Bug 1398229 - Save-link-as feature should use the loading principal - implementation of nsIContentPolicy.TYPE_SAVE_AS_DOWNLOAD

author: janekptacijarabaci <janekptacijarabaci@seznam.cz> 2018-06-17 09:35:48 +0200
committer: janekptacijarabaci <janekptacijarabaci@seznam.cz> 2018-06-17 09:35:48 +0200
commit: 07ee0792c9664d649fae8ae530b27462ee45f530 (patch)
tree: 47536f5fe5f03b41e1868df5e360dfabfef28751 /dom
parent: 1f6068bc695b8bee56f0a99e4343ff138b1ee188 (diff)
download: uxp-07ee0792c9664d649fae8ae530b27462ee45f530.tar.gz
7 files changed, 25 insertions, 2 deletions
diff --git a/dom/base/nsContentPolicyUtils.h b/dom/base/nsContentPolicyUtils.h
index ed0544226e..f530f9be9e 100644
--- a/dom/base/nsContentPolicyUtils.h
+++ b/dom/base/nsContentPolicyUtils.h
@@ -115,6 +115,7 @@ NS_CP_ContentTypeName(uint32_t contentType)
     CASE_RETURN( TYPE_FETCH                       );
     CASE_RETURN( TYPE_IMAGESET                    );
     CASE_RETURN( TYPE_WEB_MANIFEST                );
+    CASE_RETURN( TYPE_SAVEAS_DOWNLOAD             );
     CASE_RETURN( TYPE_INTERNAL_SCRIPT             );
     CASE_RETURN( TYPE_INTERNAL_WORKER             );
     CASE_RETURN( TYPE_INTERNAL_SHARED_WORKER      );
@@ -236,7 +237,7 @@ NS_CheckContentLoadPolicy(uint32_t          contentType,
     CHECK_PRINCIPAL_AND_DATA(ShouldLoad);
     if (policyService) {
         CHECK_CONTENT_POLICY_WITH_SERVICE(ShouldLoad, policyService);
-    }
+y
     CHECK_CONTENT_POLICY(ShouldLoad);
 }
 
diff --git a/dom/base/nsIContentPolicyBase.idl b/dom/base/nsIContentPolicyBase.idl
index 884e3d96d0..0520ebacca 100644
--- a/dom/base/nsIContentPolicyBase.idl
+++ b/dom/base/nsIContentPolicyBase.idl
@@ -182,6 +182,11 @@ interface nsIContentPolicyBase : nsISupports
   const nsContentPolicyType TYPE_WEB_MANIFEST = 22;
 
   /**
+   * Indicates an save-as link download from the front-end code.
+   */
+  const nsContentPolicyType TYPE_SAVEAS_DOWNLOAD = 43;
+
+  /**
    * Indicates an internal constant for scripts loaded through script
    * elements.
    *
diff --git a/dom/cache/DBSchema.cpp b/dom/cache/DBSchema.cpp
index d16ba2d6ab..975fe87422 100644
--- a/dom/cache/DBSchema.cpp
+++ b/dom/cache/DBSchema.cpp
@@ -269,6 +269,7 @@ static_assert(nsIContentPolicy::TYPE_INVALID == 0 &&
               nsIContentPolicy::TYPE_FETCH == 20 &&
               nsIContentPolicy::TYPE_IMAGESET == 21 &&
               nsIContentPolicy::TYPE_WEB_MANIFEST == 22 &&
+              nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD == 43 &&
               nsIContentPolicy::TYPE_INTERNAL_SCRIPT == 23 &&
               nsIContentPolicy::TYPE_INTERNAL_WORKER == 24 &&
               nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER == 25 &&
diff --git a/dom/fetch/InternalRequest.cpp b/dom/fetch/InternalRequest.cpp
index 85feabde3d..b2631da6a1 100644
--- a/dom/fetch/InternalRequest.cpp
+++ b/dom/fetch/InternalRequest.cpp
@@ -320,6 +320,9 @@ InternalRequest::MapContentPolicyTypeToRequestContext(nsContentPolicyType aConte
   case nsIContentPolicy::TYPE_WEB_MANIFEST:
     context = RequestContext::Manifest;
     break;
+  case nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD:
+    context = RequestContext::Internal;
+    break;
   default:
     MOZ_ASSERT(false, "Unhandled nsContentPolicyType value");
     break;
diff --git a/dom/fetch/InternalRequest.h b/dom/fetch/InternalRequest.h
index 84ee0bf69e..9664906750 100644
--- a/dom/fetch/InternalRequest.h
+++ b/dom/fetch/InternalRequest.h
@@ -53,7 +53,7 @@ namespace dom {
  * image             | TYPE_INTERNAL_IMAGE, TYPE_INTERNAL_IMAGE_PRELOAD, TYPE_INTERNAL_IMAGE_FAVICON
  * imageset          | TYPE_IMAGESET
  * import            | Not supported by Gecko
- * internal          | TYPE_DOCUMENT, TYPE_XBL, TYPE_OTHER
+ * internal          | TYPE_DOCUMENT, TYPE_XBL, TYPE_OTHER, TYPE_SAVEAS_DOWNLOAD
  * location          |
  * manifest          | TYPE_WEB_MANIFEST
  * object            | TYPE_INTERNAL_OBJECT
diff --git a/dom/security/nsContentSecurityManager.cpp b/dom/security/nsContentSecurityManager.cpp
index f329aa7239..4ee9b48777 100644
--- a/dom/security/nsContentSecurityManager.cpp
+++ b/dom/security/nsContentSecurityManager.cpp
@@ -471,6 +471,12 @@ DoContentSecurityChecks(nsIChannel* aChannel, nsILoadInfo* aLoadInfo)
       break;
     }
 
+    case nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD: {
+      mimeTypeGuess = EmptyCString();
+      requestingContext = aLoadInfo->LoadingNode();
+      break;
+    }
+
     default:
       // nsIContentPolicy::TYPE_INVALID
       MOZ_ASSERT(false, "can not perform security check without a valid contentType");
diff --git a/dom/security/nsMixedContentBlocker.cpp b/dom/security/nsMixedContentBlocker.cpp
index 7d50a43a3e..c03628da0b 100644
--- a/dom/security/nsMixedContentBlocker.cpp
+++ b/dom/security/nsMixedContentBlocker.cpp
@@ -468,6 +468,13 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
       *aDecision = ACCEPT;
       return NS_OK;
 
+    // Creating insecure connections for a save-as link download is acceptable.
+    // This download is completely disconnected from the docShell, but still
+    // using the same loading principal.
+    case TYPE_SAVEAS_DOWNLOAD:
+      *aDecision = ACCEPT;
+      return NS_OK;
+
     // Static display content is considered moderate risk for mixed content so
     // these will be blocked according to the mixed display preference
     case TYPE_IMAGE:
author	janekptacijarabaci <janekptacijarabaci@seznam.cz>	2018-06-17 09:35:48 +0200
committer	janekptacijarabaci <janekptacijarabaci@seznam.cz>	2018-06-17 09:35:48 +0200
commit	07ee0792c9664d649fae8ae530b27462ee45f530 (patch)
tree	47536f5fe5f03b41e1868df5e360dfabfef28751 /dom
parent	1f6068bc695b8bee56f0a99e4343ff138b1ee188 (diff)
download	uxp-07ee0792c9664d649fae8ae530b27462ee45f530.tar.gz