summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--docshell/base/nsDocShell.cpp23
-rw-r--r--dom/jsurl/nsJSProtocolHandler.cpp49
-rw-r--r--uriloader/base/nsURILoader.cpp2
3 files changed, 53 insertions, 21 deletions
diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp
index 6810d0179..b1fcc5c23 100644
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -69,6 +69,7 @@
#include "nsIScriptSecurityManager.h"
#include "nsIScriptObjectPrincipal.h"
#include "nsIScrollableFrame.h"
+#include "nsContentPolicyUtils.h" // NS_CheckContentLoadPolicy(...)
#include "nsISeekableStream.h"
#include "nsAutoPtr.h"
#include "nsQueryObject.h"
@@ -1643,7 +1644,7 @@ nsDocShell::LoadStream(nsIInputStream* aStream, nsIURI* aURI,
uri,
aStream,
triggeringPrincipal,
- nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL,
+ nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_OTHER,
aContentType,
aContentCharset);
@@ -9942,6 +9943,23 @@ nsDocShell::InternalLoad(nsIURI* aURI,
rv = extraStr->SetData(msg);
NS_ENSURE_SUCCESS(rv, rv);
+ int16_t shouldLoad = nsIContentPolicy::ACCEPT;
+ rv = NS_CheckContentLoadPolicy(contentType,
+ aURI,
+ aTriggeringPrincipal,
+ requestingContext,
+ EmptyCString(), // mime guess
+ extraStr, // extra
+ &shouldLoad);
+
+ if (NS_FAILED(rv) || NS_CP_REJECTED(shouldLoad)) {
+ if (NS_SUCCEEDED(rv) && shouldLoad == nsIContentPolicy::REJECT_TYPE) {
+ return NS_ERROR_CONTENT_BLOCKED_SHOW_ALT;
+ }
+
+ return NS_ERROR_CONTENT_BLOCKED;
+ }
+
// If HSTS priming was set by nsMixedContentBlocker::ShouldLoad, and we
// would block due to mixed content, go ahead and block here. If we try to
// proceed with priming, we will error out later on.
@@ -10931,8 +10949,7 @@ nsDocShell::DoURILoad(nsIURI* aURI,
}
nsLoadFlags loadFlags = mDefaultLoadFlags;
- nsSecurityFlags securityFlags =
- nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL;
+ nsSecurityFlags securityFlags = nsILoadInfo::SEC_NORMAL;
if (aFirstParty) {
// tag first party URL loads
diff --git a/dom/jsurl/nsJSProtocolHandler.cpp b/dom/jsurl/nsJSProtocolHandler.cpp
index 90171db10..cdb63f890 100644
--- a/dom/jsurl/nsJSProtocolHandler.cpp
+++ b/dom/jsurl/nsJSProtocolHandler.cpp
@@ -36,6 +36,7 @@
#include "nsIContentViewer.h"
#include "nsIXPConnect.h"
#include "nsContentUtils.h"
+#include "nsNullPrincipal.h"
#include "nsJSUtils.h"
#include "nsThreadUtils.h"
#include "nsIScriptChannel.h"
@@ -335,7 +336,7 @@ public:
NS_FORWARD_SAFE_NSIPROPERTYBAG(mPropertyBag)
NS_FORWARD_SAFE_NSIPROPERTYBAG2(mPropertyBag)
- nsresult Init(nsIURI *aURI, nsILoadInfo* aLoadInfo);
+ nsresult Init(nsIURI *aURI);
// Actually evaluate the script.
void EvaluateScript();
@@ -353,16 +354,17 @@ protected:
nsCOMPtr<nsIChannel> mStreamChannel;
nsCOMPtr<nsIPropertyBag2> mPropertyBag;
nsCOMPtr<nsIStreamListener> mListener; // Our final listener
+ nsCOMPtr<nsISupports> mContext; // The context passed to AsyncOpen
nsCOMPtr<nsPIDOMWindowInner> mOriginalInnerWindow; // The inner window our load
// started against.
- // If we blocked onload on a document in AsyncOpen2, this is the document we
+ // If we blocked onload on a document in AsyncOpen, this is the document we
// did it on.
nsCOMPtr<nsIDocument> mDocumentOnloadBlockedOn;
nsresult mStatus; // Our status
nsLoadFlags mLoadFlags;
- nsLoadFlags mActualLoadFlags; // See AsyncOpen2
+ nsLoadFlags mActualLoadFlags; // See AsyncOpen
RefPtr<nsJSThunk> mIOThunk;
PopupControlState mPopupState;
@@ -402,7 +404,7 @@ nsresult nsJSChannel::StopAll()
return rv;
}
-nsresult nsJSChannel::Init(nsIURI* aURI, nsILoadInfo* aLoadInfo)
+nsresult nsJSChannel::Init(nsIURI *aURI)
{
RefPtr<nsJSURI> jsURI;
nsresult rv = aURI->QueryInterface(kJSURICID,
@@ -416,13 +418,21 @@ nsresult nsJSChannel::Init(nsIURI* aURI, nsILoadInfo* aLoadInfo)
// Remember, until AsyncOpen is called, the script will not be evaluated
// and the underlying Input Stream will not be created...
nsCOMPtr<nsIChannel> channel;
- rv = NS_NewInputStreamChannelInternal(getter_AddRefs(channel),
- aURI,
- mIOThunk,
- NS_LITERAL_CSTRING("text/html"),
- EmptyCString(),
- aLoadInfo);
- NS_ENSURE_SUCCESS(rv, rv);
+
+ nsCOMPtr<nsIPrincipal> nullPrincipal = nsNullPrincipal::Create();
+
+ // If the resultant script evaluation actually does return a value, we
+ // treat it as html.
+ // The following channel is never openend, so it does not matter what
+ // securityFlags we pass; let's follow the principle of least privilege.
+ rv = NS_NewInputStreamChannel(getter_AddRefs(channel),
+ aURI,
+ mIOThunk,
+ nullPrincipal,
+ nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED,
+ nsIContentPolicy::TYPE_OTHER,
+ NS_LITERAL_CSTRING("text/html"));
+ if (NS_FAILED(rv)) return rv;
rv = mIOThunk->Init(aURI);
if (NS_SUCCEEDED(rv)) {
@@ -553,7 +563,6 @@ nsJSChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext)
"security flags in loadInfo but asyncOpen2() not called");
}
#endif
- MOZ_RELEASE_ASSERT(!aContext, "please call AsyncOpen2()");
NS_ENSURE_ARG(aListener);
@@ -575,6 +584,7 @@ nsJSChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext)
}
mListener = aListener;
+ mContext = aContext;
mIsActive = true;
@@ -645,7 +655,7 @@ nsJSChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext)
return mStatus;
}
- // We're returning success from asyncOpen2(), but we didn't open a
+ // We're returning success from asyncOpen(), but we didn't open a
// stream channel. We'll have to notify ourselves, but make sure to do
// it asynchronously.
method = &nsJSChannel::NotifyListener;
@@ -762,7 +772,7 @@ nsJSChannel::EvaluateScript()
return;
}
- mStatus = mStreamChannel->AsyncOpen2(this);
+ mStatus = mStreamChannel->AsyncOpen(this, mContext);
if (NS_SUCCEEDED(mStatus)) {
// mStreamChannel will call OnStartRequest and OnStopRequest on
// us, so we'll be sure to call them on our listener.
@@ -790,8 +800,8 @@ nsJSChannel::EvaluateScript()
void
nsJSChannel::NotifyListener()
{
- mListener->OnStartRequest(this, nullptr);
- mListener->OnStopRequest(this, nullptr, mStatus);
+ mListener->OnStartRequest(this, mContext);
+ mListener->OnStopRequest(this, mContext, mStatus);
CleanupStrongRefs();
}
@@ -800,6 +810,7 @@ void
nsJSChannel::CleanupStrongRefs()
{
mListener = nullptr;
+ mContext = nullptr;
mOriginalInnerWindow = nullptr;
if (mDocumentOnloadBlockedOn) {
mDocumentOnloadBlockedOn->UnblockOnload(false);
@@ -1229,7 +1240,11 @@ nsJSProtocolHandler::NewChannel2(nsIURI* uri,
return NS_ERROR_OUT_OF_MEMORY;
}
- rv = channel->Init(uri, aLoadInfo);
+ rv = channel->Init(uri);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ // set the loadInfo on the new channel
+ rv = channel->SetLoadInfo(aLoadInfo);
NS_ENSURE_SUCCESS(rv, rv);
if (NS_SUCCEEDED(rv)) {
diff --git a/uriloader/base/nsURILoader.cpp b/uriloader/base/nsURILoader.cpp
index ea370aa37..69475d68f 100644
--- a/uriloader/base/nsURILoader.cpp
+++ b/uriloader/base/nsURILoader.cpp
@@ -834,7 +834,7 @@ NS_IMETHODIMP nsURILoader::OpenURI(nsIChannel *channel,
// the preferred protocol handler.
// But for now, I'm going to let necko do the work for us....
- rv = channel->AsyncOpen2(loader);
+ rv = channel->AsyncOpen(loader, nullptr);
// no content from this load - that's OK.
if (rv == NS_ERROR_NO_CONTENT) {