Merge pull request #509 from janekptacijarabaci/context-menu_save-link-as_principal_1

Added "nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD": The context menu - "Save Link As" feature should use the loading principal instead of the system principal

10 files changed, 36 insertions, 9 deletions

diff --git a/dom/base/nsContentPolicyUtils.h b/dom/base/nsContentPolicyUtils.h
index ed0544226..600b24c56 100644
--- a/dom/base/nsContentPolicyUtils.h
+++ b/dom/base/nsContentPolicyUtils.h
@@ -134,6 +134,7 @@ NS_CP_ContentTypeName(uint32_t contentType)
     CASE_RETURN( TYPE_INTERNAL_IMAGE_FAVICON      );
     CASE_RETURN( TYPE_INTERNAL_STYLESHEET         );
     CASE_RETURN( TYPE_INTERNAL_STYLESHEET_PRELOAD );
+    CASE_RETURN( TYPE_SAVEAS_DOWNLOAD             );
    default:
     return "<Unknown Type>";
   }
diff --git a/dom/base/nsIContentPolicy.idl b/dom/base/nsIContentPolicy.idl
index a73565a9a..200b97fbc 100644
--- a/dom/base/nsIContentPolicy.idl
+++ b/dom/base/nsIContentPolicy.idl
@@ -20,7 +20,7 @@ interface nsIPrincipal;
  * by launching a dialog to prompt the user for something).
  */
 
-[scriptable,uuid(caad4f1f-d047-46ac-ae9d-dc598e4fb91b)]
+[scriptable,uuid(64a5ae16-6836-475c-9938-4b6cc1eee8fb)]
 interface nsIContentPolicy : nsIContentPolicyBase
 {
   /**
diff --git a/dom/base/nsIContentPolicyBase.idl b/dom/base/nsIContentPolicyBase.idl
index 884e3d96d..908e562a8 100644
--- a/dom/base/nsIContentPolicyBase.idl
+++ b/dom/base/nsIContentPolicyBase.idl
@@ -24,7 +24,7 @@ typedef unsigned long nsContentPolicyType;
  * by launching a dialog to prompt the user for something).
  */
 
-[scriptable,uuid(17418187-d86f-48dd-92d1-238838df0a4e)]
+[scriptable,uuid(d6ab1d11-8e24-4db4-8582-c40a78281737)]
 interface nsIContentPolicyBase : nsISupports
 {
   /**
@@ -329,11 +329,17 @@ interface nsIContentPolicyBase : nsISupports
    */
   const nsContentPolicyType TYPE_INTERNAL_IMAGE_FAVICON = 41;
 
+  /**
+   * Indicates an save-as link download from the front-end code.
+   */
+  const nsContentPolicyType TYPE_SAVEAS_DOWNLOAD = 42;
+
   /* When adding new content types, please update nsContentBlocker,
-   * NS_CP_ContentTypeName, nsCSPContext, all nsIContentPolicy
-   * implementations, the static_assert in dom/cache/DBSchema.cpp,
-   * and other things that are not listed here that are related to
-   * nsIContentPolicy. */
+   * NS_CP_ContentTypeName, nsCSPContext, CSP_ContentTypeToDirective,
+   * DoContentSecurityChecks, all nsIContentPolicy implementations, the
+   * static_assert in dom/cache/DBSchema.cpp, nsPermissionManager.cpp,
+   * and other things that are not listed here that are related
+   * to nsIContentPolicy. */
 
   //////////////////////////////////////////////////////////////////////
 
diff --git a/dom/base/nsISimpleContentPolicy.idl b/dom/base/nsISimpleContentPolicy.idl
index 493aee1a5..dc0474736 100644
--- a/dom/base/nsISimpleContentPolicy.idl
+++ b/dom/base/nsISimpleContentPolicy.idl
@@ -28,7 +28,7 @@ interface nsIDOMElement;
  * by launching a dialog to prompt the user for something).
  */
 
-[scriptable,uuid(b9df71e3-a9b3-4706-b2d5-e6c0d3d68ec7)]
+[scriptable,uuid(1553a476-8a14-410b-8ecc-47f48e937392)]
 interface nsISimpleContentPolicy : nsIContentPolicyBase
 {
   /**
diff --git a/dom/cache/DBSchema.cpp b/dom/cache/DBSchema.cpp
index d16ba2d6a..176e7b9d1 100644
--- a/dom/cache/DBSchema.cpp
+++ b/dom/cache/DBSchema.cpp
@@ -287,7 +287,8 @@ static_assert(nsIContentPolicy::TYPE_INVALID == 0 &&
               nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD == 38 &&
               nsIContentPolicy::TYPE_INTERNAL_STYLESHEET == 39 &&
               nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD == 40 &&
-              nsIContentPolicy::TYPE_INTERNAL_IMAGE_FAVICON == 41,
+              nsIContentPolicy::TYPE_INTERNAL_IMAGE_FAVICON == 41 &&
+              nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD == 42,
               "nsContentPolicyType values are as expected");
 
 namespace {
diff --git a/dom/fetch/InternalRequest.cpp b/dom/fetch/InternalRequest.cpp
index 85feabde3..b2631da6a 100644
--- a/dom/fetch/InternalRequest.cpp
+++ b/dom/fetch/InternalRequest.cpp
@@ -320,6 +320,9 @@ InternalRequest::MapContentPolicyTypeToRequestContext(nsContentPolicyType aConte
   case nsIContentPolicy::TYPE_WEB_MANIFEST:
     context = RequestContext::Manifest;
     break;
+  case nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD:
+    context = RequestContext::Internal;
+    break;
   default:
     MOZ_ASSERT(false, "Unhandled nsContentPolicyType value");
     break;
diff --git a/dom/fetch/InternalRequest.h b/dom/fetch/InternalRequest.h
index 84ee0bf69..966490675 100644
--- a/dom/fetch/InternalRequest.h
+++ b/dom/fetch/InternalRequest.h
@@ -53,7 +53,7 @@ namespace dom {
  * image             | TYPE_INTERNAL_IMAGE, TYPE_INTERNAL_IMAGE_PRELOAD, TYPE_INTERNAL_IMAGE_FAVICON
  * imageset          | TYPE_IMAGESET
  * import            | Not supported by Gecko
- * internal          | TYPE_DOCUMENT, TYPE_XBL, TYPE_OTHER
+ * internal          | TYPE_DOCUMENT, TYPE_XBL, TYPE_OTHER, TYPE_SAVEAS_DOWNLOAD
  * location          |
  * manifest          | TYPE_WEB_MANIFEST
  * object            | TYPE_INTERNAL_OBJECT
diff --git a/dom/security/nsCSPUtils.cpp b/dom/security/nsCSPUtils.cpp
index 49832f8f4..71c8e3433 100644
--- a/dom/security/nsCSPUtils.cpp
+++ b/dom/security/nsCSPUtils.cpp
@@ -258,6 +258,9 @@ CSP_ContentTypeToDirective(nsContentPolicyType aType)
     case nsIContentPolicy::TYPE_CSP_REPORT:
       return nsIContentSecurityPolicy::NO_DIRECTIVE;
 
+    case nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD:
+      return nsIContentSecurityPolicy::NO_DIRECTIVE;
+
     // Fall through to error for all other directives
     default:
       MOZ_ASSERT(false, "Can not map nsContentPolicyType to CSPDirective");
diff --git a/dom/security/nsContentSecurityManager.cpp b/dom/security/nsContentSecurityManager.cpp
index f329aa723..4ee9b4877 100644
--- a/dom/security/nsContentSecurityManager.cpp
+++ b/dom/security/nsContentSecurityManager.cpp
@@ -471,6 +471,12 @@ DoContentSecurityChecks(nsIChannel* aChannel, nsILoadInfo* aLoadInfo)
       break;
     }
 
+    case nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD: {
+      mimeTypeGuess = EmptyCString();
+      requestingContext = aLoadInfo->LoadingNode();
+      break;
+    }
+
     default:
       // nsIContentPolicy::TYPE_INVALID
       MOZ_ASSERT(false, "can not perform security check without a valid contentType");
diff --git a/dom/security/nsMixedContentBlocker.cpp b/dom/security/nsMixedContentBlocker.cpp
index 7d50a43a3..c03628da0 100644
--- a/dom/security/nsMixedContentBlocker.cpp
+++ b/dom/security/nsMixedContentBlocker.cpp
@@ -468,6 +468,13 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
       *aDecision = ACCEPT;
       return NS_OK;
 
+    // Creating insecure connections for a save-as link download is acceptable.
+    // This download is completely disconnected from the docShell, but still
+    // using the same loading principal.
+    case TYPE_SAVEAS_DOWNLOAD:
+      *aDecision = ACCEPT;
+      return NS_OK;
+
     // Static display content is considered moderate risk for mixed content so
     // these will be blocked according to the mixed display preference
     case TYPE_IMAGE: