diff options
| author | Moonchild <mcwerewolf@gmail.com> | 2017-11-22 09:34:23 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-11-22 09:34:23 +0100 |
| commit | 2a607818634a4b429e8165753876b4272cfa09ee (patch) | |
| tree | f7f0c85382426154ed953fd46f71bc110fde7ff8 /netwerk | |
| parent | 8167b87bc3f0cb68e53dea50a2bd990d6115cab0 (diff) | |
| parent | 2788d6de8326670362d5b4516f4d36d6f2edb667 (diff) | |
| download | palemoon-gre-2a607818634a4b429e8165753876b4272cfa09ee.tar.gz | |
Merge pull request #1489 from JustOff/PR_nosniff_skip_redirects
Skip `XCTO: nosniff` check in case of 30x response
Diffstat (limited to 'netwerk')
| -rw-r--r-- | netwerk/protocol/http/nsHttpChannel.cpp | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp index 7da796ed5..c75d41198 100644 --- a/netwerk/protocol/http/nsHttpChannel.cpp +++ b/netwerk/protocol/http/nsHttpChannel.cpp @@ -163,6 +163,13 @@ WillRedirect(const nsHttpResponseHead * response) response->PeekHeader(nsHttp::Location); } +// This is required to bypass XCTO: nosniff check +bool +WillRedirectOrNotModified(const nsHttpResponseHead * response) +{ + return WillRedirect(response) || response->Status() == 304; +} + } // unnamed namespace nsresult @@ -1315,8 +1322,9 @@ nsHttpChannel::ProcessAltService() nsresult ProcessXCTO(nsHttpResponseHead* aResponseHead, nsILoadInfo* aLoadInfo) { - if (!aResponseHead || !aLoadInfo) { + if (!aResponseHead || WillRedirectOrNotModified(aResponseHead) || !aLoadInfo) { // if there is no response head or no loadInfo, then there is nothing to do + // we also skip the check in case of 30x response return NS_OK; } |