diff options
| author | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-03-27 15:57:18 +0200 |
|---|---|---|
| committer | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-03-27 15:57:18 +0200 |
| commit | d990d8ab2cade6c928e8bbe56ae038d020cef599 (patch) | |
| tree | c7561ae0f303cb0d4a7a7507178531b4852e4dea /docshell/base/nsDocShell.cpp | |
| parent | 0c36b27511c1fbca594f0426c493ef601fda3e4c (diff) | |
| parent | 8d5ec757ece850fb7ad5c712868f305636e41177 (diff) | |
| download | UXP-d990d8ab2cade6c928e8bbe56ae038d020cef599.tar UXP-d990d8ab2cade6c928e8bbe56ae038d020cef599.tar.gz UXP-d990d8ab2cade6c928e8bbe56ae038d020cef599.tar.lz UXP-d990d8ab2cade6c928e8bbe56ae038d020cef599.tar.xz UXP-d990d8ab2cade6c928e8bbe56ae038d020cef599.zip | |
Merge branch 'master' of https://github.com/MoonchildProductions/UXP into js_array_values_1
Diffstat (limited to 'docshell/base/nsDocShell.cpp')
| -rw-r--r-- | docshell/base/nsDocShell.cpp | 44 |
1 files changed, 34 insertions, 10 deletions
diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index ab119a016..50641508d 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -6806,9 +6806,17 @@ nsDocShell::ForceRefreshURI(nsIURI* aURI, int32_t aDelay, bool aMetaRefresh, nsI */ loadInfo->SetReferrer(mCurrentURI); - /* Don't ever "guess" on which principal to use to avoid picking - * the current principal. - */ + // Set the triggering pricipal to aPrincipal if available, or current + // document's principal otherwise. + nsCOMPtr<nsIPrincipal> principal = aPrincipal; + if (!principal) { + nsCOMPtr<nsIDocument> doc = GetDocument(); + if (!doc) { + return NS_ERROR_FAILURE; + } + principal = doc->NodePrincipal(); + } + loadInfo->SetTriggeringPrincipal(principal); loadInfo->SetPrincipalIsExplicit(true); /* Check if this META refresh causes a redirection @@ -6836,13 +6844,6 @@ nsDocShell::ForceRefreshURI(nsIURI* aURI, int32_t aDelay, bool aMetaRefresh, nsI loadInfo->SetLoadType(nsIDocShellLoadInfo::loadRefresh); } - // If the principal is null, the refresh will have a triggeringPrincipal - // derived from the referrer URI, or will be set to the system principal - // if there is no refererrer. See LoadURI() - if (aPrincipal) { - loadInfo->SetTriggeringPrincipal(aPrincipal); - } - /* * LoadURI(...) will cancel all refresh timers... This causes the * Timer and its refreshData instance to be released... @@ -11025,6 +11026,29 @@ nsDocShell::DoURILoad(nsIURI* aURI, } } + // Navigational requests that are same origin need to be upgraded in case + // upgrade-insecure-requests is present. Please note that in that case + // the triggeringPrincipal is holding the CSP that potentially + // holds upgrade-insecure-requests. + nsCOMPtr<nsIContentSecurityPolicy> csp; + aTriggeringPrincipal->GetCsp(getter_AddRefs(csp)); + if (csp) { + bool upgradeInsecureRequests = false; + csp->GetUpgradeInsecureRequests(&upgradeInsecureRequests); + if (upgradeInsecureRequests) { + // only upgrade if the navigation is same origin + nsCOMPtr<nsIPrincipal> resultPrincipal; + rv = nsContentUtils::GetSecurityManager()-> + GetChannelResultPrincipal(channel, + getter_AddRefs(resultPrincipal)); + NS_ENSURE_SUCCESS(rv, rv); + if (resultPrincipal->Equals(aTriggeringPrincipal)) { + static_cast<mozilla::LoadInfo*>(loadInfo.get())->SetUpgradeInsecureRequests(); + } + } + } + + nsCOMPtr<nsIApplicationCacheChannel> appCacheChannel = do_QueryInterface(channel); if (appCacheChannel) { |