summaryrefslogtreecommitdiffstats
path: root/netwerk/base
diff options
context:
space:
mode:
Diffstat (limited to 'netwerk/base')
-rw-r--r--netwerk/base/LoadInfo.cpp60
-rw-r--r--netwerk/base/LoadInfo.h11
-rw-r--r--netwerk/base/moz.build1
-rw-r--r--netwerk/base/nsBufferedStreams.h8
-rw-r--r--netwerk/base/nsILoadInfo.idl22
-rw-r--r--netwerk/base/nsIOService.cpp10
-rw-r--r--netwerk/base/nsIOService.h4
-rw-r--r--netwerk/base/nsIURI.idl60
-rw-r--r--netwerk/base/nsIURIWithQuery.idl30
-rw-r--r--netwerk/base/nsIURL.idl6
-rw-r--r--netwerk/base/nsSimpleURI.cpp6
-rw-r--r--netwerk/base/nsSimpleURI.h4
-rw-r--r--netwerk/base/nsStandardURL.cpp65
-rw-r--r--netwerk/base/nsStandardURL.h1
14 files changed, 203 insertions, 85 deletions
diff --git a/netwerk/base/LoadInfo.cpp b/netwerk/base/LoadInfo.cpp
index 42fdea4a1..ede825b8f 100644
--- a/netwerk/base/LoadInfo.cpp
+++ b/netwerk/base/LoadInfo.cpp
@@ -7,6 +7,7 @@
#include "mozilla/LoadInfo.h"
#include "mozilla/Assertions.h"
+#include "mozilla/dom/TabChild.h"
#include "mozilla/dom/ToJSValue.h"
#include "mozIThirdPartyUtil.h"
#include "nsFrameLoader.h"
@@ -47,12 +48,14 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
aTriggeringPrincipal : mLoadingPrincipal.get())
, mPrincipalToInherit(nullptr)
, mLoadingContext(do_GetWeakReference(aLoadingContext))
+ , mContextForTopLevelLoad(nullptr)
, mSecurityFlags(aSecurityFlags)
, mInternalContentPolicyType(aContentPolicyType)
, mTainting(LoadTainting::Basic)
, mUpgradeInsecureRequests(false)
, mVerifySignedContent(false)
, mEnforceSRI(false)
+ , mForceAllowDataURI(false)
, mForceInheritPrincipalDropped(false)
, mInnerWindowID(0)
, mOuterWindowID(0)
@@ -63,6 +66,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
, mIsThirdPartyContext(false)
, mForcePreflight(false)
, mIsPreflight(false)
+ , mLoadTriggeredFromExternal(false)
, mForceHSTSPriming(false)
, mMixedContentWouldBlock(false)
{
@@ -215,16 +219,19 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
*/
LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow,
nsIPrincipal* aTriggeringPrincipal,
+ nsISupports* aContextForTopLevelLoad,
nsSecurityFlags aSecurityFlags)
: mLoadingPrincipal(nullptr)
, mTriggeringPrincipal(aTriggeringPrincipal)
, mPrincipalToInherit(nullptr)
+ , mContextForTopLevelLoad(do_GetWeakReference(aContextForTopLevelLoad))
, mSecurityFlags(aSecurityFlags)
, mInternalContentPolicyType(nsIContentPolicy::TYPE_DOCUMENT)
, mTainting(LoadTainting::Basic)
, mUpgradeInsecureRequests(false)
, mVerifySignedContent(false)
, mEnforceSRI(false)
+ , mForceAllowDataURI(false)
, mForceInheritPrincipalDropped(false)
, mInnerWindowID(0)
, mOuterWindowID(0)
@@ -235,6 +242,7 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow,
, mIsThirdPartyContext(false) // NB: TYPE_DOCUMENT implies not third-party.
, mForcePreflight(false)
, mIsPreflight(false)
+ , mLoadTriggeredFromExternal(false)
, mForceHSTSPriming(false)
, mMixedContentWouldBlock(false)
{
@@ -276,12 +284,14 @@ LoadInfo::LoadInfo(const LoadInfo& rhs)
, mTriggeringPrincipal(rhs.mTriggeringPrincipal)
, mPrincipalToInherit(rhs.mPrincipalToInherit)
, mLoadingContext(rhs.mLoadingContext)
+ , mContextForTopLevelLoad(rhs.mContextForTopLevelLoad)
, mSecurityFlags(rhs.mSecurityFlags)
, mInternalContentPolicyType(rhs.mInternalContentPolicyType)
, mTainting(rhs.mTainting)
, mUpgradeInsecureRequests(rhs.mUpgradeInsecureRequests)
, mVerifySignedContent(rhs.mVerifySignedContent)
, mEnforceSRI(rhs.mEnforceSRI)
+ , mForceAllowDataURI(rhs.mForceAllowDataURI)
, mForceInheritPrincipalDropped(rhs.mForceInheritPrincipalDropped)
, mInnerWindowID(rhs.mInnerWindowID)
, mOuterWindowID(rhs.mOuterWindowID)
@@ -297,6 +307,7 @@ LoadInfo::LoadInfo(const LoadInfo& rhs)
, mCorsUnsafeHeaders(rhs.mCorsUnsafeHeaders)
, mForcePreflight(rhs.mForcePreflight)
, mIsPreflight(rhs.mIsPreflight)
+ , mLoadTriggeredFromExternal(rhs.mLoadTriggeredFromExternal)
, mForceHSTSPriming(rhs.mForceHSTSPriming)
, mMixedContentWouldBlock(rhs.mMixedContentWouldBlock)
{
@@ -311,6 +322,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
bool aUpgradeInsecureRequests,
bool aVerifySignedContent,
bool aEnforceSRI,
+ bool aForceAllowDataURI,
bool aForceInheritPrincipalDropped,
uint64_t aInnerWindowID,
uint64_t aOuterWindowID,
@@ -325,6 +337,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
const nsTArray<nsCString>& aCorsUnsafeHeaders,
bool aForcePreflight,
bool aIsPreflight,
+ bool aLoadTriggeredFromExternal,
bool aForceHSTSPriming,
bool aMixedContentWouldBlock)
: mLoadingPrincipal(aLoadingPrincipal)
@@ -336,6 +349,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
, mUpgradeInsecureRequests(aUpgradeInsecureRequests)
, mVerifySignedContent(aVerifySignedContent)
, mEnforceSRI(aEnforceSRI)
+ , mForceAllowDataURI(aForceAllowDataURI)
, mForceInheritPrincipalDropped(aForceInheritPrincipalDropped)
, mInnerWindowID(aInnerWindowID)
, mOuterWindowID(aOuterWindowID)
@@ -348,6 +362,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
, mCorsUnsafeHeaders(aCorsUnsafeHeaders)
, mForcePreflight(aForcePreflight)
, mIsPreflight(aIsPreflight)
+ , mLoadTriggeredFromExternal(aLoadTriggeredFromExternal)
, mForceHSTSPriming (aForceHSTSPriming)
, mMixedContentWouldBlock(aMixedContentWouldBlock)
{
@@ -477,6 +492,17 @@ LoadInfo::LoadingNode()
return node;
}
+nsISupports*
+LoadInfo::ContextForTopLevelLoad()
+{
+ // Most likely you want to query LoadingNode() instead of
+ // ContextForTopLevelLoad() if this assertion fires.
+ MOZ_ASSERT(mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
+ "should only query this context for top level document loads");
+ nsCOMPtr<nsISupports> context = do_QueryReferent(mContextForTopLevelLoad);
+ return context;
+}
+
NS_IMETHODIMP
LoadInfo::GetSecurityFlags(nsSecurityFlags* aResult)
{
@@ -648,6 +674,23 @@ LoadInfo::GetEnforceSRI(bool* aResult)
}
NS_IMETHODIMP
+LoadInfo::SetForceAllowDataURI(bool aForceAllowDataURI)
+{
+ MOZ_ASSERT(!mForceAllowDataURI ||
+ mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
+ "can only allow data URI navigation for TYPE_DOCUMENT");
+ mForceAllowDataURI = aForceAllowDataURI;
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+LoadInfo::GetForceAllowDataURI(bool* aForceAllowDataURI)
+{
+ *aForceAllowDataURI = mForceAllowDataURI;
+ return NS_OK;
+}
+
+NS_IMETHODIMP
LoadInfo::GetForceInheritPrincipalDropped(bool* aResult)
{
*aResult = mForceInheritPrincipalDropped;
@@ -873,6 +916,23 @@ LoadInfo::GetIsPreflight(bool* aIsPreflight)
}
NS_IMETHODIMP
+LoadInfo::SetLoadTriggeredFromExternal(bool aLoadTriggeredFromExternal)
+{
+ MOZ_ASSERT(!aLoadTriggeredFromExternal ||
+ mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
+ "can only set load triggered from external for TYPE_DOCUMENT");
+ mLoadTriggeredFromExternal = aLoadTriggeredFromExternal;
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+LoadInfo::GetLoadTriggeredFromExternal(bool* aLoadTriggeredFromExternal)
+{
+ *aLoadTriggeredFromExternal = mLoadTriggeredFromExternal;
+ return NS_OK;
+}
+
+NS_IMETHODIMP
LoadInfo::GetForceHSTSPriming(bool* aForceHSTSPriming)
{
*aForceHSTSPriming = mForceHSTSPriming;
diff --git a/netwerk/base/LoadInfo.h b/netwerk/base/LoadInfo.h
index 3e1b92ff4..0ae6061b3 100644
--- a/netwerk/base/LoadInfo.h
+++ b/netwerk/base/LoadInfo.h
@@ -59,10 +59,12 @@ public:
nsSecurityFlags aSecurityFlags,
nsContentPolicyType aContentPolicyType);
- // Constructor used for TYPE_DOCUMENT loads which have no reasonable
- // loadingNode or loadingPrincipal
+ // Constructor used for TYPE_DOCUMENT loads which have a different
+ // loadingContext than other loads. This ContextForTopLevelLoad is
+ // only used for content policy checks.
LoadInfo(nsPIDOMWindowOuter* aOuterWindow,
nsIPrincipal* aTriggeringPrincipal,
+ nsISupports* aContextForTopLevelLoad,
nsSecurityFlags aSecurityFlags);
// create an exact copy of the loadinfo
@@ -94,6 +96,7 @@ private:
bool aUpgradeInsecureRequests,
bool aVerifySignedContent,
bool aEnforceSRI,
+ bool aForceAllowDataURI,
bool aForceInheritPrincipalDropped,
uint64_t aInnerWindowID,
uint64_t aOuterWindowID,
@@ -108,6 +111,7 @@ private:
const nsTArray<nsCString>& aUnsafeHeaders,
bool aForcePreflight,
bool aIsPreflight,
+ bool aLoadTriggeredFromExternal,
bool aForceHSTSPriming,
bool aMixedContentWouldBlock);
LoadInfo(const LoadInfo& rhs);
@@ -132,12 +136,14 @@ private:
nsCOMPtr<nsIPrincipal> mTriggeringPrincipal;
nsCOMPtr<nsIPrincipal> mPrincipalToInherit;
nsWeakPtr mLoadingContext;
+ nsWeakPtr mContextForTopLevelLoad;
nsSecurityFlags mSecurityFlags;
nsContentPolicyType mInternalContentPolicyType;
LoadTainting mTainting;
bool mUpgradeInsecureRequests;
bool mVerifySignedContent;
bool mEnforceSRI;
+ bool mForceAllowDataURI;
bool mForceInheritPrincipalDropped;
uint64_t mInnerWindowID;
uint64_t mOuterWindowID;
@@ -152,6 +158,7 @@ private:
nsTArray<nsCString> mCorsUnsafeHeaders;
bool mForcePreflight;
bool mIsPreflight;
+ bool mLoadTriggeredFromExternal;
bool mForceHSTSPriming : 1;
bool mMixedContentWouldBlock : 1;
diff --git a/netwerk/base/moz.build b/netwerk/base/moz.build
index 3b731db10..5de1eea81 100644
--- a/netwerk/base/moz.build
+++ b/netwerk/base/moz.build
@@ -132,7 +132,6 @@ XPIDL_SOURCES += [
'nsIURIClassifier.idl',
'nsIURIWithBlobImpl.idl',
'nsIURIWithPrincipal.idl',
- 'nsIURIWithQuery.idl',
'nsIURL.idl',
'nsIURLParser.idl',
'nsPILoadGroupInternal.idl',
diff --git a/netwerk/base/nsBufferedStreams.h b/netwerk/base/nsBufferedStreams.h
index 93a770beb..fee55695a 100644
--- a/netwerk/base/nsBufferedStreams.h
+++ b/netwerk/base/nsBufferedStreams.h
@@ -88,10 +88,10 @@ protected:
////////////////////////////////////////////////////////////////////////////////
-class nsBufferedOutputStream final : public nsBufferedStream,
- public nsISafeOutputStream,
- public nsIBufferedOutputStream,
- public nsIStreamBufferAccess
+class nsBufferedOutputStream : public nsBufferedStream,
+ public nsISafeOutputStream,
+ public nsIBufferedOutputStream,
+ public nsIStreamBufferAccess
{
public:
NS_DECL_ISUPPORTS_INHERITED
diff --git a/netwerk/base/nsILoadInfo.idl b/netwerk/base/nsILoadInfo.idl
index 78433c8b8..4ec29b972 100644
--- a/netwerk/base/nsILoadInfo.idl
+++ b/netwerk/base/nsILoadInfo.idl
@@ -324,6 +324,16 @@ interface nsILoadInfo : nsISupports
nsINode binaryLoadingNode();
/**
+ * A C++ friendly version of the loadingContext for toplevel loads.
+ * Most likely you want to query the ownerDocument or LoadingNode
+ * and not this context only available for TYPE_DOCUMENT loads.
+ * Please note that except for loads of TYPE_DOCUMENT, this
+ * ContextForTopLevelLoad will always return null.
+ */
+ [noscript, notxpcom, nostdcall, binaryname(ContextForTopLevelLoad)]
+ nsISupports binaryContextForTopLevelLoad();
+
+ /**
* The securityFlags of that channel.
*/
readonly attribute nsSecurityFlags securityFlags;
@@ -470,6 +480,11 @@ interface nsILoadInfo : nsISupports
[infallible] attribute boolean enforceSRI;
/**
+ * If true, toplevel data: URI navigation is allowed
+ */
+ [infallible] attribute boolean forceAllowDataURI;
+
+ /**
* The SEC_FORCE_INHERIT_PRINCIPAL flag may be dropped when a load info
* object is created. Specifically, it will be dropped if the SEC_SANDBOXED
* flag is also present. This flag is set if SEC_FORCE_INHERIT_PRINCIPAL was
@@ -575,6 +590,13 @@ interface nsILoadInfo : nsISupports
[infallible] attribute boolean initialSecurityCheckDone;
/**
+ * Returns true if the load was triggered from an external application
+ * (e.g. Thunderbird). Please note that this flag will only ever be true
+ * if the load is of TYPE_DOCUMENT.
+ */
+ [infallible] attribute boolean loadTriggeredFromExternal;
+
+ /**
* Whenever a channel gets redirected, append the principal of the
* channel [before the channels got redirected] to the loadinfo,
* so that at every point this array lets us reason about all the
diff --git a/netwerk/base/nsIOService.cpp b/netwerk/base/nsIOService.cpp
index 0da79c18a..8b7f31f99 100644
--- a/netwerk/base/nsIOService.cpp
+++ b/netwerk/base/nsIOService.cpp
@@ -173,6 +173,8 @@ uint32_t nsIOService::gDefaultSegmentCount = 24;
bool nsIOService::sTelemetryEnabled = false;
+bool nsIOService::sBlockToplevelDataUriNavigations = false;
+
////////////////////////////////////////////////////////////////////////////////
nsIOService::nsIOService()
@@ -251,6 +253,8 @@ nsIOService::Init()
NS_WARNING("failed to get observer service");
Preferences::AddBoolVarCache(&sTelemetryEnabled, "toolkit.telemetry.enabled", false);
+ Preferences::AddBoolVarCache(&sBlockToplevelDataUriNavigations,
+ "security.data_uri.block_toplevel_data_uri_navigations", false);
Preferences::AddBoolVarCache(&mOfflineMirrorsConnectivity, OFFLINE_MIRRORS_CONNECTIVITY, true);
gIOService = this;
@@ -1876,5 +1880,11 @@ nsIOService::SpeculativeAnonymousConnect2(nsIURI *aURI,
return SpeculativeConnectInternal(aURI, aPrincipal, aCallbacks, true);
}
+/*static*/ bool
+nsIOService::BlockToplevelDataUriNavigations()
+{
+ return sBlockToplevelDataUriNavigations;
+}
+
} // namespace net
} // namespace mozilla
diff --git a/netwerk/base/nsIOService.h b/netwerk/base/nsIOService.h
index 7ac23b791..e592c4d1c 100644
--- a/netwerk/base/nsIOService.h
+++ b/netwerk/base/nsIOService.h
@@ -95,6 +95,8 @@ public:
bool IsLinkUp();
+ static bool BlockToplevelDataUriNavigations();
+
// Used to trigger a recheck of the captive portal status
nsresult RecheckCaptivePortal();
private:
@@ -176,6 +178,8 @@ private:
static bool sTelemetryEnabled;
+ static bool sBlockToplevelDataUriNavigations;
+
// These timestamps are needed for collecting telemetry on PR_Connect,
// PR_ConnectContinue and PR_Close blocking time. If we spend very long
// time in any of these functions we want to know if and what network
diff --git a/netwerk/base/nsIURI.idl b/netwerk/base/nsIURI.idl
index 2384c5fd9..ef163813a 100644
--- a/netwerk/base/nsIURI.idl
+++ b/netwerk/base/nsIURI.idl
@@ -10,18 +10,18 @@
* provides accessors to set and query the most basic components of an URI.
* Subclasses, including nsIURL, impose greater structure on the URI.
*
- * This interface follows Tim Berners-Lee's URI spec (RFC2396) [1], where the
+ * This interface follows Tim Berners-Lee's URI spec (RFC3986) [1], where the
* basic URI components are defined as such:
* <pre>
- * ftp://username:password@hostname:portnumber/pathname#ref
- * \ / \ / \ / \ /\ \ /
- * - --------------- ------ -------- | -
- * | | | | | |
- * | | | | | Ref
- * | | | Port \ /
- * | | Host / --------
- * | UserPass / |
- * Scheme / Path
+ * ftp://username:password@hostname:portnumber/pathname?query#ref
+ * \ / \ / \ / \ /\ / \ / \ /
+ * - --------------- ------ -------- ------- --- -
+ * | | | | | | |
+ * | | | | FilePath Query Ref
+ * | | | Port \ /
+ * | | Host / ------------
+ * | UserPass / |
+ * Scheme / Path
* \ /
* --------------------------------
* |
@@ -30,13 +30,9 @@
* The definition of the URI components has been extended to allow for
* internationalized domain names [2] and the more generic IRI structure [3].
*
- * Note also that the RFC defines #-separated fragment identifiers as being
- * "not part of the URI". Despite this, we bundle them as part of the URI, for
- * convenience.
- *
- * [1] http://www.ietf.org/rfc/rfc2396.txt
- * [2] http://www.ietf.org/internet-drafts/draft-ietf-idn-idna-06.txt
- * [3] http://www.ietf.org/internet-drafts/draft-masinter-url-i18n-08.txt
+ * [1] https://tools.ietf.org/html/rfc3986
+ * [2] https://tools.ietf.org/html/rfc5890
+ * [3] https://tools.ietf.org/html/rfc3987
*/
%{C++
@@ -116,7 +112,7 @@ interface nsIURI : nsISupports
/**
* The Scheme is the protocol to which this URI refers. The scheme is
- * restricted to the US-ASCII charset per RFC2396. Setting this is
+ * restricted to the US-ASCII charset per RFC3986. Setting this is
* highly discouraged outside of a protocol handler implementation, since
* that will generally lead to incorrect results.
*/
@@ -174,6 +170,9 @@ interface nsIURI : nsISupports
* empty, depending on the protocol).
*
* Some characters may be escaped.
+ *
+ * This attribute contains query and ref parts for historical reasons.
+ * Use the 'filePath' attribute if you do not want those parts included.
*/
attribute AUTF8String path;
@@ -281,10 +280,31 @@ interface nsIURI : nsISupports
/**
* returns a string for the current URI with the ref element cleared.
*/
- readonly attribute AUTF8String specIgnoringRef;
+ readonly attribute AUTF8String specIgnoringRef;
/**
* Returns if there is a reference portion (the part after the "#") of the URI.
*/
- readonly attribute boolean hasRef;
+ readonly attribute boolean hasRef;
+
+ /************************************************************************
+ * Additional attributes added for .query support:
+ */
+
+ /**
+ * Returns a path including the directory and file portions of a
+ * URL. For example, the filePath of "http://host/foo/bar.html#baz"
+ * is "/foo/bar.html".
+ *
+ * Some characters may be escaped.
+ */
+ attribute AUTF8String filePath;
+
+ /**
+ * Returns the query portion (the part after the "?") of the URL.
+ * If there isn't one, an empty string is returned.
+ *
+ * Some characters may be escaped.
+ */
+ attribute AUTF8String query;
};
diff --git a/netwerk/base/nsIURIWithQuery.idl b/netwerk/base/nsIURIWithQuery.idl
deleted file mode 100644
index 749b2773d..000000000
--- a/netwerk/base/nsIURIWithQuery.idl
+++ /dev/null
@@ -1,30 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-#include "nsIURI.idl"
-
-/**
- * nsIURIWithQuery is implemented by URIs which have a query parameter.
- * This is useful for the URL API.
- */
-[scriptable, uuid(367510ee-8556-435a-8f99-b5fd357e08cc)]
-interface nsIURIWithQuery : nsIURI
-{
- /**
- * Returns a path including the directory and file portions of a
- * URL. For example, the filePath of "http://host/foo/bar.html#baz"
- * is "/foo/bar.html".
- *
- * Some characters may be escaped.
- */
- attribute AUTF8String filePath;
-
- /**
- * Returns the query portion (the part after the "?") of the URL.
- * If there isn't one, an empty string is returned.
- *
- * Some characters may be escaped.
- */
- attribute AUTF8String query;
-};
diff --git a/netwerk/base/nsIURL.idl b/netwerk/base/nsIURL.idl
index aeaa3f694..9ff6c3dcd 100644
--- a/netwerk/base/nsIURL.idl
+++ b/netwerk/base/nsIURL.idl
@@ -3,7 +3,7 @@
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-#include "nsIURIWithQuery.idl"
+#include "nsIURI.idl"
/**
* The nsIURL interface provides convenience methods that further
@@ -20,7 +20,7 @@
* filePath
*/
[scriptable, uuid(86adcd89-0b70-47a2-b0fe-5bb2c5f37e31)]
-interface nsIURL : nsIURIWithQuery
+interface nsIURL : nsIURI
{
/*************************************************************************
* The URL path is broken down into the following principal components:
@@ -28,7 +28,7 @@ interface nsIURL : nsIURIWithQuery
* attribute AUTF8String filePath;
* attribute AUTF8String query;
*
- * These are inherited from nsIURIWithQuery.
+ * These are inherited from nsIURI.
*/
/*************************************************************************
diff --git a/netwerk/base/nsSimpleURI.cpp b/netwerk/base/nsSimpleURI.cpp
index ae5c51a1e..dbc0dc817 100644
--- a/netwerk/base/nsSimpleURI.cpp
+++ b/netwerk/base/nsSimpleURI.cpp
@@ -48,7 +48,7 @@ nsSimpleURI::~nsSimpleURI()
NS_IMPL_ADDREF(nsSimpleURI)
NS_IMPL_RELEASE(nsSimpleURI)
NS_INTERFACE_TABLE_HEAD(nsSimpleURI)
-NS_INTERFACE_TABLE(nsSimpleURI, nsIURI, nsIURIWithQuery, nsISerializable,
+NS_INTERFACE_TABLE(nsSimpleURI, nsIURI, nsISerializable,
nsIClassInfo, nsIMutable, nsIIPCSerializableURI)
NS_INTERFACE_TABLE_TO_MAP_SEGUE
if (aIID.Equals(kThisSimpleURIImplementationCID))
@@ -784,10 +784,6 @@ nsSimpleURI::SizeOfIncludingThis(MallocSizeOf aMallocSizeOf) const {
return aMallocSizeOf(this) + SizeOfExcludingThis(aMallocSizeOf);
}
-//----------------------------------------------------------------------------
-// nsSimpleURI::nsIURIWithQuery
-//----------------------------------------------------------------------------
-
NS_IMETHODIMP
nsSimpleURI::GetFilePath(nsACString& aFilePath)
{
diff --git a/netwerk/base/nsSimpleURI.h b/netwerk/base/nsSimpleURI.h
index 29bc9b313..842136ed6 100644
--- a/netwerk/base/nsSimpleURI.h
+++ b/netwerk/base/nsSimpleURI.h
@@ -8,7 +8,6 @@
#include "mozilla/MemoryReporting.h"
#include "nsIURI.h"
-#include "nsIURIWithQuery.h"
#include "nsISerializable.h"
#include "nsString.h"
#include "nsIClassInfo.h"
@@ -28,7 +27,7 @@ namespace net {
}
class nsSimpleURI
- : public nsIURIWithQuery
+ : public nsIURI
, public nsISerializable
, public nsIClassInfo
, public nsIMutable
@@ -41,7 +40,6 @@ protected:
public:
NS_DECL_ISUPPORTS
NS_DECL_NSIURI
- NS_DECL_NSIURIWITHQUERY
NS_DECL_NSISERIALIZABLE
NS_DECL_NSICLASSINFO
NS_DECL_NSIMUTABLE
diff --git a/netwerk/base/nsStandardURL.cpp b/netwerk/base/nsStandardURL.cpp
index 21c4cf7fd..e2a290e4d 100644
--- a/netwerk/base/nsStandardURL.cpp
+++ b/netwerk/base/nsStandardURL.cpp
@@ -1182,7 +1182,6 @@ NS_IMPL_RELEASE(nsStandardURL)
NS_INTERFACE_MAP_BEGIN(nsStandardURL)
NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIStandardURL)
NS_INTERFACE_MAP_ENTRY(nsIURI)
- NS_INTERFACE_MAP_ENTRY(nsIURIWithQuery)
NS_INTERFACE_MAP_ENTRY(nsIURL)
NS_INTERFACE_MAP_ENTRY_CONDITIONAL(nsIFileURL, mSupportsFileURL)
NS_INTERFACE_MAP_ENTRY(nsIStandardURL)
@@ -3442,10 +3441,29 @@ ToIPCSegment(const nsStandardURL::URLSegment& aSegment)
}
inline
-nsStandardURL::URLSegment
-FromIPCSegment(const ipc::StandardURLSegment& aSegment)
+MOZ_MUST_USE bool
+FromIPCSegment(const nsACString& aSpec, const ipc::StandardURLSegment& aSegment, nsStandardURL::URLSegment& aTarget)
{
- return nsStandardURL::URLSegment(aSegment.position(), aSegment.length());
+ // This seems to be just an empty segment.
+ if (aSegment.length() == -1) {
+ aTarget = nsStandardURL::URLSegment();
+ return true;
+ }
+
+ // A value of -1 means an empty segment, but < -1 is undefined.
+ if (NS_WARN_IF(aSegment.length() < -1)) {
+ return false;
+ }
+
+ // Make sure the segment does not extend beyond the spec.
+ if (NS_WARN_IF(aSegment.position() + aSegment.length() > aSpec.Length())) {
+ return false;
+ }
+
+ aTarget.mPos = aSegment.position();
+ aTarget.mLen = aSegment.length();
+
+ return true;
}
void
@@ -3520,23 +3538,38 @@ nsStandardURL::Deserialize(const URIParams& aParams)
mPort = params.port();
mDefaultPort = params.defaultPort();
mSpec = params.spec();
- mScheme = FromIPCSegment(params.scheme());
- mAuthority = FromIPCSegment(params.authority());
- mUsername = FromIPCSegment(params.username());
- mPassword = FromIPCSegment(params.password());
- mHost = FromIPCSegment(params.host());
- mPath = FromIPCSegment(params.path());
- mFilepath = FromIPCSegment(params.filePath());
- mDirectory = FromIPCSegment(params.directory());
- mBasename = FromIPCSegment(params.baseName());
- mExtension = FromIPCSegment(params.extension());
- mQuery = FromIPCSegment(params.query());
- mRef = FromIPCSegment(params.ref());
+
+ NS_ENSURE_TRUE(mSpec.Length() <= (uint32_t) net_GetURLMaxLength(), false);
+ NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.scheme(), mScheme), false);
+ NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.authority(), mAuthority), false);
+ NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.username(), mUsername), false);
+ NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.password(), mPassword), false);
+ NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.host(), mHost), false);
+ NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.path(), mPath), false);
+ NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.filePath(), mFilepath), false);
+ NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.directory(), mDirectory), false);
+ NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.baseName(), mBasename), false);
+ NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.extension(), mExtension), false);
+ NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.query(), mQuery), false);
+ NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.ref(), mRef), false);
+
mOriginCharset = params.originCharset();
mMutable = params.isMutable();
mSupportsFileURL = params.supportsFileURL();
mHostEncoding = params.hostEncoding();
+ // Some sanity checks
+ NS_ENSURE_TRUE(mScheme.mPos == 0, false);
+ NS_ENSURE_TRUE(mScheme.mLen > 0, false);
+ // Make sure scheme is followed by :// (3 characters)
+ NS_ENSURE_TRUE(mScheme.mLen < INT32_MAX - 3, false); // avoid overflow
+ NS_ENSURE_TRUE(mSpec.Length() >= (uint32_t) mScheme.mLen + 3, false);
+ NS_ENSURE_TRUE(nsDependentCSubstring(mSpec, mScheme.mLen, 3).EqualsLiteral("://"), false);
+ NS_ENSURE_TRUE(mPath.mLen != -1 && mSpec.CharAt(mPath.mPos) == '/', false);
+ NS_ENSURE_TRUE(mPath.mPos == mFilepath.mPos, false);
+ NS_ENSURE_TRUE(mQuery.mLen == -1 || mSpec.CharAt(mQuery.mPos - 1) == '?', false);
+ NS_ENSURE_TRUE(mRef.mLen == -1 || mSpec.CharAt(mRef.mPos - 1) == '#', false);
+
// mSpecEncoding and mHostA are just caches that can be recovered as needed.
return true;
}
diff --git a/netwerk/base/nsStandardURL.h b/netwerk/base/nsStandardURL.h
index 90f7f7db2..0ca345572 100644
--- a/netwerk/base/nsStandardURL.h
+++ b/netwerk/base/nsStandardURL.h
@@ -54,7 +54,6 @@ protected:
public:
NS_DECL_ISUPPORTS
NS_DECL_NSIURI
- NS_DECL_NSIURIWITHQUERY
NS_DECL_NSIURL
NS_DECL_NSIFILEURL
NS_DECL_NSISTANDARDURL