search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge mozilla-central to autoland. CLOSED TREE
[gecko.git] / netwerk / base / LoadInfo.cpp
blob6be031113fb1197aa6eecbf6fc109147ca6ee5b1
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7 #include "mozilla/LoadInfo.h"
8
9 #include "js/Array.h" // JS::NewArrayObject
10 #include "js/PropertyAndElement.h" // JS_DefineElement
11 #include "mozilla/Assertions.h"
12 #include "mozilla/ExpandedPrincipal.h"
13 #include "mozilla/dom/CanonicalBrowsingContext.h"
14 #include "mozilla/dom/ClientIPCTypes.h"
15 #include "mozilla/dom/ClientSource.h"
16 #include "mozilla/dom/ContentChild.h"
17 #include "mozilla/dom/Performance.h"
18 #include "mozilla/dom/PerformanceStorage.h"
19 #include "mozilla/dom/BrowserChild.h"
20 #include "mozilla/dom/ToJSValue.h"
21 #include "mozilla/dom/BrowsingContext.h"
22 #include "mozilla/dom/WindowGlobalParent.h"
23 #include "mozilla/dom/nsHTTPSOnlyUtils.h"
24 #include "mozilla/net/CookieJarSettings.h"
25 #include "mozilla/NullPrincipal.h"
26 #include "mozilla/StaticPrefs_network.h"
27 #include "mozilla/StaticPrefs_security.h"
28 #include "mozIThirdPartyUtil.h"
29 #include "ThirdPartyUtil.h"
30 #include "nsFrameLoader.h"
31 #include "nsFrameLoaderOwner.h"
32 #include "nsIContentSecurityPolicy.h"
33 #include "nsIDocShell.h"
34 #include "mozilla/dom/Document.h"
35 #include "nsIHttpChannel.h"
36 #include "nsIHttpChannelInternal.h"
37 #include "nsIInterfaceRequestorUtils.h"
38 #include "nsIScriptElement.h"
39 #include "nsISupportsImpl.h"
40 #include "nsISupportsUtils.h"
41 #include "nsIXPConnect.h"
42 #include "nsDocShell.h"
43 #include "nsGlobalWindowInner.h"
44 #include "nsMixedContentBlocker.h"
45 #include "nsQueryObject.h"
46 #include "nsRedirectHistoryEntry.h"
47 #include "nsSandboxFlags.h"
48 #include "nsICookieService.h"
49
50 using namespace mozilla::dom;
51
52 namespace mozilla::net {
53
54 static nsCString CurrentRemoteType() {
55 MOZ_ASSERT(XRE_IsParentProcess() || XRE_IsContentProcess());
56 if (ContentChild* cc = ContentChild::GetSingleton()) {
57 return nsCString(cc->GetRemoteType());
58 }
59 return NOT_REMOTE_TYPE;
60 }
61
62 static nsContentPolicyType InternalContentPolicyTypeForFrame(
63 CanonicalBrowsingContext* aBrowsingContext) {
64 const auto& maybeEmbedderElementType =
65 aBrowsingContext->GetEmbedderElementType();
66 MOZ_ASSERT(maybeEmbedderElementType.isSome());
67 auto embedderElementType = maybeEmbedderElementType.value();
68
69 // Assign same type as in nsDocShell::DetermineContentType.
70 // N.B. internal content policy type will never be TYPE_DOCUMENT
71 return embedderElementType.EqualsLiteral("iframe")
72 ? nsIContentPolicy::TYPE_INTERNAL_IFRAME
73 : nsIContentPolicy::TYPE_INTERNAL_FRAME;
74 }
75
76 /* static */ already_AddRefed<LoadInfo> LoadInfo::CreateForDocument(
77 dom::CanonicalBrowsingContext* aBrowsingContext, nsIURI* aURI,
78 nsIPrincipal* aTriggeringPrincipal, const nsACString& aTriggeringRemoteType,
79 const OriginAttributes& aOriginAttributes, nsSecurityFlags aSecurityFlags,
80 uint32_t aSandboxFlags) {
81 return MakeAndAddRef<LoadInfo>(aBrowsingContext, aURI, aTriggeringPrincipal,
82 aTriggeringRemoteType, aOriginAttributes,
83 aSecurityFlags, aSandboxFlags);
84 }
85
86 /* static */ already_AddRefed<LoadInfo> LoadInfo::CreateForFrame(
87 dom::CanonicalBrowsingContext* aBrowsingContext,
88 nsIPrincipal* aTriggeringPrincipal, const nsACString& aTriggeringRemoteType,
89 nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags) {
90 return MakeAndAddRef<LoadInfo>(aBrowsingContext, aTriggeringPrincipal,
91 aTriggeringRemoteType, aSecurityFlags,
92 aSandboxFlags);
93 }
94
95 /* static */ already_AddRefed<LoadInfo> LoadInfo::CreateForNonDocument(
96 dom::WindowGlobalParent* aParentWGP, nsIPrincipal* aTriggeringPrincipal,
97 nsContentPolicyType aContentPolicyType, nsSecurityFlags aSecurityFlags,
98 uint32_t aSandboxFlags) {
99 return MakeAndAddRef<LoadInfo>(
100 aParentWGP, aTriggeringPrincipal, aParentWGP->GetRemoteType(),
101 aContentPolicyType, aSecurityFlags, aSandboxFlags);
102 }
103
104 LoadInfo::LoadInfo(
105 nsIPrincipal* aLoadingPrincipal, nsIPrincipal* aTriggeringPrincipal,
106 nsINode* aLoadingContext, nsSecurityFlags aSecurityFlags,
107 nsContentPolicyType aContentPolicyType,
108 const Maybe<mozilla::dom::ClientInfo>& aLoadingClientInfo,
109 const Maybe<mozilla::dom::ServiceWorkerDescriptor>& aController,
110 uint32_t aSandboxFlags, bool aSkipCheckForBrokenURLOrZeroSized)
111 : mLoadingPrincipal(aLoadingContext ? aLoadingContext->NodePrincipal()
112 : aLoadingPrincipal),
113 mTriggeringPrincipal(aTriggeringPrincipal ? aTriggeringPrincipal
114 : mLoadingPrincipal.get()),
115 mTriggeringRemoteType(CurrentRemoteType()),
116 mSandboxedNullPrincipalID(nsID::GenerateUUID()),
117 mClientInfo(aLoadingClientInfo),
118 mController(aController),
119 mLoadingContext(do_GetWeakReference(aLoadingContext)),
120 mSecurityFlags(aSecurityFlags),
121 mSandboxFlags(aSandboxFlags),
122 mInternalContentPolicyType(aContentPolicyType),
123 mSkipCheckForBrokenURLOrZeroSized(aSkipCheckForBrokenURLOrZeroSized) {
124 MOZ_ASSERT(mLoadingPrincipal);
125 MOZ_ASSERT(mTriggeringPrincipal);
126
127 #ifdef DEBUG
128 // TYPE_DOCUMENT loads initiated by javascript tests will go through
129 // nsIOService and use the wrong constructor. Don't enforce the
130 // !TYPE_DOCUMENT check in those cases
131 bool skipContentTypeCheck = false;
132 skipContentTypeCheck =
133 Preferences::GetBool("network.loadinfo.skip_type_assertion");
134 #endif
135
136 // This constructor shouldn't be used for TYPE_DOCUMENT loads that don't
137 // have a loadingPrincipal
138 MOZ_ASSERT(skipContentTypeCheck || mLoadingPrincipal ||
139 mInternalContentPolicyType != nsIContentPolicy::TYPE_DOCUMENT);
140
141 // We should only get an explicit controller for subresource requests.
142 MOZ_DIAGNOSTIC_ASSERT(aController.isNothing() ||
143 !nsContentUtils::IsNonSubresourceInternalPolicyType(
144 mInternalContentPolicyType));
145
146 // TODO(bug 1259873): Above, we initialize mIsThirdPartyContext to false
147 // meaning that consumers of LoadInfo that don't pass a context or pass a
148 // context from which we can't find a window will default to assuming that
149 // they're 1st party. It would be nice if we could default "safe" and assume
150 // that we are 3rd party until proven otherwise.
151
152 // if consumers pass both, aLoadingContext and aLoadingPrincipal
153 // then the loadingPrincipal must be the same as the node's principal
154 MOZ_ASSERT(!aLoadingContext || !aLoadingPrincipal ||
155 aLoadingContext->NodePrincipal() == aLoadingPrincipal);
156
157 // if the load is sandboxed, we can not also inherit the principal
158 if (mSandboxFlags & SANDBOXED_ORIGIN) {
159 mForceInheritPrincipalDropped =
160 (mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
161 mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
162 }
163
164 ExtContentPolicyType externalType =
165 nsContentUtils::InternalContentPolicyTypeToExternal(aContentPolicyType);
166
167 if (aLoadingContext) {
168 // Ensure that all network requests for a window client have the ClientInfo
169 // properly set. Workers must currently pass the loading ClientInfo
170 // explicitly. We allow main thread requests to explicitly pass the value as
171 // well.
172 if (mClientInfo.isNothing()) {
173 mClientInfo = aLoadingContext->OwnerDoc()->GetClientInfo();
174 }
175
176 // For subresource loads set the service worker based on the calling
177 // context's controller. Workers must currently pass the controller in
178 // explicitly. We allow main thread requests to explicitly pass the value
179 // as well, but otherwise extract from the loading context here.
180 if (mController.isNothing() &&
181 !nsContentUtils::IsNonSubresourceInternalPolicyType(
182 mInternalContentPolicyType)) {
183 mController = aLoadingContext->OwnerDoc()->GetController();
184 }
185
186 nsCOMPtr<nsPIDOMWindowOuter> contextOuter =
187 aLoadingContext->OwnerDoc()->GetWindow();
188 if (contextOuter) {
189 ComputeIsThirdPartyContext(contextOuter);
190 RefPtr<dom::BrowsingContext> bc = contextOuter->GetBrowsingContext();
191 MOZ_ASSERT(bc);
192 mBrowsingContextID = bc->Id();
193
194 nsGlobalWindowInner* innerWindow =
195 nsGlobalWindowInner::Cast(contextOuter->GetCurrentInnerWindow());
196 if (innerWindow) {
197 mTopLevelPrincipal = innerWindow->GetTopLevelAntiTrackingPrincipal();
198
199 if (!mTopLevelPrincipal &&
200 externalType == ExtContentPolicy::TYPE_SUBDOCUMENT && bc->IsTop()) {
201 // If this is the first level iframe, innerWindow is our top-level
202 // principal.
203 mTopLevelPrincipal = innerWindow->GetPrincipal();
204 }
205 }
206
207 // Let's inherit the cookie behavior and permission from the parent
208 // document.
209 mCookieJarSettings = aLoadingContext->OwnerDoc()->CookieJarSettings();
210 }
211
212 mInnerWindowID = aLoadingContext->OwnerDoc()->InnerWindowID();
213 RefPtr<WindowContext> ctx = WindowContext::GetById(mInnerWindowID);
214 if (ctx) {
215 mLoadingEmbedderPolicy = ctx->GetEmbedderPolicy();
216 }
217 mDocumentHasUserInteracted =
218 aLoadingContext->OwnerDoc()->UserHasInteracted();
219
220 // Inherit HTTPS-Only Mode flags from parent document.
221 mHttpsOnlyStatus |= nsHTTPSOnlyUtils::GetStatusForSubresourceLoad(
222 aLoadingContext->OwnerDoc()->HttpsOnlyStatus());
223
224 // When the element being loaded is a frame, we choose the frame's window
225 // for the window ID and the frame element's window as the parent
226 // window. This is the behavior that Chrome exposes to add-ons.
227 // NB: If the frameLoaderOwner doesn't have a frame loader, then the load
228 // must be coming from an object (such as a plugin) that's loaded into it
229 // instead of a document being loaded. In that case, treat this object like
230 // any other non-document-loading element.
231 RefPtr<nsFrameLoaderOwner> frameLoaderOwner =
232 do_QueryObject(aLoadingContext);
233 RefPtr<nsFrameLoader> fl =
234 frameLoaderOwner ? frameLoaderOwner->GetFrameLoader() : nullptr;
235 if (fl) {
236 nsCOMPtr<nsIDocShell> docShell = fl->GetDocShell(IgnoreErrors());
237 if (docShell) {
238 nsCOMPtr<nsPIDOMWindowOuter> outerWindow = do_GetInterface(docShell);
239 if (outerWindow) {
240 RefPtr<dom::BrowsingContext> bc = outerWindow->GetBrowsingContext();
241 mFrameBrowsingContextID = bc ? bc->Id() : 0;
242 }
243 }
244 }
245
246 // if the document forces all mixed content to be blocked, then we
247 // store that bit for all requests on the loadinfo.
248 mBlockAllMixedContent =
249 aLoadingContext->OwnerDoc()->GetBlockAllMixedContent(false) ||
250 (nsContentUtils::IsPreloadType(mInternalContentPolicyType) &&
251 aLoadingContext->OwnerDoc()->GetBlockAllMixedContent(true));
252
253 if (mLoadingPrincipal && BasePrincipal::Cast(mTriggeringPrincipal)
254 ->OverridesCSP(mLoadingPrincipal)) {
255 // if the load is triggered by an addon which potentially overrides the
256 // CSP of the document, then do not force insecure requests to be
257 // upgraded.
258 mUpgradeInsecureRequests = false;
259 } else {
260 // if the document forces all requests to be upgraded from http to https,
261 // then we should do that for all requests. If it only forces preloads to
262 // be upgraded then we should enforce upgrade insecure requests only for
263 // preloads.
264 mUpgradeInsecureRequests =
265 aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(false) ||
266 (nsContentUtils::IsPreloadType(mInternalContentPolicyType) &&
267 aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(true));
268 }
269
270 if (nsMixedContentBlocker::IsUpgradableContentType(
271 mInternalContentPolicyType, /* aConsiderPrefs */ false)) {
272 // Check the load is within a secure context but ignore loopback URLs
273 if (mLoadingPrincipal->GetIsOriginPotentiallyTrustworthy() &&
274 !mLoadingPrincipal->GetIsLoopbackHost()) {
275 if (nsMixedContentBlocker::IsUpgradableContentType(
276 mInternalContentPolicyType, /* aConsiderPrefs */ true)) {
277 mBrowserUpgradeInsecureRequests = true;
278 } else {
279 mBrowserWouldUpgradeInsecureRequests = true;
280 }
281 }
282 }
283 }
284 mOriginAttributes = mLoadingPrincipal->OriginAttributesRef();
285
286 // We need to do this after inheriting the document's origin attributes
287 // above, in case the loading principal ends up being the system principal.
288 if (aLoadingContext) {
289 nsCOMPtr<nsILoadContext> loadContext =
290 aLoadingContext->OwnerDoc()->GetLoadContext();
291 nsCOMPtr<nsIDocShell> docShell = aLoadingContext->OwnerDoc()->GetDocShell();
292 if (loadContext && docShell &&
293 docShell->GetBrowsingContext()->IsContent()) {
294 bool usePrivateBrowsing;
295 nsresult rv = loadContext->GetUsePrivateBrowsing(&usePrivateBrowsing);
296 if (NS_SUCCEEDED(rv)) {
297 mOriginAttributes.SyncAttributesWithPrivateBrowsing(usePrivateBrowsing);
298 }
299 }
300
301 if (!loadContext) {
302 // Things like svg documents being used as images don't have a load
303 // context or a docshell, in that case try to inherit private browsing
304 // from the documents channel (which is how we determine which imgLoader
305 // is used).
306 nsCOMPtr<nsIChannel> channel = aLoadingContext->OwnerDoc()->GetChannel();
307 if (channel) {
308 mOriginAttributes.SyncAttributesWithPrivateBrowsing(
309 NS_UsePrivateBrowsing(channel));
310 }
311 }
312
313 // For chrome docshell, the mPrivateBrowsingId remains 0 even its
314 // UsePrivateBrowsing() is true, so we only update the mPrivateBrowsingId in
315 // origin attributes if the type of the docshell is content.
316 MOZ_ASSERT(!docShell || !docShell->GetBrowsingContext()->IsChrome() ||
317 mOriginAttributes.mPrivateBrowsingId == 0,
318 "chrome docshell shouldn't have mPrivateBrowsingId set.");
319 }
320 }
321
322 /* Constructor takes an outer window, but no loadingNode or loadingPrincipal.
323 * This constructor should only be used for TYPE_DOCUMENT loads, since they
324 * have a null loadingNode and loadingPrincipal.
325 */
326 LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow, nsIURI* aURI,
327 nsIPrincipal* aTriggeringPrincipal,
328 nsISupports* aContextForTopLevelLoad,
329 nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags)
330 : mTriggeringPrincipal(aTriggeringPrincipal),
331 mTriggeringRemoteType(CurrentRemoteType()),
332 mSandboxedNullPrincipalID(nsID::GenerateUUID()),
333 mContextForTopLevelLoad(do_GetWeakReference(aContextForTopLevelLoad)),
334 mSecurityFlags(aSecurityFlags),
335 mSandboxFlags(aSandboxFlags),
336 mInternalContentPolicyType(nsIContentPolicy::TYPE_DOCUMENT) {
337 // Top-level loads are never third-party
338 // Grab the information we can out of the window.
339 MOZ_ASSERT(aOuterWindow);
340 MOZ_ASSERT(mTriggeringPrincipal);
341
342 // if the load is sandboxed, we can not also inherit the principal
343 if (mSandboxFlags & SANDBOXED_ORIGIN) {
344 mForceInheritPrincipalDropped =
345 (mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
346 mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
347 }
348
349 RefPtr<BrowsingContext> bc = aOuterWindow->GetBrowsingContext();
350 mBrowsingContextID = bc ? bc->Id() : 0;
351
352 // This should be removed in bug 1618557
353 nsGlobalWindowInner* innerWindow =
354 nsGlobalWindowInner::Cast(aOuterWindow->GetCurrentInnerWindow());
355 if (innerWindow) {
356 mTopLevelPrincipal = innerWindow->GetTopLevelAntiTrackingPrincipal();
357 }
358
359 // get the docshell from the outerwindow, and then get the originattributes
360 nsCOMPtr<nsIDocShell> docShell = aOuterWindow->GetDocShell();
361 MOZ_ASSERT(docShell);
362 mOriginAttributes = nsDocShell::Cast(docShell)->GetOriginAttributes();
363
364 // We sometimes use this constructor for security checks for outer windows
365 // that aren't top level.
366 if (aSecurityFlags != nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK) {
367 MOZ_ASSERT(aOuterWindow->GetBrowsingContext()->IsTop());
368 }
369
370 #ifdef DEBUG
371 if (docShell->GetBrowsingContext()->IsChrome()) {
372 MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0,
373 "chrome docshell shouldn't have mPrivateBrowsingId set.");
374 }
375 #endif
376
377 // Let's take the current cookie behavior and current cookie permission
378 // for the documents' loadInfo. Note that for any other loadInfos,
379 // cookieBehavior will be BEHAVIOR_REJECT for security reasons.
380 bool isPrivate = mOriginAttributes.mPrivateBrowsingId > 0;
381 bool shouldResistFingerprinting =
382 nsContentUtils::ShouldResistFingerprinting_dangerous(
383 aURI, mOriginAttributes,
384 "We are creating CookieJarSettings, so we can't have one already.",
385 RFPTarget::IsAlwaysEnabledForPrecompute);
386 mCookieJarSettings = CookieJarSettings::Create(
387 isPrivate ? CookieJarSettings::ePrivate : CookieJarSettings::eRegular,
388 shouldResistFingerprinting);
389 }
390
391 LoadInfo::LoadInfo(dom::CanonicalBrowsingContext* aBrowsingContext,
392 nsIURI* aURI, nsIPrincipal* aTriggeringPrincipal,
393 const nsACString& aTriggeringRemoteType,
394 const OriginAttributes& aOriginAttributes,
395 nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags)
396 : mTriggeringPrincipal(aTriggeringPrincipal),
397 mTriggeringRemoteType(aTriggeringRemoteType),
398 mSandboxedNullPrincipalID(nsID::GenerateUUID()),
399 mSecurityFlags(aSecurityFlags),
400 mSandboxFlags(aSandboxFlags),
401 mInternalContentPolicyType(nsIContentPolicy::TYPE_DOCUMENT) {
402 // Top-level loads are never third-party
403 // Grab the information we can out of the window.
404 MOZ_ASSERT(aBrowsingContext);
405 MOZ_ASSERT(mTriggeringPrincipal);
406 MOZ_ASSERT(aSecurityFlags !=
407 nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK);
408
409 // if the load is sandboxed, we can not also inherit the principal
410 if (mSandboxFlags & SANDBOXED_ORIGIN) {
411 mForceInheritPrincipalDropped =
412 (mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
413 mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
414 }
415
416 mBrowsingContextID = aBrowsingContext->Id();
417 mOriginAttributes = aOriginAttributes;
418
419 #ifdef DEBUG
420 if (aBrowsingContext->IsChrome()) {
421 MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0,
422 "chrome docshell shouldn't have mPrivateBrowsingId set.");
423 }
424 #endif
425
426 // If we think we should not resist fingerprinting, defer to the opener's
427 // RFP bit (if there is an opener.) If the opener is also exempted, it stays
428 // true, otherwise we will put a false into the CJS and that will be respected
429 // on this document.
430 bool shouldResistFingerprinting =
431 nsContentUtils::ShouldResistFingerprinting_dangerous(
432 aURI, mOriginAttributes,
433 "We are creating CookieJarSettings, so we can't have one already.",
434 RFPTarget::IsAlwaysEnabledForPrecompute);
435 RefPtr<BrowsingContext> opener = aBrowsingContext->GetOpener();
436 if (!shouldResistFingerprinting && opener &&
437 opener->GetCurrentWindowContext()) {
438 shouldResistFingerprinting =
439 opener->GetCurrentWindowContext()->ShouldResistFingerprinting();
440 }
441
442 const bool isPrivate = mOriginAttributes.mPrivateBrowsingId > 0;
443
444 // Let's take the current cookie behavior and current cookie permission
445 // for the documents' loadInfo. Note that for any other loadInfos,
446 // cookieBehavior will be BEHAVIOR_REJECT for security reasons.
447 mCookieJarSettings = CookieJarSettings::Create(
448 isPrivate ? CookieJarSettings::ePrivate : CookieJarSettings::eRegular,
449 shouldResistFingerprinting);
450 }
451
452 LoadInfo::LoadInfo(dom::WindowGlobalParent* aParentWGP,
453 nsIPrincipal* aTriggeringPrincipal,
454 const nsACString& aTriggeringRemoteType,
455 nsContentPolicyType aContentPolicyType,
456 nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags)
457 : mTriggeringPrincipal(aTriggeringPrincipal),
458 mTriggeringRemoteType(aTriggeringRemoteType),
459 mSandboxedNullPrincipalID(nsID::GenerateUUID()),
460 mSecurityFlags(aSecurityFlags),
461 mSandboxFlags(aSandboxFlags),
462 mInternalContentPolicyType(aContentPolicyType) {
463 CanonicalBrowsingContext* parentBC = aParentWGP->BrowsingContext();
464 MOZ_ASSERT(parentBC);
465 ComputeAncestors(parentBC, mAncestorPrincipals, mAncestorBrowsingContextIDs);
466
467 RefPtr<WindowGlobalParent> topLevelWGP = aParentWGP->TopWindowContext();
468
469 // if the load is sandboxed, we can not also inherit the principal
470 if (mSandboxFlags & SANDBOXED_ORIGIN) {
471 mForceInheritPrincipalDropped =
472 (mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
473 mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
474 }
475
476 // Ensure that all network requests for a window client have the ClientInfo
477 // properly set.
478 mClientInfo = aParentWGP->GetClientInfo();
479 mLoadingPrincipal = aParentWGP->DocumentPrincipal();
480 ComputeIsThirdPartyContext(aParentWGP);
481
482 mBrowsingContextID = parentBC->Id();
483
484 // Let's inherit the cookie behavior and permission from the embedder
485 // document.
486 mCookieJarSettings = aParentWGP->CookieJarSettings();
487 if (topLevelWGP->BrowsingContext()->IsTop()) {
488 if (mCookieJarSettings) {
489 bool stopAtOurLevel = mCookieJarSettings->GetCookieBehavior() ==
490 nsICookieService::BEHAVIOR_REJECT_TRACKER;
491 if (!stopAtOurLevel ||
492 topLevelWGP->OuterWindowId() != aParentWGP->OuterWindowId()) {
493 mTopLevelPrincipal = topLevelWGP->DocumentPrincipal();
494 }
495 }
496 }
497
498 if (!mTopLevelPrincipal && parentBC->IsTop()) {
499 // If this is the first level iframe, embedder WindowGlobalParent's document
500 // principal is our top-level principal.
501 mTopLevelPrincipal = aParentWGP->DocumentPrincipal();
502 }
503
504 mInnerWindowID = aParentWGP->InnerWindowId();
505 mDocumentHasUserInteracted = aParentWGP->DocumentHasUserInteracted();
506
507 // if the document forces all mixed content to be blocked, then we
508 // store that bit for all requests on the loadinfo.
509 mBlockAllMixedContent = aParentWGP->GetDocumentBlockAllMixedContent();
510
511 if (mTopLevelPrincipal && BasePrincipal::Cast(mTriggeringPrincipal)
512 ->OverridesCSP(mTopLevelPrincipal)) {
513 // if the load is triggered by an addon which potentially overrides the
514 // CSP of the document, then do not force insecure requests to be
515 // upgraded.
516 mUpgradeInsecureRequests = false;
517 } else {
518 // if the document forces all requests to be upgraded from http to https,
519 // then we should do that for all requests. If it only forces preloads to
520 // be upgraded then we should enforce upgrade insecure requests only for
521 // preloads.
522 mUpgradeInsecureRequests = aParentWGP->GetDocumentUpgradeInsecureRequests();
523 }
524 mOriginAttributes = mLoadingPrincipal->OriginAttributesRef();
525
526 // We need to do this after inheriting the document's origin attributes
527 // above, in case the loading principal ends up being the system principal.
528 if (parentBC->IsContent()) {
529 mOriginAttributes.SyncAttributesWithPrivateBrowsing(
530 parentBC->UsePrivateBrowsing());
531 }
532
533 // Inherit HTTPS-Only Mode flags from embedder document.
534 mHttpsOnlyStatus |= nsHTTPSOnlyUtils::GetStatusForSubresourceLoad(
535 aParentWGP->HttpsOnlyStatus());
536
537 // For chrome BC, the mPrivateBrowsingId remains 0 even its
538 // UsePrivateBrowsing() is true, so we only update the mPrivateBrowsingId in
539 // origin attributes if the type of the BC is content.
540 if (parentBC->IsChrome()) {
541 MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0,
542 "chrome docshell shouldn't have mPrivateBrowsingId set.");
543 }
544
545 RefPtr<WindowContext> ctx = WindowContext::GetById(mInnerWindowID);
546 if (ctx) {
547 mLoadingEmbedderPolicy = ctx->GetEmbedderPolicy();
548
549 if (Document* document = ctx->GetDocument()) {
550 mIsOriginTrialCoepCredentiallessEnabledForTopLevel =
551 document->Trials().IsEnabled(OriginTrial::CoepCredentialless);
552 }
553 }
554 }
555
556 // Used for TYPE_FRAME or TYPE_IFRAME load.
557 LoadInfo::LoadInfo(dom::CanonicalBrowsingContext* aBrowsingContext,
558 nsIPrincipal* aTriggeringPrincipal,
559 const nsACString& aTriggeringRemoteType,
560 nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags)
561 : LoadInfo(aBrowsingContext->GetParentWindowContext(), aTriggeringPrincipal,
562 aTriggeringRemoteType,
563 InternalContentPolicyTypeForFrame(aBrowsingContext),
564 aSecurityFlags, aSandboxFlags) {
565 mFrameBrowsingContextID = aBrowsingContext->Id();
566 }
567
568 LoadInfo::LoadInfo(const LoadInfo& rhs)
569 : mLoadingPrincipal(rhs.mLoadingPrincipal),
570 mTriggeringPrincipal(rhs.mTriggeringPrincipal),
571 mPrincipalToInherit(rhs.mPrincipalToInherit),
572 mTopLevelPrincipal(rhs.mTopLevelPrincipal),
573 mResultPrincipalURI(rhs.mResultPrincipalURI),
574 mChannelCreationOriginalURI(rhs.mChannelCreationOriginalURI),
575 mCookieJarSettings(rhs.mCookieJarSettings),
576 mCspToInherit(rhs.mCspToInherit),
577 mTriggeringRemoteType(rhs.mTriggeringRemoteType),
578 mSandboxedNullPrincipalID(rhs.mSandboxedNullPrincipalID),
579 mClientInfo(rhs.mClientInfo),
580 // mReservedClientSource must be handled specially during redirect
581 // mReservedClientInfo must be handled specially during redirect
582 // mInitialClientInfo must be handled specially during redirect
583 mController(rhs.mController),
584 mPerformanceStorage(rhs.mPerformanceStorage),
585 mLoadingContext(rhs.mLoadingContext),
586 mContextForTopLevelLoad(rhs.mContextForTopLevelLoad),
587 mSecurityFlags(rhs.mSecurityFlags),
588 mSandboxFlags(rhs.mSandboxFlags),
589 mTriggeringSandboxFlags(rhs.mTriggeringSandboxFlags),
590 mTriggeringWindowId(rhs.mTriggeringWindowId),
591 mTriggeringStorageAccess(rhs.mTriggeringStorageAccess),
592 mInternalContentPolicyType(rhs.mInternalContentPolicyType),
593 mTainting(rhs.mTainting),
594 mBlockAllMixedContent(rhs.mBlockAllMixedContent),
595 mUpgradeInsecureRequests(rhs.mUpgradeInsecureRequests),
596 mBrowserUpgradeInsecureRequests(rhs.mBrowserUpgradeInsecureRequests),
597 mBrowserDidUpgradeInsecureRequests(
598 rhs.mBrowserDidUpgradeInsecureRequests),
599 mBrowserWouldUpgradeInsecureRequests(
600 rhs.mBrowserWouldUpgradeInsecureRequests),
601 mForceAllowDataURI(rhs.mForceAllowDataURI),
602 mAllowInsecureRedirectToDataURI(rhs.mAllowInsecureRedirectToDataURI),
603 mSkipContentPolicyCheckForWebRequest(
604 rhs.mSkipContentPolicyCheckForWebRequest),
605 mOriginalFrameSrcLoad(rhs.mOriginalFrameSrcLoad),
606 mForceInheritPrincipalDropped(rhs.mForceInheritPrincipalDropped),
607 mInnerWindowID(rhs.mInnerWindowID),
608 mBrowsingContextID(rhs.mBrowsingContextID),
609 mWorkerAssociatedBrowsingContextID(
610 rhs.mWorkerAssociatedBrowsingContextID),
611 mFrameBrowsingContextID(rhs.mFrameBrowsingContextID),
612 mInitialSecurityCheckDone(rhs.mInitialSecurityCheckDone),
613 mIsThirdPartyContext(rhs.mIsThirdPartyContext),
614 mIsThirdPartyContextToTopWindow(rhs.mIsThirdPartyContextToTopWindow),
615 mIsFormSubmission(rhs.mIsFormSubmission),
616 mSendCSPViolationEvents(rhs.mSendCSPViolationEvents),
617 mOriginAttributes(rhs.mOriginAttributes),
618 mRedirectChainIncludingInternalRedirects(
619 rhs.mRedirectChainIncludingInternalRedirects.Clone()),
620 mRedirectChain(rhs.mRedirectChain.Clone()),
621 mAncestorPrincipals(rhs.mAncestorPrincipals.Clone()),
622 mAncestorBrowsingContextIDs(rhs.mAncestorBrowsingContextIDs.Clone()),
623 mCorsUnsafeHeaders(rhs.mCorsUnsafeHeaders.Clone()),
624 mRequestBlockingReason(rhs.mRequestBlockingReason),
625 mForcePreflight(rhs.mForcePreflight),
626 mIsPreflight(rhs.mIsPreflight),
627 mLoadTriggeredFromExternal(rhs.mLoadTriggeredFromExternal),
628 mDocumentHasUserInteracted(rhs.mDocumentHasUserInteracted),
629 mAllowListFutureDocumentsCreatedFromThisRedirectChain(
630 rhs.mAllowListFutureDocumentsCreatedFromThisRedirectChain),
631 mNeedForCheckingAntiTrackingHeuristic(
632 rhs.mNeedForCheckingAntiTrackingHeuristic),
633 mCspNonce(rhs.mCspNonce),
634 mIntegrityMetadata(rhs.mIntegrityMetadata),
635 mSkipContentSniffing(rhs.mSkipContentSniffing),
636 mHttpsOnlyStatus(rhs.mHttpsOnlyStatus),
637 mHstsStatus(rhs.mHstsStatus),
638 mHasValidUserGestureActivation(rhs.mHasValidUserGestureActivation),
639 mAllowDeprecatedSystemRequests(rhs.mAllowDeprecatedSystemRequests),
640 mIsInDevToolsContext(rhs.mIsInDevToolsContext),
641 mParserCreatedScript(rhs.mParserCreatedScript),
642 mStoragePermission(rhs.mStoragePermission),
643 mOverriddenFingerprintingSettings(rhs.mOverriddenFingerprintingSettings),
644 #ifdef DEBUG
645 mOverriddenFingerprintingSettingsIsSet(
646 rhs.mOverriddenFingerprintingSettingsIsSet),
647 #endif
648 mIsMetaRefresh(rhs.mIsMetaRefresh),
649 mIsFromProcessingFrameAttributes(rhs.mIsFromProcessingFrameAttributes),
650 mIsMediaRequest(rhs.mIsMediaRequest),
651 mIsMediaInitialRequest(rhs.mIsMediaInitialRequest),
652 mIsFromObjectOrEmbed(rhs.mIsFromObjectOrEmbed),
653 mLoadingEmbedderPolicy(rhs.mLoadingEmbedderPolicy),
654 mIsOriginTrialCoepCredentiallessEnabledForTopLevel(
655 rhs.mIsOriginTrialCoepCredentiallessEnabledForTopLevel),
656 mUnstrippedURI(rhs.mUnstrippedURI),
657 mInterceptionInfo(rhs.mInterceptionInfo),
658 mHasInjectedCookieForCookieBannerHandling(
659 rhs.mHasInjectedCookieForCookieBannerHandling),
660 mWasSchemelessInput(rhs.mWasSchemelessInput) {
661 }
662
663 LoadInfo::LoadInfo(
664 nsIPrincipal* aLoadingPrincipal, nsIPrincipal* aTriggeringPrincipal,
665 nsIPrincipal* aPrincipalToInherit, nsIPrincipal* aTopLevelPrincipal,
666 nsIURI* aResultPrincipalURI, nsICookieJarSettings* aCookieJarSettings,
667 nsIContentSecurityPolicy* aCspToInherit,
668 const nsACString& aTriggeringRemoteType,
669 const nsID& aSandboxedNullPrincipalID, const Maybe<ClientInfo>& aClientInfo,
670 const Maybe<ClientInfo>& aReservedClientInfo,
671 const Maybe<ClientInfo>& aInitialClientInfo,
672 const Maybe<ServiceWorkerDescriptor>& aController,
673 nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags,
674 uint32_t aTriggeringSandboxFlags, uint64_t aTriggeringWindowId,
675 bool aTriggeringStorageAccess, nsContentPolicyType aContentPolicyType,
676 LoadTainting aTainting, bool aBlockAllMixedContent,
677 bool aUpgradeInsecureRequests, bool aBrowserUpgradeInsecureRequests,
678 bool aBrowserDidUpgradeInsecureRequests,
679 bool aBrowserWouldUpgradeInsecureRequests, bool aForceAllowDataURI,
680 bool aAllowInsecureRedirectToDataURI,
681 bool aSkipContentPolicyCheckForWebRequest, bool aOriginalFrameSrcLoad,
682 bool aForceInheritPrincipalDropped, uint64_t aInnerWindowID,
683 uint64_t aBrowsingContextID, uint64_t aFrameBrowsingContextID,
684 bool aInitialSecurityCheckDone, bool aIsThirdPartyContext,
685 const Maybe<bool>& aIsThirdPartyContextToTopWindow, bool aIsFormSubmission,
686 bool aSendCSPViolationEvents, const OriginAttributes& aOriginAttributes,
687 RedirectHistoryArray&& aRedirectChainIncludingInternalRedirects,
688 RedirectHistoryArray&& aRedirectChain,
689 nsTArray<nsCOMPtr<nsIPrincipal>>&& aAncestorPrincipals,
690 const nsTArray<uint64_t>& aAncestorBrowsingContextIDs,
691 const nsTArray<nsCString>& aCorsUnsafeHeaders, bool aForcePreflight,
692 bool aIsPreflight, bool aLoadTriggeredFromExternal,
693 bool aServiceWorkerTaintingSynthesized, bool aDocumentHasUserInteracted,
694 bool aAllowListFutureDocumentsCreatedFromThisRedirectChain,
695 bool aNeedForCheckingAntiTrackingHeuristic, const nsAString& aCspNonce,
696 const nsAString& aIntegrityMetadata, bool aSkipContentSniffing,
697 uint32_t aHttpsOnlyStatus, bool aHstsStatus,
698 bool aHasValidUserGestureActivation, bool aAllowDeprecatedSystemRequests,
699 bool aIsInDevToolsContext, bool aParserCreatedScript,
700 nsILoadInfo::StoragePermissionState aStoragePermission,
701 const Maybe<RFPTarget>& aOverriddenFingerprintingSettings,
702 bool aIsMetaRefresh, uint32_t aRequestBlockingReason,
703 nsINode* aLoadingContext,
704 nsILoadInfo::CrossOriginEmbedderPolicy aLoadingEmbedderPolicy,
705 bool aIsOriginTrialCoepCredentiallessEnabledForTopLevel,
706 nsIURI* aUnstrippedURI, nsIInterceptionInfo* aInterceptionInfo,
707 bool aHasInjectedCookieForCookieBannerHandling, bool aWasSchemelessInput)
708 : mLoadingPrincipal(aLoadingPrincipal),
709 mTriggeringPrincipal(aTriggeringPrincipal),
710 mPrincipalToInherit(aPrincipalToInherit),
711 mTopLevelPrincipal(aTopLevelPrincipal),
712 mResultPrincipalURI(aResultPrincipalURI),
713 mCookieJarSettings(aCookieJarSettings),
714 mCspToInherit(aCspToInherit),
715 mTriggeringRemoteType(aTriggeringRemoteType),
716 mSandboxedNullPrincipalID(aSandboxedNullPrincipalID),
717 mClientInfo(aClientInfo),
718 mReservedClientInfo(aReservedClientInfo),
719 mInitialClientInfo(aInitialClientInfo),
720 mController(aController),
721 mLoadingContext(do_GetWeakReference(aLoadingContext)),
722 mSecurityFlags(aSecurityFlags),
723 mSandboxFlags(aSandboxFlags),
724 mTriggeringSandboxFlags(aTriggeringSandboxFlags),
725 mTriggeringWindowId(aTriggeringWindowId),
726 mTriggeringStorageAccess(aTriggeringStorageAccess),
727 mInternalContentPolicyType(aContentPolicyType),
728 mTainting(aTainting),
729 mBlockAllMixedContent(aBlockAllMixedContent),
730 mUpgradeInsecureRequests(aUpgradeInsecureRequests),
731 mBrowserUpgradeInsecureRequests(aBrowserUpgradeInsecureRequests),
732 mBrowserDidUpgradeInsecureRequests(aBrowserDidUpgradeInsecureRequests),
733 mBrowserWouldUpgradeInsecureRequests(
734 aBrowserWouldUpgradeInsecureRequests),
735 mForceAllowDataURI(aForceAllowDataURI),
736 mAllowInsecureRedirectToDataURI(aAllowInsecureRedirectToDataURI),
737 mSkipContentPolicyCheckForWebRequest(
738 aSkipContentPolicyCheckForWebRequest),
739 mOriginalFrameSrcLoad(aOriginalFrameSrcLoad),
740 mForceInheritPrincipalDropped(aForceInheritPrincipalDropped),
741 mInnerWindowID(aInnerWindowID),
742 mBrowsingContextID(aBrowsingContextID),
743 mFrameBrowsingContextID(aFrameBrowsingContextID),
744 mInitialSecurityCheckDone(aInitialSecurityCheckDone),
745 mIsThirdPartyContext(aIsThirdPartyContext),
746 mIsThirdPartyContextToTopWindow(aIsThirdPartyContextToTopWindow),
747 mIsFormSubmission(aIsFormSubmission),
748 mSendCSPViolationEvents(aSendCSPViolationEvents),
749 mOriginAttributes(aOriginAttributes),
750 mRedirectChainIncludingInternalRedirects(
751 std::move(aRedirectChainIncludingInternalRedirects)),
752 mRedirectChain(std::move(aRedirectChain)),
753 mAncestorPrincipals(std::move(aAncestorPrincipals)),
754 mAncestorBrowsingContextIDs(aAncestorBrowsingContextIDs.Clone()),
755 mCorsUnsafeHeaders(aCorsUnsafeHeaders.Clone()),
756 mRequestBlockingReason(aRequestBlockingReason),
757 mForcePreflight(aForcePreflight),
758 mIsPreflight(aIsPreflight),
759 mLoadTriggeredFromExternal(aLoadTriggeredFromExternal),
760 mServiceWorkerTaintingSynthesized(aServiceWorkerTaintingSynthesized),
761 mDocumentHasUserInteracted(aDocumentHasUserInteracted),
762 mAllowListFutureDocumentsCreatedFromThisRedirectChain(
763 aAllowListFutureDocumentsCreatedFromThisRedirectChain),
764 mNeedForCheckingAntiTrackingHeuristic(
765 aNeedForCheckingAntiTrackingHeuristic),
766 mCspNonce(aCspNonce),
767 mIntegrityMetadata(aIntegrityMetadata),
768 mSkipContentSniffing(aSkipContentSniffing),
769 mHttpsOnlyStatus(aHttpsOnlyStatus),
770 mHstsStatus(aHstsStatus),
771 mHasValidUserGestureActivation(aHasValidUserGestureActivation),
772 mAllowDeprecatedSystemRequests(aAllowDeprecatedSystemRequests),
773 mIsInDevToolsContext(aIsInDevToolsContext),
774 mParserCreatedScript(aParserCreatedScript),
775 mStoragePermission(aStoragePermission),
776 mOverriddenFingerprintingSettings(aOverriddenFingerprintingSettings),
777 mIsMetaRefresh(aIsMetaRefresh),
778 mLoadingEmbedderPolicy(aLoadingEmbedderPolicy),
779 mIsOriginTrialCoepCredentiallessEnabledForTopLevel(
780 aIsOriginTrialCoepCredentiallessEnabledForTopLevel),
781 mUnstrippedURI(aUnstrippedURI),
782 mInterceptionInfo(aInterceptionInfo),
783 mHasInjectedCookieForCookieBannerHandling(
784 aHasInjectedCookieForCookieBannerHandling),
785 mWasSchemelessInput(aWasSchemelessInput) {
786 // Only top level TYPE_DOCUMENT loads can have a null loadingPrincipal
787 MOZ_ASSERT(mLoadingPrincipal ||
788 aContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT);
789 MOZ_ASSERT(mTriggeringPrincipal);
790 }
791
792 // static
793 void LoadInfo::ComputeAncestors(
794 CanonicalBrowsingContext* aBC,
795 nsTArray<nsCOMPtr<nsIPrincipal>>& aAncestorPrincipals,
796 nsTArray<uint64_t>& aBrowsingContextIDs) {
797 MOZ_ASSERT(aAncestorPrincipals.IsEmpty());
798 MOZ_ASSERT(aBrowsingContextIDs.IsEmpty());
799 CanonicalBrowsingContext* ancestorBC = aBC;
800 // Iterate over ancestor WindowGlobalParents, collecting principals and outer
801 // window IDs.
802 while (WindowGlobalParent* ancestorWGP =
803 ancestorBC->GetParentWindowContext()) {
804 ancestorBC = ancestorWGP->BrowsingContext();
805
806 nsCOMPtr<nsIPrincipal> parentPrincipal = ancestorWGP->DocumentPrincipal();
807 MOZ_ASSERT(parentPrincipal, "Ancestor principal is null");
808 aAncestorPrincipals.AppendElement(parentPrincipal.forget());
809 aBrowsingContextIDs.AppendElement(ancestorBC->Id());
810 }
811 }
812 void LoadInfo::ComputeIsThirdPartyContext(nsPIDOMWindowOuter* aOuterWindow) {
813 ExtContentPolicyType type =
814 nsContentUtils::InternalContentPolicyTypeToExternal(
815 mInternalContentPolicyType);
816 if (type == ExtContentPolicy::TYPE_DOCUMENT) {
817 // Top-level loads are never third-party.
818 mIsThirdPartyContext = false;
819 return;
820 }
821
822 nsCOMPtr<mozIThirdPartyUtil> util(do_GetService(THIRDPARTYUTIL_CONTRACTID));
823 if (NS_WARN_IF(!util)) {
824 return;
825 }
826
827 util->IsThirdPartyWindow(aOuterWindow, nullptr, &mIsThirdPartyContext);
828 }
829
830 void LoadInfo::ComputeIsThirdPartyContext(dom::WindowGlobalParent* aGlobal) {
831 if (nsILoadInfo::GetExternalContentPolicyType() ==
832 ExtContentPolicy::TYPE_DOCUMENT) {
833 // Top-level loads are never third-party.
834 mIsThirdPartyContext = false;
835 return;
836 }
837
838 ThirdPartyUtil* thirdPartyUtil = ThirdPartyUtil::GetInstance();
839 if (!thirdPartyUtil) {
840 return;
841 }
842 thirdPartyUtil->IsThirdPartyGlobal(aGlobal, &mIsThirdPartyContext);
843 }
844
845 NS_IMPL_ISUPPORTS(LoadInfo, nsILoadInfo)
846
847 LoadInfo::~LoadInfo() { MOZ_RELEASE_ASSERT(NS_IsMainThread()); }
848
849 already_AddRefed<nsILoadInfo> LoadInfo::Clone() const {
850 RefPtr<LoadInfo> copy(new LoadInfo(*this));
851 return copy.forget();
852 }
853
854 already_AddRefed<nsILoadInfo> LoadInfo::CloneWithNewSecFlags(
855 nsSecurityFlags aSecurityFlags) const {
856 RefPtr<LoadInfo> copy(new LoadInfo(*this));
857 copy->mSecurityFlags = aSecurityFlags;
858 return copy.forget();
859 }
860
861 already_AddRefed<nsILoadInfo> LoadInfo::CloneForNewRequest() const {
862 RefPtr<LoadInfo> copy(new LoadInfo(*this));
863 copy->mInitialSecurityCheckDone = false;
864 copy->mRedirectChainIncludingInternalRedirects.Clear();
865 copy->mRedirectChain.Clear();
866 copy->mResultPrincipalURI = nullptr;
867 return copy.forget();
868 }
869
870 NS_IMETHODIMP
871 LoadInfo::GetLoadingPrincipal(nsIPrincipal** aLoadingPrincipal) {
872 *aLoadingPrincipal = do_AddRef(mLoadingPrincipal).take();
873 return NS_OK;
874 }
875
876 nsIPrincipal* LoadInfo::VirtualGetLoadingPrincipal() {
877 return mLoadingPrincipal;
878 }
879
880 NS_IMETHODIMP
881 LoadInfo::GetTriggeringPrincipal(nsIPrincipal** aTriggeringPrincipal) {
882 *aTriggeringPrincipal = do_AddRef(mTriggeringPrincipal).take();
883 return NS_OK;
884 }
885
886 nsIPrincipal* LoadInfo::TriggeringPrincipal() { return mTriggeringPrincipal; }
887
888 NS_IMETHODIMP
889 LoadInfo::GetPrincipalToInherit(nsIPrincipal** aPrincipalToInherit) {
890 *aPrincipalToInherit = do_AddRef(mPrincipalToInherit).take();
891 return NS_OK;
892 }
893
894 NS_IMETHODIMP
895 LoadInfo::SetPrincipalToInherit(nsIPrincipal* aPrincipalToInherit) {
896 MOZ_ASSERT(aPrincipalToInherit, "must be a valid principal to inherit");
897 mPrincipalToInherit = aPrincipalToInherit;
898 return NS_OK;
899 }
900
901 nsIPrincipal* LoadInfo::PrincipalToInherit() { return mPrincipalToInherit; }
902
903 nsIPrincipal* LoadInfo::FindPrincipalToInherit(nsIChannel* aChannel) {
904 if (mPrincipalToInherit) {
905 return mPrincipalToInherit;
906 }
907
908 nsCOMPtr<nsIURI> uri = mResultPrincipalURI;
909 if (!uri) {
910 Unused << aChannel->GetOriginalURI(getter_AddRefs(uri));
911 }
912
913 auto* prin = BasePrincipal::Cast(mTriggeringPrincipal);
914 return prin->PrincipalToInherit(uri);
915 }
916
917 const nsID& LoadInfo::GetSandboxedNullPrincipalID() {
918 MOZ_ASSERT(!mSandboxedNullPrincipalID.Equals(nsID{}),
919 "mSandboxedNullPrincipalID wasn't initialized?");
920 return mSandboxedNullPrincipalID;
921 }
922
923 void LoadInfo::ResetSandboxedNullPrincipalID() {
924 mSandboxedNullPrincipalID = nsID::GenerateUUID();
925 }
926
927 nsIPrincipal* LoadInfo::GetTopLevelPrincipal() { return mTopLevelPrincipal; }
928
929 NS_IMETHODIMP
930 LoadInfo::GetTriggeringRemoteType(nsACString& aTriggeringRemoteType) {
931 aTriggeringRemoteType = mTriggeringRemoteType;
932 return NS_OK;
933 }
934
935 NS_IMETHODIMP
936 LoadInfo::SetTriggeringRemoteType(const nsACString& aTriggeringRemoteType) {
937 mTriggeringRemoteType = aTriggeringRemoteType;
938 return NS_OK;
939 }
940
941 NS_IMETHODIMP
942 LoadInfo::GetLoadingDocument(Document** aResult) {
943 if (nsCOMPtr<nsINode> node = do_QueryReferent(mLoadingContext)) {
944 RefPtr<Document> context = node->OwnerDoc();
945 context.forget(aResult);
946 }
947 return NS_OK;
948 }
949
950 nsINode* LoadInfo::LoadingNode() {
951 nsCOMPtr<nsINode> node = do_QueryReferent(mLoadingContext);
952 return node;
953 }
954
955 already_AddRefed<nsISupports> LoadInfo::ContextForTopLevelLoad() {
956 // Most likely you want to query LoadingNode() instead of
957 // ContextForTopLevelLoad() if this assertion fires.
958 MOZ_ASSERT(mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
959 "should only query this context for top level document loads");
960 nsCOMPtr<nsISupports> context = do_QueryReferent(mContextForTopLevelLoad);
961 return context.forget();
962 }
963
964 already_AddRefed<nsISupports> LoadInfo::GetLoadingContext() {
965 nsCOMPtr<nsISupports> context;
966 if (mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT) {
967 context = ContextForTopLevelLoad();
968 } else {
969 context = LoadingNode();
970 }
971 return context.forget();
972 }
973
974 NS_IMETHODIMP
975 LoadInfo::GetLoadingContextXPCOM(nsISupports** aResult) {
976 nsCOMPtr<nsISupports> context = GetLoadingContext();
977 context.forget(aResult);
978 return NS_OK;
979 }
980
981 NS_IMETHODIMP
982 LoadInfo::GetSecurityFlags(nsSecurityFlags* aResult) {
983 *aResult = mSecurityFlags;
984 return NS_OK;
985 }
986
987 NS_IMETHODIMP
988 LoadInfo::GetSandboxFlags(uint32_t* aResult) {
989 *aResult = mSandboxFlags;
990 return NS_OK;
991 }
992
993 NS_IMETHODIMP
994 LoadInfo::GetTriggeringSandboxFlags(uint32_t* aResult) {
995 *aResult = mTriggeringSandboxFlags;
996 return NS_OK;
997 }
998
999 NS_IMETHODIMP
1000 LoadInfo::SetTriggeringSandboxFlags(uint32_t aFlags) {
1001 mTriggeringSandboxFlags = aFlags;
1002 return NS_OK;
1003 }
1004
1005 NS_IMETHODIMP
1006 LoadInfo::GetTriggeringWindowId(uint64_t* aResult) {
1007 *aResult = mTriggeringWindowId;
1008 return NS_OK;
1009 }
1010
1011 NS_IMETHODIMP
1012 LoadInfo::SetTriggeringWindowId(uint64_t aFlags) {
1013 mTriggeringWindowId = aFlags;
1014 return NS_OK;
1015 }
1016
1017 NS_IMETHODIMP
1018 LoadInfo::GetTriggeringStorageAccess(bool* aResult) {
1019 *aResult = mTriggeringStorageAccess;
1020 return NS_OK;
1021 }
1022
1023 NS_IMETHODIMP
1024 LoadInfo::SetTriggeringStorageAccess(bool aFlags) {
1025 mTriggeringStorageAccess = aFlags;
1026 return NS_OK;
1027 }
1028
1029 NS_IMETHODIMP
1030 LoadInfo::GetSecurityMode(uint32_t* aFlags) {
1031 *aFlags = (mSecurityFlags &
1032 (nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_INHERITS_SEC_CONTEXT |
1033 nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED |
1034 nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_INHERITS_SEC_CONTEXT |
1035 nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL |
1036 nsILoadInfo::SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT));
1037 return NS_OK;
1038 }
1039
1040 NS_IMETHODIMP
1041 LoadInfo::GetIsInThirdPartyContext(bool* aIsInThirdPartyContext) {
1042 *aIsInThirdPartyContext = mIsThirdPartyContext;
1043 return NS_OK;
1044 }
1045
1046 NS_IMETHODIMP
1047 LoadInfo::SetIsInThirdPartyContext(bool aIsInThirdPartyContext) {
1048 mIsThirdPartyContext = aIsInThirdPartyContext;
1049 return NS_OK;
1050 }
1051
1052 NS_IMETHODIMP
1053 LoadInfo::GetIsThirdPartyContextToTopWindow(
1054 bool* aIsThirdPartyContextToTopWindow) {
1055 *aIsThirdPartyContextToTopWindow =
1056 mIsThirdPartyContextToTopWindow.valueOr(true);
1057 return NS_OK;
1058 }
1059
1060 NS_IMETHODIMP
1061 LoadInfo::SetIsThirdPartyContextToTopWindow(
1062 bool aIsThirdPartyContextToTopWindow) {
1063 mIsThirdPartyContextToTopWindow = Some(aIsThirdPartyContextToTopWindow);
1064 return NS_OK;
1065 }
1066
1067 static const uint32_t sCookiePolicyMask =
1068 nsILoadInfo::SEC_COOKIES_DEFAULT | nsILoadInfo::SEC_COOKIES_INCLUDE |
1069 nsILoadInfo::SEC_COOKIES_SAME_ORIGIN | nsILoadInfo::SEC_COOKIES_OMIT;
1070
1071 NS_IMETHODIMP
1072 LoadInfo::GetCookiePolicy(uint32_t* aResult) {
1073 uint32_t policy = mSecurityFlags & sCookiePolicyMask;
1074 if (policy == nsILoadInfo::SEC_COOKIES_DEFAULT) {
1075 policy = (mSecurityFlags & SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT)
1076 ? nsILoadInfo::SEC_COOKIES_SAME_ORIGIN
1077 : nsILoadInfo::SEC_COOKIES_INCLUDE;
1078 }
1079
1080 *aResult = policy;
1081 return NS_OK;
1082 }
1083
1084 namespace {
1085
1086 already_AddRefed<nsICookieJarSettings> CreateCookieJarSettings(
1087 nsContentPolicyType aContentPolicyType, bool aIsPrivate,
1088 bool shouldResistFingerprinting) {
1089 if (StaticPrefs::network_cookieJarSettings_unblocked_for_testing()) {
1090 return aIsPrivate ? CookieJarSettings::Create(CookieJarSettings::ePrivate,
1091 shouldResistFingerprinting)
1092 : CookieJarSettings::Create(CookieJarSettings::eRegular,
1093 shouldResistFingerprinting);
1094 }
1095
1096 // These contentPolictTypes require a real CookieJarSettings because favicon
1097 // and save-as requests must send cookies. Anything else should not
1098 // send/receive cookies.
1099 if (aContentPolicyType == nsIContentPolicy::TYPE_INTERNAL_IMAGE_FAVICON ||
1100 aContentPolicyType == nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD) {
1101 return aIsPrivate ? CookieJarSettings::Create(CookieJarSettings::ePrivate,
1102 shouldResistFingerprinting)
1103 : CookieJarSettings::Create(CookieJarSettings::eRegular,
1104 shouldResistFingerprinting);
1105 }
1106
1107 return CookieJarSettings::GetBlockingAll(shouldResistFingerprinting);
1108 }
1109
1110 } // namespace
1111
1112 NS_IMETHODIMP
1113 LoadInfo::GetCookieJarSettings(nsICookieJarSettings** aCookieJarSettings) {
1114 if (!mCookieJarSettings) {
1115 bool isPrivate = mOriginAttributes.mPrivateBrowsingId > 0;
1116 nsCOMPtr<nsIPrincipal> loadingPrincipal;
1117 Unused << this->GetLoadingPrincipal(getter_AddRefs(loadingPrincipal));
1118 bool shouldResistFingerprinting =
1119 nsContentUtils::ShouldResistFingerprinting_dangerous(
1120 loadingPrincipal,
1121 "CookieJarSettings can't exist yet, we're creating it",
1122 RFPTarget::IsAlwaysEnabledForPrecompute);
1123 mCookieJarSettings = CreateCookieJarSettings(
1124 mInternalContentPolicyType, isPrivate, shouldResistFingerprinting);
1125 }
1126
1127 nsCOMPtr<nsICookieJarSettings> cookieJarSettings = mCookieJarSettings;
1128 cookieJarSettings.forget(aCookieJarSettings);
1129 return NS_OK;
1130 }
1131
1132 NS_IMETHODIMP
1133 LoadInfo::SetCookieJarSettings(nsICookieJarSettings* aCookieJarSettings) {
1134 MOZ_ASSERT(aCookieJarSettings);
1135 // We allow the overwrite of CookieJarSettings.
1136 mCookieJarSettings = aCookieJarSettings;
1137 return NS_OK;
1138 }
1139
1140 NS_IMETHODIMP
1141 LoadInfo::GetStoragePermission(
1142 nsILoadInfo::StoragePermissionState* aStoragePermission) {
1143 *aStoragePermission = mStoragePermission;
1144 return NS_OK;
1145 }
1146
1147 NS_IMETHODIMP
1148 LoadInfo::SetStoragePermission(
1149 nsILoadInfo::StoragePermissionState aStoragePermission) {
1150 mStoragePermission = aStoragePermission;
1151 return NS_OK;
1152 }
1153
1154 const Maybe<RFPTarget>& LoadInfo::GetOverriddenFingerprintingSettings() {
1155 #ifdef DEBUG
1156 RefPtr<BrowsingContext> browsingContext;
1157 GetTargetBrowsingContext(getter_AddRefs(browsingContext));
1158
1159 // Exclude this check if the target browsing context is for the parent
1160 // process.
1161 MOZ_ASSERT_IF(XRE_IsParentProcess() && browsingContext &&
1162 !browsingContext->IsInProcess(),
1163 mOverriddenFingerprintingSettingsIsSet);
1164 #endif
1165 return mOverriddenFingerprintingSettings;
1166 }
1167
1168 void LoadInfo::SetOverriddenFingerprintingSettings(RFPTarget aTargets) {
1169 mOverriddenFingerprintingSettings.reset();
1170 mOverriddenFingerprintingSettings.emplace(aTargets);
1171 }
1172
1173 NS_IMETHODIMP
1174 LoadInfo::GetIsMetaRefresh(bool* aIsMetaRefresh) {
1175 *aIsMetaRefresh = mIsMetaRefresh;
1176 return NS_OK;
1177 }
1178
1179 NS_IMETHODIMP
1180 LoadInfo::SetIsMetaRefresh(bool aIsMetaRefresh) {
1181 mIsMetaRefresh = aIsMetaRefresh;
1182 return NS_OK;
1183 }
1184
1185 void LoadInfo::SetIncludeCookiesSecFlag() {
1186 MOZ_ASSERT((mSecurityFlags & sCookiePolicyMask) ==
1187 nsILoadInfo::SEC_COOKIES_DEFAULT);
1188 mSecurityFlags =
1189 (mSecurityFlags & ~sCookiePolicyMask) | nsILoadInfo::SEC_COOKIES_INCLUDE;
1190 }
1191
1192 NS_IMETHODIMP
1193 LoadInfo::GetForceInheritPrincipal(bool* aInheritPrincipal) {
1194 *aInheritPrincipal =
1195 (mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
1196 return NS_OK;
1197 }
1198
1199 NS_IMETHODIMP
1200 LoadInfo::GetForceInheritPrincipalOverruleOwner(bool* aInheritPrincipal) {
1201 *aInheritPrincipal =
1202 (mSecurityFlags &
1203 nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER);
1204 return NS_OK;
1205 }
1206
1207 NS_IMETHODIMP
1208 LoadInfo::GetLoadingSandboxed(bool* aLoadingSandboxed) {
1209 *aLoadingSandboxed = (mSandboxFlags & SANDBOXED_ORIGIN);
1210 return NS_OK;
1211 }
1212
1213 NS_IMETHODIMP
1214 LoadInfo::GetAboutBlankInherits(bool* aResult) {
1215 *aResult = (mSecurityFlags & nsILoadInfo::SEC_ABOUT_BLANK_INHERITS);
1216 return NS_OK;
1217 }
1218
1219 NS_IMETHODIMP
1220 LoadInfo::GetAllowChrome(bool* aResult) {
1221 *aResult = (mSecurityFlags & nsILoadInfo::SEC_ALLOW_CHROME);
1222 return NS_OK;
1223 }
1224
1225 NS_IMETHODIMP
1226 LoadInfo::GetDisallowScript(bool* aResult) {
1227 *aResult = (mSecurityFlags & nsILoadInfo::SEC_DISALLOW_SCRIPT);
1228 return NS_OK;
1229 }
1230
1231 NS_IMETHODIMP
1232 LoadInfo::GetDontFollowRedirects(bool* aResult) {
1233 *aResult = (mSecurityFlags & nsILoadInfo::SEC_DONT_FOLLOW_REDIRECTS);
1234 return NS_OK;
1235 }
1236
1237 NS_IMETHODIMP
1238 LoadInfo::GetLoadErrorPage(bool* aResult) {
1239 *aResult = (mSecurityFlags & nsILoadInfo::SEC_LOAD_ERROR_PAGE);
1240 return NS_OK;
1241 }
1242
1243 NS_IMETHODIMP
1244 LoadInfo::GetIsFormSubmission(bool* aResult) {
1245 *aResult = mIsFormSubmission;
1246 return NS_OK;
1247 }
1248
1249 NS_IMETHODIMP
1250 LoadInfo::SetIsFormSubmission(bool aValue) {
1251 mIsFormSubmission = aValue;
1252 return NS_OK;
1253 }
1254
1255 NS_IMETHODIMP
1256 LoadInfo::GetSendCSPViolationEvents(bool* aResult) {
1257 *aResult = mSendCSPViolationEvents;
1258 return NS_OK;
1259 }
1260
1261 NS_IMETHODIMP
1262 LoadInfo::SetSendCSPViolationEvents(bool aValue) {
1263 mSendCSPViolationEvents = aValue;
1264 return NS_OK;
1265 }
1266
1267 NS_IMETHODIMP
1268 LoadInfo::GetExternalContentPolicyType(nsContentPolicyType* aResult) {
1269 // We have to use nsContentPolicyType because ExtContentPolicyType is not
1270 // visible from xpidl.
1271 *aResult = static_cast<nsContentPolicyType>(
1272 nsContentUtils::InternalContentPolicyTypeToExternal(
1273 mInternalContentPolicyType));
1274 return NS_OK;
1275 }
1276
1277 nsContentPolicyType LoadInfo::InternalContentPolicyType() {
1278 return mInternalContentPolicyType;
1279 }
1280
1281 NS_IMETHODIMP
1282 LoadInfo::GetBlockAllMixedContent(bool* aResult) {
1283 *aResult = mBlockAllMixedContent;
1284 return NS_OK;
1285 }
1286
1287 NS_IMETHODIMP
1288 LoadInfo::GetUpgradeInsecureRequests(bool* aResult) {
1289 *aResult = mUpgradeInsecureRequests;
1290 return NS_OK;
1291 }
1292
1293 NS_IMETHODIMP
1294 LoadInfo::GetBrowserUpgradeInsecureRequests(bool* aResult) {
1295 *aResult = mBrowserUpgradeInsecureRequests;
1296 return NS_OK;
1297 }
1298
1299 NS_IMETHODIMP
1300 LoadInfo::GetBrowserDidUpgradeInsecureRequests(bool* aResult) {
1301 *aResult = mBrowserDidUpgradeInsecureRequests;
1302 return NS_OK;
1303 }
1304
1305 NS_IMETHODIMP
1306 LoadInfo::GetBrowserWouldUpgradeInsecureRequests(bool* aResult) {
1307 *aResult = mBrowserWouldUpgradeInsecureRequests;
1308 return NS_OK;
1309 }
1310
1311 NS_IMETHODIMP
1312 LoadInfo::SetForceAllowDataURI(bool aForceAllowDataURI) {
1313 MOZ_ASSERT(!mForceAllowDataURI ||
1314 mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
1315 "can only allow data URI navigation for TYPE_DOCUMENT");
1316 mForceAllowDataURI = aForceAllowDataURI;
1317 return NS_OK;
1318 }
1319
1320 NS_IMETHODIMP
1321 LoadInfo::GetForceAllowDataURI(bool* aForceAllowDataURI) {
1322 *aForceAllowDataURI = mForceAllowDataURI;
1323 return NS_OK;
1324 }
1325
1326 NS_IMETHODIMP
1327 LoadInfo::SetAllowInsecureRedirectToDataURI(
1328 bool aAllowInsecureRedirectToDataURI) {
1329 mAllowInsecureRedirectToDataURI = aAllowInsecureRedirectToDataURI;
1330 return NS_OK;
1331 }
1332
1333 NS_IMETHODIMP
1334 LoadInfo::GetAllowInsecureRedirectToDataURI(
1335 bool* aAllowInsecureRedirectToDataURI) {
1336 *aAllowInsecureRedirectToDataURI = mAllowInsecureRedirectToDataURI;
1337 return NS_OK;
1338 }
1339
1340 NS_IMETHODIMP
1341 LoadInfo::SetSkipContentPolicyCheckForWebRequest(bool aSkip) {
1342 mSkipContentPolicyCheckForWebRequest = aSkip;
1343 return NS_OK;
1344 }
1345
1346 NS_IMETHODIMP
1347 LoadInfo::GetSkipContentPolicyCheckForWebRequest(bool* aSkip) {
1348 *aSkip = mSkipContentPolicyCheckForWebRequest;
1349 return NS_OK;
1350 }
1351
1352 NS_IMETHODIMP
1353 LoadInfo::SetOriginalFrameSrcLoad(bool aOriginalFrameSrcLoad) {
1354 mOriginalFrameSrcLoad = aOriginalFrameSrcLoad;
1355 return NS_OK;
1356 }
1357
1358 NS_IMETHODIMP
1359 LoadInfo::GetOriginalFrameSrcLoad(bool* aOriginalFrameSrcLoad) {
1360 *aOriginalFrameSrcLoad = mOriginalFrameSrcLoad;
1361 return NS_OK;
1362 }
1363
1364 NS_IMETHODIMP
1365 LoadInfo::GetForceInheritPrincipalDropped(bool* aResult) {
1366 *aResult = mForceInheritPrincipalDropped;
1367 return NS_OK;
1368 }
1369
1370 NS_IMETHODIMP
1371 LoadInfo::GetInnerWindowID(uint64_t* aResult) {
1372 *aResult = mInnerWindowID;
1373 return NS_OK;
1374 }
1375
1376 NS_IMETHODIMP
1377 LoadInfo::GetBrowsingContextID(uint64_t* aResult) {
1378 *aResult = mBrowsingContextID;
1379 return NS_OK;
1380 }
1381
1382 NS_IMETHODIMP
1383 LoadInfo::GetWorkerAssociatedBrowsingContextID(uint64_t* aResult) {
1384 *aResult = mWorkerAssociatedBrowsingContextID;
1385 return NS_OK;
1386 }
1387
1388 NS_IMETHODIMP
1389 LoadInfo::SetWorkerAssociatedBrowsingContextID(uint64_t aID) {
1390 mWorkerAssociatedBrowsingContextID = aID;
1391 return NS_OK;
1392 }
1393
1394 NS_IMETHODIMP
1395 LoadInfo::GetFrameBrowsingContextID(uint64_t* aResult) {
1396 *aResult = mFrameBrowsingContextID;
1397 return NS_OK;
1398 }
1399
1400 NS_IMETHODIMP
1401 LoadInfo::GetTargetBrowsingContextID(uint64_t* aResult) {
1402 return (nsILoadInfo::GetExternalContentPolicyType() ==
1403 ExtContentPolicy::TYPE_SUBDOCUMENT)
1404 ? GetFrameBrowsingContextID(aResult)
1405 : GetBrowsingContextID(aResult);
1406 }
1407
1408 NS_IMETHODIMP
1409 LoadInfo::GetBrowsingContext(dom::BrowsingContext** aResult) {
1410 *aResult = BrowsingContext::Get(mBrowsingContextID).take();
1411 return NS_OK;
1412 }
1413
1414 NS_IMETHODIMP
1415 LoadInfo::GetWorkerAssociatedBrowsingContext(dom::BrowsingContext** aResult) {
1416 *aResult = BrowsingContext::Get(mWorkerAssociatedBrowsingContextID).take();
1417 return NS_OK;
1418 }
1419
1420 NS_IMETHODIMP
1421 LoadInfo::GetFrameBrowsingContext(dom::BrowsingContext** aResult) {
1422 *aResult = BrowsingContext::Get(mFrameBrowsingContextID).take();
1423 return NS_OK;
1424 }
1425
1426 NS_IMETHODIMP
1427 LoadInfo::GetTargetBrowsingContext(dom::BrowsingContext** aResult) {
1428 uint64_t targetBrowsingContextID = 0;
1429 MOZ_ALWAYS_SUCCEEDS(GetTargetBrowsingContextID(&targetBrowsingContextID));
1430 *aResult = BrowsingContext::Get(targetBrowsingContextID).take();
1431 return NS_OK;
1432 }
1433
1434 NS_IMETHODIMP
1435 LoadInfo::GetScriptableOriginAttributes(
1436 JSContext* aCx, JS::MutableHandle<JS::Value> aOriginAttributes) {
1437 if (NS_WARN_IF(!ToJSValue(aCx, mOriginAttributes, aOriginAttributes))) {
1438 return NS_ERROR_FAILURE;
1439 }
1440 return NS_OK;
1441 }
1442
1443 NS_IMETHODIMP
1444 LoadInfo::ResetPrincipalToInheritToNullPrincipal() {
1445 // take the originAttributes from the LoadInfo and create
1446 // a new NullPrincipal using those origin attributes.
1447 nsCOMPtr<nsIPrincipal> newNullPrincipal =
1448 NullPrincipal::Create(mOriginAttributes);
1449
1450 mPrincipalToInherit = newNullPrincipal;
1451
1452 // setting SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER will overrule
1453 // any non null owner set on the channel and will return the principal
1454 // form the loadinfo instead.
1455 mSecurityFlags |= SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER;
1456
1457 return NS_OK;
1458 }
1459
1460 NS_IMETHODIMP
1461 LoadInfo::SetScriptableOriginAttributes(
1462 JSContext* aCx, JS::Handle<JS::Value> aOriginAttributes) {
1463 OriginAttributes attrs;
1464 if (!aOriginAttributes.isObject() || !attrs.Init(aCx, aOriginAttributes)) {
1465 return NS_ERROR_INVALID_ARG;
1466 }
1467
1468 mOriginAttributes = attrs;
1469 return NS_OK;
1470 }
1471
1472 nsresult LoadInfo::GetOriginAttributes(
1473 mozilla::OriginAttributes* aOriginAttributes) {
1474 NS_ENSURE_ARG(aOriginAttributes);
1475 *aOriginAttributes = mOriginAttributes;
1476 return NS_OK;
1477 }
1478
1479 nsresult LoadInfo::SetOriginAttributes(
1480 const mozilla::OriginAttributes& aOriginAttributes) {
1481 mOriginAttributes = aOriginAttributes;
1482 return NS_OK;
1483 }
1484
1485 NS_IMETHODIMP
1486 LoadInfo::SetInitialSecurityCheckDone(bool aInitialSecurityCheckDone) {
1487 // Indicates whether the channel was ever evaluated by the
1488 // ContentSecurityManager. Once set to true, this flag must
1489 // remain true throughout the lifetime of the channel.
1490 // Setting it to anything else than true will be discarded.
1491 MOZ_ASSERT(aInitialSecurityCheckDone,
1492 "aInitialSecurityCheckDone must be true");
1493 mInitialSecurityCheckDone =
1494 mInitialSecurityCheckDone || aInitialSecurityCheckDone;
1495 return NS_OK;
1496 }
1497
1498 NS_IMETHODIMP
1499 LoadInfo::GetInitialSecurityCheckDone(bool* aResult) {
1500 *aResult = mInitialSecurityCheckDone;
1501 return NS_OK;
1502 }
1503
1504 // To prevent unintenional credential and information leaks in content
1505 // processes we can use this function to truncate a Principal's URI as much as
1506 // possible.
1507 already_AddRefed<nsIPrincipal> CreateTruncatedPrincipal(
1508 nsIPrincipal* aPrincipal) {
1509 nsCOMPtr<nsIPrincipal> truncatedPrincipal;
1510 // System Principal URIs don't need to be truncated as they don't contain any
1511 // sensitive browsing history information.
1512 if (aPrincipal->IsSystemPrincipal()) {
1513 truncatedPrincipal = aPrincipal;
1514 return truncatedPrincipal.forget();
1515 }
1516
1517 // Content Principal URIs are the main location of the information we need to
1518 // truncate.
1519 if (aPrincipal->GetIsContentPrincipal()) {
1520 // Certain URIs (chrome, resource, about, jar) don't need to be truncated
1521 // as they should be free of any sensitive user browsing history.
1522 if (aPrincipal->SchemeIs("chrome") || aPrincipal->SchemeIs("resource") ||
1523 aPrincipal->SchemeIs("about") || aPrincipal->SchemeIs("jar")) {
1524 truncatedPrincipal = aPrincipal;
1525 return truncatedPrincipal.forget();
1526 }
1527
1528 // Different parts of the URI are preserved due to being vital to the
1529 // browser's operation.
1530 // Scheme for differentiating between different types of URIs and how to
1531 // truncate them and later on utilize them.
1532 // Host and Port to retain the redirect chain's core functionality.
1533 // Path would ideally be removed but needs to be retained to ensure that
1534 // http/https redirect loops can be detected.
1535 // The entirety of the Query String, Reference Fragment, and User Info
1536 // subcomponents must be stripped to avoid leaking Oauth tokens, user
1537 // identifiers, and similar bits of information that these subcomponents may
1538 // contain.
1539 nsAutoCString scheme;
1540 nsAutoCString separator("://");
1541 nsAutoCString hostPort;
1542 nsAutoCString path;
1543 nsAutoCString uriString("");
1544 if (aPrincipal->SchemeIs("view-source")) {
1545 // The path portion of the view-source URI will be the URI whose source is
1546 // being viewed, so we create a new URI object with a truncated form of
1547 // the path and append the view-source scheme to the front again.
1548 nsAutoCString viewSourcePath;
1549 aPrincipal->GetFilePath(viewSourcePath);
1550
1551 nsCOMPtr<nsIURI> nestedURI;
1552 nsresult rv = NS_NewURI(getter_AddRefs(nestedURI), viewSourcePath);
1553
1554 if (NS_FAILED(rv)) {
1555 // Since the path here should be an already validated URI this should
1556 // never happen.
1557 NS_WARNING(viewSourcePath.get());
1558 MOZ_ASSERT(false,
1559 "Failed to create truncated form of URI with NS_NewURI.");
1560 truncatedPrincipal = aPrincipal;
1561 return truncatedPrincipal.forget();
1562 }
1563
1564 nestedURI->GetScheme(scheme);
1565 nestedURI->GetHostPort(hostPort);
1566 nestedURI->GetFilePath(path);
1567 uriString += "view-source:";
1568 } else {
1569 aPrincipal->GetScheme(scheme);
1570 aPrincipal->GetHostPort(hostPort);
1571 aPrincipal->GetFilePath(path);
1572 }
1573 uriString += scheme + separator + hostPort + path;
1574
1575 nsCOMPtr<nsIURI> truncatedURI;
1576 nsresult rv = NS_NewURI(getter_AddRefs(truncatedURI), uriString);
1577 if (NS_FAILED(rv)) {
1578 NS_WARNING(uriString.get());
1579 MOZ_ASSERT(false,
1580 "Failed to create truncated form of URI with NS_NewURI.");
1581 truncatedPrincipal = aPrincipal;
1582 return truncatedPrincipal.forget();
1583 }
1584
1585 return BasePrincipal::CreateContentPrincipal(
1586 truncatedURI, aPrincipal->OriginAttributesRef());
1587 }
1588
1589 // Null Principal Precursor URIs can also contain information that needs to
1590 // be truncated.
1591 if (aPrincipal->GetIsNullPrincipal()) {
1592 nsCOMPtr<nsIPrincipal> precursorPrincipal =
1593 aPrincipal->GetPrecursorPrincipal();
1594 // If there is no precursor then nothing needs to be truncated.
1595 if (!precursorPrincipal) {
1596 truncatedPrincipal = aPrincipal;
1597 return truncatedPrincipal.forget();
1598 }
1599
1600 // Otherwise we return a new Null Principal with the original's Origin
1601 // Attributes and a truncated version of the original's precursor URI.
1602 nsCOMPtr<nsIPrincipal> truncatedPrecursor =
1603 CreateTruncatedPrincipal(precursorPrincipal);
1604 return NullPrincipal::CreateWithInheritedAttributes(truncatedPrecursor);
1605 }
1606
1607 // Expanded Principals shouldn't contain sensitive information but their
1608 // allowlists might so we truncate that information here.
1609 if (aPrincipal->GetIsExpandedPrincipal()) {
1610 nsTArray<nsCOMPtr<nsIPrincipal>> truncatedAllowList;
1611
1612 for (const auto& allowedPrincipal : BasePrincipal::Cast(aPrincipal)
1613 ->As<ExpandedPrincipal>()
1614 ->AllowList()) {
1615 nsCOMPtr<nsIPrincipal> truncatedPrincipal =
1616 CreateTruncatedPrincipal(allowedPrincipal);
1617
1618 truncatedAllowList.AppendElement(truncatedPrincipal);
1619 }
1620
1621 return ExpandedPrincipal::Create(truncatedAllowList,
1622 aPrincipal->OriginAttributesRef());
1623 }
1624
1625 // If we hit this assertion we need to update this function to add the
1626 // Principals and URIs seen as new corner cases to handle.
1627 MOZ_ASSERT(false, "Unhandled Principal or URI type encountered.");
1628
1629 truncatedPrincipal = aPrincipal;
1630 return truncatedPrincipal.forget();
1631 }
1632
1633 NS_IMETHODIMP
1634 LoadInfo::AppendRedirectHistoryEntry(nsIChannel* aChannel,
1635 bool aIsInternalRedirect) {
1636 NS_ENSURE_ARG(aChannel);
1637 MOZ_ASSERT(NS_IsMainThread());
1638
1639 nsCOMPtr<nsIPrincipal> uriPrincipal;
1640 nsIScriptSecurityManager* sm = nsContentUtils::GetSecurityManager();
1641 sm->GetChannelURIPrincipal(aChannel, getter_AddRefs(uriPrincipal));
1642
1643 nsCOMPtr<nsIURI> referrer;
1644 nsCString remoteAddress;
1645
1646 nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(aChannel));
1647 if (httpChannel) {
1648 nsCOMPtr<nsIReferrerInfo> referrerInfo;
1649 Unused << httpChannel->GetReferrerInfo(getter_AddRefs(referrerInfo));
1650 if (referrerInfo) {
1651 referrer = referrerInfo->GetComputedReferrer();
1652 }
1653
1654 nsCOMPtr<nsIHttpChannelInternal> intChannel(do_QueryInterface(aChannel));
1655 if (intChannel) {
1656 Unused << intChannel->GetRemoteAddress(remoteAddress);
1657 }
1658 }
1659
1660 nsCOMPtr<nsIPrincipal> truncatedPrincipal =
1661 CreateTruncatedPrincipal(uriPrincipal);
1662
1663 nsCOMPtr<nsIRedirectHistoryEntry> entry =
1664 new nsRedirectHistoryEntry(truncatedPrincipal, referrer, remoteAddress);
1665
1666 mRedirectChainIncludingInternalRedirects.AppendElement(entry);
1667 if (!aIsInternalRedirect) {
1668 mRedirectChain.AppendElement(entry);
1669 }
1670 return NS_OK;
1671 }
1672
1673 NS_IMETHODIMP
1674 LoadInfo::GetRedirects(JSContext* aCx, JS::MutableHandle<JS::Value> aRedirects,
1675 const RedirectHistoryArray& aArray) {
1676 JS::Rooted<JSObject*> redirects(aCx,
1677 JS::NewArrayObject(aCx, aArray.Length()));
1678 NS_ENSURE_TRUE(redirects, NS_ERROR_OUT_OF_MEMORY);
1679
1680 JS::Rooted<JSObject*> global(aCx, JS::CurrentGlobalOrNull(aCx));
1681 NS_ENSURE_TRUE(global, NS_ERROR_UNEXPECTED);
1682
1683 nsCOMPtr<nsIXPConnect> xpc = nsIXPConnect::XPConnect();
1684
1685 for (size_t idx = 0; idx < aArray.Length(); idx++) {
1686 JS::Rooted<JSObject*> jsobj(aCx);
1687 nsresult rv =
1688 xpc->WrapNative(aCx, global, aArray[idx],
1689 NS_GET_IID(nsIRedirectHistoryEntry), jsobj.address());
1690 NS_ENSURE_SUCCESS(rv, rv);
1691 NS_ENSURE_STATE(jsobj);
1692
1693 bool rc = JS_DefineElement(aCx, redirects, idx, jsobj, JSPROP_ENUMERATE);
1694 NS_ENSURE_TRUE(rc, NS_ERROR_UNEXPECTED);
1695 }
1696
1697 aRedirects.setObject(*redirects);
1698 return NS_OK;
1699 }
1700
1701 NS_IMETHODIMP
1702 LoadInfo::GetRedirectChainIncludingInternalRedirects(
1703 JSContext* aCx, JS::MutableHandle<JS::Value> aChain) {
1704 return GetRedirects(aCx, aChain, mRedirectChainIncludingInternalRedirects);
1705 }
1706
1707 const RedirectHistoryArray&
1708 LoadInfo::RedirectChainIncludingInternalRedirects() {
1709 return mRedirectChainIncludingInternalRedirects;
1710 }
1711
1712 NS_IMETHODIMP
1713 LoadInfo::GetRedirectChain(JSContext* aCx,
1714 JS::MutableHandle<JS::Value> aChain) {
1715 return GetRedirects(aCx, aChain, mRedirectChain);
1716 }
1717
1718 const RedirectHistoryArray& LoadInfo::RedirectChain() { return mRedirectChain; }
1719
1720 const nsTArray<nsCOMPtr<nsIPrincipal>>& LoadInfo::AncestorPrincipals() {
1721 return mAncestorPrincipals;
1722 }
1723
1724 const nsTArray<uint64_t>& LoadInfo::AncestorBrowsingContextIDs() {
1725 return mAncestorBrowsingContextIDs;
1726 }
1727
1728 void LoadInfo::SetCorsPreflightInfo(const nsTArray<nsCString>& aHeaders,
1729 bool aForcePreflight) {
1730 MOZ_ASSERT(GetSecurityMode() ==
1731 nsILoadInfo::SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT);
1732 MOZ_ASSERT(!mInitialSecurityCheckDone);
1733 mCorsUnsafeHeaders = aHeaders.Clone();
1734 mForcePreflight = aForcePreflight;
1735 }
1736
1737 const nsTArray<nsCString>& LoadInfo::CorsUnsafeHeaders() {
1738 return mCorsUnsafeHeaders;
1739 }
1740
1741 NS_IMETHODIMP
1742 LoadInfo::GetForcePreflight(bool* aForcePreflight) {
1743 *aForcePreflight = mForcePreflight;
1744 return NS_OK;
1745 }
1746
1747 void LoadInfo::SetIsPreflight() {
1748 MOZ_ASSERT(GetSecurityMode() ==
1749 nsILoadInfo::SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT);
1750 MOZ_ASSERT(!mInitialSecurityCheckDone);
1751 mIsPreflight = true;
1752 }
1753
1754 void LoadInfo::SetUpgradeInsecureRequests(bool aValue) {
1755 mUpgradeInsecureRequests = aValue;
1756 }
1757
1758 void LoadInfo::SetBrowserUpgradeInsecureRequests() {
1759 mBrowserUpgradeInsecureRequests = true;
1760 }
1761
1762 NS_IMETHODIMP
1763 LoadInfo::SetBrowserDidUpgradeInsecureRequests(
1764 bool aBrowserDidUpgradeInsecureRequests) {
1765 mBrowserDidUpgradeInsecureRequests = aBrowserDidUpgradeInsecureRequests;
1766 return NS_OK;
1767 }
1768
1769 void LoadInfo::SetBrowserWouldUpgradeInsecureRequests() {
1770 mBrowserWouldUpgradeInsecureRequests = true;
1771 }
1772
1773 NS_IMETHODIMP
1774 LoadInfo::GetIsPreflight(bool* aIsPreflight) {
1775 *aIsPreflight = mIsPreflight;
1776 return NS_OK;
1777 }
1778
1779 NS_IMETHODIMP
1780 LoadInfo::SetLoadTriggeredFromExternal(bool aLoadTriggeredFromExternal) {
1781 MOZ_ASSERT(!aLoadTriggeredFromExternal ||
1782 mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
1783 "can only set load triggered from external for TYPE_DOCUMENT");
1784 mLoadTriggeredFromExternal = aLoadTriggeredFromExternal;
1785 return NS_OK;
1786 }
1787
1788 NS_IMETHODIMP
1789 LoadInfo::GetLoadTriggeredFromExternal(bool* aLoadTriggeredFromExternal) {
1790 *aLoadTriggeredFromExternal = mLoadTriggeredFromExternal;
1791 return NS_OK;
1792 }
1793
1794 NS_IMETHODIMP
1795 LoadInfo::GetServiceWorkerTaintingSynthesized(
1796 bool* aServiceWorkerTaintingSynthesized) {
1797 MOZ_ASSERT(aServiceWorkerTaintingSynthesized);
1798 *aServiceWorkerTaintingSynthesized = mServiceWorkerTaintingSynthesized;
1799 return NS_OK;
1800 }
1801
1802 NS_IMETHODIMP
1803 LoadInfo::GetTainting(uint32_t* aTaintingOut) {
1804 MOZ_ASSERT(aTaintingOut);
1805 *aTaintingOut = static_cast<uint32_t>(mTainting);
1806 return NS_OK;
1807 }
1808
1809 NS_IMETHODIMP
1810 LoadInfo::MaybeIncreaseTainting(uint32_t aTainting) {
1811 NS_ENSURE_ARG(aTainting <= TAINTING_OPAQUE);
1812
1813 // Skip if the tainting has been set by the service worker.
1814 if (mServiceWorkerTaintingSynthesized) {
1815 return NS_OK;
1816 }
1817
1818 LoadTainting tainting = static_cast<LoadTainting>(aTainting);
1819 if (tainting > mTainting) {
1820 mTainting = tainting;
1821 }
1822 return NS_OK;
1823 }
1824
1825 void LoadInfo::SynthesizeServiceWorkerTainting(LoadTainting aTainting) {
1826 MOZ_DIAGNOSTIC_ASSERT(aTainting <= LoadTainting::Opaque);
1827 mTainting = aTainting;
1828
1829 // Flag to prevent the tainting from being increased.
1830 mServiceWorkerTaintingSynthesized = true;
1831 }
1832
1833 NS_IMETHODIMP
1834 LoadInfo::GetDocumentHasUserInteracted(bool* aDocumentHasUserInteracted) {
1835 MOZ_ASSERT(aDocumentHasUserInteracted);
1836 *aDocumentHasUserInteracted = mDocumentHasUserInteracted;
1837 return NS_OK;
1838 }
1839
1840 NS_IMETHODIMP
1841 LoadInfo::SetDocumentHasUserInteracted(bool aDocumentHasUserInteracted) {
1842 mDocumentHasUserInteracted = aDocumentHasUserInteracted;
1843 return NS_OK;
1844 }
1845
1846 NS_IMETHODIMP
1847 LoadInfo::GetAllowListFutureDocumentsCreatedFromThisRedirectChain(
1848 bool* aValue) {
1849 MOZ_ASSERT(aValue);
1850 *aValue = mAllowListFutureDocumentsCreatedFromThisRedirectChain;
1851 return NS_OK;
1852 }
1853
1854 NS_IMETHODIMP
1855 LoadInfo::SetAllowListFutureDocumentsCreatedFromThisRedirectChain(bool aValue) {
1856 mAllowListFutureDocumentsCreatedFromThisRedirectChain = aValue;
1857 return NS_OK;
1858 }
1859
1860 NS_IMETHODIMP
1861 LoadInfo::GetNeedForCheckingAntiTrackingHeuristic(bool* aValue) {
1862 MOZ_ASSERT(aValue);
1863 *aValue = mNeedForCheckingAntiTrackingHeuristic;
1864 return NS_OK;
1865 }
1866
1867 NS_IMETHODIMP
1868 LoadInfo::SetNeedForCheckingAntiTrackingHeuristic(bool aValue) {
1869 mNeedForCheckingAntiTrackingHeuristic = aValue;
1870 return NS_OK;
1871 }
1872
1873 NS_IMETHODIMP
1874 LoadInfo::GetCspNonce(nsAString& aCspNonce) {
1875 aCspNonce = mCspNonce;
1876 return NS_OK;
1877 }
1878
1879 NS_IMETHODIMP
1880 LoadInfo::SetCspNonce(const nsAString& aCspNonce) {
1881 MOZ_ASSERT(!mInitialSecurityCheckDone,
1882 "setting the nonce is only allowed before any sec checks");
1883 mCspNonce = aCspNonce;
1884 return NS_OK;
1885 }
1886
1887 NS_IMETHODIMP
1888 LoadInfo::GetIntegrityMetadata(nsAString& aIntegrityMetadata) {
1889 aIntegrityMetadata = mIntegrityMetadata;
1890 return NS_OK;
1891 }
1892
1893 NS_IMETHODIMP
1894 LoadInfo::SetIntegrityMetadata(const nsAString& aIntegrityMetadata) {
1895 MOZ_ASSERT(!mInitialSecurityCheckDone,
1896 "setting the nonce is only allowed before any sec checks");
1897 mIntegrityMetadata = aIntegrityMetadata;
1898 return NS_OK;
1899 }
1900
1901 NS_IMETHODIMP
1902 LoadInfo::GetSkipContentSniffing(bool* aSkipContentSniffing) {
1903 *aSkipContentSniffing = mSkipContentSniffing;
1904 return NS_OK;
1905 }
1906
1907 NS_IMETHODIMP
1908 LoadInfo::SetSkipContentSniffing(bool aSkipContentSniffing) {
1909 mSkipContentSniffing = aSkipContentSniffing;
1910 return NS_OK;
1911 }
1912
1913 NS_IMETHODIMP
1914 LoadInfo::GetHttpsOnlyStatus(uint32_t* aHttpsOnlyStatus) {
1915 *aHttpsOnlyStatus = mHttpsOnlyStatus;
1916 return NS_OK;
1917 }
1918
1919 NS_IMETHODIMP
1920 LoadInfo::SetHttpsOnlyStatus(uint32_t aHttpsOnlyStatus) {
1921 mHttpsOnlyStatus = aHttpsOnlyStatus;
1922 return NS_OK;
1923 }
1924
1925 NS_IMETHODIMP
1926 LoadInfo::GetHstsStatus(bool* aHstsStatus) {
1927 *aHstsStatus = mHstsStatus;
1928 return NS_OK;
1929 }
1930
1931 NS_IMETHODIMP
1932 LoadInfo::SetHstsStatus(bool aHstsStatus) {
1933 mHstsStatus = aHstsStatus;
1934 return NS_OK;
1935 }
1936
1937 NS_IMETHODIMP
1938 LoadInfo::GetHasValidUserGestureActivation(
1939 bool* aHasValidUserGestureActivation) {
1940 *aHasValidUserGestureActivation = mHasValidUserGestureActivation;
1941 return NS_OK;
1942 }
1943
1944 NS_IMETHODIMP
1945 LoadInfo::SetHasValidUserGestureActivation(
1946 bool aHasValidUserGestureActivation) {
1947 mHasValidUserGestureActivation = aHasValidUserGestureActivation;
1948 return NS_OK;
1949 }
1950
1951 NS_IMETHODIMP
1952 LoadInfo::GetAllowDeprecatedSystemRequests(
1953 bool* aAllowDeprecatedSystemRequests) {
1954 *aAllowDeprecatedSystemRequests = mAllowDeprecatedSystemRequests;
1955 return NS_OK;
1956 }
1957
1958 NS_IMETHODIMP
1959 LoadInfo::SetAllowDeprecatedSystemRequests(
1960 bool aAllowDeprecatedSystemRequests) {
1961 mAllowDeprecatedSystemRequests = aAllowDeprecatedSystemRequests;
1962 return NS_OK;
1963 }
1964
1965 NS_IMETHODIMP
1966 LoadInfo::GetIsUserTriggeredSave(bool* aIsUserTriggeredSave) {
1967 *aIsUserTriggeredSave =
1968 mIsUserTriggeredSave ||
1969 mInternalContentPolicyType == nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD;
1970 return NS_OK;
1971 }
1972
1973 NS_IMETHODIMP
1974 LoadInfo::SetIsUserTriggeredSave(bool aIsUserTriggeredSave) {
1975 mIsUserTriggeredSave = aIsUserTriggeredSave;
1976 return NS_OK;
1977 }
1978
1979 NS_IMETHODIMP
1980 LoadInfo::GetIsInDevToolsContext(bool* aIsInDevToolsContext) {
1981 *aIsInDevToolsContext = mIsInDevToolsContext;
1982 return NS_OK;
1983 }
1984
1985 NS_IMETHODIMP
1986 LoadInfo::SetIsInDevToolsContext(bool aIsInDevToolsContext) {
1987 mIsInDevToolsContext = aIsInDevToolsContext;
1988 return NS_OK;
1989 }
1990
1991 NS_IMETHODIMP
1992 LoadInfo::GetParserCreatedScript(bool* aParserCreatedScript) {
1993 *aParserCreatedScript = mParserCreatedScript;
1994 return NS_OK;
1995 }
1996
1997 NS_IMETHODIMP
1998 LoadInfo::SetParserCreatedScript(bool aParserCreatedScript) {
1999 mParserCreatedScript = aParserCreatedScript;
2000 return NS_OK;
2001 }
2002
2003 NS_IMETHODIMP
2004 LoadInfo::GetIsTopLevelLoad(bool* aResult) {
2005 RefPtr<dom::BrowsingContext> bc;
2006 GetTargetBrowsingContext(getter_AddRefs(bc));
2007 *aResult = !bc || bc->IsTop();
2008 return NS_OK;
2009 }
2010
2011 void LoadInfo::SetIsFromProcessingFrameAttributes() {
2012 mIsFromProcessingFrameAttributes = true;
2013 }
2014
2015 NS_IMETHODIMP
2016 LoadInfo::GetIsFromProcessingFrameAttributes(
2017 bool* aIsFromProcessingFrameAttributes) {
2018 MOZ_ASSERT(aIsFromProcessingFrameAttributes);
2019 *aIsFromProcessingFrameAttributes = mIsFromProcessingFrameAttributes;
2020 return NS_OK;
2021 }
2022
2023 NS_IMETHODIMP
2024 LoadInfo::SetIsMediaRequest(bool aIsMediaRequest) {
2025 mIsMediaRequest = aIsMediaRequest;
2026 return NS_OK;
2027 }
2028
2029 NS_IMETHODIMP
2030 LoadInfo::GetIsMediaRequest(bool* aIsMediaRequest) {
2031 MOZ_ASSERT(aIsMediaRequest);
2032 *aIsMediaRequest = mIsMediaRequest;
2033 return NS_OK;
2034 }
2035
2036 NS_IMETHODIMP
2037 LoadInfo::SetIsMediaInitialRequest(bool aIsMediaInitialRequest) {
2038 mIsMediaInitialRequest = aIsMediaInitialRequest;
2039 return NS_OK;
2040 }
2041
2042 NS_IMETHODIMP
2043 LoadInfo::GetIsMediaInitialRequest(bool* aIsMediaInitialRequest) {
2044 MOZ_ASSERT(aIsMediaInitialRequest);
2045 *aIsMediaInitialRequest = mIsMediaInitialRequest;
2046 return NS_OK;
2047 }
2048
2049 NS_IMETHODIMP
2050 LoadInfo::SetIsFromObjectOrEmbed(bool aIsFromObjectOrEmbed) {
2051 mIsFromObjectOrEmbed = aIsFromObjectOrEmbed;
2052 return NS_OK;
2053 }
2054
2055 NS_IMETHODIMP
2056 LoadInfo::GetIsFromObjectOrEmbed(bool* aIsFromObjectOrEmbed) {
2057 MOZ_ASSERT(aIsFromObjectOrEmbed);
2058 *aIsFromObjectOrEmbed = mIsFromObjectOrEmbed;
2059 return NS_OK;
2060 }
2061
2062 NS_IMETHODIMP
2063 LoadInfo::GetShouldSkipCheckForBrokenURLOrZeroSized(
2064 bool* aShouldSkipCheckForBrokenURLOrZeroSized) {
2065 MOZ_ASSERT(aShouldSkipCheckForBrokenURLOrZeroSized);
2066 *aShouldSkipCheckForBrokenURLOrZeroSized = mSkipCheckForBrokenURLOrZeroSized;
2067 return NS_OK;
2068 }
2069
2070 NS_IMETHODIMP
2071 LoadInfo::GetResultPrincipalURI(nsIURI** aURI) {
2072 *aURI = do_AddRef(mResultPrincipalURI).take();
2073 return NS_OK;
2074 }
2075
2076 NS_IMETHODIMP
2077 LoadInfo::SetResultPrincipalURI(nsIURI* aURI) {
2078 mResultPrincipalURI = aURI;
2079 return NS_OK;
2080 }
2081
2082 NS_IMETHODIMP
2083 LoadInfo::GetChannelCreationOriginalURI(nsIURI** aURI) {
2084 *aURI = do_AddRef(mChannelCreationOriginalURI).take();
2085 return NS_OK;
2086 }
2087
2088 NS_IMETHODIMP
2089 LoadInfo::SetChannelCreationOriginalURI(nsIURI* aURI) {
2090 mChannelCreationOriginalURI = aURI;
2091 return NS_OK;
2092 }
2093
2094 NS_IMETHODIMP
2095 LoadInfo::SetRequestBlockingReason(uint32_t aReason) {
2096 mRequestBlockingReason = aReason;
2097 return NS_OK;
2098 }
2099 NS_IMETHODIMP
2100 LoadInfo::GetRequestBlockingReason(uint32_t* aReason) {
2101 *aReason = mRequestBlockingReason;
2102 return NS_OK;
2103 }
2104
2105 NS_IMETHODIMP
2106 LoadInfo::GetUnstrippedURI(nsIURI** aURI) {
2107 *aURI = do_AddRef(mUnstrippedURI).take();
2108 return NS_OK;
2109 }
2110
2111 NS_IMETHODIMP
2112 LoadInfo::SetUnstrippedURI(nsIURI* aURI) {
2113 mUnstrippedURI = aURI;
2114 return NS_OK;
2115 }
2116
2117 void LoadInfo::SetClientInfo(const ClientInfo& aClientInfo) {
2118 mClientInfo.emplace(aClientInfo);
2119 }
2120
2121 const Maybe<ClientInfo>& LoadInfo::GetClientInfo() { return mClientInfo; }
2122
2123 void LoadInfo::GiveReservedClientSource(
2124 UniquePtr<ClientSource>&& aClientSource) {
2125 MOZ_DIAGNOSTIC_ASSERT(aClientSource);
2126 mReservedClientSource = std::move(aClientSource);
2127 SetReservedClientInfo(mReservedClientSource->Info());
2128 }
2129
2130 UniquePtr<ClientSource> LoadInfo::TakeReservedClientSource() {
2131 if (mReservedClientSource) {
2132 // If the reserved ClientInfo was set due to a ClientSource being present,
2133 // then clear that info object when the ClientSource is taken.
2134 mReservedClientInfo.reset();
2135 }
2136 return std::move(mReservedClientSource);
2137 }
2138
2139 void LoadInfo::SetReservedClientInfo(const ClientInfo& aClientInfo) {
2140 MOZ_DIAGNOSTIC_ASSERT(mInitialClientInfo.isNothing());
2141 // Treat assignments of the same value as a no-op. The emplace below
2142 // will normally assert when overwriting an existing value.
2143 if (mReservedClientInfo.isSome()) {
2144 if (mReservedClientInfo.ref() == aClientInfo) {
2145 return;
2146 }
2147 MOZ_DIAGNOSTIC_ASSERT(false, "mReservedClientInfo already set");
2148 mReservedClientInfo.reset();
2149 }
2150 mReservedClientInfo.emplace(aClientInfo);
2151 }
2152
2153 void LoadInfo::OverrideReservedClientInfoInParent(
2154 const ClientInfo& aClientInfo) {
2155 // This should only be called to handle redirects in the parent process.
2156 MOZ_ASSERT(XRE_GetProcessType() == GeckoProcessType_Default);
2157
2158 mInitialClientInfo.reset();
2159 mReservedClientInfo.reset();
2160 mReservedClientInfo.emplace(aClientInfo);
2161 }
2162
2163 const Maybe<ClientInfo>& LoadInfo::GetReservedClientInfo() {
2164 return mReservedClientInfo;
2165 }
2166
2167 void LoadInfo::SetInitialClientInfo(const ClientInfo& aClientInfo) {
2168 MOZ_DIAGNOSTIC_ASSERT(!mReservedClientSource);
2169 MOZ_DIAGNOSTIC_ASSERT(mReservedClientInfo.isNothing());
2170 // Treat assignments of the same value as a no-op. The emplace below
2171 // will normally assert when overwriting an existing value.
2172 if (mInitialClientInfo.isSome() && mInitialClientInfo.ref() == aClientInfo) {
2173 return;
2174 }
2175 mInitialClientInfo.emplace(aClientInfo);
2176 }
2177
2178 const Maybe<ClientInfo>& LoadInfo::GetInitialClientInfo() {
2179 return mInitialClientInfo;
2180 }
2181
2182 void LoadInfo::SetController(const ServiceWorkerDescriptor& aServiceWorker) {
2183 mController.emplace(aServiceWorker);
2184 }
2185
2186 void LoadInfo::ClearController() { mController.reset(); }
2187
2188 const Maybe<ServiceWorkerDescriptor>& LoadInfo::GetController() {
2189 return mController;
2190 }
2191
2192 void LoadInfo::SetPerformanceStorage(PerformanceStorage* aPerformanceStorage) {
2193 mPerformanceStorage = aPerformanceStorage;
2194 }
2195
2196 PerformanceStorage* LoadInfo::GetPerformanceStorage() {
2197 if (mPerformanceStorage) {
2198 return mPerformanceStorage;
2199 }
2200
2201 auto* innerWindow = nsGlobalWindowInner::GetInnerWindowWithId(mInnerWindowID);
2202 if (!innerWindow) {
2203 return nullptr;
2204 }
2205
2206 if (!TriggeringPrincipal()->Equals(innerWindow->GetPrincipal())) {
2207 return nullptr;
2208 }
2209
2210 if (nsILoadInfo::GetExternalContentPolicyType() ==
2211 ExtContentPolicy::TYPE_SUBDOCUMENT &&
2212 !GetIsFromProcessingFrameAttributes()) {
2213 // We only report loads caused by processing the attributes of the
2214 // browsing context container.
2215 return nullptr;
2216 }
2217
2218 mozilla::dom::Performance* performance = innerWindow->GetPerformance();
2219 if (!performance) {
2220 return nullptr;
2221 }
2222
2223 return performance->AsPerformanceStorage();
2224 }
2225
2226 NS_IMETHODIMP
2227 LoadInfo::GetCspEventListener(nsICSPEventListener** aCSPEventListener) {
2228 *aCSPEventListener = do_AddRef(mCSPEventListener).take();
2229 return NS_OK;
2230 }
2231
2232 NS_IMETHODIMP
2233 LoadInfo::SetCspEventListener(nsICSPEventListener* aCSPEventListener) {
2234 mCSPEventListener = aCSPEventListener;
2235 return NS_OK;
2236 }
2237
2238 NS_IMETHODIMP
2239 LoadInfo::GetInternalContentPolicyType(nsContentPolicyType* aResult) {
2240 *aResult = mInternalContentPolicyType;
2241 return NS_OK;
2242 }
2243
2244 NS_IMETHODIMP
2245 LoadInfo::GetLoadingEmbedderPolicy(
2246 nsILoadInfo::CrossOriginEmbedderPolicy* aOutPolicy) {
2247 *aOutPolicy = mLoadingEmbedderPolicy;
2248 return NS_OK;
2249 }
2250
2251 NS_IMETHODIMP
2252 LoadInfo::SetLoadingEmbedderPolicy(
2253 nsILoadInfo::CrossOriginEmbedderPolicy aPolicy) {
2254 mLoadingEmbedderPolicy = aPolicy;
2255 return NS_OK;
2256 }
2257
2258 NS_IMETHODIMP
2259 LoadInfo::GetIsOriginTrialCoepCredentiallessEnabledForTopLevel(
2260 bool* aIsOriginTrialCoepCredentiallessEnabledForTopLevel) {
2261 *aIsOriginTrialCoepCredentiallessEnabledForTopLevel =
2262 mIsOriginTrialCoepCredentiallessEnabledForTopLevel;
2263 return NS_OK;
2264 }
2265
2266 NS_IMETHODIMP
2267 LoadInfo::SetIsOriginTrialCoepCredentiallessEnabledForTopLevel(
2268 bool aIsOriginTrialCoepCredentiallessEnabledForTopLevel) {
2269 mIsOriginTrialCoepCredentiallessEnabledForTopLevel =
2270 aIsOriginTrialCoepCredentiallessEnabledForTopLevel;
2271 return NS_OK;
2272 }
2273
2274 already_AddRefed<nsIContentSecurityPolicy> LoadInfo::GetCsp() {
2275 // Before querying the CSP from the client we have to check if the
2276 // triggeringPrincipal originates from an addon and potentially
2277 // overrides the CSP stored within the client.
2278 if (mLoadingPrincipal && BasePrincipal::Cast(mTriggeringPrincipal)
2279 ->OverridesCSP(mLoadingPrincipal)) {
2280 nsCOMPtr<nsIExpandedPrincipal> ep = do_QueryInterface(mTriggeringPrincipal);
2281 nsCOMPtr<nsIContentSecurityPolicy> addonCSP;
2282 if (ep) {
2283 addonCSP = ep->GetCsp();
2284 }
2285 return addonCSP.forget();
2286 }
2287
2288 if (mClientInfo.isNothing()) {
2289 return nullptr;
2290 }
2291
2292 nsCOMPtr<nsINode> node = do_QueryReferent(mLoadingContext);
2293 RefPtr<Document> doc = node ? node->OwnerDoc() : nullptr;
2294
2295 // If the client is of type window, then we return the cached CSP
2296 // stored on the document instead of having to deserialize the CSP
2297 // from the ClientInfo.
2298 if (doc && mClientInfo->Type() == ClientType::Window) {
2299 nsCOMPtr<nsIContentSecurityPolicy> docCSP = doc->GetCsp();
2300 return docCSP.forget();
2301 }
2302
2303 Maybe<mozilla::ipc::CSPInfo> cspInfo = mClientInfo->GetCspInfo();
2304 if (cspInfo.isNothing()) {
2305 return nullptr;
2306 }
2307 nsCOMPtr<nsIContentSecurityPolicy> clientCSP =
2308 CSPInfoToCSP(cspInfo.ref(), doc);
2309 return clientCSP.forget();
2310 }
2311
2312 already_AddRefed<nsIContentSecurityPolicy> LoadInfo::GetPreloadCsp() {
2313 if (mClientInfo.isNothing()) {
2314 return nullptr;
2315 }
2316
2317 nsCOMPtr<nsINode> node = do_QueryReferent(mLoadingContext);
2318 RefPtr<Document> doc = node ? node->OwnerDoc() : nullptr;
2319
2320 // If the client is of type window, then we return the cached CSP
2321 // stored on the document instead of having to deserialize the CSP
2322 // from the ClientInfo.
2323 if (doc && mClientInfo->Type() == ClientType::Window) {
2324 nsCOMPtr<nsIContentSecurityPolicy> preloadCsp = doc->GetPreloadCsp();
2325 return preloadCsp.forget();
2326 }
2327
2328 Maybe<mozilla::ipc::CSPInfo> cspInfo = mClientInfo->GetPreloadCspInfo();
2329 if (cspInfo.isNothing()) {
2330 return nullptr;
2331 }
2332 nsCOMPtr<nsIContentSecurityPolicy> preloadCSP =
2333 CSPInfoToCSP(cspInfo.ref(), doc);
2334 return preloadCSP.forget();
2335 }
2336
2337 already_AddRefed<nsIContentSecurityPolicy> LoadInfo::GetCspToInherit() {
2338 nsCOMPtr<nsIContentSecurityPolicy> cspToInherit = mCspToInherit;
2339 return cspToInherit.forget();
2340 }
2341
2342 nsIInterceptionInfo* LoadInfo::InterceptionInfo() { return mInterceptionInfo; }
2343
2344 void LoadInfo::SetInterceptionInfo(nsIInterceptionInfo* aInfo) {
2345 mInterceptionInfo = aInfo;
2346 }
2347
2348 NS_IMETHODIMP
2349 LoadInfo::GetHasInjectedCookieForCookieBannerHandling(
2350 bool* aHasInjectedCookieForCookieBannerHandling) {
2351 *aHasInjectedCookieForCookieBannerHandling =
2352 mHasInjectedCookieForCookieBannerHandling;
2353 return NS_OK;
2354 }
2355
2356 NS_IMETHODIMP
2357 LoadInfo::SetHasInjectedCookieForCookieBannerHandling(
2358 bool aHasInjectedCookieForCookieBannerHandling) {
2359 mHasInjectedCookieForCookieBannerHandling =
2360 aHasInjectedCookieForCookieBannerHandling;
2361 return NS_OK;
2362 }
2363
2364 NS_IMETHODIMP
2365 LoadInfo::GetWasSchemelessInput(bool* aWasSchemelessInput) {
2366 *aWasSchemelessInput = mWasSchemelessInput;
2367 return NS_OK;
2368 }
2369
2370 NS_IMETHODIMP
2371 LoadInfo::SetWasSchemelessInput(bool aWasSchemelessInput) {
2372 mWasSchemelessInput = aWasSchemelessInput;
2373 return NS_OK;
2374 }
2375
2376 } // namespace mozilla::net