From 29bd11c3cd6ff41f7167530f9bbcd9d195b7c427 Mon Sep 17 00:00:00 2001 From: janekptacijarabaci Date: Sun, 22 Apr 2018 21:47:27 +0200 Subject: Bug 1182569: Use AsyncOpen2 for docshell loads native in moebius --- docshell/base/nsDocShell.cpp | 23 +++--------------- dom/jsurl/nsJSProtocolHandler.cpp | 49 ++++++++++++++------------------------- uriloader/base/nsURILoader.cpp | 2 +- 3 files changed, 21 insertions(+), 53 deletions(-) diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index b1fcc5c23..6810d0179 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -69,7 +69,6 @@ #include "nsIScriptSecurityManager.h" #include "nsIScriptObjectPrincipal.h" #include "nsIScrollableFrame.h" -#include "nsContentPolicyUtils.h" // NS_CheckContentLoadPolicy(...) #include "nsISeekableStream.h" #include "nsAutoPtr.h" #include "nsQueryObject.h" @@ -1644,7 +1643,7 @@ nsDocShell::LoadStream(nsIInputStream* aStream, nsIURI* aURI, uri, aStream, triggeringPrincipal, - nsILoadInfo::SEC_NORMAL, + nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL, nsIContentPolicy::TYPE_OTHER, aContentType, aContentCharset); @@ -9943,23 +9942,6 @@ nsDocShell::InternalLoad(nsIURI* aURI, rv = extraStr->SetData(msg); NS_ENSURE_SUCCESS(rv, rv); - int16_t shouldLoad = nsIContentPolicy::ACCEPT; - rv = NS_CheckContentLoadPolicy(contentType, - aURI, - aTriggeringPrincipal, - requestingContext, - EmptyCString(), // mime guess - extraStr, // extra - &shouldLoad); - - if (NS_FAILED(rv) || NS_CP_REJECTED(shouldLoad)) { - if (NS_SUCCEEDED(rv) && shouldLoad == nsIContentPolicy::REJECT_TYPE) { - return NS_ERROR_CONTENT_BLOCKED_SHOW_ALT; - } - - return NS_ERROR_CONTENT_BLOCKED; - } - // If HSTS priming was set by nsMixedContentBlocker::ShouldLoad, and we // would block due to mixed content, go ahead and block here. If we try to // proceed with priming, we will error out later on. @@ -10949,7 +10931,8 @@ nsDocShell::DoURILoad(nsIURI* aURI, } nsLoadFlags loadFlags = mDefaultLoadFlags; - nsSecurityFlags securityFlags = nsILoadInfo::SEC_NORMAL; + nsSecurityFlags securityFlags = + nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL; if (aFirstParty) { // tag first party URL loads diff --git a/dom/jsurl/nsJSProtocolHandler.cpp b/dom/jsurl/nsJSProtocolHandler.cpp index cdb63f890..90171db10 100644 --- a/dom/jsurl/nsJSProtocolHandler.cpp +++ b/dom/jsurl/nsJSProtocolHandler.cpp @@ -36,7 +36,6 @@ #include "nsIContentViewer.h" #include "nsIXPConnect.h" #include "nsContentUtils.h" -#include "nsNullPrincipal.h" #include "nsJSUtils.h" #include "nsThreadUtils.h" #include "nsIScriptChannel.h" @@ -336,7 +335,7 @@ public: NS_FORWARD_SAFE_NSIPROPERTYBAG(mPropertyBag) NS_FORWARD_SAFE_NSIPROPERTYBAG2(mPropertyBag) - nsresult Init(nsIURI *aURI); + nsresult Init(nsIURI *aURI, nsILoadInfo* aLoadInfo); // Actually evaluate the script. void EvaluateScript(); @@ -354,17 +353,16 @@ protected: nsCOMPtr mStreamChannel; nsCOMPtr mPropertyBag; nsCOMPtr mListener; // Our final listener - nsCOMPtr mContext; // The context passed to AsyncOpen nsCOMPtr mOriginalInnerWindow; // The inner window our load // started against. - // If we blocked onload on a document in AsyncOpen, this is the document we + // If we blocked onload on a document in AsyncOpen2, this is the document we // did it on. nsCOMPtr mDocumentOnloadBlockedOn; nsresult mStatus; // Our status nsLoadFlags mLoadFlags; - nsLoadFlags mActualLoadFlags; // See AsyncOpen + nsLoadFlags mActualLoadFlags; // See AsyncOpen2 RefPtr mIOThunk; PopupControlState mPopupState; @@ -404,7 +402,7 @@ nsresult nsJSChannel::StopAll() return rv; } -nsresult nsJSChannel::Init(nsIURI *aURI) +nsresult nsJSChannel::Init(nsIURI* aURI, nsILoadInfo* aLoadInfo) { RefPtr jsURI; nsresult rv = aURI->QueryInterface(kJSURICID, @@ -418,21 +416,13 @@ nsresult nsJSChannel::Init(nsIURI *aURI) // Remember, until AsyncOpen is called, the script will not be evaluated // and the underlying Input Stream will not be created... nsCOMPtr channel; - - nsCOMPtr nullPrincipal = nsNullPrincipal::Create(); - - // If the resultant script evaluation actually does return a value, we - // treat it as html. - // The following channel is never openend, so it does not matter what - // securityFlags we pass; let's follow the principle of least privilege. - rv = NS_NewInputStreamChannel(getter_AddRefs(channel), - aURI, - mIOThunk, - nullPrincipal, - nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED, - nsIContentPolicy::TYPE_OTHER, - NS_LITERAL_CSTRING("text/html")); - if (NS_FAILED(rv)) return rv; + rv = NS_NewInputStreamChannelInternal(getter_AddRefs(channel), + aURI, + mIOThunk, + NS_LITERAL_CSTRING("text/html"), + EmptyCString(), + aLoadInfo); + NS_ENSURE_SUCCESS(rv, rv); rv = mIOThunk->Init(aURI); if (NS_SUCCEEDED(rv)) { @@ -563,6 +553,7 @@ nsJSChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext) "security flags in loadInfo but asyncOpen2() not called"); } #endif + MOZ_RELEASE_ASSERT(!aContext, "please call AsyncOpen2()"); NS_ENSURE_ARG(aListener); @@ -584,7 +575,6 @@ nsJSChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext) } mListener = aListener; - mContext = aContext; mIsActive = true; @@ -655,7 +645,7 @@ nsJSChannel::AsyncOpen(nsIStreamListener *aListener, nsISupports *aContext) return mStatus; } - // We're returning success from asyncOpen(), but we didn't open a + // We're returning success from asyncOpen2(), but we didn't open a // stream channel. We'll have to notify ourselves, but make sure to do // it asynchronously. method = &nsJSChannel::NotifyListener; @@ -772,7 +762,7 @@ nsJSChannel::EvaluateScript() return; } - mStatus = mStreamChannel->AsyncOpen(this, mContext); + mStatus = mStreamChannel->AsyncOpen2(this); if (NS_SUCCEEDED(mStatus)) { // mStreamChannel will call OnStartRequest and OnStopRequest on // us, so we'll be sure to call them on our listener. @@ -800,8 +790,8 @@ nsJSChannel::EvaluateScript() void nsJSChannel::NotifyListener() { - mListener->OnStartRequest(this, mContext); - mListener->OnStopRequest(this, mContext, mStatus); + mListener->OnStartRequest(this, nullptr); + mListener->OnStopRequest(this, nullptr, mStatus); CleanupStrongRefs(); } @@ -810,7 +800,6 @@ void nsJSChannel::CleanupStrongRefs() { mListener = nullptr; - mContext = nullptr; mOriginalInnerWindow = nullptr; if (mDocumentOnloadBlockedOn) { mDocumentOnloadBlockedOn->UnblockOnload(false); @@ -1240,11 +1229,7 @@ nsJSProtocolHandler::NewChannel2(nsIURI* uri, return NS_ERROR_OUT_OF_MEMORY; } - rv = channel->Init(uri); - NS_ENSURE_SUCCESS(rv, rv); - - // set the loadInfo on the new channel - rv = channel->SetLoadInfo(aLoadInfo); + rv = channel->Init(uri, aLoadInfo); NS_ENSURE_SUCCESS(rv, rv); if (NS_SUCCEEDED(rv)) { diff --git a/uriloader/base/nsURILoader.cpp b/uriloader/base/nsURILoader.cpp index 69475d68f..ea370aa37 100644 --- a/uriloader/base/nsURILoader.cpp +++ b/uriloader/base/nsURILoader.cpp @@ -834,7 +834,7 @@ NS_IMETHODIMP nsURILoader::OpenURI(nsIChannel *channel, // the preferred protocol handler. // But for now, I'm going to let necko do the work for us.... - rv = channel->AsyncOpen(loader, nullptr); + rv = channel->AsyncOpen2(loader); // no content from this load - that's OK. if (rv == NS_ERROR_NO_CONTENT) { -- cgit v1.2.3