Bug 1601671 - let system proxy in PACMan resolves HTTPS for websocket, r=michal

Differential Revision: https://phabricator.services.mozilla.com/D68110 --HG-- extra : moz-landing-system : lando
2025-01-11 22:41:02 +00:00 · 2020-04-06 19:11:33 +00:00 · 2020-04-06 19:11:33 +00:00 · 16105eda36
commit 16105eda36
parent f0ada99e6a
3 changed files with 30 additions and 7 deletions
--- a/netwerk/base/nsPACMan.cpp
+++ b/netwerk/base/nsPACMan.cpp
@ -34,6 +34,10 @@ LazyLogModule gProxyLog("proxy");
 #define MOZ_WPAD_URL "http://wpad/wpad.dat"
 #define MOZ_DHCP_WPAD_OPTION 252

+// These pointers are declared in nsProtocolProxyService.cpp
+extern const char kProxyType_HTTPS[];
+extern const char kProxyType_DIRECT[];
+
 // The PAC thread does evaluations of both PAC files and
 // nsISystemProxySettings because they can both block the calling thread and we
 // don't want that on the main thread
@ -301,10 +305,11 @@ class ExecutePACThreadAction final : public Runnable {
 //-----------------------------------------------------------------------------

 PendingPACQuery::PendingPACQuery(nsPACMan* pacMan, nsIURI* uri,
-                                 nsPACManCallback* callback,
+                                 nsPACManCallback* callback, uint32_t flags,
                                 bool mainThreadResponse)
    : Runnable("net::PendingPACQuery"),
      mPort(0),
+      mFlags(flags),
      mPACMan(pacMan),
      mCallback(callback),
      mOnMainThreadOnly(mainThreadResponse) {
@ -428,6 +433,7 @@ nsresult nsPACMan::DispatchToPAC(already_AddRefed<nsIRunnable> aEvent,
 }

 nsresult nsPACMan::AsyncGetProxyForURI(nsIURI* uri, nsPACManCallback* callback,
+                                       uint32_t flags,
                                       bool mainThreadResponse) {
  MOZ_ASSERT(NS_IsMainThread(), "wrong thread");
  if (mShutdown) return NS_ERROR_NOT_AVAILABLE;
@ -441,7 +447,7 @@ nsresult nsPACMan::AsyncGetProxyForURI(nsIURI* uri, nsPACManCallback* callback,
  }

  RefPtr<PendingPACQuery> query =
-      new PendingPACQuery(this, uri, callback, mainThreadResponse);
+      new PendingPACQuery(this, uri, callback, flags, mainThreadResponse);

  if (IsPACURI(uri)) {
    // deal with this directly instead of queueing it
@ -774,6 +780,19 @@ bool nsPACMan::ProcessPending() {
      NS_SUCCEEDED(mSystemProxySettings->GetProxyForURI(
          query->mSpec, query->mScheme, query->mHost, query->mPort,
          pacString))) {
+    if (query->mFlags & nsIProtocolProxyService::RESOLVE_PREFER_SOCKS_PROXY &&
+        query->mFlags & nsIProtocolProxyService::RESOLVE_PREFER_HTTPS_PROXY) {
+      const nsCaseInsensitiveUTF8StringComparator comp;
+      if (StringBeginsWith(pacString, nsDependentCString(kProxyType_DIRECT),
+                           comp)) {
+        // DIRECT indicates that system proxy settings are not configured to use
+        // SOCKS proxy. Try https proxy as a secondary preferrable proxy. This
+        // is mainly for websocket whose precedence is SOCKS > HTTPS > DIRECT.
+        NS_SUCCEEDED(mSystemProxySettings->GetProxyForURI(
+            query->mSpec, nsDependentCString(kProxyType_HTTPS), query->mHost,
+            query->mPort, pacString));
+      }
+    }
    LOG(("Use proxy from system settings: %s\n", pacString.get()));
    query->Complete(NS_OK, pacString);
    completed = true;
--- a/netwerk/base/nsPACMan.h
+++ b/netwerk/base/nsPACMan.h
@ -58,7 +58,7 @@ class PendingPACQuery final : public Runnable,
                              public LinkedListElement<PendingPACQuery> {
 public:
  PendingPACQuery(nsPACMan* pacMan, nsIURI* uri, nsPACManCallback* callback,
-                  bool mainThreadResponse);
+                  uint32_t flags, bool mainThreadResponse);

  // can be called from either thread
  void Complete(nsresult status, const nsACString& pacString);
@ -68,6 +68,7 @@ class PendingPACQuery final : public Runnable,
  nsCString mScheme;
  nsCString mHost;
  int32_t mPort;
+  uint32_t mFlags;

  NS_IMETHOD Run(void) override; /* Runnable */

@ -110,11 +111,14 @@ class nsPACMan final : public nsIStreamLoaderObserver,
   *        The URI to query.
   * @param callback
   *        The callback to run once the PAC result is available.
+   * @param flags
+   *        A bit-wise combination of the RESOLVE_ flags defined above.  Pass
+   *        0 to specify the default behavior.
   * @param mustCallbackOnMainThread
   *        If set to false the callback can be made from the PAC thread
   */
  nsresult AsyncGetProxyForURI(nsIURI* uri, nsPACManCallback* callback,
-                               bool mustCallbackOnMainThread);
+                               uint32_t flags, bool mustCallbackOnMainThread);

  /**
   * This method may be called to reload the PAC file.  While we are loading
--- a/netwerk/base/nsProtocolProxyService.cpp
+++ b/netwerk/base/nsProtocolProxyService.cpp
@ -387,7 +387,8 @@ class nsAsyncResolveRequest final : public nsIRunnable,
        // now that the load is triggered, we can resubmit the query
        RefPtr<nsAsyncResolveRequest> newRequest =
            new nsAsyncResolveRequest(mPPS, mChannel, mResolveFlags, mCallback);
-        rv = mPPS->mPACMan->AsyncGetProxyForURI(proxyURI, newRequest, true);
+        rv = mPPS->mPACMan->AsyncGetProxyForURI(proxyURI, newRequest,
+                                                mResolveFlags, true);
      }

      if (NS_FAILED(rv))
@ -1556,8 +1557,7 @@ nsresult nsProtocolProxyService::AsyncResolveInternal(
  }

  // else kick off a PAC thread query
-
-  rv = mPACMan->AsyncGetProxyForURI(uri, ctx, true);
+  rv = mPACMan->AsyncGetProxyForURI(uri, ctx, flags, true);
  if (NS_SUCCEEDED(rv)) ctx.forget(result);
  return rv;
 }