From bd851735628cd6b07285e87fa60081e9d11a3b7e Mon Sep 17 00:00:00 2001 From: Gaming4JC Date: Sat, 26 May 2018 15:00:01 -0400 Subject: Remove support and tests for HSTS priming from the tree. Fixes #384 --- ...webconsole_block_mixedcontent_securityerrors.js | 2 - .../test/browser_webconsole_bug_632817.js | 4 - docshell/base/nsDocShell.cpp | 21 -- dom/base/nsIDocument.h | 44 +-- dom/base/test/bug704320.sjs | 6 - dom/base/test/referrerHelper.js | 3 - dom/html/test/test_anchor_ping.html | 7 +- dom/ipc/ContentParent.cpp | 4 +- dom/ipc/ContentParent.h | 3 +- dom/ipc/PContent.ipdl | 2 +- dom/performance/PerformanceResourceTiming.cpp | 1 + dom/security/nsContentSecurityManager.cpp | 9 - dom/security/nsMixedContentBlocker.cpp | 191 +------------ dom/security/nsMixedContentBlocker.h | 35 +-- dom/security/test/csp/test_referrerdirective.html | 2 - dom/security/test/hsts/browser.ini | 19 -- .../test/hsts/browser_hsts-priming_allow_active.js | 24 -- .../hsts/browser_hsts-priming_allow_display.js | 24 -- .../test/hsts/browser_hsts-priming_block_active.js | 24 -- .../hsts/browser_hsts-priming_block_active_css.js | 24 -- ...er_hsts-priming_block_active_with_redir_same.js | 24 -- .../hsts/browser_hsts-priming_block_display.js | 24 -- .../hsts/browser_hsts-priming_cache-timeout.js | 36 --- .../hsts/browser_hsts-priming_hsts_after_mixed.js | 24 -- .../hsts/browser_hsts-priming_no-duplicates.js | 30 -- dom/security/test/hsts/file_1x1.png | Bin 17811 -> 0 bytes dom/security/test/hsts/file_priming-top.html | 84 ------ dom/security/test/hsts/file_priming.js | 4 - dom/security/test/hsts/file_stylesheet.css | 0 dom/security/test/hsts/file_testserver.sjs | 66 ----- dom/security/test/hsts/head.js | 308 --------------------- .../test/mixedcontentblocker/test_main.html | 3 - dom/security/test/moz.build | 1 - image/imgLoader.cpp | 13 - ipc/glue/BackgroundUtils.cpp | 9 +- js/ipc/JavaScriptParent.cpp | 1 + modules/libpref/init/all.js | 17 -- netwerk/base/LoadInfo.cpp | 40 +-- netwerk/base/LoadInfo.h | 7 +- netwerk/base/nsILoadInfo.idl | 26 -- netwerk/ipc/NeckoChannelParams.ipdlh | 2 - netwerk/protocol/http/HSTSPrimerListener.cpp | 273 ------------------ netwerk/protocol/http/HSTSPrimerListener.h | 108 -------- netwerk/protocol/http/HttpChannelChild.cpp | 16 +- netwerk/protocol/http/HttpChannelParent.cpp | 10 - netwerk/protocol/http/HttpChannelParent.h | 2 - netwerk/protocol/http/PHttpChannel.ipdl | 1 - netwerk/protocol/http/moz.build | 2 - netwerk/protocol/http/nsHttpChannel.cpp | 143 +--------- netwerk/protocol/http/nsHttpChannel.h | 6 - netwerk/protocol/http/nsIHstsPrimingCallback.idl | 50 ---- security/manager/ssl/nsISiteSecurityService.idl | 9 - security/manager/ssl/nsSiteSecurityService.cpp | 8 - .../mochitest-browser-chrome-e10s.runtimes.json | 7 - .../mochitest-browser-chrome.runtimes.json | 8 - toolkit/components/telemetry/Histograms.json | 27 -- 56 files changed, 26 insertions(+), 1812 deletions(-) delete mode 100644 dom/security/test/hsts/browser.ini delete mode 100644 dom/security/test/hsts/browser_hsts-priming_allow_active.js delete mode 100644 dom/security/test/hsts/browser_hsts-priming_allow_display.js delete mode 100644 dom/security/test/hsts/browser_hsts-priming_block_active.js delete mode 100644 dom/security/test/hsts/browser_hsts-priming_block_active_css.js delete mode 100644 dom/security/test/hsts/browser_hsts-priming_block_active_with_redir_same.js delete mode 100644 dom/security/test/hsts/browser_hsts-priming_block_display.js delete mode 100644 dom/security/test/hsts/browser_hsts-priming_cache-timeout.js delete mode 100644 dom/security/test/hsts/browser_hsts-priming_hsts_after_mixed.js delete mode 100644 dom/security/test/hsts/browser_hsts-priming_no-duplicates.js delete mode 100644 dom/security/test/hsts/file_1x1.png delete mode 100644 dom/security/test/hsts/file_priming-top.html delete mode 100644 dom/security/test/hsts/file_priming.js delete mode 100644 dom/security/test/hsts/file_stylesheet.css delete mode 100644 dom/security/test/hsts/file_testserver.sjs delete mode 100644 dom/security/test/hsts/head.js delete mode 100644 netwerk/protocol/http/HSTSPrimerListener.cpp delete mode 100644 netwerk/protocol/http/HSTSPrimerListener.h delete mode 100644 netwerk/protocol/http/nsIHstsPrimingCallback.idl diff --git a/devtools/client/webconsole/test/browser_webconsole_block_mixedcontent_securityerrors.js b/devtools/client/webconsole/test/browser_webconsole_block_mixedcontent_securityerrors.js index ff4157a3b..eb77bc158 100644 --- a/devtools/client/webconsole/test/browser_webconsole_block_mixedcontent_securityerrors.js +++ b/devtools/client/webconsole/test/browser_webconsole_block_mixedcontent_securityerrors.js @@ -61,8 +61,6 @@ function pushPrefEnv() { "set": [ ["security.mixed_content.block_active_content", true], ["security.mixed_content.block_display_content", true], - ["security.mixed_content.use_hsts", false], - ["security.mixed_content.send_hsts_priming", false], ] }; SpecialPowers.pushPrefEnv(options, deferred.resolve); diff --git a/devtools/client/webconsole/test/browser_webconsole_bug_632817.js b/devtools/client/webconsole/test/browser_webconsole_bug_632817.js index 561e3b112..dc976411f 100644 --- a/devtools/client/webconsole/test/browser_webconsole_bug_632817.js +++ b/devtools/client/webconsole/test/browser_webconsole_bug_632817.js @@ -95,10 +95,6 @@ function testXhrWarn() { let lastRequest = yield waitForFinishedRequest(XHR_WARN_REQUEST_PREDICATE); if (lastRequest.request.method == "HEAD") { - // in non-e10s, we get the HEAD request that priming sends, so make sure - // a priming request should be sent, and then get the actual request - is(Services.prefs.getBoolPref("security.mixed_content.send_hsts_priming"), - true, "Found HSTS Priming Request"); lastRequest = yield waitForFinishedRequest(XHR_WARN_REQUEST_PREDICATE); } diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index b3e26da33..8eca47495 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -9961,27 +9961,6 @@ nsDocShell::InternalLoad(nsIURI* aURI, return NS_ERROR_CONTENT_BLOCKED; } - - // If HSTS priming was set by nsMixedContentBlocker::ShouldLoad, and we - // would block due to mixed content, go ahead and block here. If we try to - // proceed with priming, we will error out later on. - nsCOMPtr docShell = NS_CP_GetDocShellFromContext(requestingContext); - // When loading toplevel windows, requestingContext can be null. We don't - // really care about HSTS in that situation, though; loads in toplevel - // windows should all be browser UI. - if (docShell) { - nsIDocument* document = docShell->GetDocument(); - NS_ENSURE_TRUE(document, NS_OK); - - HSTSPrimingState state = document->GetHSTSPrimingStateForLocation(aURI); - if (state == HSTSPrimingState::eHSTS_PRIMING_BLOCK) { - // HSTS Priming currently disabled for InternalLoad, so we need to clear - // the location that was added by nsMixedContentBlocker::ShouldLoad - // Bug 1269815 will address images loaded via InternalLoad - document->ClearHSTSPrimingLocation(aURI); - return NS_ERROR_CONTENT_BLOCKED; - } - } } nsCOMPtr principalToInherit = aPrincipalToInherit; diff --git a/dom/base/nsIDocument.h b/dom/base/nsIDocument.h index 1e0c9562e..7a73fae71 100644 --- a/dom/base/nsIDocument.h +++ b/dom/base/nsIDocument.h @@ -18,11 +18,11 @@ #include "nsINode.h" // for base class #include "nsIScriptGlobalObject.h" // for member (in nsCOMPtr) #include "nsIServiceManager.h" +#include "nsIURI.h" // for use in inline functions #include "nsIUUIDGenerator.h" #include "nsPIDOMWindow.h" // for use in inline functions #include "nsPropertyTable.h" // for member -#include "nsDataHashtable.h" // for member -#include "nsURIHashKey.h" // for member +#include "nsTHashtable.h" // for member #include "mozilla/net/ReferrerPolicy.h" // for member #include "nsWeakReference.h" #include "mozilla/UseCounter.h" @@ -182,13 +182,6 @@ enum DocumentFlavor { DocumentFlavorPlain, // Just a Document }; -// Enum for HSTS priming states -enum class HSTSPrimingState { - eNO_HSTS_PRIMING = 0, // don't do HSTS Priming - eHSTS_PRIMING_ALLOW = 1, // if HSTS priming fails, allow the load to proceed - eHSTS_PRIMING_BLOCK = 2 // if HSTS priming fails, block the load -}; - // Document states // RTL locale: specific to the XUL localedir attribute @@ -405,34 +398,6 @@ public: mReferrer = aReferrer; } - /** - * Check to see if a subresource we want to load requires HSTS priming - * to be done. - */ - HSTSPrimingState GetHSTSPrimingStateForLocation(nsIURI* aContentLocation) const - { - HSTSPrimingState state; - if (mHSTSPrimingURIList.Get(aContentLocation, &state)) { - return state; - } - return HSTSPrimingState::eNO_HSTS_PRIMING; - } - - /** - * Add a subresource to the HSTS priming list. If this URI is - * not in the HSTS cache, it will trigger an HSTS priming request - * when we try to load it. - */ - void AddHSTSPrimingLocation(nsIURI* aContentLocation, HSTSPrimingState aState) - { - mHSTSPrimingURIList.Put(aContentLocation, aState); - } - - void ClearHSTSPrimingLocation(nsIURI* aContentLocation) - { - mHSTSPrimingURIList.Remove(aContentLocation); - } - /** * Set the principal responsible for this document. */ @@ -2987,11 +2952,6 @@ protected: bool mUpgradeInsecureRequests; bool mUpgradeInsecurePreloads; - // if nsMixedContentBlocker requires sending an HSTS priming request, - // temporarily store that in the document so that it can be propogated to the - // LoadInfo and eventually the HTTP Channel - nsDataHashtable mHSTSPrimingURIList; - mozilla::WeakPtr mDocumentContainer; nsCString mCharacterSet; diff --git a/dom/base/test/bug704320.sjs b/dom/base/test/bug704320.sjs index dff77f4b3..e0f549533 100644 --- a/dom/base/test/bug704320.sjs +++ b/dom/base/test/bug704320.sjs @@ -194,12 +194,6 @@ function createPolicyTest(policy, optionalEarlierPolicy) { } function handleRequest(request, response) { - if (request.method == 'HEAD') { - // respond to a HEAD request with a 418 so that we can easily distinguish - // HSTS priming responses and ignore them - response.setStatusLine('1.1', 418, "I'm a teapot"); - return; - } var sharedKey = 'bug704320.sjs'; var params = request.queryString.split('&'); var action = params[0].split('=')[1]; diff --git a/dom/base/test/referrerHelper.js b/dom/base/test/referrerHelper.js index 207bf5f15..01a22829c 100644 --- a/dom/base/test/referrerHelper.js +++ b/dom/base/test/referrerHelper.js @@ -25,9 +25,6 @@ function doXHR(url, onSuccess, onFail) { xhr.onload = function () { if (xhr.status == 200) { onSuccess(xhr); - } else if (xhr.status == 418) { - // Ignore HSTS priming responses - return; } else { onFail(xhr); } diff --git a/dom/html/test/test_anchor_ping.html b/dom/html/test/test_anchor_ping.html index 4a39bcefe..6a1832ad1 100644 --- a/dom/html/test/test_anchor_ping.html +++ b/dom/html/test/test_anchor_ping.html @@ -40,15 +40,10 @@ let tests = [ function* setup() { Services.prefs.setBoolPref("browser.send_pings", true); Services.prefs.setIntPref("browser.send_pings.max_per_link", -1); - Services.prefs.setBoolPref("security.mixed_content.block_active_content", false); - // The server we create can't handle the priming HEAD requests - Services.prefs.setBoolPref("security.mixed_content.send_hsts_priming", false); SimpleTest.registerCleanupFunction(() => { Services.prefs.clearUserPref("browser.send_pings"); Services.prefs.clearUserPref("browser.send_pings.max_per_link"); - Services.prefs.clearUserPref("security.mixed_content.block_active_content"); - Services.prefs.clearUserPref("security.mixed_content.send_hsts_priming"); }); }, @@ -151,7 +146,7 @@ let tests = [ // The referrer will be loaded using a secure channel. navigate("https://example.com/chrome/dom/html/test/" + - "file_anchor_ping.html?" + "http://localhost:" + + "file_anchor_ping.html?" + "http://127.0.0.1:" + server.identity.primaryPort + ping); // Wait until the ping has been sent. diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp index 9eebf3c34..3488e26bd 100644 --- a/dom/ipc/ContentParent.cpp +++ b/dom/ipc/ContentParent.cpp @@ -3373,13 +3373,13 @@ ContentParent::RecvIsSecureURI(const uint32_t& type, } bool -ContentParent::RecvAccumulateMixedContentHSTS(const URIParams& aURI, const bool& aActive, const bool& aHSTSPriming) +ContentParent::RecvAccumulateMixedContentHSTS(const URIParams& aURI, const bool& aActive) { nsCOMPtr ourURI = DeserializeURI(aURI); if (!ourURI) { return false; } - nsMixedContentBlocker::AccumulateMixedContentHSTS(ourURI, aActive, aHSTSPriming); + nsMixedContentBlocker::AccumulateMixedContentHSTS(ourURI, aActive); return true; } diff --git a/dom/ipc/ContentParent.h b/dom/ipc/ContentParent.h index f1719c059..abcea0b65 100644 --- a/dom/ipc/ContentParent.h +++ b/dom/ipc/ContentParent.h @@ -742,8 +742,7 @@ private: const uint32_t& aFlags, bool* aIsSecureURI) override; virtual bool RecvAccumulateMixedContentHSTS(const URIParams& aURI, - const bool& aActive, - const bool& aHSTSPriming) override; + const bool& aActive) override; virtual bool DeallocPHalParent(PHalParent*) override; diff --git a/dom/ipc/PContent.ipdl b/dom/ipc/PContent.ipdl index df9eeb147..c01ad59c1 100644 --- a/dom/ipc/PContent.ipdl +++ b/dom/ipc/PContent.ipdl @@ -661,7 +661,7 @@ parent: sync IsSecureURI(uint32_t type, URIParams uri, uint32_t flags) returns (bool isSecureURI); - async AccumulateMixedContentHSTS(URIParams uri, bool active, bool hasHSTSPriming); + async AccumulateMixedContentHSTS(URIParams uri, bool active); sync GetLookAndFeelCache() returns (LookAndFeelInt[] lookAndFeelIntCache); diff --git a/dom/performance/PerformanceResourceTiming.cpp b/dom/performance/PerformanceResourceTiming.cpp index 2eaa4eb9a..9c5475041 100644 --- a/dom/performance/PerformanceResourceTiming.cpp +++ b/dom/performance/PerformanceResourceTiming.cpp @@ -6,6 +6,7 @@ #include "PerformanceResourceTiming.h" #include "mozilla/dom/PerformanceResourceTimingBinding.h" +#include "mozilla/Unused.h" using namespace mozilla::dom; diff --git a/dom/security/nsContentSecurityManager.cpp b/dom/security/nsContentSecurityManager.cpp index c6558fc93..f329aa723 100644 --- a/dom/security/nsContentSecurityManager.cpp +++ b/dom/security/nsContentSecurityManager.cpp @@ -8,8 +8,6 @@ #include "nsContentUtils.h" #include "nsCORSListenerProxy.h" #include "nsIStreamListener.h" -#include "nsIDocument.h" -#include "nsMixedContentBlocker.h" #include "nsCDefaultURIFixup.h" #include "nsIURIFixup.h" @@ -507,13 +505,6 @@ DoContentSecurityChecks(nsIChannel* aChannel, nsILoadInfo* aLoadInfo) return NS_ERROR_CONTENT_BLOCKED; } - if (nsMixedContentBlocker::sSendHSTSPriming) { - rv = nsMixedContentBlocker::MarkLoadInfoForPriming(uri, - requestingContext, - aLoadInfo); - return rv; - } - return NS_OK; } diff --git a/dom/security/nsMixedContentBlocker.cpp b/dom/security/nsMixedContentBlocker.cpp index 4e80dce3f..7d50a43a3 100644 --- a/dom/security/nsMixedContentBlocker.cpp +++ b/dom/security/nsMixedContentBlocker.cpp @@ -54,13 +54,6 @@ bool nsMixedContentBlocker::sBlockMixedScript = false; // Is mixed display content blocking (images, audio, video, ) enabled? bool nsMixedContentBlocker::sBlockMixedDisplay = false; -// Do we move HSTS before mixed-content -bool nsMixedContentBlocker::sUseHSTS = false; -// Do we send an HSTS priming request -bool nsMixedContentBlocker::sSendHSTSPriming = false; -// Default HSTS Priming failure timeout to 7 days, in seconds -uint32_t nsMixedContentBlocker::sHSTSPrimingCacheTimeout = (60 * 24 * 7); - // Fired at the document that attempted to load mixed content. The UI could // handle this event, for example, by displaying an info bar that offers the // choice to reload the page with mixed content permitted. @@ -202,18 +195,6 @@ nsMixedContentBlocker::nsMixedContentBlocker() // Cache the pref for mixed display blocking Preferences::AddBoolVarCache(&sBlockMixedDisplay, "security.mixed_content.block_display_content"); - - // Cache the pref for HSTS - Preferences::AddBoolVarCache(&sUseHSTS, - "security.mixed_content.use_hsts"); - - // Cache the pref for sending HSTS priming - Preferences::AddBoolVarCache(&sSendHSTSPriming, - "security.mixed_content.send_hsts_priming"); - - // Cache the pref for HSTS priming failure cache time - Preferences::AddUintVarCache(&sHSTSPrimingCacheTimeout, - "security.mixed_content.hsts_priming_cache_timeout"); } nsMixedContentBlocker::~nsMixedContentBlocker() @@ -343,22 +324,6 @@ nsMixedContentBlocker::AsyncOnChannelRedirect(nsIChannel* aOldChannel, return NS_BINDING_FAILED; } - if (nsMixedContentBlocker::sSendHSTSPriming) { - // The LoadInfo passed in is for the original channel, HSTS priming needs to - // be set on the new channel, if required. If the redirect changes - // http->https, or vice-versa, the need for priming may change. - nsCOMPtr newLoadInfo; - rv = aNewChannel->GetLoadInfo(getter_AddRefs(newLoadInfo)); - NS_ENSURE_SUCCESS(rv, rv); - rv = nsMixedContentBlocker::MarkLoadInfoForPriming(newUri, - requestingContext, - newLoadInfo); - if (NS_FAILED(rv)) { - decision = REJECT_REQUEST; - newLoadInfo->ClearHSTSPriming(); - } - } - // If the channel is about to load mixed content, abort the channel if (!NS_CP_ACCEPTED(decision)) { autoCallback.DontCallback(); @@ -691,12 +656,6 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect, // the parent is https, and the protocol associated with innerContentLocation // doesn't map to the secure URI flags checked above. Assert this for // sanity's sake -#ifdef DEBUG - bool isHttpsScheme = false; - rv = innerContentLocation->SchemeIs("https", &isHttpsScheme); - NS_ENSURE_SUCCESS(rv, rv); - MOZ_ASSERT(!isHttpsScheme); -#endif *aDecision = REJECT_REQUEST; return NS_OK; } @@ -836,34 +795,6 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect, } nsresult stateRV = securityUI->GetState(&state); - bool doHSTSPriming = false; - if (isHttpScheme) { - bool hsts = false; - bool cached = false; - nsCOMPtr sss = - do_GetService(NS_SSSERVICE_CONTRACTID, &rv); - NS_ENSURE_SUCCESS(rv, rv); - rv = sss->IsSecureURI(nsISiteSecurityService::HEADER_HSTS, aContentLocation, - 0, &cached, &hsts); - NS_ENSURE_SUCCESS(rv, rv); - - if (hsts && sUseHSTS) { - // assume we will be upgraded later - *aDecision = ACCEPT; - return NS_OK; - } - - // Send a priming request if the result is not already cached and priming - // requests are allowed - if (!cached && sSendHSTSPriming) { - // add this URI as a priming location - doHSTSPriming = true; - document->AddHSTSPrimingLocation(innerContentLocation, - HSTSPrimingState::eHSTS_PRIMING_ALLOW); - *aDecision = ACCEPT; - } - } - // At this point we know that the request is mixed content, and the only // question is whether we block it. Record telemetry at this point as to // whether HSTS would have fixed things by making the content location @@ -879,14 +810,14 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect, bool active = (classification == eMixedScript); if (!aHadInsecureImageRedirect) { if (XRE_IsParentProcess()) { - AccumulateMixedContentHSTS(innerContentLocation, active, doHSTSPriming); + AccumulateMixedContentHSTS(innerContentLocation, active); } else { // Ask the parent process to do the same call mozilla::dom::ContentChild* cc = mozilla::dom::ContentChild::GetSingleton(); if (cc) { mozilla::ipc::URIParams uri; SerializeURI(innerContentLocation, uri); - cc->SendAccumulateMixedContentHSTS(uri, active, doHSTSPriming); + cc->SendAccumulateMixedContentHSTS(uri, active); } } } @@ -929,13 +860,7 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect, } } } else { - if (doHSTSPriming) { - document->AddHSTSPrimingLocation(innerContentLocation, - HSTSPrimingState::eHSTS_PRIMING_BLOCK); - *aDecision = nsIContentPolicy::ACCEPT; - } else { - *aDecision = nsIContentPolicy::REJECT_REQUEST; - } + *aDecision = nsIContentPolicy::REJECT_REQUEST; LogMixedContentMessage(classification, aContentLocation, rootDoc, eBlocked); if (!rootDoc->GetHasMixedDisplayContentBlocked() && NS_SUCCEEDED(stateRV)) { rootDoc->SetHasMixedDisplayContentBlocked(true); @@ -981,13 +906,7 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect, } } else { //User has not overriden the pref by Disabling protection. Reject the request and update the security state. - if (doHSTSPriming) { - document->AddHSTSPrimingLocation(innerContentLocation, - HSTSPrimingState::eHSTS_PRIMING_BLOCK); - *aDecision = nsIContentPolicy::ACCEPT; - } else { - *aDecision = nsIContentPolicy::REJECT_REQUEST; - } + *aDecision = nsIContentPolicy::REJECT_REQUEST; LogMixedContentMessage(classification, aContentLocation, rootDoc, eBlocked); // See if the pref will change here. If it will, only then do we need to call OnSecurityChange() to update the UI. if (rootDoc->GetHasMixedActiveContentBlocked()) { @@ -1052,24 +971,10 @@ enum MixedContentHSTSState { MCB_HSTS_ACTIVE_WITH_HSTS = 3 }; -// Similar to the existing mixed-content HSTS, except MCB_HSTS_*_NO_HSTS is -// broken into two distinct states, indicating whether we plan to send a priming -// request or not. If we decided not go send a priming request, it could be -// because it is a type we do not support, or because we cached a previous -// negative response. -enum MixedContentHSTSPrimingState { - eMCB_HSTS_PASSIVE_WITH_HSTS = 0, - eMCB_HSTS_ACTIVE_WITH_HSTS = 1, - eMCB_HSTS_PASSIVE_NO_PRIMING = 2, - eMCB_HSTS_PASSIVE_DO_PRIMING = 3, - eMCB_HSTS_ACTIVE_NO_PRIMING = 4, - eMCB_HSTS_ACTIVE_DO_PRIMING = 5 -}; - // Record information on when HSTS would have made mixed content not mixed // content (regardless of whether it was actually blocked) void -nsMixedContentBlocker::AccumulateMixedContentHSTS(nsIURI* aURI, bool aActive, bool aHasHSTSPriming) +nsMixedContentBlocker::AccumulateMixedContentHSTS(nsIURI* aURI, bool aActive) { // This method must only be called in the parent, because // nsSiteSecurityService is only available in the parent @@ -1089,108 +994,26 @@ nsMixedContentBlocker::AccumulateMixedContentHSTS(nsIURI* aURI, bool aActive, bo return; } - // states: would upgrade, would prime, hsts info cached + // states: would upgrade, hsts info cached // active, passive // if (!aActive) { if (!hsts) { Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS, MCB_HSTS_PASSIVE_NO_HSTS); - if (aHasHSTSPriming) { - Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING, - eMCB_HSTS_PASSIVE_DO_PRIMING); - } else { - Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING, - eMCB_HSTS_PASSIVE_NO_PRIMING); - } } else { Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS, MCB_HSTS_PASSIVE_WITH_HSTS); - Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING, - eMCB_HSTS_PASSIVE_WITH_HSTS); } } else { if (!hsts) { Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS, MCB_HSTS_ACTIVE_NO_HSTS); - if (aHasHSTSPriming) { - Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING, - eMCB_HSTS_ACTIVE_DO_PRIMING); - } else { - Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING, - eMCB_HSTS_ACTIVE_NO_PRIMING); - } } else { Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS, MCB_HSTS_ACTIVE_WITH_HSTS); - Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING, - eMCB_HSTS_ACTIVE_WITH_HSTS); } } -} - -//static -nsresult -nsMixedContentBlocker::MarkLoadInfoForPriming(nsIURI* aURI, - nsISupports* aRequestingContext, - nsILoadInfo* aLoadInfo) -{ - nsresult rv; - bool sendPriming = false; - bool mixedContentWouldBlock = false; - rv = GetHSTSPrimingFromRequestingContext(aURI, - aRequestingContext, - &sendPriming, - &mixedContentWouldBlock); - NS_ENSURE_SUCCESS(rv, rv); - - if (sendPriming) { - aLoadInfo->SetHSTSPriming(mixedContentWouldBlock); - } - - return NS_OK; -} - -//static -nsresult -nsMixedContentBlocker::GetHSTSPrimingFromRequestingContext(nsIURI* aURI, - nsISupports* aRequestingContext, - bool* aSendPrimingRequest, - bool* aMixedContentWouldBlock) -{ - *aSendPrimingRequest = false; - *aMixedContentWouldBlock = false; - // If we marked for priming, we used the innermost URI, so get that - nsCOMPtr innerURI = NS_GetInnermostURI(aURI); - if (!innerURI) { - NS_ERROR("Can't get innerURI from aContentLocation"); - return NS_ERROR_CONTENT_BLOCKED; - } - - bool isHttp = false; - innerURI->SchemeIs("http", &isHttp); - if (!isHttp) { - // there is nothign to do - return NS_OK; - } - - // If the DocShell was marked for HSTS priming, propagate that to the LoadInfo - nsCOMPtr docShell = NS_CP_GetDocShellFromContext(aRequestingContext); - if (!docShell) { - return NS_OK; - } - nsCOMPtr document = docShell->GetDocument(); - if (!document) { - return NS_OK; - } - - HSTSPrimingState status = document->GetHSTSPrimingStateForLocation(innerURI); - if (status != HSTSPrimingState::eNO_HSTS_PRIMING) { - *aSendPrimingRequest = (status != HSTSPrimingState::eNO_HSTS_PRIMING); - *aMixedContentWouldBlock = (status == HSTSPrimingState::eHSTS_PRIMING_BLOCK); - } - - return NS_OK; -} +} \ No newline at end of file diff --git a/dom/security/nsMixedContentBlocker.h b/dom/security/nsMixedContentBlocker.h index 539c3ebbb..56ab9621f 100644 --- a/dom/security/nsMixedContentBlocker.h +++ b/dom/security/nsMixedContentBlocker.h @@ -62,44 +62,11 @@ public: nsIPrincipal* aRequestPrincipal, int16_t* aDecision); static void AccumulateMixedContentHSTS(nsIURI* aURI, - bool aActive, - bool aHasHSTSPriming); - /* If the document associated with aRequestingContext requires priming for - * aURI, propagate that to the LoadInfo so the HttpChannel will find out about - * it. - * - * @param aURI The URI associated with the load - * @param aRequestingContext the requesting context passed to ShouldLoad - * @param aLoadInfo the LoadInfo for the load - */ - static nsresult MarkLoadInfoForPriming(nsIURI* aURI, - nsISupports* aRequestingContext, - nsILoadInfo* aLoadInfo); - - /* Given a context, return whether HSTS was marked on the document associated - * with the load for the given URI. This is used by MarkLoadInfoForPriming and - * directly by the image loader to determine whether to allow a load to occur - * from the cache. - * - * @param aURI The URI associated with the load - * @param aRequestingContext the requesting context passed to ShouldLoad - * @param aSendPrimingRequest out true if priming is required on the channel - * @param aMixedContentWouldBlock out true if mixed content would block - */ - static nsresult GetHSTSPrimingFromRequestingContext(nsIURI* aURI, - nsISupports* aRequestingContext, - bool* aSendPrimingRequest, - bool* aMixedContentWouldBlock); + bool aActive); static bool sBlockMixedScript; static bool sBlockMixedDisplay; - // Do we move HSTS before mixed-content - static bool sUseHSTS; - // Do we send an HSTS priming request - static bool sSendHSTSPriming; - // Default HSTS Priming failure timeout in seconds - static uint32_t sHSTSPrimingCacheTimeout; }; #endif /* nsMixedContentBlocker_h___ */ diff --git a/dom/security/test/csp/test_referrerdirective.html b/dom/security/test/csp/test_referrerdirective.html index 770fcc40b..f590460a0 100644 --- a/dom/security/test/csp/test_referrerdirective.html +++ b/dom/security/test/csp/test_referrerdirective.html @@ -116,8 +116,6 @@ SimpleTest.waitForExplicitFinish(); SpecialPowers.pushPrefEnv({ 'set': [['security.mixed_content.block_active_content', false], ['security.mixed_content.block_display_content', false], - ['security.mixed_content.send_hsts_priming', false], - ['security.mixed_content.use_hsts', false], ] }, function() { diff --git a/dom/security/test/hsts/browser.ini b/dom/security/test/hsts/browser.ini deleted file mode 100644 index ae75031df..000000000 --- a/dom/security/test/hsts/browser.ini +++ /dev/null @@ -1,19 +0,0 @@ -[DEFAULT] -skip-if = debug # bug 1311599, bug 1311239, etc -support-files = - head.js - file_priming-top.html - file_testserver.sjs - file_1x1.png - file_priming.js - file_stylesheet.css - -[browser_hsts-priming_allow_active.js] -[browser_hsts-priming_block_active.js] -[browser_hsts-priming_hsts_after_mixed.js] -[browser_hsts-priming_allow_display.js] -[browser_hsts-priming_block_display.js] -[browser_hsts-priming_block_active_css.js] -[browser_hsts-priming_block_active_with_redir_same.js] -[browser_hsts-priming_no-duplicates.js] -[browser_hsts-priming_cache-timeout.js] diff --git a/dom/security/test/hsts/browser_hsts-priming_allow_active.js b/dom/security/test/hsts/browser_hsts-priming_allow_active.js deleted file mode 100644 index a932b31b3..000000000 --- a/dom/security/test/hsts/browser_hsts-priming_allow_active.js +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Description of the test: - * Check that HSTS priming occurs correctly with mixed content when active - * content is allowed. - */ -'use strict'; - -//jscs:disable -add_task(function*() { - //jscs:enable - Services.obs.addObserver(Observer, "console-api-log-event", false); - Services.obs.addObserver(Observer, "http-on-examine-response", false); - registerCleanupFunction(do_cleanup); - - let which = "allow_active"; - - SetupPrefTestEnvironment(which); - - for (let server of Object.keys(test_servers)) { - yield execute_test(server, test_settings[which].mimetype); - } - - SpecialPowers.popPrefEnv(); -}); diff --git a/dom/security/test/hsts/browser_hsts-priming_allow_display.js b/dom/security/test/hsts/browser_hsts-priming_allow_display.js deleted file mode 100644 index 06546ca65..000000000 --- a/dom/security/test/hsts/browser_hsts-priming_allow_display.js +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Description of the test: - * Check that HSTS priming occurs correctly with mixed content when display - * content is allowed. - */ -'use strict'; - -//jscs:disable -add_task(function*() { - //jscs:enable - Services.obs.addObserver(Observer, "console-api-log-event", false); - Services.obs.addObserver(Observer, "http-on-examine-response", false); - registerCleanupFunction(do_cleanup); - - let which = "allow_display"; - - SetupPrefTestEnvironment(which); - - for (let server of Object.keys(test_servers)) { - yield execute_test(server, test_settings[which].mimetype); - } - - SpecialPowers.popPrefEnv(); -}); diff --git a/dom/security/test/hsts/browser_hsts-priming_block_active.js b/dom/security/test/hsts/browser_hsts-priming_block_active.js deleted file mode 100644 index a5478b185..000000000 --- a/dom/security/test/hsts/browser_hsts-priming_block_active.js +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Description of the test: - * Check that HSTS priming occurs correctly with mixed content when active - * content is blocked. - */ -'use strict'; - -//jscs:disable -add_task(function*() { - //jscs:enable - Services.obs.addObserver(Observer, "console-api-log-event", false); - Services.obs.addObserver(Observer, "http-on-examine-response", false); - registerCleanupFunction(do_cleanup); - - let which = "block_active"; - - SetupPrefTestEnvironment(which); - - for (let server of Object.keys(test_servers)) { - yield execute_test(server, test_settings[which].mimetype); - } - - SpecialPowers.popPrefEnv(); -}); diff --git a/dom/security/test/hsts/browser_hsts-priming_block_active_css.js b/dom/security/test/hsts/browser_hsts-priming_block_active_css.js deleted file mode 100644 index 340d11483..000000000 --- a/dom/security/test/hsts/browser_hsts-priming_block_active_css.js +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Description of the test: - * Check that HSTS priming occurs correctly with mixed content when active - * content is blocked for css. - */ -'use strict'; - -//jscs:disable -add_task(function*() { - //jscs:enable - Services.obs.addObserver(Observer, "console-api-log-event", false); - Services.obs.addObserver(Observer, "http-on-examine-response", false); - registerCleanupFunction(do_cleanup); - - let which = "block_active_css"; - - SetupPrefTestEnvironment(which); - - for (let server of Object.keys(test_servers)) { - yield execute_test(server, test_settings[which].mimetype); - } - - SpecialPowers.popPrefEnv(); -}); diff --git a/dom/security/test/hsts/browser_hsts-priming_block_active_with_redir_same.js b/dom/security/test/hsts/browser_hsts-priming_block_active_with_redir_same.js deleted file mode 100644 index 130a3d5ec..000000000 --- a/dom/security/test/hsts/browser_hsts-priming_block_active_with_redir_same.js +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Description of the test: - * Check that HSTS priming occurs correctly with mixed content when active - * content is blocked and redirect to the same host should still upgrade. - */ -'use strict'; - -//jscs:disable -add_task(function*() { - //jscs:enable - Services.obs.addObserver(Observer, "console-api-log-event", false); - Services.obs.addObserver(Observer, "http-on-examine-response", false); - registerCleanupFunction(do_cleanup); - - let which = "block_active_with_redir_same"; - - SetupPrefTestEnvironment(which); - - for (let server of Object.keys(test_servers)) { - yield execute_test(server, test_settings[which].mimetype); - } - - SpecialPowers.popPrefEnv(); -}); diff --git a/dom/security/test/hsts/browser_hsts-priming_block_display.js b/dom/security/test/hsts/browser_hsts-priming_block_display.js deleted file mode 100644 index 4eca62718..000000000 --- a/dom/security/test/hsts/browser_hsts-priming_block_display.js +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Description of the test: - * Check that HSTS priming occurs correctly with mixed content when display - * content is blocked. - */ -'use strict'; - -//jscs:disable -add_task(function*() { - //jscs:enable - Services.obs.addObserver(Observer, "console-api-log-event", false); - Services.obs.addObserver(Observer, "http-on-examine-response", false); - registerCleanupFunction(do_cleanup); - - let which = "block_display"; - - SetupPrefTestEnvironment(which); - - for (let server of Object.keys(test_servers)) { - yield execute_test(server, test_settings[which].mimetype); - } - - SpecialPowers.popPrefEnv(); -}); diff --git a/dom/security/test/hsts/browser_hsts-priming_cache-timeout.js b/dom/security/test/hsts/browser_hsts-priming_cache-timeout.js deleted file mode 100644 index 5416a71d2..000000000 --- a/dom/security/test/hsts/browser_hsts-priming_cache-timeout.js +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Description of the test: - * Test that the network.hsts_priming.cache_timeout preferene causes the cache - * to timeout - */ -'use strict'; - -//jscs:disable -add_task(function*() { - //jscs:enable - Observer.add_observers(Services); - registerCleanupFunction(do_cleanup); - - let which = "block_display"; - - SetupPrefTestEnvironment(which, [["security.mixed_content.hsts_priming_cache_timeout", 1]]); - - yield execute_test("no-ssl", test_settings[which].mimetype); - - let pre_promise = performance.now(); - - while ((performance.now() - pre_promise) < 2000) { - yield new Promise(function (resolve) { - setTimeout(resolve, 2000); - }); - } - - // clear the fact that we saw a priming request - test_settings[which].priming = {}; - - yield execute_test("no-ssl", test_settings[which].mimetype); - is(test_settings[which].priming["no-ssl"], true, - "Correctly send a priming request after expiration."); - - SpecialPowers.popPrefEnv(); -}); diff --git a/dom/security/test/hsts/browser_hsts-priming_hsts_after_mixed.js b/dom/security/test/hsts/browser_hsts-priming_hsts_after_mixed.js deleted file mode 100644 index 89ea6fbeb..000000000 --- a/dom/security/test/hsts/browser_hsts-priming_hsts_after_mixed.js +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Description of the test: - * Check that HSTS priming occurs correctly with mixed content when the - * mixed-content blocks before HSTS. - */ -'use strict'; - -//jscs:disable -add_task(function*() { - //jscs:enable - Services.obs.addObserver(Observer, "console-api-log-event", false); - Services.obs.addObserver(Observer, "http-on-examine-response", false); - registerCleanupFunction(do_cleanup); - - let which = "hsts_after_mixed"; - - SetupPrefTestEnvironment(which); - - for (let server of Object.keys(test_servers)) { - yield execute_test(server, test_settings[which].mimetype); - } - - SpecialPowers.popPrefEnv(); -}); diff --git a/dom/security/test/hsts/browser_hsts-priming_no-duplicates.js b/dom/security/test/hsts/browser_hsts-priming_no-duplicates.js deleted file mode 100644 index 3846fe4f0..000000000 --- a/dom/security/test/hsts/browser_hsts-priming_no-duplicates.js +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Description of the test: - * Only one request should be sent per host, even if we run the test more - * than once. - */ -'use strict'; - -//jscs:disable -add_task(function*() { - //jscs:enable - Observer.add_observers(Services); - registerCleanupFunction(do_cleanup); - - let which = "block_display"; - - SetupPrefTestEnvironment(which); - - for (let server of Object.keys(test_servers)) { - yield execute_test(server, test_settings[which].mimetype); - } - - test_settings[which].priming = {}; - - // run the tests twice to validate the cache is being used - for (let server of Object.keys(test_servers)) { - yield execute_test(server, test_settings[which].mimetype); - } - - SpecialPowers.popPrefEnv(); -}); diff --git a/dom/security/test/hsts/file_1x1.png b/dom/security/test/hsts/file_1x1.png deleted file mode 100644 index 1ba31ba1a..000000000 Binary files a/dom/security/test/hsts/file_1x1.png and /dev/null differ diff --git a/dom/security/test/hsts/file_priming-top.html b/dom/security/test/hsts/file_priming-top.html deleted file mode 100644 index b1d1bfa40..000000000 --- a/dom/security/test/hsts/file_priming-top.html +++ /dev/null @@ -1,84 +0,0 @@ - - - - Bug 1246540 - - - -

- - - - - diff --git a/dom/security/test/hsts/file_priming.js b/dom/security/test/hsts/file_priming.js deleted file mode 100644 index 023022da6..000000000 --- a/dom/security/test/hsts/file_priming.js +++ /dev/null @@ -1,4 +0,0 @@ -function completed() { - return; -} -completed(); diff --git a/dom/security/test/hsts/file_stylesheet.css b/dom/security/test/hsts/file_stylesheet.css deleted file mode 100644 index e69de29bb..000000000 diff --git a/dom/security/test/hsts/file_testserver.sjs b/dom/security/test/hsts/file_testserver.sjs deleted file mode 100644 index d5cd6b17a..000000000 --- a/dom/security/test/hsts/file_testserver.sjs +++ /dev/null @@ -1,66 +0,0 @@ -// SJS file for HSTS mochitests - -Components.utils.import("resource://gre/modules/NetUtil.jsm"); -Components.utils.importGlobalProperties(["URLSearchParams"]); - -function loadFromFile(path) { - // Load the HTML to return in the response from file. - // Since it's relative to the cwd of the test runner, we start there and - // append to get to the actual path of the file. - var testFile = - Components.classes["@mozilla.org/file/directory_service;1"]. - getService(Components.interfaces.nsIProperties). - get("CurWorkD", Components.interfaces.nsILocalFile); - var dirs = path.split("/"); - for (var i = 0; i < dirs.length; i++) { - testFile.append(dirs[i]); - } - var testFileStream = - Components.classes["@mozilla.org/network/file-input-stream;1"]. - createInstance(Components.interfaces.nsIFileInputStream); - testFileStream.init(testFile, -1, 0, 0); - var test = NetUtil.readInputStreamToString(testFileStream, testFileStream.available()); - return test; -} - -function handleRequest(request, response) -{ - const query = new URLSearchParams(request.queryString); - - redir = query.get('redir'); - if (redir == 'same') { - query.delete("redir"); - response.setStatus(302); - let newURI = request.uri; - newURI.queryString = query.serialize(); - response.setHeader("Location", newURI.spec) - } - - // avoid confusing cache behaviors - response.setHeader("Cache-Control", "no-cache", false); - - // if we have a priming header, check for required behavior - // and set header appropriately - if (request.hasHeader('Upgrade-Insecure-Requests')) { - var expected = query.get('primer'); - if (expected == 'prime-hsts') { - // set it for 5 minutes - response.setHeader("Strict-Transport-Security", "max-age="+(60*5), false); - } else if (expected == 'reject-upgrade') { - response.setHeader("Strict-Transport-Security", "max-age=0", false); - } - response.write(''); - return; - } - - var file = query.get('file'); - if (file) { - var mimetype = unescape(query.get('mimetype')); - response.setHeader("Content-Type", mimetype, false); - response.write(loadFromFile(unescape(file))); - return; - } - - response.setHeader("Content-Type", "application/json", false); - response.write('{}'); -} diff --git a/dom/security/test/hsts/head.js b/dom/security/test/hsts/head.js deleted file mode 100644 index 362b36444..000000000 --- a/dom/security/test/hsts/head.js +++ /dev/null @@ -1,308 +0,0 @@ -/* - * Description of the tests: - * Check that HSTS priming occurs correctly with mixed content - * - * This test uses three hostnames, each of which treats an HSTS priming - * request differently. - * * no-ssl never returns an ssl response - * * reject-upgrade returns an ssl response, but with no STS header - * * prime-hsts returns an ssl response with the appropriate STS header - * - * For each server, test that it response appropriately when the we allow - * or block active or display content, as well as when we send an hsts priming - * request, but do not change the order of mixed-content and HSTS. - * - * Test use http-on-examine-response, so must be run in browser context. - */ -'use strict'; - -var TOP_URI = "https://example.com/browser/dom/security/test/hsts/file_priming-top.html"; - -var test_servers = { - // a test server that does not support TLS - 'no-ssl': { - host: 'example.co.jp', - response: false, - id: 'no-ssl', - }, - // a test server which does not support STS upgrade - 'reject-upgrade': { - host: 'example.org', - response: true, - id: 'reject-upgrade', - }, - // a test server when sends an STS header when priming - 'prime-hsts': { - host: 'test1.example.com', - response: true, - id: 'prime-hsts' - }, -}; - -var test_settings = { - // mixed active content is allowed, priming will upgrade - allow_active: { - block_active: false, - block_display: false, - use_hsts: true, - send_hsts_priming: true, - type: 'script', - result: { - 'no-ssl': 'insecure', - 'reject-upgrade': 'insecure', - 'prime-hsts': 'secure', - }, - }, - // mixed active content is blocked, priming will upgrade - block_active: { - block_active: true, - block_display: false, - use_hsts: true, - send_hsts_priming: true, - type: 'script', - result: { - 'no-ssl': 'blocked', - 'reject-upgrade': 'blocked', - 'prime-hsts': 'secure', - }, - }, - // keep the original order of mixed-content and HSTS, but send - // priming requests - hsts_after_mixed: { - block_active: true, - block_display: false, - use_hsts: false, - send_hsts_priming: true, - type: 'script', - result: { - 'no-ssl': 'blocked', - 'reject-upgrade': 'blocked', - 'prime-hsts': 'blocked', - }, - }, - // mixed display content is allowed, priming will upgrade - allow_display: { - block_active: true, - block_display: false, - use_hsts: true, - send_hsts_priming: true, - type: 'img', - result: { - 'no-ssl': 'insecure', - 'reject-upgrade': 'insecure', - 'prime-hsts': 'secure', - }, - }, - // mixed display content is blocked, priming will upgrade - block_display: { - block_active: true, - block_display: true, - use_hsts: true, - send_hsts_priming: true, - type: 'img', - result: { - 'no-ssl': 'blocked', - 'reject-upgrade': 'blocked', - 'prime-hsts': 'secure', - }, - }, - // mixed active content is blocked, priming will upgrade (css) - block_active_css: { - block_active: true, - block_display: false, - use_hsts: true, - send_hsts_priming: true, - type: 'css', - result: { - 'no-ssl': 'blocked', - 'reject-upgrade': 'blocked', - 'prime-hsts': 'secure', - }, - }, - // mixed active content is blocked, priming will upgrade - // redirect to the same host - block_active_with_redir_same: { - block_active: true, - block_display: false, - use_hsts: true, - send_hsts_priming: true, - type: 'script', - redir: 'same', - result: { - 'no-ssl': 'blocked', - 'reject-upgrade': 'blocked', - 'prime-hsts': 'secure', - }, - }, -} -// track which test we are on -var which_test = ""; - -const Observer = { - observe: function (subject, topic, data) { - switch (topic) { - case 'console-api-log-event': - return Observer.console_api_log_event(subject, topic, data); - case 'http-on-examine-response': - return Observer.http_on_examine_response(subject, topic, data); - case 'http-on-modify-request': - return Observer.http_on_modify_request(subject, topic, data); - } - throw "Can't handle topic "+topic; - }, - add_observers: function (services) { - services.obs.addObserver(Observer, "console-api-log-event", false); - services.obs.addObserver(Observer, "http-on-examine-response", false); - services.obs.addObserver(Observer, "http-on-modify-request", false); - }, - // When a load is blocked which results in an error event within a page, the - // test logs to the console. - console_api_log_event: function (subject, topic, data) { - var message = subject.wrappedJSObject.arguments[0]; - // when we are blocked, this will match the message we sent to the console, - // ignore everything else. - var re = RegExp(/^HSTS_PRIMING: Blocked ([-\w]+).*$/); - if (!re.test(message)) { - return; - } - - let id = message.replace(re, '$1'); - let curTest =test_servers[id]; - - if (!curTest) { - ok(false, "HSTS priming got a console message blocked, "+ - "but doesn't match expectations "+id+" (msg="+message); - return; - } - - is("blocked", test_settings[which_test].result[curTest.id], "HSTS priming "+ - which_test+":"+curTest.id+" expected "+ - test_settings[which_test].result[curTest.id]+", got blocked"); - test_settings[which_test].finished[curTest.id] = "blocked"; - }, - get_current_test: function(uri) { - for (let item in test_servers) { - let re = RegExp('https?://'+test_servers[item].host); - if (re.test(uri)) { - return test_servers[item]; - } - } - return null; - }, - http_on_modify_request: function (subject, topic, data) { - let channel = subject.QueryInterface(Ci.nsIHttpChannel); - if (channel.requestMethod != 'HEAD') { - return; - } - - let curTest = this.get_current_test(channel.URI.asciiSpec); - - if (!curTest) { - return; - } - - ok(!(curTest.id in test_settings[which_test].priming), "Already saw a priming request for " + curTest.id); - test_settings[which_test].priming[curTest.id] = true; - }, - // When we see a response come back, peek at the response and test it is secure - // or insecure as needed. Addtionally, watch the response for priming requests. - http_on_examine_response: function (subject, topic, data) { - let channel = subject.QueryInterface(Ci.nsIHttpChannel); - let curTest = this.get_current_test(channel.URI.asciiSpec); - - if (!curTest) { - return; - } - - let result = (channel.URI.asciiSpec.startsWith('https:')) ? "secure" : "insecure"; - - // This is a priming request, go ahead and validate we were supposed to see - // a response from the server - if (channel.requestMethod == 'HEAD') { - is(true, curTest.response, "HSTS priming response found " + curTest.id); - return; - } - - // This is the response to our query, make sure it matches - is(result, test_settings[which_test].result[curTest.id], - "HSTS priming result " + which_test + ":" + curTest.id); - test_settings[which_test].finished[curTest.id] = result; - }, -}; - -// opens `uri' in a new tab and focuses it. -// returns the newly opened tab -function openTab(uri) { - let tab = gBrowser.addTab(uri); - - // select tab and make sure its browser is focused - gBrowser.selectedTab = tab; - tab.ownerDocument.defaultView.focus(); - - return tab; -} - -function clear_sts_data() { - for (let test in test_servers) { - SpecialPowers.cleanUpSTSData('http://'+test_servers[test].host); - } -} - -function do_cleanup() { - clear_sts_data(); - - Services.obs.removeObserver(Observer, "console-api-log-event"); - Services.obs.removeObserver(Observer, "http-on-examine-response"); -} - -function SetupPrefTestEnvironment(which, additional_prefs) { - which_test = which; - clear_sts_data(); - - var settings = test_settings[which]; - // priming counts how many priming requests we saw - settings.priming = {}; - // priming counts how many tests were finished - settings.finished= {}; - - var prefs = [["security.mixed_content.block_active_content", - settings.block_active], - ["security.mixed_content.block_display_content", - settings.block_display], - ["security.mixed_content.use_hsts", - settings.use_hsts], - ["security.mixed_content.send_hsts_priming", - settings.send_hsts_priming]]; - - if (additional_prefs) { - for (let idx in additional_prefs) { - prefs.push(additional_prefs[idx]); - } - } - - console.log("prefs=%s", prefs); - - SpecialPowers.pushPrefEnv({'set': prefs}); -} - -// make the top-level test uri -function build_test_uri(base_uri, host, test_id, type) { - return base_uri + - "?host=" + escape(host) + - "&id=" + escape(test_id) + - "&type=" + escape(type); -} - -// open a new tab, load the test, and wait for it to finish -function execute_test(test, mimetype) { - var src = build_test_uri(TOP_URI, test_servers[test].host, - test, test_settings[which_test].type); - - let tab = openTab(src); - test_servers[test]['tab'] = tab; - - let browser = gBrowser.getBrowserForTab(tab); - yield BrowserTestUtils.browserLoaded(browser); - - yield BrowserTestUtils.removeTab(tab); -} diff --git a/dom/security/test/mixedcontentblocker/test_main.html b/dom/security/test/mixedcontentblocker/test_main.html index d2bc9dc7e..bb9536939 100644 --- a/dom/security/test/mixedcontentblocker/test_main.html +++ b/dom/security/test/mixedcontentblocker/test_main.html @@ -162,9 +162,6 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=62178 } function startTest() { - // Set prefs to use mixed-content before HSTS - SpecialPowers.pushPrefEnv({'set': [["security.mixed_content.use_hsts", false], - ["security.mixed_content.send_hsts_priming", false]]}); //Set the first set of mixed content settings and increment the counter. changePrefs([], function() { //listen for a messages from the mixed content test harness diff --git a/dom/security/test/moz.build b/dom/security/test/moz.build index 946959dee..759e76c73 100644 --- a/dom/security/test/moz.build +++ b/dom/security/test/moz.build @@ -28,5 +28,4 @@ BROWSER_CHROME_MANIFESTS += [ 'contentverifier/browser.ini', 'csp/browser.ini', 'general/browser.ini', - 'hsts/browser.ini', ] diff --git a/image/imgLoader.cpp b/image/imgLoader.cpp index 5e5ee7829..f7fb657bd 100644 --- a/image/imgLoader.cpp +++ b/image/imgLoader.cpp @@ -607,19 +607,6 @@ ShouldLoadCachedImage(imgRequest* aImgRequest, } } - bool sendPriming = false; - bool mixedContentWouldBlock = false; - rv = nsMixedContentBlocker::GetHSTSPrimingFromRequestingContext(contentLocation, - aLoadingContext, &sendPriming, &mixedContentWouldBlock); - if (NS_FAILED(rv)) { - return false; - } - if (sendPriming && mixedContentWouldBlock) { - // if either of the securty checks above would cause a priming request, we - // can't load this image from the cache, so go ahead and return false here - return false; - } - return true; } diff --git a/ipc/glue/BackgroundUtils.cpp b/ipc/glue/BackgroundUtils.cpp index e115fa74c..44f988efd 100644 --- a/ipc/glue/BackgroundUtils.cpp +++ b/ipc/glue/BackgroundUtils.cpp @@ -295,9 +295,8 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo, aLoadInfo->CorsUnsafeHeaders(), aLoadInfo->GetForcePreflight(), aLoadInfo->GetIsPreflight(), - aLoadInfo->GetLoadTriggeredFromExternal(), - aLoadInfo->GetForceHSTSPriming(), - aLoadInfo->GetMixedContentWouldBlock()); + aLoadInfo->GetLoadTriggeredFromExternal() + ); return NS_OK; } @@ -373,9 +372,7 @@ LoadInfoArgsToLoadInfo(const OptionalLoadInfoArgs& aOptionalLoadInfoArgs, loadInfoArgs.corsUnsafeHeaders(), loadInfoArgs.forcePreflight(), loadInfoArgs.isPreflight(), - loadInfoArgs.loadTriggeredFromExternal(), - loadInfoArgs.forceHSTSPriming(), - loadInfoArgs.mixedContentWouldBlock() + loadInfoArgs.loadTriggeredFromExternal() ); loadInfo.forget(outLoadInfo); diff --git a/js/ipc/JavaScriptParent.cpp b/js/ipc/JavaScriptParent.cpp index 7fe92d662..ca0a0bd21 100644 --- a/js/ipc/JavaScriptParent.cpp +++ b/js/ipc/JavaScriptParent.cpp @@ -16,6 +16,7 @@ #include "xpcprivate.h" #include "mozilla/Casting.h" #include "mozilla/Telemetry.h" +#include "mozilla/Unused.h" #include "nsAutoPtr.h" using namespace js; diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js index 18e23ff2e..1706807e9 100644 --- a/modules/libpref/init/all.js +++ b/modules/libpref/init/all.js @@ -5447,23 +5447,6 @@ pref("media.block-autoplay-until-in-foreground", false); pref("layout.css.servo.enabled", true); #endif -// HSTS Priming -// If a request is mixed-content, send an HSTS priming request to attempt to -// see if it is available over HTTPS. -#ifdef RELEASE_OR_BETA -// Don't change the order of evaluation of mixed-content and HSTS upgrades in -// order to be most compatible with current standards -pref("security.mixed_content.send_hsts_priming", false); -pref("security.mixed_content.use_hsts", false); -#else -// Change the order of evaluation so HSTS upgrades happen before -// mixed-content blocking -pref("security.mixed_content.send_hsts_priming", true); -pref("security.mixed_content.use_hsts", true); -#endif -// Approximately 1 week default cache for HSTS priming failures -pref ("security.mixed_content.hsts_priming_cache_timeout", 10080); - // TODO: Bug 1380959: Block toplevel data: URI navigations // If true, all toplevel data: URI navigations will be blocked. // Please note that manually entering a data: URI in the diff --git a/netwerk/base/LoadInfo.cpp b/netwerk/base/LoadInfo.cpp index ede825b8f..a8c9a5a25 100644 --- a/netwerk/base/LoadInfo.cpp +++ b/netwerk/base/LoadInfo.cpp @@ -67,8 +67,6 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, , mForcePreflight(false) , mIsPreflight(false) , mLoadTriggeredFromExternal(false) - , mForceHSTSPriming(false) - , mMixedContentWouldBlock(false) { MOZ_ASSERT(mLoadingPrincipal); MOZ_ASSERT(mTriggeringPrincipal); @@ -243,8 +241,6 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow, , mForcePreflight(false) , mIsPreflight(false) , mLoadTriggeredFromExternal(false) - , mForceHSTSPriming(false) - , mMixedContentWouldBlock(false) { // Top-level loads are never third-party // Grab the information we can out of the window. @@ -308,8 +304,6 @@ LoadInfo::LoadInfo(const LoadInfo& rhs) , mForcePreflight(rhs.mForcePreflight) , mIsPreflight(rhs.mIsPreflight) , mLoadTriggeredFromExternal(rhs.mLoadTriggeredFromExternal) - , mForceHSTSPriming(rhs.mForceHSTSPriming) - , mMixedContentWouldBlock(rhs.mMixedContentWouldBlock) { } @@ -337,9 +331,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, const nsTArray& aCorsUnsafeHeaders, bool aForcePreflight, bool aIsPreflight, - bool aLoadTriggeredFromExternal, - bool aForceHSTSPriming, - bool aMixedContentWouldBlock) + bool aLoadTriggeredFromExternal) : mLoadingPrincipal(aLoadingPrincipal) , mTriggeringPrincipal(aTriggeringPrincipal) , mPrincipalToInherit(aPrincipalToInherit) @@ -363,8 +355,6 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, , mForcePreflight(aForcePreflight) , mIsPreflight(aIsPreflight) , mLoadTriggeredFromExternal(aLoadTriggeredFromExternal) - , mForceHSTSPriming (aForceHSTSPriming) - , mMixedContentWouldBlock(aMixedContentWouldBlock) { // Only top level TYPE_DOCUMENT loads can have a null loadingPrincipal MOZ_ASSERT(mLoadingPrincipal || aContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT); @@ -932,34 +922,6 @@ LoadInfo::GetLoadTriggeredFromExternal(bool* aLoadTriggeredFromExternal) return NS_OK; } -NS_IMETHODIMP -LoadInfo::GetForceHSTSPriming(bool* aForceHSTSPriming) -{ - *aForceHSTSPriming = mForceHSTSPriming; - return NS_OK; -} - -NS_IMETHODIMP -LoadInfo::GetMixedContentWouldBlock(bool *aMixedContentWouldBlock) -{ - *aMixedContentWouldBlock = mMixedContentWouldBlock; - return NS_OK; -} - -void -LoadInfo::SetHSTSPriming(bool aMixedContentWouldBlock) -{ - mForceHSTSPriming = true; - mMixedContentWouldBlock = aMixedContentWouldBlock; -} - -void -LoadInfo::ClearHSTSPriming() -{ - mForceHSTSPriming = false; - mMixedContentWouldBlock = false; -} - NS_IMETHODIMP LoadInfo::GetTainting(uint32_t* aTaintingOut) { diff --git a/netwerk/base/LoadInfo.h b/netwerk/base/LoadInfo.h index 0ae6061b3..2b1e8c9e8 100644 --- a/netwerk/base/LoadInfo.h +++ b/netwerk/base/LoadInfo.h @@ -111,9 +111,7 @@ private: const nsTArray& aUnsafeHeaders, bool aForcePreflight, bool aIsPreflight, - bool aLoadTriggeredFromExternal, - bool aForceHSTSPriming, - bool aMixedContentWouldBlock); + bool aLoadTriggeredFromExternal); LoadInfo(const LoadInfo& rhs); friend nsresult @@ -159,9 +157,6 @@ private: bool mForcePreflight; bool mIsPreflight; bool mLoadTriggeredFromExternal; - - bool mForceHSTSPriming : 1; - bool mMixedContentWouldBlock : 1; }; } // namespace net diff --git a/netwerk/base/nsILoadInfo.idl b/netwerk/base/nsILoadInfo.idl index 4ec29b972..9a883ff98 100644 --- a/netwerk/base/nsILoadInfo.idl +++ b/netwerk/base/nsILoadInfo.idl @@ -670,32 +670,6 @@ interface nsILoadInfo : nsISupports */ [infallible] readonly attribute boolean isPreflight; - /** - * When this request would be mixed-content and we do not have an - * entry in the HSTS cache, we send an HSTS priming request to - * determine if it is ok to upgrade the request to HTTPS. - */ - /** - * True if this is a mixed-content load and HSTS priming request will be sent. - */ - [noscript, infallible] readonly attribute boolean forceHSTSPriming; - /** - * Carry the decision whether this load would be blocked by mixed content so - * that if HSTS priming fails, the correct decision can be made. - */ - [noscript, infallible] readonly attribute boolean mixedContentWouldBlock; - - /** - * Mark this LoadInfo as needing HSTS Priming - * - * @param wouldBlock Carry the decision of Mixed Content Blocking to be - * applied when HSTS priming is complete. - */ - [noscript, notxpcom, nostdcall] - void setHSTSPriming(in boolean mixeContentWouldBlock); - [noscript, notxpcom, nostdcall] - void clearHSTSPriming(); - /** * Constants reflecting the channel tainting. These are mainly defined here * for script. Internal C++ code should use the enum defined in LoadTainting.h. diff --git a/netwerk/ipc/NeckoChannelParams.ipdlh b/netwerk/ipc/NeckoChannelParams.ipdlh index bb7562c64..2633ef608 100644 --- a/netwerk/ipc/NeckoChannelParams.ipdlh +++ b/netwerk/ipc/NeckoChannelParams.ipdlh @@ -56,8 +56,6 @@ struct LoadInfoArgs bool forcePreflight; bool isPreflight; bool loadTriggeredFromExternal; - bool forceHSTSPriming; - bool mixedContentWouldBlock; }; /** diff --git a/netwerk/protocol/http/HSTSPrimerListener.cpp b/netwerk/protocol/http/HSTSPrimerListener.cpp deleted file mode 100644 index 8c9d28d36..000000000 --- a/netwerk/protocol/http/HSTSPrimerListener.cpp +++ /dev/null @@ -1,273 +0,0 @@ -/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* vim: set ts=8 sts=2 et sw=2 tw=80: */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "nsHttp.h" - -#include "HSTSPrimerListener.h" -#include "nsIHstsPrimingCallback.h" -#include "nsIPrincipal.h" -#include "nsSecurityHeaderParser.h" -#include "nsISiteSecurityService.h" -#include "nsISocketProvider.h" -#include "nsISSLStatus.h" -#include "nsISSLStatusProvider.h" -#include "nsStreamUtils.h" -#include "nsHttpChannel.h" -#include "LoadInfo.h" - -namespace mozilla { -namespace net { - -using namespace mozilla; - -NS_IMPL_ISUPPORTS(HSTSPrimingListener, nsIStreamListener, - nsIRequestObserver, nsIInterfaceRequestor) - -NS_IMETHODIMP -HSTSPrimingListener::GetInterface(const nsIID & aIID, void **aResult) -{ - return QueryInterface(aIID, aResult); -} - -NS_IMETHODIMP -HSTSPrimingListener::OnStartRequest(nsIRequest *aRequest, - nsISupports *aContext) -{ - nsresult primingResult = CheckHSTSPrimingRequestStatus(aRequest); - nsCOMPtr callback(mCallback); - mCallback = nullptr; - - nsCOMPtr timingChannel = - do_QueryInterface(callback); - if (timingChannel) { - TimeStamp channelCreationTime; - nsresult rv = timingChannel->GetChannelCreation(&channelCreationTime); - if (NS_SUCCEEDED(rv) && !channelCreationTime.IsNull()) { - PRUint32 interval = - (PRUint32) (TimeStamp::Now() - channelCreationTime).ToMilliseconds(); - Telemetry::Accumulate(Telemetry::HSTS_PRIMING_REQUEST_DURATION, - (NS_SUCCEEDED(primingResult)) ? NS_LITERAL_CSTRING("success") - : NS_LITERAL_CSTRING("failure"), - interval); - } - } - - if (NS_FAILED(primingResult)) { - LOG(("HSTS Priming Failed (request was not approved)")); - return callback->OnHSTSPrimingFailed(primingResult, false); - } - - LOG(("HSTS Priming Succeeded (request was approved)")); - return callback->OnHSTSPrimingSucceeded(false); -} - -NS_IMETHODIMP -HSTSPrimingListener::OnStopRequest(nsIRequest *aRequest, - nsISupports *aContext, - nsresult aStatus) -{ - return NS_OK; -} - -nsresult -HSTSPrimingListener::CheckHSTSPrimingRequestStatus(nsIRequest* aRequest) -{ - nsresult status; - nsresult rv = aRequest->GetStatus(&status); - NS_ENSURE_SUCCESS(rv, rv); - if (NS_FAILED(status)) { - return NS_ERROR_CONTENT_BLOCKED; - } - - // Test that things worked on a HTTP level - nsCOMPtr httpChannel = do_QueryInterface(aRequest); - NS_ENSURE_STATE(httpChannel); - nsCOMPtr internal = do_QueryInterface(aRequest); - NS_ENSURE_STATE(internal); - - bool succeedded; - rv = httpChannel->GetRequestSucceeded(&succeedded); - if (NS_FAILED(rv) || !succeedded) { - // If the request did not return a 2XX response, don't process it - return NS_ERROR_CONTENT_BLOCKED; - } - - bool synthesized = false; - nsHttpChannel* rawHttpChannel = static_cast(httpChannel.get()); - rv = rawHttpChannel->GetResponseSynthesized(&synthesized); - NS_ENSURE_SUCCESS(rv, rv); - if (synthesized) { - // Don't consider synthesized responses - return NS_ERROR_CONTENT_BLOCKED; - } - - // check to see if the HSTS cache was updated - nsCOMPtr sss = do_GetService(NS_SSSERVICE_CONTRACTID, &rv); - NS_ENSURE_SUCCESS(rv, rv); - - nsCOMPtr uri; - rv = httpChannel->GetURI(getter_AddRefs(uri)); - NS_ENSURE_SUCCESS(rv, rv); - NS_ENSURE_TRUE(uri, NS_ERROR_CONTENT_BLOCKED); - - bool hsts; - rv = sss->IsSecureURI(nsISiteSecurityService::HEADER_HSTS, uri, 0, nullptr, &hsts); - NS_ENSURE_SUCCESS(rv, rv); - - if (hsts) { - // An HSTS upgrade was found - return NS_OK; - } - - // There is no HSTS upgrade available - return NS_ERROR_CONTENT_BLOCKED; -} - -/** nsIStreamListener methods **/ - -NS_IMETHODIMP -HSTSPrimingListener::OnDataAvailable(nsIRequest *aRequest, - nsISupports *ctxt, - nsIInputStream *inStr, - uint64_t sourceOffset, - uint32_t count) -{ - uint32_t totalRead; - return inStr->ReadSegments(NS_DiscardSegment, nullptr, count, &totalRead); -} - -// static -nsresult -HSTSPrimingListener::StartHSTSPriming(nsIChannel* aRequestChannel, - nsIHstsPrimingCallback* aCallback) -{ - - nsCOMPtr finalChannelURI; - nsresult rv = NS_GetFinalChannelURI(aRequestChannel, getter_AddRefs(finalChannelURI)); - NS_ENSURE_SUCCESS(rv, rv); - - nsCOMPtr uri; - rv = NS_GetSecureUpgradedURI(finalChannelURI, getter_AddRefs(uri)); - NS_ENSURE_SUCCESS(rv,rv); - - // check the HSTS cache - bool hsts; - bool cached; - nsCOMPtr sss = do_GetService(NS_SSSERVICE_CONTRACTID, &rv); - NS_ENSURE_SUCCESS(rv, rv); - rv = sss->IsSecureURI(nsISiteSecurityService::HEADER_HSTS, uri, 0, &cached, &hsts); - NS_ENSURE_SUCCESS(rv, rv); - - if (hsts) { - // already saw this host and will upgrade if allowed by preferences - return aCallback->OnHSTSPrimingSucceeded(true); - } - - if (cached) { - // there is a non-expired entry in the cache that doesn't allow us to - // upgrade, so go ahead and fail early. - return aCallback->OnHSTSPrimingFailed(NS_ERROR_CONTENT_BLOCKED, true); - } - - // Either it wasn't cached or the cached result has expired. Build a - // channel for the HEAD request. - - nsCOMPtr originalLoadInfo = aRequestChannel->GetLoadInfo(); - MOZ_ASSERT(originalLoadInfo, "can not perform HSTS priming without a loadInfo"); - if (!originalLoadInfo) { - return NS_ERROR_FAILURE; - } - - nsCOMPtr loadInfo = static_cast - (originalLoadInfo.get())->CloneForNewRequest(); - - // the LoadInfo must have a security flag set in order to pass through priming - // if none of these security flags are set, go ahead and fail now instead of - // crashing in nsContentSecurityManager::ValidateSecurityFlags - nsSecurityFlags securityMode = loadInfo->GetSecurityMode(); - if (securityMode != nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS && - securityMode != nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED && - securityMode != nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS && - securityMode != nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL && - securityMode != nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS) { - return aCallback->OnHSTSPrimingFailed(NS_ERROR_CONTENT_BLOCKED, true); - } - - nsCOMPtr loadGroup; - rv = aRequestChannel->GetLoadGroup(getter_AddRefs(loadGroup)); - NS_ENSURE_SUCCESS(rv, rv); - - nsLoadFlags loadFlags; - rv = aRequestChannel->GetLoadFlags(&loadFlags); - NS_ENSURE_SUCCESS(rv, rv); - - loadFlags &= HttpBaseChannel::INHIBIT_CACHING | - HttpBaseChannel::INHIBIT_PERSISTENT_CACHING | - HttpBaseChannel::LOAD_BYPASS_CACHE | - HttpBaseChannel::LOAD_FROM_CACHE | - HttpBaseChannel::VALIDATE_ALWAYS; - // Priming requests should never be intercepted by service workers and - // are always anonymous. - loadFlags |= nsIChannel::LOAD_BYPASS_SERVICE_WORKER | - nsIRequest::LOAD_ANONYMOUS; - - // Create a new channel to send the priming request - nsCOMPtr primingChannel; - rv = NS_NewChannelInternal(getter_AddRefs(primingChannel), - uri, - loadInfo, - loadGroup, - nullptr, // aCallbacks are set later - loadFlags); - NS_ENSURE_SUCCESS(rv, rv); - - // Set method and headers - nsCOMPtr httpChannel = do_QueryInterface(primingChannel); - if (!httpChannel) { - NS_ERROR("HSTSPrimingListener: Failed to QI to nsIHttpChannel!"); - return NS_ERROR_FAILURE; - } - - // Currently using HEAD per the draft, but under discussion to change to GET - // with credentials so if the upgrade is approved the result is already cached. - rv = httpChannel->SetRequestMethod(NS_LITERAL_CSTRING("HEAD")); - NS_ENSURE_SUCCESS(rv, rv); - - rv = httpChannel-> - SetRequestHeader(NS_LITERAL_CSTRING("Upgrade-Insecure-Requests"), - NS_LITERAL_CSTRING("1"), false); - NS_ENSURE_SUCCESS(rv, rv); - - // attempt to set the class of service flags on the new channel - nsCOMPtr requestClass = do_QueryInterface(aRequestChannel); - if (!requestClass) { - NS_ERROR("HSTSPrimingListener: aRequestChannel is not an nsIClassOfService"); - return NS_ERROR_FAILURE; - } - nsCOMPtr primingClass = do_QueryInterface(httpChannel); - if (!primingClass) { - NS_ERROR("HSTSPrimingListener: aRequestChannel is not an nsIClassOfService"); - return NS_ERROR_FAILURE; - } - - uint32_t classFlags = 0; - rv = requestClass ->GetClassFlags(&classFlags); - NS_ENSURE_SUCCESS(rv, rv); - rv = primingClass->SetClassFlags(classFlags); - NS_ENSURE_SUCCESS(rv, rv); - - // Set up listener which will start the original channel - nsCOMPtr primingListener(new HSTSPrimingListener(aCallback)); - - // Start priming - rv = primingChannel->AsyncOpen2(primingListener); - NS_ENSURE_SUCCESS(rv, rv); - - return NS_OK; -} - -} // namespace net -} // namespace mozilla diff --git a/netwerk/protocol/http/HSTSPrimerListener.h b/netwerk/protocol/http/HSTSPrimerListener.h deleted file mode 100644 index 05089911b..000000000 --- a/netwerk/protocol/http/HSTSPrimerListener.h +++ /dev/null @@ -1,108 +0,0 @@ -/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* vim: set ts=8 sts=2 et sw=2 tw=80: */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#ifndef HSTSPrimingListener_h__ -#define HSTSPrimingListener_h__ - -#include "nsCOMPtr.h" -#include "nsIChannelEventSink.h" -#include "nsIInterfaceRequestor.h" -#include "nsIStreamListener.h" -#include "nsIThreadRetargetableStreamListener.h" - -#include "mozilla/Attributes.h" - -class nsIPrincipal; -class nsINetworkInterceptController; -class nsIHstsPrimingCallback; - -namespace mozilla { -namespace net { - -class HttpChannelParent; -class nsHttpChannel; - -/* - * How often do we get back an HSTS priming result which upgrades the connection to HTTPS? - */ -enum HSTSPrimingResult { - // This site has been seen before and won't be upgraded - eHSTS_PRIMING_CACHED_NO_UPGRADE = 0, - // This site has been seen before and will be upgraded - eHSTS_PRIMING_CACHED_DO_UPGRADE = 1, - // This site has been seen before and will be blocked - eHSTS_PRIMING_CACHED_BLOCK = 2, - // The request was already upgraded, probably through - // upgrade-insecure-requests - eHSTS_PRIMING_ALREADY_UPGRADED = 3, - // HSTS priming is successful and the connection will be upgraded to HTTPS - eHSTS_PRIMING_SUCCEEDED = 4, - // When priming succeeds, but preferences require preservation of the order - // of mixed-content and hsts, and mixed-content blocks the load - eHSTS_PRIMING_SUCCEEDED_BLOCK = 5, - // When priming succeeds, but preferences require preservation of the order - // of mixed-content and hsts, and mixed-content allows the load over http - eHSTS_PRIMING_SUCCEEDED_HTTP = 6, - // HSTS priming failed, and the load is blocked by mixed-content - eHSTS_PRIMING_FAILED_BLOCK = 7, - // HSTS priming failed, and the load is allowed by mixed-content - eHSTS_PRIMING_FAILED_ACCEPT = 8 -}; - -////////////////////////////////////////////////////////////////////////// -// Class used as streamlistener and notification callback when -// doing the HEAD request for an HSTS Priming check. Needs to be an -// nsIStreamListener in order to receive events from AsyncOpen2 -class HSTSPrimingListener final : public nsIStreamListener, - public nsIInterfaceRequestor -{ -public: - explicit HSTSPrimingListener(nsIHstsPrimingCallback* aCallback) - : mCallback(aCallback) - { - } - - NS_DECL_ISUPPORTS - NS_DECL_NSISTREAMLISTENER - NS_DECL_NSIREQUESTOBSERVER - NS_DECL_NSIINTERFACEREQUESTOR - -private: - ~HSTSPrimingListener() {} - - // Only nsHttpChannel can invoke HSTS priming - friend class mozilla::net::nsHttpChannel; - - /** - * Start the HSTS priming request. This will send an anonymous HEAD request to - * the URI aRequestChannel is attempting to load. On success, the new HSTS - * priming channel is allocated in aHSTSPrimingChannel. - * - * @param aRequestChannel the reference channel used to initialze the HSTS - * priming channel - * @param aCallback the callback stored to handle the results of HSTS priming. - * @param aHSTSPrimingChannel if the new HSTS priming channel is allocated - * successfully, it will be placed here. - */ - static nsresult StartHSTSPriming(nsIChannel* aRequestChannel, - nsIHstsPrimingCallback* aCallback); - - /** - * Given a request, return NS_OK if it has resulted in a cached HSTS update. - * We don't need to check for the header as that has already been done for us. - */ - nsresult CheckHSTSPrimingRequestStatus(nsIRequest* aRequest); - - /** - * the nsIHttpChannel to notify with the result of HSTS priming. - */ - nsCOMPtr mCallback; -}; - - -}} // mozilla::net - -#endif // HSTSPrimingListener_h__ diff --git a/netwerk/protocol/http/HttpChannelChild.cpp b/netwerk/protocol/http/HttpChannelChild.cpp index 6d09135c4..0a1e0f859 100644 --- a/netwerk/protocol/http/HttpChannelChild.cpp +++ b/netwerk/protocol/http/HttpChannelChild.cpp @@ -1681,8 +1681,8 @@ NS_IMETHODIMP HttpChannelChild::OnRedirectVerifyCallback(nsresult result) { LOG(("HttpChannelChild::OnRedirectVerifyCallback [this=%p]\n", this)); - nsresult rv; OptionalURIParams redirectURI; + nsresult rv; nsCOMPtr newHttpChannel = do_QueryInterface(mRedirectChannelChild); @@ -1697,18 +1697,9 @@ HttpChannelChild::OnRedirectVerifyCallback(nsresult result) result = NS_ERROR_DOM_BAD_URI; } - bool forceHSTSPriming = false; - bool mixedContentWouldBlock = false; if (newHttpChannel) { // Must not be called until after redirect observers called. newHttpChannel->SetOriginalURI(mOriginalURI); - - nsCOMPtr newLoadInfo; - rv = newHttpChannel->GetLoadInfo(getter_AddRefs(newLoadInfo)); - if (NS_SUCCEEDED(rv) && newLoadInfo) { - forceHSTSPriming = newLoadInfo->GetForceHSTSPriming(); - mixedContentWouldBlock = newLoadInfo->GetMixedContentWouldBlock(); - } } if (mRedirectingForSubsequentSynthesizedResponse) { @@ -1756,7 +1747,7 @@ HttpChannelChild::OnRedirectVerifyCallback(nsresult result) do_QueryInterface(mRedirectChannelChild); if (newHttpChannelInternal) { nsCOMPtr apiRedirectURI; - nsresult rv = newHttpChannelInternal->GetApiRedirectToURI( + rv = newHttpChannelInternal->GetApiRedirectToURI( getter_AddRefs(apiRedirectURI)); if (NS_SUCCEEDED(rv) && apiRedirectURI) { /* If there was an API redirect of this channel, we need to send it @@ -1780,8 +1771,7 @@ HttpChannelChild::OnRedirectVerifyCallback(nsresult result) if (mIPCOpen) SendRedirect2Verify(result, *headerTuples, loadFlags, redirectURI, - corsPreflightArgs, forceHSTSPriming, - mixedContentWouldBlock, chooseAppcache); + corsPreflightArgs, chooseAppcache); return NS_OK; } diff --git a/netwerk/protocol/http/HttpChannelParent.cpp b/netwerk/protocol/http/HttpChannelParent.cpp index 90ed597a6..d1c67f01b 100644 --- a/netwerk/protocol/http/HttpChannelParent.cpp +++ b/netwerk/protocol/http/HttpChannelParent.cpp @@ -733,8 +733,6 @@ HttpChannelParent::RecvRedirect2Verify(const nsresult& result, const uint32_t& loadFlags, const OptionalURIParams& aAPIRedirectURI, const OptionalCorsPreflightArgs& aCorsPreflightArgs, - const bool& aForceHSTSPriming, - const bool& aMixedContentWouldBlock, const bool& aChooseAppcache) { LOG(("HttpChannelParent::RecvRedirect2Verify [this=%p result=%x]\n", @@ -774,14 +772,6 @@ HttpChannelParent::RecvRedirect2Verify(const nsresult& result, newInternalChannel->SetCorsPreflightParameters(args.unsafeHeaders()); } - if (aForceHSTSPriming) { - nsCOMPtr newLoadInfo; - rv = newHttpChannel->GetLoadInfo(getter_AddRefs(newLoadInfo)); - if (NS_SUCCEEDED(rv) && newLoadInfo) { - newLoadInfo->SetHSTSPriming(aMixedContentWouldBlock); - } - } - nsCOMPtr appCacheChannel = do_QueryInterface(newHttpChannel); if (appCacheChannel) { diff --git a/netwerk/protocol/http/HttpChannelParent.h b/netwerk/protocol/http/HttpChannelParent.h index 56854bb55..91f9bac8b 100644 --- a/netwerk/protocol/http/HttpChannelParent.h +++ b/netwerk/protocol/http/HttpChannelParent.h @@ -162,8 +162,6 @@ protected: const uint32_t& loadFlags, const OptionalURIParams& apiRedirectUri, const OptionalCorsPreflightArgs& aCorsPreflightArgs, - const bool& aForceHSTSPriming, - const bool& aMixedContentWouldBlock, const bool& aChooseAppcache) override; virtual bool RecvUpdateAssociatedContentSecurity(const int32_t& broken, const int32_t& no) override; diff --git a/netwerk/protocol/http/PHttpChannel.ipdl b/netwerk/protocol/http/PHttpChannel.ipdl index 1eb25a403..c77a53e40 100644 --- a/netwerk/protocol/http/PHttpChannel.ipdl +++ b/netwerk/protocol/http/PHttpChannel.ipdl @@ -47,7 +47,6 @@ parent: async Redirect2Verify(nsresult result, RequestHeaderTuples changedHeaders, uint32_t loadFlags, OptionalURIParams apiRedirectTo, OptionalCorsPreflightArgs corsPreflightArgs, - bool forceHSTSPriming, bool mixedContentWouldBlock, bool chooseAppcache); // For document loads we keep this protocol open after child's diff --git a/netwerk/protocol/http/moz.build b/netwerk/protocol/http/moz.build index e13101aa0..1368ee707 100644 --- a/netwerk/protocol/http/moz.build +++ b/netwerk/protocol/http/moz.build @@ -5,7 +5,6 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. XPIDL_SOURCES += [ - 'nsIHstsPrimingCallback.idl', 'nsIHttpActivityObserver.idl', 'nsIHttpAuthenticableChannel.idl', 'nsIHttpAuthenticator.idl', @@ -58,7 +57,6 @@ UNIFIED_SOURCES += [ 'AltDataOutputStreamParent.cpp', 'CacheControlParser.cpp', 'ConnectionDiagnostics.cpp', - 'HSTSPrimerListener.cpp', 'Http2Compression.cpp', 'Http2Push.cpp', 'Http2Session.cpp', diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp index 9107b16e8..7bcec146d 100644 --- a/netwerk/protocol/http/nsHttpChannel.cpp +++ b/netwerk/protocol/http/nsHttpChannel.cpp @@ -100,7 +100,6 @@ #include "mozilla/net/Predictor.h" #include "CacheControlParser.h" #include "nsMixedContentBlocker.h" -#include "HSTSPrimerListener.h" #include "CacheStorageService.h" namespace mozilla { namespace net { @@ -465,50 +464,12 @@ nsHttpChannel::Connect() // otherwise, let's just proceed without using the cache. } - return TryHSTSPriming(); -} - -nsresult -nsHttpChannel::TryHSTSPriming() -{ - if (mLoadInfo) { - // HSTS priming requires the LoadInfo provided with AsyncOpen2 - bool requireHSTSPriming = - mLoadInfo->GetForceHSTSPriming(); - - if (requireHSTSPriming && - nsMixedContentBlocker::sSendHSTSPriming && - mInterceptCache == DO_NOT_INTERCEPT) { - bool isHttpsScheme; - nsresult rv = mURI->SchemeIs("https", &isHttpsScheme); - NS_ENSURE_SUCCESS(rv, rv); - if (!isHttpsScheme) { - rv = HSTSPrimingListener::StartHSTSPriming(this, this); - - if (NS_FAILED(rv)) { - CloseCacheEntry(false); - return rv; - } - - return NS_OK; - } - - // The request was already upgraded, for example by - // upgrade-insecure-requests or a prior successful priming request - Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING_RESULT, - HSTSPrimingResult::eHSTS_PRIMING_ALREADY_UPGRADED); - mLoadInfo->ClearHSTSPriming(); - } - } - return ContinueConnect(); } nsresult nsHttpChannel::ContinueConnect() { - // If we have had HSTS priming, we need to reevaluate whether we need - // a CORS preflight. Bug: 1272440 // If we need to start a CORS preflight, do it now! // Note that it is important to do this before the early returns below. if (!mIsCorsPreflightDone && mRequireCORSPreflight && @@ -4283,7 +4244,7 @@ nsHttpChannel::OnCacheEntryAvailableInternal(nsICacheEntry *entry, return NS_OK; } - return TryHSTSPriming(); + return ContinueConnect(); } nsresult @@ -5699,7 +5660,6 @@ NS_INTERFACE_MAP_BEGIN(nsHttpChannel) NS_INTERFACE_MAP_ENTRY(nsIDNSListener) NS_INTERFACE_MAP_ENTRY(nsISupportsWeakReference) NS_INTERFACE_MAP_ENTRY(nsICorsPreflightCallback) - NS_INTERFACE_MAP_ENTRY(nsIHstsPrimingCallback) NS_INTERFACE_MAP_ENTRY(nsIChannelWithDivertableParentListener) // we have no macro that covers this case. if (aIID.Equals(NS_GET_IID(nsHttpChannel)) ) { @@ -8185,107 +8145,6 @@ nsHttpChannel::OnPreflightFailed(nsresult aError) return NS_OK; } -//----------------------------------------------------------------------------- -// nsIHstsPrimingCallback functions -//----------------------------------------------------------------------------- - -/* - * May be invoked synchronously if HSTS priming has already been performed - * for the host. - */ -nsresult -nsHttpChannel::OnHSTSPrimingSucceeded(bool aCached) -{ - if (nsMixedContentBlocker::sUseHSTS) { - // redirect the channel to HTTPS if the pref - // "security.mixed_content.use_hsts" is true - LOG(("HSTS Priming succeeded, redirecting to HTTPS [this=%p]", this)); - Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING_RESULT, - (aCached) ? HSTSPrimingResult::eHSTS_PRIMING_CACHED_DO_UPGRADE : - HSTSPrimingResult::eHSTS_PRIMING_SUCCEEDED); - return AsyncCall(&nsHttpChannel::HandleAsyncRedirectChannelToHttps); - } - - // If "security.mixed_content.use_hsts" is false, record the result of - // HSTS priming and block or proceed with the load as required by - // mixed-content blocking - bool wouldBlock = mLoadInfo->GetMixedContentWouldBlock(); - - // preserve the mixed-content-before-hsts order and block if required - if (wouldBlock) { - LOG(("HSTS Priming succeeded, blocking for mixed-content [this=%p]", - this)); - Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING_RESULT, - HSTSPrimingResult::eHSTS_PRIMING_SUCCEEDED_BLOCK); - CloseCacheEntry(false); - return AsyncAbort(NS_ERROR_CONTENT_BLOCKED); - } - - LOG(("HSTS Priming succeeded, loading insecure: [this=%p]", this)); - Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING_RESULT, - HSTSPrimingResult::eHSTS_PRIMING_SUCCEEDED_HTTP); - - nsresult rv = ContinueConnect(); - if (NS_FAILED(rv)) { - CloseCacheEntry(false); - return AsyncAbort(rv); - } - - return NS_OK; -} - -/* - * May be invoked synchronously if HSTS priming has already been performed - * for the host. - */ -nsresult -nsHttpChannel::OnHSTSPrimingFailed(nsresult aError, bool aCached) -{ - bool wouldBlock = mLoadInfo->GetMixedContentWouldBlock(); - - LOG(("HSTS Priming Failed [this=%p], %s the load", this, - (wouldBlock) ? "blocking" : "allowing")); - if (aCached) { - // Between the time we marked for priming and started the priming request, - // the host was found to not allow the upgrade, probably from another - // priming request. - Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING_RESULT, - (wouldBlock) ? HSTSPrimingResult::eHSTS_PRIMING_CACHED_BLOCK : - HSTSPrimingResult::eHSTS_PRIMING_CACHED_NO_UPGRADE); - } else { - // A priming request was sent, and no HSTS header was found that allows - // the upgrade. - Telemetry::Accumulate(Telemetry::MIXED_CONTENT_HSTS_PRIMING_RESULT, - (wouldBlock) ? HSTSPrimingResult::eHSTS_PRIMING_FAILED_BLOCK : - HSTSPrimingResult::eHSTS_PRIMING_FAILED_ACCEPT); - } - - // Don't visit again for at least - // security.mixed_content.hsts_priming_cache_timeout seconds. - nsISiteSecurityService* sss = gHttpHandler->GetSSService(); - NS_ENSURE_TRUE(sss, NS_ERROR_OUT_OF_MEMORY); - nsresult rv = sss->CacheNegativeHSTSResult(mURI, - nsMixedContentBlocker::sHSTSPrimingCacheTimeout); - if (NS_FAILED(rv)) { - NS_ERROR("nsISiteSecurityService::CacheNegativeHSTSResult failed"); - } - - // If we would block, go ahead and abort with the error provided - if (wouldBlock) { - CloseCacheEntry(false); - return AsyncAbort(aError); - } - - // we can continue the load and the UI has been updated as mixed content - rv = ContinueConnect(); - if (NS_FAILED(rv)) { - CloseCacheEntry(false); - return AsyncAbort(rv); - } - - return NS_OK; -} - //----------------------------------------------------------------------------- // AChannelHasDivertableParentChannelAsListener internal functions //----------------------------------------------------------------------------- diff --git a/netwerk/protocol/http/nsHttpChannel.h b/netwerk/protocol/http/nsHttpChannel.h index cb8925d04..3a322e8e2 100644 --- a/netwerk/protocol/http/nsHttpChannel.h +++ b/netwerk/protocol/http/nsHttpChannel.h @@ -28,7 +28,6 @@ #include "nsISupportsPrimitives.h" #include "nsICorsPreflightCallback.h" #include "AlternateServices.h" -#include "nsIHstsPrimingCallback.h" class nsDNSPrefetch; class nsICancelable; @@ -76,7 +75,6 @@ class nsHttpChannel final : public HttpBaseChannel , public nsSupportsWeakReference , public nsICorsPreflightCallback , public nsIChannelWithDivertableParentListener - , public nsIHstsPrimingCallback { public: NS_DECL_ISUPPORTS_INHERITED @@ -92,7 +90,6 @@ public: NS_DECL_NSIAPPLICATIONCACHECONTAINER NS_DECL_NSIAPPLICATIONCACHECHANNEL NS_DECL_NSIASYNCVERIFYREDIRECTCALLBACK - NS_DECL_NSIHSTSPRIMINGCALLBACK NS_DECL_NSITHREADRETARGETABLEREQUEST NS_DECL_NSIDNSLISTENER NS_DECL_NSICHANNELWITHDIVERTABLEPARENTLISTENER @@ -211,9 +208,6 @@ public: /* internal necko use only */ nsresult OpenCacheEntry(bool usingSSL); nsresult ContinueConnect(); - // If the load is mixed-content, build and send an HSTS priming request. - nsresult TryHSTSPriming(); - nsresult StartRedirectChannelToURI(nsIURI *, uint32_t); // This allows cache entry to be marked as foreign even after channel itself diff --git a/netwerk/protocol/http/nsIHstsPrimingCallback.idl b/netwerk/protocol/http/nsIHstsPrimingCallback.idl deleted file mode 100644 index 01f53a5b2..000000000 --- a/netwerk/protocol/http/nsIHstsPrimingCallback.idl +++ /dev/null @@ -1,50 +0,0 @@ -/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* vim: set ts=8 sts=2 et sw=2 tw=80: */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "nsISupports.idl" - -/** - * HSTS priming attempts to prevent mixed-content by looking for the - * Strict-Transport-Security header as a signal from the server that it is - * safe to upgrade HTTP to HTTPS. - * - * Since mixed-content blocking happens very early in the process in AsyncOpen2, - * the status of mixed-content blocking is stored in the LoadInfo and then used - * to determine whether to send a priming request or not. - * - * This interface is implemented by nsHttpChannel so that it can receive the - * result of HSTS priming. - */ -[builtinclass, uuid(eca6daca-3f2a-4a2a-b3bf-9f24f79bc999)] -interface nsIHstsPrimingCallback : nsISupports -{ - /** - * HSTS priming has succeeded with an STS header, and the site asserts it is - * safe to upgrade the request from HTTP to HTTPS. The request may still be - * blocked based on the user's preferences. - * - * May be invoked synchronously if HSTS priming has already been performed - * for the host. - * - * @param aCached whether the result was already in the HSTS cache - */ - [noscript, nostdcall] - void onHSTSPrimingSucceeded(in bool aCached); - /** - * HSTS priming has seen no STS header, the request itself has failed, - * or some other failure which does not constitute a positive signal that the - * site can be upgraded safely to HTTPS. The request may still be allowed - * based on the user's preferences. - * - * May be invoked synchronously if HSTS priming has already been performed - * for the host. - * - * @param aError The error which caused this failure, or NS_ERROR_CONTENT_BLOCKED - * @param aCached whether the result was already in the HSTS cache - */ - [noscript, nostdcall] - void onHSTSPrimingFailed(in nsresult aError, in bool aCached); -}; diff --git a/security/manager/ssl/nsISiteSecurityService.idl b/security/manager/ssl/nsISiteSecurityService.idl index fa20fe307..753f32b57 100644 --- a/security/manager/ssl/nsISiteSecurityService.idl +++ b/security/manager/ssl/nsISiteSecurityService.idl @@ -188,15 +188,6 @@ interface nsISiteSecurityService : nsISupports in int64_t aExpires, in unsigned long aPinCount, [array, size_is(aPinCount)] in string aSha256Pins, [optional] in boolean aIsPreload); - - /** - * Mark a host as declining to provide a given security state so that features - * such as HSTS priming will not flood a server with requests. - * - * @param aURI the nsIURI that this applies to - * @param aMaxAge lifetime (in seconds) of this negative cache - */ - [noscript] void cacheNegativeHSTSResult(in nsIURI aURI, in unsigned long long aMaxAge); }; %{C++ diff --git a/security/manager/ssl/nsSiteSecurityService.cpp b/security/manager/ssl/nsSiteSecurityService.cpp index 322ef6570..d461f6b61 100644 --- a/security/manager/ssl/nsSiteSecurityService.cpp +++ b/security/manager/ssl/nsSiteSecurityService.cpp @@ -355,14 +355,6 @@ nsSiteSecurityService::SetHSTSState(uint32_t aType, return NS_OK; } -NS_IMETHODIMP -nsSiteSecurityService::CacheNegativeHSTSResult(nsIURI* aSourceURI, - uint64_t aMaxAge) -{ - return SetHSTSState(nsISiteSecurityService::HEADER_HSTS, aSourceURI, - aMaxAge, false, 0, SecurityPropertyNegative); -} - NS_IMETHODIMP nsSiteSecurityService::RemoveState(uint32_t aType, nsIURI* aURI, uint32_t aFlags) diff --git a/testing/runtimes/mochitest-browser-chrome-e10s.runtimes.json b/testing/runtimes/mochitest-browser-chrome-e10s.runtimes.json index 5c97d58f0..211e98e05 100644 --- a/testing/runtimes/mochitest-browser-chrome-e10s.runtimes.json +++ b/testing/runtimes/mochitest-browser-chrome-e10s.runtimes.json @@ -648,13 +648,6 @@ "dom/security/test/contentverifier/browser_verify_content_about_newtab.js": 14195, "dom/security/test/contentverifier/browser_verify_content_about_newtab2.js": 12159, "dom/security/test/csp/browser_test_web_manifest.js": 6022, - "dom/security/test/hsts/browser_hsts-priming_allow_active.js": 2840, - "dom/security/test/hsts/browser_hsts-priming_block_active.js": 3459, - "dom/security/test/hsts/browser_hsts-priming_block_active_with_redir_same.js": 3233, - "dom/security/test/hsts/browser_hsts-priming_cache-timeout.js": 3469, - "dom/security/test/hsts/browser_hsts-priming_hsts_after_mixed.js": 2658, - "dom/security/test/hsts/browser_hsts-priming_no-duplicates.js": 3793, - "dom/security/test/hsts/browser_hsts-priming_timeout.js": 4040, "dom/tests/browser/browser_ConsoleStoragePBTest_perwindowpb.js": 3659, "dom/tests/browser/browser_bug396843.js": 6574, "dom/tests/browser/browser_focus_steal_from_chrome.js": 25508, diff --git a/testing/runtimes/mochitest-browser-chrome.runtimes.json b/testing/runtimes/mochitest-browser-chrome.runtimes.json index ac0b9f10d..73b2437a2 100644 --- a/testing/runtimes/mochitest-browser-chrome.runtimes.json +++ b/testing/runtimes/mochitest-browser-chrome.runtimes.json @@ -621,14 +621,6 @@ "dom/security/test/contentverifier/browser_verify_content_about_newtab2.js": 10284, "dom/security/test/csp/browser_manifest-src-override-default-src.js": 1939, "dom/security/test/csp/browser_test_web_manifest.js": 5639, - "dom/security/test/hsts/browser_hsts-priming_allow_active.js": 2280, - "dom/security/test/hsts/browser_hsts-priming_allow_display.js": 1974, - "dom/security/test/hsts/browser_hsts-priming_block_active.js": 2803, - "dom/security/test/hsts/browser_hsts-priming_block_active_with_redir_same.js": 2682, - "dom/security/test/hsts/browser_hsts-priming_cache-timeout.js": 3110, - "dom/security/test/hsts/browser_hsts-priming_hsts_after_mixed.js": 2328, - "dom/security/test/hsts/browser_hsts-priming_no-duplicates.js": 2831, - "dom/security/test/hsts/browser_hsts-priming_timeout.js": 3798, "dom/tests/browser/browser_ConsoleAPITests.js": 3520, "dom/tests/browser/browser_ConsoleStoragePBTest_perwindowpb.js": 2914, "dom/tests/browser/browser_bug396843.js": 6050, diff --git a/toolkit/components/telemetry/Histograms.json b/toolkit/components/telemetry/Histograms.json index ade308cfa..82597adec 100644 --- a/toolkit/components/telemetry/Histograms.json +++ b/toolkit/components/telemetry/Histograms.json @@ -8312,33 +8312,6 @@ "n_values": 10, "description": "How often would blocked mixed content be allowed if HSTS upgrades were allowed? 0=display/no-HSTS, 1=display/HSTS, 2=active/no-HSTS, 3=active/HSTS" }, - "MIXED_CONTENT_HSTS_PRIMING": { - "alert_emails": ["seceng@mozilla.org"], - "bug_numbers": [1246540], - "expires_in_version": "60", - "kind": "enumerated", - "n_values": 16, - "description": "How often would blocked mixed content be allowed if HSTS upgrades were allowed, including how often would we send an HSTS priming request? 0=display/no-HSTS, 1=display/HSTS, 2=active/no-HSTS, 3=active/HSTS, 4=display/no-HSTS-priming, 5=display/do-HSTS-priming, 6=active/no-HSTS-priming, 7=active/do-HSTS-priming" - }, - "MIXED_CONTENT_HSTS_PRIMING_RESULT": { - "alert_emails": ["seceng@mozilla.org"], - "bug_numbers": [1246540], - "expires_in_version": "60", - "kind": "enumerated", - "n_values": 16, - "description": "How often do we get back an HSTS priming result which upgrades the connection to HTTPS? 0=cached (no upgrade), 1=cached (do upgrade), 2=cached (blocked), 3=already upgraded, 4=priming succeeded, 5=priming succeeded (block due to pref), 6=priming succeeded (no upgrade due to pref), 7=priming failed (block), 8=priming failed (accept)" - }, - "HSTS_PRIMING_REQUEST_DURATION": { - "alert_emails": ["seceng-telemetry@mozilla.org"], - "bug_numbers": [1311893], - "expires_in_version": "58", - "kind": "exponential", - "low": 100, - "high": 30000, - "n_buckets": 100, - "keyed": true, - "description": "The amount of time required for HSTS priming requests (ms), keyed by success or failure of the priming request. (success, failure)" - }, "MIXED_CONTENT_OBJECT_SUBREQUEST": { "alert_emails": ["seceng@mozilla.org"], "bug_numbers": [1244116], -- cgit v1.2.3