Bug 1630372 - remove geturi in nsNetUtil.cpp r=ckerschb,necko-reviewers,valentin

Differential Revision: https://phabricator.services.mozilla.com/D71091
2025-02-26 20:30:41 +00:00 · 2020-04-27 10:54:47 +00:00 · 2020-04-27 10:54:47 +00:00 · 6513f176fe
commit 6513f176fe
parent a8897c91ed
4 changed files with 41 additions and 26 deletions
--- a/caps/BasePrincipal.cpp
+++ b/caps/BasePrincipal.cpp
@ -576,6 +576,13 @@ BasePrincipal::IsThirdPartyPrincipal(nsIPrincipal* aPrin, bool* aRes) {
  }
  return aPrin->IsThirdPartyURI(prinURI, aRes);
 }
+NS_IMETHODIMP
+BasePrincipal::IsThirdPartyChannel(nsIChannel* aChan, bool* aRes) {
+  nsCOMPtr<nsIURI> prinURI;
+  GetURI(getter_AddRefs(prinURI));
+  ThirdPartyUtil* thirdPartyUtil = ThirdPartyUtil::GetInstance();
+  return thirdPartyUtil->IsThirdPartyChannel(aChan, prinURI, aRes);
+}

 NS_IMETHODIMP
 BasePrincipal::IsSameOrigin(nsIURI* aURI, bool aIsPrivateWin, bool* aRes) {
--- a/caps/BasePrincipal.h
+++ b/caps/BasePrincipal.h
@ -146,6 +146,7 @@ class BasePrincipal : public nsJSPrincipals {
  NS_IMETHOD GetSiteOrigin(nsACString& aOrigin) override;
  NS_IMETHOD IsThirdPartyURI(nsIURI* uri, bool* aRes) override;
  NS_IMETHOD IsThirdPartyPrincipal(nsIPrincipal* uri, bool* aRes) override;
+  NS_IMETHOD IsThirdPartyChannel(nsIChannel* aChannel, bool* aRes) override;
  NS_IMETHOD GetIsOriginPotentiallyTrustworthy(bool* aResult) override;
  NS_IMETHOD IsSameOrigin(nsIURI* aURI, bool aIsPrivateWin,
                          bool* aRes) override;
--- a/caps/nsIPrincipal.idl
+++ b/caps/nsIPrincipal.idl
@ -9,6 +9,8 @@
 #include "nsISerializable.idl"
 #include "nsIAboutModule.idl"
 #include "nsIReferrerInfo.idl"
+interface nsIChannel;
+

 %{C++
 struct JSPrincipals;
@ -173,7 +175,7 @@ interface nsIPrincipal : nsISerializable
                                   in unsigned long long innerWindowID);

    /**
-    * Checks if the provided URI is concidered third-party to the
+    * Checks if the provided URI is considered third-party to the
    * URI of the principal.
    * Returns true if the URI is third-party.
    *
@ -182,7 +184,7 @@ interface nsIPrincipal : nsISerializable
    boolean isThirdPartyURI(in nsIURI uri);

    /**
-    * Checks if the provided principal is concidered third-party to the
+    * Checks if the provided principal is considered third-party to the
    * URI of the Principal.
    * Returns true if the principal is third-party.
    *
@ -190,6 +192,16 @@ interface nsIPrincipal : nsISerializable
    */
    boolean isThirdPartyPrincipal(in nsIPrincipal principal);

+    /**
+    * Checks if the provided channel is considered third-party to the
+    * URI of the principal. 
+    * Returns true if the channel is third-party.
+    * Returns false if the Principal is a System Principal
+    *
+    * @param channel - The Channel to check
+    */
+    boolean isThirdPartyChannel(in nsIChannel channel);
+
    /**
     * A dictionary of the non-default origin attributes associated with this
     * nsIPrincipal.
--- a/netwerk/base/nsNetUtil.cpp
+++ b/netwerk/base/nsNetUtil.cpp
@ -2035,7 +2035,8 @@ bool NS_HasBeenCrossOrigin(nsIChannel* aChannel, bool aReport) {
    }

    nsCOMPtr<nsIURI> uri;
-    principal->GetURI(getter_AddRefs(uri));
+    auto* basePrin = BasePrincipal::Cast(principal);
+    basePrin->GetURI(getter_AddRefs(uri));
    if (!uri) {
      return true;
    }
@ -2114,25 +2115,23 @@ bool NS_IsSameSiteForeign(nsIChannel* aChannel, nsIURI* aHostURI) {
    return false;
  }

-  nsCOMPtr<nsIURI> uri;
+  bool isForeign = true;
+  nsresult rv;
  if (loadInfo->GetExternalContentPolicyType() ==
      nsIContentPolicy::TYPE_DOCUMENT) {
    // for loads of TYPE_DOCUMENT we query the hostURI from the
    // triggeringPrincipal which returns the URI of the document that caused the
    // navigation.
-    loadInfo->TriggeringPrincipal()->GetURI(getter_AddRefs(uri));
+    rv = loadInfo->TriggeringPrincipal()->IsThirdPartyChannel(aChannel,
+                                                              &isForeign);
  } else {
-    uri = aHostURI;
+    nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil =
+        do_GetService(THIRDPARTYUTIL_CONTRACTID);
+    if (!thirdPartyUtil) {
+      return true;
+    }
+    rv = thirdPartyUtil->IsThirdPartyChannel(aChannel, aHostURI, &isForeign);
  }
-
-  nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil =
-      do_GetService(THIRDPARTYUTIL_CONTRACTID);
-  if (!thirdPartyUtil) {
-    return false;
-  }
-
-  bool isForeign = true;
-  nsresult rv = thirdPartyUtil->IsThirdPartyChannel(aChannel, uri, &isForeign);
  // if we are dealing with a cross origin request, we can return here
  // because we already know the request is 'foreign'.
  if (NS_FAILED(rv) || isForeign) {
@ -2146,11 +2145,8 @@ bool NS_IsSameSiteForeign(nsIChannel* aChannel, nsIURI* aHostURI) {
  // foreign.
  if (loadInfo->GetExternalContentPolicyType() ==
      nsIContentPolicy::TYPE_SUBDOCUMENT) {
-    nsCOMPtr<nsIURI> triggeringPrincipalURI;
-    loadInfo->TriggeringPrincipal()->GetURI(
-        getter_AddRefs(triggeringPrincipalURI));
-    rv = thirdPartyUtil->IsThirdPartyChannel(aChannel, triggeringPrincipalURI,
-                                             &isForeign);
+    rv = loadInfo->TriggeringPrincipal()->IsThirdPartyChannel(aChannel,
+                                                              &isForeign);
    if (NS_FAILED(rv) || isForeign) {
      return true;
    }
@ -2161,13 +2157,10 @@ bool NS_IsSameSiteForeign(nsIChannel* aChannel, nsIURI* aHostURI) {
  // with regards to CSRF.

  nsCOMPtr<nsIPrincipal> redirectPrincipal;
-  nsCOMPtr<nsIURI> redirectURI;
  for (nsIRedirectHistoryEntry* entry : loadInfo->RedirectChain()) {
    entry->GetPrincipal(getter_AddRefs(redirectPrincipal));
    if (redirectPrincipal) {
-      redirectPrincipal->GetURI(getter_AddRefs(redirectURI));
-      rv = thirdPartyUtil->IsThirdPartyChannel(aChannel, redirectURI,
-                                               &isForeign);
+      rv = redirectPrincipal->IsThirdPartyChannel(aChannel, &isForeign);
      // if at any point we encounter a cross-origin redirect we can return.
      if (NS_FAILED(rv) || isForeign) {
        return true;
@ -2409,7 +2402,8 @@ bool NS_SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI,
  if (BlobURLProtocolHandler::GetBlobURLPrincipal(
          sourceBaseURI, getter_AddRefs(sourceBlobPrincipal))) {
    nsCOMPtr<nsIURI> sourceBlobOwnerURI;
-    rv = sourceBlobPrincipal->GetURI(getter_AddRefs(sourceBlobOwnerURI));
+    auto* basePrin = BasePrincipal::Cast(sourceBlobPrincipal);
+    rv = basePrin->GetURI(getter_AddRefs(sourceBlobOwnerURI));
    if (NS_SUCCEEDED(rv)) {
      sourceBaseURI = sourceBlobOwnerURI;
    }
@ -2419,7 +2413,8 @@ bool NS_SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI,
  if (BlobURLProtocolHandler::GetBlobURLPrincipal(
          targetBaseURI, getter_AddRefs(targetBlobPrincipal))) {
    nsCOMPtr<nsIURI> targetBlobOwnerURI;
-    rv = targetBlobPrincipal->GetURI(getter_AddRefs(targetBlobOwnerURI));
+    auto* basePrin = BasePrincipal::Cast(targetBlobPrincipal);
+    rv = basePrin->GetURI(getter_AddRefs(targetBlobOwnerURI));
    if (NS_SUCCEEDED(rv)) {
      targetBaseURI = targetBlobOwnerURI;
    }