Bug 803225 - Mixed Content Blocker - Check for other secure schemes, in additon to https. (r=bz)

2024-09-13 09:24:08 -07:00 · 2012-11-16 12:40:07 -08:00 · 2012-11-16 12:40:07 -08:00 · baf68086ff
commit baf68086ff
parent dd6833d56d
4 changed files with 46 additions and 12 deletions
--- a/content/base/src/nsMixedContentBlocker.cpp
+++ b/content/base/src/nsMixedContentBlocker.cpp
@ -12,6 +12,7 @@
 #include "nsISecurityEventSink.h"
 #include "nsIWebProgressListener.h"
 #include "nsContentUtils.h"
+#include "nsNetUtil.h"
 #include "mozilla/Preferences.h"

 using namespace mozilla;
@ -53,7 +54,7 @@ private:
  // the document that caused the load.
  nsCOMPtr<nsISupports> mContext;

-  // The type of mixed content that was blocked, i.e. active or display
+  // The type of mixed content that was blocked, e.g. active or display
  unsigned short mType;
 };
 */
@ -94,8 +95,9 @@ nsMixedContentBlocker::ShouldLoad(uint32_t aContentType,
    return NS_OK;
  }

-  // Top-level load cannot be mixed content so allow it
-  if (aContentType == nsIContentPolicy::TYPE_DOCUMENT) {
+  // Top-level load cannot be mixed content so allow it.
+  // Creating insecure websocket connections in a secure page is blocked already in websocket constructor.
+  if (aContentType == nsIContentPolicy::TYPE_DOCUMENT || aContentType == nsIContentPolicy::TYPE_WEBSOCKET) {
    return NS_OK;
  }

@ -124,11 +126,36 @@ nsMixedContentBlocker::ShouldLoad(uint32_t aContentType,
    return NS_OK;
  }

-  // Get the scheme of the sub-document resource to be requested. If it is
-  // an HTTPS load then mixed content doesn't apply.
-  bool isHttps;
-  if (NS_FAILED(aContentLocation->SchemeIs("https", &isHttps)) || isHttps) {
-    return NS_OK;
+ /* Get the scheme of the sub-document resource to be requested. If it is
+  * a safe to load in an https context then mixed content doesn't apply.
+  *
+  * Check Protocol Flags to determine if scheme is safe to load:
+  * URI_DOES_NOT_RETURN_DATA - e.g.
+  *   "mailto"
+  * URI_IS_LOCAL_RESOURCE - e.g.
+  *   "data",
+  *   "resource",
+  *   "moz-icon"
+  * URI_INHERITS_SECURITY_CONTEXT - e.g.
+  *   "javascript"
+  * URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT - e.g.
+  *   "https",
+  *   "moz-safe-about"
+  *
+  */
+  bool schemeLocal = false;
+  bool schemeNoReturnData = false;
+  bool schemeInherits = false;
+  bool schemeSecure = false;
+  if (NS_FAILED(NS_URIChainHasFlags(aContentLocation, nsIProtocolHandler::URI_IS_LOCAL_RESOURCE , &schemeLocal))  ||
+      NS_FAILED(NS_URIChainHasFlags(aContentLocation, nsIProtocolHandler::URI_DOES_NOT_RETURN_DATA, &schemeNoReturnData)) ||
+      NS_FAILED(NS_URIChainHasFlags(aContentLocation, nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT, &schemeInherits)) ||
+      NS_FAILED(NS_URIChainHasFlags(aContentLocation, nsIProtocolHandler::URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT, &schemeSecure))) {
+    return NS_ERROR_FAILURE;
+  }
+
+  if (schemeLocal || schemeNoReturnData || schemeInherits || schemeSecure) {
+     return NS_OK;
  }

  // If we are here we have mixed content.
@ -195,9 +222,9 @@ nsMixedContentBlocker::ShouldProcess(uint32_t aContentType,
                                     nsIPrincipal* aRequestPrincipal,
                                     int16_t* aDecision)
 {
-  if(!aContentLocation) {
+  if (!aContentLocation) {
    // aContentLocation may be null when a plugin is loading without an associated URI resource
-    if(aContentType == TYPE_OBJECT) {
+    if (aContentType == TYPE_OBJECT) {
       return NS_OK;
    } else {
       return NS_ERROR_FAILURE;
--- a/netwerk/base/public/nsIProtocolHandler.idl
+++ b/netwerk/base/public/nsIProtocolHandler.idl
@ -246,6 +246,13 @@ interface nsIProtocolHandler : nsISupports
     */
    const unsigned long URI_SYNC_LOAD_IS_OK = (1<<17);

+    /**
+     * URI is secure to load in an https page and should not be blocked
+     * by nsMixedContentBlocker
+     */
+    const unsigned long URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT = (1<<18);
+
+
 };

 %{C++
--- a/netwerk/protocol/about/nsAboutProtocolHandler.cpp
+++ b/netwerk/protocol/about/nsAboutProtocolHandler.cpp
@ -192,7 +192,7 @@ nsSafeAboutProtocolHandler::GetDefaultPort(int32_t *result)
 NS_IMETHODIMP
 nsSafeAboutProtocolHandler::GetProtocolFlags(uint32_t *result)
 {
-    *result = URI_NORELATIVE | URI_NOAUTH | URI_LOADABLE_BY_ANYONE;
+    *result = URI_NORELATIVE | URI_NOAUTH | URI_LOADABLE_BY_ANYONE | URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT;
    return NS_OK;
 }

--- a/netwerk/protocol/http/nsHttpHandler.cpp
+++ b/netwerk/protocol/http/nsHttpHandler.cpp
@ -1708,7 +1708,7 @@ nsHttpsHandler::GetDefaultPort(int32_t *aPort)
 NS_IMETHODIMP
 nsHttpsHandler::GetProtocolFlags(uint32_t *aProtocolFlags)
 {
-    *aProtocolFlags = NS_HTTP_PROTOCOL_FLAGS;
+    *aProtocolFlags = NS_HTTP_PROTOCOL_FLAGS | URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT;
    return NS_OK;
 }