search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 1839454 - Don't try and call gcparam in the browser when running JS reftests...
[gecko.git] / netwerk / base / LoadInfo.cpp
blobfc599edd631b9c769625d75b466aff1c2573b133
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7 #include "mozilla/LoadInfo.h"
8
9 #include "js/Array.h" // JS::NewArrayObject
10 #include "js/PropertyAndElement.h" // JS_DefineElement
11 #include "mozilla/Assertions.h"
12 #include "mozilla/ExpandedPrincipal.h"
13 #include "mozilla/dom/CanonicalBrowsingContext.h"
14 #include "mozilla/dom/ClientIPCTypes.h"
15 #include "mozilla/dom/ClientSource.h"
16 #include "mozilla/dom/ContentChild.h"
17 #include "mozilla/dom/Performance.h"
18 #include "mozilla/dom/PerformanceStorage.h"
19 #include "mozilla/dom/BrowserChild.h"
20 #include "mozilla/dom/ToJSValue.h"
21 #include "mozilla/dom/BrowsingContext.h"
22 #include "mozilla/dom/WindowGlobalParent.h"
23 #include "mozilla/net/CookieJarSettings.h"
24 #include "mozilla/NullPrincipal.h"
25 #include "mozilla/StaticPrefs_network.h"
26 #include "mozilla/StaticPrefs_security.h"
27 #include "mozIThirdPartyUtil.h"
28 #include "ThirdPartyUtil.h"
29 #include "nsFrameLoader.h"
30 #include "nsFrameLoaderOwner.h"
31 #include "nsIContentSecurityPolicy.h"
32 #include "nsIDocShell.h"
33 #include "mozilla/dom/Document.h"
34 #include "nsIHttpChannel.h"
35 #include "nsIHttpChannelInternal.h"
36 #include "nsIInterfaceRequestorUtils.h"
37 #include "nsIScriptElement.h"
38 #include "nsISupportsImpl.h"
39 #include "nsISupportsUtils.h"
40 #include "nsIXPConnect.h"
41 #include "nsDocShell.h"
42 #include "nsGlobalWindow.h"
43 #include "nsMixedContentBlocker.h"
44 #include "nsQueryObject.h"
45 #include "nsRedirectHistoryEntry.h"
46 #include "nsSandboxFlags.h"
47 #include "nsICookieService.h"
48
49 using namespace mozilla::dom;
50
51 namespace mozilla::net {
52
53 static nsCString CurrentRemoteType() {
54 MOZ_ASSERT(XRE_IsParentProcess() || XRE_IsContentProcess());
55 if (ContentChild* cc = ContentChild::GetSingleton()) {
56 return nsCString(cc->GetRemoteType());
57 }
58 return NOT_REMOTE_TYPE;
59 }
60
61 static nsContentPolicyType InternalContentPolicyTypeForFrame(
62 CanonicalBrowsingContext* aBrowsingContext) {
63 const auto& maybeEmbedderElementType =
64 aBrowsingContext->GetEmbedderElementType();
65 MOZ_ASSERT(maybeEmbedderElementType.isSome());
66 auto embedderElementType = maybeEmbedderElementType.value();
67
68 // Assign same type as in nsDocShell::DetermineContentType.
69 // N.B. internal content policy type will never be TYPE_DOCUMENT
70 return embedderElementType.EqualsLiteral("iframe")
71 ? nsIContentPolicy::TYPE_INTERNAL_IFRAME
72 : nsIContentPolicy::TYPE_INTERNAL_FRAME;
73 }
74
75 /* static */ already_AddRefed<LoadInfo> LoadInfo::CreateForDocument(
76 dom::CanonicalBrowsingContext* aBrowsingContext, nsIURI* aURI,
77 nsIPrincipal* aTriggeringPrincipal, const nsACString& aTriggeringRemoteType,
78 const OriginAttributes& aOriginAttributes, nsSecurityFlags aSecurityFlags,
79 uint32_t aSandboxFlags) {
80 return MakeAndAddRef<LoadInfo>(aBrowsingContext, aURI, aTriggeringPrincipal,
81 aTriggeringRemoteType, aOriginAttributes,
82 aSecurityFlags, aSandboxFlags);
83 }
84
85 /* static */ already_AddRefed<LoadInfo> LoadInfo::CreateForFrame(
86 dom::CanonicalBrowsingContext* aBrowsingContext,
87 nsIPrincipal* aTriggeringPrincipal, const nsACString& aTriggeringRemoteType,
88 nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags) {
89 return MakeAndAddRef<LoadInfo>(aBrowsingContext, aTriggeringPrincipal,
90 aTriggeringRemoteType, aSecurityFlags,
91 aSandboxFlags);
92 }
93
94 /* static */ already_AddRefed<LoadInfo> LoadInfo::CreateForNonDocument(
95 dom::WindowGlobalParent* aParentWGP, nsIPrincipal* aTriggeringPrincipal,
96 nsContentPolicyType aContentPolicyType, nsSecurityFlags aSecurityFlags,
97 uint32_t aSandboxFlags) {
98 return MakeAndAddRef<LoadInfo>(
99 aParentWGP, aTriggeringPrincipal, aParentWGP->GetRemoteType(),
100 aContentPolicyType, aSecurityFlags, aSandboxFlags);
101 }
102
103 LoadInfo::LoadInfo(
104 nsIPrincipal* aLoadingPrincipal, nsIPrincipal* aTriggeringPrincipal,
105 nsINode* aLoadingContext, nsSecurityFlags aSecurityFlags,
106 nsContentPolicyType aContentPolicyType,
107 const Maybe<mozilla::dom::ClientInfo>& aLoadingClientInfo,
108 const Maybe<mozilla::dom::ServiceWorkerDescriptor>& aController,
109 uint32_t aSandboxFlags, bool aSkipCheckForBrokenURLOrZeroSized)
110 : mLoadingPrincipal(aLoadingContext ? aLoadingContext->NodePrincipal()
111 : aLoadingPrincipal),
112 mTriggeringPrincipal(aTriggeringPrincipal ? aTriggeringPrincipal
113 : mLoadingPrincipal.get()),
114 mTriggeringRemoteType(CurrentRemoteType()),
115 mSandboxedNullPrincipalID(nsID::GenerateUUID()),
116 mClientInfo(aLoadingClientInfo),
117 mController(aController),
118 mLoadingContext(do_GetWeakReference(aLoadingContext)),
119 mSecurityFlags(aSecurityFlags),
120 mSandboxFlags(aSandboxFlags),
121 mInternalContentPolicyType(aContentPolicyType),
122 mSkipCheckForBrokenURLOrZeroSized(aSkipCheckForBrokenURLOrZeroSized) {
123 MOZ_ASSERT(mLoadingPrincipal);
124 MOZ_ASSERT(mTriggeringPrincipal);
125
126 #ifdef DEBUG
127 // TYPE_DOCUMENT loads initiated by javascript tests will go through
128 // nsIOService and use the wrong constructor. Don't enforce the
129 // !TYPE_DOCUMENT check in those cases
130 bool skipContentTypeCheck = false;
131 skipContentTypeCheck =
132 Preferences::GetBool("network.loadinfo.skip_type_assertion");
133 #endif
134
135 // This constructor shouldn't be used for TYPE_DOCUMENT loads that don't
136 // have a loadingPrincipal
137 MOZ_ASSERT(skipContentTypeCheck || mLoadingPrincipal ||
138 mInternalContentPolicyType != nsIContentPolicy::TYPE_DOCUMENT);
139
140 // We should only get an explicit controller for subresource requests.
141 MOZ_DIAGNOSTIC_ASSERT(aController.isNothing() ||
142 !nsContentUtils::IsNonSubresourceInternalPolicyType(
143 mInternalContentPolicyType));
144
145 // TODO(bug 1259873): Above, we initialize mIsThirdPartyContext to false
146 // meaning that consumers of LoadInfo that don't pass a context or pass a
147 // context from which we can't find a window will default to assuming that
148 // they're 1st party. It would be nice if we could default "safe" and assume
149 // that we are 3rd party until proven otherwise.
150
151 // if consumers pass both, aLoadingContext and aLoadingPrincipal
152 // then the loadingPrincipal must be the same as the node's principal
153 MOZ_ASSERT(!aLoadingContext || !aLoadingPrincipal ||
154 aLoadingContext->NodePrincipal() == aLoadingPrincipal);
155
156 // if the load is sandboxed, we can not also inherit the principal
157 if (mSandboxFlags & SANDBOXED_ORIGIN) {
158 mForceInheritPrincipalDropped =
159 (mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
160 mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
161 }
162
163 ExtContentPolicyType externalType =
164 nsContentUtils::InternalContentPolicyTypeToExternal(aContentPolicyType);
165
166 if (aLoadingContext) {
167 // Ensure that all network requests for a window client have the ClientInfo
168 // properly set. Workers must currently pass the loading ClientInfo
169 // explicitly. We allow main thread requests to explicitly pass the value as
170 // well.
171 if (mClientInfo.isNothing()) {
172 mClientInfo = aLoadingContext->OwnerDoc()->GetClientInfo();
173 }
174
175 // For subresource loads set the service worker based on the calling
176 // context's controller. Workers must currently pass the controller in
177 // explicitly. We allow main thread requests to explicitly pass the value
178 // as well, but otherwise extract from the loading context here.
179 if (mController.isNothing() &&
180 !nsContentUtils::IsNonSubresourceInternalPolicyType(
181 mInternalContentPolicyType)) {
182 mController = aLoadingContext->OwnerDoc()->GetController();
183 }
184
185 nsCOMPtr<nsPIDOMWindowOuter> contextOuter =
186 aLoadingContext->OwnerDoc()->GetWindow();
187 if (contextOuter) {
188 ComputeIsThirdPartyContext(contextOuter);
189 RefPtr<dom::BrowsingContext> bc = contextOuter->GetBrowsingContext();
190 MOZ_ASSERT(bc);
191 mBrowsingContextID = bc->Id();
192
193 nsGlobalWindowInner* innerWindow =
194 nsGlobalWindowInner::Cast(contextOuter->GetCurrentInnerWindow());
195 if (innerWindow) {
196 mTopLevelPrincipal = innerWindow->GetTopLevelAntiTrackingPrincipal();
197
198 if (!mTopLevelPrincipal &&
199 externalType == ExtContentPolicy::TYPE_SUBDOCUMENT && bc->IsTop()) {
200 // If this is the first level iframe, innerWindow is our top-level
201 // principal.
202 mTopLevelPrincipal = innerWindow->GetPrincipal();
203 }
204 }
205
206 // Let's inherit the cookie behavior and permission from the parent
207 // document.
208 mCookieJarSettings = aLoadingContext->OwnerDoc()->CookieJarSettings();
209 }
210
211 mInnerWindowID = aLoadingContext->OwnerDoc()->InnerWindowID();
212 RefPtr<WindowContext> ctx = WindowContext::GetById(mInnerWindowID);
213 if (ctx) {
214 mLoadingEmbedderPolicy = ctx->GetEmbedderPolicy();
215 }
216 mDocumentHasUserInteracted =
217 aLoadingContext->OwnerDoc()->UserHasInteracted();
218
219 // Inherit HTTPS-Only Mode flags from parent document
220 mHttpsOnlyStatus |= aLoadingContext->OwnerDoc()->HttpsOnlyStatus();
221
222 // When the element being loaded is a frame, we choose the frame's window
223 // for the window ID and the frame element's window as the parent
224 // window. This is the behavior that Chrome exposes to add-ons.
225 // NB: If the frameLoaderOwner doesn't have a frame loader, then the load
226 // must be coming from an object (such as a plugin) that's loaded into it
227 // instead of a document being loaded. In that case, treat this object like
228 // any other non-document-loading element.
229 RefPtr<nsFrameLoaderOwner> frameLoaderOwner =
230 do_QueryObject(aLoadingContext);
231 RefPtr<nsFrameLoader> fl =
232 frameLoaderOwner ? frameLoaderOwner->GetFrameLoader() : nullptr;
233 if (fl) {
234 nsCOMPtr<nsIDocShell> docShell = fl->GetDocShell(IgnoreErrors());
235 if (docShell) {
236 nsCOMPtr<nsPIDOMWindowOuter> outerWindow = do_GetInterface(docShell);
237 if (outerWindow) {
238 RefPtr<dom::BrowsingContext> bc = outerWindow->GetBrowsingContext();
239 mFrameBrowsingContextID = bc ? bc->Id() : 0;
240 }
241 }
242 }
243
244 // if the document forces all mixed content to be blocked, then we
245 // store that bit for all requests on the loadinfo.
246 mBlockAllMixedContent =
247 aLoadingContext->OwnerDoc()->GetBlockAllMixedContent(false) ||
248 (nsContentUtils::IsPreloadType(mInternalContentPolicyType) &&
249 aLoadingContext->OwnerDoc()->GetBlockAllMixedContent(true));
250
251 if (mLoadingPrincipal && BasePrincipal::Cast(mTriggeringPrincipal)
252 ->OverridesCSP(mLoadingPrincipal)) {
253 // if the load is triggered by an addon which potentially overrides the
254 // CSP of the document, then do not force insecure requests to be
255 // upgraded.
256 mUpgradeInsecureRequests = false;
257 } else {
258 // if the document forces all requests to be upgraded from http to https,
259 // then we should do that for all requests. If it only forces preloads to
260 // be upgraded then we should enforce upgrade insecure requests only for
261 // preloads.
262 mUpgradeInsecureRequests =
263 aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(false) ||
264 (nsContentUtils::IsPreloadType(mInternalContentPolicyType) &&
265 aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(true));
266 }
267
268 if (nsMixedContentBlocker::IsUpgradableContentType(
269 mInternalContentPolicyType)) {
270 if (mLoadingPrincipal->SchemeIs("https")) {
271 if (StaticPrefs::security_mixed_content_upgrade_display_content()) {
272 mBrowserUpgradeInsecureRequests = true;
273 } else {
274 mBrowserWouldUpgradeInsecureRequests = true;
275 }
276 }
277 }
278 }
279 mOriginAttributes = mLoadingPrincipal->OriginAttributesRef();
280
281 // We need to do this after inheriting the document's origin attributes
282 // above, in case the loading principal ends up being the system principal.
283 if (aLoadingContext) {
284 nsCOMPtr<nsILoadContext> loadContext =
285 aLoadingContext->OwnerDoc()->GetLoadContext();
286 nsCOMPtr<nsIDocShell> docShell = aLoadingContext->OwnerDoc()->GetDocShell();
287 if (loadContext && docShell &&
288 docShell->GetBrowsingContext()->IsContent()) {
289 bool usePrivateBrowsing;
290 nsresult rv = loadContext->GetUsePrivateBrowsing(&usePrivateBrowsing);
291 if (NS_SUCCEEDED(rv)) {
292 mOriginAttributes.SyncAttributesWithPrivateBrowsing(usePrivateBrowsing);
293 }
294 }
295 }
296
297 // For chrome docshell, the mPrivateBrowsingId remains 0 even its
298 // UsePrivateBrowsing() is true, so we only update the mPrivateBrowsingId in
299 // origin attributes if the type of the docshell is content.
300 if (aLoadingContext) {
301 nsCOMPtr<nsIDocShell> docShell = aLoadingContext->OwnerDoc()->GetDocShell();
302 if (docShell) {
303 if (docShell->GetBrowsingContext()->IsChrome()) {
304 MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0,
305 "chrome docshell shouldn't have mPrivateBrowsingId set.");
306 }
307 }
308 }
309
310 // in case this is a loadinfo for a parser generated script, then we store
311 // that bit of information so CSP strict-dynamic can query it.
312 if (!nsContentUtils::IsPreloadType(mInternalContentPolicyType)) {
313 nsCOMPtr<nsIScriptElement> script = do_QueryInterface(aLoadingContext);
314 if (script && script->GetParserCreated() != mozilla::dom::NOT_FROM_PARSER) {
315 mParserCreatedScript = true;
316 }
317 }
318 }
319
320 /* Constructor takes an outer window, but no loadingNode or loadingPrincipal.
321 * This constructor should only be used for TYPE_DOCUMENT loads, since they
322 * have a null loadingNode and loadingPrincipal.
323 */
324 LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow, nsIURI* aURI,
325 nsIPrincipal* aTriggeringPrincipal,
326 nsISupports* aContextForTopLevelLoad,
327 nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags)
328 : mTriggeringPrincipal(aTriggeringPrincipal),
329 mTriggeringRemoteType(CurrentRemoteType()),
330 mSandboxedNullPrincipalID(nsID::GenerateUUID()),
331 mContextForTopLevelLoad(do_GetWeakReference(aContextForTopLevelLoad)),
332 mSecurityFlags(aSecurityFlags),
333 mSandboxFlags(aSandboxFlags),
334 mInternalContentPolicyType(nsIContentPolicy::TYPE_DOCUMENT) {
335 // Top-level loads are never third-party
336 // Grab the information we can out of the window.
337 MOZ_ASSERT(aOuterWindow);
338 MOZ_ASSERT(mTriggeringPrincipal);
339
340 // if the load is sandboxed, we can not also inherit the principal
341 if (mSandboxFlags & SANDBOXED_ORIGIN) {
342 mForceInheritPrincipalDropped =
343 (mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
344 mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
345 }
346
347 RefPtr<BrowsingContext> bc = aOuterWindow->GetBrowsingContext();
348 mBrowsingContextID = bc ? bc->Id() : 0;
349
350 // This should be removed in bug 1618557
351 nsGlobalWindowInner* innerWindow =
352 nsGlobalWindowInner::Cast(aOuterWindow->GetCurrentInnerWindow());
353 if (innerWindow) {
354 mTopLevelPrincipal = innerWindow->GetTopLevelAntiTrackingPrincipal();
355 }
356
357 // get the docshell from the outerwindow, and then get the originattributes
358 nsCOMPtr<nsIDocShell> docShell = aOuterWindow->GetDocShell();
359 MOZ_ASSERT(docShell);
360 mOriginAttributes = nsDocShell::Cast(docShell)->GetOriginAttributes();
361
362 // We sometimes use this constructor for security checks for outer windows
363 // that aren't top level.
364 if (aSecurityFlags != nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK) {
365 MOZ_ASSERT(aOuterWindow->GetBrowsingContext()->IsTop());
366 }
367
368 #ifdef DEBUG
369 if (docShell->GetBrowsingContext()->IsChrome()) {
370 MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0,
371 "chrome docshell shouldn't have mPrivateBrowsingId set.");
372 }
373 #endif
374
375 // Let's take the current cookie behavior and current cookie permission
376 // for the documents' loadInfo. Note that for any other loadInfos,
377 // cookieBehavior will be BEHAVIOR_REJECT for security reasons.
378 bool isPrivate = mOriginAttributes.mPrivateBrowsingId > 0;
379 bool shouldResistFingerprinting =
380 nsContentUtils::ShouldResistFingerprinting_dangerous(
381 aURI, mOriginAttributes,
382 "We are creating CookieJarSettings, so we can't have one already.",
383 RFPTarget::IsAlwaysEnabledForPrecompute);
384 mCookieJarSettings = CookieJarSettings::Create(
385 isPrivate ? CookieJarSettings::ePrivate : CookieJarSettings::eRegular,
386 shouldResistFingerprinting);
387 }
388
389 LoadInfo::LoadInfo(dom::CanonicalBrowsingContext* aBrowsingContext,
390 nsIURI* aURI, nsIPrincipal* aTriggeringPrincipal,
391 const nsACString& aTriggeringRemoteType,
392 const OriginAttributes& aOriginAttributes,
393 nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags)
394 : mTriggeringPrincipal(aTriggeringPrincipal),
395 mTriggeringRemoteType(aTriggeringRemoteType),
396 mSandboxedNullPrincipalID(nsID::GenerateUUID()),
397 mSecurityFlags(aSecurityFlags),
398 mSandboxFlags(aSandboxFlags),
399 mInternalContentPolicyType(nsIContentPolicy::TYPE_DOCUMENT) {
400 // Top-level loads are never third-party
401 // Grab the information we can out of the window.
402 MOZ_ASSERT(aBrowsingContext);
403 MOZ_ASSERT(mTriggeringPrincipal);
404 MOZ_ASSERT(aSecurityFlags !=
405 nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK);
406
407 // if the load is sandboxed, we can not also inherit the principal
408 if (mSandboxFlags & SANDBOXED_ORIGIN) {
409 mForceInheritPrincipalDropped =
410 (mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
411 mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
412 }
413
414 mBrowsingContextID = aBrowsingContext->Id();
415 mOriginAttributes = aOriginAttributes;
416
417 #ifdef DEBUG
418 if (aBrowsingContext->IsChrome()) {
419 MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0,
420 "chrome docshell shouldn't have mPrivateBrowsingId set.");
421 }
422 #endif
423
424 // Let's take the current cookie behavior and current cookie permission
425 // for the documents' loadInfo. Note that for any other loadInfos,
426 // cookieBehavior will be BEHAVIOR_REJECT for security reasons.
427 bool isPrivate = mOriginAttributes.mPrivateBrowsingId > 0;
428 bool shouldResistFingerprinting =
429 nsContentUtils::ShouldResistFingerprinting_dangerous(
430 aURI, mOriginAttributes,
431 "We are creating CookieJarSettings, so we can't have one already.",
432 RFPTarget::IsAlwaysEnabledForPrecompute);
433 mCookieJarSettings = CookieJarSettings::Create(
434 isPrivate ? CookieJarSettings::ePrivate : CookieJarSettings::eRegular,
435 shouldResistFingerprinting);
436 }
437
438 LoadInfo::LoadInfo(dom::WindowGlobalParent* aParentWGP,
439 nsIPrincipal* aTriggeringPrincipal,
440 const nsACString& aTriggeringRemoteType,
441 nsContentPolicyType aContentPolicyType,
442 nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags)
443 : mTriggeringPrincipal(aTriggeringPrincipal),
444 mTriggeringRemoteType(aTriggeringRemoteType),
445 mSandboxedNullPrincipalID(nsID::GenerateUUID()),
446 mSecurityFlags(aSecurityFlags),
447 mSandboxFlags(aSandboxFlags),
448 mInternalContentPolicyType(aContentPolicyType) {
449 CanonicalBrowsingContext* parentBC = aParentWGP->BrowsingContext();
450 MOZ_ASSERT(parentBC);
451 ComputeAncestors(parentBC, mAncestorPrincipals, mAncestorBrowsingContextIDs);
452
453 RefPtr<WindowGlobalParent> topLevelWGP = aParentWGP->TopWindowContext();
454
455 // if the load is sandboxed, we can not also inherit the principal
456 if (mSandboxFlags & SANDBOXED_ORIGIN) {
457 mForceInheritPrincipalDropped =
458 (mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
459 mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
460 }
461
462 // Ensure that all network requests for a window client have the ClientInfo
463 // properly set.
464 mClientInfo = aParentWGP->GetClientInfo();
465 mLoadingPrincipal = aParentWGP->DocumentPrincipal();
466 ComputeIsThirdPartyContext(aParentWGP);
467
468 mBrowsingContextID = parentBC->Id();
469
470 // Let's inherit the cookie behavior and permission from the embedder
471 // document.
472 mCookieJarSettings = aParentWGP->CookieJarSettings();
473 if (topLevelWGP->BrowsingContext()->IsTop()) {
474 if (mCookieJarSettings) {
475 bool stopAtOurLevel = mCookieJarSettings->GetCookieBehavior() ==
476 nsICookieService::BEHAVIOR_REJECT_TRACKER;
477 if (!stopAtOurLevel ||
478 topLevelWGP->OuterWindowId() != aParentWGP->OuterWindowId()) {
479 mTopLevelPrincipal = topLevelWGP->DocumentPrincipal();
480 }
481 }
482 }
483
484 if (!mTopLevelPrincipal && parentBC->IsTop()) {
485 // If this is the first level iframe, embedder WindowGlobalParent's document
486 // principal is our top-level principal.
487 mTopLevelPrincipal = aParentWGP->DocumentPrincipal();
488 }
489
490 mInnerWindowID = aParentWGP->InnerWindowId();
491 mDocumentHasUserInteracted = aParentWGP->DocumentHasUserInteracted();
492
493 // if the document forces all mixed content to be blocked, then we
494 // store that bit for all requests on the loadinfo.
495 mBlockAllMixedContent = aParentWGP->GetDocumentBlockAllMixedContent();
496
497 if (mTopLevelPrincipal && BasePrincipal::Cast(mTriggeringPrincipal)
498 ->OverridesCSP(mTopLevelPrincipal)) {
499 // if the load is triggered by an addon which potentially overrides the
500 // CSP of the document, then do not force insecure requests to be
501 // upgraded.
502 mUpgradeInsecureRequests = false;
503 } else {
504 // if the document forces all requests to be upgraded from http to https,
505 // then we should do that for all requests. If it only forces preloads to
506 // be upgraded then we should enforce upgrade insecure requests only for
507 // preloads.
508 mUpgradeInsecureRequests = aParentWGP->GetDocumentUpgradeInsecureRequests();
509 }
510 mOriginAttributes = mLoadingPrincipal->OriginAttributesRef();
511
512 // We need to do this after inheriting the document's origin attributes
513 // above, in case the loading principal ends up being the system principal.
514 if (parentBC->IsContent()) {
515 mOriginAttributes.SyncAttributesWithPrivateBrowsing(
516 parentBC->UsePrivateBrowsing());
517 }
518
519 mHttpsOnlyStatus |= aParentWGP->HttpsOnlyStatus();
520
521 // For chrome BC, the mPrivateBrowsingId remains 0 even its
522 // UsePrivateBrowsing() is true, so we only update the mPrivateBrowsingId in
523 // origin attributes if the type of the BC is content.
524 if (parentBC->IsChrome()) {
525 MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0,
526 "chrome docshell shouldn't have mPrivateBrowsingId set.");
527 }
528
529 RefPtr<WindowContext> ctx = WindowContext::GetById(mInnerWindowID);
530 if (ctx) {
531 mLoadingEmbedderPolicy = ctx->GetEmbedderPolicy();
532
533 if (Document* document = ctx->GetDocument()) {
534 mIsOriginTrialCoepCredentiallessEnabledForTopLevel =
535 document->Trials().IsEnabled(OriginTrial::CoepCredentialless);
536 }
537 }
538 }
539
540 // Used for TYPE_FRAME or TYPE_IFRAME load.
541 LoadInfo::LoadInfo(dom::CanonicalBrowsingContext* aBrowsingContext,
542 nsIPrincipal* aTriggeringPrincipal,
543 const nsACString& aTriggeringRemoteType,
544 nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags)
545 : LoadInfo(aBrowsingContext->GetParentWindowContext(), aTriggeringPrincipal,
546 aTriggeringRemoteType,
547 InternalContentPolicyTypeForFrame(aBrowsingContext),
548 aSecurityFlags, aSandboxFlags) {
549 mFrameBrowsingContextID = aBrowsingContext->Id();
550 }
551
552 LoadInfo::LoadInfo(const LoadInfo& rhs)
553 : mLoadingPrincipal(rhs.mLoadingPrincipal),
554 mTriggeringPrincipal(rhs.mTriggeringPrincipal),
555 mPrincipalToInherit(rhs.mPrincipalToInherit),
556 mTopLevelPrincipal(rhs.mTopLevelPrincipal),
557 mResultPrincipalURI(rhs.mResultPrincipalURI),
558 mChannelCreationOriginalURI(rhs.mChannelCreationOriginalURI),
559 mCookieJarSettings(rhs.mCookieJarSettings),
560 mCspToInherit(rhs.mCspToInherit),
561 mTriggeringRemoteType(rhs.mTriggeringRemoteType),
562 mSandboxedNullPrincipalID(rhs.mSandboxedNullPrincipalID),
563 mClientInfo(rhs.mClientInfo),
564 // mReservedClientSource must be handled specially during redirect
565 // mReservedClientInfo must be handled specially during redirect
566 // mInitialClientInfo must be handled specially during redirect
567 mController(rhs.mController),
568 mPerformanceStorage(rhs.mPerformanceStorage),
569 mLoadingContext(rhs.mLoadingContext),
570 mContextForTopLevelLoad(rhs.mContextForTopLevelLoad),
571 mSecurityFlags(rhs.mSecurityFlags),
572 mSandboxFlags(rhs.mSandboxFlags),
573 mTriggeringSandboxFlags(rhs.mTriggeringSandboxFlags),
574 mInternalContentPolicyType(rhs.mInternalContentPolicyType),
575 mTainting(rhs.mTainting),
576 mBlockAllMixedContent(rhs.mBlockAllMixedContent),
577 mUpgradeInsecureRequests(rhs.mUpgradeInsecureRequests),
578 mBrowserUpgradeInsecureRequests(rhs.mBrowserUpgradeInsecureRequests),
579 mBrowserDidUpgradeInsecureRequests(
580 rhs.mBrowserDidUpgradeInsecureRequests),
581 mBrowserWouldUpgradeInsecureRequests(
582 rhs.mBrowserWouldUpgradeInsecureRequests),
583 mForceAllowDataURI(rhs.mForceAllowDataURI),
584 mAllowInsecureRedirectToDataURI(rhs.mAllowInsecureRedirectToDataURI),
585 mSkipContentPolicyCheckForWebRequest(
586 rhs.mSkipContentPolicyCheckForWebRequest),
587 mOriginalFrameSrcLoad(rhs.mOriginalFrameSrcLoad),
588 mForceInheritPrincipalDropped(rhs.mForceInheritPrincipalDropped),
589 mInnerWindowID(rhs.mInnerWindowID),
590 mBrowsingContextID(rhs.mBrowsingContextID),
591 mWorkerAssociatedBrowsingContextID(
592 rhs.mWorkerAssociatedBrowsingContextID),
593 mFrameBrowsingContextID(rhs.mFrameBrowsingContextID),
594 mInitialSecurityCheckDone(rhs.mInitialSecurityCheckDone),
595 mIsThirdPartyContext(rhs.mIsThirdPartyContext),
596 mIsThirdPartyContextToTopWindow(rhs.mIsThirdPartyContextToTopWindow),
597 mIsFormSubmission(rhs.mIsFormSubmission),
598 mSendCSPViolationEvents(rhs.mSendCSPViolationEvents),
599 mOriginAttributes(rhs.mOriginAttributes),
600 mRedirectChainIncludingInternalRedirects(
601 rhs.mRedirectChainIncludingInternalRedirects.Clone()),
602 mRedirectChain(rhs.mRedirectChain.Clone()),
603 mAncestorPrincipals(rhs.mAncestorPrincipals.Clone()),
604 mAncestorBrowsingContextIDs(rhs.mAncestorBrowsingContextIDs.Clone()),
605 mCorsUnsafeHeaders(rhs.mCorsUnsafeHeaders.Clone()),
606 mRequestBlockingReason(rhs.mRequestBlockingReason),
607 mForcePreflight(rhs.mForcePreflight),
608 mIsPreflight(rhs.mIsPreflight),
609 mLoadTriggeredFromExternal(rhs.mLoadTriggeredFromExternal),
610 mDocumentHasUserInteracted(rhs.mDocumentHasUserInteracted),
611 mAllowListFutureDocumentsCreatedFromThisRedirectChain(
612 rhs.mAllowListFutureDocumentsCreatedFromThisRedirectChain),
613 mNeedForCheckingAntiTrackingHeuristic(
614 rhs.mNeedForCheckingAntiTrackingHeuristic),
615 mCspNonce(rhs.mCspNonce),
616 mIntegrityMetadata(rhs.mIntegrityMetadata),
617 mSkipContentSniffing(rhs.mSkipContentSniffing),
618 mHttpsOnlyStatus(rhs.mHttpsOnlyStatus),
619 mHstsStatus(rhs.mHstsStatus),
620 mHasValidUserGestureActivation(rhs.mHasValidUserGestureActivation),
621 mAllowDeprecatedSystemRequests(rhs.mAllowDeprecatedSystemRequests),
622 mIsInDevToolsContext(rhs.mIsInDevToolsContext),
623 mParserCreatedScript(rhs.mParserCreatedScript),
624 mStoragePermission(rhs.mStoragePermission),
625 mIsMetaRefresh(rhs.mIsMetaRefresh),
626 mIsFromProcessingFrameAttributes(rhs.mIsFromProcessingFrameAttributes),
627 mIsMediaRequest(rhs.mIsMediaRequest),
628 mIsMediaInitialRequest(rhs.mIsMediaInitialRequest),
629 mIsFromObjectOrEmbed(rhs.mIsFromObjectOrEmbed),
630 mLoadingEmbedderPolicy(rhs.mLoadingEmbedderPolicy),
631 mIsOriginTrialCoepCredentiallessEnabledForTopLevel(
632 rhs.mIsOriginTrialCoepCredentiallessEnabledForTopLevel),
633 mUnstrippedURI(rhs.mUnstrippedURI),
634 mInterceptionInfo(rhs.mInterceptionInfo),
635 mHasInjectedCookieForCookieBannerHandling(
636 rhs.mHasInjectedCookieForCookieBannerHandling) {}
637
638 LoadInfo::LoadInfo(
639 nsIPrincipal* aLoadingPrincipal, nsIPrincipal* aTriggeringPrincipal,
640 nsIPrincipal* aPrincipalToInherit, nsIPrincipal* aTopLevelPrincipal,
641 nsIURI* aResultPrincipalURI, nsICookieJarSettings* aCookieJarSettings,
642 nsIContentSecurityPolicy* aCspToInherit,
643 const nsACString& aTriggeringRemoteType,
644 const nsID& aSandboxedNullPrincipalID, const Maybe<ClientInfo>& aClientInfo,
645 const Maybe<ClientInfo>& aReservedClientInfo,
646 const Maybe<ClientInfo>& aInitialClientInfo,
647 const Maybe<ServiceWorkerDescriptor>& aController,
648 nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags,
649 uint32_t aTriggeringSandboxFlags, nsContentPolicyType aContentPolicyType,
650 LoadTainting aTainting, bool aBlockAllMixedContent,
651 bool aUpgradeInsecureRequests, bool aBrowserUpgradeInsecureRequests,
652 bool aBrowserDidUpgradeInsecureRequests,
653 bool aBrowserWouldUpgradeInsecureRequests, bool aForceAllowDataURI,
654 bool aAllowInsecureRedirectToDataURI,
655 bool aSkipContentPolicyCheckForWebRequest, bool aOriginalFrameSrcLoad,
656 bool aForceInheritPrincipalDropped, uint64_t aInnerWindowID,
657 uint64_t aBrowsingContextID, uint64_t aFrameBrowsingContextID,
658 bool aInitialSecurityCheckDone, bool aIsThirdPartyContext,
659 const Maybe<bool>& aIsThirdPartyContextToTopWindow, bool aIsFormSubmission,
660 bool aSendCSPViolationEvents, const OriginAttributes& aOriginAttributes,
661 RedirectHistoryArray&& aRedirectChainIncludingInternalRedirects,
662 RedirectHistoryArray&& aRedirectChain,
663 nsTArray<nsCOMPtr<nsIPrincipal>>&& aAncestorPrincipals,
664 const nsTArray<uint64_t>& aAncestorBrowsingContextIDs,
665 const nsTArray<nsCString>& aCorsUnsafeHeaders, bool aForcePreflight,
666 bool aIsPreflight, bool aLoadTriggeredFromExternal,
667 bool aServiceWorkerTaintingSynthesized, bool aDocumentHasUserInteracted,
668 bool aAllowListFutureDocumentsCreatedFromThisRedirectChain,
669 bool aNeedForCheckingAntiTrackingHeuristic, const nsAString& aCspNonce,
670 const nsAString& aIntegrityMetadata, bool aSkipContentSniffing,
671 uint32_t aHttpsOnlyStatus, bool aHstsStatus,
672 bool aHasValidUserGestureActivation, bool aAllowDeprecatedSystemRequests,
673 bool aIsInDevToolsContext, bool aParserCreatedScript,
674 nsILoadInfo::StoragePermissionState aStoragePermission, bool aIsMetaRefresh,
675 uint32_t aRequestBlockingReason, nsINode* aLoadingContext,
676 nsILoadInfo::CrossOriginEmbedderPolicy aLoadingEmbedderPolicy,
677 bool aIsOriginTrialCoepCredentiallessEnabledForTopLevel,
678 nsIURI* aUnstrippedURI, nsIInterceptionInfo* aInterceptionInfo,
679 bool aHasInjectedCookieForCookieBannerHandling)
680 : mLoadingPrincipal(aLoadingPrincipal),
681 mTriggeringPrincipal(aTriggeringPrincipal),
682 mPrincipalToInherit(aPrincipalToInherit),
683 mTopLevelPrincipal(aTopLevelPrincipal),
684 mResultPrincipalURI(aResultPrincipalURI),
685 mCookieJarSettings(aCookieJarSettings),
686 mCspToInherit(aCspToInherit),
687 mTriggeringRemoteType(aTriggeringRemoteType),
688 mSandboxedNullPrincipalID(aSandboxedNullPrincipalID),
689 mClientInfo(aClientInfo),
690 mReservedClientInfo(aReservedClientInfo),
691 mInitialClientInfo(aInitialClientInfo),
692 mController(aController),
693 mLoadingContext(do_GetWeakReference(aLoadingContext)),
694 mSecurityFlags(aSecurityFlags),
695 mSandboxFlags(aSandboxFlags),
696 mTriggeringSandboxFlags(aTriggeringSandboxFlags),
697 mInternalContentPolicyType(aContentPolicyType),
698 mTainting(aTainting),
699 mBlockAllMixedContent(aBlockAllMixedContent),
700 mUpgradeInsecureRequests(aUpgradeInsecureRequests),
701 mBrowserUpgradeInsecureRequests(aBrowserUpgradeInsecureRequests),
702 mBrowserDidUpgradeInsecureRequests(aBrowserDidUpgradeInsecureRequests),
703 mBrowserWouldUpgradeInsecureRequests(
704 aBrowserWouldUpgradeInsecureRequests),
705 mForceAllowDataURI(aForceAllowDataURI),
706 mAllowInsecureRedirectToDataURI(aAllowInsecureRedirectToDataURI),
707 mSkipContentPolicyCheckForWebRequest(
708 aSkipContentPolicyCheckForWebRequest),
709 mOriginalFrameSrcLoad(aOriginalFrameSrcLoad),
710 mForceInheritPrincipalDropped(aForceInheritPrincipalDropped),
711 mInnerWindowID(aInnerWindowID),
712 mBrowsingContextID(aBrowsingContextID),
713 mFrameBrowsingContextID(aFrameBrowsingContextID),
714 mInitialSecurityCheckDone(aInitialSecurityCheckDone),
715 mIsThirdPartyContext(aIsThirdPartyContext),
716 mIsThirdPartyContextToTopWindow(aIsThirdPartyContextToTopWindow),
717 mIsFormSubmission(aIsFormSubmission),
718 mSendCSPViolationEvents(aSendCSPViolationEvents),
719 mOriginAttributes(aOriginAttributes),
720 mRedirectChainIncludingInternalRedirects(
721 std::move(aRedirectChainIncludingInternalRedirects)),
722 mRedirectChain(std::move(aRedirectChain)),
723 mAncestorPrincipals(std::move(aAncestorPrincipals)),
724 mAncestorBrowsingContextIDs(aAncestorBrowsingContextIDs.Clone()),
725 mCorsUnsafeHeaders(aCorsUnsafeHeaders.Clone()),
726 mRequestBlockingReason(aRequestBlockingReason),
727 mForcePreflight(aForcePreflight),
728 mIsPreflight(aIsPreflight),
729 mLoadTriggeredFromExternal(aLoadTriggeredFromExternal),
730 mServiceWorkerTaintingSynthesized(aServiceWorkerTaintingSynthesized),
731 mDocumentHasUserInteracted(aDocumentHasUserInteracted),
732 mAllowListFutureDocumentsCreatedFromThisRedirectChain(
733 aAllowListFutureDocumentsCreatedFromThisRedirectChain),
734 mNeedForCheckingAntiTrackingHeuristic(
735 aNeedForCheckingAntiTrackingHeuristic),
736 mCspNonce(aCspNonce),
737 mIntegrityMetadata(aIntegrityMetadata),
738 mSkipContentSniffing(aSkipContentSniffing),
739 mHttpsOnlyStatus(aHttpsOnlyStatus),
740 mHstsStatus(aHstsStatus),
741 mHasValidUserGestureActivation(aHasValidUserGestureActivation),
742 mAllowDeprecatedSystemRequests(aAllowDeprecatedSystemRequests),
743 mIsInDevToolsContext(aIsInDevToolsContext),
744 mParserCreatedScript(aParserCreatedScript),
745 mStoragePermission(aStoragePermission),
746 mIsMetaRefresh(aIsMetaRefresh),
747 mLoadingEmbedderPolicy(aLoadingEmbedderPolicy),
748 mIsOriginTrialCoepCredentiallessEnabledForTopLevel(
749 aIsOriginTrialCoepCredentiallessEnabledForTopLevel),
750 mUnstrippedURI(aUnstrippedURI),
751 mInterceptionInfo(aInterceptionInfo),
752 mHasInjectedCookieForCookieBannerHandling(
753 aHasInjectedCookieForCookieBannerHandling) {
754 // Only top level TYPE_DOCUMENT loads can have a null loadingPrincipal
755 MOZ_ASSERT(mLoadingPrincipal ||
756 aContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT);
757 MOZ_ASSERT(mTriggeringPrincipal);
758 }
759
760 // static
761 void LoadInfo::ComputeAncestors(
762 CanonicalBrowsingContext* aBC,
763 nsTArray<nsCOMPtr<nsIPrincipal>>& aAncestorPrincipals,
764 nsTArray<uint64_t>& aBrowsingContextIDs) {
765 MOZ_ASSERT(aAncestorPrincipals.IsEmpty());
766 MOZ_ASSERT(aBrowsingContextIDs.IsEmpty());
767 CanonicalBrowsingContext* ancestorBC = aBC;
768 // Iterate over ancestor WindowGlobalParents, collecting principals and outer
769 // window IDs.
770 while (WindowGlobalParent* ancestorWGP =
771 ancestorBC->GetParentWindowContext()) {
772 ancestorBC = ancestorWGP->BrowsingContext();
773
774 nsCOMPtr<nsIPrincipal> parentPrincipal = ancestorWGP->DocumentPrincipal();
775 MOZ_ASSERT(parentPrincipal, "Ancestor principal is null");
776 aAncestorPrincipals.AppendElement(parentPrincipal.forget());
777 aBrowsingContextIDs.AppendElement(ancestorBC->Id());
778 }
779 }
780 void LoadInfo::ComputeIsThirdPartyContext(nsPIDOMWindowOuter* aOuterWindow) {
781 ExtContentPolicyType type =
782 nsContentUtils::InternalContentPolicyTypeToExternal(
783 mInternalContentPolicyType);
784 if (type == ExtContentPolicy::TYPE_DOCUMENT) {
785 // Top-level loads are never third-party.
786 mIsThirdPartyContext = false;
787 return;
788 }
789
790 nsCOMPtr<mozIThirdPartyUtil> util(do_GetService(THIRDPARTYUTIL_CONTRACTID));
791 if (NS_WARN_IF(!util)) {
792 return;
793 }
794
795 util->IsThirdPartyWindow(aOuterWindow, nullptr, &mIsThirdPartyContext);
796 }
797
798 void LoadInfo::ComputeIsThirdPartyContext(dom::WindowGlobalParent* aGlobal) {
799 if (nsILoadInfo::GetExternalContentPolicyType() ==
800 ExtContentPolicy::TYPE_DOCUMENT) {
801 // Top-level loads are never third-party.
802 mIsThirdPartyContext = false;
803 return;
804 }
805
806 ThirdPartyUtil* thirdPartyUtil = ThirdPartyUtil::GetInstance();
807 if (!thirdPartyUtil) {
808 return;
809 }
810 thirdPartyUtil->IsThirdPartyGlobal(aGlobal, &mIsThirdPartyContext);
811 }
812
813 NS_IMPL_ISUPPORTS(LoadInfo, nsILoadInfo)
814
815 LoadInfo::~LoadInfo() { MOZ_RELEASE_ASSERT(NS_IsMainThread()); }
816
817 already_AddRefed<nsILoadInfo> LoadInfo::Clone() const {
818 RefPtr<LoadInfo> copy(new LoadInfo(*this));
819 return copy.forget();
820 }
821
822 already_AddRefed<nsILoadInfo> LoadInfo::CloneWithNewSecFlags(
823 nsSecurityFlags aSecurityFlags) const {
824 RefPtr<LoadInfo> copy(new LoadInfo(*this));
825 copy->mSecurityFlags = aSecurityFlags;
826 return copy.forget();
827 }
828
829 already_AddRefed<nsILoadInfo> LoadInfo::CloneForNewRequest() const {
830 RefPtr<LoadInfo> copy(new LoadInfo(*this));
831 copy->mInitialSecurityCheckDone = false;
832 copy->mRedirectChainIncludingInternalRedirects.Clear();
833 copy->mRedirectChain.Clear();
834 copy->mResultPrincipalURI = nullptr;
835 return copy.forget();
836 }
837
838 NS_IMETHODIMP
839 LoadInfo::GetLoadingPrincipal(nsIPrincipal** aLoadingPrincipal) {
840 *aLoadingPrincipal = do_AddRef(mLoadingPrincipal).take();
841 return NS_OK;
842 }
843
844 nsIPrincipal* LoadInfo::VirtualGetLoadingPrincipal() {
845 return mLoadingPrincipal;
846 }
847
848 NS_IMETHODIMP
849 LoadInfo::GetTriggeringPrincipal(nsIPrincipal** aTriggeringPrincipal) {
850 *aTriggeringPrincipal = do_AddRef(mTriggeringPrincipal).take();
851 return NS_OK;
852 }
853
854 nsIPrincipal* LoadInfo::TriggeringPrincipal() { return mTriggeringPrincipal; }
855
856 NS_IMETHODIMP
857 LoadInfo::GetPrincipalToInherit(nsIPrincipal** aPrincipalToInherit) {
858 *aPrincipalToInherit = do_AddRef(mPrincipalToInherit).take();
859 return NS_OK;
860 }
861
862 NS_IMETHODIMP
863 LoadInfo::SetPrincipalToInherit(nsIPrincipal* aPrincipalToInherit) {
864 MOZ_ASSERT(aPrincipalToInherit, "must be a valid principal to inherit");
865 mPrincipalToInherit = aPrincipalToInherit;
866 return NS_OK;
867 }
868
869 nsIPrincipal* LoadInfo::PrincipalToInherit() { return mPrincipalToInherit; }
870
871 nsIPrincipal* LoadInfo::FindPrincipalToInherit(nsIChannel* aChannel) {
872 if (mPrincipalToInherit) {
873 return mPrincipalToInherit;
874 }
875
876 nsCOMPtr<nsIURI> uri = mResultPrincipalURI;
877 if (!uri) {
878 Unused << aChannel->GetOriginalURI(getter_AddRefs(uri));
879 }
880
881 auto* prin = BasePrincipal::Cast(mTriggeringPrincipal);
882 return prin->PrincipalToInherit(uri);
883 }
884
885 const nsID& LoadInfo::GetSandboxedNullPrincipalID() {
886 MOZ_ASSERT(!mSandboxedNullPrincipalID.Equals(nsID{}),
887 "mSandboxedNullPrincipalID wasn't initialized?");
888 return mSandboxedNullPrincipalID;
889 }
890
891 void LoadInfo::ResetSandboxedNullPrincipalID() {
892 mSandboxedNullPrincipalID = nsID::GenerateUUID();
893 }
894
895 nsIPrincipal* LoadInfo::GetTopLevelPrincipal() { return mTopLevelPrincipal; }
896
897 NS_IMETHODIMP
898 LoadInfo::GetTriggeringRemoteType(nsACString& aTriggeringRemoteType) {
899 aTriggeringRemoteType = mTriggeringRemoteType;
900 return NS_OK;
901 }
902
903 NS_IMETHODIMP
904 LoadInfo::SetTriggeringRemoteType(const nsACString& aTriggeringRemoteType) {
905 mTriggeringRemoteType = aTriggeringRemoteType;
906 return NS_OK;
907 }
908
909 NS_IMETHODIMP
910 LoadInfo::GetLoadingDocument(Document** aResult) {
911 if (nsCOMPtr<nsINode> node = do_QueryReferent(mLoadingContext)) {
912 RefPtr<Document> context = node->OwnerDoc();
913 context.forget(aResult);
914 }
915 return NS_OK;
916 }
917
918 nsINode* LoadInfo::LoadingNode() {
919 nsCOMPtr<nsINode> node = do_QueryReferent(mLoadingContext);
920 return node;
921 }
922
923 already_AddRefed<nsISupports> LoadInfo::ContextForTopLevelLoad() {
924 // Most likely you want to query LoadingNode() instead of
925 // ContextForTopLevelLoad() if this assertion fires.
926 MOZ_ASSERT(mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
927 "should only query this context for top level document loads");
928 nsCOMPtr<nsISupports> context = do_QueryReferent(mContextForTopLevelLoad);
929 return context.forget();
930 }
931
932 already_AddRefed<nsISupports> LoadInfo::GetLoadingContext() {
933 nsCOMPtr<nsISupports> context;
934 if (mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT) {
935 context = ContextForTopLevelLoad();
936 } else {
937 context = LoadingNode();
938 }
939 return context.forget();
940 }
941
942 NS_IMETHODIMP
943 LoadInfo::GetLoadingContextXPCOM(nsISupports** aResult) {
944 nsCOMPtr<nsISupports> context = GetLoadingContext();
945 context.forget(aResult);
946 return NS_OK;
947 }
948
949 NS_IMETHODIMP
950 LoadInfo::GetSecurityFlags(nsSecurityFlags* aResult) {
951 *aResult = mSecurityFlags;
952 return NS_OK;
953 }
954
955 NS_IMETHODIMP
956 LoadInfo::GetSandboxFlags(uint32_t* aResult) {
957 *aResult = mSandboxFlags;
958 return NS_OK;
959 }
960
961 NS_IMETHODIMP
962 LoadInfo::GetTriggeringSandboxFlags(uint32_t* aResult) {
963 *aResult = mTriggeringSandboxFlags;
964 return NS_OK;
965 }
966
967 NS_IMETHODIMP
968 LoadInfo::SetTriggeringSandboxFlags(uint32_t aFlags) {
969 mTriggeringSandboxFlags = aFlags;
970 return NS_OK;
971 }
972
973 NS_IMETHODIMP
974 LoadInfo::GetSecurityMode(uint32_t* aFlags) {
975 *aFlags = (mSecurityFlags &
976 (nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_INHERITS_SEC_CONTEXT |
977 nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED |
978 nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_INHERITS_SEC_CONTEXT |
979 nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL |
980 nsILoadInfo::SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT));
981 return NS_OK;
982 }
983
984 NS_IMETHODIMP
985 LoadInfo::GetIsInThirdPartyContext(bool* aIsInThirdPartyContext) {
986 *aIsInThirdPartyContext = mIsThirdPartyContext;
987 return NS_OK;
988 }
989
990 NS_IMETHODIMP
991 LoadInfo::SetIsInThirdPartyContext(bool aIsInThirdPartyContext) {
992 mIsThirdPartyContext = aIsInThirdPartyContext;
993 return NS_OK;
994 }
995
996 NS_IMETHODIMP
997 LoadInfo::GetIsThirdPartyContextToTopWindow(
998 bool* aIsThirdPartyContextToTopWindow) {
999 *aIsThirdPartyContextToTopWindow =
1000 mIsThirdPartyContextToTopWindow.valueOr(true);
1001 return NS_OK;
1002 }
1003
1004 NS_IMETHODIMP
1005 LoadInfo::SetIsThirdPartyContextToTopWindow(
1006 bool aIsThirdPartyContextToTopWindow) {
1007 mIsThirdPartyContextToTopWindow = Some(aIsThirdPartyContextToTopWindow);
1008 return NS_OK;
1009 }
1010
1011 static const uint32_t sCookiePolicyMask =
1012 nsILoadInfo::SEC_COOKIES_DEFAULT | nsILoadInfo::SEC_COOKIES_INCLUDE |
1013 nsILoadInfo::SEC_COOKIES_SAME_ORIGIN | nsILoadInfo::SEC_COOKIES_OMIT;
1014
1015 NS_IMETHODIMP
1016 LoadInfo::GetCookiePolicy(uint32_t* aResult) {
1017 uint32_t policy = mSecurityFlags & sCookiePolicyMask;
1018 if (policy == nsILoadInfo::SEC_COOKIES_DEFAULT) {
1019 policy = (mSecurityFlags & SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT)
1020 ? nsILoadInfo::SEC_COOKIES_SAME_ORIGIN
1021 : nsILoadInfo::SEC_COOKIES_INCLUDE;
1022 }
1023
1024 *aResult = policy;
1025 return NS_OK;
1026 }
1027
1028 namespace {
1029
1030 already_AddRefed<nsICookieJarSettings> CreateCookieJarSettings(
1031 nsContentPolicyType aContentPolicyType, bool aIsPrivate,
1032 bool shouldResistFingerprinting) {
1033 if (StaticPrefs::network_cookieJarSettings_unblocked_for_testing()) {
1034 return aIsPrivate ? CookieJarSettings::Create(CookieJarSettings::ePrivate,
1035 shouldResistFingerprinting)
1036 : CookieJarSettings::Create(CookieJarSettings::eRegular,
1037 shouldResistFingerprinting);
1038 }
1039
1040 // These contentPolictTypes require a real CookieJarSettings because favicon
1041 // and save-as requests must send cookies. Anything else should not
1042 // send/receive cookies.
1043 if (aContentPolicyType == nsIContentPolicy::TYPE_INTERNAL_IMAGE_FAVICON ||
1044 aContentPolicyType == nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD) {
1045 return aIsPrivate ? CookieJarSettings::Create(CookieJarSettings::ePrivate,
1046 shouldResistFingerprinting)
1047 : CookieJarSettings::Create(CookieJarSettings::eRegular,
1048 shouldResistFingerprinting);
1049 }
1050
1051 return CookieJarSettings::GetBlockingAll(shouldResistFingerprinting);
1052 }
1053
1054 } // namespace
1055
1056 NS_IMETHODIMP
1057 LoadInfo::GetCookieJarSettings(nsICookieJarSettings** aCookieJarSettings) {
1058 if (!mCookieJarSettings) {
1059 bool isPrivate = mOriginAttributes.mPrivateBrowsingId > 0;
1060 nsCOMPtr<nsIPrincipal> loadingPrincipal;
1061 Unused << this->GetLoadingPrincipal(getter_AddRefs(loadingPrincipal));
1062 bool shouldResistFingerprinting =
1063 nsContentUtils::ShouldResistFingerprinting_dangerous(
1064 loadingPrincipal,
1065 "CookieJarSettings can't exist yet, we're creating it",
1066 RFPTarget::IsAlwaysEnabledForPrecompute);
1067 mCookieJarSettings = CreateCookieJarSettings(
1068 mInternalContentPolicyType, isPrivate, shouldResistFingerprinting);
1069 }
1070
1071 nsCOMPtr<nsICookieJarSettings> cookieJarSettings = mCookieJarSettings;
1072 cookieJarSettings.forget(aCookieJarSettings);
1073 return NS_OK;
1074 }
1075
1076 NS_IMETHODIMP
1077 LoadInfo::SetCookieJarSettings(nsICookieJarSettings* aCookieJarSettings) {
1078 MOZ_ASSERT(aCookieJarSettings);
1079 // We allow the overwrite of CookieJarSettings.
1080 mCookieJarSettings = aCookieJarSettings;
1081 return NS_OK;
1082 }
1083
1084 NS_IMETHODIMP
1085 LoadInfo::GetStoragePermission(
1086 nsILoadInfo::StoragePermissionState* aStoragePermission) {
1087 *aStoragePermission = mStoragePermission;
1088 return NS_OK;
1089 }
1090
1091 NS_IMETHODIMP
1092 LoadInfo::SetStoragePermission(
1093 nsILoadInfo::StoragePermissionState aStoragePermission) {
1094 mStoragePermission = aStoragePermission;
1095 return NS_OK;
1096 }
1097
1098 NS_IMETHODIMP
1099 LoadInfo::GetIsMetaRefresh(bool* aIsMetaRefresh) {
1100 *aIsMetaRefresh = mIsMetaRefresh;
1101 return NS_OK;
1102 }
1103
1104 NS_IMETHODIMP
1105 LoadInfo::SetIsMetaRefresh(bool aIsMetaRefresh) {
1106 mIsMetaRefresh = aIsMetaRefresh;
1107 return NS_OK;
1108 }
1109
1110 void LoadInfo::SetIncludeCookiesSecFlag() {
1111 MOZ_ASSERT((mSecurityFlags & sCookiePolicyMask) ==
1112 nsILoadInfo::SEC_COOKIES_DEFAULT);
1113 mSecurityFlags =
1114 (mSecurityFlags & ~sCookiePolicyMask) | nsILoadInfo::SEC_COOKIES_INCLUDE;
1115 }
1116
1117 NS_IMETHODIMP
1118 LoadInfo::GetForceInheritPrincipal(bool* aInheritPrincipal) {
1119 *aInheritPrincipal =
1120 (mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
1121 return NS_OK;
1122 }
1123
1124 NS_IMETHODIMP
1125 LoadInfo::GetForceInheritPrincipalOverruleOwner(bool* aInheritPrincipal) {
1126 *aInheritPrincipal =
1127 (mSecurityFlags &
1128 nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER);
1129 return NS_OK;
1130 }
1131
1132 NS_IMETHODIMP
1133 LoadInfo::GetLoadingSandboxed(bool* aLoadingSandboxed) {
1134 *aLoadingSandboxed = (mSandboxFlags & SANDBOXED_ORIGIN);
1135 return NS_OK;
1136 }
1137
1138 NS_IMETHODIMP
1139 LoadInfo::GetAboutBlankInherits(bool* aResult) {
1140 *aResult = (mSecurityFlags & nsILoadInfo::SEC_ABOUT_BLANK_INHERITS);
1141 return NS_OK;
1142 }
1143
1144 NS_IMETHODIMP
1145 LoadInfo::GetAllowChrome(bool* aResult) {
1146 *aResult = (mSecurityFlags & nsILoadInfo::SEC_ALLOW_CHROME);
1147 return NS_OK;
1148 }
1149
1150 NS_IMETHODIMP
1151 LoadInfo::GetDisallowScript(bool* aResult) {
1152 *aResult = (mSecurityFlags & nsILoadInfo::SEC_DISALLOW_SCRIPT);
1153 return NS_OK;
1154 }
1155
1156 NS_IMETHODIMP
1157 LoadInfo::GetDontFollowRedirects(bool* aResult) {
1158 *aResult = (mSecurityFlags & nsILoadInfo::SEC_DONT_FOLLOW_REDIRECTS);
1159 return NS_OK;
1160 }
1161
1162 NS_IMETHODIMP
1163 LoadInfo::GetLoadErrorPage(bool* aResult) {
1164 *aResult = (mSecurityFlags & nsILoadInfo::SEC_LOAD_ERROR_PAGE);
1165 return NS_OK;
1166 }
1167
1168 NS_IMETHODIMP
1169 LoadInfo::GetIsFormSubmission(bool* aResult) {
1170 *aResult = mIsFormSubmission;
1171 return NS_OK;
1172 }
1173
1174 NS_IMETHODIMP
1175 LoadInfo::SetIsFormSubmission(bool aValue) {
1176 mIsFormSubmission = aValue;
1177 return NS_OK;
1178 }
1179
1180 NS_IMETHODIMP
1181 LoadInfo::GetSendCSPViolationEvents(bool* aResult) {
1182 *aResult = mSendCSPViolationEvents;
1183 return NS_OK;
1184 }
1185
1186 NS_IMETHODIMP
1187 LoadInfo::SetSendCSPViolationEvents(bool aValue) {
1188 mSendCSPViolationEvents = aValue;
1189 return NS_OK;
1190 }
1191
1192 NS_IMETHODIMP
1193 LoadInfo::GetExternalContentPolicyType(nsContentPolicyType* aResult) {
1194 // We have to use nsContentPolicyType because ExtContentPolicyType is not
1195 // visible from xpidl.
1196 *aResult = static_cast<nsContentPolicyType>(
1197 nsContentUtils::InternalContentPolicyTypeToExternal(
1198 mInternalContentPolicyType));
1199 return NS_OK;
1200 }
1201
1202 nsContentPolicyType LoadInfo::InternalContentPolicyType() {
1203 return mInternalContentPolicyType;
1204 }
1205
1206 NS_IMETHODIMP
1207 LoadInfo::GetBlockAllMixedContent(bool* aResult) {
1208 *aResult = mBlockAllMixedContent;
1209 return NS_OK;
1210 }
1211
1212 NS_IMETHODIMP
1213 LoadInfo::GetUpgradeInsecureRequests(bool* aResult) {
1214 *aResult = mUpgradeInsecureRequests;
1215 return NS_OK;
1216 }
1217
1218 NS_IMETHODIMP
1219 LoadInfo::GetBrowserUpgradeInsecureRequests(bool* aResult) {
1220 *aResult = mBrowserUpgradeInsecureRequests;
1221 return NS_OK;
1222 }
1223
1224 NS_IMETHODIMP
1225 LoadInfo::GetBrowserDidUpgradeInsecureRequests(bool* aResult) {
1226 *aResult = mBrowserDidUpgradeInsecureRequests;
1227 return NS_OK;
1228 }
1229
1230 NS_IMETHODIMP
1231 LoadInfo::GetBrowserWouldUpgradeInsecureRequests(bool* aResult) {
1232 *aResult = mBrowserWouldUpgradeInsecureRequests;
1233 return NS_OK;
1234 }
1235
1236 NS_IMETHODIMP
1237 LoadInfo::SetForceAllowDataURI(bool aForceAllowDataURI) {
1238 MOZ_ASSERT(!mForceAllowDataURI ||
1239 mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
1240 "can only allow data URI navigation for TYPE_DOCUMENT");
1241 mForceAllowDataURI = aForceAllowDataURI;
1242 return NS_OK;
1243 }
1244
1245 NS_IMETHODIMP
1246 LoadInfo::GetForceAllowDataURI(bool* aForceAllowDataURI) {
1247 *aForceAllowDataURI = mForceAllowDataURI;
1248 return NS_OK;
1249 }
1250
1251 NS_IMETHODIMP
1252 LoadInfo::SetAllowInsecureRedirectToDataURI(
1253 bool aAllowInsecureRedirectToDataURI) {
1254 mAllowInsecureRedirectToDataURI = aAllowInsecureRedirectToDataURI;
1255 return NS_OK;
1256 }
1257
1258 NS_IMETHODIMP
1259 LoadInfo::GetAllowInsecureRedirectToDataURI(
1260 bool* aAllowInsecureRedirectToDataURI) {
1261 *aAllowInsecureRedirectToDataURI = mAllowInsecureRedirectToDataURI;
1262 return NS_OK;
1263 }
1264
1265 NS_IMETHODIMP
1266 LoadInfo::SetSkipContentPolicyCheckForWebRequest(bool aSkip) {
1267 mSkipContentPolicyCheckForWebRequest = aSkip;
1268 return NS_OK;
1269 }
1270
1271 NS_IMETHODIMP
1272 LoadInfo::GetSkipContentPolicyCheckForWebRequest(bool* aSkip) {
1273 *aSkip = mSkipContentPolicyCheckForWebRequest;
1274 return NS_OK;
1275 }
1276
1277 NS_IMETHODIMP
1278 LoadInfo::SetOriginalFrameSrcLoad(bool aOriginalFrameSrcLoad) {
1279 mOriginalFrameSrcLoad = aOriginalFrameSrcLoad;
1280 return NS_OK;
1281 }
1282
1283 NS_IMETHODIMP
1284 LoadInfo::GetOriginalFrameSrcLoad(bool* aOriginalFrameSrcLoad) {
1285 *aOriginalFrameSrcLoad = mOriginalFrameSrcLoad;
1286 return NS_OK;
1287 }
1288
1289 NS_IMETHODIMP
1290 LoadInfo::GetForceInheritPrincipalDropped(bool* aResult) {
1291 *aResult = mForceInheritPrincipalDropped;
1292 return NS_OK;
1293 }
1294
1295 NS_IMETHODIMP
1296 LoadInfo::GetInnerWindowID(uint64_t* aResult) {
1297 *aResult = mInnerWindowID;
1298 return NS_OK;
1299 }
1300
1301 NS_IMETHODIMP
1302 LoadInfo::GetBrowsingContextID(uint64_t* aResult) {
1303 *aResult = mBrowsingContextID;
1304 return NS_OK;
1305 }
1306
1307 NS_IMETHODIMP
1308 LoadInfo::GetWorkerAssociatedBrowsingContextID(uint64_t* aResult) {
1309 *aResult = mWorkerAssociatedBrowsingContextID;
1310 return NS_OK;
1311 }
1312
1313 NS_IMETHODIMP
1314 LoadInfo::SetWorkerAssociatedBrowsingContextID(uint64_t aID) {
1315 mWorkerAssociatedBrowsingContextID = aID;
1316 return NS_OK;
1317 }
1318
1319 NS_IMETHODIMP
1320 LoadInfo::GetFrameBrowsingContextID(uint64_t* aResult) {
1321 *aResult = mFrameBrowsingContextID;
1322 return NS_OK;
1323 }
1324
1325 NS_IMETHODIMP
1326 LoadInfo::GetTargetBrowsingContextID(uint64_t* aResult) {
1327 return (nsILoadInfo::GetExternalContentPolicyType() ==
1328 ExtContentPolicy::TYPE_SUBDOCUMENT)
1329 ? GetFrameBrowsingContextID(aResult)
1330 : GetBrowsingContextID(aResult);
1331 }
1332
1333 NS_IMETHODIMP
1334 LoadInfo::GetBrowsingContext(dom::BrowsingContext** aResult) {
1335 *aResult = BrowsingContext::Get(mBrowsingContextID).take();
1336 return NS_OK;
1337 }
1338
1339 NS_IMETHODIMP
1340 LoadInfo::GetWorkerAssociatedBrowsingContext(dom::BrowsingContext** aResult) {
1341 *aResult = BrowsingContext::Get(mWorkerAssociatedBrowsingContextID).take();
1342 return NS_OK;
1343 }
1344
1345 NS_IMETHODIMP
1346 LoadInfo::GetFrameBrowsingContext(dom::BrowsingContext** aResult) {
1347 *aResult = BrowsingContext::Get(mFrameBrowsingContextID).take();
1348 return NS_OK;
1349 }
1350
1351 NS_IMETHODIMP
1352 LoadInfo::GetTargetBrowsingContext(dom::BrowsingContext** aResult) {
1353 uint64_t targetBrowsingContextID = 0;
1354 MOZ_ALWAYS_SUCCEEDS(GetTargetBrowsingContextID(&targetBrowsingContextID));
1355 *aResult = BrowsingContext::Get(targetBrowsingContextID).take();
1356 return NS_OK;
1357 }
1358
1359 NS_IMETHODIMP
1360 LoadInfo::GetScriptableOriginAttributes(
1361 JSContext* aCx, JS::MutableHandle<JS::Value> aOriginAttributes) {
1362 if (NS_WARN_IF(!ToJSValue(aCx, mOriginAttributes, aOriginAttributes))) {
1363 return NS_ERROR_FAILURE;
1364 }
1365 return NS_OK;
1366 }
1367
1368 NS_IMETHODIMP
1369 LoadInfo::ResetPrincipalToInheritToNullPrincipal() {
1370 // take the originAttributes from the LoadInfo and create
1371 // a new NullPrincipal using those origin attributes.
1372 nsCOMPtr<nsIPrincipal> newNullPrincipal =
1373 NullPrincipal::Create(mOriginAttributes);
1374
1375 mPrincipalToInherit = newNullPrincipal;
1376
1377 // setting SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER will overrule
1378 // any non null owner set on the channel and will return the principal
1379 // form the loadinfo instead.
1380 mSecurityFlags |= SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER;
1381
1382 return NS_OK;
1383 }
1384
1385 NS_IMETHODIMP
1386 LoadInfo::SetScriptableOriginAttributes(
1387 JSContext* aCx, JS::Handle<JS::Value> aOriginAttributes) {
1388 OriginAttributes attrs;
1389 if (!aOriginAttributes.isObject() || !attrs.Init(aCx, aOriginAttributes)) {
1390 return NS_ERROR_INVALID_ARG;
1391 }
1392
1393 mOriginAttributes = attrs;
1394 return NS_OK;
1395 }
1396
1397 nsresult LoadInfo::GetOriginAttributes(
1398 mozilla::OriginAttributes* aOriginAttributes) {
1399 NS_ENSURE_ARG(aOriginAttributes);
1400 *aOriginAttributes = mOriginAttributes;
1401 return NS_OK;
1402 }
1403
1404 nsresult LoadInfo::SetOriginAttributes(
1405 const mozilla::OriginAttributes& aOriginAttributes) {
1406 mOriginAttributes = aOriginAttributes;
1407 return NS_OK;
1408 }
1409
1410 NS_IMETHODIMP
1411 LoadInfo::SetInitialSecurityCheckDone(bool aInitialSecurityCheckDone) {
1412 // Indicates whether the channel was ever evaluated by the
1413 // ContentSecurityManager. Once set to true, this flag must
1414 // remain true throughout the lifetime of the channel.
1415 // Setting it to anything else than true will be discarded.
1416 MOZ_ASSERT(aInitialSecurityCheckDone,
1417 "aInitialSecurityCheckDone must be true");
1418 mInitialSecurityCheckDone =
1419 mInitialSecurityCheckDone || aInitialSecurityCheckDone;
1420 return NS_OK;
1421 }
1422
1423 NS_IMETHODIMP
1424 LoadInfo::GetInitialSecurityCheckDone(bool* aResult) {
1425 *aResult = mInitialSecurityCheckDone;
1426 return NS_OK;
1427 }
1428
1429 // To prevent unintenional credential and information leaks in content
1430 // processes we can use this function to truncate a Principal's URI as much as
1431 // possible.
1432 already_AddRefed<nsIPrincipal> CreateTruncatedPrincipal(
1433 nsIPrincipal* aPrincipal) {
1434 nsCOMPtr<nsIPrincipal> truncatedPrincipal;
1435 // System Principal URIs don't need to be truncated as they don't contain any
1436 // sensitive browsing history information.
1437 if (aPrincipal->IsSystemPrincipal()) {
1438 truncatedPrincipal = aPrincipal;
1439 return truncatedPrincipal.forget();
1440 }
1441
1442 // Content Principal URIs are the main location of the information we need to
1443 // truncate.
1444 if (aPrincipal->GetIsContentPrincipal()) {
1445 // Certain URIs (chrome, resource, about) don't need to be truncated as they
1446 // should be free of any sensitive user browsing history.
1447 if (aPrincipal->SchemeIs("chrome") || aPrincipal->SchemeIs("resource") ||
1448 aPrincipal->SchemeIs("about")) {
1449 truncatedPrincipal = aPrincipal;
1450 return truncatedPrincipal.forget();
1451 }
1452
1453 // Different parts of the URI are preserved due to being vital to the
1454 // browser's operation.
1455 // Scheme for differentiating between different types of URIs and how to
1456 // truncate them and later on utilize them.
1457 // Host and Port to retain the redirect chain's core functionality.
1458 // Path would ideally be removed but needs to be retained to ensure that
1459 // http/https redirect loops can be detected.
1460 // The entirety of the Query String, Reference Fragment, and User Info
1461 // subcomponents must be stripped to avoid leaking Oauth tokens, user
1462 // identifiers, and similar bits of information that these subcomponents may
1463 // contain.
1464 nsAutoCString scheme;
1465 nsAutoCString separator("://");
1466 nsAutoCString hostPort;
1467 nsAutoCString path;
1468 nsAutoCString uriString("");
1469 if (aPrincipal->SchemeIs("view-source")) {
1470 // The path portion of the view-source URI will be the URI whose source is
1471 // being viewed, so we create a new URI object with a truncated form of
1472 // the path and append the view-source scheme to the front again.
1473 nsAutoCString viewSourcePath;
1474 aPrincipal->GetFilePath(viewSourcePath);
1475
1476 nsCOMPtr<nsIURI> nestedURI;
1477 nsresult rv = NS_NewURI(getter_AddRefs(nestedURI), viewSourcePath);
1478
1479 if (NS_FAILED(rv)) {
1480 // Since the path here should be an already validated URI this should
1481 // never happen.
1482 NS_WARNING(viewSourcePath.get());
1483 MOZ_ASSERT(false,
1484 "Failed to create truncated form of URI with NS_NewURI.");
1485 truncatedPrincipal = aPrincipal;
1486 return truncatedPrincipal.forget();
1487 }
1488
1489 nestedURI->GetScheme(scheme);
1490 nestedURI->GetHostPort(hostPort);
1491 nestedURI->GetFilePath(path);
1492 uriString += "view-source:";
1493 } else {
1494 aPrincipal->GetScheme(scheme);
1495 aPrincipal->GetHostPort(hostPort);
1496 aPrincipal->GetFilePath(path);
1497 }
1498 uriString += scheme + separator + hostPort + path;
1499
1500 nsCOMPtr<nsIURI> truncatedURI;
1501 nsresult rv = NS_NewURI(getter_AddRefs(truncatedURI), uriString);
1502 if (NS_FAILED(rv)) {
1503 NS_WARNING(uriString.get());
1504 MOZ_ASSERT(false,
1505 "Failed to create truncated form of URI with NS_NewURI.");
1506 truncatedPrincipal = aPrincipal;
1507 return truncatedPrincipal.forget();
1508 }
1509
1510 return BasePrincipal::CreateContentPrincipal(
1511 truncatedURI, aPrincipal->OriginAttributesRef());
1512 }
1513
1514 // Null Principal Precursor URIs can also contain information that needs to
1515 // be truncated.
1516 if (aPrincipal->GetIsNullPrincipal()) {
1517 nsCOMPtr<nsIPrincipal> precursorPrincipal =
1518 aPrincipal->GetPrecursorPrincipal();
1519 // If there is no precursor then nothing needs to be truncated.
1520 if (!precursorPrincipal) {
1521 truncatedPrincipal = aPrincipal;
1522 return truncatedPrincipal.forget();
1523 }
1524
1525 // Otherwise we return a new Null Principal with the original's Origin
1526 // Attributes and a truncated version of the original's precursor URI.
1527 nsCOMPtr<nsIPrincipal> truncatedPrecursor =
1528 CreateTruncatedPrincipal(precursorPrincipal);
1529 return NullPrincipal::CreateWithInheritedAttributes(truncatedPrecursor);
1530 }
1531
1532 // Expanded Principals shouldn't contain sensitive information but their
1533 // allowlists might so we truncate that information here.
1534 if (aPrincipal->GetIsExpandedPrincipal()) {
1535 nsTArray<nsCOMPtr<nsIPrincipal>> truncatedAllowList;
1536
1537 for (const auto& allowedPrincipal : BasePrincipal::Cast(aPrincipal)
1538 ->As<ExpandedPrincipal>()
1539 ->AllowList()) {
1540 nsCOMPtr<nsIPrincipal> truncatedPrincipal =
1541 CreateTruncatedPrincipal(allowedPrincipal);
1542
1543 truncatedAllowList.AppendElement(truncatedPrincipal);
1544 }
1545
1546 return ExpandedPrincipal::Create(truncatedAllowList,
1547 aPrincipal->OriginAttributesRef());
1548 }
1549
1550 // If we hit this assertion we need to update this function to add the
1551 // Principals and URIs seen as new corner cases to handle.
1552 MOZ_ASSERT(false, "Unhandled Principal or URI type encountered.");
1553
1554 truncatedPrincipal = aPrincipal;
1555 return truncatedPrincipal.forget();
1556 }
1557
1558 NS_IMETHODIMP
1559 LoadInfo::AppendRedirectHistoryEntry(nsIChannel* aChannel,
1560 bool aIsInternalRedirect) {
1561 NS_ENSURE_ARG(aChannel);
1562 MOZ_ASSERT(NS_IsMainThread());
1563
1564 nsCOMPtr<nsIPrincipal> uriPrincipal;
1565 nsIScriptSecurityManager* sm = nsContentUtils::GetSecurityManager();
1566 sm->GetChannelURIPrincipal(aChannel, getter_AddRefs(uriPrincipal));
1567
1568 nsCOMPtr<nsIURI> referrer;
1569 nsCString remoteAddress;
1570
1571 nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(aChannel));
1572 if (httpChannel) {
1573 nsCOMPtr<nsIReferrerInfo> referrerInfo;
1574 Unused << httpChannel->GetReferrerInfo(getter_AddRefs(referrerInfo));
1575 if (referrerInfo) {
1576 referrer = referrerInfo->GetComputedReferrer();
1577 }
1578
1579 nsCOMPtr<nsIHttpChannelInternal> intChannel(do_QueryInterface(aChannel));
1580 if (intChannel) {
1581 Unused << intChannel->GetRemoteAddress(remoteAddress);
1582 }
1583 }
1584
1585 nsCOMPtr<nsIPrincipal> truncatedPrincipal =
1586 CreateTruncatedPrincipal(uriPrincipal);
1587
1588 nsCOMPtr<nsIRedirectHistoryEntry> entry =
1589 new nsRedirectHistoryEntry(truncatedPrincipal, referrer, remoteAddress);
1590
1591 mRedirectChainIncludingInternalRedirects.AppendElement(entry);
1592 if (!aIsInternalRedirect) {
1593 mRedirectChain.AppendElement(entry);
1594 }
1595 return NS_OK;
1596 }
1597
1598 NS_IMETHODIMP
1599 LoadInfo::GetRedirects(JSContext* aCx, JS::MutableHandle<JS::Value> aRedirects,
1600 const RedirectHistoryArray& aArray) {
1601 JS::Rooted<JSObject*> redirects(aCx,
1602 JS::NewArrayObject(aCx, aArray.Length()));
1603 NS_ENSURE_TRUE(redirects, NS_ERROR_OUT_OF_MEMORY);
1604
1605 JS::Rooted<JSObject*> global(aCx, JS::CurrentGlobalOrNull(aCx));
1606 NS_ENSURE_TRUE(global, NS_ERROR_UNEXPECTED);
1607
1608 nsCOMPtr<nsIXPConnect> xpc = nsIXPConnect::XPConnect();
1609
1610 for (size_t idx = 0; idx < aArray.Length(); idx++) {
1611 JS::Rooted<JSObject*> jsobj(aCx);
1612 nsresult rv =
1613 xpc->WrapNative(aCx, global, aArray[idx],
1614 NS_GET_IID(nsIRedirectHistoryEntry), jsobj.address());
1615 NS_ENSURE_SUCCESS(rv, rv);
1616 NS_ENSURE_STATE(jsobj);
1617
1618 bool rc = JS_DefineElement(aCx, redirects, idx, jsobj, JSPROP_ENUMERATE);
1619 NS_ENSURE_TRUE(rc, NS_ERROR_UNEXPECTED);
1620 }
1621
1622 aRedirects.setObject(*redirects);
1623 return NS_OK;
1624 }
1625
1626 NS_IMETHODIMP
1627 LoadInfo::GetRedirectChainIncludingInternalRedirects(
1628 JSContext* aCx, JS::MutableHandle<JS::Value> aChain) {
1629 return GetRedirects(aCx, aChain, mRedirectChainIncludingInternalRedirects);
1630 }
1631
1632 const RedirectHistoryArray&
1633 LoadInfo::RedirectChainIncludingInternalRedirects() {
1634 return mRedirectChainIncludingInternalRedirects;
1635 }
1636
1637 NS_IMETHODIMP
1638 LoadInfo::GetRedirectChain(JSContext* aCx,
1639 JS::MutableHandle<JS::Value> aChain) {
1640 return GetRedirects(aCx, aChain, mRedirectChain);
1641 }
1642
1643 const RedirectHistoryArray& LoadInfo::RedirectChain() { return mRedirectChain; }
1644
1645 const nsTArray<nsCOMPtr<nsIPrincipal>>& LoadInfo::AncestorPrincipals() {
1646 return mAncestorPrincipals;
1647 }
1648
1649 const nsTArray<uint64_t>& LoadInfo::AncestorBrowsingContextIDs() {
1650 return mAncestorBrowsingContextIDs;
1651 }
1652
1653 void LoadInfo::SetCorsPreflightInfo(const nsTArray<nsCString>& aHeaders,
1654 bool aForcePreflight) {
1655 MOZ_ASSERT(GetSecurityMode() ==
1656 nsILoadInfo::SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT);
1657 MOZ_ASSERT(!mInitialSecurityCheckDone);
1658 mCorsUnsafeHeaders = aHeaders.Clone();
1659 mForcePreflight = aForcePreflight;
1660 }
1661
1662 const nsTArray<nsCString>& LoadInfo::CorsUnsafeHeaders() {
1663 return mCorsUnsafeHeaders;
1664 }
1665
1666 NS_IMETHODIMP
1667 LoadInfo::GetForcePreflight(bool* aForcePreflight) {
1668 *aForcePreflight = mForcePreflight;
1669 return NS_OK;
1670 }
1671
1672 void LoadInfo::SetIsPreflight() {
1673 MOZ_ASSERT(GetSecurityMode() ==
1674 nsILoadInfo::SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT);
1675 MOZ_ASSERT(!mInitialSecurityCheckDone);
1676 mIsPreflight = true;
1677 }
1678
1679 void LoadInfo::SetUpgradeInsecureRequests(bool aValue) {
1680 mUpgradeInsecureRequests = aValue;
1681 }
1682
1683 void LoadInfo::SetBrowserUpgradeInsecureRequests() {
1684 mBrowserUpgradeInsecureRequests = true;
1685 }
1686
1687 NS_IMETHODIMP
1688 LoadInfo::SetBrowserDidUpgradeInsecureRequests(
1689 bool aBrowserDidUpgradeInsecureRequests) {
1690 mBrowserDidUpgradeInsecureRequests = aBrowserDidUpgradeInsecureRequests;
1691 return NS_OK;
1692 }
1693
1694 void LoadInfo::SetBrowserWouldUpgradeInsecureRequests() {
1695 mBrowserWouldUpgradeInsecureRequests = true;
1696 }
1697
1698 NS_IMETHODIMP
1699 LoadInfo::GetIsPreflight(bool* aIsPreflight) {
1700 *aIsPreflight = mIsPreflight;
1701 return NS_OK;
1702 }
1703
1704 NS_IMETHODIMP
1705 LoadInfo::SetLoadTriggeredFromExternal(bool aLoadTriggeredFromExternal) {
1706 MOZ_ASSERT(!aLoadTriggeredFromExternal ||
1707 mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT,
1708 "can only set load triggered from external for TYPE_DOCUMENT");
1709 mLoadTriggeredFromExternal = aLoadTriggeredFromExternal;
1710 return NS_OK;
1711 }
1712
1713 NS_IMETHODIMP
1714 LoadInfo::GetLoadTriggeredFromExternal(bool* aLoadTriggeredFromExternal) {
1715 *aLoadTriggeredFromExternal = mLoadTriggeredFromExternal;
1716 return NS_OK;
1717 }
1718
1719 NS_IMETHODIMP
1720 LoadInfo::GetServiceWorkerTaintingSynthesized(
1721 bool* aServiceWorkerTaintingSynthesized) {
1722 MOZ_ASSERT(aServiceWorkerTaintingSynthesized);
1723 *aServiceWorkerTaintingSynthesized = mServiceWorkerTaintingSynthesized;
1724 return NS_OK;
1725 }
1726
1727 NS_IMETHODIMP
1728 LoadInfo::GetTainting(uint32_t* aTaintingOut) {
1729 MOZ_ASSERT(aTaintingOut);
1730 *aTaintingOut = static_cast<uint32_t>(mTainting);
1731 return NS_OK;
1732 }
1733
1734 NS_IMETHODIMP
1735 LoadInfo::MaybeIncreaseTainting(uint32_t aTainting) {
1736 NS_ENSURE_ARG(aTainting <= TAINTING_OPAQUE);
1737
1738 // Skip if the tainting has been set by the service worker.
1739 if (mServiceWorkerTaintingSynthesized) {
1740 return NS_OK;
1741 }
1742
1743 LoadTainting tainting = static_cast<LoadTainting>(aTainting);
1744 if (tainting > mTainting) {
1745 mTainting = tainting;
1746 }
1747 return NS_OK;
1748 }
1749
1750 void LoadInfo::SynthesizeServiceWorkerTainting(LoadTainting aTainting) {
1751 MOZ_DIAGNOSTIC_ASSERT(aTainting <= LoadTainting::Opaque);
1752 mTainting = aTainting;
1753
1754 // Flag to prevent the tainting from being increased.
1755 mServiceWorkerTaintingSynthesized = true;
1756 }
1757
1758 NS_IMETHODIMP
1759 LoadInfo::GetDocumentHasUserInteracted(bool* aDocumentHasUserInteracted) {
1760 MOZ_ASSERT(aDocumentHasUserInteracted);
1761 *aDocumentHasUserInteracted = mDocumentHasUserInteracted;
1762 return NS_OK;
1763 }
1764
1765 NS_IMETHODIMP
1766 LoadInfo::SetDocumentHasUserInteracted(bool aDocumentHasUserInteracted) {
1767 mDocumentHasUserInteracted = aDocumentHasUserInteracted;
1768 return NS_OK;
1769 }
1770
1771 NS_IMETHODIMP
1772 LoadInfo::GetAllowListFutureDocumentsCreatedFromThisRedirectChain(
1773 bool* aValue) {
1774 MOZ_ASSERT(aValue);
1775 *aValue = mAllowListFutureDocumentsCreatedFromThisRedirectChain;
1776 return NS_OK;
1777 }
1778
1779 NS_IMETHODIMP
1780 LoadInfo::SetAllowListFutureDocumentsCreatedFromThisRedirectChain(bool aValue) {
1781 mAllowListFutureDocumentsCreatedFromThisRedirectChain = aValue;
1782 return NS_OK;
1783 }
1784
1785 NS_IMETHODIMP
1786 LoadInfo::GetNeedForCheckingAntiTrackingHeuristic(bool* aValue) {
1787 MOZ_ASSERT(aValue);
1788 *aValue = mNeedForCheckingAntiTrackingHeuristic;
1789 return NS_OK;
1790 }
1791
1792 NS_IMETHODIMP
1793 LoadInfo::SetNeedForCheckingAntiTrackingHeuristic(bool aValue) {
1794 mNeedForCheckingAntiTrackingHeuristic = aValue;
1795 return NS_OK;
1796 }
1797
1798 NS_IMETHODIMP
1799 LoadInfo::GetCspNonce(nsAString& aCspNonce) {
1800 aCspNonce = mCspNonce;
1801 return NS_OK;
1802 }
1803
1804 NS_IMETHODIMP
1805 LoadInfo::SetCspNonce(const nsAString& aCspNonce) {
1806 MOZ_ASSERT(!mInitialSecurityCheckDone,
1807 "setting the nonce is only allowed before any sec checks");
1808 mCspNonce = aCspNonce;
1809 return NS_OK;
1810 }
1811
1812 NS_IMETHODIMP
1813 LoadInfo::GetIntegrityMetadata(nsAString& aIntegrityMetadata) {
1814 aIntegrityMetadata = mIntegrityMetadata;
1815 return NS_OK;
1816 }
1817
1818 NS_IMETHODIMP
1819 LoadInfo::SetIntegrityMetadata(const nsAString& aIntegrityMetadata) {
1820 MOZ_ASSERT(!mInitialSecurityCheckDone,
1821 "setting the nonce is only allowed before any sec checks");
1822 mIntegrityMetadata = aIntegrityMetadata;
1823 return NS_OK;
1824 }
1825
1826 NS_IMETHODIMP
1827 LoadInfo::GetSkipContentSniffing(bool* aSkipContentSniffing) {
1828 *aSkipContentSniffing = mSkipContentSniffing;
1829 return NS_OK;
1830 }
1831
1832 NS_IMETHODIMP
1833 LoadInfo::SetSkipContentSniffing(bool aSkipContentSniffing) {
1834 mSkipContentSniffing = aSkipContentSniffing;
1835 return NS_OK;
1836 }
1837
1838 NS_IMETHODIMP
1839 LoadInfo::GetHttpsOnlyStatus(uint32_t* aHttpsOnlyStatus) {
1840 *aHttpsOnlyStatus = mHttpsOnlyStatus;
1841 return NS_OK;
1842 }
1843
1844 NS_IMETHODIMP
1845 LoadInfo::SetHttpsOnlyStatus(uint32_t aHttpsOnlyStatus) {
1846 mHttpsOnlyStatus = aHttpsOnlyStatus;
1847 return NS_OK;
1848 }
1849
1850 NS_IMETHODIMP
1851 LoadInfo::GetHstsStatus(bool* aHstsStatus) {
1852 *aHstsStatus = mHstsStatus;
1853 return NS_OK;
1854 }
1855
1856 NS_IMETHODIMP
1857 LoadInfo::SetHstsStatus(bool aHstsStatus) {
1858 mHstsStatus = aHstsStatus;
1859 return NS_OK;
1860 }
1861
1862 NS_IMETHODIMP
1863 LoadInfo::GetHasValidUserGestureActivation(
1864 bool* aHasValidUserGestureActivation) {
1865 *aHasValidUserGestureActivation = mHasValidUserGestureActivation;
1866 return NS_OK;
1867 }
1868
1869 NS_IMETHODIMP
1870 LoadInfo::SetHasValidUserGestureActivation(
1871 bool aHasValidUserGestureActivation) {
1872 mHasValidUserGestureActivation = aHasValidUserGestureActivation;
1873 return NS_OK;
1874 }
1875
1876 NS_IMETHODIMP
1877 LoadInfo::GetAllowDeprecatedSystemRequests(
1878 bool* aAllowDeprecatedSystemRequests) {
1879 *aAllowDeprecatedSystemRequests = mAllowDeprecatedSystemRequests;
1880 return NS_OK;
1881 }
1882
1883 NS_IMETHODIMP
1884 LoadInfo::SetAllowDeprecatedSystemRequests(
1885 bool aAllowDeprecatedSystemRequests) {
1886 mAllowDeprecatedSystemRequests = aAllowDeprecatedSystemRequests;
1887 return NS_OK;
1888 }
1889
1890 NS_IMETHODIMP
1891 LoadInfo::GetIsUserTriggeredSave(bool* aIsUserTriggeredSave) {
1892 *aIsUserTriggeredSave =
1893 mIsUserTriggeredSave ||
1894 mInternalContentPolicyType == nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD;
1895 return NS_OK;
1896 }
1897
1898 NS_IMETHODIMP
1899 LoadInfo::SetIsUserTriggeredSave(bool aIsUserTriggeredSave) {
1900 mIsUserTriggeredSave = aIsUserTriggeredSave;
1901 return NS_OK;
1902 }
1903
1904 NS_IMETHODIMP
1905 LoadInfo::GetIsInDevToolsContext(bool* aIsInDevToolsContext) {
1906 *aIsInDevToolsContext = mIsInDevToolsContext;
1907 return NS_OK;
1908 }
1909
1910 NS_IMETHODIMP
1911 LoadInfo::SetIsInDevToolsContext(bool aIsInDevToolsContext) {
1912 mIsInDevToolsContext = aIsInDevToolsContext;
1913 return NS_OK;
1914 }
1915
1916 NS_IMETHODIMP
1917 LoadInfo::GetParserCreatedScript(bool* aParserCreatedScript) {
1918 *aParserCreatedScript = mParserCreatedScript;
1919 return NS_OK;
1920 }
1921
1922 NS_IMETHODIMP
1923 LoadInfo::SetParserCreatedScript(bool aParserCreatedScript) {
1924 mParserCreatedScript = aParserCreatedScript;
1925 return NS_OK;
1926 }
1927
1928 NS_IMETHODIMP
1929 LoadInfo::GetIsTopLevelLoad(bool* aResult) {
1930 RefPtr<dom::BrowsingContext> bc;
1931 GetTargetBrowsingContext(getter_AddRefs(bc));
1932 *aResult = !bc || bc->IsTop();
1933 return NS_OK;
1934 }
1935
1936 void LoadInfo::SetIsFromProcessingFrameAttributes() {
1937 mIsFromProcessingFrameAttributes = true;
1938 }
1939
1940 NS_IMETHODIMP
1941 LoadInfo::GetIsFromProcessingFrameAttributes(
1942 bool* aIsFromProcessingFrameAttributes) {
1943 MOZ_ASSERT(aIsFromProcessingFrameAttributes);
1944 *aIsFromProcessingFrameAttributes = mIsFromProcessingFrameAttributes;
1945 return NS_OK;
1946 }
1947
1948 NS_IMETHODIMP
1949 LoadInfo::SetIsMediaRequest(bool aIsMediaRequest) {
1950 mIsMediaRequest = aIsMediaRequest;
1951 return NS_OK;
1952 }
1953
1954 NS_IMETHODIMP
1955 LoadInfo::GetIsMediaRequest(bool* aIsMediaRequest) {
1956 MOZ_ASSERT(aIsMediaRequest);
1957 *aIsMediaRequest = mIsMediaRequest;
1958 return NS_OK;
1959 }
1960
1961 NS_IMETHODIMP
1962 LoadInfo::SetIsMediaInitialRequest(bool aIsMediaInitialRequest) {
1963 mIsMediaInitialRequest = aIsMediaInitialRequest;
1964 return NS_OK;
1965 }
1966
1967 NS_IMETHODIMP
1968 LoadInfo::GetIsMediaInitialRequest(bool* aIsMediaInitialRequest) {
1969 MOZ_ASSERT(aIsMediaInitialRequest);
1970 *aIsMediaInitialRequest = mIsMediaInitialRequest;
1971 return NS_OK;
1972 }
1973
1974 NS_IMETHODIMP
1975 LoadInfo::SetIsFromObjectOrEmbed(bool aIsFromObjectOrEmbed) {
1976 mIsFromObjectOrEmbed = aIsFromObjectOrEmbed;
1977 return NS_OK;
1978 }
1979
1980 NS_IMETHODIMP
1981 LoadInfo::GetIsFromObjectOrEmbed(bool* aIsFromObjectOrEmbed) {
1982 MOZ_ASSERT(aIsFromObjectOrEmbed);
1983 *aIsFromObjectOrEmbed = mIsFromObjectOrEmbed;
1984 return NS_OK;
1985 }
1986
1987 NS_IMETHODIMP
1988 LoadInfo::GetShouldSkipCheckForBrokenURLOrZeroSized(
1989 bool* aShouldSkipCheckForBrokenURLOrZeroSized) {
1990 MOZ_ASSERT(aShouldSkipCheckForBrokenURLOrZeroSized);
1991 *aShouldSkipCheckForBrokenURLOrZeroSized = mSkipCheckForBrokenURLOrZeroSized;
1992 return NS_OK;
1993 }
1994
1995 NS_IMETHODIMP
1996 LoadInfo::GetResultPrincipalURI(nsIURI** aURI) {
1997 *aURI = do_AddRef(mResultPrincipalURI).take();
1998 return NS_OK;
1999 }
2000
2001 NS_IMETHODIMP
2002 LoadInfo::SetResultPrincipalURI(nsIURI* aURI) {
2003 mResultPrincipalURI = aURI;
2004 return NS_OK;
2005 }
2006
2007 NS_IMETHODIMP
2008 LoadInfo::GetChannelCreationOriginalURI(nsIURI** aURI) {
2009 *aURI = do_AddRef(mChannelCreationOriginalURI).take();
2010 return NS_OK;
2011 }
2012
2013 NS_IMETHODIMP
2014 LoadInfo::SetChannelCreationOriginalURI(nsIURI* aURI) {
2015 mChannelCreationOriginalURI = aURI;
2016 return NS_OK;
2017 }
2018
2019 NS_IMETHODIMP
2020 LoadInfo::SetRequestBlockingReason(uint32_t aReason) {
2021 mRequestBlockingReason = aReason;
2022 return NS_OK;
2023 }
2024 NS_IMETHODIMP
2025 LoadInfo::GetRequestBlockingReason(uint32_t* aReason) {
2026 *aReason = mRequestBlockingReason;
2027 return NS_OK;
2028 }
2029
2030 NS_IMETHODIMP
2031 LoadInfo::GetUnstrippedURI(nsIURI** aURI) {
2032 *aURI = do_AddRef(mUnstrippedURI).take();
2033 return NS_OK;
2034 }
2035
2036 NS_IMETHODIMP
2037 LoadInfo::SetUnstrippedURI(nsIURI* aURI) {
2038 mUnstrippedURI = aURI;
2039 return NS_OK;
2040 }
2041
2042 void LoadInfo::SetClientInfo(const ClientInfo& aClientInfo) {
2043 mClientInfo.emplace(aClientInfo);
2044 }
2045
2046 const Maybe<ClientInfo>& LoadInfo::GetClientInfo() { return mClientInfo; }
2047
2048 void LoadInfo::GiveReservedClientSource(
2049 UniquePtr<ClientSource>&& aClientSource) {
2050 MOZ_DIAGNOSTIC_ASSERT(aClientSource);
2051 mReservedClientSource = std::move(aClientSource);
2052 SetReservedClientInfo(mReservedClientSource->Info());
2053 }
2054
2055 UniquePtr<ClientSource> LoadInfo::TakeReservedClientSource() {
2056 if (mReservedClientSource) {
2057 // If the reserved ClientInfo was set due to a ClientSource being present,
2058 // then clear that info object when the ClientSource is taken.
2059 mReservedClientInfo.reset();
2060 }
2061 return std::move(mReservedClientSource);
2062 }
2063
2064 void LoadInfo::SetReservedClientInfo(const ClientInfo& aClientInfo) {
2065 MOZ_DIAGNOSTIC_ASSERT(mInitialClientInfo.isNothing());
2066 // Treat assignments of the same value as a no-op. The emplace below
2067 // will normally assert when overwriting an existing value.
2068 if (mReservedClientInfo.isSome()) {
2069 if (mReservedClientInfo.ref() == aClientInfo) {
2070 return;
2071 }
2072 MOZ_DIAGNOSTIC_ASSERT(false, "mReservedClientInfo already set");
2073 mReservedClientInfo.reset();
2074 }
2075 mReservedClientInfo.emplace(aClientInfo);
2076 }
2077
2078 void LoadInfo::OverrideReservedClientInfoInParent(
2079 const ClientInfo& aClientInfo) {
2080 // This should only be called to handle redirects in the parent process.
2081 MOZ_ASSERT(XRE_GetProcessType() == GeckoProcessType_Default);
2082
2083 mInitialClientInfo.reset();
2084 mReservedClientInfo.reset();
2085 mReservedClientInfo.emplace(aClientInfo);
2086 }
2087
2088 const Maybe<ClientInfo>& LoadInfo::GetReservedClientInfo() {
2089 return mReservedClientInfo;
2090 }
2091
2092 void LoadInfo::SetInitialClientInfo(const ClientInfo& aClientInfo) {
2093 MOZ_DIAGNOSTIC_ASSERT(!mReservedClientSource);
2094 MOZ_DIAGNOSTIC_ASSERT(mReservedClientInfo.isNothing());
2095 // Treat assignments of the same value as a no-op. The emplace below
2096 // will normally assert when overwriting an existing value.
2097 if (mInitialClientInfo.isSome() && mInitialClientInfo.ref() == aClientInfo) {
2098 return;
2099 }
2100 mInitialClientInfo.emplace(aClientInfo);
2101 }
2102
2103 const Maybe<ClientInfo>& LoadInfo::GetInitialClientInfo() {
2104 return mInitialClientInfo;
2105 }
2106
2107 void LoadInfo::SetController(const ServiceWorkerDescriptor& aServiceWorker) {
2108 mController.emplace(aServiceWorker);
2109 }
2110
2111 void LoadInfo::ClearController() { mController.reset(); }
2112
2113 const Maybe<ServiceWorkerDescriptor>& LoadInfo::GetController() {
2114 return mController;
2115 }
2116
2117 void LoadInfo::SetPerformanceStorage(PerformanceStorage* aPerformanceStorage) {
2118 mPerformanceStorage = aPerformanceStorage;
2119 }
2120
2121 PerformanceStorage* LoadInfo::GetPerformanceStorage() {
2122 if (mPerformanceStorage) {
2123 return mPerformanceStorage;
2124 }
2125
2126 auto* innerWindow = nsGlobalWindowInner::GetInnerWindowWithId(mInnerWindowID);
2127 if (!innerWindow) {
2128 return nullptr;
2129 }
2130
2131 if (!TriggeringPrincipal()->Equals(innerWindow->GetPrincipal())) {
2132 return nullptr;
2133 }
2134
2135 if (nsILoadInfo::GetExternalContentPolicyType() ==
2136 ExtContentPolicy::TYPE_SUBDOCUMENT &&
2137 !GetIsFromProcessingFrameAttributes()) {
2138 // We only report loads caused by processing the attributes of the
2139 // browsing context container.
2140 return nullptr;
2141 }
2142
2143 mozilla::dom::Performance* performance = innerWindow->GetPerformance();
2144 if (!performance) {
2145 return nullptr;
2146 }
2147
2148 return performance->AsPerformanceStorage();
2149 }
2150
2151 NS_IMETHODIMP
2152 LoadInfo::GetCspEventListener(nsICSPEventListener** aCSPEventListener) {
2153 *aCSPEventListener = do_AddRef(mCSPEventListener).take();
2154 return NS_OK;
2155 }
2156
2157 NS_IMETHODIMP
2158 LoadInfo::SetCspEventListener(nsICSPEventListener* aCSPEventListener) {
2159 mCSPEventListener = aCSPEventListener;
2160 return NS_OK;
2161 }
2162
2163 NS_IMETHODIMP
2164 LoadInfo::GetInternalContentPolicyType(nsContentPolicyType* aResult) {
2165 *aResult = mInternalContentPolicyType;
2166 return NS_OK;
2167 }
2168
2169 NS_IMETHODIMP
2170 LoadInfo::GetLoadingEmbedderPolicy(
2171 nsILoadInfo::CrossOriginEmbedderPolicy* aOutPolicy) {
2172 *aOutPolicy = mLoadingEmbedderPolicy;
2173 return NS_OK;
2174 }
2175
2176 NS_IMETHODIMP
2177 LoadInfo::SetLoadingEmbedderPolicy(
2178 nsILoadInfo::CrossOriginEmbedderPolicy aPolicy) {
2179 mLoadingEmbedderPolicy = aPolicy;
2180 return NS_OK;
2181 }
2182
2183 NS_IMETHODIMP
2184 LoadInfo::GetIsOriginTrialCoepCredentiallessEnabledForTopLevel(
2185 bool* aIsOriginTrialCoepCredentiallessEnabledForTopLevel) {
2186 *aIsOriginTrialCoepCredentiallessEnabledForTopLevel =
2187 mIsOriginTrialCoepCredentiallessEnabledForTopLevel;
2188 return NS_OK;
2189 }
2190
2191 NS_IMETHODIMP
2192 LoadInfo::SetIsOriginTrialCoepCredentiallessEnabledForTopLevel(
2193 bool aIsOriginTrialCoepCredentiallessEnabledForTopLevel) {
2194 mIsOriginTrialCoepCredentiallessEnabledForTopLevel =
2195 aIsOriginTrialCoepCredentiallessEnabledForTopLevel;
2196 return NS_OK;
2197 }
2198
2199 already_AddRefed<nsIContentSecurityPolicy> LoadInfo::GetCsp() {
2200 // Before querying the CSP from the client we have to check if the
2201 // triggeringPrincipal originates from an addon and potentially
2202 // overrides the CSP stored within the client.
2203 if (mLoadingPrincipal && BasePrincipal::Cast(mTriggeringPrincipal)
2204 ->OverridesCSP(mLoadingPrincipal)) {
2205 nsCOMPtr<nsIExpandedPrincipal> ep = do_QueryInterface(mTriggeringPrincipal);
2206 nsCOMPtr<nsIContentSecurityPolicy> addonCSP;
2207 if (ep) {
2208 addonCSP = ep->GetCsp();
2209 }
2210 return addonCSP.forget();
2211 }
2212
2213 if (mClientInfo.isNothing()) {
2214 return nullptr;
2215 }
2216
2217 nsCOMPtr<nsINode> node = do_QueryReferent(mLoadingContext);
2218 RefPtr<Document> doc = node ? node->OwnerDoc() : nullptr;
2219
2220 // If the client is of type window, then we return the cached CSP
2221 // stored on the document instead of having to deserialize the CSP
2222 // from the ClientInfo.
2223 if (doc && mClientInfo->Type() == ClientType::Window) {
2224 nsCOMPtr<nsIContentSecurityPolicy> docCSP = doc->GetCsp();
2225 return docCSP.forget();
2226 }
2227
2228 Maybe<mozilla::ipc::CSPInfo> cspInfo = mClientInfo->GetCspInfo();
2229 if (cspInfo.isNothing()) {
2230 return nullptr;
2231 }
2232 nsCOMPtr<nsIContentSecurityPolicy> clientCSP =
2233 CSPInfoToCSP(cspInfo.ref(), doc);
2234 return clientCSP.forget();
2235 }
2236
2237 already_AddRefed<nsIContentSecurityPolicy> LoadInfo::GetPreloadCsp() {
2238 if (mClientInfo.isNothing()) {
2239 return nullptr;
2240 }
2241
2242 nsCOMPtr<nsINode> node = do_QueryReferent(mLoadingContext);
2243 RefPtr<Document> doc = node ? node->OwnerDoc() : nullptr;
2244
2245 // If the client is of type window, then we return the cached CSP
2246 // stored on the document instead of having to deserialize the CSP
2247 // from the ClientInfo.
2248 if (doc && mClientInfo->Type() == ClientType::Window) {
2249 nsCOMPtr<nsIContentSecurityPolicy> preloadCsp = doc->GetPreloadCsp();
2250 return preloadCsp.forget();
2251 }
2252
2253 Maybe<mozilla::ipc::CSPInfo> cspInfo = mClientInfo->GetPreloadCspInfo();
2254 if (cspInfo.isNothing()) {
2255 return nullptr;
2256 }
2257 nsCOMPtr<nsIContentSecurityPolicy> preloadCSP =
2258 CSPInfoToCSP(cspInfo.ref(), doc);
2259 return preloadCSP.forget();
2260 }
2261
2262 already_AddRefed<nsIContentSecurityPolicy> LoadInfo::GetCspToInherit() {
2263 nsCOMPtr<nsIContentSecurityPolicy> cspToInherit = mCspToInherit;
2264 return cspToInherit.forget();
2265 }
2266
2267 nsIInterceptionInfo* LoadInfo::InterceptionInfo() { return mInterceptionInfo; }
2268
2269 void LoadInfo::SetInterceptionInfo(nsIInterceptionInfo* aInfo) {
2270 mInterceptionInfo = aInfo;
2271 }
2272
2273 NS_IMETHODIMP
2274 LoadInfo::GetHasInjectedCookieForCookieBannerHandling(
2275 bool* aHasInjectedCookieForCookieBannerHandling) {
2276 *aHasInjectedCookieForCookieBannerHandling =
2277 mHasInjectedCookieForCookieBannerHandling;
2278 return NS_OK;
2279 }
2280
2281 NS_IMETHODIMP
2282 LoadInfo::SetHasInjectedCookieForCookieBannerHandling(
2283 bool aHasInjectedCookieForCookieBannerHandling) {
2284 mHasInjectedCookieForCookieBannerHandling =
2285 aHasInjectedCookieForCookieBannerHandling;
2286 return NS_OK;
2287 }
2288
2289 } // namespace mozilla::net