diff options
Diffstat (limited to 'netwerk/base')
| -rw-r--r-- | netwerk/base/LoadInfo.cpp | 60 | ||||
| -rw-r--r-- | netwerk/base/LoadInfo.h | 11 | ||||
| -rw-r--r-- | netwerk/base/moz.build | 1 | ||||
| -rw-r--r-- | netwerk/base/nsBufferedStreams.h | 8 | ||||
| -rw-r--r-- | netwerk/base/nsILoadInfo.idl | 22 | ||||
| -rw-r--r-- | netwerk/base/nsINetworkInterceptController.idl | 28 | ||||
| -rw-r--r-- | netwerk/base/nsIOService.cpp | 10 | ||||
| -rw-r--r-- | netwerk/base/nsIOService.h | 4 | ||||
| -rw-r--r-- | netwerk/base/nsITimedChannel.idl | 18 | ||||
| -rw-r--r-- | netwerk/base/nsIURI.idl | 60 | ||||
| -rw-r--r-- | netwerk/base/nsIURIWithQuery.idl | 30 | ||||
| -rw-r--r-- | netwerk/base/nsIURL.idl | 6 | ||||
| -rw-r--r-- | netwerk/base/nsSimpleURI.cpp | 6 | ||||
| -rw-r--r-- | netwerk/base/nsSimpleURI.h | 4 | ||||
| -rw-r--r-- | netwerk/base/nsStandardURL.cpp | 108 | ||||
| -rw-r--r-- | netwerk/base/nsStandardURL.h | 1 | ||||
| -rw-r--r-- | netwerk/base/security-prefs.js | 2 |
17 files changed, 279 insertions, 100 deletions
diff --git a/netwerk/base/LoadInfo.cpp b/netwerk/base/LoadInfo.cpp index 42fdea4a18..ede825b8f9 100644 --- a/netwerk/base/LoadInfo.cpp +++ b/netwerk/base/LoadInfo.cpp @@ -7,6 +7,7 @@ #include "mozilla/LoadInfo.h" #include "mozilla/Assertions.h" +#include "mozilla/dom/TabChild.h" #include "mozilla/dom/ToJSValue.h" #include "mozIThirdPartyUtil.h" #include "nsFrameLoader.h" @@ -47,12 +48,14 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, aTriggeringPrincipal : mLoadingPrincipal.get()) , mPrincipalToInherit(nullptr) , mLoadingContext(do_GetWeakReference(aLoadingContext)) + , mContextForTopLevelLoad(nullptr) , mSecurityFlags(aSecurityFlags) , mInternalContentPolicyType(aContentPolicyType) , mTainting(LoadTainting::Basic) , mUpgradeInsecureRequests(false) , mVerifySignedContent(false) , mEnforceSRI(false) + , mForceAllowDataURI(false) , mForceInheritPrincipalDropped(false) , mInnerWindowID(0) , mOuterWindowID(0) @@ -63,6 +66,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, , mIsThirdPartyContext(false) , mForcePreflight(false) , mIsPreflight(false) + , mLoadTriggeredFromExternal(false) , mForceHSTSPriming(false) , mMixedContentWouldBlock(false) { @@ -215,16 +219,19 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, */ LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow, nsIPrincipal* aTriggeringPrincipal, + nsISupports* aContextForTopLevelLoad, nsSecurityFlags aSecurityFlags) : mLoadingPrincipal(nullptr) , mTriggeringPrincipal(aTriggeringPrincipal) , mPrincipalToInherit(nullptr) + , mContextForTopLevelLoad(do_GetWeakReference(aContextForTopLevelLoad)) , mSecurityFlags(aSecurityFlags) , mInternalContentPolicyType(nsIContentPolicy::TYPE_DOCUMENT) , mTainting(LoadTainting::Basic) , mUpgradeInsecureRequests(false) , mVerifySignedContent(false) , mEnforceSRI(false) + , mForceAllowDataURI(false) , mForceInheritPrincipalDropped(false) , mInnerWindowID(0) , mOuterWindowID(0) @@ -235,6 +242,7 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow, , mIsThirdPartyContext(false) // NB: TYPE_DOCUMENT implies not third-party. , mForcePreflight(false) , mIsPreflight(false) + , mLoadTriggeredFromExternal(false) , mForceHSTSPriming(false) , mMixedContentWouldBlock(false) { @@ -276,12 +284,14 @@ LoadInfo::LoadInfo(const LoadInfo& rhs) , mTriggeringPrincipal(rhs.mTriggeringPrincipal) , mPrincipalToInherit(rhs.mPrincipalToInherit) , mLoadingContext(rhs.mLoadingContext) + , mContextForTopLevelLoad(rhs.mContextForTopLevelLoad) , mSecurityFlags(rhs.mSecurityFlags) , mInternalContentPolicyType(rhs.mInternalContentPolicyType) , mTainting(rhs.mTainting) , mUpgradeInsecureRequests(rhs.mUpgradeInsecureRequests) , mVerifySignedContent(rhs.mVerifySignedContent) , mEnforceSRI(rhs.mEnforceSRI) + , mForceAllowDataURI(rhs.mForceAllowDataURI) , mForceInheritPrincipalDropped(rhs.mForceInheritPrincipalDropped) , mInnerWindowID(rhs.mInnerWindowID) , mOuterWindowID(rhs.mOuterWindowID) @@ -297,6 +307,7 @@ LoadInfo::LoadInfo(const LoadInfo& rhs) , mCorsUnsafeHeaders(rhs.mCorsUnsafeHeaders) , mForcePreflight(rhs.mForcePreflight) , mIsPreflight(rhs.mIsPreflight) + , mLoadTriggeredFromExternal(rhs.mLoadTriggeredFromExternal) , mForceHSTSPriming(rhs.mForceHSTSPriming) , mMixedContentWouldBlock(rhs.mMixedContentWouldBlock) { @@ -311,6 +322,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, bool aUpgradeInsecureRequests, bool aVerifySignedContent, bool aEnforceSRI, + bool aForceAllowDataURI, bool aForceInheritPrincipalDropped, uint64_t aInnerWindowID, uint64_t aOuterWindowID, @@ -325,6 +337,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, const nsTArray<nsCString>& aCorsUnsafeHeaders, bool aForcePreflight, bool aIsPreflight, + bool aLoadTriggeredFromExternal, bool aForceHSTSPriming, bool aMixedContentWouldBlock) : mLoadingPrincipal(aLoadingPrincipal) @@ -336,6 +349,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, , mUpgradeInsecureRequests(aUpgradeInsecureRequests) , mVerifySignedContent(aVerifySignedContent) , mEnforceSRI(aEnforceSRI) + , mForceAllowDataURI(aForceAllowDataURI) , mForceInheritPrincipalDropped(aForceInheritPrincipalDropped) , mInnerWindowID(aInnerWindowID) , mOuterWindowID(aOuterWindowID) @@ -348,6 +362,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, , mCorsUnsafeHeaders(aCorsUnsafeHeaders) , mForcePreflight(aForcePreflight) , mIsPreflight(aIsPreflight) + , mLoadTriggeredFromExternal(aLoadTriggeredFromExternal) , mForceHSTSPriming (aForceHSTSPriming) , mMixedContentWouldBlock(aMixedContentWouldBlock) { @@ -477,6 +492,17 @@ LoadInfo::LoadingNode() return node; } +nsISupports* +LoadInfo::ContextForTopLevelLoad() +{ + // Most likely you want to query LoadingNode() instead of + // ContextForTopLevelLoad() if this assertion fires. + MOZ_ASSERT(mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT, + "should only query this context for top level document loads"); + nsCOMPtr<nsISupports> context = do_QueryReferent(mContextForTopLevelLoad); + return context; +} + NS_IMETHODIMP LoadInfo::GetSecurityFlags(nsSecurityFlags* aResult) { @@ -648,6 +674,23 @@ LoadInfo::GetEnforceSRI(bool* aResult) } NS_IMETHODIMP +LoadInfo::SetForceAllowDataURI(bool aForceAllowDataURI) +{ + MOZ_ASSERT(!mForceAllowDataURI || + mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT, + "can only allow data URI navigation for TYPE_DOCUMENT"); + mForceAllowDataURI = aForceAllowDataURI; + return NS_OK; +} + +NS_IMETHODIMP +LoadInfo::GetForceAllowDataURI(bool* aForceAllowDataURI) +{ + *aForceAllowDataURI = mForceAllowDataURI; + return NS_OK; +} + +NS_IMETHODIMP LoadInfo::GetForceInheritPrincipalDropped(bool* aResult) { *aResult = mForceInheritPrincipalDropped; @@ -873,6 +916,23 @@ LoadInfo::GetIsPreflight(bool* aIsPreflight) } NS_IMETHODIMP +LoadInfo::SetLoadTriggeredFromExternal(bool aLoadTriggeredFromExternal) +{ + MOZ_ASSERT(!aLoadTriggeredFromExternal || + mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT, + "can only set load triggered from external for TYPE_DOCUMENT"); + mLoadTriggeredFromExternal = aLoadTriggeredFromExternal; + return NS_OK; +} + +NS_IMETHODIMP +LoadInfo::GetLoadTriggeredFromExternal(bool* aLoadTriggeredFromExternal) +{ + *aLoadTriggeredFromExternal = mLoadTriggeredFromExternal; + return NS_OK; +} + +NS_IMETHODIMP LoadInfo::GetForceHSTSPriming(bool* aForceHSTSPriming) { *aForceHSTSPriming = mForceHSTSPriming; diff --git a/netwerk/base/LoadInfo.h b/netwerk/base/LoadInfo.h index 3e1b92ff4c..0ae6061b3e 100644 --- a/netwerk/base/LoadInfo.h +++ b/netwerk/base/LoadInfo.h @@ -59,10 +59,12 @@ public: nsSecurityFlags aSecurityFlags, nsContentPolicyType aContentPolicyType); - // Constructor used for TYPE_DOCUMENT loads which have no reasonable - // loadingNode or loadingPrincipal + // Constructor used for TYPE_DOCUMENT loads which have a different + // loadingContext than other loads. This ContextForTopLevelLoad is + // only used for content policy checks. LoadInfo(nsPIDOMWindowOuter* aOuterWindow, nsIPrincipal* aTriggeringPrincipal, + nsISupports* aContextForTopLevelLoad, nsSecurityFlags aSecurityFlags); // create an exact copy of the loadinfo @@ -94,6 +96,7 @@ private: bool aUpgradeInsecureRequests, bool aVerifySignedContent, bool aEnforceSRI, + bool aForceAllowDataURI, bool aForceInheritPrincipalDropped, uint64_t aInnerWindowID, uint64_t aOuterWindowID, @@ -108,6 +111,7 @@ private: const nsTArray<nsCString>& aUnsafeHeaders, bool aForcePreflight, bool aIsPreflight, + bool aLoadTriggeredFromExternal, bool aForceHSTSPriming, bool aMixedContentWouldBlock); LoadInfo(const LoadInfo& rhs); @@ -132,12 +136,14 @@ private: nsCOMPtr<nsIPrincipal> mTriggeringPrincipal; nsCOMPtr<nsIPrincipal> mPrincipalToInherit; nsWeakPtr mLoadingContext; + nsWeakPtr mContextForTopLevelLoad; nsSecurityFlags mSecurityFlags; nsContentPolicyType mInternalContentPolicyType; LoadTainting mTainting; bool mUpgradeInsecureRequests; bool mVerifySignedContent; bool mEnforceSRI; + bool mForceAllowDataURI; bool mForceInheritPrincipalDropped; uint64_t mInnerWindowID; uint64_t mOuterWindowID; @@ -152,6 +158,7 @@ private: nsTArray<nsCString> mCorsUnsafeHeaders; bool mForcePreflight; bool mIsPreflight; + bool mLoadTriggeredFromExternal; bool mForceHSTSPriming : 1; bool mMixedContentWouldBlock : 1; diff --git a/netwerk/base/moz.build b/netwerk/base/moz.build index 3b731db109..5de1eea81e 100644 --- a/netwerk/base/moz.build +++ b/netwerk/base/moz.build @@ -132,7 +132,6 @@ XPIDL_SOURCES += [ 'nsIURIClassifier.idl', 'nsIURIWithBlobImpl.idl', 'nsIURIWithPrincipal.idl', - 'nsIURIWithQuery.idl', 'nsIURL.idl', 'nsIURLParser.idl', 'nsPILoadGroupInternal.idl', diff --git a/netwerk/base/nsBufferedStreams.h b/netwerk/base/nsBufferedStreams.h index 93a770bebf..fee55695aa 100644 --- a/netwerk/base/nsBufferedStreams.h +++ b/netwerk/base/nsBufferedStreams.h @@ -88,10 +88,10 @@ protected: //////////////////////////////////////////////////////////////////////////////// -class nsBufferedOutputStream final : public nsBufferedStream, - public nsISafeOutputStream, - public nsIBufferedOutputStream, - public nsIStreamBufferAccess +class nsBufferedOutputStream : public nsBufferedStream, + public nsISafeOutputStream, + public nsIBufferedOutputStream, + public nsIStreamBufferAccess { public: NS_DECL_ISUPPORTS_INHERITED diff --git a/netwerk/base/nsILoadInfo.idl b/netwerk/base/nsILoadInfo.idl index 78433c8b88..4ec29b9725 100644 --- a/netwerk/base/nsILoadInfo.idl +++ b/netwerk/base/nsILoadInfo.idl @@ -324,6 +324,16 @@ interface nsILoadInfo : nsISupports nsINode binaryLoadingNode(); /** + * A C++ friendly version of the loadingContext for toplevel loads. + * Most likely you want to query the ownerDocument or LoadingNode + * and not this context only available for TYPE_DOCUMENT loads. + * Please note that except for loads of TYPE_DOCUMENT, this + * ContextForTopLevelLoad will always return null. + */ + [noscript, notxpcom, nostdcall, binaryname(ContextForTopLevelLoad)] + nsISupports binaryContextForTopLevelLoad(); + + /** * The securityFlags of that channel. */ readonly attribute nsSecurityFlags securityFlags; @@ -470,6 +480,11 @@ interface nsILoadInfo : nsISupports [infallible] attribute boolean enforceSRI; /** + * If true, toplevel data: URI navigation is allowed + */ + [infallible] attribute boolean forceAllowDataURI; + + /** * The SEC_FORCE_INHERIT_PRINCIPAL flag may be dropped when a load info * object is created. Specifically, it will be dropped if the SEC_SANDBOXED * flag is also present. This flag is set if SEC_FORCE_INHERIT_PRINCIPAL was @@ -575,6 +590,13 @@ interface nsILoadInfo : nsISupports [infallible] attribute boolean initialSecurityCheckDone; /** + * Returns true if the load was triggered from an external application + * (e.g. Thunderbird). Please note that this flag will only ever be true + * if the load is of TYPE_DOCUMENT. + */ + [infallible] attribute boolean loadTriggeredFromExternal; + + /** * Whenever a channel gets redirected, append the principal of the * channel [before the channels got redirected] to the loadinfo, * so that at every point this array lets us reason about all the diff --git a/netwerk/base/nsINetworkInterceptController.idl b/netwerk/base/nsINetworkInterceptController.idl index 17d27de42a..721b7a334d 100644 --- a/netwerk/base/nsINetworkInterceptController.idl +++ b/netwerk/base/nsINetworkInterceptController.idl @@ -14,12 +14,16 @@ interface nsIURI; %{C++ #include "nsIConsoleReportCollector.h" namespace mozilla { +class TimeStamp; + namespace dom { class ChannelInfo; } } %} +native TimeStamp(mozilla::TimeStamp); + [ptr] native ChannelInfo(mozilla::dom::ChannelInfo); /** @@ -97,6 +101,30 @@ interface nsIInterceptedChannel : nsISupports [noscript] readonly attribute nsIConsoleReportCollector consoleReportCollector; + /** + * Save the timestamps of various service worker interception phases. + */ + [noscript] + void SetLaunchServiceWorkerStart(in TimeStamp aTimeStamp); + + [noscript] + void SetLaunchServiceWorkerEnd(in TimeStamp aTimeStamp); + + [noscript] + void SetDispatchFetchEventStart(in TimeStamp aTimeStamp); + + [noscript] + void SetDispatchFetchEventEnd(in TimeStamp aTimeStamp); + + [noscript] + void SetHandleFetchEventStart(in TimeStamp aTimeStamp); + + [noscript] + void SetHandleFetchEventEnd(in TimeStamp aTimeStamp); + + [noscript] + void SaveTimeStampsToUnderlyingChannel(); + %{C++ already_AddRefed<nsIConsoleReportCollector> GetConsoleReportCollector() diff --git a/netwerk/base/nsIOService.cpp b/netwerk/base/nsIOService.cpp index 0da79c18ae..8b7f31f99d 100644 --- a/netwerk/base/nsIOService.cpp +++ b/netwerk/base/nsIOService.cpp @@ -173,6 +173,8 @@ uint32_t nsIOService::gDefaultSegmentCount = 24; bool nsIOService::sTelemetryEnabled = false; +bool nsIOService::sBlockToplevelDataUriNavigations = false; + //////////////////////////////////////////////////////////////////////////////// nsIOService::nsIOService() @@ -251,6 +253,8 @@ nsIOService::Init() NS_WARNING("failed to get observer service"); Preferences::AddBoolVarCache(&sTelemetryEnabled, "toolkit.telemetry.enabled", false); + Preferences::AddBoolVarCache(&sBlockToplevelDataUriNavigations, + "security.data_uri.block_toplevel_data_uri_navigations", false); Preferences::AddBoolVarCache(&mOfflineMirrorsConnectivity, OFFLINE_MIRRORS_CONNECTIVITY, true); gIOService = this; @@ -1876,5 +1880,11 @@ nsIOService::SpeculativeAnonymousConnect2(nsIURI *aURI, return SpeculativeConnectInternal(aURI, aPrincipal, aCallbacks, true); } +/*static*/ bool +nsIOService::BlockToplevelDataUriNavigations() +{ + return sBlockToplevelDataUriNavigations; +} + } // namespace net } // namespace mozilla diff --git a/netwerk/base/nsIOService.h b/netwerk/base/nsIOService.h index 7ac23b7910..e592c4d1c9 100644 --- a/netwerk/base/nsIOService.h +++ b/netwerk/base/nsIOService.h @@ -95,6 +95,8 @@ public: bool IsLinkUp(); + static bool BlockToplevelDataUriNavigations(); + // Used to trigger a recheck of the captive portal status nsresult RecheckCaptivePortal(); private: @@ -176,6 +178,8 @@ private: static bool sTelemetryEnabled; + static bool sBlockToplevelDataUriNavigations; + // These timestamps are needed for collecting telemetry on PR_Connect, // PR_ConnectContinue and PR_Close blocking time. If we spend very long // time in any of these functions we want to know if and what network diff --git a/netwerk/base/nsITimedChannel.idl b/netwerk/base/nsITimedChannel.idl index 13b65e7b82..83670a11e6 100644 --- a/netwerk/base/nsITimedChannel.idl +++ b/netwerk/base/nsITimedChannel.idl @@ -21,7 +21,8 @@ interface nsITimedChannel : nsISupports { attribute boolean timingEnabled; // The number of redirects - attribute uint16_t redirectCount; + attribute uint8_t redirectCount; + attribute uint8_t internalRedirectCount; [noscript] readonly attribute TimeStamp channelCreation; [noscript] readonly attribute TimeStamp asyncOpen; @@ -37,6 +38,15 @@ interface nsITimedChannel : nsISupports { [noscript] readonly attribute TimeStamp responseStart; [noscript] readonly attribute TimeStamp responseEnd; + // The following are only set when the request is intercepted by a service + // worker no matter the response is synthesized. + [noscript] attribute TimeStamp launchServiceWorkerStart; + [noscript] attribute TimeStamp launchServiceWorkerEnd; + [noscript] attribute TimeStamp dispatchFetchEventStart; + [noscript] attribute TimeStamp dispatchFetchEventEnd; + [noscript] attribute TimeStamp handleFetchEventStart; + [noscript] attribute TimeStamp handleFetchEventEnd; + // The redirect attributes timings must be writeble, se we can transfer // the data from one channel to the redirected channel. [noscript] attribute TimeStamp redirectStart; @@ -67,6 +77,12 @@ interface nsITimedChannel : nsISupports { // All following are PRTime versions of the above. readonly attribute PRTime channelCreationTime; readonly attribute PRTime asyncOpenTime; + readonly attribute PRTime launchServiceWorkerStartTime; + readonly attribute PRTime launchServiceWorkerEndTime; + readonly attribute PRTime dispatchFetchEventStartTime; + readonly attribute PRTime dispatchFetchEventEndTime; + readonly attribute PRTime handleFetchEventStartTime; + readonly attribute PRTime handleFetchEventEndTime; readonly attribute PRTime domainLookupStartTime; readonly attribute PRTime domainLookupEndTime; readonly attribute PRTime connectStartTime; diff --git a/netwerk/base/nsIURI.idl b/netwerk/base/nsIURI.idl index 2384c5fd99..ef163813aa 100644 --- a/netwerk/base/nsIURI.idl +++ b/netwerk/base/nsIURI.idl @@ -10,18 +10,18 @@ * provides accessors to set and query the most basic components of an URI. * Subclasses, including nsIURL, impose greater structure on the URI. * - * This interface follows Tim Berners-Lee's URI spec (RFC2396) [1], where the + * This interface follows Tim Berners-Lee's URI spec (RFC3986) [1], where the * basic URI components are defined as such: * <pre> - * ftp://username:password@hostname:portnumber/pathname#ref - * \ / \ / \ / \ /\ \ / - * - --------------- ------ -------- | - - * | | | | | | - * | | | | | Ref - * | | | Port \ / - * | | Host / -------- - * | UserPass / | - * Scheme / Path + * ftp://username:password@hostname:portnumber/pathname?query#ref + * \ / \ / \ / \ /\ / \ / \ / + * - --------------- ------ -------- ------- --- - + * | | | | | | | + * | | | | FilePath Query Ref + * | | | Port \ / + * | | Host / ------------ + * | UserPass / | + * Scheme / Path * \ / * -------------------------------- * | @@ -30,13 +30,9 @@ * The definition of the URI components has been extended to allow for * internationalized domain names [2] and the more generic IRI structure [3]. * - * Note also that the RFC defines #-separated fragment identifiers as being - * "not part of the URI". Despite this, we bundle them as part of the URI, for - * convenience. - * - * [1] http://www.ietf.org/rfc/rfc2396.txt - * [2] http://www.ietf.org/internet-drafts/draft-ietf-idn-idna-06.txt - * [3] http://www.ietf.org/internet-drafts/draft-masinter-url-i18n-08.txt + * [1] https://tools.ietf.org/html/rfc3986 + * [2] https://tools.ietf.org/html/rfc5890 + * [3] https://tools.ietf.org/html/rfc3987 */ %{C++ @@ -116,7 +112,7 @@ interface nsIURI : nsISupports /** * The Scheme is the protocol to which this URI refers. The scheme is - * restricted to the US-ASCII charset per RFC2396. Setting this is + * restricted to the US-ASCII charset per RFC3986. Setting this is * highly discouraged outside of a protocol handler implementation, since * that will generally lead to incorrect results. */ @@ -174,6 +170,9 @@ interface nsIURI : nsISupports * empty, depending on the protocol). * * Some characters may be escaped. + * + * This attribute contains query and ref parts for historical reasons. + * Use the 'filePath' attribute if you do not want those parts included. */ attribute AUTF8String path; @@ -281,10 +280,31 @@ interface nsIURI : nsISupports /** * returns a string for the current URI with the ref element cleared. */ - readonly attribute AUTF8String specIgnoringRef; + readonly attribute AUTF8String specIgnoringRef; /** * Returns if there is a reference portion (the part after the "#") of the URI. */ - readonly attribute boolean hasRef; + readonly attribute boolean hasRef; + + /************************************************************************ + * Additional attributes added for .query support: + */ + + /** + * Returns a path including the directory and file portions of a + * URL. For example, the filePath of "http://host/foo/bar.html#baz" + * is "/foo/bar.html". + * + * Some characters may be escaped. + */ + attribute AUTF8String filePath; + + /** + * Returns the query portion (the part after the "?") of the URL. + * If there isn't one, an empty string is returned. + * + * Some characters may be escaped. + */ + attribute AUTF8String query; }; diff --git a/netwerk/base/nsIURIWithQuery.idl b/netwerk/base/nsIURIWithQuery.idl deleted file mode 100644 index 749b2773d8..0000000000 --- a/netwerk/base/nsIURIWithQuery.idl +++ /dev/null @@ -1,30 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "nsIURI.idl" - -/** - * nsIURIWithQuery is implemented by URIs which have a query parameter. - * This is useful for the URL API. - */ -[scriptable, uuid(367510ee-8556-435a-8f99-b5fd357e08cc)] -interface nsIURIWithQuery : nsIURI -{ - /** - * Returns a path including the directory and file portions of a - * URL. For example, the filePath of "http://host/foo/bar.html#baz" - * is "/foo/bar.html". - * - * Some characters may be escaped. - */ - attribute AUTF8String filePath; - - /** - * Returns the query portion (the part after the "?") of the URL. - * If there isn't one, an empty string is returned. - * - * Some characters may be escaped. - */ - attribute AUTF8String query; -}; diff --git a/netwerk/base/nsIURL.idl b/netwerk/base/nsIURL.idl index aeaa3f6949..9ff6c3dcda 100644 --- a/netwerk/base/nsIURL.idl +++ b/netwerk/base/nsIURL.idl @@ -3,7 +3,7 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -#include "nsIURIWithQuery.idl" +#include "nsIURI.idl" /** * The nsIURL interface provides convenience methods that further @@ -20,7 +20,7 @@ * filePath */ [scriptable, uuid(86adcd89-0b70-47a2-b0fe-5bb2c5f37e31)] -interface nsIURL : nsIURIWithQuery +interface nsIURL : nsIURI { /************************************************************************* * The URL path is broken down into the following principal components: @@ -28,7 +28,7 @@ interface nsIURL : nsIURIWithQuery * attribute AUTF8String filePath; * attribute AUTF8String query; * - * These are inherited from nsIURIWithQuery. + * These are inherited from nsIURI. */ /************************************************************************* diff --git a/netwerk/base/nsSimpleURI.cpp b/netwerk/base/nsSimpleURI.cpp index ae5c51a1e5..dbc0dc8179 100644 --- a/netwerk/base/nsSimpleURI.cpp +++ b/netwerk/base/nsSimpleURI.cpp @@ -48,7 +48,7 @@ nsSimpleURI::~nsSimpleURI() NS_IMPL_ADDREF(nsSimpleURI) NS_IMPL_RELEASE(nsSimpleURI) NS_INTERFACE_TABLE_HEAD(nsSimpleURI) -NS_INTERFACE_TABLE(nsSimpleURI, nsIURI, nsIURIWithQuery, nsISerializable, +NS_INTERFACE_TABLE(nsSimpleURI, nsIURI, nsISerializable, nsIClassInfo, nsIMutable, nsIIPCSerializableURI) NS_INTERFACE_TABLE_TO_MAP_SEGUE if (aIID.Equals(kThisSimpleURIImplementationCID)) @@ -784,10 +784,6 @@ nsSimpleURI::SizeOfIncludingThis(MallocSizeOf aMallocSizeOf) const { return aMallocSizeOf(this) + SizeOfExcludingThis(aMallocSizeOf); } -//---------------------------------------------------------------------------- -// nsSimpleURI::nsIURIWithQuery -//---------------------------------------------------------------------------- - NS_IMETHODIMP nsSimpleURI::GetFilePath(nsACString& aFilePath) { diff --git a/netwerk/base/nsSimpleURI.h b/netwerk/base/nsSimpleURI.h index 29bc9b3139..842136ed63 100644 --- a/netwerk/base/nsSimpleURI.h +++ b/netwerk/base/nsSimpleURI.h @@ -8,7 +8,6 @@ #include "mozilla/MemoryReporting.h" #include "nsIURI.h" -#include "nsIURIWithQuery.h" #include "nsISerializable.h" #include "nsString.h" #include "nsIClassInfo.h" @@ -28,7 +27,7 @@ namespace net { } class nsSimpleURI - : public nsIURIWithQuery + : public nsIURI , public nsISerializable , public nsIClassInfo , public nsIMutable @@ -41,7 +40,6 @@ protected: public: NS_DECL_ISUPPORTS NS_DECL_NSIURI - NS_DECL_NSIURIWITHQUERY NS_DECL_NSISERIALIZABLE NS_DECL_NSICLASSINFO NS_DECL_NSIMUTABLE diff --git a/netwerk/base/nsStandardURL.cpp b/netwerk/base/nsStandardURL.cpp index bc1350f28f..e2a290e4dc 100644 --- a/netwerk/base/nsStandardURL.cpp +++ b/netwerk/base/nsStandardURL.cpp @@ -781,11 +781,13 @@ nsStandardURL::BuildNormalizedSpec(const char *spec) i = AppendSegmentToBuf(buf, i, spec, username, mUsername, &encUsername, useEncUsername, &diff); ShiftFromPassword(diff); - if (password.mLen >= 0) { + if (password.mLen > 0) { buf[i++] = ':'; i = AppendSegmentToBuf(buf, i, spec, password, mPassword, &encPassword, useEncPassword, &diff); ShiftFromHost(diff); + } else { + mPassword.mLen = -1; } buf[i++] = '@'; } @@ -1180,7 +1182,6 @@ NS_IMPL_RELEASE(nsStandardURL) NS_INTERFACE_MAP_BEGIN(nsStandardURL) NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIStandardURL) NS_INTERFACE_MAP_ENTRY(nsIURI) - NS_INTERFACE_MAP_ENTRY(nsIURIWithQuery) NS_INTERFACE_MAP_ENTRY(nsIURL) NS_INTERFACE_MAP_ENTRY_CONDITIONAL(nsIFileURL, mSupportsFileURL) NS_INTERFACE_MAP_ENTRY(nsIStandardURL) @@ -1483,6 +1484,11 @@ nsStandardURL::SetSpec(const nsACString &input) rv = BuildNormalizedSpec(spec); } + // Make sure that a URLTYPE_AUTHORITY has a non-empty hostname. + if (mURLType == URLTYPE_AUTHORITY && mHost.mLen == -1) { + rv = NS_ERROR_MALFORMED_URI; + } + if (NS_FAILED(rv)) { Clear(); // If parsing the spec has failed, restore the old URL @@ -1616,7 +1622,7 @@ nsStandardURL::SetUserPass(const nsACString &input) usernameLen), esc_Username | esc_AlwaysCopy, buf, ignoredOut); - if (passwordLen >= 0) { + if (passwordLen > 0) { buf.Append(':'); passwordLen = encoder.EncodeSegmentCount(userpass.get(), URLSegment(passwordPos, @@ -1624,6 +1630,8 @@ nsStandardURL::SetUserPass(const nsACString &input) esc_Password | esc_AlwaysCopy, buf, ignoredOut); + } else { + passwordLen = -1; } if (mUsername.mLen < 0) buf.Append('@'); @@ -1654,8 +1662,10 @@ nsStandardURL::SetUserPass(const nsACString &input) // update positions and lengths mUsername.mLen = usernameLen; mPassword.mLen = passwordLen; - if (passwordLen) + if (passwordLen > 0) { mPassword.mPos = mUsername.mPos + mUsername.mLen + 1; + } + return NS_OK; } @@ -3092,20 +3102,26 @@ nsStandardURL::SetFile(nsIFile *file) rv = net_GetURLSpecFromFile(file, url); if (NS_FAILED(rv)) return rv; - SetSpec(url); + uint32_t oldURLType = mURLType; + uint32_t oldDefaultPort = mDefaultPort; + rv = Init(nsIStandardURL::URLTYPE_NO_AUTHORITY, -1, url, nullptr, nullptr); - rv = Init(mURLType, mDefaultPort, url, nullptr, nullptr); + if (NS_FAILED(rv)) { + // Restore the old url type and default port if the call to Init fails. + mURLType = oldURLType; + mDefaultPort = oldDefaultPort; + return rv; + } // must clone |file| since its value is not guaranteed to remain constant - if (NS_SUCCEEDED(rv)) { - InvalidateCache(); - if (NS_FAILED(file->Clone(getter_AddRefs(mFile)))) { - NS_WARNING("nsIFile::Clone failed"); - // failure to clone is not fatal (GetFile will generate mFile) - mFile = nullptr; - } + InvalidateCache(); + if (NS_FAILED(file->Clone(getter_AddRefs(mFile)))) { + NS_WARNING("nsIFile::Clone failed"); + // failure to clone is not fatal (GetFile will generate mFile) + mFile = nullptr; } - return rv; + + return NS_OK; } //---------------------------------------------------------------------------- @@ -3425,10 +3441,29 @@ ToIPCSegment(const nsStandardURL::URLSegment& aSegment) } inline -nsStandardURL::URLSegment -FromIPCSegment(const ipc::StandardURLSegment& aSegment) +MOZ_MUST_USE bool +FromIPCSegment(const nsACString& aSpec, const ipc::StandardURLSegment& aSegment, nsStandardURL::URLSegment& aTarget) { - return nsStandardURL::URLSegment(aSegment.position(), aSegment.length()); + // This seems to be just an empty segment. + if (aSegment.length() == -1) { + aTarget = nsStandardURL::URLSegment(); + return true; + } + + // A value of -1 means an empty segment, but < -1 is undefined. + if (NS_WARN_IF(aSegment.length() < -1)) { + return false; + } + + // Make sure the segment does not extend beyond the spec. + if (NS_WARN_IF(aSegment.position() + aSegment.length() > aSpec.Length())) { + return false; + } + + aTarget.mPos = aSegment.position(); + aTarget.mLen = aSegment.length(); + + return true; } void @@ -3503,23 +3538,38 @@ nsStandardURL::Deserialize(const URIParams& aParams) mPort = params.port(); mDefaultPort = params.defaultPort(); mSpec = params.spec(); - mScheme = FromIPCSegment(params.scheme()); - mAuthority = FromIPCSegment(params.authority()); - mUsername = FromIPCSegment(params.username()); - mPassword = FromIPCSegment(params.password()); - mHost = FromIPCSegment(params.host()); - mPath = FromIPCSegment(params.path()); - mFilepath = FromIPCSegment(params.filePath()); - mDirectory = FromIPCSegment(params.directory()); - mBasename = FromIPCSegment(params.baseName()); - mExtension = FromIPCSegment(params.extension()); - mQuery = FromIPCSegment(params.query()); - mRef = FromIPCSegment(params.ref()); + + NS_ENSURE_TRUE(mSpec.Length() <= (uint32_t) net_GetURLMaxLength(), false); + NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.scheme(), mScheme), false); + NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.authority(), mAuthority), false); + NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.username(), mUsername), false); + NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.password(), mPassword), false); + NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.host(), mHost), false); + NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.path(), mPath), false); + NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.filePath(), mFilepath), false); + NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.directory(), mDirectory), false); + NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.baseName(), mBasename), false); + NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.extension(), mExtension), false); + NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.query(), mQuery), false); + NS_ENSURE_TRUE(FromIPCSegment(mSpec, params.ref(), mRef), false); + mOriginCharset = params.originCharset(); mMutable = params.isMutable(); mSupportsFileURL = params.supportsFileURL(); mHostEncoding = params.hostEncoding(); + // Some sanity checks + NS_ENSURE_TRUE(mScheme.mPos == 0, false); + NS_ENSURE_TRUE(mScheme.mLen > 0, false); + // Make sure scheme is followed by :// (3 characters) + NS_ENSURE_TRUE(mScheme.mLen < INT32_MAX - 3, false); // avoid overflow + NS_ENSURE_TRUE(mSpec.Length() >= (uint32_t) mScheme.mLen + 3, false); + NS_ENSURE_TRUE(nsDependentCSubstring(mSpec, mScheme.mLen, 3).EqualsLiteral("://"), false); + NS_ENSURE_TRUE(mPath.mLen != -1 && mSpec.CharAt(mPath.mPos) == '/', false); + NS_ENSURE_TRUE(mPath.mPos == mFilepath.mPos, false); + NS_ENSURE_TRUE(mQuery.mLen == -1 || mSpec.CharAt(mQuery.mPos - 1) == '?', false); + NS_ENSURE_TRUE(mRef.mLen == -1 || mSpec.CharAt(mRef.mPos - 1) == '#', false); + // mSpecEncoding and mHostA are just caches that can be recovered as needed. return true; } diff --git a/netwerk/base/nsStandardURL.h b/netwerk/base/nsStandardURL.h index 90f7f7db24..0ca345572a 100644 --- a/netwerk/base/nsStandardURL.h +++ b/netwerk/base/nsStandardURL.h @@ -54,7 +54,6 @@ protected: public: NS_DECL_ISUPPORTS NS_DECL_NSIURI - NS_DECL_NSIURIWITHQUERY NS_DECL_NSIURL NS_DECL_NSIFILEURL NS_DECL_NSISTANDARDURL diff --git a/netwerk/base/security-prefs.js b/netwerk/base/security-prefs.js index d1b56ce355..329a4c6b70 100644 --- a/netwerk/base/security-prefs.js +++ b/netwerk/base/security-prefs.js @@ -3,7 +3,7 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ pref("security.tls.version.min", 1); -pref("security.tls.version.max", 4); +pref("security.tls.version.max", 3); pref("security.tls.version.fallback-limit", 3); pref("security.tls.insecure_fallback_hosts", ""); pref("security.tls.unrestricted_rc4_fallback", false); |