mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-09 03:15:11 +00:00
Bug 1313016 - Pref to send default NTLM creds in PB, Always send default creds to proxies in PB. r=jduell
--HG-- extra : rebase_source : 621085462a44307ef018533b04398be9383b9dba extra : source : d1ef75d52b01dbd1f3185084836f48fda8262691
This commit is contained in:
parent
bfd51f89f4
commit
3a99264fc4
@ -53,6 +53,7 @@ static const char kNegotiateAuthDelegationURIs[] = "network.negotiate-auth.deleg
|
||||
static const char kNegotiateAuthAllowProxies[] = "network.negotiate-auth.allow-proxies";
|
||||
static const char kNegotiateAuthAllowNonFqdn[] = "network.negotiate-auth.allow-non-fqdn";
|
||||
static const char kNegotiateAuthSSPI[] = "network.auth.use-sspi";
|
||||
static const char kSSOinPBmode[] = "network.auth.private-browsing-sso";
|
||||
|
||||
#define kNegotiateLen (sizeof(kNegotiate)-1)
|
||||
#define DEFAULT_THREAD_TIMEOUT_MS 30000
|
||||
@ -61,8 +62,14 @@ static const char kNegotiateAuthSSPI[] = "network.auth.use-sspi";
|
||||
|
||||
// Return false when the channel comes from a Private browsing window.
|
||||
static bool
|
||||
TestNotInPBMode(nsIHttpAuthenticableChannel *authChannel)
|
||||
TestNotInPBMode(nsIHttpAuthenticableChannel *authChannel, bool proxyAuth)
|
||||
{
|
||||
// Proxy should go all the time, it's not considered a privacy leak
|
||||
// to send default credentials to a proxy.
|
||||
if (proxyAuth) {
|
||||
return true;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIChannel> bareChannel = do_QueryInterface(authChannel);
|
||||
MOZ_ASSERT(bareChannel);
|
||||
|
||||
@ -71,18 +78,21 @@ TestNotInPBMode(nsIHttpAuthenticableChannel *authChannel)
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID);
|
||||
if (!prefs) {
|
||||
return true;
|
||||
}
|
||||
if (prefs) {
|
||||
bool ssoInPb;
|
||||
if (NS_SUCCEEDED(prefs->GetBoolPref(kSSOinPBmode, &ssoInPb)) && ssoInPb) {
|
||||
return true;
|
||||
}
|
||||
|
||||
// When the "Never remember history" option is set, all channels are
|
||||
// set PB mode flag, but here we want to make an exception, users
|
||||
// want their credentials go out.
|
||||
bool dontRememberHistory;
|
||||
if (NS_SUCCEEDED(prefs->GetBoolPref("browser.privatebrowsing.autostart",
|
||||
&dontRememberHistory)) &&
|
||||
dontRememberHistory) {
|
||||
return true;
|
||||
// When the "Never remember history" option is set, all channels are
|
||||
// set PB mode flag, but here we want to make an exception, users
|
||||
// want their credentials go out.
|
||||
bool dontRememberHistory;
|
||||
if (NS_SUCCEEDED(prefs->GetBoolPref("browser.privatebrowsing.autostart",
|
||||
&dontRememberHistory)) &&
|
||||
dontRememberHistory) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
@ -149,7 +159,7 @@ nsHttpNegotiateAuth::ChallengeReceived(nsIHttpAuthenticableChannel *authChannel,
|
||||
proxyInfo->GetHost(service);
|
||||
}
|
||||
else {
|
||||
bool allowed = TestNotInPBMode(authChannel) &&
|
||||
bool allowed = TestNotInPBMode(authChannel, isProxyAuth) &&
|
||||
(TestNonFqdn(uri) ||
|
||||
TestPref(uri, kNegotiateAuthTrustedURIs));
|
||||
if (!allowed) {
|
||||
|
@ -1964,6 +1964,18 @@ pref("network.generic-ntlm-auth.workstation", "WORKSTATION");
|
||||
// 2 - allow the cross-origin authentication as well.
|
||||
pref("network.auth.subresource-http-auth-allow", 2);
|
||||
|
||||
// This preference controls whether to allow sending default credentials (SSO) to
|
||||
// NTLM/Negotiate servers allowed in the "trusted uri" list when navigating them
|
||||
// in a Private Browsing window.
|
||||
// If set to false, Private Browsing windows will not use default credentials and ask
|
||||
// for credentials from the user explicitly.
|
||||
// If set to true, and a server URL conforms other conditions for sending default
|
||||
// credentials, those will be sent automatically in Private Browsing windows.
|
||||
//
|
||||
// This preference has no effect when the browser is set to "Never Remember History",
|
||||
// in that case default credentials will always be used.
|
||||
pref("network.auth.private-browsing-sso", false);
|
||||
|
||||
pref("permissions.default.image", 1); // 1-Accept, 2-Deny, 3-dontAcceptForeign
|
||||
|
||||
pref("network.proxy.type", 5);
|
||||
|
@ -37,6 +37,7 @@ static const char kAllowProxies[] = "network.automatic-ntlm-auth.allow-proxies";
|
||||
static const char kAllowNonFqdn[] = "network.automatic-ntlm-auth.allow-non-fqdn";
|
||||
static const char kTrustedURIs[] = "network.automatic-ntlm-auth.trusted-uris";
|
||||
static const char kForceGeneric[] = "network.auth.force-generic-ntlm";
|
||||
static const char kSSOinPBmode[] = "network.auth.private-browsing-sso";
|
||||
|
||||
// XXX MatchesBaseURI and TestPref are duplicated in nsHttpNegotiateAuth.cpp,
|
||||
// but since that file lives in a separate library we cannot directly share it.
|
||||
@ -188,27 +189,12 @@ CanUseDefaultCredentials(nsIHttpAuthenticableChannel *channel,
|
||||
bool isProxyAuth)
|
||||
{
|
||||
nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID);
|
||||
|
||||
// Prevent using default credentials for authentication when we are in the
|
||||
// private browsing mode. It would cause a privacy data leak.
|
||||
nsCOMPtr<nsIChannel> bareChannel = do_QueryInterface(channel);
|
||||
MOZ_ASSERT(bareChannel);
|
||||
|
||||
if (NS_UsePrivateBrowsing(bareChannel)) {
|
||||
// But allow when in the "Never remember history" mode.
|
||||
bool dontRememberHistory;
|
||||
if (prefs &&
|
||||
NS_SUCCEEDED(prefs->GetBoolPref("browser.privatebrowsing.autostart",
|
||||
&dontRememberHistory)) &&
|
||||
!dontRememberHistory) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
if (!prefs) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// Proxy should go all the time, it's not considered a privacy leak
|
||||
// to send default credentials to a proxy.
|
||||
if (isProxyAuth) {
|
||||
bool val;
|
||||
if (NS_FAILED(prefs->GetBoolPref(kAllowProxies, &val)))
|
||||
@ -217,6 +203,27 @@ CanUseDefaultCredentials(nsIHttpAuthenticableChannel *channel,
|
||||
return val;
|
||||
}
|
||||
|
||||
// Prevent using default credentials for authentication when we are in the
|
||||
// private browsing mode (but not in "never remember history" mode) and when
|
||||
// not explicitely allowed. Otherwise, it would cause a privacy data leak.
|
||||
nsCOMPtr<nsIChannel> bareChannel = do_QueryInterface(channel);
|
||||
MOZ_ASSERT(bareChannel);
|
||||
|
||||
if (NS_UsePrivateBrowsing(bareChannel)) {
|
||||
bool ssoInPb;
|
||||
if (NS_SUCCEEDED(prefs->GetBoolPref(kSSOinPBmode, &ssoInPb)) &&
|
||||
ssoInPb) {
|
||||
return true;
|
||||
}
|
||||
|
||||
bool dontRememberHistory;
|
||||
if (NS_SUCCEEDED(prefs->GetBoolPref("browser.privatebrowsing.autostart",
|
||||
&dontRememberHistory)) &&
|
||||
!dontRememberHistory) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIURI> uri;
|
||||
channel->GetURI(getter_AddRefs(uri));
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user