diff options
Diffstat (limited to 'netwerk/protocol/http')
| -rw-r--r-- | netwerk/protocol/http/Http2Session.cpp | 1 | ||||
| -rw-r--r-- | netwerk/protocol/http/HttpBaseChannel.cpp | 2 | ||||
| -rw-r--r-- | netwerk/protocol/http/nsHttpChannelAuthProvider.cpp | 15 | ||||
| -rw-r--r-- | netwerk/protocol/http/nsHttpChannelAuthProvider.h | 3 |
4 files changed, 17 insertions, 4 deletions
diff --git a/netwerk/protocol/http/Http2Session.cpp b/netwerk/protocol/http/Http2Session.cpp index 86e8c74f6..726b39f74 100644 --- a/netwerk/protocol/http/Http2Session.cpp +++ b/netwerk/protocol/http/Http2Session.cpp @@ -2182,6 +2182,7 @@ Http2Session::RecvAltSvc(Http2Session *self) } if (NS_FAILED(self->SetInputFrameDataStream(self->mInputFrameID)) || + !self->mInputFrameDataStream || !self->mInputFrameDataStream->Transaction() || !self->mInputFrameDataStream->Transaction()->RequestHead()) { LOG3(("Http2Session::RecvAltSvc %p got frame w/o origin on invalid stream", self)); diff --git a/netwerk/protocol/http/HttpBaseChannel.cpp b/netwerk/protocol/http/HttpBaseChannel.cpp index 86e177e71..568ef3012 100644 --- a/netwerk/protocol/http/HttpBaseChannel.cpp +++ b/netwerk/protocol/http/HttpBaseChannel.cpp @@ -897,7 +897,7 @@ public: InterceptFailedOnStop(nsIStreamListener *arg, HttpBaseChannel *chan) : mNext(arg) , mChannel(chan) {} - NS_DECL_ISUPPORTS + NS_DECL_THREADSAFE_ISUPPORTS NS_IMETHOD OnStartRequest(nsIRequest *aRequest, nsISupports *aContext) override { diff --git a/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp b/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp index a6681cfc6..1b25afe64 100644 --- a/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp +++ b/netwerk/protocol/http/nsHttpChannelAuthProvider.cpp @@ -96,6 +96,7 @@ uint32_t nsHttpChannelAuthProvider::sAuthAllowPref = SUBRESOURCE_AUTH_DIALOG_ALLOW_ALL; bool nsHttpChannelAuthProvider::sImgCrossOriginAuthAllowPref = false; +bool nsHttpChannelAuthProvider::sConfirmAuthPref = false; void nsHttpChannelAuthProvider::InitializePrefs() @@ -107,6 +108,9 @@ nsHttpChannelAuthProvider::InitializePrefs() mozilla::Preferences::AddBoolVarCache(&sImgCrossOriginAuthAllowPref, "network.auth.subresource-http-img-XO-auth", false); + mozilla::Preferences::AddBoolVarCache(&sConfirmAuthPref, + "network.auth.confirmAuth.enabled", + false); } NS_IMETHODIMP @@ -1450,10 +1454,15 @@ nsHttpChannelAuthProvider::ConfirmAuth(const nsString &bundleKey, bool doYesNoPrompt) { // skip prompting the user if - // 1) we've already prompted the user - // 2) we're not a toplevel channel - // 3) the userpass length is less than the "phishy" threshold + // 1) prompts are disabled by preference + // 2) we've already prompted the user + // 3) we're not a toplevel channel + // 4) the userpass length is less than the "phishy" threshold + if (!sConfirmAuthPref) { + return true; + } + uint32_t loadFlags; nsresult rv = mAuthChannel->GetLoadFlags(&loadFlags); if (NS_FAILED(rv)) diff --git a/netwerk/protocol/http/nsHttpChannelAuthProvider.h b/netwerk/protocol/http/nsHttpChannelAuthProvider.h index 0d6045875..18172e60f 100644 --- a/netwerk/protocol/http/nsHttpChannelAuthProvider.h +++ b/netwerk/protocol/http/nsHttpChannelAuthProvider.h @@ -185,6 +185,9 @@ private: static uint32_t sAuthAllowPref; static bool sImgCrossOriginAuthAllowPref; nsCOMPtr<nsICancelable> mGenerateCredentialsCancelable; + + // Variable holding the preference for anti-spoof auth confirmation prompts. + static bool sConfirmAuthPref; }; } // namespace net |