Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-23 04:41:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1699373 - Call ProcessCrossOrigin*Header methods after loading cached headers r=necko-reviewers,dragana a=pascalc

Browse Source 
Previously we called `ProcessCrossOriginEmbedderPolicy` in
`nsHttpChannel::ContinueProcessResponse1`, but we only loaded the cached
response headers in `ContinueProcessResponse3`, meaning that we incorrectly
reported a missing header for the revalidated resource.

This change moves the header checking calls to `ContinueProcessNormal` and
`AsyncProcessRedirection` instead, so they get executed after processing
the cached headers.

Differential Revision: https://phabricator.services.mozilla.com/D125184
This commit is contained in:
Valentin Gosu 2021-09-16 08:31:03 +00:00
parent cfc86c55e3
commit 54a4cabdee
1 changed files with 52 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
netwerk/protocol/http/nsHttpChannel.cpp
View File

@ -2076,7 +2076,7 @@ void nsHttpChannel::AsyncContinueProcessResponse() {
nsresult nsHttpChannel::ContinueProcessResponse1() {
MOZ_ASSERT(!mCallOnResume, "How did that happen?");
nsresult rv;
nsresult rv = NS_OK;
if (mSuspendCount) {
LOG(("Waiting until resume to finish processing response [this=%p]\n",
@ -2088,21 +2088,6 @@ nsresult nsHttpChannel::ContinueProcessResponse1() {
return NS_OK;
}
rv = ProcessCrossOriginResourcePolicyHeader();
if (NS_FAILED(rv)) {
mStatus = NS_ERROR_DOM_CORP_FAILED;
HandleAsyncAbort();
return NS_OK;
}
rv = ComputeCrossOriginOpenerPolicyMismatch();
if (rv == NS_ERROR_BLOCKED_BY_POLICY) {
// this navigates the doc's browsing context to a network error.
mStatus = NS_ERROR_BLOCKED_BY_POLICY;
HandleAsyncAbort();
return NS_OK;
}
// Check if request was cancelled during http-on-examine-response.
if (mCanceled) {
return CallOnStartRequest();
@ -2165,13 +2150,6 @@ nsresult nsHttpChannel::ContinueProcessResponse1() {
LOG((" continuation state has been reset"));
}
rv = ProcessCrossOriginEmbedderPolicyHeader();
if (NS_FAILED(rv)) {
mStatus = NS_ERROR_BLOCKED_BY_POLICY;
HandleAsyncAbort();
return NS_OK;
}
// No process switch needed, continue as normal.
return ContinueProcessResponse2(rv);
}
@ -2547,6 +2525,31 @@ nsresult nsHttpChannel::ContinueProcessNormal(nsresult rv) {
return rv;
}
rv = ProcessCrossOriginEmbedderPolicyHeader();
if (NS_FAILED(rv)) {
mStatus = NS_ERROR_BLOCKED_BY_POLICY;
HandleAsyncAbort();
return rv;
}
rv = ProcessCrossOriginResourcePolicyHeader();
if (NS_FAILED(rv)) {
mStatus = NS_ERROR_DOM_CORP_FAILED;
HandleAsyncAbort();
return rv;
}
// before we check for redirects, check if the load should be shifted into a
// new process.
rv = ComputeCrossOriginOpenerPolicyMismatch();
if (rv == NS_ERROR_BLOCKED_BY_POLICY) {
// this navigates the doc's browsing context to a network error.
mStatus = NS_ERROR_BLOCKED_BY_POLICY;
HandleAsyncAbort();
return rv;
}
// if we're here, then any byte-range requests failed to result in a partial
// response. we must clear this flag to prevent BufferPartialContent from
// being called inside our OnDataAvailable (see bug 136678).
@ -5019,6 +5022,31 @@ nsresult nsHttpChannel::AsyncProcessRedirection(uint32_t redirectType) {
LOG(("nsHttpChannel::AsyncProcessRedirection [this=%p type=%u]\n", this,
redirectType));
nsresult rv = ProcessCrossOriginEmbedderPolicyHeader();
if (NS_FAILED(rv)) {
mStatus = NS_ERROR_BLOCKED_BY_POLICY;
HandleAsyncAbort();
return rv;
}
rv = ProcessCrossOriginResourcePolicyHeader();
if (NS_FAILED(rv)) {
mStatus = NS_ERROR_DOM_CORP_FAILED;
HandleAsyncAbort();
return rv;
}
// before we check for redirects, check if the load should be shifted into a
// new process.
rv = ComputeCrossOriginOpenerPolicyMismatch();
if (rv == NS_ERROR_BLOCKED_BY_POLICY) {
// this navigates the doc's browsing context to a network error.
mStatus = NS_ERROR_BLOCKED_BY_POLICY;
HandleAsyncAbort();
return rv;
}
nsAutoCString location;
// if a location header was not given, then we can't perform the redirect,
@ -5045,7 +5073,7 @@ nsresult nsHttpChannel::AsyncProcessRedirection(uint32_t redirectType) {
LOG(("redirecting to: %s [redirection-limit=%u]\n", location.get(),
uint32_t(mRedirectionLimit)));
nsresult rv = CreateNewURI(location.get(), getter_AddRefs(mRedirectURI));
rv = CreateNewURI(location.get(), getter_AddRefs(mRedirectURI));
if (NS_FAILED(rv)) {
LOG(("Invalid URI for redirect: Location: %s\n", location.get()));