Bug 1351146 - P1 - Add more information to redirect chains. r=dragana

In order to provide more details context of how client arrived at the unsafe page, particularly in redirect case, we may have to add more information to redirect chains including: - referrer (if any) - remote address. - URL We may want to use an idl interface instead of nsIPrincipal to store these information MozReview-Commit-ID: 3Uh4r06w60C
2024-11-23 21:01:08 +00:00 · 2017-05-25 19:42:00 +02:00 · 2017-05-25 19:42:00 +02:00 · 4fcb94e968
commit 4fcb94e968
parent 68cf4559f8
11 changed files with 313 additions and 78 deletions
--- a/ipc/glue/BackgroundUtils.cpp
+++ b/ipc/glue/BackgroundUtils.cpp
@ -10,6 +10,7 @@
 #include "mozilla/Assertions.h"
 #include "mozilla/BasePrincipal.h"
 #include "mozilla/ipc/PBackgroundSharedTypes.h"
+#include "mozilla/ipc/URIUtils.h"
 #include "mozilla/net/NeckoChannelParams.h"
 #include "ExpandedPrincipal.h"
 #include "nsIScriptSecurityManager.h"
@ -21,6 +22,7 @@
 #include "nsContentUtils.h"
 #include "nsString.h"
 #include "nsTArray.h"
+#include "mozilla/nsRedirectHistoryEntry.h"

 namespace mozilla {
 namespace net {
@ -258,6 +260,46 @@ IsPincipalInfoPrivate(const PrincipalInfo& aPrincipalInfo)
  return !!info.attrs().mPrivateBrowsingId;
 }

+already_AddRefed<nsIRedirectHistoryEntry>
+RHEntryInfoToRHEntry(const RedirectHistoryEntryInfo& aRHEntryInfo)
+{
+  nsresult rv;
+  nsCOMPtr<nsIPrincipal> principal =
+    PrincipalInfoToPrincipal(aRHEntryInfo.principalInfo(), &rv);
+  if (NS_WARN_IF(NS_FAILED(rv))) {
+    return nullptr;
+  }
+
+  nsCOMPtr<nsIURI> referrerUri = DeserializeURI(aRHEntryInfo.referrerUri());
+
+  nsCOMPtr<nsIRedirectHistoryEntry> entry =
+    new nsRedirectHistoryEntry(principal, referrerUri, aRHEntryInfo.remoteAddress());
+
+  return entry.forget();
+}
+
+nsresult
+RHEntryToRHEntryInfo(nsIRedirectHistoryEntry* aRHEntry,
+                     RedirectHistoryEntryInfo* aRHEntryInfo)
+{
+  MOZ_ASSERT(aRHEntry);
+  MOZ_ASSERT(aRHEntryInfo);
+
+  nsresult rv;
+  aRHEntry->GetRemoteAddress(aRHEntryInfo->remoteAddress());
+
+  nsCOMPtr<nsIURI> referrerUri;
+  rv = aRHEntry->GetReferrerURI(getter_AddRefs(referrerUri));
+  NS_ENSURE_SUCCESS(rv, rv);
+  SerializeURI(referrerUri, aRHEntryInfo->referrerUri());
+
+  nsCOMPtr<nsIPrincipal> principal;
+  rv = aRHEntry->GetPrincipal(getter_AddRefs(principal));
+  NS_ENSURE_SUCCESS(rv, rv);
+
+  return PrincipalToPrincipalInfo(principal, &aRHEntryInfo->principalInfo());
+}
+
 nsresult
 LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo,
                       OptionalLoadInfoArgs* aOptionalLoadInfoArgs)
@ -304,15 +346,19 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo,
    sandboxedLoadingPrincipalInfo = sandboxedLoadingPrincipalInfoTemp;
  }

-  nsTArray<PrincipalInfo> redirectChainIncludingInternalRedirects;
-  for (const nsCOMPtr<nsIPrincipal>& principal : aLoadInfo->RedirectChainIncludingInternalRedirects()) {
-    rv = PrincipalToPrincipalInfo(principal, redirectChainIncludingInternalRedirects.AppendElement());
+  nsTArray<RedirectHistoryEntryInfo> redirectChainIncludingInternalRedirects;
+  for (const nsCOMPtr<nsIRedirectHistoryEntry>& redirectEntry :
+       aLoadInfo->RedirectChainIncludingInternalRedirects()) {
+    RedirectHistoryEntryInfo* entry = redirectChainIncludingInternalRedirects.AppendElement();
+    rv = RHEntryToRHEntryInfo(redirectEntry, entry);
    NS_ENSURE_SUCCESS(rv, rv);
  }

-  nsTArray<PrincipalInfo> redirectChain;
-  for (const nsCOMPtr<nsIPrincipal>& principal : aLoadInfo->RedirectChain()) {
-    rv = PrincipalToPrincipalInfo(principal, redirectChain.AppendElement());
+  nsTArray<RedirectHistoryEntryInfo> redirectChain;
+  for (const nsCOMPtr<nsIRedirectHistoryEntry>& redirectEntry :
+       aLoadInfo->RedirectChain()) {
+    RedirectHistoryEntryInfo* entry = redirectChain.AppendElement();
+    rv = RHEntryToRHEntryInfo(redirectEntry, entry);
    NS_ENSURE_SUCCESS(rv, rv);
  }

@ -385,20 +431,21 @@ LoadInfoArgsToLoadInfo(const OptionalLoadInfoArgs& aOptionalLoadInfoArgs,
    NS_ENSURE_SUCCESS(rv, rv);
  }

-  nsTArray<nsCOMPtr<nsIPrincipal>> redirectChainIncludingInternalRedirects;
-  for (const PrincipalInfo& principalInfo : loadInfoArgs.redirectChainIncludingInternalRedirects()) {
-    nsCOMPtr<nsIPrincipal> redirectedPrincipal =
-      PrincipalInfoToPrincipal(principalInfo, &rv);
+  RedirectHistoryArray redirectChainIncludingInternalRedirects;
+  for (const RedirectHistoryEntryInfo& entryInfo :
+      loadInfoArgs.redirectChainIncludingInternalRedirects()) {
+    nsCOMPtr<nsIRedirectHistoryEntry> redirectHistoryEntry =
+      RHEntryInfoToRHEntry(entryInfo);
    NS_ENSURE_SUCCESS(rv, rv);
-    redirectChainIncludingInternalRedirects.AppendElement(redirectedPrincipal.forget());
+    redirectChainIncludingInternalRedirects.AppendElement(redirectHistoryEntry.forget());
  }

-  nsTArray<nsCOMPtr<nsIPrincipal>> redirectChain;
-  for (const PrincipalInfo& principalInfo : loadInfoArgs.redirectChain()) {
-    nsCOMPtr<nsIPrincipal> redirectedPrincipal =
-      PrincipalInfoToPrincipal(principalInfo, &rv);
+  RedirectHistoryArray redirectChain;
+  for (const RedirectHistoryEntryInfo& entryInfo : loadInfoArgs.redirectChain()) {
+    nsCOMPtr<nsIRedirectHistoryEntry> redirectHistoryEntry =
+      RHEntryInfoToRHEntry(entryInfo);
    NS_ENSURE_SUCCESS(rv, rv);
-    redirectChain.AppendElement(redirectedPrincipal.forget());
+    redirectChain.AppendElement(redirectHistoryEntry.forget());
  }

  nsCOMPtr<nsILoadInfo> loadInfo =
--- a/ipc/glue/BackgroundUtils.h
+++ b/ipc/glue/BackgroundUtils.h
@ -15,6 +15,7 @@

 class nsILoadInfo;
 class nsIPrincipal;
+class nsIRedirectHistoryEntry;

 namespace IPC {

@ -49,6 +50,7 @@ struct ParamTraits<mozilla::OriginAttributes>
 namespace mozilla {
 namespace net {
 class OptionalLoadInfoArgs;
+class RedirectHistoryEntryInfo;
 } // namespace net

 using namespace mozilla::net;
@ -82,6 +84,21 @@ PrincipalToPrincipalInfo(nsIPrincipal* aPrincipal,
 bool
 IsPincipalInfoPrivate(const PrincipalInfo& aPrincipalInfo);

+/**
+ * Convert an RedirectHistoryEntryInfo to a nsIRedirectHistoryEntry.
+ */
+
+already_AddRefed<nsIRedirectHistoryEntry>
+RHEntryInfoToRHEntry(const RedirectHistoryEntryInfo& aRHEntryInfo);
+
+/**
+ * Convert an nsIRedirectHistoryEntry to a RedirectHistoryEntryInfo.
+ */
+
+nsresult
+RHEntryToRHEntryInfo(nsIRedirectHistoryEntry* aRHEntry,
+                     RedirectHistoryEntryInfo* aRHEntryInfo);
+
 /**
 * Convert a LoadInfo to LoadInfoArgs struct.
 */
--- a/netwerk/base/LoadInfo.cpp
+++ b/netwerk/base/LoadInfo.cpp
@ -22,6 +22,7 @@
 #include "nsDocShell.h"
 #include "nsGlobalWindow.h"
 #include "NullPrincipal.h"
+#include "nsRedirectHistoryEntry.h"

 using namespace mozilla::dom;

@ -315,8 +316,8 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
                   bool aInitialSecurityCheckDone,
                   bool aIsThirdPartyContext,
                   const OriginAttributes& aOriginAttributes,
-                   nsTArray<nsCOMPtr<nsIPrincipal>>& aRedirectChainIncludingInternalRedirects,
-                   nsTArray<nsCOMPtr<nsIPrincipal>>& aRedirectChain,
+                   RedirectHistoryArray& aRedirectChainIncludingInternalRedirects,
+                   RedirectHistoryArray& aRedirectChain,
                   const nsTArray<nsCString>& aCorsUnsafeHeaders,
                   bool aForcePreflight,
                   bool aIsPreflight,
@ -795,28 +796,54 @@ LoadInfo::GetInitialSecurityCheckDone(bool* aResult)
 }

 NS_IMETHODIMP
-LoadInfo::AppendRedirectedPrincipal(nsIPrincipal* aPrincipal, bool aIsInternalRedirect)
+LoadInfo::AppendRedirectHistoryEntry(nsIRedirectHistoryEntry* aEntry,
+                                     bool aIsInternalRedirect)
 {
-  NS_ENSURE_ARG(aPrincipal);
+  NS_ENSURE_ARG(aEntry);
  MOZ_ASSERT(NS_IsMainThread());

-  mRedirectChainIncludingInternalRedirects.AppendElement(aPrincipal);
+  mRedirectChainIncludingInternalRedirects.AppendElement(aEntry);
  if (!aIsInternalRedirect) {
-    mRedirectChain.AppendElement(aPrincipal);
+    mRedirectChain.AppendElement(aEntry);
  }
  return NS_OK;
 }

+NS_IMETHODIMP
+LoadInfo::GetRedirects(JSContext* aCx, JS::MutableHandle<JS::Value> aRedirects,
+                       const RedirectHistoryArray& aArray)
+{
+  JS::Rooted<JSObject*> redirects(aCx, JS_NewArrayObject(aCx, aArray.Length()));
+  NS_ENSURE_TRUE(redirects, NS_ERROR_OUT_OF_MEMORY);
+
+  JS::Rooted<JSObject*> global(aCx, JS::CurrentGlobalOrNull(aCx));
+  NS_ENSURE_TRUE(global, NS_ERROR_UNEXPECTED);
+
+  nsCOMPtr<nsIXPConnect> xpc = mozilla::services::GetXPConnect();
+
+  for (size_t idx = 0; idx < aArray.Length(); idx++) {
+    JS::RootedObject jsobj(aCx);
+    nsresult rv = xpc->WrapNative(aCx, global, aArray[idx],
+                                  NS_GET_IID(nsIRedirectHistoryEntry),
+                                  jsobj.address());
+    NS_ENSURE_SUCCESS(rv, rv);
+    NS_ENSURE_STATE(jsobj);
+
+    bool rc = JS_DefineElement(aCx, redirects, idx, jsobj, JSPROP_ENUMERATE);
+    NS_ENSURE_TRUE(rc, NS_ERROR_UNEXPECTED);
+  }
+
+  aRedirects.setObject(*redirects);
+  return NS_OK;
+}
+
 NS_IMETHODIMP
 LoadInfo::GetRedirectChainIncludingInternalRedirects(JSContext* aCx, JS::MutableHandle<JS::Value> aChain)
 {
-  if (!ToJSValue(aCx, mRedirectChainIncludingInternalRedirects, aChain)) {
-    return NS_ERROR_OUT_OF_MEMORY;
-  }
-  return NS_OK;
+  return GetRedirects(aCx, aChain, mRedirectChainIncludingInternalRedirects);
 }

-const nsTArray<nsCOMPtr<nsIPrincipal>>&
+const RedirectHistoryArray&
 LoadInfo::RedirectChainIncludingInternalRedirects()
 {
  return mRedirectChainIncludingInternalRedirects;
@ -825,13 +852,10 @@ LoadInfo::RedirectChainIncludingInternalRedirects()
 NS_IMETHODIMP
 LoadInfo::GetRedirectChain(JSContext* aCx, JS::MutableHandle<JS::Value> aChain)
 {
-  if (!ToJSValue(aCx, mRedirectChain, aChain)) {
-    return NS_ERROR_OUT_OF_MEMORY;
-  }
-  return NS_OK;
+  return GetRedirects(aCx, aChain, mRedirectChain);
 }

-const nsTArray<nsCOMPtr<nsIPrincipal>>&
+const RedirectHistoryArray&
 LoadInfo::RedirectChain()
 {
  return mRedirectChain;
--- a/netwerk/base/LoadInfo.h
+++ b/netwerk/base/LoadInfo.h
@ -38,6 +38,8 @@ LoadInfoArgsToLoadInfo(const mozilla::net::OptionalLoadInfoArgs& aLoadInfoArgs,

 namespace net {

+typedef nsTArray<nsCOMPtr<nsIRedirectHistoryEntry>> RedirectHistoryArray;
+
 /**
 * Class that provides an nsILoadInfo implementation.
 */
@ -99,8 +101,8 @@ private:
           bool aInitialSecurityCheckDone,
           bool aIsThirdPartyRequest,
           const OriginAttributes& aOriginAttributes,
-           nsTArray<nsCOMPtr<nsIPrincipal>>& aRedirectChainIncludingInternalRedirects,
-           nsTArray<nsCOMPtr<nsIPrincipal>>& aRedirectChain,
+           RedirectHistoryArray& aRedirectChainIncludingInternalRedirects,
+           RedirectHistoryArray& aRedirectChain,
           const nsTArray<nsCString>& aUnsafeHeaders,
           bool aForcePreflight,
           bool aIsPreflight,
@ -108,6 +110,9 @@ private:
           bool aMixedContentWouldBlock);
  LoadInfo(const LoadInfo& rhs);

+  NS_IMETHOD GetRedirects(JSContext* aCx, JS::MutableHandle<JS::Value> aRedirects,
+                          const RedirectHistoryArray& aArra);
+
  friend nsresult
  mozilla::ipc::LoadInfoArgsToLoadInfo(
    const mozilla::net::OptionalLoadInfoArgs& aLoadInfoArgs,
@ -144,8 +149,8 @@ private:
  bool                             mInitialSecurityCheckDone;
  bool                             mIsThirdPartyContext;
  OriginAttributes                 mOriginAttributes;
-  nsTArray<nsCOMPtr<nsIPrincipal>> mRedirectChainIncludingInternalRedirects;
-  nsTArray<nsCOMPtr<nsIPrincipal>> mRedirectChain;
+  RedirectHistoryArray             mRedirectChainIncludingInternalRedirects;
+  RedirectHistoryArray             mRedirectChain;
  nsTArray<nsCString>              mCorsUnsafeHeaders;
  bool                             mForcePreflight;
  bool                             mIsPreflight;
--- a/netwerk/base/moz.build
+++ b/netwerk/base/moz.build
@ -87,6 +87,7 @@ XPIDL_SOURCES += [
    'nsIProxyInfo.idl',
    'nsIRandomGenerator.idl',
    'nsIRedirectChannelRegistrar.idl',
+    'nsIRedirectHistoryEntry.idl',
    'nsIRedirectResultListener.idl',
    'nsIRequest.idl',
    'nsIRequestContext.idl',
@ -166,6 +167,7 @@ EXPORTS.mozilla += [
    'LoadContextInfo.h',
    'LoadInfo.h',
    'LoadTainting.h',
+    'nsRedirectHistoryEntry.h',
 ]

 EXPORTS.mozilla.net += [
@ -218,6 +220,7 @@ UNIFIED_SOURCES += [
    'nsPreloadedStream.cpp',
    'nsProtocolProxyService.cpp',
    'nsProxyInfo.cpp',
+    'nsRedirectHistoryEntry.cpp',
    'nsRequestObserverProxy.cpp',
    'nsSecCheckWrapChannel.cpp',
    'nsSerializationHelper.cpp',
--- a/netwerk/base/nsILoadInfo.idl
+++ b/netwerk/base/nsILoadInfo.idl
@ -10,7 +10,7 @@
 interface nsIDOMDocument;
 interface nsINode;
 interface nsIPrincipal;
-
+interface nsIRedirectHistoryEntry;
 %{C++
 #include "nsTArray.h"
 #include "mozilla/BasePrincipal.h"
@ -19,7 +19,7 @@ interface nsIPrincipal;
 class nsCString;
 %}

-[ref] native const_nsIPrincipalArray(const nsTArray<nsCOMPtr<nsIPrincipal>>);
+[ref] native nsIRedirectHistoryEntryArray(const nsTArray<nsCOMPtr<nsIRedirectHistoryEntry>>);
 native OriginAttributes(mozilla::OriginAttributes);
 [ref] native const_OriginAttributesRef(const mozilla::OriginAttributes);
 [ref] native StringArrayRef(const nsTArray<nsCString>);
@ -585,23 +585,25 @@ interface nsILoadInfo : nsISupports
  [infallible] attribute boolean initialSecurityCheckDone;

  /**
-   * Whenever a channel gets redirected, append the principal of the
-   * channel [before the channels got redirected] to the loadinfo,
-   * so that at every point this array lets us reason about all the
-   * redirects this channel went through.
-   * @param aPrincipal, the channelURIPrincipal before the channel
+   * Whenever a channel gets redirected, append the redirect history entry of
+   * the channel which contains principal referrer and remote address [before
+   * the channels got redirected] to the loadinfo, so that at every point this
+   * array provides us information about all the redirects this channel went
+   * through.
+   * @param entry, the nsIRedirectHistoryEntry before the channel
   *         got redirected.
   * @param aIsInternalRedirect should be true if the channel is going
   *        through an internal redirect, otherwise false.
   */
-  void appendRedirectedPrincipal(in nsIPrincipal principal,
-                                 in boolean isInternalRedirect);
+  void appendRedirectHistoryEntry(in nsIRedirectHistoryEntry entry,
+                                  in boolean isInternalRedirect);

  /**
-   * An array of nsIPrincipals which stores redirects associated with this
-   * channel. This array is filled whether or not the channel has ever been
-   * opened. The last element of the array is associated with the most recent
-   * redirect. Please note, that this array *includes* internal redirects.
+   * An array of nsIRedirectHistoryEntry which stores redirects associated
+   * with this channel. This array is filled whether or not the channel has
+   * ever been opened. The last element of the array is associated with the
+   * most recent redirect. Please note, that this array *includes* internal
+   * redirects.
   */
  [implicit_jscontext]
  readonly attribute jsval redirectChainIncludingInternalRedirects;
@ -612,7 +614,7 @@ interface nsILoadInfo : nsISupports
   * loadInfo object - use with caution!
   */
  [noscript, notxpcom, nostdcall, binaryname(RedirectChainIncludingInternalRedirects)]
-  const_nsIPrincipalArray binaryRedirectChainIncludingInternalRedirects();
+  nsIRedirectHistoryEntryArray binaryRedirectChainIncludingInternalRedirects();

  /**
   * Same as RedirectChain but does *not* include internal redirects.
@ -626,7 +628,7 @@ interface nsILoadInfo : nsISupports
   * loadInfo object - use with caution!
   */
  [noscript, notxpcom, nostdcall, binaryname(RedirectChain)]
-  const_nsIPrincipalArray binaryRedirectChain();
+  nsIRedirectHistoryEntryArray binaryRedirectChain();

  /**
   * Sets the list of unsafe headers according to CORS spec, as well as
--- a/netwerk/base/nsIRedirectHistoryEntry.idl
+++ b/netwerk/base/nsIRedirectHistoryEntry.idl
@ -0,0 +1,34 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nsISupports.idl"
+
+interface nsIPrincipal;
+interface nsIURI;
+
+/**
+ * This nsIRedirectHistoryEntry defines an interface for specifying channel
+ * redirect information
+ */
+
+[scriptable, uuid(133b2905-0eba-411c-a8bb-f59787142aa2)]
+interface nsIRedirectHistoryEntry : nsISupports
+{
+  /**
+   * The principal of this redirect entry
+   */
+  readonly attribute nsIPrincipal principal;
+
+  /**
+   * The referring URI of this redirect entry.  This may be null.
+   */
+  readonly attribute nsIURI referrerURI;
+
+  /**
+   * The remote address of this redirect entry.
+   */
+  readonly attribute ACString remoteAddress;
+
+};
--- a/netwerk/base/nsNetUtil.cpp
+++ b/netwerk/base/nsNetUtil.cpp
@ -69,6 +69,7 @@
 #include "nsISiteSecurityService.h"
 #include "nsHttpHandler.h"
 #include "nsNSSComponent.h"
+#include "nsIRedirectHistoryEntry.h"

 #ifdef MOZ_WIDGET_GONK
 #include "nsINetworkManager.h"
@ -1639,7 +1640,13 @@ NS_HasBeenCrossOrigin(nsIChannel* aChannel, bool aReport)

  bool aboutBlankInherits = dataInherits && loadInfo->GetAboutBlankInherits();

-  for (nsIPrincipal* principal : loadInfo->RedirectChain()) {
+  for (nsIRedirectHistoryEntry* redirectHistoryEntry : loadInfo->RedirectChain()) {
+    nsCOMPtr<nsIPrincipal> principal;
+    redirectHistoryEntry->GetPrincipal(getter_AddRefs(principal));
+    if (!principal) {
+      return true;
+    }
+
    nsCOMPtr<nsIURI> uri;
    principal->GetURI(getter_AddRefs(uri));
    if (!uri) {
--- a/netwerk/base/nsRedirectHistoryEntry.cpp
+++ b/netwerk/base/nsRedirectHistoryEntry.cpp
@ -0,0 +1,52 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim:set ts=2 sw=2 sts=2 et cindent: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nsRedirectHistoryEntry.h"
+#include "nsCOMPtr.h"
+#include "nsIURI.h"
+#include "nsIPrincipal.h"
+
+namespace mozilla {
+namespace net {
+
+NS_IMPL_ISUPPORTS(nsRedirectHistoryEntry, nsIRedirectHistoryEntry)
+
+nsRedirectHistoryEntry::nsRedirectHistoryEntry(nsIPrincipal* aPrincipal,
+                                               nsIURI* aReferrer,
+                                               const nsACString& aRemoteAddress)
+  : mPrincipal(aPrincipal)
+  , mReferrer(aReferrer)
+  , mRemoteAddress(aRemoteAddress)
+{
+}
+
+nsRedirectHistoryEntry::~nsRedirectHistoryEntry()
+{
+}
+
+NS_IMETHODIMP
+nsRedirectHistoryEntry::GetRemoteAddress(nsACString &result)
+{
+  result = mRemoteAddress;
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+nsRedirectHistoryEntry::GetReferrerURI(nsIURI** referrer)
+{
+  NS_IF_ADDREF(*referrer = mReferrer);
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+nsRedirectHistoryEntry::GetPrincipal(nsIPrincipal** principal)
+{
+  NS_IF_ADDREF(*principal = mPrincipal);
+  return NS_OK;
+}
+
+} // namespace net
+} // namespace mozilla
--- a/netwerk/base/nsRedirectHistoryEntry.h
+++ b/netwerk/base/nsRedirectHistoryEntry.h
@ -0,0 +1,37 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef nsRedirectHistoryEntry_h__
+#define nsRedirectHistoryEntry_h__
+
+#include "nsIRedirectHistoryEntry.h"
+
+class nsIURI;
+class nsIPrincipal;
+
+namespace mozilla {
+namespace net {
+
+class nsRedirectHistoryEntry final : public nsIRedirectHistoryEntry
+{
+public:
+  NS_DECL_THREADSAFE_ISUPPORTS
+  NS_DECL_NSIREDIRECTHISTORYENTRY
+
+  nsRedirectHistoryEntry(nsIPrincipal* aPrincipal, nsIURI* aReferrer,
+                         const nsACString& aRemoteAddress);
+
+private:
+  ~nsRedirectHistoryEntry();
+
+  nsCOMPtr<nsIPrincipal> mPrincipal;
+  nsCOMPtr<nsIURI> mReferrer;
+  nsCString mRemoteAddress;
+
+};
+
+} // namespace net
+} // namespace mozilla
+
+#endif // nsRedirectHistoryEntry_h__
--- a/netwerk/ipc/NeckoChannelParams.ipdlh
+++ b/netwerk/ipc/NeckoChannelParams.ipdlh
@ -28,34 +28,41 @@ namespace net {
 // LoadInfo IPDL structs
 //-----------------------------------------------------------------------------

+struct RedirectHistoryEntryInfo
+{
+  PrincipalInfo       principalInfo;
+  OptionalURIParams   referrerUri;
+  nsCString           remoteAddress;
+};
+
 struct LoadInfoArgs
 {
-  OptionalPrincipalInfo requestingPrincipalInfo;
-  PrincipalInfo         triggeringPrincipalInfo;
-  OptionalPrincipalInfo principalToInheritInfo;
-  OptionalPrincipalInfo sandboxedLoadingPrincipalInfo;
-  uint32_t              securityFlags;
-  uint32_t              contentPolicyType;
-  uint32_t              tainting;
-  bool                  upgradeInsecureRequests;
-  bool                  verifySignedContent;
-  bool                  enforceSRI;
-  bool                  forceInheritPrincipalDropped;
-  uint64_t              innerWindowID;
-  uint64_t              outerWindowID;
-  uint64_t              parentOuterWindowID;
-  uint64_t              frameOuterWindowID;
-  bool                  enforceSecurity;
-  bool                  initialSecurityCheckDone;
-  bool                  isInThirdPartyContext;
-  OriginAttributes      originAttributes;
-  PrincipalInfo[]       redirectChainIncludingInternalRedirects;
-  PrincipalInfo[]       redirectChain;
-  nsCString[]           corsUnsafeHeaders;
-  bool                  forcePreflight;
-  bool                  isPreflight;
-  bool                  forceHSTSPriming;
-  bool                  mixedContentWouldBlock;
+  OptionalPrincipalInfo       requestingPrincipalInfo;
+  PrincipalInfo               triggeringPrincipalInfo;
+  OptionalPrincipalInfo       principalToInheritInfo;
+  OptionalPrincipalInfo       sandboxedLoadingPrincipalInfo;
+  uint32_t                    securityFlags;
+  uint32_t                    contentPolicyType;
+  uint32_t                    tainting;
+  bool                        upgradeInsecureRequests;
+  bool                        verifySignedContent;
+  bool                        enforceSRI;
+  bool                        forceInheritPrincipalDropped;
+  uint64_t                    innerWindowID;
+  uint64_t                    outerWindowID;
+  uint64_t                    parentOuterWindowID;
+  uint64_t                    frameOuterWindowID;
+  bool                        enforceSecurity;
+  bool                        initialSecurityCheckDone;
+  bool                        isInThirdPartyContext;
+  OriginAttributes            originAttributes;
+  RedirectHistoryEntryInfo[]  redirectChainIncludingInternalRedirects;
+  RedirectHistoryEntryInfo[]  redirectChain;
+  nsCString[]                 corsUnsafeHeaders;
+  bool                        forcePreflight;
+  bool                        isPreflight;
+  bool                        forceHSTSPriming;
+  bool                        mixedContentWouldBlock;
 };

 /**