mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-17 23:35:34 +00:00
Bug 1683536 - Show auth spoofing warning prompt for cached response r=necko-reviewers,dragana
Differential Revision: https://phabricator.services.mozilla.com/D101029
This commit is contained in:
parent
b30d64aa2e
commit
42644060c0
@ -7593,6 +7593,17 @@ nsresult nsHttpChannel::ContinueOnStartRequest4(nsresult result) {
|
||||
|
||||
if (LoadFallingBack()) return NS_OK;
|
||||
|
||||
if (NS_SUCCEEDED(mStatus) && mResponseHead && mAuthProvider) {
|
||||
uint32_t httpStatus = mResponseHead->Status();
|
||||
if (httpStatus != 401 && httpStatus != 407) {
|
||||
nsresult rv = mAuthProvider->CheckForSuperfluousAuth();
|
||||
if (NS_FAILED(rv)) {
|
||||
LOG((" CheckForSuperfluousAuth failed (%08x)",
|
||||
static_cast<uint32_t>(rv)));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return CallOnStartRequest();
|
||||
}
|
||||
|
||||
|
99
netwerk/test/unit/test_SuperfluousAuth.js
Normal file
99
netwerk/test/unit/test_SuperfluousAuth.js
Normal file
@ -0,0 +1,99 @@
|
||||
/*
|
||||
|
||||
Create two http requests with the same URL in which has a user name. We allow
|
||||
first http request to be loaded and saved in the cache, so the second request
|
||||
will be served from the cache. However, we disallow loading by returning 1
|
||||
in the prompt service. In the end, the second request will be failed.
|
||||
|
||||
*/
|
||||
|
||||
"use strict";
|
||||
|
||||
const { HttpServer } = ChromeUtils.import("resource://testing-common/httpd.js");
|
||||
|
||||
const { MockRegistrar } = ChromeUtils.import(
|
||||
"resource://testing-common/MockRegistrar.jsm"
|
||||
);
|
||||
|
||||
var httpProtocolHandler = Cc[
|
||||
"@mozilla.org/network/protocol;1?name=http"
|
||||
].getService(Ci.nsIHttpProtocolHandler);
|
||||
|
||||
XPCOMUtils.defineLazyGetter(this, "URL", function() {
|
||||
return "http://foo@localhost:" + httpServer.identity.primaryPort;
|
||||
});
|
||||
|
||||
var httpServer = null;
|
||||
|
||||
const gMockPromptService = {
|
||||
firstTimeCalled: false,
|
||||
confirmExBC() {
|
||||
if (!this.firstTimeCalled) {
|
||||
this.firstTimeCalled = true;
|
||||
return 0;
|
||||
}
|
||||
|
||||
return 1;
|
||||
},
|
||||
|
||||
QueryInterface: ChromeUtils.generateQI(["nsIPromptService"]),
|
||||
};
|
||||
|
||||
var gMockPromptServiceCID = MockRegistrar.register(
|
||||
"@mozilla.org/embedcomp/prompt-service;1",
|
||||
gMockPromptService
|
||||
);
|
||||
|
||||
registerCleanupFunction(() => {
|
||||
MockRegistrar.unregister(gMockPromptServiceCID);
|
||||
});
|
||||
|
||||
function makeChan(uri) {
|
||||
let chan = NetUtil.newChannel({
|
||||
uri,
|
||||
loadUsingSystemPrincipal: true,
|
||||
}).QueryInterface(Ci.nsIHttpChannel);
|
||||
chan.loadFlags = Ci.nsIChannel.LOAD_INITIAL_DOCUMENT_URI;
|
||||
return chan;
|
||||
}
|
||||
|
||||
const responseBody = "body";
|
||||
|
||||
function contentHandler(metadata, response) {
|
||||
response.setHeader("Content-Type", "text/plain");
|
||||
response.setHeader("ETag", "Just testing");
|
||||
response.setHeader("Cache-Control", "max-age=99999");
|
||||
response.setHeader("Content-Length", "" + responseBody.length);
|
||||
response.bodyOutputStream.write(responseBody, responseBody.length);
|
||||
}
|
||||
|
||||
function run_test() {
|
||||
do_get_profile();
|
||||
|
||||
Services.prefs.setBoolPref("network.http.rcwn.enabled", false);
|
||||
|
||||
httpServer = new HttpServer();
|
||||
httpServer.registerPathHandler("/content", contentHandler);
|
||||
httpServer.start(-1);
|
||||
|
||||
httpProtocolHandler.EnsureHSTSDataReady().then(function() {
|
||||
var chan1 = makeChan(URL + "/content");
|
||||
chan1.asyncOpen(new ChannelListener(firstTimeThrough, null));
|
||||
var chan2 = makeChan(URL + "/content");
|
||||
chan2.asyncOpen(
|
||||
new ChannelListener(secondTimeThrough, null, CL_EXPECT_FAILURE)
|
||||
);
|
||||
});
|
||||
|
||||
do_test_pending();
|
||||
}
|
||||
|
||||
function firstTimeThrough(request, buffer) {
|
||||
Assert.equal(buffer, responseBody);
|
||||
Assert.ok(gMockPromptService.firstTimeCalled, "Prompt service invoked");
|
||||
}
|
||||
|
||||
function secondTimeThrough(request, buffer) {
|
||||
Assert.equal(request.status, Cr.NS_ERROR_ABORT);
|
||||
httpServer.stop(do_test_finished);
|
||||
}
|
@ -514,3 +514,4 @@ run-sequentially = node server exceptions dont replay well
|
||||
[test_httpssvc_https_upgrade.js]
|
||||
[test_bug1683176.js]
|
||||
skip-if = os == "android" || !debug
|
||||
[test_SuperfluousAuth.js]
|
||||
|
Loading…
Reference in New Issue
Block a user