mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 1157451. Make nsCORSListenerProxy::Init take an enum, not a boolean, to indicate what to do with data: URIs. And make it required, not defaulted to disallowing. r=smaug
This commit is contained in:
parent
733bf3e1d4
commit
ee1cd19f1a
@ -796,7 +796,7 @@ EventSource::InitChannelAndRequestEventSource()
|
|||||||
|
|
||||||
nsRefPtr<nsCORSListenerProxy> listener =
|
nsRefPtr<nsCORSListenerProxy> listener =
|
||||||
new nsCORSListenerProxy(this, mPrincipal, mWithCredentials);
|
new nsCORSListenerProxy(this, mPrincipal, mWithCredentials);
|
||||||
rv = listener->Init(mHttpChannel);
|
rv = listener->Init(mHttpChannel, DataURIHandling::Allow);
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
|
|
||||||
// Start reading from the channel
|
// Start reading from the channel
|
||||||
|
@ -504,7 +504,7 @@ ImportLoader::Open()
|
|||||||
nsRefPtr<nsCORSListenerProxy> corsListener =
|
nsRefPtr<nsCORSListenerProxy> corsListener =
|
||||||
new nsCORSListenerProxy(this, principal,
|
new nsCORSListenerProxy(this, principal,
|
||||||
/* aWithCredentials */ false);
|
/* aWithCredentials */ false);
|
||||||
rv = corsListener->Init(channel, true);
|
rv = corsListener->Init(channel, DataURIHandling::Allow);
|
||||||
NS_ENSURE_SUCCESS_VOID(rv);
|
NS_ENSURE_SUCCESS_VOID(rv);
|
||||||
|
|
||||||
rv = channel->AsyncOpen(corsListener, nullptr);
|
rv = channel->AsyncOpen(corsListener, nullptr);
|
||||||
|
@ -1221,7 +1221,7 @@ Navigator::SendBeacon(const nsAString& aUrl,
|
|||||||
principal,
|
principal,
|
||||||
true);
|
true);
|
||||||
|
|
||||||
rv = cors->Init(channel, true);
|
rv = cors->Init(channel, DataURIHandling::Allow);
|
||||||
NS_ENSURE_SUCCESS(rv, false);
|
NS_ENSURE_SUCCESS(rv, false);
|
||||||
|
|
||||||
nsCOMPtr<nsINetworkInterceptController> interceptController = do_QueryInterface(docShell);
|
nsCOMPtr<nsINetworkInterceptController> interceptController = do_QueryInterface(docShell);
|
||||||
|
@ -347,7 +347,7 @@ nsScriptLoader::StartLoad(nsScriptLoadRequest *aRequest, const nsAString &aType,
|
|||||||
nsRefPtr<nsCORSListenerProxy> corsListener =
|
nsRefPtr<nsCORSListenerProxy> corsListener =
|
||||||
new nsCORSListenerProxy(listener, mDocument->NodePrincipal(),
|
new nsCORSListenerProxy(listener, mDocument->NodePrincipal(),
|
||||||
withCredentials);
|
withCredentials);
|
||||||
rv = corsListener->Init(channel, true);
|
rv = corsListener->Init(channel, DataURIHandling::Allow);
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
listener = corsListener;
|
listener = corsListener;
|
||||||
}
|
}
|
||||||
|
@ -189,7 +189,7 @@ nsSyncLoader::LoadDocument(nsIChannel* aChannel,
|
|||||||
if (aLoaderPrincipal) {
|
if (aLoaderPrincipal) {
|
||||||
nsRefPtr<nsCORSListenerProxy> corsListener =
|
nsRefPtr<nsCORSListenerProxy> corsListener =
|
||||||
new nsCORSListenerProxy(listener, aLoaderPrincipal, false);
|
new nsCORSListenerProxy(listener, aLoaderPrincipal, false);
|
||||||
rv = corsListener->Init(mChannel);
|
rv = corsListener->Init(mChannel, DataURIHandling::Disallow);
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
listener = corsListener;
|
listener = corsListener;
|
||||||
}
|
}
|
||||||
|
@ -2889,7 +2889,7 @@ nsXMLHttpRequest::Send(nsIVariant* aVariant, const Nullable<RequestBody>& aBody)
|
|||||||
// a same-origin request right now, since it could be redirected.
|
// a same-origin request right now, since it could be redirected.
|
||||||
nsRefPtr<nsCORSListenerProxy> corsListener =
|
nsRefPtr<nsCORSListenerProxy> corsListener =
|
||||||
new nsCORSListenerProxy(listener, mPrincipal, withCredentials);
|
new nsCORSListenerProxy(listener, mPrincipal, withCredentials);
|
||||||
rv = corsListener->Init(mChannel, true);
|
rv = corsListener->Init(mChannel, DataURIHandling::Allow);
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
listener = corsListener;
|
listener = corsListener;
|
||||||
}
|
}
|
||||||
|
@ -501,7 +501,7 @@ FetchDriver::HttpFetch(bool aCORSFlag, bool aCORSPreflightFlag, bool aAuthentica
|
|||||||
// directly.
|
// directly.
|
||||||
nsRefPtr<nsCORSListenerProxy> corsListener =
|
nsRefPtr<nsCORSListenerProxy> corsListener =
|
||||||
new nsCORSListenerProxy(this, mPrincipal, useCredentials);
|
new nsCORSListenerProxy(this, mPrincipal, useCredentials);
|
||||||
rv = corsListener->Init(chan, true /* allow data uri */);
|
rv = corsListener->Init(chan, DataURIHandling::Allow);
|
||||||
if (NS_WARN_IF(NS_FAILED(rv))) {
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
||||||
return FailWithNetworkError();
|
return FailWithNetworkError();
|
||||||
}
|
}
|
||||||
|
@ -1275,7 +1275,7 @@ nsresult HTMLMediaElement::LoadResource()
|
|||||||
new nsCORSListenerProxy(loadListener,
|
new nsCORSListenerProxy(loadListener,
|
||||||
NodePrincipal(),
|
NodePrincipal(),
|
||||||
GetCORSMode() == CORS_USE_CREDENTIALS);
|
GetCORSMode() == CORS_USE_CREDENTIALS);
|
||||||
rv = corsListener->Init(channel, true);
|
rv = corsListener->Init(channel, DataURIHandling::Allow);
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
listener = corsListener;
|
listener = corsListener;
|
||||||
} else {
|
} else {
|
||||||
|
@ -619,7 +619,7 @@ nsresult ChannelMediaResource::OpenChannel(nsIStreamListener** aStreamListener)
|
|||||||
element->NodePrincipal(),
|
element->NodePrincipal(),
|
||||||
false);
|
false);
|
||||||
NS_ENSURE_TRUE(crossSiteListener, NS_ERROR_OUT_OF_MEMORY);
|
NS_ENSURE_TRUE(crossSiteListener, NS_ERROR_OUT_OF_MEMORY);
|
||||||
rv = crossSiteListener->Init(mChannel, true);
|
rv = crossSiteListener->Init(mChannel, DataURIHandling::Allow);
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
listener = crossSiteListener;
|
listener = crossSiteListener;
|
||||||
} else {
|
} else {
|
||||||
|
@ -471,7 +471,7 @@ nsCORSListenerProxy::~nsCORSListenerProxy()
|
|||||||
}
|
}
|
||||||
|
|
||||||
nsresult
|
nsresult
|
||||||
nsCORSListenerProxy::Init(nsIChannel* aChannel, bool aAllowDataURI)
|
nsCORSListenerProxy::Init(nsIChannel* aChannel, DataURIHandling aAllowDataURI)
|
||||||
{
|
{
|
||||||
aChannel->GetNotificationCallbacks(getter_AddRefs(mOuterNotificationCallbacks));
|
aChannel->GetNotificationCallbacks(getter_AddRefs(mOuterNotificationCallbacks));
|
||||||
aChannel->SetNotificationCallbacks(this);
|
aChannel->SetNotificationCallbacks(this);
|
||||||
@ -798,7 +798,7 @@ nsCORSListenerProxy::OnRedirectVerifyCallback(nsresult result)
|
|||||||
NS_ASSERTION(mNewRedirectChannel, "mNewRedirectChannel not set in callback");
|
NS_ASSERTION(mNewRedirectChannel, "mNewRedirectChannel not set in callback");
|
||||||
|
|
||||||
if (NS_SUCCEEDED(result)) {
|
if (NS_SUCCEEDED(result)) {
|
||||||
nsresult rv = UpdateChannel(mNewRedirectChannel);
|
nsresult rv = UpdateChannel(mNewRedirectChannel, DataURIHandling::Disallow);
|
||||||
if (NS_FAILED(rv)) {
|
if (NS_FAILED(rv)) {
|
||||||
NS_WARNING("nsCORSListenerProxy::OnRedirectVerifyCallback: "
|
NS_WARNING("nsCORSListenerProxy::OnRedirectVerifyCallback: "
|
||||||
"UpdateChannel() returned failure");
|
"UpdateChannel() returned failure");
|
||||||
@ -818,7 +818,8 @@ nsCORSListenerProxy::OnRedirectVerifyCallback(nsresult result)
|
|||||||
}
|
}
|
||||||
|
|
||||||
nsresult
|
nsresult
|
||||||
nsCORSListenerProxy::UpdateChannel(nsIChannel* aChannel, bool aAllowDataURI)
|
nsCORSListenerProxy::UpdateChannel(nsIChannel* aChannel,
|
||||||
|
DataURIHandling aAllowDataURI)
|
||||||
{
|
{
|
||||||
nsCOMPtr<nsIURI> uri, originalURI;
|
nsCOMPtr<nsIURI> uri, originalURI;
|
||||||
nsresult rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(uri));
|
nsresult rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(uri));
|
||||||
@ -827,7 +828,7 @@ nsCORSListenerProxy::UpdateChannel(nsIChannel* aChannel, bool aAllowDataURI)
|
|||||||
NS_ENSURE_SUCCESS(rv, rv);
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
|
|
||||||
// exempt data URIs from the same origin check.
|
// exempt data URIs from the same origin check.
|
||||||
if (aAllowDataURI && originalURI == uri) {
|
if (aAllowDataURI == DataURIHandling::Allow && originalURI == uri) {
|
||||||
bool dataScheme = false;
|
bool dataScheme = false;
|
||||||
rv = uri->SchemeIs("data", &dataScheme);
|
rv = uri->SchemeIs("data", &dataScheme);
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
@ -1240,7 +1241,7 @@ NS_StartCORSPreflight(nsIChannel* aRequestChannel,
|
|||||||
new nsCORSListenerProxy(preflightListener, aPrincipal,
|
new nsCORSListenerProxy(preflightListener, aPrincipal,
|
||||||
aWithCredentials, method,
|
aWithCredentials, method,
|
||||||
aUnsafeHeaders);
|
aUnsafeHeaders);
|
||||||
rv = corsListener->Init(preflightChannel);
|
rv = corsListener->Init(preflightChannel, DataURIHandling::Disallow);
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
preflightListener = corsListener;
|
preflightListener = corsListener;
|
||||||
|
|
||||||
|
@ -29,6 +29,12 @@ NS_StartCORSPreflight(nsIChannel* aRequestChannel,
|
|||||||
nsTArray<nsCString>& aACUnsafeHeaders,
|
nsTArray<nsCString>& aACUnsafeHeaders,
|
||||||
nsIChannel** aPreflightChannel);
|
nsIChannel** aPreflightChannel);
|
||||||
|
|
||||||
|
enum class DataURIHandling
|
||||||
|
{
|
||||||
|
Allow,
|
||||||
|
Disallow
|
||||||
|
};
|
||||||
|
|
||||||
class nsCORSListenerProxy final : public nsIStreamListener,
|
class nsCORSListenerProxy final : public nsIStreamListener,
|
||||||
public nsIInterfaceRequestor,
|
public nsIInterfaceRequestor,
|
||||||
public nsIChannelEventSink,
|
public nsIChannelEventSink,
|
||||||
@ -56,14 +62,14 @@ public:
|
|||||||
|
|
||||||
static void Shutdown();
|
static void Shutdown();
|
||||||
|
|
||||||
nsresult Init(nsIChannel* aChannel, bool aAllowDataURI = false);
|
nsresult Init(nsIChannel* aChannel, DataURIHandling aAllowDataURI);
|
||||||
|
|
||||||
void SetInterceptController(nsINetworkInterceptController* aInterceptController);
|
void SetInterceptController(nsINetworkInterceptController* aInterceptController);
|
||||||
|
|
||||||
private:
|
private:
|
||||||
~nsCORSListenerProxy();
|
~nsCORSListenerProxy();
|
||||||
|
|
||||||
nsresult UpdateChannel(nsIChannel* aChannel, bool aAllowDataURI = false);
|
nsresult UpdateChannel(nsIChannel* aChannel, DataURIHandling aAllowDataURI);
|
||||||
nsresult CheckRequestApproved(nsIRequest* aRequest);
|
nsresult CheckRequestApproved(nsIRequest* aRequest);
|
||||||
|
|
||||||
nsCOMPtr<nsIStreamListener> mOuterListener;
|
nsCOMPtr<nsIStreamListener> mOuterListener;
|
||||||
|
@ -505,7 +505,7 @@ txCompileObserver::startLoad(nsIURI* aUri, txStylesheetCompiler* aCompiler,
|
|||||||
// Always install in case of redirects
|
// Always install in case of redirects
|
||||||
nsRefPtr<nsCORSListenerProxy> listener =
|
nsRefPtr<nsCORSListenerProxy> listener =
|
||||||
new nsCORSListenerProxy(sink, aReferrerPrincipal, false);
|
new nsCORSListenerProxy(sink, aReferrerPrincipal, false);
|
||||||
rv = listener->Init(channel);
|
rv = listener->Init(channel, DataURIHandling::Disallow);
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
|
|
||||||
return channel->AsyncOpen(listener, parser);
|
return channel->AsyncOpen(listener, parser);
|
||||||
|
@ -1674,7 +1674,7 @@ imgLoader::ValidateRequestWithNewChannel(imgRequest* request,
|
|||||||
bool withCredentials = aCORSMode == imgIRequest::CORS_USE_CREDENTIALS;
|
bool withCredentials = aCORSMode == imgIRequest::CORS_USE_CREDENTIALS;
|
||||||
nsRefPtr<nsCORSListenerProxy> corsproxy =
|
nsRefPtr<nsCORSListenerProxy> corsproxy =
|
||||||
new nsCORSListenerProxy(listener, aLoadingPrincipal, withCredentials);
|
new nsCORSListenerProxy(listener, aLoadingPrincipal, withCredentials);
|
||||||
rv = corsproxy->Init(newChannel, true);
|
rv = corsproxy->Init(newChannel, DataURIHandling::Allow);
|
||||||
if (NS_FAILED(rv)) {
|
if (NS_FAILED(rv)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
@ -2251,7 +2251,7 @@ imgLoader::LoadImage(nsIURI* aURI,
|
|||||||
|
|
||||||
nsRefPtr<nsCORSListenerProxy> corsproxy =
|
nsRefPtr<nsCORSListenerProxy> corsproxy =
|
||||||
new nsCORSListenerProxy(pl, aLoadingPrincipal, withCredentials);
|
new nsCORSListenerProxy(pl, aLoadingPrincipal, withCredentials);
|
||||||
rv = corsproxy->Init(newChannel, true);
|
rv = corsproxy->Init(newChannel, DataURIHandling::Allow);
|
||||||
if (NS_FAILED(rv)) {
|
if (NS_FAILED(rv)) {
|
||||||
PR_LOG(GetImgLog(), PR_LOG_DEBUG,
|
PR_LOG(GetImgLog(), PR_LOG_DEBUG,
|
||||||
("[this=%p] imgLoader::LoadImage -- nsCORSListenerProxy "
|
("[this=%p] imgLoader::LoadImage -- nsCORSListenerProxy "
|
||||||
|
@ -511,7 +511,9 @@ FontFaceSet::StartLoad(gfxUserFontEntry* aUserFontEntry,
|
|||||||
} else {
|
} else {
|
||||||
nsRefPtr<nsCORSListenerProxy> listener =
|
nsRefPtr<nsCORSListenerProxy> listener =
|
||||||
new nsCORSListenerProxy(streamLoader, aUserFontEntry->GetPrincipal(), false);
|
new nsCORSListenerProxy(streamLoader, aUserFontEntry->GetPrincipal(), false);
|
||||||
rv = listener->Init(channel);
|
// Doesn't matter what data: URI handling we use here, since we
|
||||||
|
// don't even use a CORS listener proxy for the data: case.
|
||||||
|
rv = listener->Init(channel, DataURIHandling::Disallow);
|
||||||
if (NS_SUCCEEDED(rv)) {
|
if (NS_SUCCEEDED(rv)) {
|
||||||
rv = channel->AsyncOpen(listener, nullptr);
|
rv = channel->AsyncOpen(listener, nullptr);
|
||||||
}
|
}
|
||||||
|
@ -1670,7 +1670,7 @@ Loader::LoadSheet(SheetLoadData* aLoadData, StyleSheetState aSheetState)
|
|||||||
nsRefPtr<nsCORSListenerProxy> corsListener =
|
nsRefPtr<nsCORSListenerProxy> corsListener =
|
||||||
new nsCORSListenerProxy(streamLoader, aLoadData->mLoaderPrincipal,
|
new nsCORSListenerProxy(streamLoader, aLoadData->mLoaderPrincipal,
|
||||||
withCredentials);
|
withCredentials);
|
||||||
rv = corsListener->Init(channel, true);
|
rv = corsListener->Init(channel, DataURIHandling::Allow);
|
||||||
if (NS_FAILED(rv)) {
|
if (NS_FAILED(rv)) {
|
||||||
#ifdef DEBUG
|
#ifdef DEBUG
|
||||||
mSyncCallback = false;
|
mSyncCallback = false;
|
||||||
|
Loading…
Reference in New Issue
Block a user