summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMoonchild <mcwerewolf@gmail.com>2018-05-30 12:47:56 +0200
committerGitHub <noreply@github.com>2018-05-30 12:47:56 +0200
commit9f6194d00034f0bd67d2b8c97fd26586d2a7a9ed (patch)
tree7512b05f873bcfe8d0f79c34370d0bebad70a07f
parent6e8846622a79549542adaca58d741d9263daf686 (diff)
parentbd851735628cd6b07285e87fa60081e9d11a3b7e (diff)
downloadUXP-9f6194d00034f0bd67d2b8c97fd26586d2a7a9ed.tar
UXP-9f6194d00034f0bd67d2b8c97fd26586d2a7a9ed.tar.gz
UXP-9f6194d00034f0bd67d2b8c97fd26586d2a7a9ed.tar.lz
UXP-9f6194d00034f0bd67d2b8c97fd26586d2a7a9ed.tar.xz
UXP-9f6194d00034f0bd67d2b8c97fd26586d2a7a9ed.zip
Merge pull request #412 from g4jc/hsts_priming_removal_backport
Remove support and tests for HSTS priming from the tree. Fixes #384
-rw-r--r--devtools/client/webconsole/test/browser_webconsole_block_mixedcontent_securityerrors.js2
-rw-r--r--devtools/client/webconsole/test/browser_webconsole_bug_632817.js4
-rw-r--r--docshell/base/nsDocShell.cpp21
-rw-r--r--dom/base/nsIDocument.h44
-rw-r--r--dom/base/test/bug704320.sjs6
-rw-r--r--dom/base/test/referrerHelper.js3
-rw-r--r--dom/html/test/test_anchor_ping.html7
-rw-r--r--dom/ipc/ContentParent.cpp4
-rw-r--r--dom/ipc/ContentParent.h3
-rw-r--r--dom/ipc/PContent.ipdl2
-rw-r--r--dom/performance/PerformanceResourceTiming.cpp1
-rw-r--r--dom/security/nsContentSecurityManager.cpp9
-rw-r--r--dom/security/nsMixedContentBlocker.cpp191
-rw-r--r--dom/security/nsMixedContentBlocker.h35
-rw-r--r--dom/security/test/csp/test_referrerdirective.html2
-rw-r--r--dom/security/test/hsts/browser.ini19
-rw-r--r--dom/security/test/hsts/browser_hsts-priming_allow_active.js24
-rw-r--r--dom/security/test/hsts/browser_hsts-priming_allow_display.js24
-rw-r--r--dom/security/test/hsts/browser_hsts-priming_block_active.js24
-rw-r--r--dom/security/test/hsts/browser_hsts-priming_block_active_css.js24
-rw-r--r--dom/security/test/hsts/browser_hsts-priming_block_active_with_redir_same.js24
-rw-r--r--dom/security/test/hsts/browser_hsts-priming_block_display.js24
-rw-r--r--dom/security/test/hsts/browser_hsts-priming_cache-timeout.js36
-rw-r--r--dom/security/test/hsts/browser_hsts-priming_hsts_after_mixed.js24
-rw-r--r--dom/security/test/hsts/browser_hsts-priming_no-duplicates.js30
-rw-r--r--dom/security/test/hsts/file_1x1.pngbin17811 -> 0 bytes
-rw-r--r--dom/security/test/hsts/file_priming-top.html84
-rw-r--r--dom/security/test/hsts/file_priming.js4
-rw-r--r--dom/security/test/hsts/file_stylesheet.css0
-rw-r--r--dom/security/test/hsts/file_testserver.sjs66
-rw-r--r--dom/security/test/hsts/head.js308
-rw-r--r--dom/security/test/mixedcontentblocker/test_main.html3
-rw-r--r--dom/security/test/moz.build1
-rw-r--r--image/imgLoader.cpp13
-rw-r--r--ipc/glue/BackgroundUtils.cpp9
-rw-r--r--js/ipc/JavaScriptParent.cpp1
-rw-r--r--modules/libpref/init/all.js17
-rw-r--r--netwerk/base/LoadInfo.cpp40
-rw-r--r--netwerk/base/LoadInfo.h7
-rw-r--r--netwerk/base/nsILoadInfo.idl26
-rw-r--r--netwerk/ipc/NeckoChannelParams.ipdlh2
-rw-r--r--netwerk/protocol/http/HSTSPrimerListener.cpp273
-rw-r--r--netwerk/protocol/http/HSTSPrimerListener.h108
-rw-r--r--netwerk/protocol/http/HttpChannelChild.cpp16
-rw-r--r--netwerk/protocol/http/HttpChannelParent.cpp10
-rw-r--r--netwerk/protocol/http/HttpChannelParent.h2
-rw-r--r--netwerk/protocol/http/PHttpChannel.ipdl1
-rw-r--r--netwerk/protocol/http/moz.build2
-rw-r--r--netwerk/protocol/http/nsHttpChannel.cpp143
-rw-r--r--netwerk/protocol/http/nsHttpChannel.h6
-rw-r--r--netwerk/protocol/http/nsIHstsPrimingCallback.idl50
-rw-r--r--security/manager/ssl/nsISiteSecurityService.idl9
-rw-r--r--security/manager/ssl/nsSiteSecurityService.cpp8
-rw-r--r--testing/runtimes/mochitest-browser-chrome-e10s.runtimes.json7
-rw-r--r--testing/runtimes/mochitest-browser-chrome.runtimes.json8
-rw-r--r--toolkit/components/telemetry/Histograms.json27
56 files changed, 26 insertions, 1812 deletions
diff --git a/devtools/client/webconsole/test/browser_webconsole_block_mixedcontent_securityerrors.js b/devtools/client/webconsole/test/browser_webconsole_block_mixedcontent_securityerrors.js
index ff4157a3b..eb77bc158 100644
--- a/devtools/client/webconsole/test/browser_webconsole_block_mixedcontent_securityerrors.js
+++ b/devtools/client/webconsole/test/browser_webconsole_block_mixedcontent_securityerrors.js
@@ -61,8 +61,6 @@ function pushPrefEnv() {
"set": [
["security.mixed_content.block_active_content", true],
["security.mixed_content.block_display_content", true],
- ["security.mixed_content.use_hsts", false],
- ["security.mixed_content.send_hsts_priming", false],
]
};
SpecialPowers.pushPrefEnv(options, deferred.resolve);
diff --git a/devtools/client/webconsole/test/browser_webconsole_bug_632817.js b/devtools/client/webconsole/test/browser_webconsole_bug_632817.js
index 561e3b112..dc976411f 100644
--- a/devtools/client/webconsole/test/browser_webconsole_bug_632817.js
+++ b/devtools/client/webconsole/test/browser_webconsole_bug_632817.js
@@ -95,10 +95,6 @@ function testXhrWarn() {
let lastRequest = yield waitForFinishedRequest(XHR_WARN_REQUEST_PREDICATE);
if (lastRequest.request.method == "HEAD") {
- // in non-e10s, we get the HEAD request that priming sends, so make sure
- // a priming request should be sent, and then get the actual request
- is(Services.prefs.getBoolPref("security.mixed_content.send_hsts_priming"),
- true, "Found HSTS Priming Request");
lastRequest = yield waitForFinishedRequest(XHR_WARN_REQUEST_PREDICATE);
}
diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp
index b3e26da33..8eca47495 100644
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -9961,27 +9961,6 @@ nsDocShell::InternalLoad(nsIURI* aURI,
return NS_ERROR_CONTENT_BLOCKED;
}
-
- // If HSTS priming was set by nsMixedContentBlocker::ShouldLoad, and we
- // would block due to mixed content, go ahead and block here. If we try to
- // proceed with priming, we will error out later on.
- nsCOMPtr<nsIDocShell> docShell = NS_CP_GetDocShellFromContext(requestingContext);
- // When loading toplevel windows, requestingContext can be null. We don't
- // really care about HSTS in that situation, though; loads in toplevel
- // windows should all be browser UI.
- if (docShell) {
- nsIDocument* document = docShell->GetDocument();
- NS_ENSURE_TRUE(document, NS_OK);
-
- HSTSPrimingState state = document->GetHSTSPrimingStateForLocation(aURI);
- if (state == HSTSPrimingState::eHSTS_PRIMING_BLOCK) {
- // HSTS Priming currently disabled for InternalLoad, so we need to clear
- // the location that was added by nsMixedContentBlocker::ShouldLoad
- // Bug 1269815 will address images loaded via InternalLoad
- document->ClearHSTSPrimingLocation(aURI);
- return NS_ERROR_CONTENT_BLOCKED;
- }
- }
}
nsCOMPtr<nsIPrincipal> principalToInherit = aPrincipalToInherit;
diff --git a/dom/base/nsIDocument.h b/dom/base/nsIDocument.h
index 1e0c9562e..7a73fae71 100644
--- a/dom/base/nsIDocument.h
+++ b/dom/base/nsIDocument.h
@@ -18,11 +18,11 @@
#include "nsINode.h" // for base class
#include "nsIScriptGlobalObject.h" // for member (in nsCOMPtr)
#include "nsIServiceManager.h"
+#include "nsIURI.h" // for use in inline functions
#include "nsIUUIDGenerator.h"
#include "nsPIDOMWindow.h" // for use in inline functions
#include "nsPropertyTable.h" // for member
-#include "nsDataHashtable.h" // for member
-#include "nsURIHashKey.h" // for member
+#include "nsTHashtable.h" // for member
#include "mozilla/net/ReferrerPolicy.h" // for member
#include "nsWeakReference.h"
#include "mozilla/UseCounter.h"
@@ -182,13 +182,6 @@ enum DocumentFlavor {
DocumentFlavorPlain, // Just a Document
};
-// Enum for HSTS priming states
-enum class HSTSPrimingState {
- eNO_HSTS_PRIMING = 0, // don't do HSTS Priming
- eHSTS_PRIMING_ALLOW = 1, // if HSTS priming fails, allow the load to proceed
- eHSTS_PRIMING_BLOCK = 2 // if HSTS priming fails, block the load
-};
-
// Document states
// RTL locale: specific to the XUL localedir attribute
@@ -406,34 +399,6 @@ public:
}
/**
- * Check to see if a subresource we want to load requires HSTS priming
- * to be done.
- */
- HSTSPrimingState GetHSTSPrimingStateForLocation(nsIURI* aContentLocation) const
- {
- HSTSPrimingState state;
- if (mHSTSPrimingURIList.Get(aContentLocation, &state)) {
- return state;
- }
- return HSTSPrimingState::eNO_HSTS_PRIMING;
- }
-
- /**
- * Add a subresource to the HSTS priming list. If this URI is
- * not in the HSTS cache, it will trigger an HSTS priming request
- * when we try to load it.
- */
- void AddHSTSPrimingLocation(nsIURI* aContentLocation, HSTSPrimingState aState)
- {
- mHSTSPrimingURIList.Put(aContentLocation, aState);
- }
-
- void ClearHSTSPrimingLocation(nsIURI* aContentLocation)
- {
- mHSTSPrimingURIList.Remove(aContentLocation);
- }
-
- /**
* Set the principal responsible for this document.
*/
virtual void SetPrincipal(nsIPrincipal *aPrincipal) = 0;
@@ -2987,11 +2952,6 @@ protected:
bool mUpgradeInsecureRequests;
bool mUpgradeInsecurePreloads;
- // if nsMixedContentBlocker requires sending an HSTS priming request,
- // temporarily store that in the document so that it can be propogated to the
- // LoadInfo and eventually the HTTP Channel
- nsDataHashtable<nsURIHashKey, HSTSPrimingState> mHSTSPrimingURIList;
-
mozilla::WeakPtr<nsDocShell> mDocumentContainer;
nsCString mCharacterSet;
diff --git a/dom/base/test/bug704320.sjs b/dom/base/test/bug704320.sjs
index dff77f4b3..e0f549533 100644
--- a/dom/base/test/bug704320.sjs
+++ b/dom/base/test/bug704320.sjs
@@ -194,12 +194,6 @@ function createPolicyTest(policy, optionalEarlierPolicy) {
}
function handleRequest(request, response) {
- if (request.method == 'HEAD') {
- // respond to a HEAD request with a 418 so that we can easily distinguish
- // HSTS priming responses and ignore them
- response.setStatusLine('1.1', 418, "I'm a teapot");
- return;
- }
var sharedKey = 'bug704320.sjs';
var params = request.queryString.split('&');
var action = params[0].split('=')[1];
diff --git a/dom/base/test/referrerHelper.js b/dom/base/test/referrerHelper.js
index 207bf5f15..01a22829c 100644
--- a/dom/base/test/referrerHelper.js
+++ b/dom/base/test/referrerHelper.js
@@ -25,9 +25,6 @@ function doXHR(url, onSuccess, onFail) {
xhr.onload = function () {
if (xhr.status == 200) {
onSuccess(xhr);
- } else if (xhr.status == 418) {
- // Ignore HSTS priming responses
- return;
} else {
onFail(xhr);
}
diff --git a/dom/html/test/test_anchor_ping.html b/dom/html/test/test_anchor_ping.html
index 4a39bcefe..6a1832ad1 100644
--- a/dom/html/test/test_anchor_ping.html
+++ b/dom/html/test/test_anchor_ping.html
@@ -40,15 +40,10 @@ let tests = [
function* setup() {
Services.prefs.setBoolPref("browser.send_pings", true);
Services.prefs.setIntPref("browser.send_pings.max_per_link", -1);
- Services.prefs.setBoolPref("security.mixed_content.block_active_content", false);
- // The server we create can't handle the priming HEAD requests
- Services.prefs.setBoolPref("security.mixed_content.send_hsts_priming", false);
SimpleTest.registerCleanupFunction(() => {
Services.prefs.clearUserPref("browser.send_pings");
Services.prefs.clearUserPref("browser.send_pings.max_per_link");
- Services.prefs.clearUserPref("security.mixed_content.block_active_content");
- Services.prefs.clearUserPref("security.mixed_content.send_hsts_priming");
});
},
@@ -151,7 +146,7 @@ let tests = [
// The referrer will be loaded using a secure channel.
navigate("https://example.com/chrome/dom/html/test/" +
- "file_anchor_ping.html?" + "http://localhost:" +
+ "file_anchor_ping.html?" + "http://127.0.0.1:" +
server.identity.primaryPort + ping);
// Wait until the ping has been sent.
diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp
index 9eebf3c34..3488e26bd 100644
--- a/dom/ipc/ContentParent.cpp
+++ b/dom/ipc/ContentParent.cpp
@@ -3373,13 +3373,13 @@ ContentParent::RecvIsSecureURI(const uint32_t& type,
}
bool
-ContentParent::RecvAccumulateMixedContentHSTS(const URIParams& aURI, const bool& aActive, const bool& aHSTSPriming)
+ContentParent::RecvAccumulateMixedContentHSTS(const URIParams& aURI, const bool& aActive)
{
nsCOMPtr<nsIURI> ourURI = DeserializeURI(aURI);
if (!ourURI) {
return false;
}
- nsMixedContentBlocker::AccumulateMixedContentHSTS(ourURI, aActive, aHSTSPriming);
+ nsMixedContentBlocker::AccumulateMixedContentHSTS(ourURI, aActive);
return true;
}
diff --git a/dom/ipc/ContentParent.h b/dom/ipc/ContentParent.h
index f1719c059..abcea0b65 100644
--- a/dom/ipc/ContentParent.h
+++ b/dom/ipc/ContentParent.h
@@ -742,8 +742,7 @@ private:
const uint32_t& aFlags, bool* aIsSecureURI) override;
virtual bool RecvAccumulateMixedContentHSTS(const URIParams& aURI,
- const bool& aActive,
- const bool& aHSTSPriming) override;
+ const bool& aActive) override;
virtual bool DeallocPHalParent(PHalParent*) override;
diff --git a/dom/ipc/PContent.ipdl b/dom/ipc/PContent.ipdl
index df9eeb147..c01ad59c1 100644
--- a/dom/ipc/PContent.ipdl
+++ b/dom/ipc/PContent.ipdl
@@ -661,7 +661,7 @@ parent:
sync IsSecureURI(uint32_t type, URIParams uri, uint32_t flags)
returns (bool isSecureURI);
- async AccumulateMixedContentHSTS(URIParams uri, bool active, bool hasHSTSPriming);
+ async AccumulateMixedContentHSTS(URIParams uri, bool active);
sync GetLookAndFeelCache()
returns (LookAndFeelInt[] lookAndFeelIntCache);
diff --git a/dom/performance/PerformanceResourceTiming.cpp b/dom/performance/PerformanceResourceTiming.cpp
index 2eaa4eb9a..9c5475041 100644
--- a/dom/performance/PerformanceResourceTiming.cpp
+++ b/dom/performance/PerformanceResourceTiming.cpp
@@ -6,6 +6,7 @@
#include "PerformanceResourceTiming.h"
#include "mozilla/dom/PerformanceResourceTimingBinding.h"
+#include "mozilla/Unused.h"
using namespace mozilla::dom;
diff --git a/dom/security/nsContentSecurityManager.cpp b/dom/security/nsContentSecurityManager.cpp
index c6558fc93..f329aa723 100644
--- a/dom/security/nsContentSecurityManager.cpp
+++ b/dom/security/nsContentSecurityManager.cpp
@@ -8,8 +8,6 @@
#include "nsContentUtils.h"
#include "nsCORSListenerProxy.h"
#include "nsIStreamListener.h"
-#include "nsIDocument.h"
-#include "nsMixedContentBlocker.h"
#include "nsCDefaultURIFixup.h"
#include "nsIURIFixup.h"
@@ -507,13 +505,6 @@ DoContentSecurityChecks(nsIChannel* aChannel, nsILoadInfo* aLoadInfo)
return NS_ERROR_CONTENT_BLOCKED;
}
- if (nsMixedContentBlocker::sSendHSTSPriming) {
- rv = nsMixedContentBlocker::MarkLoadInfoForPriming(uri,
- requestingContext,
- aLoadInfo);
- return rv;
- }
-
return NS_OK;
}
diff --git a/dom/security/nsMixedContentBlocker.cpp b/dom/security/nsMixedContentBlocker.cpp
index 4e80dce3f..7d50a43a3 100644
--- a/dom/security/nsMixedContentBlocker.cpp
+++ b/dom/security/nsMixedContentBlocker.cpp
@@ -54,13 +54,6 @@ bool nsMixedContentBlocker::sBlockMixedScript = false;
// Is mixed display content blocking (images, audio, video, <a ping>) enabled?
bool nsMixedContentBlocker::sBlockMixedDisplay = false;
-// Do we move HSTS before mixed-content
-bool nsMixedContentBlocker::sUseHSTS = false;
-// Do we send an HSTS priming request
-bool nsMixedContentBlocker::sSendHSTSPriming = false;
-// Default HSTS Priming failure timeout to 7 days, in seconds
-uint32_t nsMixedContentBlocker::sHSTSPrimingCacheTimeout = (60 * 24 * 7);
-
// Fired at the document that attempted to load mixed content. The UI could
// handle this event, for example, by displaying an info bar that offers the
// choice to reload the page with mixed content permitted.
@@ -202,18 +195,6 @@ nsMixedContentBlocker::nsMixedContentBlocker()
// Cache the pref for mixed display blocking
Preferences::AddBoolVarCache(&sBlockMixedDisplay,
"security.mixed_content.block_display_content");
-
- // Cache the pref for HSTS
- Preferences::AddBoolVarCache(&sUseHSTS,
- "security.mixed_content.use_hsts");
-
- // Cache the pref for sending HSTS priming
- Preferences::AddBoolVarCache(&sSendHSTSPriming,
- "security.mixed_content.send_hsts_priming");
-
- // Cache the pref for HSTS priming failure cache time
- Preferences::AddUintVarCache(&sHSTSPrimingCacheTimeout,
- "security.mixed_content.hsts_priming_cache_timeout");
}
nsMixedContentBlocker::~nsMixedContentBlocker()
@@ -343,22 +324,6 @@ nsMixedContentBlocker::AsyncOnChannelRedirect(nsIChannel* aOldChannel,
return NS_BINDING_FAILED;
}
- if (nsMixedContentBlocker::sSendHSTSPriming) {
- // The LoadInfo passed in is for the original channel, HSTS priming needs to
- // be set on the new channel, if required. If the redirect changes
- // http->https, or vice-versa, the need for priming may change.
- nsCOMPtr<nsILoadInfo> newLoadInfo;
- rv = aNewChannel->GetLoadInfo(getter_AddRefs(newLoadInfo));
- NS_ENSURE_SUCCESS(rv, rv);
- rv = nsMixedContentBlocker::MarkLoadInfoForPriming(newUri,
- requestingContext,
- newLoadInfo);
- if (NS_FAILED(rv)) {
- decision = REJECT_REQUEST;
- newLoadInfo->ClearHSTSPriming();
- }
- }
-
// If the channel is about to load mixed content, abort the channel
if (!NS_CP_ACCEPTED(decision)) {
autoCallback.DontCallback();
@@ -691,12 +656,6 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
// the parent is https, and the protocol associated with innerContentLocation
// doesn't map to the secure URI flags checked above. Assert this for
// sanity's sake
-#ifdef DEBUG
- bool isHttpsScheme = false;
- rv = innerContentLocation->SchemeIs("https", &isHttpsScheme);
- NS_ENSURE_SUCCESS(rv, rv);
- MOZ_ASSERT(!isHttpsScheme);
-#endif
*aDecision = REJECT_REQUEST;
return NS_OK;
}
@@ -836,34 +795,6 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
}
nsresult stateRV = securityUI->GetState(&state);
- bool doHSTSPriming = false;
- if (isHttpScheme) {
- bool hsts = false;
- bool cached = false;
- nsCOMPtr<nsISiteSecurityService> sss =
- do_GetService(NS_SSSERVICE_CONTRACTID, &rv);
- NS_ENSURE_SUCCESS(rv, rv);
- rv = sss->IsSecureURI(nsISiteSecurityService::HEADER_HSTS, aContentLocation,
- 0, &cached, &hsts);
- NS_ENSURE_SUCCESS(rv, rv);
-
- if (hsts && sUseHSTS) {
- // assume we will be upgraded later
- *aDecision = ACCEPT;
- return NS_OK;
- }
-
- // Send a priming request if the result is not already cached and priming
- // requests are allowed
- if (!cached && sSendHSTSPriming) {
- // add this URI as a priming location
- doHSTSPriming = true;
- document->AddHSTSPrimingLocation(innerContentLocation,
- HSTSPrimingState::eHSTS_PRIMING_ALLOW);
- *aDecision = ACCEPT;
- }
- }
-
// At this point we know that the request is mixed content, and the only
// question is whether we block it. Record telemetry at this point as to
// whether HSTS would have fixed things by making the content location
@@ -879,14 +810,14 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
bool active = (classification == eMixedScript);
if (!aHadInsecureImageRedirect) {
if (XRE_IsParentProcess()) {
- AccumulateMixedContentHSTS(innerContentLocation, active, doHSTSPriming);
+ AccumulateMixedContentHSTS(innerContentLocation, active);
} else {
// Ask the parent process to do the same call
mozilla::dom::ContentChild* cc = mozilla::dom::ContentChild::GetSingleton();
if (cc) {
mozilla::ipc::URIParams uri;
SerializeURI(innerContentLocation, uri);
- cc->SendAccumulateMixedContentHSTS(uri, active, doHSTSPriming);
+ cc->SendAccumulateMixedContentHSTS(uri, active);
}
}
}
@@ -929,13 +860,7 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
}
}
} else {
- if (doHSTSPriming) {
- document->AddHSTSPrimingLocation(innerContentLocation,
- HSTSPrimingState::eHSTS_PRIMING_BLOCK);
- *aDecision = nsIContentPolicy::ACCEPT;
- } else {
- *aDecision = nsIContentPolicy::REJECT_REQUEST;
- }
+ *aDecision = nsIContentPolicy::REJECT_REQUEST;
LogMixedContentMessage(classification, aContentLocation, rootDoc, eBlocked);
if (!rootDoc->GetHasMixedDisplayContentBlocked() && NS_SUCCEEDED(stateRV)) {
rootDoc->SetHasMixedDisplayContentBlocked(true);
@@ -981,13 +906,7 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
}
} else {
//User has not overriden the pref by Disabling protection. Reject the request and update the security state.
- if (doHSTSPriming) {
- document->AddHSTSPrimingLocation(innerContentLocation,
- HSTSPrimingState::eHSTS_PRIMING_BLOCK);
- *aDecision = nsIContentPolicy::ACCEPT;
- } else {
- *aDecision = nsIContentPolicy::REJECT_REQUEST;
- }
+ *aDecision = nsIContentPolicy::REJECT_REQUEST;
LogMixedContentMessage(classification, aContentLocation, rootDoc, eBlocked);
// See if the pref will change here. If it will, only then do we need to call OnSecurityChange() to update the UI.
if (rootDoc->GetHasMixedActiveContentBlocked()) {
@@ -1052,24 +971,10 @@ enum MixedContentHSTSState {
MCB_HSTS_ACTIVE_WITH_HSTS = 3
};
-// Similar to the existing mixed-content HSTS, except MCB_HSTS_*_NO_HSTS is
-// broken into two distinct states, indicating whether we plan to send a priming
-// request or not. If we decided not go send a priming request, it could be
-// because it is a type we do not support, or because we cached a previous
-// negative response.
-enum MixedContentHSTSPrimingState {
- eMCB_HSTS_PASSIVE_WITH_HSTS = 0,
- eMCB_HSTS_ACTIVE_WITH_HSTS = 1,
- eMCB_HSTS_PASSIVE_NO_PRIMING = 2,
- eMCB_HSTS_PASSIVE_DO_PRIMING = 3,
- eMCB_HSTS_ACTIVE_NO_PRIMING = 4,
- eMCB_HSTS_ACTIVE_DO_PRIMING = 5
-};
-
// Record information on when HSTS would have made mixed content not mixed
// content (regardless of whether it was actually blocked)
void
-nsMixedContentBlocker::AccumulateMixedContentHSTS(nsIURI* aURI, bool aActive, bool aHasHSTSPriming)
+nsMixedContentBlocker::AccumulateMixedContentHSTS(nsIURI* aURI, bool aActive)
{
// This method must only be called in the parent, because
// nsSiteSecurityService is only available in the parent
@@ -1089,108 +994,26 @@ nsMixedContentBlocker::AccumulateMixedContentHSTS(nsIURI* aURI, bool aActive, bo
return;
}
- // states: would upgrade, would prime, hsts info cached
+ // states: would upgrade, hsts info cached
// active, passive
//
if (!aActive) {
if (!hsts) {
Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS,
MCB_HSTS_PASSIVE_NO_HSTS);
- if (aHasHSTSPriming) {
- Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING,
- eMCB_HSTS_PASSIVE_DO_PRIMING);
- } else {
- Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING,
- eMCB_HSTS_PASSIVE_NO_PRIMING);
- }
}
else {
Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS,
MCB_HSTS_PASSIVE_WITH_HSTS);
- Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING,
- eMCB_HSTS_PASSIVE_WITH_HSTS);
}
} else {
if (!hsts) {
Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS,
MCB_HSTS_ACTIVE_NO_HSTS);
- if (aHasHSTSPriming) {
- Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING,
- eMCB_HSTS_ACTIVE_DO_PRIMING);
- } else {
- Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING,
- eMCB_HSTS_ACTIVE_NO_PRIMING);
- }
}
else {
Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS,
MCB_HSTS_ACTIVE_WITH_HSTS);
- Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING,
- eMCB_HSTS_ACTIVE_WITH_HSTS);
}
}
-}
-
-//static
-nsresult
-nsMixedContentBlocker::MarkLoadInfoForPriming(nsIURI* aURI,
- nsISupports* aRequestingContext,
- nsILoadInfo* aLoadInfo)
-{
- nsresult rv;
- bool sendPriming = false;
- bool mixedContentWouldBlock = false;
- rv = GetHSTSPrimingFromRequestingContext(aURI,
- aRequestingContext,
- &sendPriming,
- &mixedContentWouldBlock);
- NS_ENSURE_SUCCESS(rv, rv);
-
- if (sendPriming) {
- aLoadInfo->SetHSTSPriming(mixedContentWouldBlock);
- }
-
- return NS_OK;
-}
-
-//static
-nsresult
-nsMixedContentBlocker::GetHSTSPrimingFromRequestingContext(nsIURI* aURI,
- nsISupports* aRequestingContext,
- bool* aSendPrimingRequest,
- bool* aMixedContentWouldBlock)
-{
- *aSendPrimingRequest = false;
- *aMixedContentWouldBlock = false;
- // If we marked for priming, we used the innermost URI, so get that
- nsCOMPtr<nsIURI> innerURI = NS_GetInnermostURI(aURI);
- if (!innerURI) {
- NS_ERROR("Can't get innerURI from aContentLocation");
- return NS_ERROR_CONTENT_BLOCKED;
- }
-
- bool isHttp = false;
- innerURI->SchemeIs("http", &isHttp);
- if (!isHttp) {
- // there is nothign to do
- return NS_OK;
- }
-
- // If the DocShell was marked for HSTS priming, propagate that to the LoadInfo
- nsCOMPtr<nsIDocShell> docShell = NS_CP_GetDocShellFromContext(aRequestingContext);
- if (!docShell) {
- return NS_OK;
- }
- nsCOMPtr<nsIDocument> document = docShell->GetDocument();
- if (!document) {
- return NS_OK;
- }
-
- HSTSPrimingState status = document->GetHSTSPrimingStateForLocation(innerURI);
- if (status != HSTSPrimingState::eNO_HSTS_PRIMING) {
- *aSendPrimingRequest = (status != HSTSPrimingState::eNO_HSTS_PRIMING);
- *aMixedContentWouldBlock = (status == HSTSPrimingState::eHSTS_PRIMING_BLOCK);
- }
-
- return NS_OK;
-}
+} \ No newline at end of file
diff --git a/dom/security/nsMixedContentBlocker.h b/dom/security/nsMixedContentBlocker.h
index 539c3ebbb..56ab9621f 100644
--- a/dom/security/nsMixedContentBlocker.h
+++ b/dom/security/nsMixedContentBlocker.h
@@ -62,44 +62,11 @@ public:
nsIPrincipal* aRequestPrincipal,
int16_t* aDecision);
static void AccumulateMixedContentHSTS(nsIURI* aURI,
- bool aActive,
- bool aHasHSTSPriming);
- /* If the document associated with aRequestingContext requires priming for
- * aURI, propagate that to the LoadInfo so the HttpChannel will find out about
- * it.
- *
- * @param aURI The URI associated with the load
- * @param aRequestingContext the requesting context passed to ShouldLoad
- * @param aLoadInfo the LoadInfo for the load
- */
- static nsresult MarkLoadInfoForPriming(nsIURI* aURI,
- nsISupports* aRequestingContext,
- nsILoadInfo* aLoadInfo);
-
- /* Given a context, return whether HSTS was marked on the document associated
- * with the load for the given URI. This is used by MarkLoadInfoForPriming and
- * directly by the image loader to determine whether to allow a load to occur
- * from the cache.
- *
- * @param aURI The URI associated with the load
- * @param aRequestingContext the requesting context passed to ShouldLoad
- * @param aSendPrimingRequest out true if priming is required on the channel
- * @param aMixedContentWouldBlock out true if mixed content would block
- */
- static nsresult GetHSTSPrimingFromRequestingContext(nsIURI* aURI,
- nsISupports* aRequestingContext,
- bool* aSendPrimingRequest,
- bool* aMixedContentWouldBlock);
+ bool aActive);
static bool sBlockMixedScript;
static bool sBlockMixedDisplay;
- // Do we move HSTS before mixed-content
- static bool sUseHSTS;
- // Do we send an HSTS priming request
- static bool sSendHSTSPriming;
- // Default HSTS Priming failure timeout in seconds
- static uint32_t sHSTSPrimingCacheTimeout;
};
#endif /* nsMixedContentBlocker_h___ */
diff --git a/dom/security/test/csp/test_referrerdirective.html b/dom/security/test/csp/test_referrerdirective.html
index 770fcc40b..f590460a0 100644
--- a/dom/security/test/csp/test_referrerdirective.html
+++ b/dom/security/test/csp/test_referrerdirective.html
@@ -116,8 +116,6 @@ SimpleTest.waitForExplicitFinish();
SpecialPowers.pushPrefEnv({
'set': [['security.mixed_content.block_active_content', false],
['security.mixed_content.block_display_content', false],
- ['security.mixed_content.send_hsts_priming', false],
- ['security.mixed_content.use_hsts', false],
]
},
function() {
diff --git a/dom/security/test/hsts/browser.ini b/dom/security/test/hsts/browser.ini
deleted file mode 100644
index ae75031df..000000000
--- a/dom/security/test/hsts/browser.ini
+++ /dev/null
@@ -1,19 +0,0 @@
-[DEFAULT]
-skip-if = debug # bug 1311599, bug 1311239, etc
-support-files =
- head.js
- file_priming-top.html
- file_testserver.sjs
- file_1x1.png
- file_priming.js
- file_stylesheet.css
-
-[browser_hsts-priming_allow_active.js]
-[browser_hsts-priming_block_active.js]
-[browser_hsts-priming_hsts_after_mixed.js]
-[browser_hsts-priming_allow_display.js]
-[browser_hsts-priming_block_display.js]
-[browser_hsts-priming_block_active_css.js]
-[browser_hsts-priming_block_active_with_redir_same.js]
-[browser_hsts-priming_no-duplicates.js]
-[browser_hsts-priming_cache-timeout.js]
diff --git a/dom/security/test/hsts/browser_hsts-priming_allow_active.js b/dom/security/test/hsts/browser_hsts-priming_allow_active.js
deleted file mode 100644
index a932b31b3..000000000
--- a/dom/security/test/hsts/browser_hsts-priming_allow_active.js
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * Description of the test:
- * Check that HSTS priming occurs correctly with mixed content when active
- * content is allowed.
- */
-'use strict';
-
-//jscs:disable
-add_task(function*() {
- //jscs:enable
- Services.obs.addObserver(Observer, "console-api-log-event", false);
- Services.obs.addObserver(Observer, "http-on-examine-response", false);
- registerCleanupFunction(do_cleanup);
-
- let which = "allow_active";
-
- SetupPrefTestEnvironment(which);
-
- for (let server of Object.keys(test_servers)) {
- yield execute_test(server, test_settings[which].mimetype);
- }
-
- SpecialPowers.popPrefEnv();
-});
diff --git a/dom/security/test/hsts/browser_hsts-priming_allow_display.js b/dom/security/test/hsts/browser_hsts-priming_allow_display.js
deleted file mode 100644
index 06546ca65..000000000
--- a/dom/security/test/hsts/browser_hsts-priming_allow_display.js
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * Description of the test:
- * Check that HSTS priming occurs correctly with mixed content when display
- * content is allowed.
- */
-'use strict';
-
-//jscs:disable
-add_task(function*() {
- //jscs:enable
- Services.obs.addObserver(Observer, "console-api-log-event", false);
- Services.obs.addObserver(Observer, "http-on-examine-response", false);
- registerCleanupFunction(do_cleanup);
-
- let which = "allow_display";
-
- SetupPrefTestEnvironment(which);
-
- for (let server of Object.keys(test_servers)) {
- yield execute_test(server, test_settings[which].mimetype);
- }
-
- SpecialPowers.popPrefEnv();
-});
diff --git a/dom/security/test/hsts/browser_hsts-priming_block_active.js b/dom/security/test/hsts/browser_hsts-priming_block_active.js
deleted file mode 100644
index a5478b185..000000000
--- a/dom/security/test/hsts/browser_hsts-priming_block_active.js
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * Description of the test:
- * Check that HSTS priming occurs correctly with mixed content when active
- * content is blocked.
- */
-'use strict';
-
-//jscs:disable
-add_task(function*() {
- //jscs:enable
- Services.obs.addObserver(Observer, "console-api-log-event", false);
- Services.obs.addObserver(Observer, "http-on-examine-response", false);
- registerCleanupFunction(do_cleanup);
-
- let which = "block_active";
-
- SetupPrefTestEnvironment(which);
-
- for (let server of Object.keys(test_servers)) {
- yield execute_test(server, test_settings[which].mimetype);
- }
-
- SpecialPowers.popPrefEnv();
-});
diff --git a/dom/security/test/hsts/browser_hsts-priming_block_active_css.js b/dom/security/test/hsts/browser_hsts-priming_block_active_css.js
deleted file mode 100644
index 340d11483..000000000
--- a/dom/security/test/hsts/browser_hsts-priming_block_active_css.js
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * Description of the test:
- * Check that HSTS priming occurs correctly with mixed content when active
- * content is blocked for css.
- */
-'use strict';
-
-//jscs:disable
-add_task(function*() {
- //jscs:enable
- Services.obs.addObserver(Observer, "console-api-log-event", false);
- Services.obs.addObserver(Observer, "http-on-examine-response", false);
- registerCleanupFunction(do_cleanup);
-
- let which = "block_active_css";
-
- SetupPrefTestEnvironment(which);
-
- for (let server of Object.keys(test_servers)) {
- yield execute_test(server, test_settings[which].mimetype);
- }
-
- SpecialPowers.popPrefEnv();
-});
diff --git a/dom/security/test/hsts/browser_hsts-priming_block_active_with_redir_same.js b/dom/security/test/hsts/browser_hsts-priming_block_active_with_redir_same.js
deleted file mode 100644
index 130a3d5ec..000000000
--- a/dom/security/test/hsts/browser_hsts-priming_block_active_with_redir_same.js
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * Description of the test:
- * Check that HSTS priming occurs correctly with mixed content when active
- * content is blocked and redirect to the same host should still upgrade.
- */
-'use strict';
-
-//jscs:disable
-add_task(function*() {
- //jscs:enable
- Services.obs.addObserver(Observer, "console-api-log-event", false);
- Services.obs.addObserver(Observer, "http-on-examine-response", false);
- registerCleanupFunction(do_cleanup);
-
- let which = "block_active_with_redir_same";
-
- SetupPrefTestEnvironment(which);
-
- for (let server of Object.keys(test_servers)) {
- yield execute_test(server, test_settings[which].mimetype);
- }
-
- SpecialPowers.popPrefEnv();
-});
diff --git a/dom/security/test/hsts/browser_hsts-priming_block_display.js b/dom/security/test/hsts/browser_hsts-priming_block_display.js
deleted file mode 100644
index 4eca62718..000000000
--- a/dom/security/test/hsts/browser_hsts-priming_block_display.js
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * Description of the test:
- * Check that HSTS priming occurs correctly with mixed content when display
- * content is blocked.
- */
-'use strict';
-
-//jscs:disable
-add_task(function*() {
- //jscs:enable
- Services.obs.addObserver(Observer, "console-api-log-event", false);
- Services.obs.addObserver(Observer, "http-on-examine-response", false);
- registerCleanupFunction(do_cleanup);
-
- let which = "block_display";
-
- SetupPrefTestEnvironment(which);
-
- for (let server of Object.keys(test_servers)) {
- yield execute_test(server, test_settings[which].mimetype);
- }
-
- SpecialPowers.popPrefEnv();
-});
diff --git a/dom/security/test/hsts/browser_hsts-priming_cache-timeout.js b/dom/security/test/hsts/browser_hsts-priming_cache-timeout.js
deleted file mode 100644
index 5416a71d2..000000000
--- a/dom/security/test/hsts/browser_hsts-priming_cache-timeout.js
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * Description of the test:
- * Test that the network.hsts_priming.cache_timeout preferene causes the cache
- * to timeout
- */
-'use strict';
-
-//jscs:disable
-add_task(function*() {
- //jscs:enable
- Observer.add_observers(Services);
- registerCleanupFunction(do_cleanup);
-
- let which = "block_display";
-
- SetupPrefTestEnvironment(which, [["security.mixed_content.hsts_priming_cache_timeout", 1]]);
-
- yield execute_test("no-ssl", test_settings[which].mimetype);
-
- let pre_promise = performance.now();
-
- while ((performance.now() - pre_promise) < 2000) {
- yield new Promise(function (resolve) {
- setTimeout(resolve, 2000);
- });
- }
-
- // clear the fact that we saw a priming request
- test_settings[which].priming = {};
-
- yield execute_test("no-ssl", test_settings[which].mimetype);
- is(test_settings[which].priming["no-ssl"], true,
- "Correctly send a priming request after expiration.");
-
- SpecialPowers.popPrefEnv();
-});
diff --git a/dom/security/test/hsts/browser_hsts-priming_hsts_after_mixed.js b/dom/security/test/hsts/browser_hsts-priming_hsts_after_mixed.js
deleted file mode 100644
index 89ea6fbeb..000000000
--- a/dom/security/test/hsts/browser_hsts-priming_hsts_after_mixed.js
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
- * Description of the test:
- * Check that HSTS priming occurs correctly with mixed content when the
- * mixed-content blocks before HSTS.
- */
-'use strict';
-
-//jscs:disable
-add_task(function*() {
- //jscs:enable
- Services.obs.addObserver(Observer, "console-api-log-event", false);
- Services.obs.addObserver(Observer, "http-on-examine-response", false);
- registerCleanupFunction(do_cleanup);
-
- let which = "hsts_after_mixed";
-
- SetupPrefTestEnvironment(which);
-
- for (let server of Object.keys(test_servers)) {
- yield execute_test(server, test_settings[which].mimetype);
- }
-
- SpecialPowers.popPrefEnv();
-});
diff --git a/dom/security/test/hsts/browser_hsts-priming_no-duplicates.js b/dom/security/test/hsts/browser_hsts-priming_no-duplicates.js
deleted file mode 100644
index 3846fe4f0..000000000
--- a/dom/security/test/hsts/browser_hsts-priming_no-duplicates.js
+++ /dev/null
@@ -1,30 +0,0 @@
-/*
- * Description of the test:
- * Only one request should be sent per host, even if we run the test more
- * than once.
- */
-'use strict';
-
-//jscs:disable
-add_task(function*() {
- //jscs:enable
- Observer.add_observers(Services);
- registerCleanupFunction(do_cleanup);
-
- let which = "block_display";
-
- SetupPrefTestEnvironment(which);
-
- for (let server of Object.keys(test_servers)) {
- yield execute_test(server, test_settings[which].mimetype);
- }
-
- test_settings[which].priming = {};
-
- // run the tests twice to validate the cache is being used
- for (let server of Object.keys(test_servers)) {
- yield execute_test(server, test_settings[which].mimetype);
- }
-
- SpecialPowers.popPrefEnv();
-});
diff --git a/dom/security/test/hsts/file_1x1.png b/dom/security/test/hsts/file_1x1.png
deleted file mode 100644
index 1ba31ba1a..000000000
--- a/dom/security/test/hsts/file_1x1.png
+++ /dev/null
Binary files differ
diff --git a/dom/security/test/hsts/file_priming-top.html b/dom/security/test/hsts/file_priming-top.html
deleted file mode 100644
index b1d1bfa40..000000000
--- a/dom/security/test/hsts/file_priming-top.html
+++ /dev/null
@@ -1,84 +0,0 @@
-<!DOCTYPE HTML>
-<html>
-<head>
- <title>Bug 1246540</title>
- <meta http-equiv='content-type' content="text/html;charset=utf-8" />
-</head>
-<body>
- <p id="display"></p>
- <div id="content" style="visibility: hidden">
- </div>
-
-<script type="text/javascript">
-/*
- * Description of the test:
- * Attempt to load an insecure resource. If the resource responds to HSTS
- * priming with an STS header, the load should continue securely.
- * If it does not, the load should continue be blocked or continue insecurely.
- */
-
-function parse_query_string() {
- var q = {};
- document.location.search.substr(1).
- split('&').forEach(function (item, idx, ar) {
- let [k, v] = item.split('=');
- q[k] = unescape(v);
- });
- return q;
-}
-
-var args = parse_query_string();
-
-var subresources = {
- css: { mimetype: 'text/css', file: 'file_stylesheet.css' },
- img: { mimetype: 'image/png', file: 'file_1x1.png' },
- script: { mimetype: 'text/javascript', file: 'file_priming.js' },
-};
-
-function handler(ev) {
- console.log("HSTS_PRIMING: Blocked "+args.id);
-}
-
-function loadCss(src) {
- let head = document.getElementsByTagName("head")[0];
- let link = document.createElement("link");
- link.setAttribute("rel", "stylesheet");
- link.setAttribute("type", subresources[args.type].mimetype);
- link.setAttribute("href", src);
- head.appendChild(link);
-}
-
-function loadResource(src) {
- let content = document.getElementById("content");
- let testElem = document.createElement(args.type);
- testElem.setAttribute("id", args.id);
- testElem.setAttribute("charset", "UTF-8");
- testElem.onerror = handler;
- content.appendChild(testElem);
- testElem.src = src;
-}
-
-function loadTest() {
- let subresource = subresources[args.type];
-
- let src = "http://"
- + args.host
- + "/browser/dom/security/test/hsts/file_testserver.sjs"
- + "?file=" +escape("browser/dom/security/test/hsts/" + subresource.file)
- + "&primer=" + escape(args.id)
- + "&mimetype=" + escape(subresource.mimetype)
- ;
- if (args.type == 'css') {
- loadCss(src);
- return;
- }
-
- loadResource(src);
-}
-
-// start running the tests
-loadTest();
-
-</script>
-</body>
-</html>
diff --git a/dom/security/test/hsts/file_priming.js b/dom/security/test/hsts/file_priming.js
deleted file mode 100644
index 023022da6..000000000
--- a/dom/security/test/hsts/file_priming.js
+++ /dev/null
@@ -1,4 +0,0 @@
-function completed() {
- return;
-}
-completed();
diff --git a/dom/security/test/hsts/file_stylesheet.css b/dom/security/test/hsts/file_stylesheet.css
deleted file mode 100644
index e69de29bb..000000000
--- a/dom/security/test/hsts/file_stylesheet.css
+++ /dev/null
diff --git a/dom/security/test/hsts/file_testserver.sjs b/dom/security/test/hsts/file_testserver.sjs
deleted file mode 100644
index d5cd6b17a..000000000
--- a/dom/security/test/hsts/file_testserver.sjs
+++ /dev/null
@@ -1,66 +0,0 @@
-// SJS file for HSTS mochitests
-
-Components.utils.import("resource://gre/modules/NetUtil.jsm");
-Components.utils.importGlobalProperties(["URLSearchParams"]);
-
-function loadFromFile(path) {
- // Load the HTML to return in the response from file.
- // Since it's relative to the cwd of the test runner, we start there and
- // append to get to the actual path of the file.
- var testFile =
- Components.classes["@mozilla.org/file/directory_service;1"].
- getService(Components.interfaces.nsIProperties).
- get("CurWorkD", Components.interfaces.nsILocalFile);
- var dirs = path.split("/");
- for (var i = 0; i < dirs.length; i++) {
- testFile.append(dirs[i]);
- }
- var testFileStream =
- Components.classes["@mozilla.org/network/file-input-stream;1"].
- createInstance(Components.interfaces.nsIFileInputStream);
- testFileStream.init(testFile, -1, 0, 0);
- var test = NetUtil.readInputStreamToString(testFileStream, testFileStream.available());
- return test;
-}
-
-function handleRequest(request, response)
-{
- const query = new URLSearchParams(request.queryString);
-
- redir = query.get('redir');
- if (redir == 'same') {
- query.delete("redir");
- response.setStatus(302);
- let newURI = request.uri;
- newURI.queryString = query.serialize();
- response.setHeader("Location", newURI.spec)
- }
-
- // avoid confusing cache behaviors
- response.setHeader("Cache-Control", "no-cache", false);
-
- // if we have a priming header, check for required behavior
- // and set header appropriately
- if (request.hasHeader('Upgrade-Insecure-Requests')) {
- var expected = query.get('primer');
- if (expected == 'prime-hsts') {
- // set it for 5 minutes
- response.setHeader("Strict-Transport-Security", "max-age="+(60*5), false);
- } else if (expected == 'reject-upgrade') {
- response.setHeader("Strict-Transport-Security", "max-age=0", false);
- }
- response.write('');
- return;
- }
-
- var file = query.get('file');
- if (file) {
- var mimetype = unescape(query.get('mimetype'));
- response.setHeader("Content-Type", mimetype, false);
- response.write(loadFromFile(unescape(file)));
- return;
- }
-
- response.setHeader("Content-Type", "application/json", false);
- response.write('{}');
-}
diff --git a/dom/security/test/hsts/head.js b/dom/security/test/hsts/head.js
deleted file mode 100644
index 362b36444..000000000
--- a/dom/security/test/hsts/head.js
+++ /dev/null
@@ -1,308 +0,0 @@
-/*
- * Description of the tests:
- * Check that HSTS priming occurs correctly with mixed content
- *
- * This test uses three hostnames, each of which treats an HSTS priming
- * request differently.
- * * no-ssl never returns an ssl response
- * * reject-upgrade returns an ssl response, but with no STS header
- * * prime-hsts returns an ssl response with the appropriate STS header
- *
- * For each server, test that it response appropriately when the we allow
- * or block active or display content, as well as when we send an hsts priming
- * request, but do not change the order of mixed-content and HSTS.
- *
- * Test use http-on-examine-response, so must be run in browser context.
- */
-'use strict';
-
-var TOP_URI = "https://example.com/browser/dom/security/test/hsts/file_priming-top.html";
-
-var test_servers = {
- // a test server that does not support TLS
- 'no-ssl': {
- host: 'example.co.jp',
- response: false,
- id: 'no-ssl',
- },
- // a test server which does not support STS upgrade
- 'reject-upgrade': {
- host: 'example.org',
- response: true,
- id: 'reject-upgrade',
- },
- // a test server when sends an STS header when priming
- 'prime-hsts': {
- host: 'test1.example.com',
- response: true,
- id: 'prime-hsts'
- },
-};
-
-var test_settings = {
- // mixed active content is allowed, priming will upgrade
- allow_active: {
- block_active: false,
- block_display: false,
- use_hsts: true,
- send_hsts_priming: true,
- type: 'script',
- result: {
- 'no-ssl': 'insecure',
- 'reject-upgrade': 'insecure',
- 'prime-hsts': 'secure',
- },
- },
- // mixed active content is blocked, priming will upgrade
- block_active: {
- block_active: true,
- block_display: false,
- use_hsts: true,
- send_hsts_priming: true,
- type: 'script',
- result: {
- 'no-ssl': 'blocked',
- 'reject-upgrade': 'blocked',
- 'prime-hsts': 'secure',
- },
- },
- // keep the original order of mixed-content and HSTS, but send
- // priming requests
- hsts_after_mixed: {
- block_active: true,
- block_display: false,
- use_hsts: false,
- send_hsts_priming: true,
- type: 'script',
- result: {
- 'no-ssl': 'blocked',
- 'reject-upgrade': 'blocked',
- 'prime-hsts': 'blocked',
- },
- },
- // mixed display content is allowed, priming will upgrade
- allow_display: {
- block_active: true,
- block_display: false,
- use_hsts: true,
- send_hsts_priming: true,
- type: 'img',
- result: {
- 'no-ssl': 'insecure',
- 'reject-upgrade': 'insecure',
- 'prime-hsts': 'secure',
- },
- },
- // mixed display content is blocked, priming will upgrade
- block_display: {
- block_active: true,
- block_display: true,
- use_hsts: true,
- send_hsts_priming: true,
- type: 'img',
- result: {
- 'no-ssl': 'blocked',
- 'reject-upgrade': 'blocked',
- 'prime-hsts': 'secure',
- },
- },
- // mixed active content is blocked, priming will upgrade (css)
- block_active_css: {
- block_active: true,
- block_display: false,
- use_hsts: true,
- send_hsts_priming: true,
- type: 'css',
- result: {
- 'no-ssl': 'blocked',
- 'reject-upgrade': 'blocked',
- 'prime-hsts': 'secure',
- },
- },
- // mixed active content is blocked, priming will upgrade
- // redirect to the same host
- block_active_with_redir_same: {
- block_active: true,
- block_display: false,
- use_hsts: true,
- send_hsts_priming: true,
- type: 'script',
- redir: 'same',
- result: {
- 'no-ssl': 'blocked',
- 'reject-upgrade': 'blocked',
- 'prime-hsts': 'secure',
- },
- },
-}
-// track which test we are on
-var which_test = "";
-
-const Observer = {
- observe: function (subject, topic, data) {
- switch (topic) {
- case 'console-api-log-event':
- return Observer.console_api_log_event(subject, topic, data);
- case 'http-on-examine-response':
- return Observer.http_on_examine_response(subject, topic, data);
- case 'http-on-modify-request':
- return Observer.http_on_modify_request(subject, topic, data);
- }
- throw "Can't handle topic "+topic;
- },
- add_observers: function (services) {
- services.obs.addObserver(Observer, "console-api-log-event", false);
- services.obs.addObserver(Observer, "http-on-examine-response", false);
- services.obs.addObserver(Observer, "http-on-modify-request", false);
- },
- // When a load is blocked which results in an error event within a page, the
- // test logs to the console.
- console_api_log_event: function (subject, topic, data) {
- var message = subject.wrappedJSObject.arguments[0];
- // when we are blocked, this will match the message we sent to the console,
- // ignore everything else.
- var re = RegExp(/^HSTS_PRIMING: Blocked ([-\w]+).*$/);
- if (!re.test(message)) {
- return;
- }
-
- let id = message.replace(re, '$1');
- let curTest =test_servers[id];
-
- if (!curTest) {
- ok(false, "HSTS priming got a console message blocked, "+
- "but doesn't match expectations "+id+" (msg="+message);
- return;
- }
-
- is("blocked", test_settings[which_test].result[curTest.id], "HSTS priming "+
- which_test+":"+curTest.id+" expected "+
- test_settings[which_test].result[curTest.id]+", got blocked");
- test_settings[which_test].finished[curTest.id] = "blocked";
- },
- get_current_test: function(uri) {
- for (let item in test_servers) {
- let re = RegExp('https?://'+test_servers[item].host);
- if (re.test(uri)) {
- return test_servers[item];
- }
- }
- return null;
- },
- http_on_modify_request: function (subject, topic, data) {
- let channel = subject.QueryInterface(Ci.nsIHttpChannel);
- if (channel.requestMethod != 'HEAD') {
- return;
- }
-
- let curTest = this.get_current_test(channel.URI.asciiSpec);
-
- if (!curTest) {
- return;
- }
-
- ok(!(curTest.id in test_settings[which_test].priming), "Already saw a priming request for " + curTest.id);
- test_settings[which_test].priming[curTest.id] = true;
- },
- // When we see a response come back, peek at the response and test it is secure
- // or insecure as needed. Addtionally, watch the response for priming requests.
- http_on_examine_response: function (subject, topic, data) {
- let channel = subject.QueryInterface(Ci.nsIHttpChannel);
- let curTest = this.get_current_test(channel.URI.asciiSpec);
-
- if (!curTest) {
- return;
- }
-
- let result = (channel.URI.asciiSpec.startsWith('https:')) ? "secure" : "insecure";
-
- // This is a priming request, go ahead and validate we were supposed to see
- // a response from the server
- if (channel.requestMethod == 'HEAD') {
- is(true, curTest.response, "HSTS priming response found " + curTest.id);
- return;
- }
-
- // This is the response to our query, make sure it matches
- is(result, test_settings[which_test].result[curTest.id],
- "HSTS priming result " + which_test + ":" + curTest.id);
- test_settings[which_test].finished[curTest.id] = result;
- },
-};
-
-// opens `uri' in a new tab and focuses it.
-// returns the newly opened tab
-function openTab(uri) {
- let tab = gBrowser.addTab(uri);
-
- // select tab and make sure its browser is focused
- gBrowser.selectedTab = tab;
- tab.ownerDocument.defaultView.focus();
-
- return tab;
-}
-
-function clear_sts_data() {
- for (let test in test_servers) {
- SpecialPowers.cleanUpSTSData('http://'+test_servers[test].host);
- }
-}
-
-function do_cleanup() {
- clear_sts_data();
-
- Services.obs.removeObserver(Observer, "console-api-log-event");
- Services.obs.removeObserver(Observer, "http-on-examine-response");
-}
-
-function SetupPrefTestEnvironment(which, additional_prefs) {
- which_test = which;
- clear_sts_data();
-
- var settings = test_settings[which];
- // priming counts how many priming requests we saw
- settings.priming = {};
- // priming counts how many tests were finished
- settings.finished= {};
-
- var prefs = [["security.mixed_content.block_active_content",
- settings.block_active],
- ["security.mixed_content.block_display_content",
- settings.block_display],
- ["security.mixed_content.use_hsts",
- settings.use_hsts],
- ["security.mixed_content.send_hsts_priming",
- settings.send_hsts_priming]];
-
- if (additional_prefs) {
- for (let idx in additional_prefs) {
- prefs.push(additional_prefs[idx]);
- }
- }
-
- console.log("prefs=%s", prefs);
-
- SpecialPowers.pushPrefEnv({'set': prefs});
-}
-
-// make the top-level test uri
-function build_test_uri(base_uri, host, test_id, type) {
- return base_uri +
- "?host=" + escape(host) +
- "&id=" + escape(test_id) +
- "&type=" + escape(type);
-}
-
-// open a new tab, load the test, and wait for it to finish
-function execute_test(test, mimetype) {
- var src = build_test_uri(TOP_URI, test_servers[test].host,
- test, test_settings[which_test].type);
-
- let tab = openTab(src);
- test_servers[test]['tab'] = tab;
-
- let browser = gBrowser.getBrowserForTab(tab);
- yield BrowserTestUtils.browserLoaded(browser);
-
- yield BrowserTestUtils.removeTab(tab);
-}
diff --git a/dom/security/test/mixedcontentblocker/test_main.html b/dom/security/test/mixedcontentblocker/test_main.html
index d2bc9dc7e..bb9536939 100644
--- a/dom/security/test/mixedcontentblocker/test_main.html
+++ b/dom/security/test/mixedcontentblocker/test_main.html
@@ -162,9 +162,6 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=62178
}
function startTest() {
- // Set prefs to use mixed-content before HSTS
- SpecialPowers.pushPrefEnv({'set': [["security.mixed_content.use_hsts", false],
- ["security.mixed_content.send_hsts_priming", false]]});
//Set the first set of mixed content settings and increment the counter.
changePrefs([], function() {
//listen for a messages from the mixed content test harness
diff --git a/dom/security/test/moz.build b/dom/security/test/moz.build
index 946959dee..759e76c73 100644
--- a/dom/security/test/moz.build
+++ b/dom/security/test/moz.build
@@ -28,5 +28,4 @@ BROWSER_CHROME_MANIFESTS += [
'contentverifier/browser.ini',
'csp/browser.ini',
'general/browser.ini',
- 'hsts/browser.ini',
]
diff --git a/image/imgLoader.cpp b/image/imgLoader.cpp
index 5e5ee7829..f7fb657bd 100644
--- a/image/imgLoader.cpp
+++ b/image/imgLoader.cpp
@@ -607,19 +607,6 @@ ShouldLoadCachedImage(imgRequest* aImgRequest,
}
}
- bool sendPriming = false;
- bool mixedContentWouldBlock = false;
- rv = nsMixedContentBlocker::GetHSTSPrimingFromRequestingContext(contentLocation,
- aLoadingContext, &sendPriming, &mixedContentWouldBlock);
- if (NS_FAILED(rv)) {
- return false;
- }
- if (sendPriming && mixedContentWouldBlock) {
- // if either of the securty checks above would cause a priming request, we
- // can't load this image from the cache, so go ahead and return false here
- return false;
- }
-
return true;
}
diff --git a/ipc/glue/BackgroundUtils.cpp b/ipc/glue/BackgroundUtils.cpp
index e115fa74c..44f988efd 100644
--- a/ipc/glue/BackgroundUtils.cpp
+++ b/ipc/glue/BackgroundUtils.cpp
@@ -295,9 +295,8 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo,
aLoadInfo->CorsUnsafeHeaders(),
aLoadInfo->GetForcePreflight(),
aLoadInfo->GetIsPreflight(),
- aLoadInfo->GetLoadTriggeredFromExternal(),
- aLoadInfo->GetForceHSTSPriming(),
- aLoadInfo->GetMixedContentWouldBlock());
+ aLoadInfo->GetLoadTriggeredFromExternal()
+ );
return NS_OK;
}
@@ -373,9 +372,7 @@ LoadInfoArgsToLoadInfo(const OptionalLoadInfoArgs& aOptionalLoadInfoArgs,
loadInfoArgs.corsUnsafeHeaders(),
loadInfoArgs.forcePreflight(),
loadInfoArgs.isPreflight(),
- loadInfoArgs.loadTriggeredFromExternal(),
- loadInfoArgs.forceHSTSPriming(),
- loadInfoArgs.mixedContentWouldBlock()
+ loadInfoArgs.loadTriggeredFromExternal()
);
loadInfo.forget(outLoadInfo);
diff --git a/js/ipc/JavaScriptParent.cpp b/js/ipc/JavaScriptParent.cpp
index 7fe92d662..ca0a0bd21 100644
--- a/js/ipc/JavaScriptParent.cpp
+++ b/js/ipc/JavaScriptParent.cpp
@@ -16,6 +16,7 @@
#include "xpcprivate.h"
#include "mozilla/Casting.h"
#include "mozilla/Telemetry.h"
+#include "mozilla/Unused.h"
#include "nsAutoPtr.h"
using namespace js;
diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
index 16ab85485..4fdc2676a 100644
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -5437,23 +5437,6 @@ pref("media.block-autoplay-until-in-foreground", false);
pref("layout.css.servo.enabled", true);
#endif
-// HSTS Priming
-// If a request is mixed-content, send an HSTS priming request to attempt to
-// see if it is available over HTTPS.
-#ifdef RELEASE_OR_BETA
-// Don't change the order of evaluation of mixed-content and HSTS upgrades in
-// order to be most compatible with current standards
-pref("security.mixed_content.send_hsts_priming", false);
-pref("security.mixed_content.use_hsts", false);
-#else
-// Change the order of evaluation so HSTS upgrades happen before
-// mixed-content blocking
-pref("security.mixed_content.send_hsts_priming", true);
-pref("security.mixed_content.use_hsts", true);
-#endif
-// Approximately 1 week default cache for HSTS priming failures
-pref ("security.mixed_content.hsts_priming_cache_timeout", 10080);
-
// TODO: Bug 1380959: Block toplevel data: URI navigations
// If true, all toplevel data: URI navigations will be blocked.
// Please note that manually entering a data: URI in the
diff --git a/netwerk/base/LoadInfo.cpp b/netwerk/base/LoadInfo.cpp
index ede825b8f..a8c9a5a25 100644
--- a/netwerk/base/LoadInfo.cpp
+++ b/netwerk/base/LoadInfo.cpp
@@ -67,8 +67,6 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
, mForcePreflight(false)
, mIsPreflight(false)
, mLoadTriggeredFromExternal(false)
- , mForceHSTSPriming(false)
- , mMixedContentWouldBlock(false)
{
MOZ_ASSERT(mLoadingPrincipal);
MOZ_ASSERT(mTriggeringPrincipal);
@@ -243,8 +241,6 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow,
, mForcePreflight(false)
, mIsPreflight(false)
, mLoadTriggeredFromExternal(false)
- , mForceHSTSPriming(false)
- , mMixedContentWouldBlock(false)
{
// Top-level loads are never third-party
// Grab the information we can out of the window.
@@ -308,8 +304,6 @@ LoadInfo::LoadInfo(const LoadInfo& rhs)
, mForcePreflight(rhs.mForcePreflight)
, mIsPreflight(rhs.mIsPreflight)
, mLoadTriggeredFromExternal(rhs.mLoadTriggeredFromExternal)
- , mForceHSTSPriming(rhs.mForceHSTSPriming)
- , mMixedContentWouldBlock(rhs.mMixedContentWouldBlock)
{
}
@@ -337,9 +331,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
const nsTArray<nsCString>& aCorsUnsafeHeaders,
bool aForcePreflight,
bool aIsPreflight,
- bool aLoadTriggeredFromExternal,
- bool aForceHSTSPriming,
- bool aMixedContentWouldBlock)
+ bool aLoadTriggeredFromExternal)
: mLoadingPrincipal(aLoadingPrincipal)
, mTriggeringPrincipal(aTriggeringPrincipal)
, mPrincipalToInherit(aPrincipalToInherit)
@@ -363,8 +355,6 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
, mForcePreflight(aForcePreflight)
, mIsPreflight(aIsPreflight)
, mLoadTriggeredFromExternal(aLoadTriggeredFromExternal)
- , mForceHSTSPriming (aForceHSTSPriming)
- , mMixedContentWouldBlock(aMixedContentWouldBlock)
{
// Only top level TYPE_DOCUMENT loads can have a null loadingPrincipal
MOZ_ASSERT(mLoadingPrincipal || aContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT);
@@ -933,34 +923,6 @@ LoadInfo::GetLoadTriggeredFromExternal(bool* aLoadTriggeredFromExternal)
}
NS_IMETHODIMP
-LoadInfo::GetForceHSTSPriming(bool* aForceHSTSPriming)
-{
- *aForceHSTSPriming = mForceHSTSPriming;
- return NS_OK;
-}
-
-NS_IMETHODIMP
-LoadInfo::GetMixedContentWouldBlock(bool *aMixedContentWouldBlock)
-{
- *aMixedContentWouldBlock = mMixedContentWouldBlock;
- return NS_OK;
-}
-
-void
-LoadInfo::SetHSTSPriming(bool aMixedContentWouldBlock)
-{
- mForceHSTSPriming = true;
- mMixedContentWouldBlock = aMixedContentWouldBlock;
-}
-
-void
-LoadInfo::ClearHSTSPriming()
-{
- mForceHSTSPriming = false;
- mMixedContentWouldBlock = false;
-}
-
-NS_IMETHODIMP
LoadInfo::GetTainting(uint32_t* aTaintingOut)
{
MOZ_ASSERT(aTaintingOut);
diff --git a/netwerk/base/LoadInfo.h b/netwerk/base/LoadInfo.h
index 0ae6061b3..2b1e8c9e8 100644
--- a/netwerk/base/LoadInfo.h
+++ b/netwerk/base/LoadInfo.h
@@ -111,9 +111,7 @@ private:
const nsTArray<nsCString>& aUnsafeHeaders,
bool aForcePreflight,
bool aIsPreflight,
- bool aLoadTriggeredFromExternal,
- bool aForceHSTSPriming,
- bool aMixedContentWouldBlock);
+ bool aLoadTriggeredFromExternal);
LoadInfo(const LoadInfo& rhs);
friend nsresult
@@ -159,9 +157,6 @@ private:
bool mForcePreflight;
bool mIsPreflight;
bool mLoadTriggeredFromExternal;
-
- bool mForceHSTSPriming : 1;
- bool mMixedContentWouldBlock : 1;
};
} // namespace net
diff --git a/netwerk/base/nsILoadInfo.idl b/netwerk/base/nsILoadInfo.idl
index 4ec29b972..9a883ff98 100644
--- a/netwerk/base/nsILoadInfo.idl
+++ b/netwerk/base/nsILoadInfo.idl
@@ -671,32 +671,6 @@ interface nsILoadInfo : nsISupports
[infallible] readonly attribute boolean isPreflight;
/**
- * When this request would be mixed-content and we do not have an
- * entry in the HSTS cache, we send an HSTS priming request to
- * determine if it is ok to upgrade the request to HTTPS.
- */
- /**
- * True if this is a mixed-content load and HSTS priming request will be sent.
- */
- [noscript, infallible] readonly attribute boolean forceHSTSPriming;
- /**
- * Carry the decision whether this load would be blocked by mixed content so
- * that if HSTS priming fails, the correct decision can be made.
- */
- [noscript, infallible] readonly attribute boolean mixedContentWouldBlock;
-
- /**
- * Mark this LoadInfo as needing HSTS Priming
- *
- * @param wouldBlock Carry the decision of Mixed Content Blocking to be
- * applied when HSTS priming is complete.
- */
- [noscript, notxpcom, nostdcall]
- void setHSTSPriming(in boolean mixeContentWouldBlock);
- [noscript, notxpcom, nostdcall]
- void clearHSTSPriming();
-
- /**
* Constants reflecting the channel tainting. These are mainly defined here
* for script. Internal C++ code should use the enum defined in LoadTainting.h.
* See LoadTainting.h for documentation.
diff --git a/netwerk/ipc/NeckoChannelParams.ipdlh b/netwerk/ipc/NeckoChannelParams.ipdlh
index bb7562c64..2633ef608 100644
--- a/netwerk/ipc/NeckoChannelParams.ipdlh
+++ b/netwerk/ipc/NeckoChannelParams.ipdlh
@@ -56,8 +56,6 @@ struct LoadInfoArgs
bool forcePreflight;
bool isPreflight;
bool loadTriggeredFromExternal;
- bool forceHSTSPriming;
- bool mixedContentWouldBlock;
};
/**
diff --git a/netwerk/protocol/http/HSTSPrimerListener.cpp b/netwerk/protocol/http/HSTSPrimerListener.cpp
deleted file mode 100644
index 8c9d28d36..000000000
--- a/netwerk/protocol/http/HSTSPrimerListener.cpp
+++ /dev/null
@@ -1,273 +0,0 @@
-/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* vim: set ts=8 sts=2 et sw=2 tw=80: */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "nsHttp.h"
-
-#include "HSTSPrimerListener.h"
-#include "nsIHstsPrimingCallback.h"
-#include "nsIPrincipal.h"
-#include "nsSecurityHeaderParser.h"
-#include "nsISiteSecurityService.h"
-#include "nsISocketProvider.h"
-#include "nsISSLStatus.h"
-#include "nsISSLStatusProvider.h"
-#include "nsStreamUtils.h"
-#include "nsHttpChannel.h"
-#include "LoadInfo.h"
-
-namespace mozilla {
-namespace net {
-
-using namespace mozilla;
-
-NS_IMPL_ISUPPORTS(HSTSPrimingListener, nsIStreamListener,
- nsIRequestObserver, nsIInterfaceRequestor)
-
-NS_IMETHODIMP
-HSTSPrimingListener::GetInterface(const nsIID & aIID, void **aResult)
-{
- return QueryInterface(aIID, aResult);
-}
-
-NS_IMETHODIMP
-HSTSPrimingListener::OnStartRequest(nsIRequest *aRequest,
- nsISupports *aContext)
-{
- nsresult primingResult = CheckHSTSPrimingRequestStatus(aRequest);
- nsCOMPtr<nsIHstsPrimingCallback> callback(mCallback);
- mCallback = nullptr;
-
- nsCOMPtr<nsITimedChannel> timingChannel =
- do_QueryInterface(callback);
- if (timingChannel) {
- TimeStamp channelCreationTime;
- nsresult rv = timingChannel->GetChannelCreation(&channelCreationTime);
- if (NS_SUCCEEDED(rv) && !channelCreationTime.IsNull()) {
- PRUint32 interval =
- (PRUint32) (TimeStamp::Now() - channelCreationTime).ToMilliseconds();
- Telemetry::Accumulate(Telemetry::HSTS_PRIMING_REQUEST_DURATION,
- (NS_SUCCEEDED(primingResult)) ? NS_LITERAL_CSTRING("success")
- : NS_LITERAL_CSTRING("failure"),
- interval);
- }
- }
-
- if (NS_FAILED(primingResult)) {
- LOG(("HSTS Priming Failed (request was not approved)"));
- return callback->OnHSTSPrimingFailed(primingResult, false);
- }
-
- LOG(("HSTS Priming Succeeded (request was approved)"));
- return callback->OnHSTSPrimingSucceeded(false);
-}
-
-NS_IMETHODIMP
-HSTSPrimingListener::OnStopRequest(nsIRequest *aRequest,
- nsISupports *aContext,
- nsresult aStatus)
-{
- return NS_OK;
-}
-
-nsresult
-HSTSPrimingListener::CheckHSTSPrimingRequestStatus(nsIRequest* aRequest)
-{
- nsresult status;
- nsresult rv = aRequest->GetStatus(&status);
- NS_ENSURE_SUCCESS(rv, rv);
- if (NS_FAILED(status)) {
- return NS_ERROR_CONTENT_BLOCKED;
- }
-
- // Test that things worked on a HTTP level
- nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aRequest);
- NS_ENSURE_STATE(httpChannel);
- nsCOMPtr<nsIHttpChannelInternal> internal = do_QueryInterface(aRequest);
- NS_ENSURE_STATE(internal);
-
- bool succeedded;
- rv = httpChannel->GetRequestSucceeded(&succeedded);
- if (NS_FAILED(rv) || !succeedded) {
- // If the request did not return a 2XX response, don't process it
- return NS_ERROR_CONTENT_BLOCKED;
- }
-
- bool synthesized = false;
- nsHttpChannel* rawHttpChannel = static_cast<nsHttpChannel*>(httpChannel.get());
- rv = rawHttpChannel->GetResponseSynthesized(&synthesized);
- NS_ENSURE_SUCCESS(rv, rv);
- if (synthesized) {
- // Don't consider synthesized responses
- return NS_ERROR_CONTENT_BLOCKED;
- }
-
- // check to see if the HSTS cache was updated
- nsCOMPtr<nsISiteSecurityService> sss = do_GetService(NS_SSSERVICE_CONTRACTID, &rv);
- NS_ENSURE_SUCCESS(rv, rv);
-
- nsCOMPtr<nsIURI> uri;
- rv = httpChannel->GetURI(getter_AddRefs(uri));
- NS_ENSURE_SUCCESS(rv, rv);
- NS_ENSURE_TRUE(uri, NS_ERROR_CONTENT_BLOCKED);
-
- bool hsts;
- rv = sss->IsSecureURI(nsISiteSecurityService::HEADER_HSTS, uri, 0, nullptr, &hsts);
- NS_ENSURE_SUCCESS(rv, rv);
-
- if (hsts) {
- // An HSTS upgrade was found
- return NS_OK;
- }
-
- // There is no HSTS upgrade available
- return NS_ERROR_CONTENT_BLOCKED;
-}
-
-/** nsIStreamListener methods **/
-
-NS_IMETHODIMP
-HSTSPrimingListener::OnDataAvailable(nsIRequest *aRequest,
- nsISupports *ctxt,
- nsIInputStream *inStr,
- uint64_t sourceOffset,
- uint32_t count)
-{
- uint32_t totalRead;
- return inStr->ReadSegments(NS_DiscardSegment, nullptr, count, &totalRead);
-}
-
-// static
-nsresult
-HSTSPrimingListener::StartHSTSPriming(nsIChannel* aRequestChannel,
- nsIHstsPrimingCallback* aCallback)
-{
-
- nsCOMPtr<nsIURI> finalChannelURI;
- nsresult rv = NS_GetFinalChannelURI(aRequestChannel, getter_AddRefs(finalChannelURI));
- NS_ENSURE_SUCCESS(rv, rv);
-
- nsCOMPtr<nsIURI> uri;
- rv = NS_GetSecureUpgradedURI(finalChannelURI, getter_AddRefs(uri));
- NS_ENSURE_SUCCESS(rv,rv);
-
- // check the HSTS cache
- bool hsts;
- bool cached;
- nsCOMPtr<nsISiteSecurityService> sss = do_GetService(NS_SSSERVICE_CONTRACTID, &rv);
- NS_ENSURE_SUCCESS(rv, rv);
- rv = sss->IsSecureURI(nsISiteSecurityService::HEADER_HSTS, uri, 0, &cached, &hsts);
- NS_ENSURE_SUCCESS(rv, rv);
-
- if (hsts) {
- // already saw this host and will upgrade if allowed by preferences
- return aCallback->OnHSTSPrimingSucceeded(true);
- }
-
- if (cached) {
- // there is a non-expired entry in the cache that doesn't allow us to
- // upgrade, so go ahead and fail early.
- return aCallback->OnHSTSPrimingFailed(NS_ERROR_CONTENT_BLOCKED, true);
- }
-
- // Either it wasn't cached or the cached result has expired. Build a
- // channel for the HEAD request.
-
- nsCOMPtr<nsILoadInfo> originalLoadInfo = aRequestChannel->GetLoadInfo();
- MOZ_ASSERT(originalLoadInfo, "can not perform HSTS priming without a loadInfo");
- if (!originalLoadInfo) {
- return NS_ERROR_FAILURE;
- }
-
- nsCOMPtr<nsILoadInfo> loadInfo = static_cast<mozilla::LoadInfo*>
- (originalLoadInfo.get())->CloneForNewRequest();
-
- // the LoadInfo must have a security flag set in order to pass through priming
- // if none of these security flags are set, go ahead and fail now instead of
- // crashing in nsContentSecurityManager::ValidateSecurityFlags
- nsSecurityFlags securityMode = loadInfo->GetSecurityMode();
- if (securityMode != nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS &&
- securityMode != nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED &&
- securityMode != nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS &&
- securityMode != nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL &&
- securityMode != nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS) {
- return aCallback->OnHSTSPrimingFailed(NS_ERROR_CONTENT_BLOCKED, true);
- }
-
- nsCOMPtr<nsILoadGroup> loadGroup;
- rv = aRequestChannel->GetLoadGroup(getter_AddRefs(loadGroup));
- NS_ENSURE_SUCCESS(rv, rv);
-
- nsLoadFlags loadFlags;
- rv = aRequestChannel->GetLoadFlags(&loadFlags);
- NS_ENSURE_SUCCESS(rv, rv);
-
- loadFlags &= HttpBaseChannel::INHIBIT_CACHING |
- HttpBaseChannel::INHIBIT_PERSISTENT_CACHING |
- HttpBaseChannel::LOAD_BYPASS_CACHE |
- HttpBaseChannel::LOAD_FROM_CACHE |
- HttpBaseChannel::VALIDATE_ALWAYS;
- // Priming requests should never be intercepted by service workers and
- // are always anonymous.
- loadFlags |= nsIChannel::LOAD_BYPASS_SERVICE_WORKER |
- nsIRequest::LOAD_ANONYMOUS;
-
- // Create a new channel to send the priming request
- nsCOMPtr<nsIChannel> primingChannel;
- rv = NS_NewChannelInternal(getter_AddRefs(primingChannel),
- uri,
- loadInfo,
- loadGroup,
- nullptr, // aCallbacks are set later
- loadFlags);
- NS_ENSURE_SUCCESS(rv, rv);
-
- // Set method and headers
- nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(primingChannel);
- if (!httpChannel) {
- NS_ERROR("HSTSPrimingListener: Failed to QI to nsIHttpChannel!");
- return NS_ERROR_FAILURE;
- }
-
- // Currently using HEAD per the draft, but under discussion to change to GET
- // with credentials so if the upgrade is approved the result is already cached.
- rv = httpChannel->SetRequestMethod(NS_LITERAL_CSTRING("HEAD"));
- NS_ENSURE_SUCCESS(rv, rv);
-
- rv = httpChannel->
- SetRequestHeader(NS_LITERAL_CSTRING("Upgrade-Insecure-Requests"),
- NS_LITERAL_CSTRING("1"), false);
- NS_ENSURE_SUCCESS(rv, rv);
-
- // attempt to set the class of service flags on the new channel
- nsCOMPtr<nsIClassOfService> requestClass = do_QueryInterface(aRequestChannel);
- if (!requestClass) {
- NS_ERROR("HSTSPrimingListener: aRequestChannel is not an nsIClassOfService");
- return NS_ERROR_FAILURE;
- }
- nsCOMPtr<nsIClassOfService> primingClass = do_QueryInterface(httpChannel);
- if (!primingClass) {
- NS_ERROR("HSTSPrimingListener: aRequestChannel is not an nsIClassOfService");
- return NS_ERROR_FAILURE;
- }
-
- uint32_t classFlags = 0;
- rv = requestClass ->GetClassFlags(&classFlags);
- NS_ENSURE_SUCCESS(rv, rv);
- rv = primingClass->SetClassFlags(classFlags);
- NS_ENSURE_SUCCESS(rv, rv);
-
- // Set up listener which will start the original channel
- nsCOMPtr<nsIStreamListener> primingListener(new HSTSPrimingListener(aCallback));
-
- // Start priming
- rv = primingChannel->AsyncOpen2(primingListener);
- NS_ENSURE_SUCCESS(rv, rv);
-
- return NS_OK;
-}
-
-} // namespace net
-} // namespace mozilla
diff --git a/netwerk/protocol/http/HSTSPrimerListener.h b/netwerk/protocol/http/HSTSPrimerListener.h
deleted file mode 100644
index 05089911b..000000000
--- a/netwerk/protocol/http/HSTSPrimerListener.h
+++ /dev/null
@@ -1,108 +0,0 @@
-/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* vim: set ts=8 sts=2 et sw=2 tw=80: */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#ifndef HSTSPrimingListener_h__
-#define HSTSPrimingListener_h__
-
-#include "nsCOMPtr.h"
-#include "nsIChannelEventSink.h"
-#include "nsIInterfaceRequestor.h"
-#include "nsIStreamListener.h"
-#include "nsIThreadRetargetableStreamListener.h"
-
-#include "mozilla/Attributes.h"
-
-class nsIPrincipal;
-class nsINetworkInterceptController;
-class nsIHstsPrimingCallback;
-
-namespace mozilla {
-namespace net {
-
-class HttpChannelParent;
-class nsHttpChannel;
-
-/*
- * How often do we get back an HSTS priming result which upgrades the connection to HTTPS?
- */
-enum HSTSPrimingResult {
- // This site has been seen before and won't be upgraded
- eHSTS_PRIMING_CACHED_NO_UPGRADE = 0,
- // This site has been seen before and will be upgraded
- eHSTS_PRIMING_CACHED_DO_UPGRADE = 1,
- // This site has been seen before and will be blocked
- eHSTS_PRIMING_CACHED_BLOCK = 2,
- // The request was already upgraded, probably through
- // upgrade-insecure-requests
- eHSTS_PRIMING_ALREADY_UPGRADED = 3,
- // HSTS priming is successful and the connection will be upgraded to HTTPS
- eHSTS_PRIMING_SUCCEEDED = 4,
- // When priming succeeds, but preferences require preservation of the order
- // of mixed-content and hsts, and mixed-content blocks the load
- eHSTS_PRIMING_SUCCEEDED_BLOCK = 5,
- // When priming succeeds, but preferences require preservation of the order
- // of mixed-content and hsts, and mixed-content allows the load over http
- eHSTS_PRIMING_SUCCEEDED_HTTP = 6,
- // HSTS priming failed, and the load is blocked by mixed-content
- eHSTS_PRIMING_FAILED_BLOCK = 7,
- // HSTS priming failed, and the load is allowed by mixed-content
- eHSTS_PRIMING_FAILED_ACCEPT = 8
-};
-
-//////////////////////////////////////////////////////////////////////////
-// Class used as streamlistener and notification callback when
-// doing the HEAD request for an HSTS Priming check. Needs to be an
-// nsIStreamListener in order to receive events from AsyncOpen2
-class HSTSPrimingListener final : public nsIStreamListener,
- public nsIInterfaceRequestor
-{
-public:
- explicit HSTSPrimingListener(nsIHstsPrimingCallback* aCallback)
- : mCallback(aCallback)
- {
- }
-
- NS_DECL_ISUPPORTS
- NS_DECL_NSISTREAMLISTENER
- NS_DECL_NSIREQUESTOBSERVER
- NS_DECL_NSIINTERFACEREQUESTOR
-
-private:
- ~HSTSPrimingListener() {}
-
- // Only nsHttpChannel can invoke HSTS priming
- friend class mozilla::net::nsHttpChannel;
-
- /**
- * Start the HSTS priming request. This will send an anonymous HEAD request to
- * the URI aRequestChannel is attempting to load. On success, the new HSTS
- * priming channel is allocated in aHSTSPrimingChannel.
- *
- * @param aRequestChannel the reference channel used to initialze the HSTS
- * priming channel
- * @param aCallback the callback stored to handle the results of HSTS priming.
- * @param aHSTSPrimingChannel if the new HSTS priming channel is allocated
- * successfully, it will be placed here.
- */
- static nsresult StartHSTSPriming(nsIChannel* aRequestChannel,
- nsIHstsPrimingCallback* aCallback);
-
- /**
- * Given a request, return NS_OK if it has resulted in a cached HSTS update.
- * We don't need to check for the header as that has already been done for us.
- */
- nsresult CheckHSTSPrimingRequestStatus(nsIRequest* aRequest);
-
- /**
- * the nsIHttpChannel to notify with the result of HSTS priming.
- */
- nsCOMPtr<nsIHstsPrimingCallback> mCallback;
-};
-
-
-}} // mozilla::net
-
-#endif // HSTSPrimingListener_h__
diff --git a/netwerk/protocol/http/HttpChannelChild.cpp b/netwerk/protocol/http/HttpChannelChild.cpp
index 6d09135c4..0a1e0f859 100644
--- a/netwerk/protocol/http/HttpChannelChild.cpp
+++ b/netwerk/protocol/http/HttpChannelChild.cpp
@@ -1681,8 +1681,8 @@ NS_IMETHODIMP
HttpChannelChild::OnRedirectVerifyCallback(nsresult result)
{
LOG(("HttpChannelChild::OnRedirectVerifyCallback [this=%p]\n", this));
- nsresult rv;
OptionalURIParams redirectURI;
+ nsresult rv;
nsCOMPtr<nsIHttpChannel> newHttpChannel =
do_QueryInterface(mRedirectChannelChild);
@@ -1697,18 +1697,9 @@ HttpChannelChild::OnRedirectVerifyCallback(nsresult result)
result = NS_ERROR_DOM_BAD_URI;
}
- bool forceHSTSPriming = false;
- bool mixedContentWouldBlock = false;
if (newHttpChannel) {
// Must not be called until after redirect observers called.
newHttpChannel->SetOriginalURI(mOriginalURI);
-
- nsCOMPtr<nsILoadInfo> newLoadInfo;
- rv = newHttpChannel->GetLoadInfo(getter_AddRefs(newLoadInfo));
- if (NS_SUCCEEDED(rv) && newLoadInfo) {
- forceHSTSPriming = newLoadInfo->GetForceHSTSPriming();
- mixedContentWouldBlock = newLoadInfo->GetMixedContentWouldBlock();
- }
}
if (mRedirectingForSubsequentSynthesizedResponse) {
@@ -1756,7 +1747,7 @@ HttpChannelChild::OnRedirectVerifyCallback(nsresult result)
do_QueryInterface(mRedirectChannelChild);
if (newHttpChannelInternal) {
nsCOMPtr<nsIURI> apiRedirectURI;
- nsresult rv = newHttpChannelInternal->GetApiRedirectToURI(
+ rv = newHttpChannelInternal->GetApiRedirectToURI(
getter_AddRefs(apiRedirectURI));
if (NS_SUCCEEDED(rv) && apiRedirectURI) {
/* If there was an API redirect of this channel, we need to send it
@@ -1780,8 +1771,7 @@ HttpChannelChild::OnRedirectVerifyCallback(nsresult result)
if (mIPCOpen)
SendRedirect2Verify(result, *headerTuples, loadFlags, redirectURI,
- corsPreflightArgs, forceHSTSPriming,
- mixedContentWouldBlock, chooseAppcache);
+ corsPreflightArgs, chooseAppcache);
return NS_OK;
}
diff --git a/netwerk/protocol/http/HttpChannelParent.cpp b/netwerk/protocol/http/HttpChannelParent.cpp
index 90ed597a6..d1c67f01b 100644
--- a/netwerk/protocol/http/HttpChannelParent.cpp
+++ b/netwerk/protocol/http/HttpChannelParent.cpp
@@ -733,8 +733,6 @@ HttpChannelParent::RecvRedirect2Verify(const nsresult& result,
const uint32_t& loadFlags,
const OptionalURIParams& aAPIRedirectURI,
const OptionalCorsPreflightArgs& aCorsPreflightArgs,
- const bool& aForceHSTSPriming,
- const bool& aMixedContentWouldBlock,
const bool& aChooseAppcache)
{
LOG(("HttpChannelParent::RecvRedirect2Verify [this=%p result=%x]\n",
@@ -774,14 +772,6 @@ HttpChannelParent::RecvRedirect2Verify(const nsresult& result,
newInternalChannel->SetCorsPreflightParameters(args.unsafeHeaders());
}
- if (aForceHSTSPriming) {
- nsCOMPtr<nsILoadInfo> newLoadInfo;
- rv = newHttpChannel->GetLoadInfo(getter_AddRefs(newLoadInfo));
- if (NS_SUCCEEDED(rv) && newLoadInfo) {
- newLoadInfo->SetHSTSPriming(aMixedContentWouldBlock);
- }
- }
-
nsCOMPtr<nsIApplicationCacheChannel> appCacheChannel =
do_QueryInterface(newHttpChannel);
if (appCacheChannel) {
diff --git a/netwerk/protocol/http/HttpChannelParent.h b/netwerk/protocol/http/HttpChannelParent.h
index 56854bb55..91f9bac8b 100644
--- a/netwerk/protocol/http/HttpChannelParent.h
+++ b/netwerk/protocol/http/HttpChannelParent.h
@@ -162,8 +162,6 @@ protected:
const uint32_t& loadFlags,
const OptionalURIParams& apiRedirectUri,
const OptionalCorsPreflightArgs& aCorsPreflightArgs,
- const bool& aForceHSTSPriming,
- const bool& aMixedContentWouldBlock,
const bool& aChooseAppcache) override;
virtual bool RecvUpdateAssociatedContentSecurity(const int32_t& broken,
const int32_t& no) override;
diff --git a/netwerk/protocol/http/PHttpChannel.ipdl b/netwerk/protocol/http/PHttpChannel.ipdl
index 1eb25a403..c77a53e40 100644
--- a/netwerk/protocol/http/PHttpChannel.ipdl
+++ b/netwerk/protocol/http/PHttpChannel.ipdl
@@ -47,7 +47,6 @@ parent:
async Redirect2Verify(nsresult result, RequestHeaderTuples changedHeaders,
uint32_t loadFlags, OptionalURIParams apiRedirectTo,
OptionalCorsPreflightArgs corsPreflightArgs,
- bool forceHSTSPriming, bool mixedContentWouldBlock,
bool chooseAppcache);
// For document loads we keep this protocol open after child's
diff --git a/netwerk/protocol/http/moz.build b/netwerk/protocol/http/moz.build
index e13101aa0..1368ee707 100644
--- a/netwerk/protocol/http/moz.build
+++ b/netwerk/protocol/http/moz.build
@@ -5,7 +5,6 @@
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
XPIDL_SOURCES += [
- 'nsIHstsPrimingCallback.idl',
'nsIHttpActivityObserver.idl',
'nsIHttpAuthenticableChannel.idl',
'nsIHttpAuthenticator.idl',
@@ -58,7 +57,6 @@ UNIFIED_SOURCES += [
'AltDataOutputStreamParent.cpp',
'CacheControlParser.cpp',
'ConnectionDiagnostics.cpp',
- 'HSTSPrimerListener.cpp',
'Http2Compression.cpp',
'Http2Push.cpp',
'Http2Session.cpp',
diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp
index 9107b16e8..7bcec146d 100644
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -100,7 +100,6 @@
#include "mozilla/net/Predictor.h"
#include "CacheControlParser.h"
#include "nsMixedContentBlocker.h"
-#include "HSTSPrimerListener.h"
#include "CacheStorageService.h"
namespace mozilla { namespace net {
@@ -465,50 +464,12 @@ nsHttpChannel::Connect()
// otherwise, let's just proceed without using the cache.
}
- return TryHSTSPriming();
-}
-
-nsresult
-nsHttpChannel::TryHSTSPriming()
-{
- if (mLoadInfo) {
- // HSTS priming requires the LoadInfo provided with AsyncOpen2
- bool requireHSTSPriming =
- mLoadInfo->GetForceHSTSPriming();
-
- if (requireHSTSPriming &&
- nsMixedContentBlocker::sSendHSTSPriming &&
- mInterceptCache == DO_NOT_INTERCEPT) {
- bool isHttpsScheme;
- nsresult rv = mURI->SchemeIs("https", &isHttpsScheme);
- NS_ENSURE_SUCCESS(rv, rv);
- if (!isHttpsScheme) {
- rv = HSTSPrimingListener::StartHSTSPriming(this, this);
-
- if (NS_FAILED(rv)) {
- CloseCacheEntry(false);
- return rv;
- }
-
- return NS_OK;
- }
-
- // The request was already upgraded, for example by
- // upgrade-insecure-requests or a prior successful priming request
- Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING_RESULT,
- HSTSPrimingResult::eHSTS_PRIMING_ALREADY_UPGRADED);
- mLoadInfo->ClearHSTSPriming();
- }
- }
-
return ContinueConnect();
}
nsresult
nsHttpChannel::ContinueConnect()
{
- // If we have had HSTS priming, we need to reevaluate whether we need
- // a CORS preflight. Bug: 1272440
// If we need to start a CORS preflight, do it now!
// Note that it is important to do this before the early returns below.
if (!mIsCorsPreflightDone && mRequireCORSPreflight &&
@@ -4283,7 +4244,7 @@ nsHttpChannel::OnCacheEntryAvailableInternal(nsICacheEntry *entry,
return NS_OK;
}
- return TryHSTSPriming();
+ return ContinueConnect();
}
nsresult
@@ -5699,7 +5660,6 @@ NS_INTERFACE_MAP_BEGIN(nsHttpChannel)
NS_INTERFACE_MAP_ENTRY(nsIDNSListener)
NS_INTERFACE_MAP_ENTRY(nsISupportsWeakReference)
NS_INTERFACE_MAP_ENTRY(nsICorsPreflightCallback)
- NS_INTERFACE_MAP_ENTRY(nsIHstsPrimingCallback)
NS_INTERFACE_MAP_ENTRY(nsIChannelWithDivertableParentListener)
// we have no macro that covers this case.
if (aIID.Equals(NS_GET_IID(nsHttpChannel)) ) {
@@ -8186,107 +8146,6 @@ nsHttpChannel::OnPreflightFailed(nsresult aError)
}
//-----------------------------------------------------------------------------
-// nsIHstsPrimingCallback functions
-//-----------------------------------------------------------------------------
-
-/*
- * May be invoked synchronously if HSTS priming has already been performed
- * for the host.
- */
-nsresult
-nsHttpChannel::OnHSTSPrimingSucceeded(bool aCached)
-{
- if (nsMixedContentBlocker::sUseHSTS) {
- // redirect the channel to HTTPS if the pref
- // "security.mixed_content.use_hsts" is true
- LOG(("HSTS Priming succeeded, redirecting to HTTPS [this=%p]", this));
- Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING_RESULT,
- (aCached) ? HSTSPrimingResult::eHSTS_PRIMING_CACHED_DO_UPGRADE :
- HSTSPrimingResult::eHSTS_PRIMING_SUCCEEDED);
- return AsyncCall(&nsHttpChannel::HandleAsyncRedirectChannelToHttps);
- }
-
- // If "security.mixed_content.use_hsts" is false, record the result of
- // HSTS priming and block or proceed with the load as required by
- // mixed-content blocking
- bool wouldBlock = mLoadInfo->GetMixedContentWouldBlock();
-
- // preserve the mixed-content-before-hsts order and block if required
- if (wouldBlock) {
- LOG(("HSTS Priming succeeded, blocking for mixed-content [this=%p]",
- this));
- Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING_RESULT,
- HSTSPrimingResult::eHSTS_PRIMING_SUCCEEDED_BLOCK);
- CloseCacheEntry(false);
- return AsyncAbort(NS_ERROR_CONTENT_BLOCKED);
- }
-
- LOG(("HSTS Priming succeeded, loading insecure: [this=%p]", this));
- Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING_RESULT,
- HSTSPrimingResult::eHSTS_PRIMING_SUCCEEDED_HTTP);
-
- nsresult rv = ContinueConnect();
- if (NS_FAILED(rv)) {
- CloseCacheEntry(false);
- return AsyncAbort(rv);
- }
-
- return NS_OK;
-}
-
-/*
- * May be invoked synchronously if HSTS priming has already been performed
- * for the host.
- */
-nsresult
-nsHttpChannel::OnHSTSPrimingFailed(nsresult aError, bool aCached)
-{
- bool wouldBlock = mLoadInfo->GetMixedContentWouldBlock();
-
- LOG(("HSTS Priming Failed [this=%p], %s the load", this,
- (wouldBlock) ? "blocking" : "allowing"));
- if (aCached) {
- // Between the time we marked for priming and started the priming request,
- // the host was found to not allow the upgrade, probably from another
- // priming request.
- Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING_RESULT,
- (wouldBlock) ? HSTSPrimingResult::eHSTS_PRIMING_CACHED_BLOCK :
- HSTSPrimingResult::eHSTS_PRIMING_CACHED_NO_UPGRADE);
- } else {
- // A priming request was sent, and no HSTS header was found that allows
- // the upgrade.
- Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING_RESULT,
- (wouldBlock) ? HSTSPrimingResult::eHSTS_PRIMING_FAILED_BLOCK :
- HSTSPrimingResult::eHSTS_PRIMING_FAILED_ACCEPT);
- }
-
- // Don't visit again for at least
- // security.mixed_content.hsts_priming_cache_timeout seconds.
- nsISiteSecurityService* sss = gHttpHandler->GetSSService();
- NS_ENSURE_TRUE(sss, NS_ERROR_OUT_OF_MEMORY);
- nsresult rv = sss->CacheNegativeHSTSResult(mURI,
- nsMixedContentBlocker::sHSTSPrimingCacheTimeout);
- if (NS_FAILED(rv)) {
- NS_ERROR("nsISiteSecurityService::CacheNegativeHSTSResult failed");
- }
-
- // If we would block, go ahead and abort with the error provided
- if (wouldBlock) {
- CloseCacheEntry(false);
- return AsyncAbort(aError);
- }
-
- // we can continue the load and the UI has been updated as mixed content
- rv = ContinueConnect();
- if (NS_FAILED(rv)) {
- CloseCacheEntry(false);
- return AsyncAbort(rv);
- }
-
- return NS_OK;
-}
-
-//-----------------------------------------------------------------------------
// AChannelHasDivertableParentChannelAsListener internal functions
//-----------------------------------------------------------------------------
diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h
index cb8925d04..3a322e8e2 100644
--- a/netwerk/protocol/http/nsHttpChannel.h
+++ b/netwerk/protocol/http/nsHttpChannel.h
@@ -28,7 +28,6 @@
#include "nsISupportsPrimitives.h"
#include "nsICorsPreflightCallback.h"
#include "AlternateServices.h"
-#include "nsIHstsPrimingCallback.h"
class nsDNSPrefetch;
class nsICancelable;
@@ -76,7 +75,6 @@ class nsHttpChannel final : public HttpBaseChannel
, public nsSupportsWeakReference
, public nsICorsPreflightCallback
, public nsIChannelWithDivertableParentListener
- , public nsIHstsPrimingCallback
{
public:
NS_DECL_ISUPPORTS_INHERITED
@@ -92,7 +90,6 @@ public:
NS_DECL_NSIAPPLICATIONCACHECONTAINER
NS_DECL_NSIAPPLICATIONCACHECHANNEL
NS_DECL_NSIASYNCVERIFYREDIRECTCALLBACK
- NS_DECL_NSIHSTSPRIMINGCALLBACK
NS_DECL_NSITHREADRETARGETABLEREQUEST
NS_DECL_NSIDNSLISTENER
NS_DECL_NSICHANNELWITHDIVERTABLEPARENTLISTENER
@@ -211,9 +208,6 @@ public: /* internal necko use only */
nsresult OpenCacheEntry(bool usingSSL);
nsresult ContinueConnect();
- // If the load is mixed-content, build and send an HSTS priming request.
- nsresult TryHSTSPriming();
-
nsresult StartRedirectChannelToURI(nsIURI *, uint32_t);
// This allows cache entry to be marked as foreign even after channel itself
diff --git a/netwerk/protocol/http/nsIHstsPrimingCallback.idl b/netwerk/protocol/http/nsIHstsPrimingCallback.idl
deleted file mode 100644
index 01f53a5b2..000000000
--- a/netwerk/protocol/http/nsIHstsPrimingCallback.idl
+++ /dev/null
@@ -1,50 +0,0 @@
-/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
-/* vim: set ts=8 sts=2 et sw=2 tw=80: */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "nsISupports.idl"
-
-/**
- * HSTS priming attempts to prevent mixed-content by looking for the
- * Strict-Transport-Security header as a signal from the server that it is
- * safe to upgrade HTTP to HTTPS.
- *
- * Since mixed-content blocking happens very early in the process in AsyncOpen2,
- * the status of mixed-content blocking is stored in the LoadInfo and then used
- * to determine whether to send a priming request or not.
- *
- * This interface is implemented by nsHttpChannel so that it can receive the
- * result of HSTS priming.
- */
-[builtinclass, uuid(eca6daca-3f2a-4a2a-b3bf-9f24f79bc999)]
-interface nsIHstsPrimingCallback : nsISupports
-{
- /**
- * HSTS priming has succeeded with an STS header, and the site asserts it is
- * safe to upgrade the request from HTTP to HTTPS. The request may still be
- * blocked based on the user's preferences.
- *
- * May be invoked synchronously if HSTS priming has already been performed
- * for the host.
- *
- * @param aCached whether the result was already in the HSTS cache
- */
- [noscript, nostdcall]
- void onHSTSPrimingSucceeded(in bool aCached);
- /**
- * HSTS priming has seen no STS header, the request itself has failed,
- * or some other failure which does not constitute a positive signal that the
- * site can be upgraded safely to HTTPS. The request may still be allowed
- * based on the user's preferences.
- *
- * May be invoked synchronously if HSTS priming has already been performed
- * for the host.
- *
- * @param aError The error which caused this failure, or NS_ERROR_CONTENT_BLOCKED
- * @param aCached whether the result was already in the HSTS cache
- */
- [noscript, nostdcall]
- void onHSTSPrimingFailed(in nsresult aError, in bool aCached);
-};
diff --git a/security/manager/ssl/nsISiteSecurityService.idl b/security/manager/ssl/nsISiteSecurityService.idl
index fa20fe307..753f32b57 100644
--- a/security/manager/ssl/nsISiteSecurityService.idl
+++ b/security/manager/ssl/nsISiteSecurityService.idl
@@ -188,15 +188,6 @@ interface nsISiteSecurityService : nsISupports
in int64_t aExpires, in unsigned long aPinCount,
[array, size_is(aPinCount)] in string aSha256Pins,
[optional] in boolean aIsPreload);
-
- /**
- * Mark a host as declining to provide a given security state so that features
- * such as HSTS priming will not flood a server with requests.
- *
- * @param aURI the nsIURI that this applies to
- * @param aMaxAge lifetime (in seconds) of this negative cache
- */
- [noscript] void cacheNegativeHSTSResult(in nsIURI aURI, in unsigned long long aMaxAge);
};
%{C++
diff --git a/security/manager/ssl/nsSiteSecurityService.cpp b/security/manager/ssl/nsSiteSecurityService.cpp
index 322ef6570..d461f6b61 100644
--- a/security/manager/ssl/nsSiteSecurityService.cpp
+++ b/security/manager/ssl/nsSiteSecurityService.cpp
@@ -356,14 +356,6 @@ nsSiteSecurityService::SetHSTSState(uint32_t aType,
}
NS_IMETHODIMP
-nsSiteSecurityService::CacheNegativeHSTSResult(nsIURI* aSourceURI,
- uint64_t aMaxAge)
-{
- return SetHSTSState(nsISiteSecurityService::HEADER_HSTS, aSourceURI,
- aMaxAge, false, 0, SecurityPropertyNegative);
-}
-
-NS_IMETHODIMP
nsSiteSecurityService::RemoveState(uint32_t aType, nsIURI* aURI,
uint32_t aFlags)
{
diff --git a/testing/runtimes/mochitest-browser-chrome-e10s.runtimes.json b/testing/runtimes/mochitest-browser-chrome-e10s.runtimes.json
index 5c97d58f0..211e98e05 100644
--- a/testing/runtimes/mochitest-browser-chrome-e10s.runtimes.json
+++ b/testing/runtimes/mochitest-browser-chrome-e10s.runtimes.json
@@ -648,13 +648,6 @@
"dom/security/test/contentverifier/browser_verify_content_about_newtab.js": 14195,
"dom/security/test/contentverifier/browser_verify_content_about_newtab2.js": 12159,
"dom/security/test/csp/browser_test_web_manifest.js": 6022,
- "dom/security/test/hsts/browser_hsts-priming_allow_active.js": 2840,
- "dom/security/test/hsts/browser_hsts-priming_block_active.js": 3459,
- "dom/security/test/hsts/browser_hsts-priming_block_active_with_redir_same.js": 3233,
- "dom/security/test/hsts/browser_hsts-priming_cache-timeout.js": 3469,
- "dom/security/test/hsts/browser_hsts-priming_hsts_after_mixed.js": 2658,
- "dom/security/test/hsts/browser_hsts-priming_no-duplicates.js": 3793,
- "dom/security/test/hsts/browser_hsts-priming_timeout.js": 4040,
"dom/tests/browser/browser_ConsoleStoragePBTest_perwindowpb.js": 3659,
"dom/tests/browser/browser_bug396843.js": 6574,
"dom/tests/browser/browser_focus_steal_from_chrome.js": 25508,
diff --git a/testing/runtimes/mochitest-browser-chrome.runtimes.json b/testing/runtimes/mochitest-browser-chrome.runtimes.json
index ac0b9f10d..73b2437a2 100644
--- a/testing/runtimes/mochitest-browser-chrome.runtimes.json
+++ b/testing/runtimes/mochitest-browser-chrome.runtimes.json
@@ -621,14 +621,6 @@
"dom/security/test/contentverifier/browser_verify_content_about_newtab2.js": 10284,
"dom/security/test/csp/browser_manifest-src-override-default-src.js": 1939,
"dom/security/test/csp/browser_test_web_manifest.js": 5639,
- "dom/security/test/hsts/browser_hsts-priming_allow_active.js": 2280,
- "dom/security/test/hsts/browser_hsts-priming_allow_display.js": 1974,
- "dom/security/test/hsts/browser_hsts-priming_block_active.js": 2803,
- "dom/security/test/hsts/browser_hsts-priming_block_active_with_redir_same.js": 2682,
- "dom/security/test/hsts/browser_hsts-priming_cache-timeout.js": 3110,
- "dom/security/test/hsts/browser_hsts-priming_hsts_after_mixed.js": 2328,
- "dom/security/test/hsts/browser_hsts-priming_no-duplicates.js": 2831,
- "dom/security/test/hsts/browser_hsts-priming_timeout.js": 3798,
"dom/tests/browser/browser_ConsoleAPITests.js": 3520,
"dom/tests/browser/browser_ConsoleStoragePBTest_perwindowpb.js": 2914,
"dom/tests/browser/browser_bug396843.js": 6050,
diff --git a/toolkit/components/telemetry/Histograms.json b/toolkit/components/telemetry/Histograms.json
index ade308cfa..82597adec 100644
--- a/toolkit/components/telemetry/Histograms.json
+++ b/toolkit/components/telemetry/Histograms.json
@@ -8312,33 +8312,6 @@
"n_values": 10,
"description": "How often would blocked mixed content be allowed if HSTS upgrades were allowed? 0=display/no-HSTS, 1=display/HSTS, 2=active/no-HSTS, 3=active/HSTS"
},
- "MIXED_CONTENT_HSTS_PRIMING": {
- "alert_emails": ["seceng@mozilla.org"],
- "bug_numbers": [1246540],
- "expires_in_version": "60",
- "kind": "enumerated",
- "n_values": 16,
- "description": "How often would blocked mixed content be allowed if HSTS upgrades were allowed, including how often would we send an HSTS priming request? 0=display/no-HSTS, 1=display/HSTS, 2=active/no-HSTS, 3=active/HSTS, 4=display/no-HSTS-priming, 5=display/do-HSTS-priming, 6=active/no-HSTS-priming, 7=active/do-HSTS-priming"
- },
- "MIXED_CONTENT_HSTS_PRIMING_RESULT": {
- "alert_emails": ["seceng@mozilla.org"],
- "bug_numbers": [1246540],
- "expires_in_version": "60",
- "kind": "enumerated",
- "n_values": 16,
- "description": "How often do we get back an HSTS priming result which upgrades the connection to HTTPS? 0=cached (no upgrade), 1=cached (do upgrade), 2=cached (blocked), 3=already upgraded, 4=priming succeeded, 5=priming succeeded (block due to pref), 6=priming succeeded (no upgrade due to pref), 7=priming failed (block), 8=priming failed (accept)"
- },
- "HSTS_PRIMING_REQUEST_DURATION": {
- "alert_emails": ["seceng-telemetry@mozilla.org"],
- "bug_numbers": [1311893],
- "expires_in_version": "58",
- "kind": "exponential",
- "low": 100,
- "high": 30000,
- "n_buckets": 100,
- "keyed": true,
- "description": "The amount of time required for HSTS priming requests (ms), keyed by success or failure of the priming request. (success, failure)"
- },
"MIXED_CONTENT_OBJECT_SUBREQUEST": {
"alert_emails": ["seceng@mozilla.org"],
"bug_numbers": [1244116],