gecko/dom/fetch/InternalRequest.cpp

200 lines
6.0 KiB
C++
Raw Normal View History

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "InternalRequest.h"
#include "nsIContentPolicy.h"
#include "nsIDocument.h"
#include "nsStreamUtils.h"
#include "mozilla/ErrorResult.h"
#include "mozilla/dom/ScriptSettings.h"
#include "mozilla/dom/workers/Workers.h"
#include "WorkerPrivate.h"
namespace mozilla {
namespace dom {
// The global is used to extract the principal.
already_AddRefed<InternalRequest>
InternalRequest::GetRequestConstructorCopy(nsIGlobalObject* aGlobal, ErrorResult& aRv) const
{
nsRefPtr<InternalRequest> copy = new InternalRequest();
copy->mURL.Assign(mURL);
copy->SetMethod(mMethod);
copy->mHeaders = new InternalHeaders(*mHeaders);
copy->SetUnsafeRequest();
copy->mBodyStream = mBodyStream;
copy->mForceOriginHeader = true;
// The "client" is not stored in our implementation. Fetch API users should
// use the appropriate window/document/principal and other Gecko security
// mechanisms as appropriate.
copy->mSameOriginDataURL = true;
copy->mPreserveContentCodings = true;
// The default referrer is already about:client.
copy->mContentPolicyType = nsIContentPolicy::TYPE_FETCH;
copy->mMode = mMode;
copy->mCredentialsMode = mCredentialsMode;
copy->mCacheMode = mCacheMode;
copy->mCreatedByFetchEvent = mCreatedByFetchEvent;
return copy.forget();
}
already_AddRefed<InternalRequest>
InternalRequest::Clone()
{
nsRefPtr<InternalRequest> clone = new InternalRequest(*this);
if (!mBodyStream) {
return clone.forget();
}
nsCOMPtr<nsIInputStream> clonedBody;
nsCOMPtr<nsIInputStream> replacementBody;
nsresult rv = NS_CloneInputStream(mBodyStream, getter_AddRefs(clonedBody),
getter_AddRefs(replacementBody));
if (NS_WARN_IF(NS_FAILED(rv))) { return nullptr; }
clone->mBodyStream.swap(clonedBody);
if (replacementBody) {
mBodyStream.swap(replacementBody);
}
return clone.forget();
}
InternalRequest::InternalRequest(const InternalRequest& aOther)
: mMethod(aOther.mMethod)
, mURL(aOther.mURL)
, mHeaders(new InternalHeaders(*aOther.mHeaders))
, mContentPolicyType(aOther.mContentPolicyType)
, mReferrer(aOther.mReferrer)
, mMode(aOther.mMode)
, mCredentialsMode(aOther.mCredentialsMode)
, mResponseTainting(aOther.mResponseTainting)
, mCacheMode(aOther.mCacheMode)
, mAuthenticationFlag(aOther.mAuthenticationFlag)
, mForceOriginHeader(aOther.mForceOriginHeader)
, mPreserveContentCodings(aOther.mPreserveContentCodings)
, mSameOriginDataURL(aOther.mSameOriginDataURL)
, mSandboxedStorageAreaURLs(aOther.mSandboxedStorageAreaURLs)
, mSkipServiceWorker(aOther.mSkipServiceWorker)
, mSynchronous(aOther.mSynchronous)
, mUnsafeRequest(aOther.mUnsafeRequest)
, mUseURLCredentials(aOther.mUseURLCredentials)
, mCreatedByFetchEvent(aOther.mCreatedByFetchEvent)
{
// NOTE: does not copy body stream... use the fallible Clone() for that
}
InternalRequest::~InternalRequest()
{
}
void
InternalRequest::SetContentPolicyType(nsContentPolicyType aContentPolicyType)
{
mContentPolicyType = aContentPolicyType;
}
/* static */
RequestContext
InternalRequest::MapContentPolicyTypeToRequestContext(nsContentPolicyType aContentPolicyType)
{
RequestContext context = RequestContext::Internal;
switch (aContentPolicyType) {
case nsIContentPolicy::TYPE_OTHER:
context = RequestContext::Internal;
break;
case nsIContentPolicy::TYPE_INTERNAL_SCRIPT:
context = RequestContext::Script;
break;
case nsIContentPolicy::TYPE_INTERNAL_WORKER:
context = RequestContext::Worker;
break;
case nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER:
context = RequestContext::Sharedworker;
break;
case nsIContentPolicy::TYPE_IMAGE:
context = RequestContext::Image;
break;
case nsIContentPolicy::TYPE_STYLESHEET:
context = RequestContext::Style;
break;
case nsIContentPolicy::TYPE_OBJECT:
context = RequestContext::Object;
break;
case nsIContentPolicy::TYPE_DOCUMENT:
context = RequestContext::Internal;
break;
case nsIContentPolicy::TYPE_SUBDOCUMENT:
context = RequestContext::Iframe;
break;
case nsIContentPolicy::TYPE_REFRESH:
context = RequestContext::Internal;
break;
case nsIContentPolicy::TYPE_XBL:
context = RequestContext::Internal;
break;
case nsIContentPolicy::TYPE_PING:
context = RequestContext::Ping;
break;
case nsIContentPolicy::TYPE_XMLHTTPREQUEST:
context = RequestContext::Xmlhttprequest;
break;
case nsIContentPolicy::TYPE_OBJECT_SUBREQUEST:
context = RequestContext::Plugin;
break;
case nsIContentPolicy::TYPE_DTD:
context = RequestContext::Internal;
break;
case nsIContentPolicy::TYPE_FONT:
context = RequestContext::Font;
break;
case nsIContentPolicy::TYPE_INTERNAL_AUDIO:
context = RequestContext::Audio;
break;
case nsIContentPolicy::TYPE_INTERNAL_VIDEO:
context = RequestContext::Video;
break;
case nsIContentPolicy::TYPE_INTERNAL_TRACK:
context = RequestContext::Track;
break;
case nsIContentPolicy::TYPE_WEBSOCKET:
context = RequestContext::Internal;
break;
case nsIContentPolicy::TYPE_CSP_REPORT:
context = RequestContext::Cspreport;
break;
case nsIContentPolicy::TYPE_XSLT:
context = RequestContext::Xslt;
break;
case nsIContentPolicy::TYPE_BEACON:
context = RequestContext::Beacon;
break;
case nsIContentPolicy::TYPE_FETCH:
context = RequestContext::Fetch;
break;
case nsIContentPolicy::TYPE_IMAGESET:
context = RequestContext::Imageset;
break;
Bug 1089255 - Implement and test manifest-src CSP directive. r=bholley, r=dveditz, r=ckerschb --- dom/base/nsContentPolicyUtils.h | 1 + dom/base/nsDataDocumentContentPolicy.cpp | 3 +- dom/base/nsIContentPolicy.idl | 2 +- dom/base/nsIContentPolicyBase.idl | 7 +- dom/base/nsISimpleContentPolicy.idl | 2 +- dom/base/test/csp/browser.ini | 4 + dom/base/test/csp/browser_test_web_manifest.js | 265 +++++++++++++++++++++ .../csp/browser_test_web_manifest_mixed_content.js | 55 +++++ dom/base/test/csp/file_CSP_web_manifest.html | 6 + dom/base/test/csp/file_CSP_web_manifest.json | 1 + .../test/csp/file_CSP_web_manifest.json^headers^ | 1 + dom/base/test/csp/file_CSP_web_manifest_https.html | 4 + dom/base/test/csp/file_CSP_web_manifest_https.json | 1 + .../csp/file_CSP_web_manifest_mixed_content.html | 9 + .../test/csp/file_CSP_web_manifest_remote.html | 8 + dom/base/test/csp/file_csp_testserver.sjs | 14 +- dom/base/test/csp/mochitest.ini | 7 + dom/base/test/moz.build | 5 +- dom/fetch/InternalRequest.cpp | 3 + dom/fetch/InternalRequest.h | 2 +- .../security/nsIContentSecurityPolicy.idl | 3 +- dom/ipc/manifestMessages.js | 25 +- dom/security/nsCSPUtils.cpp | 7 + dom/security/nsCSPUtils.h | 10 +- dom/security/nsMixedContentBlocker.cpp | 1 + dom/webidl/CSPDictionaries.webidl | 1 + extensions/permissions/nsContentBlocker.cpp | 6 +- netwerk/mime/nsMimeTypes.h | 1 + 28 files changed, 439 insertions(+), 15 deletions(-) create mode 100644 dom/base/test/csp/browser.ini create mode 100644 dom/base/test/csp/browser_test_web_manifest.js create mode 100644 dom/base/test/csp/browser_test_web_manifest_mixed_content.js create mode 100644 dom/base/test/csp/file_CSP_web_manifest.html create mode 100644 dom/base/test/csp/file_CSP_web_manifest.json create mode 100644 dom/base/test/csp/file_CSP_web_manifest.json^headers^ create mode 100644 dom/base/test/csp/file_CSP_web_manifest_https.html create mode 100644 dom/base/test/csp/file_CSP_web_manifest_https.json create mode 100644 dom/base/test/csp/file_CSP_web_manifest_mixed_content.html create mode 100644 dom/base/test/csp/file_CSP_web_manifest_remote.html
2015-06-02 12:42:19 -07:00
case nsIContentPolicy::TYPE_WEB_MANIFEST:
context = RequestContext::Manifest;
Bug 1089255 - Implement and test manifest-src CSP directive. r=bholley, r=dveditz, r=ckerschb --- dom/base/nsContentPolicyUtils.h | 1 + dom/base/nsDataDocumentContentPolicy.cpp | 3 +- dom/base/nsIContentPolicy.idl | 2 +- dom/base/nsIContentPolicyBase.idl | 7 +- dom/base/nsISimpleContentPolicy.idl | 2 +- dom/base/test/csp/browser.ini | 4 + dom/base/test/csp/browser_test_web_manifest.js | 265 +++++++++++++++++++++ .../csp/browser_test_web_manifest_mixed_content.js | 55 +++++ dom/base/test/csp/file_CSP_web_manifest.html | 6 + dom/base/test/csp/file_CSP_web_manifest.json | 1 + .../test/csp/file_CSP_web_manifest.json^headers^ | 1 + dom/base/test/csp/file_CSP_web_manifest_https.html | 4 + dom/base/test/csp/file_CSP_web_manifest_https.json | 1 + .../csp/file_CSP_web_manifest_mixed_content.html | 9 + .../test/csp/file_CSP_web_manifest_remote.html | 8 + dom/base/test/csp/file_csp_testserver.sjs | 14 +- dom/base/test/csp/mochitest.ini | 7 + dom/base/test/moz.build | 5 +- dom/fetch/InternalRequest.cpp | 3 + dom/fetch/InternalRequest.h | 2 +- .../security/nsIContentSecurityPolicy.idl | 3 +- dom/ipc/manifestMessages.js | 25 +- dom/security/nsCSPUtils.cpp | 7 + dom/security/nsCSPUtils.h | 10 +- dom/security/nsMixedContentBlocker.cpp | 1 + dom/webidl/CSPDictionaries.webidl | 1 + extensions/permissions/nsContentBlocker.cpp | 6 +- netwerk/mime/nsMimeTypes.h | 1 + 28 files changed, 439 insertions(+), 15 deletions(-) create mode 100644 dom/base/test/csp/browser.ini create mode 100644 dom/base/test/csp/browser_test_web_manifest.js create mode 100644 dom/base/test/csp/browser_test_web_manifest_mixed_content.js create mode 100644 dom/base/test/csp/file_CSP_web_manifest.html create mode 100644 dom/base/test/csp/file_CSP_web_manifest.json create mode 100644 dom/base/test/csp/file_CSP_web_manifest.json^headers^ create mode 100644 dom/base/test/csp/file_CSP_web_manifest_https.html create mode 100644 dom/base/test/csp/file_CSP_web_manifest_https.json create mode 100644 dom/base/test/csp/file_CSP_web_manifest_mixed_content.html create mode 100644 dom/base/test/csp/file_CSP_web_manifest_remote.html
2015-06-02 12:42:19 -07:00
break;
default:
MOZ_ASSERT(false, "Unhandled nsContentPolicyType value");
break;
}
return context;
}
} // namespace dom
} // namespace mozilla