Bug 1558915 - Use infallible nsIURI::SchemeIs in dom/security. r=ckerschb

Differential Revision: https://phabricator.services.mozilla.com/D39779 --HG-- extra : moz-landing-system : lando
2025-02-28 05:10:49 +00:00 · 2019-07-30 07:23:18 +00:00 · 2019-07-30 07:23:18 +00:00 · af8f619ad2
commit af8f619ad2
parent a20a043c9e
6 changed files with 30 additions and 93 deletions
--- a/dom/security/ReferrerInfo.cpp
+++ b/dom/security/ReferrerInfo.cpp
@ -201,8 +201,7 @@ bool ReferrerInfo::ShouldResponseInheritReferrerInfo(nsIChannel* aChannel) {
  nsresult rv = aChannel->GetURI(getter_AddRefs(channelURI));
  NS_ENSURE_SUCCESS(rv, false);

-  bool isAbout =
-      (NS_SUCCEEDED(channelURI->SchemeIs("about", &isAbout)) && isAbout);
+  bool isAbout = channelURI->SchemeIs("about");
  if (!isAbout) {
    return false;
  }
@ -223,27 +222,17 @@ nsresult ReferrerInfo::HandleSecureToInsecureReferral(nsIURI* aOriginalURI,
  NS_ENSURE_ARG(aURI);

  aAllowed = false;
-  bool referrerIsHttpsScheme;
-  nsresult rv = aOriginalURI->SchemeIs("https", &referrerIsHttpsScheme);
-  if (NS_WARN_IF(NS_FAILED(rv))) {
-    return rv;
-  }

+  bool referrerIsHttpsScheme = aOriginalURI->SchemeIs("https");
  if (!referrerIsHttpsScheme) {
    aAllowed = true;
    return NS_OK;
  }

-  bool uriIsHttpsScheme;
-  rv = aURI->SchemeIs("https", &uriIsHttpsScheme);
-  if (NS_WARN_IF(NS_FAILED(rv))) {
-    return rv;
-  }
-
  // It's ok to send referrer for https-to-http scenarios if the referrer
  // policy is "unsafe-url", "origin", or "origin-when-cross-origin".
  // in other referrer policies, https->http is not allowed...
-
+  bool uriIsHttpsScheme = aURI->SchemeIs("https");
  if (aPolicy != nsIHttpChannel::REFERRER_POLICY_UNSAFE_URL &&
      aPolicy != nsIHttpChannel::REFERRER_POLICY_ORIGIN_WHEN_XORIGIN &&
      aPolicy != nsIHttpChannel::REFERRER_POLICY_ORIGIN && !uriIsHttpsScheme) {
--- a/dom/security/nsCSPContext.cpp
+++ b/dom/security/nsCSPContext.cpp
@ -886,12 +886,8 @@ void StripURIForReporting(nsIURI* aURI, nsIURI* aSelfURI,
  // aURI has a scheme of data, blob, or filesystem), then return the
  // ASCII serialization of uri’s scheme.
  bool isHttpFtpOrWs =
-      (NS_SUCCEEDED(aURI->SchemeIs("http", &isHttpFtpOrWs)) && isHttpFtpOrWs) ||
-      (NS_SUCCEEDED(aURI->SchemeIs("https", &isHttpFtpOrWs)) &&
-       isHttpFtpOrWs) ||
-      (NS_SUCCEEDED(aURI->SchemeIs("ftp", &isHttpFtpOrWs)) && isHttpFtpOrWs) ||
-      (NS_SUCCEEDED(aURI->SchemeIs("ws", &isHttpFtpOrWs)) && isHttpFtpOrWs) ||
-      (NS_SUCCEEDED(aURI->SchemeIs("wss", &isHttpFtpOrWs)) && isHttpFtpOrWs);
+      (aURI->SchemeIs("http") || aURI->SchemeIs("https") ||
+       aURI->SchemeIs("ftp") || aURI->SchemeIs("ws") || aURI->SchemeIs("wss"));

  if (!isHttpFtpOrWs) {
    // not strictly spec compliant, but what we really care about is
@ -1112,10 +1108,7 @@ nsresult nsCSPContext::SendReports(

    // log a warning to console if scheme is not http or https
    bool isHttpScheme =
-        (NS_SUCCEEDED(reportURI->SchemeIs("http", &isHttpScheme)) &&
-         isHttpScheme) ||
-        (NS_SUCCEEDED(reportURI->SchemeIs("https", &isHttpScheme)) &&
-         isHttpScheme);
+        reportURI->SchemeIs("http") || reportURI->SchemeIs("https");

    if (!isHttpScheme) {
      AutoTArray<nsString, 1> params = {reportURIs[r]};
@ -1335,8 +1328,7 @@ class CSPReportSenderRunnable final : public Runnable {
      mBlockedURI->GetSpec(blockedContentSource);
      if (blockedContentSource.Length() >
          nsCSPContext::ScriptSampleMaxLength()) {
-        bool isData = false;
-        rv = mBlockedURI->SchemeIs("data", &isData);
+        bool isData = mBlockedURI->SchemeIs("data");
        if (NS_SUCCEEDED(rv) && isData &&
            blockedContentSource.Length() >
                nsCSPContext::ScriptSampleMaxLength()) {
--- a/dom/security/nsCSPService.cpp
+++ b/dom/security/nsCSPService.cpp
@ -54,29 +54,15 @@ bool subjectToCSP(nsIURI* aURI, nsContentPolicyType aContentType) {
  // are subject to CSP, hence we have to make sure those
  // protocols are subject to CSP, see:
  // http://www.w3.org/TR/CSP2/#source-list-guid-matching
-  bool match = false;
-  nsresult rv = aURI->SchemeIs("data", &match);
-  if (NS_SUCCEEDED(rv) && match) {
-    return true;
-  }
-  rv = aURI->SchemeIs("blob", &match);
-  if (NS_SUCCEEDED(rv) && match) {
-    return true;
-  }
-  rv = aURI->SchemeIs("filesystem", &match);
-  if (NS_SUCCEEDED(rv) && match) {
+  if (aURI->SchemeIs("data") || aURI->SchemeIs("blob") ||
+      aURI->SchemeIs("filesystem")) {
    return true;
  }

  // Finally we have to whitelist "about:" which does not fall into
  // the category underneath and also "javascript:" which is not
  // subject to CSP content loading rules.
-  rv = aURI->SchemeIs("about", &match);
-  if (NS_SUCCEEDED(rv) && match) {
-    return false;
-  }
-  rv = aURI->SchemeIs("javascript", &match);
-  if (NS_SUCCEEDED(rv) && match) {
+  if (aURI->SchemeIs("about") || aURI->SchemeIs("javascript")) {
    return false;
  }

@ -92,20 +78,18 @@ bool subjectToCSP(nsIURI* aURI, nsContentPolicyType aContentType) {
      contentType == nsIContentPolicy::TYPE_STYLESHEET ||
      contentType == nsIContentPolicy::TYPE_DTD ||
      contentType == nsIContentPolicy::TYPE_XBL;
-  rv = aURI->SchemeIs("resource", &match);
-  if (NS_SUCCEEDED(rv) && match && !isImgOrStyleOrDTDorXBL) {
+  if (aURI->SchemeIs("resource") && !isImgOrStyleOrDTDorXBL) {
    return true;
  }
-  rv = aURI->SchemeIs("chrome", &match);
-  if (NS_SUCCEEDED(rv) && match && !isImgOrStyleOrDTDorXBL) {
+  if (aURI->SchemeIs("chrome") && !isImgOrStyleOrDTDorXBL) {
    return true;
  }
-  rv = aURI->SchemeIs("moz-icon", &match);
-  if (NS_SUCCEEDED(rv) && match) {
+  if (aURI->SchemeIs("moz-icon")) {
    return true;
  }
-  rv = NS_URIChainHasFlags(aURI, nsIProtocolHandler::URI_IS_LOCAL_RESOURCE,
-                           &match);
+  bool match;
+  nsresult rv = NS_URIChainHasFlags(
+      aURI, nsIProtocolHandler::URI_IS_LOCAL_RESOURCE, &match);
  if (NS_SUCCEEDED(rv) && match) {
    return false;
  }
--- a/dom/security/nsCSPUtils.cpp
+++ b/dom/security/nsCSPUtils.cpp
@ -100,7 +100,7 @@ bool CSP_ShouldResponseInheritCSP(nsIChannel* aChannel) {
  nsresult rv = aChannel->GetURI(getter_AddRefs(uri));
  NS_ENSURE_SUCCESS(rv, false);

-  bool isAbout = (NS_SUCCEEDED(uri->SchemeIs("about", &isAbout)) && isAbout);
+  bool isAbout = uri->SchemeIs("about");
  if (isAbout) {
    nsAutoCString aboutSpec;
    rv = uri->GetSpec(aboutSpec);
@ -112,12 +112,8 @@ bool CSP_ShouldResponseInheritCSP(nsIChannel* aChannel) {
    }
  }

-  bool isBlob = (NS_SUCCEEDED(uri->SchemeIs("blob", &isBlob)) && isBlob);
-  bool isData = (NS_SUCCEEDED(uri->SchemeIs("data", &isData)) && isData);
-  bool isFS = (NS_SUCCEEDED(uri->SchemeIs("filesystem", &isFS)) && isFS);
-  bool isJS = (NS_SUCCEEDED(uri->SchemeIs("javascript", &isJS)) && isJS);
-
-  return isBlob || isData || isFS || isJS;
+  return uri->SchemeIs("blob") || uri->SchemeIs("data") ||
+         uri->SchemeIs("filesystem") || uri->SchemeIs("javascript");
 }

 void CSP_ApplyMetaCSPToDoc(mozilla::dom::Document& aDoc,
@ -689,14 +685,8 @@ bool nsCSPHostSrc::permits(nsIURI* aUri, const nsAString& aNonce,
    // future compatibility we support it in CSP according to the spec,
    // see: 4.2.2 Matching Source Expressions Note, that whitelisting any of
    // these schemes would call nsCSPSchemeSrc::permits().
-    bool isBlobScheme =
-        (NS_SUCCEEDED(aUri->SchemeIs("blob", &isBlobScheme)) && isBlobScheme);
-    bool isDataScheme =
-        (NS_SUCCEEDED(aUri->SchemeIs("data", &isDataScheme)) && isDataScheme);
-    bool isFileScheme =
-        (NS_SUCCEEDED(aUri->SchemeIs("filesystem", &isFileScheme)) &&
-         isFileScheme);
-    if (isBlobScheme || isDataScheme || isFileScheme) {
+    if (aUri->SchemeIs("blob") || aUri->SchemeIs("data") ||
+        aUri->SchemeIs("filesystem")) {
      return false;
    }

--- a/dom/security/nsContentSecurityManager.cpp
+++ b/dom/security/nsContentSecurityManager.cpp
@ -73,8 +73,7 @@ bool nsContentSecurityManager::AllowTopLevelNavigationToDataURI(
  nsCOMPtr<nsIURI> uri;
  nsresult rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(uri));
  NS_ENSURE_SUCCESS(rv, true);
-  bool isDataURI =
-      (NS_SUCCEEDED(uri->SchemeIs("data", &isDataURI)) && isDataURI);
+  bool isDataURI = uri->SchemeIs("data");
  if (!isDataURI) {
    return true;
  }
@ -139,8 +138,7 @@ bool nsContentSecurityManager::AllowInsecureRedirectToDataURI(
  if (NS_FAILED(rv) || !newURI) {
    return true;
  }
-  bool isDataURI =
-      (NS_SUCCEEDED(newURI->SchemeIs("data", &isDataURI)) && isDataURI);
+  bool isDataURI = newURI->SchemeIs("data");
  if (!isDataURI) {
    return true;
  }
@ -244,7 +242,7 @@ nsresult nsContentSecurityManager::CheckFTPSubresourceLoad(
    return NS_OK;
  }

-  bool isFtpURI = (NS_SUCCEEDED(uri->SchemeIs("ftp", &isFtpURI)) && isFtpURI);
+  bool isFtpURI = uri->SchemeIs("ftp");
  if (!isFtpURI) {
    return NS_OK;
  }
--- a/dom/security/nsMixedContentBlocker.cpp
+++ b/dom/security/nsMixedContentBlocker.cpp
@ -730,7 +730,6 @@ nsresult nsMixedContentBlocker::ShouldLoad(

  // Check the parent scheme. If it is not an HTTPS page then mixed content
  // restrictions do not apply.
-  bool parentIsHttps;
  nsCOMPtr<nsIURI> innerRequestingLocation =
      NS_GetInnermostURI(requestingLocation);
  if (!innerRequestingLocation) {
@ -739,12 +738,7 @@ nsresult nsMixedContentBlocker::ShouldLoad(
    return NS_OK;
  }

-  nsresult rv = innerRequestingLocation->SchemeIs("https", &parentIsHttps);
-  if (NS_FAILED(rv)) {
-    NS_ERROR("requestingLocation->SchemeIs failed");
-    *aDecision = REJECT_REQUEST;
-    return NS_OK;
-  }
+  bool parentIsHttps = innerRequestingLocation->SchemeIs("https");
  if (!parentIsHttps) {
    *aDecision = ACCEPT;
    return NS_OK;
@ -762,19 +756,14 @@ nsresult nsMixedContentBlocker::ShouldLoad(
    // innerContentLocation doesn't map to the secure URI flags checked above.
    // Assert this for sanity's sake
 #ifdef DEBUG
-    bool isHttpsScheme = false;
-    rv = innerContentLocation->SchemeIs("https", &isHttpsScheme);
-    NS_ENSURE_SUCCESS(rv, rv);
+    bool isHttpsScheme = innerContentLocation->SchemeIs("https");
    MOZ_ASSERT(!isHttpsScheme);
 #endif
    *aDecision = REJECT_REQUEST;
    return NS_OK;
  }

-  bool isHttpScheme = false;
-  rv = innerContentLocation->SchemeIs("http", &isHttpScheme);
-  NS_ENSURE_SUCCESS(rv, rv);
-
+  bool isHttpScheme = innerContentLocation->SchemeIs("http");
  if (isHttpScheme && IsPotentiallyTrustworthyOrigin(innerContentLocation)) {
    *aDecision = ACCEPT;
    return NS_OK;
@ -819,7 +808,7 @@ nsresult nsMixedContentBlocker::ShouldLoad(
  if (document->GetBlockAllMixedContent(isPreload)) {
    // log a message to the console before returning.
    nsAutoCString spec;
-    rv = aContentLocation->GetSpec(spec);
+    nsresult rv = aContentLocation->GetSpec(spec);
    NS_ENSURE_SUCCESS(rv, rv);

    AutoTArray<nsString, 1> params;
@ -843,7 +832,7 @@ nsresult nsMixedContentBlocker::ShouldLoad(
  bool rootHasSecureConnection = false;
  bool allowMixedContent = false;
  bool isRootDocShell = false;
-  rv = docShell->GetAllowMixedContentAndConnectionData(
+  nsresult rv = docShell->GetAllowMixedContentAndConnectionData(
      &rootHasSecureConnection, &allowMixedContent, &isRootDocShell);
  if (NS_FAILED(rv)) {
    *aDecision = REJECT_REQUEST;
@ -884,12 +873,7 @@ nsresult nsMixedContentBlocker::ShouldLoad(
        return NS_OK;
      }

-      if (NS_FAILED(innerParentURI->SchemeIs("https", &httpsParentExists))) {
-        // if getting the scheme fails, assume there is a https parent and
-        // break.
-        httpsParentExists = true;
-        break;
-      }
+      httpsParentExists = innerParentURI->SchemeIs("https");

      // When the parent and the root are the same, we have traversed all the
      // way up the same type docshell tree.  Break out of the while loop.