mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-25 13:51:41 +00:00
Bug 1225641 - Change default security flags within NetUtil.newChannel (r=sicking)
This commit is contained in:
parent
8ed93afa4c
commit
413a60a063
@ -1346,8 +1346,7 @@ nsContextMenu.prototype = {
|
||||
// checks after redirects, see bug: 1136055
|
||||
var channel = NetUtil.newChannel({
|
||||
uri: makeURI(linkURL),
|
||||
loadUsingSystemPrincipal: true,
|
||||
securityFlags: Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL
|
||||
loadUsingSystemPrincipal: true
|
||||
});
|
||||
|
||||
if (linkDownload)
|
||||
|
@ -4,6 +4,7 @@
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
|
||||
#include "nsContentUtils.h"
|
||||
#include "nsIconChannel.h"
|
||||
#include "mozilla/Endian.h"
|
||||
#include "nsIIconURI.h"
|
||||
@ -225,8 +226,11 @@ NS_IMETHODIMP
|
||||
nsIconChannel::AsyncOpen(nsIStreamListener* aListener,
|
||||
nsISupports* ctxt)
|
||||
{
|
||||
MOZ_ASSERT(!mLoadInfo || mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone(),
|
||||
MOZ_ASSERT(!mLoadInfo ||
|
||||
mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone() ||
|
||||
(mLoadInfo->GetSecurityMode() == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL &&
|
||||
nsContentUtils::IsSystemPrincipal(mLoadInfo->LoadingPrincipal())),
|
||||
"security flags in loadInfo but asyncOpen2() not called");
|
||||
|
||||
nsCOMPtr<nsIInputStream> inStream;
|
||||
|
@ -27,6 +27,7 @@
|
||||
#include "nsDirectoryServiceDefs.h"
|
||||
#include "nsProxyRelease.h"
|
||||
#include "nsContentSecurityManager.h"
|
||||
#include "nsContentUtils.h"
|
||||
|
||||
#ifdef _WIN32_WINNT
|
||||
#undef _WIN32_WINNT
|
||||
@ -239,8 +240,11 @@ NS_IMETHODIMP
|
||||
nsIconChannel::AsyncOpen(nsIStreamListener* aListener,
|
||||
nsISupports* ctxt)
|
||||
{
|
||||
MOZ_ASSERT(!mLoadInfo || mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone(),
|
||||
MOZ_ASSERT(!mLoadInfo ||
|
||||
mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone() ||
|
||||
(mLoadInfo->GetSecurityMode() == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL &&
|
||||
nsContentUtils::IsSystemPrincipal(mLoadInfo->LoadingPrincipal())),
|
||||
"security flags in loadInfo but asyncOpen2() not called");
|
||||
|
||||
nsCOMPtr<nsIInputStream> inStream;
|
||||
|
@ -937,8 +937,11 @@ nsJARChannel::OverrideWithSynthesizedResponse(nsIInputStream* aSynthesizedInput,
|
||||
NS_IMETHODIMP
|
||||
nsJARChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *ctx)
|
||||
{
|
||||
MOZ_ASSERT(!mLoadInfo || mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetEnforceSecurity(),
|
||||
MOZ_ASSERT(!mLoadInfo ||
|
||||
mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone() ||
|
||||
(mLoadInfo->GetSecurityMode() == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL &&
|
||||
nsContentUtils::IsSystemPrincipal(mLoadInfo->LoadingPrincipal())),
|
||||
"security flags in loadInfo but asyncOpen2() not called");
|
||||
|
||||
LOG(("nsJARChannel::AsyncOpen [this=%x]\n", this));
|
||||
|
@ -356,7 +356,9 @@ this.NetUtil = {
|
||||
}
|
||||
|
||||
if (securityFlags === undefined) {
|
||||
securityFlags = Ci.nsILoadInfo.SEC_NORMAL;
|
||||
securityFlags = loadUsingSystemPrincipal
|
||||
? Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL
|
||||
: Ci.nsILoadInfo.SEC_NORMAL;
|
||||
}
|
||||
|
||||
if (contentPolicyType === undefined) {
|
||||
|
@ -632,8 +632,11 @@ nsBaseChannel::Open2(nsIInputStream** aStream)
|
||||
NS_IMETHODIMP
|
||||
nsBaseChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *ctxt)
|
||||
{
|
||||
MOZ_ASSERT(!mLoadInfo || mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone(),
|
||||
MOZ_ASSERT(!mLoadInfo ||
|
||||
mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone() ||
|
||||
(mLoadInfo->GetSecurityMode() == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL &&
|
||||
nsContentUtils::IsSystemPrincipal(mLoadInfo->LoadingPrincipal())),
|
||||
"security flags in loadInfo but asyncOpen2() not called");
|
||||
|
||||
NS_ENSURE_TRUE(mURI, NS_ERROR_NOT_INITIALIZED);
|
||||
|
@ -111,8 +111,11 @@ DummyChannel::Open2(nsIInputStream** aStream)
|
||||
|
||||
NS_IMETHODIMP DummyChannel::AsyncOpen(nsIStreamListener* aListener, nsISupports* aContext)
|
||||
{
|
||||
MOZ_ASSERT(!mLoadInfo || mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone(),
|
||||
MOZ_ASSERT(!mLoadInfo ||
|
||||
mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone() ||
|
||||
(mLoadInfo->GetSecurityMode() == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL &&
|
||||
nsContentUtils::IsSystemPrincipal(mLoadInfo->LoadingPrincipal())),
|
||||
"security flags in loadInfo but asyncOpen2() not called");
|
||||
|
||||
mListener = aListener;
|
||||
|
@ -1679,8 +1679,11 @@ HttpChannelChild::GetSecurityInfo(nsISupports **aSecurityInfo)
|
||||
NS_IMETHODIMP
|
||||
HttpChannelChild::AsyncOpen(nsIStreamListener *listener, nsISupports *aContext)
|
||||
{
|
||||
MOZ_ASSERT(!mLoadInfo || mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone(),
|
||||
MOZ_ASSERT(!mLoadInfo ||
|
||||
mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone() ||
|
||||
(mLoadInfo->GetSecurityMode() == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL &&
|
||||
nsContentUtils::IsSystemPrincipal(mLoadInfo->LoadingPrincipal())),
|
||||
"security flags in loadInfo but asyncOpen2() not called");
|
||||
|
||||
LOG(("HttpChannelChild::AsyncOpen [this=%p uri=%s]\n", this, mSpec.get()));
|
||||
|
@ -4991,8 +4991,11 @@ nsHttpChannel::GetSecurityInfo(nsISupports **securityInfo)
|
||||
NS_IMETHODIMP
|
||||
nsHttpChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *context)
|
||||
{
|
||||
MOZ_ASSERT(!mLoadInfo || mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone(),
|
||||
MOZ_ASSERT(!mLoadInfo ||
|
||||
mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone() ||
|
||||
(mLoadInfo->GetSecurityMode() == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL &&
|
||||
nsContentUtils::IsSystemPrincipal(mLoadInfo->LoadingPrincipal())),
|
||||
"security flags in loadInfo but asyncOpen2() not called");
|
||||
|
||||
LOG(("nsHttpChannel::AsyncOpen [this=%p]\n", this));
|
||||
|
@ -107,8 +107,11 @@ private:
|
||||
NS_IMETHODIMP
|
||||
RtspChannelChild::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext)
|
||||
{
|
||||
MOZ_ASSERT(!mLoadInfo || mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone(),
|
||||
MOZ_ASSERT(!mLoadInfo ||
|
||||
mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone() ||
|
||||
(mLoadInfo->GetSecurityMode() == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL &&
|
||||
nsContentUtils::IsSystemPrincipal(mLoadInfo->LoadingPrincipal())),
|
||||
"security flags in loadInfo but asyncOpen2() not called");
|
||||
|
||||
// Precondition checks.
|
||||
|
@ -626,8 +626,11 @@ GetTabChild(nsIChannel* aChannel)
|
||||
NS_IMETHODIMP
|
||||
WyciwygChannelChild::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext)
|
||||
{
|
||||
MOZ_ASSERT(!mLoadInfo || mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone(),
|
||||
MOZ_ASSERT(!mLoadInfo ||
|
||||
mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone() ||
|
||||
(mLoadInfo->GetSecurityMode() == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL &&
|
||||
nsContentUtils::IsSystemPrincipal(mLoadInfo->LoadingPrincipal())),
|
||||
"security flags in loadInfo but asyncOpen2() not called");
|
||||
|
||||
LOG(("WyciwygChannelChild::AsyncOpen [this=%p]\n", this));
|
||||
|
@ -431,8 +431,11 @@ nsWyciwygChannel::Open2(nsIInputStream** aStream)
|
||||
NS_IMETHODIMP
|
||||
nsWyciwygChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *ctx)
|
||||
{
|
||||
MOZ_ASSERT(!mLoadInfo || mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone(),
|
||||
MOZ_ASSERT(!mLoadInfo ||
|
||||
mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone() ||
|
||||
(mLoadInfo->GetSecurityMode() == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL &&
|
||||
nsContentUtils::IsSystemPrincipal(mLoadInfo->LoadingPrincipal())),
|
||||
"security flags in loadInfo but asyncOpen2() not called");
|
||||
|
||||
LOG(("nsWyciwygChannel::AsyncOpen [this=%p]\n", this));
|
||||
|
@ -409,8 +409,7 @@ function promiseStartExternalHelperAppServiceDownload(aSourceUrl) {
|
||||
|
||||
let channel = NetUtil.newChannel({
|
||||
uri: sourceURI,
|
||||
loadUsingSystemPrincipal: true,
|
||||
securityFlags: Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL
|
||||
loadUsingSystemPrincipal: true
|
||||
});
|
||||
|
||||
// Start the actual download process.
|
||||
|
@ -166,8 +166,7 @@ function promiseEntityID(aUrl) {
|
||||
let entityID = "";
|
||||
let channel = NetUtil.newChannel({
|
||||
uri: NetUtil.newURI(aUrl),
|
||||
loadUsingSystemPrincipal: true,
|
||||
securityFlags: Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL
|
||||
loadUsingSystemPrincipal: true
|
||||
});
|
||||
|
||||
channel.asyncOpen2({
|
||||
|
@ -2451,8 +2451,7 @@ this.XPIProvider = {
|
||||
try {
|
||||
chan = NetUtil.newChannel({
|
||||
uri: aURI,
|
||||
loadUsingSystemPrincipal: true,
|
||||
securityFlags: Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL
|
||||
loadUsingSystemPrincipal: true
|
||||
});
|
||||
}
|
||||
catch (ex) {
|
||||
@ -5545,8 +5544,7 @@ AddonInstall.prototype = {
|
||||
|
||||
this.channel = NetUtil.newChannel({
|
||||
uri: this.sourceURI,
|
||||
loadUsingSystemPrincipal: true,
|
||||
securityFlags: Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL
|
||||
loadUsingSystemPrincipal: true
|
||||
});
|
||||
this.channel.notificationCallbacks = this;
|
||||
if (this.channel instanceof Ci.nsIHttpChannel) {
|
||||
|
@ -186,8 +186,11 @@ NS_IMETHODIMP nsExtProtocolChannel::Open2(nsIInputStream** aStream)
|
||||
|
||||
NS_IMETHODIMP nsExtProtocolChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *ctxt)
|
||||
{
|
||||
MOZ_ASSERT(!mLoadInfo || mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone(),
|
||||
MOZ_ASSERT(!mLoadInfo ||
|
||||
mLoadInfo->GetSecurityMode() == 0 ||
|
||||
mLoadInfo->GetInitialSecurityCheckDone() ||
|
||||
(mLoadInfo->GetSecurityMode() == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL &&
|
||||
nsContentUtils::IsSystemPrincipal(mLoadInfo->LoadingPrincipal())),
|
||||
"security flags in loadInfo but asyncOpen2() not called");
|
||||
|
||||
NS_ENSURE_ARG_POINTER(listener);
|
||||
|
Loading…
Reference in New Issue
Block a user