summaryrefslogtreecommitdiffstats
path: root/dom/fetch/InternalRequest.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'dom/fetch/InternalRequest.cpp')
-rw-r--r--dom/fetch/InternalRequest.cpp495
1 files changed, 495 insertions, 0 deletions
diff --git a/dom/fetch/InternalRequest.cpp b/dom/fetch/InternalRequest.cpp
new file mode 100644
index 000000000..85feabde3
--- /dev/null
+++ b/dom/fetch/InternalRequest.cpp
@@ -0,0 +1,495 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "InternalRequest.h"
+
+#include "nsIContentPolicy.h"
+#include "nsIDocument.h"
+#include "nsStreamUtils.h"
+
+#include "mozilla/ErrorResult.h"
+#include "mozilla/dom/FetchTypes.h"
+#include "mozilla/dom/ScriptSettings.h"
+#include "mozilla/dom/workers/Workers.h"
+
+#include "WorkerPrivate.h"
+
+namespace mozilla {
+namespace dom {
+// The global is used to extract the principal.
+already_AddRefed<InternalRequest>
+InternalRequest::GetRequestConstructorCopy(nsIGlobalObject* aGlobal, ErrorResult& aRv) const
+{
+ MOZ_RELEASE_ASSERT(!mURLList.IsEmpty(), "Internal Request's urlList should not be empty when copied from constructor.");
+ RefPtr<InternalRequest> copy = new InternalRequest(mURLList.LastElement(),
+ mFragment);
+ copy->SetMethod(mMethod);
+ copy->mHeaders = new InternalHeaders(*mHeaders);
+ copy->SetUnsafeRequest();
+ copy->mBodyStream = mBodyStream;
+ copy->mForceOriginHeader = true;
+ // The "client" is not stored in our implementation. Fetch API users should
+ // use the appropriate window/document/principal and other Gecko security
+ // mechanisms as appropriate.
+ copy->mSameOriginDataURL = true;
+ copy->mPreserveContentCodings = true;
+ copy->mReferrer = mReferrer;
+ copy->mReferrerPolicy = mReferrerPolicy;
+ copy->mEnvironmentReferrerPolicy = mEnvironmentReferrerPolicy;
+ copy->mIntegrity = mIntegrity;
+
+ copy->mContentPolicyType = mContentPolicyTypeOverridden ?
+ mContentPolicyType :
+ nsIContentPolicy::TYPE_FETCH;
+ copy->mMode = mMode;
+ copy->mCredentialsMode = mCredentialsMode;
+ copy->mCacheMode = mCacheMode;
+ copy->mRedirectMode = mRedirectMode;
+ copy->mCreatedByFetchEvent = mCreatedByFetchEvent;
+ copy->mContentPolicyTypeOverridden = mContentPolicyTypeOverridden;
+ return copy.forget();
+}
+
+already_AddRefed<InternalRequest>
+InternalRequest::Clone()
+{
+ RefPtr<InternalRequest> clone = new InternalRequest(*this);
+
+ if (!mBodyStream) {
+ return clone.forget();
+ }
+
+ nsCOMPtr<nsIInputStream> clonedBody;
+ nsCOMPtr<nsIInputStream> replacementBody;
+
+ nsresult rv = NS_CloneInputStream(mBodyStream, getter_AddRefs(clonedBody),
+ getter_AddRefs(replacementBody));
+ if (NS_WARN_IF(NS_FAILED(rv))) { return nullptr; }
+
+ clone->mBodyStream.swap(clonedBody);
+ if (replacementBody) {
+ mBodyStream.swap(replacementBody);
+ }
+ return clone.forget();
+}
+InternalRequest::InternalRequest(const nsACString& aURL,
+ const nsACString& aFragment)
+ : mMethod("GET")
+ , mHeaders(new InternalHeaders(HeadersGuardEnum::None))
+ , mContentPolicyType(nsIContentPolicy::TYPE_FETCH)
+ , mReferrer(NS_LITERAL_STRING(kFETCH_CLIENT_REFERRER_STR))
+ , mReferrerPolicy(ReferrerPolicy::_empty)
+ , mEnvironmentReferrerPolicy(net::RP_Default)
+ , mMode(RequestMode::No_cors)
+ , mCredentialsMode(RequestCredentials::Omit)
+ , mResponseTainting(LoadTainting::Basic)
+ , mCacheMode(RequestCache::Default)
+ , mRedirectMode(RequestRedirect::Follow)
+ , mAuthenticationFlag(false)
+ , mForceOriginHeader(false)
+ , mPreserveContentCodings(false)
+ // FIXME(nsm): This should be false by default, but will lead to the
+ // algorithm never loading data: URLs right now. See Bug 1018872 about
+ // how certain contexts will override it to set it to true. Fetch
+ // specification does not handle this yet.
+ , mSameOriginDataURL(true)
+ , mSkipServiceWorker(false)
+ , mSynchronous(false)
+ , mUnsafeRequest(false)
+ , mUseURLCredentials(false)
+{
+ MOZ_ASSERT(!aURL.IsEmpty());
+ AddURL(aURL, aFragment);
+}
+InternalRequest::InternalRequest(const nsACString& aURL,
+ const nsACString& aFragment,
+ const nsACString& aMethod,
+ already_AddRefed<InternalHeaders> aHeaders,
+ RequestCache aCacheMode,
+ RequestMode aMode,
+ RequestRedirect aRequestRedirect,
+ RequestCredentials aRequestCredentials,
+ const nsAString& aReferrer,
+ ReferrerPolicy aReferrerPolicy,
+ nsContentPolicyType aContentPolicyType,
+ const nsAString& aIntegrity)
+ : mMethod(aMethod)
+ , mHeaders(aHeaders)
+ , mContentPolicyType(aContentPolicyType)
+ , mReferrer(aReferrer)
+ , mReferrerPolicy(aReferrerPolicy)
+ , mEnvironmentReferrerPolicy(net::RP_Default)
+ , mMode(aMode)
+ , mCredentialsMode(aRequestCredentials)
+ , mResponseTainting(LoadTainting::Basic)
+ , mCacheMode(aCacheMode)
+ , mRedirectMode(aRequestRedirect)
+ , mIntegrity(aIntegrity)
+ , mAuthenticationFlag(false)
+ , mForceOriginHeader(false)
+ , mPreserveContentCodings(false)
+ // FIXME See the above comment in the default constructor.
+ , mSameOriginDataURL(true)
+ , mSkipServiceWorker(false)
+ , mSynchronous(false)
+ , mUnsafeRequest(false)
+ , mUseURLCredentials(false)
+{
+ MOZ_ASSERT(!aURL.IsEmpty());
+ AddURL(aURL, aFragment);
+}
+InternalRequest::InternalRequest(const InternalRequest& aOther)
+ : mMethod(aOther.mMethod)
+ , mURLList(aOther.mURLList)
+ , mHeaders(new InternalHeaders(*aOther.mHeaders))
+ , mContentPolicyType(aOther.mContentPolicyType)
+ , mReferrer(aOther.mReferrer)
+ , mReferrerPolicy(aOther.mReferrerPolicy)
+ , mEnvironmentReferrerPolicy(aOther.mEnvironmentReferrerPolicy)
+ , mMode(aOther.mMode)
+ , mCredentialsMode(aOther.mCredentialsMode)
+ , mResponseTainting(aOther.mResponseTainting)
+ , mCacheMode(aOther.mCacheMode)
+ , mRedirectMode(aOther.mRedirectMode)
+ , mIntegrity(aOther.mIntegrity)
+ , mFragment(aOther.mFragment)
+ , mAuthenticationFlag(aOther.mAuthenticationFlag)
+ , mForceOriginHeader(aOther.mForceOriginHeader)
+ , mPreserveContentCodings(aOther.mPreserveContentCodings)
+ , mSameOriginDataURL(aOther.mSameOriginDataURL)
+ , mSkipServiceWorker(aOther.mSkipServiceWorker)
+ , mSynchronous(aOther.mSynchronous)
+ , mUnsafeRequest(aOther.mUnsafeRequest)
+ , mUseURLCredentials(aOther.mUseURLCredentials)
+ , mCreatedByFetchEvent(aOther.mCreatedByFetchEvent)
+ , mContentPolicyTypeOverridden(aOther.mContentPolicyTypeOverridden)
+{
+ // NOTE: does not copy body stream... use the fallible Clone() for that
+}
+
+InternalRequest::InternalRequest(const IPCInternalRequest& aIPCRequest)
+ : mMethod(aIPCRequest.method())
+ , mURLList(aIPCRequest.urls())
+ , mHeaders(new InternalHeaders(aIPCRequest.headers(),
+ aIPCRequest.headersGuard()))
+ , mContentPolicyType(aIPCRequest.contentPolicyType())
+ , mReferrer(aIPCRequest.referrer())
+ , mReferrerPolicy(aIPCRequest.referrerPolicy())
+ , mMode(aIPCRequest.mode())
+ , mCredentialsMode(aIPCRequest.credentials())
+ , mCacheMode(aIPCRequest.requestCache())
+ , mRedirectMode(aIPCRequest.requestRedirect())
+{
+ MOZ_ASSERT(!mURLList.IsEmpty());
+}
+
+InternalRequest::~InternalRequest()
+{
+}
+
+void
+InternalRequest::ToIPC(IPCInternalRequest* aIPCRequest)
+{
+ MOZ_ASSERT(aIPCRequest);
+ MOZ_ASSERT(!mURLList.IsEmpty());
+ aIPCRequest->urls() = mURLList;
+ aIPCRequest->method() = mMethod;
+
+ mHeaders->ToIPC(aIPCRequest->headers(), aIPCRequest->headersGuard());
+
+ aIPCRequest->referrer() = mReferrer;
+ aIPCRequest->referrerPolicy() = mReferrerPolicy;
+ aIPCRequest->mode() = mMode;
+ aIPCRequest->credentials() = mCredentialsMode;
+ aIPCRequest->contentPolicyType() = mContentPolicyType;
+ aIPCRequest->requestCache() = mCacheMode;
+ aIPCRequest->requestRedirect() = mRedirectMode;
+}
+
+void
+InternalRequest::SetContentPolicyType(nsContentPolicyType aContentPolicyType)
+{
+ mContentPolicyType = aContentPolicyType;
+}
+
+void
+InternalRequest::OverrideContentPolicyType(nsContentPolicyType aContentPolicyType)
+{
+ SetContentPolicyType(aContentPolicyType);
+ mContentPolicyTypeOverridden = true;
+}
+
+/* static */
+RequestContext
+InternalRequest::MapContentPolicyTypeToRequestContext(nsContentPolicyType aContentPolicyType)
+{
+ RequestContext context = RequestContext::Internal;
+ switch (aContentPolicyType) {
+ case nsIContentPolicy::TYPE_OTHER:
+ context = RequestContext::Internal;
+ break;
+ case nsIContentPolicy::TYPE_INTERNAL_SCRIPT:
+ case nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD:
+ case nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER:
+ context = RequestContext::Script;
+ break;
+ case nsIContentPolicy::TYPE_INTERNAL_WORKER:
+ context = RequestContext::Worker;
+ break;
+ case nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER:
+ context = RequestContext::Sharedworker;
+ break;
+ case nsIContentPolicy::TYPE_INTERNAL_IMAGE:
+ case nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD:
+ case nsIContentPolicy::TYPE_INTERNAL_IMAGE_FAVICON:
+ context = RequestContext::Image;
+ break;
+ case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET:
+ case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD:
+ context = RequestContext::Style;
+ break;
+ case nsIContentPolicy::TYPE_INTERNAL_OBJECT:
+ context = RequestContext::Object;
+ break;
+ case nsIContentPolicy::TYPE_INTERNAL_EMBED:
+ context = RequestContext::Embed;
+ break;
+ case nsIContentPolicy::TYPE_DOCUMENT:
+ context = RequestContext::Internal;
+ break;
+ case nsIContentPolicy::TYPE_INTERNAL_IFRAME:
+ context = RequestContext::Iframe;
+ break;
+ case nsIContentPolicy::TYPE_INTERNAL_FRAME:
+ context = RequestContext::Frame;
+ break;
+ case nsIContentPolicy::TYPE_REFRESH:
+ context = RequestContext::Internal;
+ break;
+ case nsIContentPolicy::TYPE_XBL:
+ context = RequestContext::Internal;
+ break;
+ case nsIContentPolicy::TYPE_PING:
+ context = RequestContext::Ping;
+ break;
+ case nsIContentPolicy::TYPE_INTERNAL_XMLHTTPREQUEST:
+ context = RequestContext::Xmlhttprequest;
+ break;
+ case nsIContentPolicy::TYPE_INTERNAL_EVENTSOURCE:
+ context = RequestContext::Eventsource;
+ break;
+ case nsIContentPolicy::TYPE_OBJECT_SUBREQUEST:
+ context = RequestContext::Plugin;
+ break;
+ case nsIContentPolicy::TYPE_DTD:
+ context = RequestContext::Internal;
+ break;
+ case nsIContentPolicy::TYPE_FONT:
+ context = RequestContext::Font;
+ break;
+ case nsIContentPolicy::TYPE_INTERNAL_AUDIO:
+ context = RequestContext::Audio;
+ break;
+ case nsIContentPolicy::TYPE_INTERNAL_VIDEO:
+ context = RequestContext::Video;
+ break;
+ case nsIContentPolicy::TYPE_INTERNAL_TRACK:
+ context = RequestContext::Track;
+ break;
+ case nsIContentPolicy::TYPE_WEBSOCKET:
+ context = RequestContext::Internal;
+ break;
+ case nsIContentPolicy::TYPE_CSP_REPORT:
+ context = RequestContext::Cspreport;
+ break;
+ case nsIContentPolicy::TYPE_XSLT:
+ context = RequestContext::Xslt;
+ break;
+ case nsIContentPolicy::TYPE_BEACON:
+ context = RequestContext::Beacon;
+ break;
+ case nsIContentPolicy::TYPE_FETCH:
+ context = RequestContext::Fetch;
+ break;
+ case nsIContentPolicy::TYPE_IMAGESET:
+ context = RequestContext::Imageset;
+ break;
+ case nsIContentPolicy::TYPE_WEB_MANIFEST:
+ context = RequestContext::Manifest;
+ break;
+ default:
+ MOZ_ASSERT(false, "Unhandled nsContentPolicyType value");
+ break;
+ }
+ return context;
+}
+
+// static
+bool
+InternalRequest::IsNavigationContentPolicy(nsContentPolicyType aContentPolicyType)
+{
+ // https://fetch.spec.whatwg.org/#navigation-request-context
+ //
+ // A navigation request context is one of "form", "frame", "hyperlink",
+ // "iframe", "internal" (as long as context frame type is not "none"),
+ // "location", "metarefresh", and "prerender".
+ //
+ // Note, all of these request types are effectively initiated by nsDocShell.
+ //
+ // The TYPE_REFRESH is used in some code paths for metarefresh, but will not
+ // be seen during the actual load. Instead the new load gets a normal
+ // nsDocShell policy type. We include it here in case this utility method
+ // is called before the load starts.
+ return aContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT ||
+ aContentPolicyType == nsIContentPolicy::TYPE_SUBDOCUMENT ||
+ aContentPolicyType == nsIContentPolicy::TYPE_INTERNAL_FRAME ||
+ aContentPolicyType == nsIContentPolicy::TYPE_INTERNAL_IFRAME ||
+ aContentPolicyType == nsIContentPolicy::TYPE_REFRESH;
+}
+
+// static
+bool
+InternalRequest::IsWorkerContentPolicy(nsContentPolicyType aContentPolicyType)
+{
+ // https://fetch.spec.whatwg.org/#worker-request-context
+ //
+ // A worker request context is one of "serviceworker", "sharedworker", and
+ // "worker".
+ //
+ // Note, service workers are not included here because currently there is
+ // no way to generate a Request with a "serviceworker" RequestContext.
+ // ServiceWorker scripts cannot be intercepted.
+ return aContentPolicyType == nsIContentPolicy::TYPE_INTERNAL_WORKER ||
+ aContentPolicyType == nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER;
+}
+
+bool
+InternalRequest::IsNavigationRequest() const
+{
+ return IsNavigationContentPolicy(mContentPolicyType);
+}
+
+bool
+InternalRequest::IsWorkerRequest() const
+{
+ return IsWorkerContentPolicy(mContentPolicyType);
+}
+
+bool
+InternalRequest::IsClientRequest() const
+{
+ return IsNavigationRequest() || IsWorkerRequest();
+}
+
+// static
+RequestMode
+InternalRequest::MapChannelToRequestMode(nsIChannel* aChannel)
+{
+ MOZ_ASSERT(aChannel);
+
+ nsCOMPtr<nsILoadInfo> loadInfo;
+ MOZ_ALWAYS_SUCCEEDS(aChannel->GetLoadInfo(getter_AddRefs(loadInfo)));
+
+ nsContentPolicyType contentPolicy = loadInfo->InternalContentPolicyType();
+ if (IsNavigationContentPolicy(contentPolicy)) {
+ return RequestMode::Navigate;
+ }
+
+ // TODO: remove the worker override once securityMode is fully implemented (bug 1189945)
+ if (IsWorkerContentPolicy(contentPolicy)) {
+ return RequestMode::Same_origin;
+ }
+
+ uint32_t securityMode = loadInfo->GetSecurityMode();
+
+ switch(securityMode) {
+ case nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS:
+ case nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED:
+ return RequestMode::Same_origin;
+ case nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS:
+ case nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL:
+ return RequestMode::No_cors;
+ case nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS:
+ // TODO: Check additional flag force-preflight after bug 1199693 (bug 1189945)
+ return RequestMode::Cors;
+ default:
+ // TODO: assert never reached after CorsMode flag removed (bug 1189945)
+ MOZ_ASSERT(securityMode == nsILoadInfo::SEC_NORMAL);
+ break;
+ }
+
+ // TODO: remove following code once securityMode is fully implemented (bug 1189945)
+
+ nsCOMPtr<nsIHttpChannelInternal> httpChannel = do_QueryInterface(aChannel);
+
+ uint32_t corsMode;
+ MOZ_ALWAYS_SUCCEEDS(httpChannel->GetCorsMode(&corsMode));
+ MOZ_ASSERT(corsMode != nsIHttpChannelInternal::CORS_MODE_NAVIGATE);
+
+ // This cast is valid due to static asserts in ServiceWorkerManager.cpp.
+ return static_cast<RequestMode>(corsMode);
+}
+
+// static
+RequestCredentials
+InternalRequest::MapChannelToRequestCredentials(nsIChannel* aChannel)
+{
+ MOZ_ASSERT(aChannel);
+
+ nsCOMPtr<nsILoadInfo> loadInfo;
+ MOZ_ALWAYS_SUCCEEDS(aChannel->GetLoadInfo(getter_AddRefs(loadInfo)));
+
+
+ // TODO: Remove following code after stylesheet and image support cookie policy
+ if (loadInfo->GetSecurityMode() == nsILoadInfo::SEC_NORMAL) {
+ uint32_t loadFlags;
+ aChannel->GetLoadFlags(&loadFlags);
+
+ if (loadFlags & nsIRequest::LOAD_ANONYMOUS) {
+ return RequestCredentials::Omit;
+ } else {
+ bool includeCrossOrigin;
+ nsCOMPtr<nsIHttpChannelInternal> internalChannel = do_QueryInterface(aChannel);
+
+ internalChannel->GetCorsIncludeCredentials(&includeCrossOrigin);
+ if (includeCrossOrigin) {
+ return RequestCredentials::Include;
+ }
+ }
+ return RequestCredentials::Same_origin;
+ }
+
+ uint32_t cookiePolicy = loadInfo->GetCookiePolicy();
+
+ if (cookiePolicy == nsILoadInfo::SEC_COOKIES_INCLUDE) {
+ return RequestCredentials::Include;
+ } else if (cookiePolicy == nsILoadInfo::SEC_COOKIES_OMIT) {
+ return RequestCredentials::Omit;
+ } else if (cookiePolicy == nsILoadInfo::SEC_COOKIES_SAME_ORIGIN) {
+ return RequestCredentials::Same_origin;
+ }
+
+ MOZ_ASSERT_UNREACHABLE("Unexpected cookie policy!");
+ return RequestCredentials::Same_origin;
+}
+
+void
+InternalRequest::MaybeSkipCacheIfPerformingRevalidation()
+{
+ if (mCacheMode == RequestCache::Default &&
+ mHeaders->HasRevalidationHeaders()) {
+ mCacheMode = RequestCache::No_store;
+ }
+}
+
+void
+InternalRequest::SetPrincipalInfo(UniquePtr<mozilla::ipc::PrincipalInfo> aPrincipalInfo)
+{
+ mPrincipalInfo = Move(aPrincipalInfo);
+}
+
+} // namespace dom
+} // namespace mozilla