPolicyType(rhs.mInternalContentPolicyType)
|
, mInternalContentPolicyType(rhs.mInternalContentPolicyType)
|
||||||
, mTainting(rhs.mTainting)
|
, mTainting(rhs.mTainting)
|
||||||
, mUpgradeInsecureRequests(rhs.mUpgradeInsecureRequests)
|
, mUpgradeInsecureRequests(rhs.mUpgradeInsecureRequests)
|
||||||
, mUpgradeInsecurePreloads(rhs.mUpgradeInsecurePreloads)
|
|
||||||
, mInnerWindowID(rhs.mInnerWindowID)
|
, mInnerWindowID(rhs.mInnerWindowID)
|
||||||
, mOuterWindowID(rhs.mOuterWindowID)
|
, mOuterWindowID(rhs.mOuterWindowID)
|
||||||
, mParentOuterWindowID(rhs.mParentOuterWindowID)
|
, mParentOuterWindowID(rhs.mParentOuterWindowID)
|
||||||
@ -128,7 +131,6 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
|
|||||||
nsContentPolicyType aContentPolicyType,
|
nsContentPolicyType aContentPolicyType,
|
||||||
LoadTainting aTainting,
|
LoadTainting aTainting,
|
||||||
bool aUpgradeInsecureRequests,
|
bool aUpgradeInsecureRequests,
|
||||||
bool aUpgradeInsecurePreloads,
|
|
||||||
uint64_t aInnerWindowID,
|
uint64_t aInnerWindowID,
|
||||||
uint64_t aOuterWindowID,
|
uint64_t aOuterWindowID,
|
||||||
uint64_t aParentOuterWindowID,
|
uint64_t aParentOuterWindowID,
|
||||||
@ -147,7 +149,6 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
|
|||||||
, mInternalContentPolicyType(aContentPolicyType)
|
, mInternalContentPolicyType(aContentPolicyType)
|
||||||
, mTainting(aTainting)
|
, mTainting(aTainting)
|
||||||
, mUpgradeInsecureRequests(aUpgradeInsecureRequests)
|
, mUpgradeInsecureRequests(aUpgradeInsecureRequests)
|
||||||
, mUpgradeInsecurePreloads(aUpgradeInsecurePreloads)
|
|
||||||
, mInnerWindowID(aInnerWindowID)
|
, mInnerWindowID(aInnerWindowID)
|
||||||
, mOuterWindowID(aOuterWindowID)
|
, mOuterWindowID(aOuterWindowID)
|
||||||
, mParentOuterWindowID(aParentOuterWindowID)
|
, mParentOuterWindowID(aParentOuterWindowID)
|
||||||
@ -380,13 +381,6 @@ LoadInfo::GetUpgradeInsecureRequests(bool* aResult)
|
|||||||
return NS_OK;
|
return NS_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
NS_IMETHODIMP
|
|
||||||
LoadInfo::GetUpgradeInsecurePreloads(bool* aResult)
|
|
||||||
{
|
|
||||||
*aResult = mUpgradeInsecurePreloads;
|
|
||||||
return NS_OK;
|
|
||||||
}
|
|
||||||
|
|
||||||
NS_IMETHODIMP
|
NS_IMETHODIMP
|
||||||
LoadInfo::GetInnerWindowID(uint64_t* aResult)
|
LoadInfo::GetInnerWindowID(uint64_t* aResult)
|
||||||
{
|
{
|
||||||
|
@ -74,7 +74,6 @@ private:
|
|||||||
nsContentPolicyType aContentPolicyType,
|
nsContentPolicyType aContentPolicyType,
|
||||||
LoadTainting aTainting,
|
LoadTainting aTainting,
|
||||||
bool aUpgradeInsecureRequests,
|
bool aUpgradeInsecureRequests,
|
||||||
bool aUpgradeInsecurePreloads,
|
|
||||||
uint64_t aInnerWindowID,
|
uint64_t aInnerWindowID,
|
||||||
uint64_t aOuterWindowID,
|
uint64_t aOuterWindowID,
|
||||||
uint64_t aParentOuterWindowID,
|
uint64_t aParentOuterWindowID,
|
||||||
@ -112,7 +111,6 @@ private:
|
|||||||
nsContentPolicyType mInternalContentPolicyType;
|
nsContentPolicyType mInternalContentPolicyType;
|
||||||
LoadTainting mTainting;
|
LoadTainting mTainting;
|
||||||
bool mUpgradeInsecureRequests;
|
bool mUpgradeInsecureRequests;
|
||||||
bool mUpgradeInsecurePreloads;
|
|
||||||
uint64_t mInnerWindowID;
|
uint64_t mInnerWindowID;
|
||||||
uint64_t mOuterWindowID;
|
uint64_t mOuterWindowID;
|
||||||
uint64_t mParentOuterWindowID;
|
uint64_t mParentOuterWindowID;
|
||||||
|
@ -29,7 +29,7 @@ typedef unsigned long nsSecurityFlags;
|
|||||||
/**
|
/**
|
||||||
* An nsILoadOwner represents per-load information about who started the load.
|
* An nsILoadOwner represents per-load information about who started the load.
|
||||||
*/
|
*/
|
||||||
[scriptable, builtinclass, uuid(41e311d0-5894-4aaa-80b5-5b7099dfc404)]
|
[scriptable, builtinclass, uuid(ddc65bf9-2f60-41ab-b22a-4f1ae9efcd36)]
|
||||||
interface nsILoadInfo : nsISupports
|
interface nsILoadInfo : nsISupports
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
@ -336,11 +336,6 @@ interface nsILoadInfo : nsISupports
|
|||||||
*/
|
*/
|
||||||
[infallible] readonly attribute boolean upgradeInsecureRequests;
|
[infallible] readonly attribute boolean upgradeInsecureRequests;
|
||||||
|
|
||||||
/**
|
|
||||||
* Same as upgradeInsecureRequests but for preloads.
|
|
||||||
*/
|
|
||||||
[infallible] readonly attribute boolean upgradeInsecurePreloads;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Typically these are the window IDs of the window in which the element being
|
* Typically these are the window IDs of the window in which the element being
|
||||||
* loaded lives. However, if the element being loaded is <frame
|
* loaded lives. However, if the element being loaded is <frame
|
||||||
|
@ -2258,11 +2258,6 @@ NS_ShouldSecureUpgrade(nsIURI* aURI,
|
|||||||
// the promise to CSP and mixed content blocking to upgrade the channel
|
// the promise to CSP and mixed content blocking to upgrade the channel
|
||||||
// from http to https.
|
// from http to https.
|
||||||
if (aLoadInfo) {
|
if (aLoadInfo) {
|
||||||
bool isPreload = nsContentUtils::IsPreloadType(aLoadInfo->InternalContentPolicyType());
|
|
||||||
bool upgradeRequests =
|
|
||||||
((isPreload && aLoadInfo->GetUpgradeInsecurePreloads()) ||
|
|
||||||
(aLoadInfo->GetUpgradeInsecureRequests()));
|
|
||||||
|
|
||||||
// Please note that cross origin top level navigations are not subject
|
// Please note that cross origin top level navigations are not subject
|
||||||
// to upgrade-insecure-requests, see:
|
// to upgrade-insecure-requests, see:
|
||||||
// http://www.w3.org/TR/upgrade-insecure-requests/#examples
|
// http://www.w3.org/TR/upgrade-insecure-requests/#examples
|
||||||
@ -2270,7 +2265,7 @@ NS_ShouldSecureUpgrade(nsIURI* aURI,
|
|||||||
(aLoadInfo->GetExternalContentPolicyType() == nsIContentPolicy::TYPE_DOCUMENT) &&
|
(aLoadInfo->GetExternalContentPolicyType() == nsIContentPolicy::TYPE_DOCUMENT) &&
|
||||||
(!aChannelResultPrincipal->Equals(aLoadInfo->LoadingPrincipal()));
|
(!aChannelResultPrincipal->Equals(aLoadInfo->LoadingPrincipal()));
|
||||||
|
|
||||||
if (upgradeRequests && !crossOriginNavigation) {
|
if (aLoadInfo->GetUpgradeInsecureRequests() && !crossOriginNavigation) {
|
||||||
// let's log a message to the console that we are upgrading a request
|
// let's log a message to the console that we are upgrading a request
|
||||||
nsAutoCString spec, scheme;
|
nsAutoCString spec, scheme;
|
||||||
aURI->GetSpec(spec);
|
aURI->GetSpec(spec);
|
||||||
|
@ -33,7 +33,6 @@ struct LoadInfoArgs
|
|||||||
uint32_t contentPolicyType;
|
uint32_t contentPolicyType;
|
||||||
uint32_t tainting;
|
uint32_t tainting;
|
||||||
bool upgradeInsecureRequests;
|
bool upgradeInsecureRequests;
|
||||||
bool upgradeInsecurePreloads;
|
|
||||||
uint64_t innerWindowID;
|
uint64_t innerWindowID;
|
||||||
uint64_t outerWindowID;
|
uint64_t outerWindowID;
|
||||||
uint64_t parentOuterWindowID;
|
uint64_t parentOuterWindowID;
|
||||||
|
Loading…
Reference in New Issue
Block a user