Bug 1153936 - nsIHttpChannelInteral attribute to opt out of alt-svc on per channel basis r=hurley

2024-09-13 09:24:08 -07:00 · 2015-04-13 12:59:34 -04:00 · 2015-04-13 12:59:34 -04:00 · 2ef0ab6fab
commit 2ef0ab6fab
parent 1008b389ec
8 changed files with 41 additions and 3 deletions
--- a/netwerk/ipc/NeckoChannelParams.ipdlh
+++ b/netwerk/ipc/NeckoChannelParams.ipdlh
@ -52,6 +52,7 @@ struct HttpChannelOpenArgs
  bool                        chooseApplicationCache;
  nsCString                   appCacheClientID;
  bool                        allowSpdy;
+  bool                        allowAltSvc;
  OptionalFileDescriptorSet   fds;
  PrincipalInfo               requestingPrincipalInfo;
  PrincipalInfo               triggeringPrincipalInfo;
--- a/netwerk/protocol/http/HttpBaseChannel.cpp
+++ b/netwerk/protocol/http/HttpBaseChannel.cpp
@ -68,6 +68,7 @@ HttpBaseChannel::HttpBaseChannel()
  , mTracingEnabled(true)
  , mTimingEnabled(false)
  , mAllowSpdy(true)
+  , mAllowAltSvc(true)
  , mResponseTimeoutEnabled(true)
  , mAllRedirectsSameOrigin(true)
  , mAllRedirectsPassTimingAllowCheck(true)
@ -1815,6 +1816,22 @@ HttpBaseChannel::SetAllowSpdy(bool aAllowSpdy)
  return NS_OK;
 }

+NS_IMETHODIMP
+HttpBaseChannel::GetAllowAltSvc(bool *aAllowAltSvc)
+{
+  NS_ENSURE_ARG_POINTER(aAllowAltSvc);
+
+  *aAllowAltSvc = mAllowAltSvc;
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+HttpBaseChannel::SetAllowAltSvc(bool aAllowAltSvc)
+{
+  mAllowAltSvc = aAllowAltSvc;
+  return NS_OK;
+}
+
 NS_IMETHODIMP
 HttpBaseChannel::GetApiRedirectToURI(nsIURI ** aResult)
 {
@ -2272,6 +2289,7 @@ HttpBaseChannel::SetupReplacementChannel(nsIURI       *newURI,
    // Convey third party cookie and spdy flags.
    httpInternal->SetThirdPartyFlags(mThirdPartyFlags);
    httpInternal->SetAllowSpdy(mAllowSpdy);
+    httpInternal->SetAllowAltSvc(mAllowAltSvc);

    // update the DocumentURI indicator since we are being redirected.
    // if this was a top-level document channel, then the new channel
--- a/netwerk/protocol/http/HttpBaseChannel.h
+++ b/netwerk/protocol/http/HttpBaseChannel.h
@ -179,6 +179,8 @@ public:
  NS_IMETHOD GetRemotePort(int32_t* port) override;
  NS_IMETHOD GetAllowSpdy(bool *aAllowSpdy) override;
  NS_IMETHOD SetAllowSpdy(bool aAllowSpdy) override;
+  NS_IMETHOD GetAllowAltSvc(bool *aAllowAltSvc) override;
+  NS_IMETHOD SetAllowAltSvc(bool aAllowAltSvc) override;
  NS_IMETHOD GetApiRedirectToURI(nsIURI * *aApiRedirectToURI) override;
  nsresult AddSecurityMessage(const nsAString &aMessageTag, const nsAString &aMessageCategory);
  NS_IMETHOD TakeAllSecurityMessages(nsCOMArray<nsISecurityConsoleMessage> &aMessages) override;
@ -368,6 +370,7 @@ protected:
  // True if timing collection is enabled
  uint32_t                          mTimingEnabled              : 1;
  uint32_t                          mAllowSpdy                  : 1;
+  uint32_t                          mAllowAltSvc                : 1;
  uint32_t                          mResponseTimeoutEnabled     : 1;
  // A flag that should be false only if a cross-domain redirect occurred
  uint32_t                          mAllRedirectsSameOrigin     : 1;
--- a/netwerk/protocol/http/HttpChannelChild.cpp
+++ b/netwerk/protocol/http/HttpChannelChild.cpp
@ -1631,6 +1631,7 @@ HttpChannelChild::ContinueAsyncOpen()
  openArgs.chooseApplicationCache() = mChooseApplicationCache;
  openArgs.appCacheClientID() = appCacheClientId;
  openArgs.allowSpdy() = mAllowSpdy;
+  openArgs.allowAltSvc() = mAllowAltSvc;

  propagateLoadInfo(mLoadInfo, openArgs);

--- a/netwerk/protocol/http/HttpChannelParent.cpp
+++ b/netwerk/protocol/http/HttpChannelParent.cpp
@ -108,7 +108,7 @@ HttpChannelParent::Init(const HttpChannelCreationArgs& aArgs)
                       a.redirectionLimit(), a.allowPipelining(), a.allowSTS(),
                       a.thirdPartyFlags(), a.resumeAt(), a.startPos(),
                       a.entityID(), a.chooseApplicationCache(),
-                       a.appCacheClientID(), a.allowSpdy(), a.fds(),
+                       a.appCacheClientID(), a.allowSpdy(), a.allowAltSvc(), a.fds(),
                       a.requestingPrincipalInfo(), a.triggeringPrincipalInfo(),
                       a.securityFlags(), a.contentPolicyType(), a.innerWindowID());
  }
@ -196,6 +196,7 @@ HttpChannelParent::DoAsyncOpen(  const URIParams&           aURI,
                                 const bool&                chooseApplicationCache,
                                 const nsCString&           appCacheClientID,
                                 const bool&                allowSpdy,
+                                 const bool&                allowAltSvc,
                                 const OptionalFileDescriptorSet& aFds,
                                 const ipc::PrincipalInfo&  aRequestingPrincipalInfo,
                                 const ipc::PrincipalInfo&  aTriggeringPrincipalInfo,
@ -329,6 +330,7 @@ HttpChannelParent::DoAsyncOpen(  const URIParams&           aURI,
  mChannel->SetAllowSTS(allowSTS);
  mChannel->SetThirdPartyFlags(thirdPartyFlags);
  mChannel->SetAllowSpdy(allowSpdy);
+  mChannel->SetAllowAltSvc(allowAltSvc);

  nsCOMPtr<nsIApplicationCacheChannel> appCacheChan =
    do_QueryObject(mChannel);
--- a/netwerk/protocol/http/HttpChannelParent.h
+++ b/netwerk/protocol/http/HttpChannelParent.h
@ -110,6 +110,7 @@ protected:
                   const bool&                chooseApplicationCache,
                   const nsCString&           appCacheClientID,
                   const bool&                allowSpdy,
+                   const bool&                allowAltSvc,
                   const OptionalFileDescriptorSet& aFds,
                   const ipc::PrincipalInfo&  aRequestingPrincipalInfo,
                   const ipc::PrincipalInfo&  aTriggeringPrincipalInfo,
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@ -1263,6 +1263,10 @@ nsHttpChannel::ProcessAltService()
    // protocol-id   = token ; percent-encoded ALPN protocol identifier
    // alt-authority = quoted-string ;  containing [ uri-host ] ":" port

+    if (!mAllowAltSvc) { // per channel opt out
+        return;
+    }
+
    if (!gHttpHandler->AllowAltSvc() || (mCaps & NS_HTTP_DISALLOW_SPDY)) {
        return;
    }
@ -4824,7 +4828,8 @@ nsHttpChannel::BeginConnect()
    mRequestHead.SetOrigin(scheme, host, port);

    nsRefPtr<AltSvcMapping> mapping;
-    if ((scheme.Equals(NS_LITERAL_CSTRING("http")) ||
+    if (mAllowAltSvc && // per channel
+        (scheme.Equals(NS_LITERAL_CSTRING("http")) ||
         scheme.Equals(NS_LITERAL_CSTRING("https"))) &&
        (!proxyInfo || proxyInfo->IsDirect()) &&
        (mapping = gHttpHandler->GetAltServiceMapping(scheme,
--- a/netwerk/protocol/http/nsIHttpChannelInternal.idl
+++ b/netwerk/protocol/http/nsIHttpChannelInternal.idl
@ -38,7 +38,8 @@ interface nsIHttpUpgradeListener : nsISupports
 * using any feature exposed by this interface, be aware that this interface
 * will change and you will be broken.  You have been warned.
 */
-[scriptable, uuid(ad8192a1-668e-4a47-bd77-081eb23e50fa)]
+[scriptable, uuid(26833ec7-4555-4f23-9281-3a12d4b76db1)]
+
 interface nsIHttpChannelInternal : nsISupports
 {
    /**
@ -206,6 +207,12 @@ interface nsIHttpChannelInternal : nsISupports
     */
    readonly attribute nsIURI apiRedirectToURI;

+    /**
+     * Enable/Disable use of Alternate Services with this channel.
+     * The network.http.altsvc.enabled preference is still a pre-requisite.
+     */
+    attribute boolean allowAltSvc;
+
    /**
     * Add a new nsIPrincipal to the redirect chain. This is the only way to
     * write to nsIRedirectHistory.redirects.