summaryrefslogtreecommitdiff
path: root/netwerk/protocol/http/nsIHstsPrimingCallback.idl
blob: 01f53a5b212d8201f4c23eab5865aa0c24926e5d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#include "nsISupports.idl"

/**
 * HSTS priming attempts to prevent mixed-content by looking for the
 * Strict-Transport-Security header as a signal from the server that it is
 * safe to upgrade HTTP to HTTPS.
 *
 * Since mixed-content blocking happens very early in the process in AsyncOpen2,
 * the status of mixed-content blocking is stored in the LoadInfo and then used
 * to determine whether to send a priming request or not.
 *
 * This interface is implemented by nsHttpChannel so that it can receive the
 * result of HSTS priming.
 */
[builtinclass, uuid(eca6daca-3f2a-4a2a-b3bf-9f24f79bc999)]
interface nsIHstsPrimingCallback : nsISupports
{
  /**
   * HSTS priming has succeeded with an STS header, and the site asserts it is
   * safe to upgrade the request from HTTP to HTTPS. The request may still be
   * blocked based on the user's preferences.
   *
   * May be invoked synchronously if HSTS priming has already been performed
   * for the host.
   *
   * @param aCached whether the result was already in the HSTS cache
   */
  [noscript, nostdcall]
  void onHSTSPrimingSucceeded(in bool aCached);
  /**
   * HSTS priming has seen no STS header, the request itself has failed,
   * or some other failure which does not constitute a positive signal that the
   * site can be upgraded safely to HTTPS. The request may still be allowed
   * based on the user's preferences.
   *
   * May be invoked synchronously if HSTS priming has already been performed
   * for the host.
   *
   * @param aError The error which caused this failure, or NS_ERROR_CONTENT_BLOCKED
   * @param aCached whether the result was already in the HSTS cache
   */
  [noscript, nostdcall]
  void onHSTSPrimingFailed(in nsresult aError, in bool aCached);
};