Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-24 13:21:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Backed out changeset a52961071dcd (bug 1685900) for Build bustage in nsContentSecurityManager.cpp. CLOSED TREE

Browse Source
This commit is contained in:
Dorel Luca 2021-01-15 02:45:34 +02:00
parent b3aec77f8f
commit 9ed19e2828
53 changed files with 365 additions and 375 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docshell/base/nsDocShell.cpp
View File

@ -331,7 +331,7 @@ static bool IsTopLevelDoc(BrowsingContext* aBrowsingContext,
MOZ_ASSERT(aLoadInfo);
if (aLoadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_DOCUMENT) {
nsIContentPolicy::TYPE_DOCUMENT) {
return false;
}
@ -10467,10 +10467,10 @@ nsresult nsDocShell::OpenRedirectedChannel(nsDocShellLoadState* aLoadState) {
LoadInfo* li = static_cast<LoadInfo*>(loadInfo.get());
if (loadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_DOCUMENT) {
nsIContentPolicy::TYPE_DOCUMENT) {
li->UpdateBrowsingContextID(mBrowsingContext->Id());
} else if (loadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_SUBDOCUMENT) {
nsIContentPolicy::TYPE_SUBDOCUMENT) {
li->UpdateFrameBrowsingContextID(mBrowsingContext->Id());
}
// TODO: more attributes need to be updated on the LoadInfo (bug 1561706)

2
dom/base/Document.cpp
View File

@ -3571,7 +3571,7 @@ nsresult Document::InitCSP(nsIChannel* aChannel) {
// served with a CSP might block internally applied inline styles.
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
if (loadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_IMAGE) {
nsIContentPolicy::TYPE_IMAGE) {
return NS_OK;
}

2
dom/base/ThirdPartyUtil.cpp
View File

@ -313,7 +313,7 @@ ThirdPartyUtil::IsThirdPartyChannel(nsIChannel* aChannel, nsIURI* aURI,
if (!doForce) {
parentIsThird = loadInfo->GetIsInThirdPartyContext();
if (!parentIsThird && loadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_DOCUMENT) {
nsIContentPolicy::TYPE_DOCUMENT) {
// Check if the channel itself is third-party to its own requestor.
// Unfortunately, we have to go through the loading principal.
loadingPrincipal = BasePrincipal::Cast(loadInfo->GetLoadingPrincipal());

4
dom/base/nsContentPolicyUtils.h
View File

@ -151,10 +151,6 @@ inline const char* NS_CP_ContentTypeName(uint32_t contentType) {
#undef CASE_RETURN
inline const char* NS_CP_ContentTypeName(ExtContentPolicyType contentType) {
return NS_CP_ContentTypeName(static_cast<nsContentPolicyType>(contentType));
}
/* Passes on parameters from its "caller"'s context. */
#define CHECK_CONTENT_POLICY(action) \
PR_BEGIN_MACRO \

6
dom/base/nsContentUtils.cpp
View File

@ -8269,10 +8269,10 @@ bool nsContentUtils::IsPreloadType(nsContentPolicyType aType) {
}
/* static */
bool nsContentUtils::IsUpgradableDisplayType(ExtContentPolicyType aType) {
bool nsContentUtils::IsUpgradableDisplayType(nsContentPolicyType aType) {
MOZ_ASSERT(NS_IsMainThread());
return (aType == ExtContentPolicy::TYPE_IMAGE ||
aType == ExtContentPolicy::TYPE_MEDIA);
return (aType == nsIContentPolicy::TYPE_IMAGE ||
aType == nsIContentPolicy::TYPE_MEDIA);
}
// static

39
dom/base/nsContentUtils.h
View File

@ -1355,9 +1355,20 @@ class nsContentUtils {
/**
* Map internal content policy types to external ones.
*/
static inline ExtContentPolicyType InternalContentPolicyTypeToExternal(
static inline nsContentPolicyType InternalContentPolicyTypeToExternal(
nsContentPolicyType aType);
/**
* Map internal content policy types to external ones or preload types:
* * TYPE_INTERNAL_SCRIPT_PRELOAD
* * TYPE_INTERNAL_IMAGE_PRELOAD
* * TYPE_INTERNAL_STYLESHEET_PRELOAD
*
* Note: DO NOT call this function unless you know what you're doing!
*/
static inline nsContentPolicyType
InternalContentPolicyTypeToExternalOrPreload(nsContentPolicyType aType);
/**
* Returns true if the content policy type is any of:
* * TYPE_INTERNAL_SCRIPT_PRELOAD
@ -1372,7 +1383,7 @@ class nsContentUtils {
* * TYPE_IMAGE
* * TYPE_MEDIA
*/
static bool IsUpgradableDisplayType(ExtContentPolicyType aType);
static bool IsUpgradableDisplayType(nsContentPolicyType aType);
/**
* Quick helper to determine whether there are any mutation listeners
@ -3417,7 +3428,7 @@ class nsContentUtils {
static uint32_t sInnerOrOuterWindowSerialCounter;
};
/* static */ inline ExtContentPolicyType
/* static */ inline nsContentPolicyType
nsContentUtils::InternalContentPolicyTypeToExternal(nsContentPolicyType aType) {
switch (aType) {
case nsIContentPolicy::TYPE_INTERNAL_SCRIPT:
@ -3432,46 +3443,46 @@ nsContentUtils::InternalContentPolicyTypeToExternal(nsContentPolicyType aType) {
case nsIContentPolicy::TYPE_INTERNAL_PAINTWORKLET:
case nsIContentPolicy::TYPE_INTERNAL_CHROMEUTILS_COMPILED_SCRIPT:
case nsIContentPolicy::TYPE_INTERNAL_FRAME_MESSAGEMANAGER_SCRIPT:
return ExtContentPolicy::TYPE_SCRIPT;
return nsIContentPolicy::TYPE_SCRIPT;
case nsIContentPolicy::TYPE_INTERNAL_EMBED:
case nsIContentPolicy::TYPE_INTERNAL_OBJECT:
return ExtContentPolicy::TYPE_OBJECT;
return nsIContentPolicy::TYPE_OBJECT;
case nsIContentPolicy::TYPE_INTERNAL_FRAME:
case nsIContentPolicy::TYPE_INTERNAL_IFRAME:
return ExtContentPolicy::TYPE_SUBDOCUMENT;
return nsIContentPolicy::TYPE_SUBDOCUMENT;
case nsIContentPolicy::TYPE_INTERNAL_AUDIO:
case nsIContentPolicy::TYPE_INTERNAL_VIDEO:
case nsIContentPolicy::TYPE_INTERNAL_TRACK:
return ExtContentPolicy::TYPE_MEDIA;
return nsIContentPolicy::TYPE_MEDIA;
case nsIContentPolicy::TYPE_INTERNAL_XMLHTTPREQUEST:
case nsIContentPolicy::TYPE_INTERNAL_EVENTSOURCE:
return ExtContentPolicy::TYPE_XMLHTTPREQUEST;
return nsIContentPolicy::TYPE_XMLHTTPREQUEST;
case nsIContentPolicy::TYPE_INTERNAL_IMAGE:
case nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD:
case nsIContentPolicy::TYPE_INTERNAL_IMAGE_FAVICON:
return ExtContentPolicy::TYPE_IMAGE;
return nsIContentPolicy::TYPE_IMAGE;
case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET:
case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD:
return ExtContentPolicy::TYPE_STYLESHEET;
return nsIContentPolicy::TYPE_STYLESHEET;
case nsIContentPolicy::TYPE_INTERNAL_DTD:
case nsIContentPolicy::TYPE_INTERNAL_FORCE_ALLOWED_DTD:
return ExtContentPolicy::TYPE_DTD;
return nsIContentPolicy::TYPE_DTD;
case nsIContentPolicy::TYPE_INTERNAL_FONT_PRELOAD:
return ExtContentPolicy::TYPE_FONT;
return nsIContentPolicy::TYPE_FONT;
case nsIContentPolicy::TYPE_INTERNAL_FETCH_PRELOAD:
return ExtContentPolicy::TYPE_FETCH;
return nsIContentPolicy::TYPE_FETCH;
default:
return static_cast<ExtContentPolicyType>(aType);
return aType;
}
}

34
dom/base/nsDataDocumentContentPolicy.cpp
View File

@ -50,9 +50,13 @@ nsDataDocumentContentPolicy::ShouldLoad(nsIURI* aContentLocation,
}
});
ExtContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
nsContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
nsCOMPtr<nsISupports> requestingContext = aLoadInfo->GetLoadingContext();
MOZ_ASSERT(contentType == nsContentUtils::InternalContentPolicyTypeToExternal(
contentType),
"We should only see external content policy types here.");
*aDecision = nsIContentPolicy::ACCEPT;
// Look for the document. In most cases, requestingContext is a node.
nsCOMPtr<mozilla::dom::Document> doc;
@ -67,7 +71,7 @@ nsDataDocumentContentPolicy::ShouldLoad(nsIURI* aContentLocation,
}
// DTDs are always OK to load
if (!doc || contentType == ExtContentPolicy::TYPE_DTD) {
if (!doc || contentType == nsIContentPolicy::TYPE_DTD) {
return NS_OK;
}
@ -81,12 +85,12 @@ nsDataDocumentContentPolicy::ShouldLoad(nsIURI* aContentLocation,
// Let static (print/print preview) documents to load fonts and
// images.
switch (contentType) {
case ExtContentPolicy::TYPE_IMAGE:
case ExtContentPolicy::TYPE_IMAGESET:
case ExtContentPolicy::TYPE_FONT:
case nsIContentPolicy::TYPE_IMAGE:
case nsIContentPolicy::TYPE_IMAGESET:
case nsIContentPolicy::TYPE_FONT:
// This one is a bit sketchy, but nsObjectLoadingContent takes care of
// only getting here if it is an image.
case ExtContentPolicy::TYPE_OBJECT:
case nsIContentPolicy::TYPE_OBJECT:
return true;
default:
return false;
@ -130,8 +134,8 @@ nsDataDocumentContentPolicy::ShouldLoad(nsIURI* aContentLocation,
"ExternalDataError", sourceSpec, targetSpec,
requestingPrincipal->OriginAttributesRef().mPrivateBrowsingId > 0);
}
} else if ((contentType == ExtContentPolicy::TYPE_IMAGE ||
contentType == ExtContentPolicy::TYPE_IMAGESET) &&
} else if ((contentType == nsIContentPolicy::TYPE_IMAGE ||
contentType == nsIContentPolicy::TYPE_IMAGESET) &&
doc->GetDocumentURI()) {
// Check for (& disallow) recursive image-loads
bool isRecursiveLoad;
@ -151,13 +155,13 @@ nsDataDocumentContentPolicy::ShouldLoad(nsIURI* aContentLocation,
}
// For resource documents, blacklist some load types
if (contentType == ExtContentPolicy::TYPE_OBJECT ||
contentType == ExtContentPolicy::TYPE_DOCUMENT ||
contentType == ExtContentPolicy::TYPE_SUBDOCUMENT ||
contentType == ExtContentPolicy::TYPE_SCRIPT ||
contentType == ExtContentPolicy::TYPE_XSLT ||
contentType == ExtContentPolicy::TYPE_FETCH ||
contentType == ExtContentPolicy::TYPE_WEB_MANIFEST) {
if (contentType == nsIContentPolicy::TYPE_OBJECT ||
contentType == nsIContentPolicy::TYPE_DOCUMENT ||
contentType == nsIContentPolicy::TYPE_SUBDOCUMENT ||
contentType == nsIContentPolicy::TYPE_SCRIPT ||
contentType == nsIContentPolicy::TYPE_XSLT ||
contentType == nsIContentPolicy::TYPE_FETCH ||
contentType == nsIContentPolicy::TYPE_WEB_MANIFEST) {
*aDecision = nsIContentPolicy::REJECT_TYPE;
}

37
dom/base/nsIContentPolicy.idl
View File

@ -119,7 +119,7 @@ interface nsIContentPolicy : nsISupports
* Indicates an XMLHttpRequest. Also used for document.load and for EventSource.
*/
TYPE_XMLHTTPREQUEST = 11,
TYPE_DATAREQUEST = TYPE_XMLHTTPREQUEST, // alias
TYPE_DATAREQUEST = 11, // alias
/**
* Indicates a request by a plugin.
@ -549,38 +549,3 @@ interface nsIContentPolicy : nsISupports
};
typedef nsIContentPolicy_nsContentPolicyType nsContentPolicyType;
%{C++
enum class ExtContentPolicyType : uint8_t {
/**
* The type of ExtContentPolicy::TYPE_*
*/
TYPE_INVALID = nsIContentPolicy::TYPE_INVALID,
TYPE_OTHER = nsIContentPolicy::TYPE_OTHER,
TYPE_SCRIPT = nsIContentPolicy::TYPE_SCRIPT,
TYPE_IMAGE = nsIContentPolicy::TYPE_IMAGE,
TYPE_STYLESHEET = nsIContentPolicy::TYPE_STYLESHEET,
TYPE_OBJECT = nsIContentPolicy::TYPE_OBJECT,
TYPE_DOCUMENT = nsIContentPolicy::TYPE_DOCUMENT,
TYPE_SUBDOCUMENT = nsIContentPolicy::TYPE_SUBDOCUMENT,
TYPE_REFRESH = nsIContentPolicy::TYPE_REFRESH,
TYPE_PING = nsIContentPolicy::TYPE_PING,
TYPE_XMLHTTPREQUEST = nsIContentPolicy::TYPE_XMLHTTPREQUEST,
TYPE_DATAREQUEST = nsIContentPolicy::TYPE_DATAREQUEST,
TYPE_OBJECT_SUBREQUEST = nsIContentPolicy::TYPE_OBJECT_SUBREQUEST,
TYPE_DTD = nsIContentPolicy::TYPE_DTD,
TYPE_FONT = nsIContentPolicy::TYPE_FONT,
TYPE_MEDIA = nsIContentPolicy::TYPE_MEDIA,
TYPE_WEBSOCKET = nsIContentPolicy::TYPE_WEBSOCKET,
TYPE_CSP_REPORT = nsIContentPolicy::TYPE_CSP_REPORT,
TYPE_XSLT = nsIContentPolicy::TYPE_XSLT,
TYPE_BEACON = nsIContentPolicy::TYPE_BEACON,
TYPE_FETCH = nsIContentPolicy::TYPE_FETCH,
TYPE_IMAGESET = nsIContentPolicy::TYPE_IMAGESET,
TYPE_WEB_MANIFEST = nsIContentPolicy::TYPE_WEB_MANIFEST,
TYPE_SAVEAS_DOWNLOAD = nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD,
TYPE_SPECULATIVE = nsIContentPolicy::TYPE_SPECULATIVE,
};
typedef ExtContentPolicyType ExtContentPolicy;
%}

12
dom/base/nsNoDataProtocolContentPolicy.cpp
View File

@ -24,7 +24,11 @@ nsNoDataProtocolContentPolicy::ShouldLoad(nsIURI* aContentLocation,
nsILoadInfo* aLoadInfo,
const nsACString& aMimeGuess,
int16_t* aDecision) {
ExtContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
nsContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
MOZ_ASSERT(contentType == nsContentUtils::InternalContentPolicyTypeToExternal(
contentType),
"We should only see external content policy types here.");
*aDecision = nsIContentPolicy::ACCEPT;
@ -32,10 +36,8 @@ nsNoDataProtocolContentPolicy::ShouldLoad(nsIURI* aContentLocation,
// plugin, so they don't necessarily open external apps
// TYPE_WEBSOCKET loads can only go to ws:// or wss://, so we don't need to
// concern ourselves with them.
if (contentType != ExtContentPolicy::TYPE_DOCUMENT &&
contentType != ExtContentPolicy::TYPE_SUBDOCUMENT &&
contentType != ExtContentPolicy::TYPE_OBJECT &&
contentType != ExtContentPolicy::TYPE_WEBSOCKET) {
if (contentType != TYPE_DOCUMENT && contentType != TYPE_SUBDOCUMENT &&
contentType != TYPE_OBJECT && contentType != TYPE_WEBSOCKET) {
// The following are just quick-escapes for the most common cases
// where we would allow the content to be loaded anyway.
nsAutoCString scheme;

4
dom/base/nsNodeInfoManager.cpp
View File

@ -388,9 +388,9 @@ bool nsNodeInfoManager::InternalSVGEnabled() {
(SVGEnabled || IsSystemOrAddonOrAboutPrincipal(mPrincipal) ||
(loadInfo &&
(loadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_IMAGE ||
nsIContentPolicy::TYPE_IMAGE ||
loadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_OTHER) &&
nsIContentPolicy::TYPE_OTHER) &&
(IsSystemOrAddonOrAboutPrincipal(loadInfo->GetLoadingPrincipal()) ||
IsSystemOrAddonOrAboutPrincipal(loadInfo->TriggeringPrincipal()))));
mSVGEnabled = Some(conclusion);

2
dom/ipc/WindowGlobalChild.cpp
View File

@ -89,7 +89,7 @@ already_AddRefed<WindowGlobalChild> WindowGlobalChild::Create(
nsILoadInfo::CrossOriginOpenerPolicy policy;
if (httpChan &&
loadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_DOCUMENT &&
nsIContentPolicy::TYPE_DOCUMENT &&
NS_SUCCEEDED(httpChan->GetCrossOriginOpenerPolicy(&policy))) {
MOZ_DIAGNOSTIC_ASSERT(policy ==
aWindow->GetBrowsingContext()->GetOpenerPolicy());

4
dom/media/webspeech/recognition/OnlineSpeechRecognitionService.cpp
View File

@ -320,7 +320,9 @@ void OnlineSpeechRecognitionService::DoSTT() {
nsSecurityFlags secFlags = nsILoadInfo::SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT;
nsLoadFlags loadFlags =
nsIRequest::LOAD_NORMAL | nsIChannel::LOAD_BYPASS_SERVICE_WORKER;
nsContentPolicyType contentPolicy = nsIContentPolicy::TYPE_OTHER;
nsContentPolicyType contentPolicy =
nsContentUtils::InternalContentPolicyTypeToExternal(
nsIContentPolicy::TYPE_OTHER);
nsPIDOMWindowInner* window = mRecognition->GetOwner();
if (NS_WARN_IF(!window)) {

2
dom/performance/PerformanceTiming.cpp
View File

@ -269,7 +269,7 @@ bool PerformanceTimingData::CheckAllowedOrigin(nsIHttpChannel* aResourceChannel,
// TYPE_DOCUMENT loads have no loadingPrincipal.
if (loadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_DOCUMENT) {
nsIContentPolicy::TYPE_DOCUMENT) {
return true;
}

6
dom/security/FramingChecker.cpp
View File

@ -176,12 +176,12 @@ bool FramingChecker::CheckFrameOptions(nsIChannel* aChannel,
}
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
ExtContentPolicyType contentType = loadInfo->GetExternalContentPolicyType();
nsContentPolicyType contentType = loadInfo->GetExternalContentPolicyType();
// xfo check only makes sense for subdocument and object loads, if this is
// not a load of such type, there is nothing to do here.
if (contentType != ExtContentPolicy::TYPE_SUBDOCUMENT &&
contentType != ExtContentPolicy::TYPE_OBJECT) {
if (contentType != nsIContentPolicy::TYPE_SUBDOCUMENT &&
contentType != nsIContentPolicy::TYPE_OBJECT) {
return true;
}

18
dom/security/SecFetch.cpp
View File

@ -238,7 +238,7 @@ void mozilla::dom::SecFetch::AddSecFetchMode(nsIHttpChannel* aHTTPChannel) {
nsCOMPtr<nsILoadInfo> loadInfo = aHTTPChannel->LoadInfo();
uint32_t securityMode = loadInfo->GetSecurityMode();
ExtContentPolicyType externalType = loadInfo->GetExternalContentPolicyType();
nsContentPolicyType externalType = loadInfo->GetExternalContentPolicyType();
if (securityMode ==
nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_INHERITS_SEC_CONTEXT ||
@ -258,12 +258,12 @@ void mozilla::dom::SecFetch::AddSecFetchMode(nsIHttpChannel* aHTTPChannel) {
"unhandled security mode");
}
if (externalType == ExtContentPolicy::TYPE_DOCUMENT ||
externalType == ExtContentPolicy::TYPE_SUBDOCUMENT ||
externalType == ExtContentPolicy::TYPE_REFRESH ||
externalType == ExtContentPolicy::TYPE_OBJECT) {
if (externalType == nsIContentPolicy::TYPE_DOCUMENT ||
externalType == nsIContentPolicy::TYPE_SUBDOCUMENT ||
externalType == nsIContentPolicy::TYPE_REFRESH ||
externalType == nsIContentPolicy::TYPE_OBJECT) {
mode = "navigate"_ns;
} else if (externalType == ExtContentPolicy::TYPE_WEBSOCKET) {
} else if (externalType == nsIContentPolicy::TYPE_WEBSOCKET) {
mode = "websocket"_ns;
}
@ -296,11 +296,11 @@ void mozilla::dom::SecFetch::AddSecFetchSite(nsIHttpChannel* aHTTPChannel) {
void mozilla::dom::SecFetch::AddSecFetchUser(nsIHttpChannel* aHTTPChannel) {
nsCOMPtr<nsILoadInfo> loadInfo = aHTTPChannel->LoadInfo();
ExtContentPolicyType externalType = loadInfo->GetExternalContentPolicyType();
nsContentPolicyType externalType = loadInfo->GetExternalContentPolicyType();
// sec-fetch-user only applies to loads of type document or subdocument
if (externalType != ExtContentPolicy::TYPE_DOCUMENT &&
externalType != ExtContentPolicy::TYPE_SUBDOCUMENT) {
if (externalType != nsIContentPolicy::TYPE_DOCUMENT &&
externalType != nsIContentPolicy::TYPE_SUBDOCUMENT) {
return;
}

18
dom/security/nsCSPService.cpp
View File

@ -36,16 +36,16 @@ NS_IMPL_ISUPPORTS(CSPService, nsIContentPolicy, nsIChannelEventSink)
// Helper function to identify protocols and content types not subject to CSP.
bool subjectToCSP(nsIURI* aURI, nsContentPolicyType aContentType) {
ExtContentPolicyType contentType =
nsContentPolicyType contentType =
nsContentUtils::InternalContentPolicyTypeToExternal(aContentType);
// These content types are not subject to CSP content policy checks:
// TYPE_CSP_REPORT -- csp can't block csp reports
// TYPE_REFRESH -- never passed to ShouldLoad (see nsIContentPolicy.idl)
// TYPE_DOCUMENT -- used for frame-ancestors
if (contentType == ExtContentPolicy::TYPE_CSP_REPORT ||
contentType == ExtContentPolicy::TYPE_REFRESH ||
contentType == ExtContentPolicy::TYPE_DOCUMENT) {
if (contentType == nsIContentPolicy::TYPE_CSP_REPORT ||
contentType == nsIContentPolicy::TYPE_REFRESH ||
contentType == nsIContentPolicy::TYPE_DOCUMENT) {
return false;
}
@ -74,9 +74,9 @@ bool subjectToCSP(nsIURI* aURI, nsContentPolicyType aContentType) {
// (which also use URI_IS_LOCAL_RESOURCE).
// Exception to the rule are images, styles, and localization
// DTDs using a scheme of resource: or chrome:
bool isImgOrStyleOrDTD = contentType == ExtContentPolicy::TYPE_IMAGE ||
contentType == ExtContentPolicy::TYPE_STYLESHEET ||
contentType == ExtContentPolicy::TYPE_DTD;
bool isImgOrStyleOrDTD = contentType == nsIContentPolicy::TYPE_IMAGE ||
contentType == nsIContentPolicy::TYPE_STYLESHEET ||
contentType == nsIContentPolicy::TYPE_DTD;
if (aURI->SchemeIs("resource")) {
nsAutoCString uriSpec;
aURI->GetSpec(uriSpec);
@ -217,10 +217,10 @@ CSPService::ShouldProcess(nsIURI* aContentLocation, nsILoadInfo* aLoadInfo,
// If it is not TYPE_OBJECT, we can return at this point.
// Note that we should still pass the internal contentPolicyType
// (contentType) to ShouldLoad().
ExtContentPolicyType policyType =
uint32_t policyType =
nsContentUtils::InternalContentPolicyTypeToExternal(contentType);
if (policyType != ExtContentPolicy::TYPE_OBJECT) {
if (policyType != nsIContentPolicy::TYPE_OBJECT) {
*aDecision = nsIContentPolicy::ACCEPT;
return NS_OK;
}

88
dom/security/nsContentSecurityManager.cpp
View File

@ -74,7 +74,7 @@ bool nsContentSecurityManager::AllowTopLevelNavigationToDataURI(
}
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
if (loadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_DOCUMENT) {
nsIContentPolicy::TYPE_DOCUMENT) {
return true;
}
if (loadInfo->GetForceAllowDataURI()) {
@ -143,7 +143,7 @@ bool nsContentSecurityManager::AllowInsecureRedirectToDataURI(
nsIChannel* aNewChannel) {
nsCOMPtr<nsILoadInfo> loadInfo = aNewChannel->LoadInfo();
if (loadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_SCRIPT) {
nsIContentPolicy::TYPE_SCRIPT) {
return true;
}
nsCOMPtr<nsIURI> newURI;
@ -191,12 +191,12 @@ nsresult nsContentSecurityManager::CheckFTPSubresourceLoad(
// a top level document.
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
ExtContentPolicyType type = loadInfo->GetExternalContentPolicyType();
nsContentPolicyType type = loadInfo->GetExternalContentPolicyType();
// Allow top-level FTP documents and save-as download of FTP files on
// HTTP pages.
if (type == ExtContentPolicy::TYPE_DOCUMENT ||
type == ExtContentPolicy::TYPE_SAVEAS_DOWNLOAD) {
if (type == nsIContentPolicy::TYPE_DOCUMENT ||
type == nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD) {
return NS_OK;
}
@ -386,7 +386,7 @@ static nsresult DoCORSChecks(nsIChannel* aChannel, nsILoadInfo* aLoadInfo,
static nsresult DoContentSecurityChecks(nsIChannel* aChannel,
nsILoadInfo* aLoadInfo) {
ExtContentPolicyType contentPolicyType =
nsContentPolicyType contentPolicyType =
aLoadInfo->GetExternalContentPolicyType();
nsContentPolicyType internalContentPolicyType =
aLoadInfo->InternalContentPolicyType();
@ -397,52 +397,52 @@ static nsresult DoContentSecurityChecks(nsIChannel* aChannel,
NS_ENSURE_SUCCESS(rv, rv);
switch (contentPolicyType) {
case ExtContentPolicy::TYPE_OTHER: {
case nsIContentPolicy::TYPE_OTHER: {
mimeTypeGuess.Truncate();
break;
}
case ExtContentPolicy::TYPE_SCRIPT: {
case nsIContentPolicy::TYPE_SCRIPT: {
mimeTypeGuess = "application/javascript"_ns;
break;
}
case ExtContentPolicy::TYPE_IMAGE: {
case nsIContentPolicy::TYPE_IMAGE: {
mimeTypeGuess.Truncate();
break;
}
case ExtContentPolicy::TYPE_STYLESHEET: {
case nsIContentPolicy::TYPE_STYLESHEET: {
mimeTypeGuess = "text/css"_ns;
break;
}
case ExtContentPolicy::TYPE_OBJECT: {
case nsIContentPolicy::TYPE_OBJECT: {
mimeTypeGuess.Truncate();
break;
}
case ExtContentPolicy::TYPE_DOCUMENT: {
case nsIContentPolicy::TYPE_DOCUMENT: {
mimeTypeGuess.Truncate();
break;
}
case ExtContentPolicy::TYPE_SUBDOCUMENT: {
case nsIContentPolicy::TYPE_SUBDOCUMENT: {
mimeTypeGuess = "text/html"_ns;
break;
}
case ExtContentPolicy::TYPE_REFRESH: {
case nsIContentPolicy::TYPE_REFRESH: {
MOZ_ASSERT(false, "contentPolicyType not supported yet");
break;
}
case ExtContentPolicy::TYPE_PING: {
case nsIContentPolicy::TYPE_PING: {
mimeTypeGuess.Truncate();
break;
}
case ExtContentPolicy::TYPE_XMLHTTPREQUEST: {
case nsIContentPolicy::TYPE_XMLHTTPREQUEST: {
// alias nsIContentPolicy::TYPE_DATAREQUEST:
#ifdef DEBUG
{
@ -466,7 +466,7 @@ static nsresult DoContentSecurityChecks(nsIChannel* aChannel,
break;
}
case ExtContentPolicy::TYPE_OBJECT_SUBREQUEST: {
case nsIContentPolicy::TYPE_OBJECT_SUBREQUEST: {
mimeTypeGuess.Truncate();
#ifdef DEBUG
{
@ -479,7 +479,7 @@ static nsresult DoContentSecurityChecks(nsIChannel* aChannel,
break;
}
case ExtContentPolicy::TYPE_DTD: {
case nsIContentPolicy::TYPE_DTD: {
mimeTypeGuess.Truncate();
#ifdef DEBUG
{
@ -491,12 +491,12 @@ static nsresult DoContentSecurityChecks(nsIChannel* aChannel,
break;
}
case ExtContentPolicy::TYPE_FONT: {
case nsIContentPolicy::TYPE_FONT: {
mimeTypeGuess.Truncate();
break;
}
case ExtContentPolicy::TYPE_MEDIA: {
case nsIContentPolicy::TYPE_MEDIA: {
if (internalContentPolicyType == nsIContentPolicy::TYPE_INTERNAL_TRACK) {
mimeTypeGuess = "text/vtt"_ns;
} else {
@ -512,7 +512,7 @@ static nsresult DoContentSecurityChecks(nsIChannel* aChannel,
break;
}
case ExtContentPolicy::TYPE_WEBSOCKET: {
case nsIContentPolicy::TYPE_WEBSOCKET: {
// Websockets have to use the proxied URI:
// ws:// instead of http:// for CSP checks
nsCOMPtr<nsIHttpChannelInternal> httpChannelInternal =
@ -526,12 +526,12 @@ static nsresult DoContentSecurityChecks(nsIChannel* aChannel,
break;
}
case ExtContentPolicy::TYPE_CSP_REPORT: {
case nsIContentPolicy::TYPE_CSP_REPORT: {
mimeTypeGuess.Truncate();
break;
}
case ExtContentPolicy::TYPE_XSLT: {
case nsIContentPolicy::TYPE_XSLT: {
mimeTypeGuess = "application/xml"_ns;
#ifdef DEBUG
{
@ -543,7 +543,7 @@ static nsresult DoContentSecurityChecks(nsIChannel* aChannel,
break;
}
case ExtContentPolicy::TYPE_BEACON: {
case nsIContentPolicy::TYPE_BEACON: {
mimeTypeGuess.Truncate();
#ifdef DEBUG
{
@ -555,33 +555,33 @@ static nsresult DoContentSecurityChecks(nsIChannel* aChannel,
break;
}
case ExtContentPolicy::TYPE_FETCH: {
case nsIContentPolicy::TYPE_FETCH: {
mimeTypeGuess.Truncate();
break;
}
case ExtContentPolicy::TYPE_IMAGESET: {
case nsIContentPolicy::TYPE_IMAGESET: {
mimeTypeGuess.Truncate();
break;
}
case ExtContentPolicy::TYPE_WEB_MANIFEST: {
case nsIContentPolicy::TYPE_WEB_MANIFEST: {
mimeTypeGuess = "application/manifest+json"_ns;
break;
}
case ExtContentPolicy::TYPE_SAVEAS_DOWNLOAD: {
case nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD: {
mimeTypeGuess.Truncate();
break;
}
case ExtContentPolicy::TYPE_SPECULATIVE: {
case nsIContentPolicy::TYPE_SPECULATIVE: {
mimeTypeGuess.Truncate();
break;
}
default:
// ExtContentPolicy::TYPE_INVALID
// nsIContentPolicy::TYPE_INVALID
MOZ_ASSERT(false,
"can not perform security check without a valid contentType");
}
@ -595,8 +595,8 @@ static nsresult DoContentSecurityChecks(nsIChannel* aChannel,
aLoadInfo, nsILoadInfo::BLOCKING_REASON_CONTENT_POLICY_GENERAL);
if (NS_SUCCEEDED(rv) &&
(contentPolicyType == ExtContentPolicy::TYPE_DOCUMENT ||
contentPolicyType == ExtContentPolicy::TYPE_SUBDOCUMENT)) {
(contentPolicyType == nsIContentPolicy::TYPE_DOCUMENT ||
contentPolicyType == nsIContentPolicy::TYPE_SUBDOCUMENT)) {
if (shouldLoad == nsIContentPolicy::REJECT_TYPE) {
// for docshell loads we might have to return SHOW_ALT.
return NS_ERROR_CONTENT_BLOCKED_SHOW_ALT;
@ -792,7 +792,7 @@ static void DebugDoContentSecurityCheck(nsIChannel* aChannel,
/* static */
void nsContentSecurityManager::MeasureUnexpectedPrivilegedLoads(
nsIURI* aFinalURI, ExtContentPolicyType aContentPolicyType,
nsIURI* aFinalURI, nsContentPolicyType aContentPolicyType,
const nsACString& aRemoteType) {
if (!StaticPrefs::dom_security_unexpected_system_load_telemetry_enabled()) {
return;
@ -864,17 +864,17 @@ nsresult nsContentSecurityManager::CheckAllowLoadInSystemPrivilegedContext(
return NS_OK;
}
ExtContentPolicyType contentPolicyType =
nsContentPolicyType contentPolicyType =
loadInfo->GetExternalContentPolicyType();
// allowing some fetches due to their lowered risk
// i.e., data & downloads fetches do limited parsing, no rendering
// remote images are too widely used (favicons, about:addons etc.)
if ((contentPolicyType == ExtContentPolicy::TYPE_FETCH) ||
(contentPolicyType == ExtContentPolicy::TYPE_XMLHTTPREQUEST) ||
(contentPolicyType == ExtContentPolicy::TYPE_WEBSOCKET) ||
(contentPolicyType == ExtContentPolicy::TYPE_SAVEAS_DOWNLOAD) ||
(contentPolicyType == ExtContentPolicy::TYPE_IMAGE)) {
if ((contentPolicyType == nsIContentPolicy::TYPE_FETCH) ||
(contentPolicyType == nsIContentPolicy::TYPE_XMLHTTPREQUEST) ||
(contentPolicyType == nsIContentPolicy::TYPE_WEBSOCKET) ||
(contentPolicyType == nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD) ||
(contentPolicyType == nsIContentPolicy::TYPE_IMAGE)) {
return NS_OK;
}
@ -923,8 +923,8 @@ nsresult nsContentSecurityManager::CheckAllowLoadInSystemPrivilegedContext(
}
// loads of userContent.css during startup and tests that show up as file:
if (finalURI->SchemeIs("file")) {
if ((contentPolicyType == ExtContentPolicy::TYPE_STYLESHEET) ||
(contentPolicyType == ExtContentPolicy::TYPE_OTHER)) {
if ((contentPolicyType == nsIContentPolicy::TYPE_STYLESHEET) ||
(contentPolicyType == nsIContentPolicy::TYPE_OTHER)) {
return NS_OK;
}
}
@ -1166,7 +1166,7 @@ nsresult nsContentSecurityManager::CheckChannel(nsIChannel* aChannel) {
if (cookiePolicy == nsILoadInfo::SEC_COOKIES_SAME_ORIGIN) {
// We shouldn't have the SEC_COOKIES_SAME_ORIGIN flag for top level loads
MOZ_ASSERT(loadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_DOCUMENT);
nsIContentPolicy::TYPE_DOCUMENT);
nsIPrincipal* loadingPrincipal = loadInfo->GetLoadingPrincipal();
// It doesn't matter what we pass for the second, data-inherits, argument.
@ -1192,9 +1192,9 @@ nsresult nsContentSecurityManager::CheckChannel(nsIChannel* aChannel) {
// Allow subresource loads if TriggeringPrincipal is the SystemPrincipal.
if (loadInfo->TriggeringPrincipal()->IsSystemPrincipal() &&
loadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_DOCUMENT &&
nsIContentPolicy::TYPE_DOCUMENT &&
loadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_SUBDOCUMENT) {
nsIContentPolicy::TYPE_SUBDOCUMENT) {
return NS_OK;
}

2
dom/security/nsContentSecurityManager.h
View File

@ -38,7 +38,7 @@ class nsContentSecurityManager : public nsIContentSecurityManager,
static bool AllowTopLevelNavigationToDataURI(nsIChannel* aChannel);
static bool AllowInsecureRedirectToDataURI(nsIChannel* aNewChannel);
static void MeasureUnexpectedPrivilegedLoads(
nsIURI* aFinalURI, ExtContentPolicyType aContentPolicyType,
nsIURI* aFinalURI, nsContentPolicyType aContentPolicyType,
const nsACString& aRemoteType);
private:

6
dom/security/nsContentSecurityUtils.cpp
View File

@ -696,11 +696,11 @@ nsresult ParseCSPAndEnforceFrameAncestorCheck(
}
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
ExtContentPolicyType contentType = loadInfo->GetExternalContentPolicyType();
nsContentPolicyType contentType = loadInfo->GetExternalContentPolicyType();
// frame-ancestor check only makes sense for subdocument and object loads,
// if this is not a load of such type, there is nothing to do here.
if (contentType != ExtContentPolicy::TYPE_SUBDOCUMENT &&
contentType != ExtContentPolicy::TYPE_OBJECT) {
if (contentType != nsIContentPolicy::TYPE_SUBDOCUMENT &&
contentType != nsIContentPolicy::TYPE_OBJECT) {
return NS_OK;
}

40
dom/security/nsHTTPSOnlyStreamListener.cpp
View File

@ -140,10 +140,10 @@ void nsHTTPSOnlyStreamListener::RecordUpgradeTelemetry(nsIRequest* request,
mozilla::Telemetry::HTTPS_ONLY_MODE_UPGRADE_TIME_MS, category, duration);
bool success = NS_SUCCEEDED(aStatus);
ExtContentPolicyType externalType = loadInfo->GetExternalContentPolicyType();
nsContentPolicyType externalType = loadInfo->GetExternalContentPolicyType();
auto typeKey = nsAutoCString("unknown");
if (externalType == ExtContentPolicy::TYPE_MEDIA) {
if (externalType == nsIContentPolicy::TYPE_MEDIA) {
switch (internalType) {
case nsIContentPolicy::TYPE_INTERNAL_AUDIO:
case nsIContentPolicy::TYPE_INTERNAL_TRACK:
@ -160,69 +160,69 @@ void nsHTTPSOnlyStreamListener::RecordUpgradeTelemetry(nsIRequest* request,
}
} else {
switch (externalType) {
case ExtContentPolicy::TYPE_SCRIPT:
case nsIContentPolicy::TYPE_SCRIPT:
typeKey = "script"_ns;
break;
case ExtContentPolicy::TYPE_OBJECT:
case ExtContentPolicy::TYPE_OBJECT_SUBREQUEST:
case nsIContentPolicy::TYPE_OBJECT:
case nsIContentPolicy::TYPE_OBJECT_SUBREQUEST:
typeKey = "object"_ns;
break;
case ExtContentPolicy::TYPE_DOCUMENT:
case nsIContentPolicy::TYPE_DOCUMENT:
typeKey = "document"_ns;
break;
case ExtContentPolicy::TYPE_SUBDOCUMENT:
case nsIContentPolicy::TYPE_SUBDOCUMENT:
typeKey = "subdocument"_ns;
break;
case ExtContentPolicy::TYPE_XMLHTTPREQUEST:
case nsIContentPolicy::TYPE_XMLHTTPREQUEST:
typeKey = "xmlhttprequest"_ns;
break;
case ExtContentPolicy::TYPE_IMAGE:
case ExtContentPolicy::TYPE_IMAGESET:
case nsIContentPolicy::TYPE_IMAGE:
case nsIContentPolicy::TYPE_IMAGESET:
typeKey = "image"_ns;
break;
case ExtContentPolicy::TYPE_DTD:
case nsIContentPolicy::TYPE_DTD:
typeKey = "dtd"_ns;
break;
case ExtContentPolicy::TYPE_FONT:
case nsIContentPolicy::TYPE_FONT:
typeKey = "font"_ns;
break;
case ExtContentPolicy::TYPE_FETCH:
case nsIContentPolicy::TYPE_FETCH:
typeKey = "fetch"_ns;
break;
case ExtContentPolicy::TYPE_WEBSOCKET:
case nsIContentPolicy::TYPE_WEBSOCKET:
typeKey = "websocket"_ns;
break;
case ExtContentPolicy::TYPE_STYLESHEET:
case nsIContentPolicy::TYPE_STYLESHEET:
typeKey = "stylesheet"_ns;
break;
case ExtContentPolicy::TYPE_CSP_REPORT:
case nsIContentPolicy::TYPE_CSP_REPORT:
typeKey = "cspreport"_ns;
break;
case ExtContentPolicy::TYPE_WEB_MANIFEST:
case nsIContentPolicy::TYPE_WEB_MANIFEST:
typeKey = "webmanifest"_ns;
break;
case ExtContentPolicy::TYPE_PING:
case nsIContentPolicy::TYPE_PING:
typeKey = "ping"_ns;
break;
case ExtContentPolicy::TYPE_REFRESH:
case nsIContentPolicy::TYPE_REFRESH:
typeKey = "refresh"_ns;
break;
case ExtContentPolicy::TYPE_XSLT:
case nsIContentPolicy::TYPE_XSLT:
typeKey = "xslt"_ns;
break;

8
dom/security/nsHTTPSOnlyUtils.cpp
View File

@ -66,7 +66,7 @@ void nsHTTPSOnlyUtils::PotentiallyFireHttpRequestToShortenTimout(
// if we are not dealing with a top-level load, then there is nothing to do
// here.
if (loadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_DOCUMENT) {
nsIContentPolicy::TYPE_DOCUMENT) {
return;
}
@ -133,7 +133,7 @@ bool nsHTTPSOnlyUtils::ShouldUpgradeRequest(nsIURI* aURI,
// All subresources of an exempt triggering principal are also exempt
if (aLoadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_DOCUMENT) {
nsIContentPolicy::TYPE_DOCUMENT) {
if (!aLoadInfo->TriggeringPrincipal()->IsSystemPrincipal() &&
TestIfPrincipalIsExempt(aLoadInfo->TriggeringPrincipal())) {
return false;
@ -270,8 +270,8 @@ void nsHTTPSOnlyUtils::TestSitePermissionAndPotentiallyAddExemption(
}
// if it's not a top-level load then there is nothing to here.
ExtContentPolicyType type = loadInfo->GetExternalContentPolicyType();
if (type != ExtContentPolicy::TYPE_DOCUMENT) {
nsContentPolicyType type = loadInfo->GetExternalContentPolicyType();
if (type != nsIContentPolicy::TYPE_DOCUMENT) {
return;
}

73
dom/security/nsMixedContentBlocker.cpp
View File

@ -395,15 +395,14 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
(" - contentLocation: %s", asciiUrl.get()));
}
nsContentPolicyType internalContentType =
aLoadInfo->InternalContentPolicyType();
nsContentPolicyType contentType = aLoadInfo->InternalContentPolicyType();
nsCOMPtr<nsIPrincipal> loadingPrincipal = aLoadInfo->GetLoadingPrincipal();
nsCOMPtr<nsIPrincipal> triggeringPrincipal = aLoadInfo->TriggeringPrincipal();
if (MOZ_UNLIKELY(MOZ_LOG_TEST(sMCBLog, LogLevel::Verbose))) {
MOZ_LOG(sMCBLog, LogLevel::Verbose,
(" - internalContentPolicyType: %s",
NS_CP_ContentTypeName(internalContentType)));
NS_CP_ContentTypeName(contentType)));
if (loadingPrincipal != nullptr) {
nsAutoCString loadingPrincipalAsciiUrl;
@ -423,17 +422,17 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
RefPtr<WindowContext> requestingWindow =
WindowContext::GetById(aLoadInfo->GetInnerWindowID());
bool isPreload = nsContentUtils::IsPreloadType(internalContentType);
bool isPreload = nsContentUtils::IsPreloadType(contentType);
// The content policy type that we receive may be an internal type for
// scripts. Let's remember if we have seen a worker type, and reset it to the
// external type in all cases right now.
bool isWorkerType =
internalContentType == nsIContentPolicy::TYPE_INTERNAL_WORKER ||
internalContentType == nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER ||
internalContentType == nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER;
ExtContentPolicyType contentType =
nsContentUtils::InternalContentPolicyTypeToExternal(internalContentType);
contentType == nsIContentPolicy::TYPE_INTERNAL_WORKER ||
contentType == nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER ||
contentType == nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER;
contentType =
nsContentUtils::InternalContentPolicyTypeToExternal(contentType);
// Assume active (high risk) content and blocked by default
MixedContentTypes classification = eMixedScript;
@ -500,13 +499,13 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
switch (contentType) {
// The top-level document cannot be mixed content by definition
case ExtContentPolicy::TYPE_DOCUMENT:
case TYPE_DOCUMENT:
*aDecision = ACCEPT;
return NS_OK;
// Creating insecure websocket connections in a secure page is blocked
// already in the websocket constructor. We don't need to check the blocking
// here and we don't want to un-block
case ExtContentPolicy::TYPE_WEBSOCKET:
case TYPE_WEBSOCKET:
*aDecision = ACCEPT;
return NS_OK;
@ -518,18 +517,18 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
// acceptable. This download is completely disconnected from the docShell,
// but still using the same loading principal.
case ExtContentPolicy::TYPE_SAVEAS_DOWNLOAD:
case TYPE_SAVEAS_DOWNLOAD:
*aDecision = ACCEPT;
return NS_OK;
break;
// Static display content is considered moderate risk for mixed content so
// these will be blocked according to the mixed display preference
case ExtContentPolicy::TYPE_IMAGE:
case ExtContentPolicy::TYPE_MEDIA:
case TYPE_IMAGE:
case TYPE_MEDIA:
classification = eMixedDisplay;
break;
case ExtContentPolicy::TYPE_OBJECT_SUBREQUEST:
case TYPE_OBJECT_SUBREQUEST:
if (StaticPrefs::security_mixed_content_block_object_subrequest()) {
classification = eMixedScript;
} else {
@ -540,22 +539,22 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
// Active content (or content with a low value/risk-of-blocking ratio)
// that has been explicitly evaluated; listed here for documentation
// purposes and to avoid the assertion and warning for the default case.
case ExtContentPolicy::TYPE_BEACON:
case ExtContentPolicy::TYPE_CSP_REPORT:
case ExtContentPolicy::TYPE_DTD:
case ExtContentPolicy::TYPE_FETCH:
case ExtContentPolicy::TYPE_FONT:
case ExtContentPolicy::TYPE_IMAGESET:
case ExtContentPolicy::TYPE_OBJECT:
case ExtContentPolicy::TYPE_SCRIPT:
case ExtContentPolicy::TYPE_STYLESHEET:
case ExtContentPolicy::TYPE_SUBDOCUMENT:
case ExtContentPolicy::TYPE_PING:
case ExtContentPolicy::TYPE_WEB_MANIFEST:
case ExtContentPolicy::TYPE_XMLHTTPREQUEST:
case ExtContentPolicy::TYPE_XSLT:
case ExtContentPolicy::TYPE_OTHER:
case ExtContentPolicy::TYPE_SPECULATIVE:
case TYPE_BEACON:
case TYPE_CSP_REPORT:
case TYPE_DTD:
case TYPE_FETCH:
case TYPE_FONT:
case TYPE_IMAGESET:
case TYPE_OBJECT:
case TYPE_SCRIPT:
case TYPE_STYLESHEET:
case TYPE_SUBDOCUMENT:
case TYPE_PING:
case TYPE_WEB_MANIFEST:
case TYPE_XMLHTTPREQUEST:
case TYPE_XSLT:
case TYPE_OTHER:
case TYPE_SPECULATIVE:
break;
// This content policy works as a allowlist.
@ -711,8 +710,7 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
// Carve-out: if we're in the parent and we're loading media, e.g. through
// webbrowserpersist, don't reject it if we can't find a docshell.
if (XRE_IsParentProcess() && !requestingWindow &&
(contentType == ExtContentPolicy::TYPE_IMAGE ||
contentType == ExtContentPolicy::TYPE_MEDIA)) {
(contentType == TYPE_IMAGE || contentType == TYPE_MEDIA)) {
*aDecision = ACCEPT;
return NS_OK;
}
@ -777,8 +775,7 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
// When navigating an iframe, the iframe may be https
// but its parents may not be. Check the parents to see if any of them are
// https. If none of the parents are https, allow the load.
if (contentType == ExtContentPolicyType::TYPE_SUBDOCUMENT &&
!rootHasSecureConnection) {
if (contentType == TYPE_SUBDOCUMENT && !rootHasSecureConnection) {
bool httpsParentExists = false;
RefPtr<WindowContext> curWindow = requestingWindow;
@ -829,8 +826,7 @@ nsresult nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
}
// set hasMixedContentObjectSubrequest on this object if necessary
if (contentType == ExtContentPolicyType::TYPE_OBJECT_SUBREQUEST &&
aReportError) {
if (contentType == TYPE_OBJECT_SUBREQUEST && aReportError) {
if (!StaticPrefs::security_mixed_content_block_object_subrequest()) {
nsAutoCString messageLookUpKey(
"LoadingMixedDisplayObjectSubrequestDeprecation");
@ -955,8 +951,7 @@ nsMixedContentBlocker::ShouldProcess(nsIURI* aContentLocation,
if (!aContentLocation) {
// aContentLocation may be null when a plugin is loading without an
// associated URI resource
if (aLoadInfo->GetExternalContentPolicyType() ==
ExtContentPolicyType::TYPE_OBJECT) {
if (aLoadInfo->GetExternalContentPolicyType() == TYPE_OBJECT) {
*aDecision = ACCEPT;
return NS_OK;
}

18
dom/security/test/gtest/TestUnexpectedPrivilegedLoads.cpp
View File

@ -33,7 +33,7 @@ TEST_F(TelemetryTestFixture, UnexpectedPrivilegedLoadsTelemetryTest) {
struct testCasesAndResults {
nsCString urlstring;
ExtContentPolicyType contentType;
nsContentPolicyType contentType;
nsCString remoteType;
testResults expected;
};
@ -54,36 +54,36 @@ TEST_F(TelemetryTestFixture, UnexpectedPrivilegedLoadsTelemetryTest) {
// no need to replicate all scenarios?!
testCasesAndResults myTestCases[] = {
{"chrome://firegestures/content/browser.js"_ns,
ExtContentPolicy::TYPE_SCRIPT,
nsIContentPolicy::TYPE_SCRIPT,
"web"_ns,
{"chromeuri"_ns, "TYPE_SCRIPT"_ns, "web"_ns,
"chrome://firegestures/content/browser.js"_ns}},
{"resource://firegestures/content/browser.js"_ns,
ExtContentPolicy::TYPE_SCRIPT,
nsIContentPolicy::TYPE_SCRIPT,
"web"_ns,
{"resourceuri"_ns, "TYPE_SCRIPT"_ns, "web"_ns,
"resource://firegestures/content/browser.js"_ns}},
{// test that we don't report blob details
// ..and test that we strip of URLs from remoteTypes
"blob://000-000"_ns,
ExtContentPolicy::TYPE_SCRIPT,
nsIContentPolicy::TYPE_SCRIPT,
"webIsolated=https://blob.example/"_ns,
{"bloburi"_ns, "TYPE_SCRIPT"_ns, "webIsolated"_ns, "unknown"_ns}},
{// test for cases where finalURI is null, due to a broken nested URI
// .. like malformed moz-icon URLs
"moz-icon:blahblah"_ns,
ExtContentPolicy::TYPE_IMAGE,
nsIContentPolicy::TYPE_IMAGE,
"web"_ns,
{"other"_ns, "TYPE_IMAGE"_ns, "web"_ns, "unknown"_ns}},
{// we dont report data urls
// ..and test that we strip of URLs from remoteTypes
"data://blahblahblah"_ns,
ExtContentPolicy::TYPE_DOCUMENT,
nsIContentPolicy::TYPE_DOCUMENT,
"webCOOP+COEP=https://data.example"_ns,
{"dataurl"_ns, "TYPE_DOCUMENT"_ns, "webCOOP+COEP"_ns, "unknown"_ns}},
{// we only report file URLs on windows, where we can easily sanitize
"file://c/users/tom/file.txt"_ns,
ExtContentPolicy::TYPE_SCRIPT,
nsIContentPolicy::TYPE_SCRIPT,
"web"_ns,
{
#if defined(XP_WIN)
@ -96,13 +96,13 @@ TEST_F(TelemetryTestFixture, UnexpectedPrivilegedLoadsTelemetryTest) {
}},
{// test for cases where finalURI is empty
""_ns,
ExtContentPolicy::TYPE_IMAGE,
nsIContentPolicy::TYPE_IMAGE,
"web"_ns,
{"other"_ns, "TYPE_IMAGE"_ns, "web"_ns, "unknown"_ns}},
{// test for cases where finalURI is null, due to the struct layout, we'll
// override the URL with nullptr in loop below.
"URLWillResultInNullPtr"_ns,
ExtContentPolicy::TYPE_FONT,
nsIContentPolicy::TYPE_FONT,
"web"_ns,
{"other"_ns, "TYPE_FONT"_ns, "web"_ns, "unknown"_ns}},
};

16
image/ImageBlocker.cpp
View File

@ -16,7 +16,10 @@ NS_IMPL_ISUPPORTS(ImageBlocker, nsIContentPolicy)
NS_IMETHODIMP
ImageBlocker::ShouldLoad(nsIURI* aContentLocation, nsILoadInfo* aLoadInfo,
const nsACString& aMimeGuess, int16_t* aShouldLoad) {
ExtContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
nsContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
MOZ_ASSERT(contentType == nsContentUtils::InternalContentPolicyTypeToExternal(
contentType),
"We should only see external content policy types here.");
*aShouldLoad = nsIContentPolicy::ACCEPT;
@ -31,8 +34,8 @@ ImageBlocker::ShouldLoad(nsIURI* aContentLocation, nsILoadInfo* aLoadInfo,
}
// Block loading images depending on the permissions.default.image pref.
if ((contentType == ExtContentPolicy::TYPE_IMAGE ||
contentType == ExtContentPolicy::TYPE_IMAGESET) &&
if ((contentType == nsIContentPolicy::TYPE_IMAGE ||
contentType == nsIContentPolicy::TYPE_IMAGESET) &&
StaticPrefs::permissions_default_image() ==
nsIPermissionManager::DENY_ACTION) {
NS_SetRequestBlockingReason(
@ -47,6 +50,13 @@ NS_IMETHODIMP
ImageBlocker::ShouldProcess(nsIURI* aContentLocation, nsILoadInfo* aLoadInfo,
const nsACString& aMimeGuess,
int16_t* aShouldProcess) {
#ifdef DEBUG
nsContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
MOZ_ASSERT(contentType == nsContentUtils::InternalContentPolicyTypeToExternal(
contentType),
"We should only see external content policy types here.");
#endif
// We block images at load level already, so those should not end up here.
*aShouldProcess = nsIContentPolicy::ACCEPT;
return NS_OK;

2
ipc/glue/BackgroundUtils.cpp
View File

@ -697,7 +697,7 @@ nsresult LoadInfoArgsToLoadInfo(
if (XRE_IsParentProcess() &&
(nsContentUtils::InternalContentPolicyTypeToExternal(
loadInfoArgs.contentPolicyType()) !=
ExtContentPolicy::TYPE_DOCUMENT)) {
nsIContentPolicy::TYPE_DOCUMENT)) {
// Only fill out ancestor principals and browsing context IDs when we
// are deserializing LoadInfoArgs to be LoadInfo for a subresource
RefPtr<BrowsingContext> parentBC =

8
modules/libjar/nsJARChannel.cpp
View File

@ -1009,15 +1009,15 @@ nsJARChannel::OnStartRequest(nsIRequest* req) {
GetContentType(contentType);
auto contentPolicyType = mLoadInfo->GetExternalContentPolicyType();
if (contentType.Equals(APPLICATION_HTTP_INDEX_FORMAT) &&
contentPolicyType != ExtContentPolicy::TYPE_DOCUMENT &&
contentPolicyType != ExtContentPolicy::TYPE_FETCH) {
contentPolicyType != nsIContentPolicy::TYPE_DOCUMENT &&
contentPolicyType != nsIContentPolicy::TYPE_FETCH) {
return NS_ERROR_CORRUPTED_CONTENT;
}
if (contentPolicyType == ExtContentPolicy::TYPE_STYLESHEET &&
if (contentPolicyType == nsIContentPolicy::TYPE_STYLESHEET &&
!contentType.EqualsLiteral(TEXT_CSS)) {
return NS_ERROR_CORRUPTED_CONTENT;
}
if (contentPolicyType == ExtContentPolicy::TYPE_SCRIPT &&
if (contentPolicyType == nsIContentPolicy::TYPE_SCRIPT &&
!nsContentUtils::IsJavascriptMIMEType(
NS_ConvertUTF8toUTF16(contentType))) {
return NS_ERROR_CORRUPTED_CONTENT;

21
netwerk/base/LoadInfo.cpp
View File

@ -146,7 +146,7 @@ LoadInfo::LoadInfo(
mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
}
ExtContentPolicyType externalType =
nsContentPolicyType externalType =
nsContentUtils::InternalContentPolicyTypeToExternal(aContentPolicyType);
if (aLoadingContext) {
@ -186,7 +186,7 @@ LoadInfo::LoadInfo(
// sub-iframes). If we are loading a sub-document resource, we must
// calculate what the top-level-storage-area-principal will be for the
// new context.
if (externalType != ExtContentPolicy::TYPE_SUBDOCUMENT) {
if (externalType != nsIContentPolicy::TYPE_SUBDOCUMENT) {
mTopLevelStorageAreaPrincipal =
innerWindow->GetTopLevelStorageAreaPrincipal();
} else if (bc->IsTop()) {
@ -718,10 +718,10 @@ void LoadInfo::ComputeAncestors(
}
}
void LoadInfo::ComputeIsThirdPartyContext(nsPIDOMWindowOuter* aOuterWindow) {
ExtContentPolicyType type =
nsContentPolicyType type =
nsContentUtils::InternalContentPolicyTypeToExternal(
mInternalContentPolicyType);
if (type == ExtContentPolicy::TYPE_DOCUMENT) {
if (type == nsIContentPolicy::TYPE_DOCUMENT) {
// Top-level loads are never third-party.
mIsThirdPartyContext = false;
return;
@ -737,7 +737,7 @@ void LoadInfo::ComputeIsThirdPartyContext(nsPIDOMWindowOuter* aOuterWindow) {
void LoadInfo::ComputeIsThirdPartyContext(dom::WindowGlobalParent* aGlobal) {
if (nsILoadInfo::GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_DOCUMENT) {
nsIContentPolicy::TYPE_DOCUMENT) {
// Top-level loads are never third-party.
mIsThirdPartyContext = false;
return;
@ -1099,11 +1099,8 @@ LoadInfo::SetSendCSPViolationEvents(bool aValue) {
NS_IMETHODIMP
LoadInfo::GetExternalContentPolicyType(nsContentPolicyType* aResult) {
// We have to use nsContentPolicyType because ExtContentPolicyType is not
// visible from xpidl.
*aResult = static_cast<nsContentPolicyType>(
nsContentUtils::InternalContentPolicyTypeToExternal(
mInternalContentPolicyType));
*aResult = nsContentUtils::InternalContentPolicyTypeToExternal(
mInternalContentPolicyType);
return NS_OK;
}
@ -1233,7 +1230,7 @@ LoadInfo::GetFrameBrowsingContextID(uint64_t* aResult) {
NS_IMETHODIMP
LoadInfo::GetTargetBrowsingContextID(uint64_t* aResult) {
return (nsILoadInfo::GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_SUBDOCUMENT)
nsIContentPolicy::TYPE_SUBDOCUMENT)
? GetFrameBrowsingContextID(aResult)
: GetBrowsingContextID(aResult);
}
@ -1752,7 +1749,7 @@ PerformanceStorage* LoadInfo::GetPerformanceStorage() {
}
if (nsILoadInfo::GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_SUBDOCUMENT &&
nsIContentPolicy::TYPE_SUBDOCUMENT &&
!GetIsFromProcessingFrameAttributes()) {
// We only report loads caused by processing the attributes of the
// browsing context container.

7
netwerk/base/TRRLoadInfo.cpp
View File

@ -214,11 +214,8 @@ TRRLoadInfo::SetSendCSPViolationEvents(bool aValue) {
NS_IMETHODIMP
TRRLoadInfo::GetExternalContentPolicyType(nsContentPolicyType* aResult) {
// We have to use nsContentPolicyType because ExtContentPolicyType is not
// visible from xpidl.
*aResult = static_cast<nsContentPolicyType>(
nsContentUtils::InternalContentPolicyTypeToExternal(
mInternalContentPolicyType));
*aResult = nsContentUtils::InternalContentPolicyTypeToExternal(
mInternalContentPolicyType);
return NS_OK;
}

4
netwerk/base/nsILoadInfo.idl
View File

@ -636,12 +636,12 @@ interface nsILoadInfo : nsISupports
[infallible] attribute boolean sendCSPViolationEvents;
%{ C++
inline ExtContentPolicyType GetExternalContentPolicyType()
inline nsContentPolicyType GetExternalContentPolicyType()
{
nsContentPolicyType result;
mozilla::DebugOnly<nsresult> rv = GetExternalContentPolicyType(&result);
MOZ_ASSERT(NS_SUCCEEDED(rv));
return static_cast<ExtContentPolicyType>(result);
return result;
}
%}

4
netwerk/base/nsNetUtil.cpp
View File

@ -3183,11 +3183,11 @@ bool NS_ShouldClassifyChannel(nsIChannel* aChannel) {
}
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
ExtContentPolicyType type = loadInfo->GetExternalContentPolicyType();
nsContentPolicyType type = loadInfo->GetExternalContentPolicyType();
// Skip classifying channel triggered by system unless it is a top-level
// load.
if (loadInfo->TriggeringPrincipal()->IsSystemPrincipal() &&
ExtContentPolicy::TYPE_DOCUMENT != type) {
nsIContentPolicy::TYPE_DOCUMENT != type) {
return false;
}

10
netwerk/cookie/CookieCommons.cpp
View File

@ -474,9 +474,9 @@ bool CookieCommons::IsSafeTopLevelNav(nsIChannel* aChannel) {
}
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
if (loadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_DOCUMENT &&
nsIContentPolicy::TYPE_DOCUMENT &&
loadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_SAVEAS_DOWNLOAD) {
nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD) {
return false;
}
return NS_IsSafeMethodNav(aChannel);
@ -500,9 +500,9 @@ bool CookieCommons::IsSameSiteForeign(nsIChannel* aChannel, nsIURI* aHostURI) {
bool isForeign = true;
nsresult rv;
if (loadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_DOCUMENT ||
nsIContentPolicy::TYPE_DOCUMENT ||
loadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_SAVEAS_DOWNLOAD) {
nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD) {
// for loads of TYPE_DOCUMENT we query the hostURI from the
// triggeringPrincipal which returns the URI of the document that caused the
// navigation.
@ -527,7 +527,7 @@ bool CookieCommons::IsSameSiteForeign(nsIChannel* aChannel, nsIURI* aHostURI) {
// was triggered by a cross-origin triggeringPrincipal, we treat the load as
// foreign.
if (loadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_SUBDOCUMENT) {
nsIContentPolicy::TYPE_SUBDOCUMENT) {
rv = loadInfo->TriggeringPrincipal()->IsThirdPartyChannel(aChannel,
&isForeign);
if (NS_FAILED(rv) || isForeign) {

2
netwerk/ipc/DocumentChannel.cpp
View File

@ -286,7 +286,7 @@ NS_IMETHODIMP DocumentChannel::SetLoadFlags(nsLoadFlags aLoadFlags) {
// Setting load flags for TYPE_OBJECT is OK, so long as the channel to parent
// isn't opened yet, or we're only setting the `LOAD_DOCUMENT_URI` flag.
auto contentPolicy = mLoadInfo->GetExternalContentPolicyType();
if (contentPolicy == ExtContentPolicy::TYPE_OBJECT) {
if (contentPolicy == nsIContentPolicy::TYPE_OBJECT) {
if (mWasOpened) {
MOZ_DIAGNOSTIC_ASSERT(
aLoadFlags == (mLoadFlags | nsIChannel::LOAD_DOCUMENT_URI),

12
netwerk/ipc/DocumentChannelChild.cpp
View File

@ -115,8 +115,8 @@ DocumentChannelChild::AsyncOpen(nsIStreamListener* aListener) {
}
switch (mLoadInfo->GetExternalContentPolicyType()) {
case ExtContentPolicy::TYPE_DOCUMENT:
case ExtContentPolicy::TYPE_SUBDOCUMENT: {
case nsIContentPolicy::TYPE_DOCUMENT:
case nsIContentPolicy::TYPE_SUBDOCUMENT: {
DocumentCreationArgs docArgs;
docArgs.uriModified() = mUriModified;
docArgs.isXFOError() = mIsXFOError;
@ -125,7 +125,7 @@ DocumentChannelChild::AsyncOpen(nsIStreamListener* aListener) {
break;
}
case ExtContentPolicy::TYPE_OBJECT: {
case nsIContentPolicy::TYPE_OBJECT: {
ObjectCreationArgs objectArgs;
objectArgs.embedderInnerWindowId() = InnerWindowIDForExtantDoc(docShell);
objectArgs.loadFlags() = mLoadFlags;
@ -142,8 +142,8 @@ DocumentChannelChild::AsyncOpen(nsIStreamListener* aListener) {
}
switch (mLoadInfo->GetExternalContentPolicyType()) {
case ExtContentPolicy::TYPE_DOCUMENT:
case ExtContentPolicy::TYPE_SUBDOCUMENT:
case nsIContentPolicy::TYPE_DOCUMENT:
case nsIContentPolicy::TYPE_SUBDOCUMENT:
MOZ_ALWAYS_SUCCEEDS(loadingContext->SetCurrentLoadIdentifier(
Some(mLoadState->GetLoadIdentifier())));
break;
@ -315,7 +315,7 @@ IPCResult DocumentChannelChild::RecvUpgradeObjectLoad(
MOZ_ASSERT(!(mLoadFlags & nsIChannel::LOAD_DOCUMENT_URI),
"Shouldn't be a LOAD_DOCUMENT_URI load yet");
MOZ_ASSERT(mLoadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_OBJECT,
nsIContentPolicy::TYPE_OBJECT,
"Should have the TYPE_OBJECT content policy type");
// If our load has already failed, or been cancelled, abort this attempt to

2
netwerk/ipc/ParentProcessDocumentChannel.cpp
View File

@ -141,7 +141,7 @@ NS_IMETHODIMP ParentProcessDocumentChannel::AsyncOpen(
MOZ_ASSERT(docShell);
bool isDocumentLoad = mLoadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_OBJECT;
nsIContentPolicy::TYPE_OBJECT;
mDocumentLoadListener = MakeRefPtr<DocumentLoadListener>(
docShell->GetBrowsingContext()->Canonical(), isDocumentLoad);

2
netwerk/protocol/http/AlternateServices.cpp
View File

@ -755,7 +755,7 @@ class WellKnownChecker {
uint64_t channelId;
nsLoadFlags flags;
ExtContentPolicyType contentPolicyType =
nsContentPolicyType contentPolicyType =
loadInfo->GetExternalContentPolicyType();
if (NS_FAILED(gHttpHandler->NewChannelId(channelId)) ||

38
netwerk/protocol/http/HttpBaseChannel.cpp
View File

@ -313,7 +313,7 @@ nsresult HttpBaseChannel::Init(nsIURI* aURI, uint32_t aCaps,
nsProxyInfo* aProxyInfo,
uint32_t aProxyResolveFlags, nsIURI* aProxyURI,
uint64_t aChannelId,
ExtContentPolicyType aContentPolicyType) {
nsContentPolicyType aContentPolicyType) {
LOG1(("HttpBaseChannel::Init [this=%p]\n", this));
MOZ_ASSERT(aURI, "null uri");
@ -2168,9 +2168,9 @@ nsresult HttpBaseChannel::ProcessCrossOriginEmbedderPolicyHeader() {
// Only consider Cross-Origin-Embedder-Policy for document loads.
if (mLoadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_DOCUMENT &&
nsIContentPolicy::TYPE_DOCUMENT &&
mLoadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_SUBDOCUMENT) {
nsIContentPolicy::TYPE_SUBDOCUMENT) {
return NS_OK;
}
@ -2183,7 +2183,7 @@ nsresult HttpBaseChannel::ProcessCrossOriginEmbedderPolicyHeader() {
// https://mikewest.github.io/corpp/#abstract-opdef-process-navigation-response
if (mLoadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_SUBDOCUMENT &&
nsIContentPolicy::TYPE_SUBDOCUMENT &&
mLoadInfo->GetLoadingEmbedderPolicy() !=
nsILoadInfo::EMBEDDER_POLICY_NULL &&
resultPolicy != nsILoadInfo::EMBEDDER_POLICY_REQUIRE_CORP) {
@ -2204,14 +2204,14 @@ nsresult HttpBaseChannel::ProcessCrossOriginResourcePolicyHeader() {
// We only apply this for resources.
if (mLoadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_DOCUMENT ||
nsIContentPolicy::TYPE_DOCUMENT ||
mLoadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_WEBSOCKET) {
nsIContentPolicy::TYPE_WEBSOCKET) {
return NS_OK;
}
if (mLoadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_SUBDOCUMENT) {
nsIContentPolicy::TYPE_SUBDOCUMENT) {
// COEP pref off, skip CORP checking for subdocument.
if (!StaticPrefs::browser_tabs_remote_useCrossOriginEmbedderPolicy()) {
return NS_OK;
@ -2317,7 +2317,7 @@ nsresult HttpBaseChannel::ComputeCrossOriginOpenerPolicyMismatch() {
// Only consider Cross-Origin-Opener-Policy for toplevel document loads.
if (mLoadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_DOCUMENT) {
nsIContentPolicy::TYPE_DOCUMENT) {
return NS_OK;
}
@ -2469,7 +2469,7 @@ nsresult ProcessXCTO(HttpBaseChannel* aChannel, nsIURI* aURI,
// 3) Compare the expected MIME type with the actual type
if (aLoadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_STYLESHEET) {
nsIContentPolicy::TYPE_STYLESHEET) {
if (contentType.EqualsLiteral(TEXT_CSS)) {
return NS_OK;
}
@ -2479,7 +2479,7 @@ nsresult ProcessXCTO(HttpBaseChannel* aChannel, nsIURI* aURI,
}
if (aLoadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_SCRIPT) {
nsIContentPolicy::TYPE_SCRIPT) {
if (nsContentUtils::IsJavascriptMIMEType(
NS_ConvertUTF8toUTF16(contentType))) {
return NS_OK;
@ -2490,8 +2490,8 @@ nsresult ProcessXCTO(HttpBaseChannel* aChannel, nsIURI* aURI,
}
auto policyType = aLoadInfo->GetExternalContentPolicyType();
if (policyType == ExtContentPolicy::TYPE_DOCUMENT ||
policyType == ExtContentPolicy::TYPE_SUBDOCUMENT) {
if (policyType == nsIContentPolicy::TYPE_DOCUMENT ||
policyType == nsIContentPolicy::TYPE_SUBDOCUMENT) {
// If the header XCTO nosniff is set for any browsing context, then
// we set the skipContentSniffing flag on the Loadinfo. Within
// GetMIMETypeFromContent we then bail early and do not do any sniffing.
@ -2513,7 +2513,7 @@ nsresult EnsureMIMEOfScript(HttpBaseChannel* aChannel, nsIURI* aURI,
}
if (aLoadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_SCRIPT) {
nsIContentPolicy::TYPE_SCRIPT) {
// if this is not a script load, then there is nothing to do
return NS_OK;
}
@ -2715,7 +2715,7 @@ void WarnWrongMIMEOfScript(HttpBaseChannel* aChannel, nsIURI* aURI,
}
if (aLoadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_SCRIPT) {
nsIContentPolicy::TYPE_SCRIPT) {
// If this is not a script load, then there is nothing to do.
return;
}
@ -3525,17 +3525,17 @@ already_AddRefed<nsILoadInfo> HttpBaseChannel::CloneLoadInfoForRedirect(
nsCOMPtr<nsILoadInfo> newLoadInfo =
static_cast<mozilla::net::LoadInfo*>(mLoadInfo.get())->Clone();
ExtContentPolicyType contentPolicyType =
nsContentPolicyType contentPolicyType =
mLoadInfo->GetExternalContentPolicyType();
if (contentPolicyType == ExtContentPolicy::TYPE_DOCUMENT ||
contentPolicyType == ExtContentPolicy::TYPE_SUBDOCUMENT) {
if (contentPolicyType == nsIContentPolicy::TYPE_DOCUMENT ||
contentPolicyType == nsIContentPolicy::TYPE_SUBDOCUMENT) {
nsCOMPtr<nsIPrincipal> nullPrincipalToInherit =
NullPrincipal::CreateWithoutOriginAttributes();
newLoadInfo->SetPrincipalToInherit(nullPrincipalToInherit);
}
bool isTopLevelDoc = newLoadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_DOCUMENT;
nsIContentPolicy::TYPE_DOCUMENT;
if (isTopLevelDoc) {
// re-compute the origin attributes of the loadInfo if it's top-level load.
@ -3853,7 +3853,7 @@ HttpBaseChannel::CloneReplacementChannelConfig(bool aPreserveMethod,
// TYPE_DOCUMENT loads don't have a loadingPrincipal, so we can't set
// AllRedirectsPassTimingAllowCheck on them.
if (loadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_DOCUMENT) {
nsIContentPolicy::TYPE_DOCUMENT) {
nsCOMPtr<nsIPrincipal> principal = loadInfo->GetLoadingPrincipal();
config.timedChannel->timingAllowCheckForPrincipal() =
Some(oldTimedChannel->TimingAllowCheck(principal));

2
netwerk/protocol/http/HttpBaseChannel.h
View File

@ -120,7 +120,7 @@ class HttpBaseChannel : public nsHashPropertyBag,
nsProxyInfo* aProxyInfo,
uint32_t aProxyResolveFlags,
nsIURI* aProxyURI, uint64_t aChannelId,
ExtContentPolicyType aContentPolicyType);
nsContentPolicyType aContentPolicyType);
// nsIRequest
NS_IMETHOD GetName(nsACString& aName) override;

2
netwerk/protocol/http/InterceptedHttpChannel.cpp
View File

@ -248,7 +248,7 @@ nsresult InterceptedHttpChannel::RedirectForResponseURL(
nsCOMPtr<nsILoadInfo> redirectLoadInfo =
CloneLoadInfoForRedirect(aResponseURI, flags);
ExtContentPolicyType contentPolicyType =
nsContentPolicyType contentPolicyType =
redirectLoadInfo->GetExternalContentPolicyType();
rv = newChannel->Init(

2
netwerk/protocol/http/nsCORSListenerProxy.cpp
View File

@ -1408,7 +1408,7 @@ nsresult nsCORSListenerProxy::StartCORSPreflight(
nsCOMPtr<nsIPrincipal> principal = originalLoadInfo->GetLoadingPrincipal();
MOZ_ASSERT(principal && originalLoadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_DOCUMENT,
nsIContentPolicy::TYPE_DOCUMENT,
"Should not do CORS loads for top-level loads, so a "
"loadingPrincipal should always exist.");
bool withCredentials =

23
netwerk/protocol/http/nsHttpChannel.cpp
View File

@ -174,7 +174,7 @@ void AccumulateCacheHitTelemetry(CacheDisposition hitOrMiss,
key.AssignLiteral("JAVASCRIPT");
} else if (StringBeginsWith(contentType, "text/css"_ns) ||
(loadInfo && loadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_STYLESHEET)) {
nsIContentPolicy::TYPE_STYLESHEET)) {
key.AssignLiteral("STYLESHEET");
} else if (StringBeginsWith(contentType, "application/wasm"_ns)) {
key.AssignLiteral("WASM");
@ -404,7 +404,7 @@ void nsHttpChannel::ReleaseMainThreadOnlyReferences() {
nsresult nsHttpChannel::Init(nsIURI* uri, uint32_t caps, nsProxyInfo* proxyInfo,
uint32_t proxyResolveFlags, nsIURI* proxyURI,
uint64_t channelId,
ExtContentPolicyType aContentPolicyType) {
nsContentPolicyType aContentPolicyType) {
nsresult rv = HttpBaseChannel::Init(uri, caps, proxyInfo, proxyResolveFlags,
proxyURI, channelId, aContentPolicyType);
if (NS_FAILED(rv)) return rv;
@ -535,10 +535,10 @@ nsresult nsHttpChannel::OnBeforeConnect() {
// header for *all* navigational requests instead of all requests as
// defined in the spec, see:
// https://www.w3.org/TR/upgrade-insecure-requests/#preference
ExtContentPolicyType type = mLoadInfo->GetExternalContentPolicyType();
nsContentPolicyType type = mLoadInfo->GetExternalContentPolicyType();
if (type == ExtContentPolicy::TYPE_DOCUMENT ||
type == ExtContentPolicy::TYPE_SUBDOCUMENT) {
if (type == nsIContentPolicy::TYPE_DOCUMENT ||
type == nsIContentPolicy::TYPE_SUBDOCUMENT) {
rv = SetRequestHeader("Upgrade-Insecure-Requests"_ns, "1"_ns, false);
NS_ENSURE_SUCCESS(rv, rv);
}
@ -1478,7 +1478,7 @@ HttpTrafficCategory nsHttpChannel::CreateTrafficCategory() {
{
if ((mClassOfService & nsIClassOfService::Leader) &&
mLoadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_SCRIPT) {
nsIContentPolicy::TYPE_SCRIPT) {
cos = HttpTrafficAnalyzer::ClassOfService::eLeader;
} else if (mLoadFlags & nsIRequest::LOAD_BACKGROUND) {
cos = HttpTrafficAnalyzer::ClassOfService::eBackground;
@ -1529,7 +1529,7 @@ void nsHttpChannel::SetCachedContentType() {
contentType = nsICacheEntry::CONTENT_TYPE_JAVASCRIPT;
} else if (StringBeginsWith(contentTypeStr, "text/css"_ns) ||
(mLoadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_STYLESHEET)) {
nsIContentPolicy::TYPE_STYLESHEET)) {
contentType = nsICacheEntry::CONTENT_TYPE_STYLESHEET;
} else if (StringBeginsWith(contentTypeStr, "application/wasm"_ns)) {
contentType = nsICacheEntry::CONTENT_TYPE_WASM;
@ -7353,9 +7353,10 @@ nsHttpChannel::OnStartRequest(nsIRequest* request) {
Telemetry::Accumulate(Telemetry::HTTP_CHANNEL_ONSTART_SUCCESS,
NS_SUCCEEDED(mStatus));
Telemetry::Accumulate(Telemetry::HTTP3_CHANNEL_ONSTART_SUCCESS,
(mTransaction->IsHttp3Used()) ? "http3"_ns : "no_http3"_ns,
NS_SUCCEEDED(mStatus));
Telemetry::Accumulate(
Telemetry::HTTP3_CHANNEL_ONSTART_SUCCESS,
(mTransaction->IsHttp3Used()) ? "http3"_ns : "no_http3"_ns,
NS_SUCCEEDED(mStatus));
if (gTRRService && gTRRService->IsConfirmed()) {
Telemetry::Accumulate(Telemetry::HTTP_CHANNEL_ONSTART_SUCCESS_TRR,
@ -9962,7 +9963,7 @@ nsresult nsHttpChannel::RedirectToInterceptedChannel() {
InterceptedHttpChannel::CreateForInterception(
mChannelCreationTime, mChannelCreationTimestamp, mAsyncOpenTime);
ExtContentPolicyType type = mLoadInfo->GetExternalContentPolicyType();
nsContentPolicyType type = mLoadInfo->GetExternalContentPolicyType();
nsresult rv = intercepted->Init(
mURI, mCaps, static_cast<nsProxyInfo*>(mProxyInfo.get()),

2
netwerk/protocol/http/nsHttpChannel.h
View File

@ -131,7 +131,7 @@ class nsHttpChannel final : public HttpBaseChannel,
[[nodiscard]] virtual nsresult Init(
nsIURI* aURI, uint32_t aCaps, nsProxyInfo* aProxyInfo,
uint32_t aProxyResolveFlags, nsIURI* aProxyURI, uint64_t aChannelId,
ExtContentPolicyType aContentPolicyType) override;
nsContentPolicyType aContentPolicyType) override;
[[nodiscard]] nsresult OnPush(uint32_t aPushedStreamId,
const nsACString& aUrl,

13
netwerk/protocol/http/nsHttpChannelAuthProvider.cpp
View File

@ -919,7 +919,7 @@ bool nsHttpChannelAuthProvider::BlockPrompt(bool proxyAuth) {
bool nonWebContent = false;
if (loadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_DOCUMENT) {
nsIContentPolicy::TYPE_DOCUMENT) {
topDoc = false;
}
@ -931,7 +931,7 @@ bool nsHttpChannelAuthProvider::BlockPrompt(bool proxyAuth) {
}
if (loadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_XMLHTTPREQUEST) {
nsIContentPolicy::TYPE_XMLHTTPREQUEST) {
xhr = true;
}
@ -965,9 +965,8 @@ bool nsHttpChannelAuthProvider::BlockPrompt(bool proxyAuth) {
HTTP_AUTH_DIALOG_SAME_ORIGIN_SUBRESOURCE);
}
} else {
Telemetry::Accumulate(
Telemetry::HTTP_AUTH_DIALOG_STATS_3,
static_cast<uint32_t>(loadInfo->GetExternalContentPolicyType()));
Telemetry::Accumulate(Telemetry::HTTP_AUTH_DIALOG_STATS_3,
loadInfo->GetExternalContentPolicyType());
}
}
@ -997,9 +996,9 @@ bool nsHttpChannelAuthProvider::BlockPrompt(bool proxyAuth) {
network_auth_subresource_img_cross_origin_http_auth_allow() &&
loadInfo &&
((loadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_IMAGE) ||
nsIContentPolicy::TYPE_IMAGE) ||
(loadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_IMAGESET))) {
nsIContentPolicy::TYPE_IMAGESET))) {
return true;
}
return false;

12
netwerk/protocol/http/nsHttpHandler.cpp
View File

@ -690,7 +690,7 @@ nsresult nsHttpHandler::InitConnectionMgr() {
nsresult nsHttpHandler::AddStandardRequestHeaders(
nsHttpRequestHead* request, bool isSecure,
ExtContentPolicyType aContentPolicyType) {
nsContentPolicyType aContentPolicyType) {
nsresult rv;
// Add the "User-Agent" header
@ -703,13 +703,13 @@ nsresult nsHttpHandler::AddStandardRequestHeaders(
// service worker expects to see it. The other "default" headers are
// hidden from service worker interception.
nsAutoCString accept;
if (aContentPolicyType == ExtContentPolicy::TYPE_DOCUMENT ||
aContentPolicyType == ExtContentPolicy::TYPE_SUBDOCUMENT) {
if (aContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT ||
aContentPolicyType == nsIContentPolicy::TYPE_SUBDOCUMENT) {
accept.Assign(mDocumentAcceptHeader);
} else if (aContentPolicyType == ExtContentPolicy::TYPE_IMAGE ||
aContentPolicyType == ExtContentPolicy::TYPE_IMAGESET) {
} else if (aContentPolicyType == nsIContentPolicy::TYPE_IMAGE ||
aContentPolicyType == nsIContentPolicy::TYPE_IMAGESET) {
accept.Assign(mImageAcceptHeader);
} else if (aContentPolicyType == ExtContentPolicy::TYPE_STYLESHEET) {
} else if (aContentPolicyType == nsIContentPolicy::TYPE_STYLESHEET) {
accept.Assign(ACCEPT_HEADER_STYLE);
} else {
accept.Assign(ACCEPT_HEADER_ALL);

2
netwerk/protocol/http/nsHttpHandler.h
View File

@ -117,7 +117,7 @@ class nsHttpHandler final : public nsIHttpProtocolHandler,
[[nodiscard]] nsresult AddStandardRequestHeaders(
nsHttpRequestHead*, bool isSecure,
ExtContentPolicyType aContentPolicyType);
nsContentPolicyType aContentPolicyType);
[[nodiscard]] nsresult AddConnectionHeader(nsHttpRequestHead*,
uint32_t capabilities);
bool IsAcceptableEncoding(const char* encoding, bool isSecure);

10
netwerk/url-classifier/UrlClassifierCommon.cpp
View File

@ -81,7 +81,7 @@ bool UrlClassifierCommon::ShouldEnableProtectionForChannel(
MOZ_ASSERT(loadInfo);
auto policyType = loadInfo->GetExternalContentPolicyType();
if (policyType == ExtContentPolicy::TYPE_DOCUMENT) {
if (policyType == nsIContentPolicy::TYPE_DOCUMENT) {
UC_LOG(
("UrlClassifierCommon::ShouldEnableProtectionForChannel - "
"skipping top-level load for channel %p",
@ -644,14 +644,14 @@ bool UrlClassifierCommon::IsPassiveContent(nsIChannel* aChannel) {
MOZ_ASSERT(aChannel);
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
ExtContentPolicyType contentType = loadInfo->GetExternalContentPolicyType();
nsContentPolicyType contentType = loadInfo->GetExternalContentPolicyType();
// Return true if aChannel is loading passive display content, as
// defined by the mixed content blocker.
// https://searchfox.org/mozilla-central/rev/c80fa7258c935223fe319c5345b58eae85d4c6ae/dom/security/nsMixedContentBlocker.cpp#532
return contentType == ExtContentPolicy::TYPE_IMAGE ||
contentType == ExtContentPolicy::TYPE_MEDIA ||
(contentType == ExtContentPolicy::TYPE_OBJECT_SUBREQUEST &&
return contentType == nsIContentPolicy::TYPE_IMAGE ||
contentType == nsIContentPolicy::TYPE_MEDIA ||
(contentType == nsIContentPolicy::TYPE_OBJECT_SUBREQUEST &&
!StaticPrefs::security_mixed_content_block_object_subrequest());
}

8
netwerk/url-classifier/UrlClassifierFeatureFlash.cpp
View File

@ -108,11 +108,11 @@ void UrlClassifierFeatureFlash::MaybeCreate(
// We use Flash feature just for document loading.
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
ExtContentPolicyType contentPolicyType =
nsContentPolicyType contentPolicyType =
loadInfo->GetExternalContentPolicyType();
if (contentPolicyType != ExtContentPolicy::TYPE_DOCUMENT &&
contentPolicyType != ExtContentPolicy::TYPE_SUBDOCUMENT) {
if (contentPolicyType != nsIContentPolicy::TYPE_DOCUMENT &&
contentPolicyType != nsIContentPolicy::TYPE_SUBDOCUMENT) {
return;
}
@ -129,7 +129,7 @@ void UrlClassifierFeatureFlash::MaybeCreate(
for (const FlashFeature& flashFeature : sFlashFeaturesMap) {
MOZ_ASSERT(flashFeature.mFeature);
if (!flashFeature.mSubdocumentOnly ||
contentPolicyType == ExtContentPolicy::TYPE_SUBDOCUMENT) {
contentPolicyType == nsIContentPolicy::TYPE_SUBDOCUMENT) {
aFeatures.AppendElement(flashFeature.mFeature);
}
}

5
toolkit/components/antitracking/AntiTrackingRedirectHeuristic.cpp
View File

@ -185,9 +185,8 @@ void AntiTrackingRedirectHeuristic(nsIChannel* aOldChannel, nsIURI* aOldURI,
nsCOMPtr<nsILoadInfo> newLoadInfo = aNewChannel->LoadInfo();
MOZ_ASSERT(newLoadInfo);
ExtContentPolicyType contentType =
oldLoadInfo->GetExternalContentPolicyType();
if (contentType != ExtContentPolicy::TYPE_DOCUMENT ||
nsContentPolicyType contentType = oldLoadInfo->GetExternalContentPolicyType();
if (contentType != nsIContentPolicy::TYPE_DOCUMENT ||
!aOldChannel->IsDocument()) {
LOG_SPEC(("Ignoring redirect for %s because it's not a document", _spec),
aOldURI);

6
toolkit/components/antitracking/AntiTrackingUtils.cpp
View File

@ -267,7 +267,7 @@ bool AntiTrackingUtils::CheckStoragePermission(nsIPrincipal* aPrincipal,
// The channel is for the document load of the top-level window. The top-level
// window should always has 'hasStoragePermission' flag as false. So, we can
// return here directly.
if (policyType == ExtContentPolicy::TYPE_DOCUMENT) {
if (policyType == nsIContentPolicy::TYPE_DOCUMENT) {
return false;
}
@ -534,7 +534,7 @@ void AntiTrackingUtils::ComputeIsThirdPartyToTopWindow(nsIChannel* aChannel) {
// below returns an incorrect result. So we use TYPE_DOCUMENT to
// ensure a top-level load is not considered 3rd-party.
auto policyType = loadInfo->GetExternalContentPolicyType();
if (policyType == ExtContentPolicy::TYPE_DOCUMENT) {
if (policyType == nsIContentPolicy::TYPE_DOCUMENT) {
loadInfo->SetIsThirdPartyContextToTopWindow(false);
return;
}
@ -702,7 +702,7 @@ void AntiTrackingUtils::UpdateAntiTrackingInfoForChannel(nsIChannel* aChannel) {
// for channels other than http channels.
nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel);
if (!httpChannel || loadInfo->GetExternalContentPolicyType() !=
ExtContentPolicy::TYPE_DOCUMENT) {
nsIContentPolicy::TYPE_DOCUMENT) {
return;
}

5
toolkit/components/antitracking/DynamicFpiRedirectHeuristic.cpp
View File

@ -216,9 +216,8 @@ void DynamicFpiRedirectHeuristic(nsIChannel* aOldChannel, nsIURI* aOldURI,
nsCOMPtr<nsILoadInfo> newLoadInfo = aNewChannel->LoadInfo();
MOZ_ASSERT(newLoadInfo);
ExtContentPolicyType contentType =
oldLoadInfo->GetExternalContentPolicyType();
if (contentType != ExtContentPolicy::TYPE_DOCUMENT ||
nsContentPolicyType contentType = oldLoadInfo->GetExternalContentPolicyType();
if (contentType != nsIContentPolicy::TYPE_DOCUMENT ||
!aOldChannel->IsDocument()) {
LOG_SPEC(("Ignoring redirect for %s because it's not a document", _spec),
aOldURI);

18
toolkit/components/browser/nsWebBrowserContentPolicy.cpp
View File

@ -23,7 +23,10 @@ nsWebBrowserContentPolicy::ShouldLoad(nsIURI* aContentLocation,
int16_t* aShouldLoad) {
MOZ_ASSERT(aShouldLoad, "Null out param");
ExtContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
nsContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
MOZ_ASSERT(contentType == nsContentUtils::InternalContentPolicyTypeToExternal(
contentType),
"We should only see external content policy types here.");
*aShouldLoad = nsIContentPolicy::ACCEPT;
@ -38,7 +41,7 @@ nsWebBrowserContentPolicy::ShouldLoad(nsIURI* aContentLocation,
bool allowed = true;
switch (contentType) {
case ExtContentPolicy::TYPE_SUBDOCUMENT:
case nsIContentPolicy::TYPE_SUBDOCUMENT:
rv = shell->GetAllowSubframes(&allowed);
break;
#if 0
@ -47,8 +50,8 @@ nsWebBrowserContentPolicy::ShouldLoad(nsIURI* aContentLocation,
rv = shell->GetAllowMetaRedirects(&allowed); /* meta _refresh_ */
break;
#endif
case ExtContentPolicy::TYPE_IMAGE:
case ExtContentPolicy::TYPE_IMAGESET:
case nsIContentPolicy::TYPE_IMAGE:
case nsIContentPolicy::TYPE_IMAGESET:
rv = shell->GetAllowImages(&allowed);
break;
default:
@ -70,14 +73,17 @@ nsWebBrowserContentPolicy::ShouldProcess(nsIURI* aContentLocation,
int16_t* aShouldProcess) {
MOZ_ASSERT(aShouldProcess, "Null out param");
ExtContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
nsContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
MOZ_ASSERT(contentType == nsContentUtils::InternalContentPolicyTypeToExternal(
contentType),
"We should only see external content policy types here.");
*aShouldProcess = nsIContentPolicy::ACCEPT;
// Object tags will always open channels with TYPE_OBJECT, but may end up
// loading with TYPE_IMAGE or TYPE_DOCUMENT as their final type, so we block
// actual-plugins at the process stage
if (contentType != ExtContentPolicy::TYPE_OBJECT) {
if (contentType != nsIContentPolicy::TYPE_OBJECT) {
return NS_OK;
}

4
toolkit/components/extensions/ExtensionPolicyService.cpp
View File

@ -399,8 +399,8 @@ nsresult ExtensionPolicyService::InjectContentScripts(
void ExtensionPolicyService::CheckRequest(nsIChannel* aChannel) {
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
auto loadType = loadInfo->GetExternalContentPolicyType();
if (loadType != ExtContentPolicy::TYPE_DOCUMENT &&
loadType != ExtContentPolicy::TYPE_SUBDOCUMENT) {
if (loadType != nsIContentPolicy::TYPE_DOCUMENT &&
loadType != nsIContentPolicy::TYPE_SUBDOCUMENT) {
return;
}

52
toolkit/components/extensions/webrequest/ChannelWrapper.cpp
View File

@ -706,7 +706,7 @@ nsresult ChannelWrapper::GetFrameAncestors(
}
bool subFrame = aLoadInfo->GetExternalContentPolicyType() ==
ExtContentPolicy::TYPE_SUBDOCUMENT;
nsIContentPolicy::TYPE_SUBDOCUMENT;
if (!aFrameAncestors.SetCapacity(subFrame ? size : size + 1, fallible)) {
return NS_ERROR_OUT_OF_MEMORY;
}
@ -772,58 +772,54 @@ already_AddRefed<nsITraceableChannel> ChannelWrapper::GetTraceableChannel(
* ...
*****************************************************************************/
MozContentPolicyType GetContentPolicyType(ExtContentPolicyType aType) {
MozContentPolicyType GetContentPolicyType(uint32_t aType) {
// Note: Please keep this function in sync with the external types in
// nsIContentPolicy.idl
switch (aType) {
case ExtContentPolicy::TYPE_DOCUMENT:
case nsIContentPolicy::TYPE_DOCUMENT:
return MozContentPolicyType::Main_frame;
case ExtContentPolicy::TYPE_SUBDOCUMENT:
case nsIContentPolicy::TYPE_SUBDOCUMENT:
return MozContentPolicyType::Sub_frame;
case ExtContentPolicy::TYPE_STYLESHEET:
case nsIContentPolicy::TYPE_STYLESHEET:
return MozContentPolicyType::Stylesheet;
case ExtContentPolicy::TYPE_SCRIPT:
case nsIContentPolicy::TYPE_SCRIPT:
return MozContentPolicyType::Script;
case ExtContentPolicy::TYPE_IMAGE:
case nsIContentPolicy::TYPE_IMAGE:
return MozContentPolicyType::Image;
case ExtContentPolicy::TYPE_OBJECT:
case nsIContentPolicy::TYPE_OBJECT:
return MozContentPolicyType::Object;
case ExtContentPolicy::TYPE_OBJECT_SUBREQUEST:
case nsIContentPolicy::TYPE_OBJECT_SUBREQUEST:
return MozContentPolicyType::Object_subrequest;
case ExtContentPolicy::TYPE_XMLHTTPREQUEST:
case nsIContentPolicy::TYPE_XMLHTTPREQUEST:
return MozContentPolicyType::Xmlhttprequest;
// TYPE_FETCH returns xmlhttprequest for cross-browser compatibility.
case ExtContentPolicy::TYPE_FETCH:
case nsIContentPolicy::TYPE_FETCH:
return MozContentPolicyType::Xmlhttprequest;
case ExtContentPolicy::TYPE_XSLT:
case nsIContentPolicy::TYPE_XSLT:
return MozContentPolicyType::Xslt;
case ExtContentPolicy::TYPE_PING:
case nsIContentPolicy::TYPE_PING:
return MozContentPolicyType::Ping;
case ExtContentPolicy::TYPE_BEACON:
case nsIContentPolicy::TYPE_BEACON:
return MozContentPolicyType::Beacon;
case ExtContentPolicy::TYPE_DTD:
case nsIContentPolicy::TYPE_DTD:
return MozContentPolicyType::Xml_dtd;
case ExtContentPolicy::TYPE_FONT:
case nsIContentPolicy::TYPE_FONT:
return MozContentPolicyType::Font;
case ExtContentPolicy::TYPE_MEDIA:
case nsIContentPolicy::TYPE_MEDIA:
return MozContentPolicyType::Media;
case ExtContentPolicy::TYPE_WEBSOCKET:
case nsIContentPolicy::TYPE_WEBSOCKET:
return MozContentPolicyType::Websocket;
case ExtContentPolicy::TYPE_CSP_REPORT:
case nsIContentPolicy::TYPE_CSP_REPORT:
return MozContentPolicyType::Csp_report;
case ExtContentPolicy::TYPE_IMAGESET:
case nsIContentPolicy::TYPE_IMAGESET:
return MozContentPolicyType::Imageset;
case ExtContentPolicy::TYPE_WEB_MANIFEST:
case nsIContentPolicy::TYPE_WEB_MANIFEST:
return MozContentPolicyType::Web_manifest;
case ExtContentPolicy::TYPE_SPECULATIVE:
case nsIContentPolicy::TYPE_SPECULATIVE:
return MozContentPolicyType::Speculative;
case ExtContentPolicy::TYPE_INVALID:
case ExtContentPolicy::TYPE_OTHER:
case ExtContentPolicy::TYPE_REFRESH:
case ExtContentPolicy::TYPE_SAVEAS_DOWNLOAD:
break;
default:
return MozContentPolicyType::Other;
}
return MozContentPolicyType::Other;
}
MozContentPolicyType ChannelWrapper::Type() const {

15
toolkit/mozapps/extensions/AddonContentPolicy.cpp
View File

@ -94,7 +94,11 @@ AddonContentPolicy::ShouldLoad(nsIURI* aContentLocation, nsILoadInfo* aLoadInfo,
return NS_ERROR_FAILURE;
}
ExtContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
nsContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
MOZ_ASSERT(contentType == nsContentUtils::InternalContentPolicyTypeToExternal(
contentType),
"We should only see external content policy types here.");
*aShouldLoad = nsIContentPolicy::ACCEPT;
nsCOMPtr<nsIPrincipal> loadingPrincipal = aLoadInfo->GetLoadingPrincipal();
@ -109,7 +113,7 @@ AddonContentPolicy::ShouldLoad(nsIURI* aContentLocation, nsILoadInfo* aLoadInfo,
return NS_OK;
}
if (contentType == ExtContentPolicy::TYPE_SCRIPT) {
if (contentType == nsIContentPolicy::TYPE_SCRIPT) {
NS_ConvertUTF8toUTF16 typeString(aMimeTypeGuess);
nsContentTypeParser mimeParser(typeString);
@ -141,6 +145,13 @@ AddonContentPolicy::ShouldProcess(nsIURI* aContentLocation,
nsILoadInfo* aLoadInfo,
const nsACString& aMimeTypeGuess,
int16_t* aShouldProcess) {
#ifdef DEBUG
nsContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
MOZ_ASSERT(contentType == nsContentUtils::InternalContentPolicyTypeToExternal(
contentType),
"We should only see external content policy types here.");
#endif
*aShouldProcess = nsIContentPolicy::ACCEPT;
return NS_OK;
}