1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim:set ts=4 sw=2 sts=2 et cin: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 // HttpLog.h should generally be included first
8 #include "DecoderDoctorDiagnostics.h"
11 #include "nsNetUtil.h"
13 #include "mozilla/Atomics.h"
14 #include "mozilla/BasePrincipal.h"
15 #include "mozilla/Components.h"
16 #include "mozilla/Encoding.h"
17 #include "mozilla/LoadContext.h"
18 #include "mozilla/LoadInfo.h"
19 #include "mozilla/Monitor.h"
20 #include "mozilla/StaticPrefs_browser.h"
21 #include "mozilla/StaticPrefs_network.h"
22 #include "mozilla/StaticPrefs_privacy.h"
23 #include "mozilla/StoragePrincipalHelper.h"
24 #include "mozilla/TaskQueue.h"
25 #include "mozilla/Telemetry.h"
26 #include "nsBufferedStreams.h"
27 #include "nsCategoryCache.h"
28 #include "nsComponentManagerUtils.h"
29 #include "nsContentUtils.h"
31 #include "nsFileStreams.h"
32 #include "nsHashKeys.h"
34 #include "nsMimeTypes.h"
35 #include "nsIAuthPrompt.h"
36 #include "nsIAuthPrompt2.h"
37 #include "nsIAuthPromptAdapterFactory.h"
38 #include "nsIBufferedStreams.h"
39 #include "nsBufferedStreams.h"
40 #include "nsIChannelEventSink.h"
41 #include "nsIContentSniffer.h"
42 #include "mozilla/dom/Document.h"
43 #include "nsIDownloader.h"
44 #include "nsIFileProtocolHandler.h"
45 #include "nsIFileStreams.h"
46 #include "nsIFileURL.h"
47 #include "nsIIDNService.h"
48 #include "nsIInputStreamChannel.h"
49 #include "nsIInputStreamPump.h"
50 #include "nsIInterfaceRequestorUtils.h"
51 #include "nsILoadContext.h"
52 #include "nsIMIMEHeaderParam.h"
54 #include "nsIObjectLoadingContent.h"
55 #include "nsPersistentProperties.h"
56 #include "nsIPrivateBrowsingChannel.h"
57 #include "nsIPropertyBag2.h"
58 #include "nsIProtocolProxyService.h"
59 #include "mozilla/net/RedirectChannelRegistrar.h"
60 #include "nsRequestObserverProxy.h"
61 #include "nsISensitiveInfoHiddenURI.h"
62 #include "nsISimpleStreamListener.h"
63 #include "nsISocketProvider.h"
64 #include "nsIStandardURL.h"
65 #include "nsIStreamLoader.h"
66 #include "nsIIncrementalStreamLoader.h"
67 #include "nsStringStream.h"
68 #include "nsSyncStreamListener.h"
69 #include "nsITextToSubURI.h"
70 #include "nsIURIWithSpecialOrigin.h"
71 #include "nsIViewSourceChannel.h"
72 #include "nsInterfaceRequestorAgg.h"
73 #include "nsINestedURI.h"
74 #include "mozilla/dom/nsCSPUtils.h"
75 #include "mozilla/dom/nsHTTPSOnlyUtils.h"
76 #include "mozilla/dom/nsMixedContentBlocker.h"
77 #include "mozilla/dom/BlobURLProtocolHandler.h"
78 #include "mozilla/net/HttpBaseChannel.h"
79 #include "nsIScriptError.h"
80 #include "nsISiteSecurityService.h"
81 #include "nsHttpHandler.h"
82 #include "nsNSSComponent.h"
83 #include "nsIRedirectHistoryEntry.h"
84 #include "nsICertStorage.h"
85 #include "nsICertOverrideService.h"
86 #include "nsQueryObject.h"
87 #include "mozIThirdPartyUtil.h"
88 #include "../mime/nsMIMEHeaderParamImpl.h"
89 #include "nsStandardURL.h"
90 #include "DefaultURI.h"
91 #include "nsChromeProtocolHandler.h"
92 #include "nsJSProtocolHandler.h"
93 #include "nsDataHandler.h"
94 #include "mozilla/dom/BlobURLProtocolHandler.h"
95 #include "nsStreamUtils.h"
96 #include "nsSocketTransportService2.h"
97 #include "nsViewSourceHandler.h"
100 # include "nsIconURI.h"
102 #include "nsAboutProtocolHandler.h"
103 #include "nsResProtocolHandler.h"
104 #include "mozilla/net/ExtensionProtocolHandler.h"
105 #include "mozilla/net/PageThumbProtocolHandler.h"
106 #include "mozilla/net/SFVService.h"
108 #include "nsIXPConnect.h"
109 #include "nsParserConstants.h"
111 #include "nsServiceManagerUtils.h"
112 #include "mozilla/dom/MediaList.h"
113 #include "MediaContainerType.h"
114 #include "DecoderTraits.h"
115 #include "imgLoader.h"
117 #if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE)
118 # include "nsNewMailnewsURI.h"
121 using namespace mozilla
;
122 using namespace mozilla::net
;
123 using mozilla::dom::BlobURLProtocolHandler
;
124 using mozilla::dom::ClientInfo
;
125 using mozilla::dom::PerformanceStorage
;
126 using mozilla::dom::ServiceWorkerDescriptor
;
128 #define MAX_RECURSION_COUNT 50
130 already_AddRefed
<nsIIOService
> do_GetIOService(nsresult
* error
/* = 0 */) {
131 nsCOMPtr
<nsIIOService
> io
= mozilla::components::IO::Service();
132 if (error
) *error
= io
? NS_OK
: NS_ERROR_FAILURE
;
136 nsresult
NS_NewLocalFileInputStream(nsIInputStream
** result
, nsIFile
* file
,
137 int32_t ioFlags
/* = -1 */,
138 int32_t perm
/* = -1 */,
139 int32_t behaviorFlags
/* = 0 */) {
141 nsCOMPtr
<nsIFileInputStream
> in
=
142 do_CreateInstance(NS_LOCALFILEINPUTSTREAM_CONTRACTID
, &rv
);
143 if (NS_SUCCEEDED(rv
)) {
144 rv
= in
->Init(file
, ioFlags
, perm
, behaviorFlags
);
145 if (NS_SUCCEEDED(rv
)) in
.forget(result
);
150 Result
<nsCOMPtr
<nsIInputStream
>, nsresult
> NS_NewLocalFileInputStream(
151 nsIFile
* file
, int32_t ioFlags
/* = -1 */, int32_t perm
/* = -1 */,
152 int32_t behaviorFlags
/* = 0 */) {
153 nsCOMPtr
<nsIInputStream
> stream
;
154 const nsresult rv
= NS_NewLocalFileInputStream(getter_AddRefs(stream
), file
,
155 ioFlags
, perm
, behaviorFlags
);
156 if (NS_SUCCEEDED(rv
)) {
162 nsresult
NS_NewLocalFileOutputStream(nsIOutputStream
** result
, nsIFile
* file
,
163 int32_t ioFlags
/* = -1 */,
164 int32_t perm
/* = -1 */,
165 int32_t behaviorFlags
/* = 0 */) {
167 nsCOMPtr
<nsIFileOutputStream
> out
=
168 do_CreateInstance(NS_LOCALFILEOUTPUTSTREAM_CONTRACTID
, &rv
);
169 if (NS_SUCCEEDED(rv
)) {
170 rv
= out
->Init(file
, ioFlags
, perm
, behaviorFlags
);
171 if (NS_SUCCEEDED(rv
)) out
.forget(result
);
176 Result
<nsCOMPtr
<nsIOutputStream
>, nsresult
> NS_NewLocalFileOutputStream(
177 nsIFile
* file
, int32_t ioFlags
/* = -1 */, int32_t perm
/* = -1 */,
178 int32_t behaviorFlags
/* = 0 */) {
179 nsCOMPtr
<nsIOutputStream
> stream
;
180 const nsresult rv
= NS_NewLocalFileOutputStream(getter_AddRefs(stream
), file
,
181 ioFlags
, perm
, behaviorFlags
);
182 if (NS_SUCCEEDED(rv
)) {
188 nsresult
NS_NewLocalFileOutputStream(nsIOutputStream
** result
,
189 const mozilla::ipc::FileDescriptor
& fd
) {
190 nsCOMPtr
<nsIFileOutputStream
> out
;
191 nsFileOutputStream::Create(NS_GET_IID(nsIFileOutputStream
),
192 getter_AddRefs(out
));
195 static_cast<nsFileOutputStream
*>(out
.get())->InitWithFileDescriptor(fd
);
204 nsresult
net_EnsureIOService(nsIIOService
** ios
, nsCOMPtr
<nsIIOService
>& grip
) {
207 grip
= do_GetIOService(&rv
);
213 nsresult
NS_NewFileURI(
214 nsIURI
** result
, nsIFile
* spec
,
216 ioService
/* = nullptr */) // pass in nsIIOService to optimize callers
219 nsCOMPtr
<nsIIOService
> grip
;
220 rv
= net_EnsureIOService(&ioService
, grip
);
221 if (ioService
) rv
= ioService
->NewFileURI(spec
, result
);
225 nsresult
NS_GetURIWithNewRef(nsIURI
* aInput
, const nsACString
& aRef
,
227 MOZ_DIAGNOSTIC_ASSERT(aRef
.IsEmpty() || aRef
[0] == '#');
229 if (NS_WARN_IF(!aInput
|| !aOutput
)) {
230 return NS_ERROR_INVALID_ARG
;
234 nsresult rv
= aInput
->GetHasRef(&hasRef
);
237 if (NS_SUCCEEDED(rv
)) {
238 rv
= aInput
->GetRef(ref
);
241 // If the ref is already equal to the new ref, we do not need to do anything.
242 // Also, if the GetRef failed (it could return NS_ERROR_NOT_IMPLEMENTED)
243 // we can assume SetRef would fail as well, so returning the original
246 // Note that aRef contains the hash, but ref doesn't, so need to account for
247 // that in the equality check.
248 if (NS_FAILED(rv
) || (!hasRef
&& aRef
.IsEmpty()) ||
249 (!aRef
.IsEmpty() && hasRef
&&
250 Substring(aRef
.Data() + 1, aRef
.Length() - 1) == ref
)) {
251 nsCOMPtr
<nsIURI
> uri
= aInput
;
256 return NS_MutateURI(aInput
).SetRef(aRef
).Finalize(aOutput
);
259 nsresult
NS_GetURIWithoutRef(nsIURI
* aInput
, nsIURI
** aOutput
) {
260 return NS_GetURIWithNewRef(aInput
, ""_ns
, aOutput
);
263 nsresult
NS_NewChannelInternal(
264 nsIChannel
** outChannel
, nsIURI
* aUri
, nsILoadInfo
* aLoadInfo
,
265 PerformanceStorage
* aPerformanceStorage
/* = nullptr */,
266 nsILoadGroup
* aLoadGroup
/* = nullptr */,
267 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
268 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */,
269 nsIIOService
* aIoService
/* = nullptr */) {
270 // NS_NewChannelInternal is mostly called for channel redirects. We should
271 // allow the creation of a channel even if the original channel did not have a
272 // loadinfo attached.
273 NS_ENSURE_ARG_POINTER(outChannel
);
275 nsCOMPtr
<nsIIOService
> grip
;
276 nsresult rv
= net_EnsureIOService(&aIoService
, grip
);
277 NS_ENSURE_SUCCESS(rv
, rv
);
279 nsCOMPtr
<nsIChannel
> channel
;
280 rv
= aIoService
->NewChannelFromURIWithLoadInfo(aUri
, aLoadInfo
,
281 getter_AddRefs(channel
));
282 NS_ENSURE_SUCCESS(rv
, rv
);
285 rv
= channel
->SetLoadGroup(aLoadGroup
);
286 NS_ENSURE_SUCCESS(rv
, rv
);
290 rv
= channel
->SetNotificationCallbacks(aCallbacks
);
291 NS_ENSURE_SUCCESS(rv
, rv
);
295 nsLoadFlags channelLoadFlags
= 0;
296 channel
->GetLoadFlags(&channelLoadFlags
);
297 // Will be removed when we remove LOAD_REPLACE altogether
298 // This check is trying to catch protocol handlers that still
299 // try to set the LOAD_REPLACE flag.
300 MOZ_DIAGNOSTIC_ASSERT(!(channelLoadFlags
& nsIChannel::LOAD_REPLACE
));
303 if (aLoadFlags
!= nsIRequest::LOAD_NORMAL
) {
304 rv
= channel
->SetLoadFlags(aLoadFlags
);
305 NS_ENSURE_SUCCESS(rv
, rv
);
308 if (aPerformanceStorage
) {
309 nsCOMPtr
<nsILoadInfo
> loadInfo
= channel
->LoadInfo();
310 loadInfo
->SetPerformanceStorage(aPerformanceStorage
);
313 channel
.forget(outChannel
);
319 void AssertLoadingPrincipalAndClientInfoMatch(
320 nsIPrincipal
* aLoadingPrincipal
, const ClientInfo
& aLoadingClientInfo
,
321 nsContentPolicyType aType
) {
322 #ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED
323 // Verify that the provided loading ClientInfo matches the loading
324 // principal. Unfortunately we can't just use nsIPrincipal::Equals() here
325 // because of some corner cases:
327 // 1. Worker debugger scripts want to use a system loading principal for
328 // worker scripts with a content principal. We exempt these from this
330 // 2. Null principals currently require exact object identity for
331 // nsIPrincipal::Equals() to return true. This doesn't work here because
332 // ClientInfo::GetPrincipal() uses PrincipalInfoToPrincipal() to allocate
333 // a new object. To work around this we compare the principal origin
334 // string itself. If bug 1431771 is fixed then we could switch to
337 // Allow worker debugger to load with a system principal.
338 if (aLoadingPrincipal
->IsSystemPrincipal() &&
339 (aType
== nsIContentPolicy::TYPE_INTERNAL_WORKER
||
340 aType
== nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER
||
341 aType
== nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER
||
342 aType
== nsIContentPolicy::TYPE_INTERNAL_WORKER_IMPORT_SCRIPTS
||
343 aType
== nsIContentPolicy::TYPE_INTERNAL_WORKER_STATIC_MODULE
)) {
347 // Perform a fast comparison for most principal checks.
348 auto clientPrincipalOrErr(aLoadingClientInfo
.GetPrincipal());
349 if (clientPrincipalOrErr
.isOk()) {
350 nsCOMPtr
<nsIPrincipal
> clientPrincipal
= clientPrincipalOrErr
.unwrap();
351 if (aLoadingPrincipal
->Equals(clientPrincipal
)) {
354 // Fall back to a slower origin equality test to support null principals.
355 nsAutoCString loadingOriginNoSuffix
;
357 aLoadingPrincipal
->GetOriginNoSuffix(loadingOriginNoSuffix
));
359 nsAutoCString clientOriginNoSuffix
;
361 clientPrincipal
->GetOriginNoSuffix(clientOriginNoSuffix
));
363 // The client principal will have the partitionKey set if it's in a third
364 // party context, but the loading principal won't. So, we ignore he
365 // partitionKey when doing the verification here.
366 MOZ_DIAGNOSTIC_ASSERT(loadingOriginNoSuffix
== clientOriginNoSuffix
);
367 MOZ_DIAGNOSTIC_ASSERT(
368 aLoadingPrincipal
->OriginAttributesRef().EqualsIgnoringPartitionKey(
369 clientPrincipal
->OriginAttributesRef()));
376 nsresult
NS_NewChannel(nsIChannel
** outChannel
, nsIURI
* aUri
,
377 nsIPrincipal
* aLoadingPrincipal
,
378 nsSecurityFlags aSecurityFlags
,
379 nsContentPolicyType aContentPolicyType
,
380 nsICookieJarSettings
* aCookieJarSettings
/* = nullptr */,
381 PerformanceStorage
* aPerformanceStorage
/* = nullptr */,
382 nsILoadGroup
* aLoadGroup
/* = nullptr */,
383 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
384 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */,
385 nsIIOService
* aIoService
/* = nullptr */,
386 uint32_t aSandboxFlags
/* = 0 */,
387 bool aSkipCheckForBrokenURLOrZeroSized
/* = false */) {
388 return NS_NewChannelInternal(
390 nullptr, // aLoadingNode,
392 nullptr, // aTriggeringPrincipal
393 Maybe
<ClientInfo
>(), Maybe
<ServiceWorkerDescriptor
>(), aSecurityFlags
,
394 aContentPolicyType
, aCookieJarSettings
, aPerformanceStorage
, aLoadGroup
,
395 aCallbacks
, aLoadFlags
, aIoService
, aSandboxFlags
,
396 aSkipCheckForBrokenURLOrZeroSized
);
399 nsresult
NS_NewChannel(nsIChannel
** outChannel
, nsIURI
* aUri
,
400 nsIPrincipal
* aLoadingPrincipal
,
401 const ClientInfo
& aLoadingClientInfo
,
402 const Maybe
<ServiceWorkerDescriptor
>& aController
,
403 nsSecurityFlags aSecurityFlags
,
404 nsContentPolicyType aContentPolicyType
,
405 nsICookieJarSettings
* aCookieJarSettings
/* = nullptr */,
406 PerformanceStorage
* aPerformanceStorage
/* = nullptr */,
407 nsILoadGroup
* aLoadGroup
/* = nullptr */,
408 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
409 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */,
410 nsIIOService
* aIoService
/* = nullptr */,
411 uint32_t aSandboxFlags
/* = 0 */,
412 bool aSkipCheckForBrokenURLOrZeroSized
/* = false */) {
413 AssertLoadingPrincipalAndClientInfoMatch(
414 aLoadingPrincipal
, aLoadingClientInfo
, aContentPolicyType
);
416 Maybe
<ClientInfo
> loadingClientInfo
;
417 loadingClientInfo
.emplace(aLoadingClientInfo
);
419 return NS_NewChannelInternal(
421 nullptr, // aLoadingNode,
423 nullptr, // aTriggeringPrincipal
424 loadingClientInfo
, aController
, aSecurityFlags
, aContentPolicyType
,
425 aCookieJarSettings
, aPerformanceStorage
, aLoadGroup
, aCallbacks
,
426 aLoadFlags
, aIoService
, aSandboxFlags
, aSkipCheckForBrokenURLOrZeroSized
);
429 nsresult
NS_NewChannelInternal(
430 nsIChannel
** outChannel
, nsIURI
* aUri
, nsINode
* aLoadingNode
,
431 nsIPrincipal
* aLoadingPrincipal
, nsIPrincipal
* aTriggeringPrincipal
,
432 const Maybe
<ClientInfo
>& aLoadingClientInfo
,
433 const Maybe
<ServiceWorkerDescriptor
>& aController
,
434 nsSecurityFlags aSecurityFlags
, nsContentPolicyType aContentPolicyType
,
435 nsICookieJarSettings
* aCookieJarSettings
/* = nullptr */,
436 PerformanceStorage
* aPerformanceStorage
/* = nullptr */,
437 nsILoadGroup
* aLoadGroup
/* = nullptr */,
438 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
439 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */,
440 nsIIOService
* aIoService
/* = nullptr */, uint32_t aSandboxFlags
/* = 0 */,
441 bool aSkipCheckForBrokenURLOrZeroSized
/* = false */) {
442 NS_ENSURE_ARG_POINTER(outChannel
);
444 nsCOMPtr
<nsIIOService
> grip
;
445 nsresult rv
= net_EnsureIOService(&aIoService
, grip
);
446 NS_ENSURE_SUCCESS(rv
, rv
);
448 nsCOMPtr
<nsIChannel
> channel
;
449 rv
= aIoService
->NewChannelFromURIWithClientAndController(
450 aUri
, aLoadingNode
, aLoadingPrincipal
, aTriggeringPrincipal
,
451 aLoadingClientInfo
, aController
, aSecurityFlags
, aContentPolicyType
,
452 aSandboxFlags
, aSkipCheckForBrokenURLOrZeroSized
,
453 getter_AddRefs(channel
));
459 rv
= channel
->SetLoadGroup(aLoadGroup
);
460 NS_ENSURE_SUCCESS(rv
, rv
);
464 rv
= channel
->SetNotificationCallbacks(aCallbacks
);
465 NS_ENSURE_SUCCESS(rv
, rv
);
469 nsLoadFlags channelLoadFlags
= 0;
470 channel
->GetLoadFlags(&channelLoadFlags
);
471 // Will be removed when we remove LOAD_REPLACE altogether
472 // This check is trying to catch protocol handlers that still
473 // try to set the LOAD_REPLACE flag.
474 MOZ_DIAGNOSTIC_ASSERT(!(channelLoadFlags
& nsIChannel::LOAD_REPLACE
));
477 if (aLoadFlags
!= nsIRequest::LOAD_NORMAL
) {
478 rv
= channel
->SetLoadFlags(aLoadFlags
);
479 NS_ENSURE_SUCCESS(rv
, rv
);
482 if (aPerformanceStorage
|| aCookieJarSettings
) {
483 nsCOMPtr
<nsILoadInfo
> loadInfo
= channel
->LoadInfo();
485 if (aPerformanceStorage
) {
486 loadInfo
->SetPerformanceStorage(aPerformanceStorage
);
489 if (aCookieJarSettings
) {
490 loadInfo
->SetCookieJarSettings(aCookieJarSettings
);
494 channel
.forget(outChannel
);
498 nsresult
/*NS_NewChannelWithNodeAndTriggeringPrincipal */
499 NS_NewChannelWithTriggeringPrincipal(
500 nsIChannel
** outChannel
, nsIURI
* aUri
, nsINode
* aLoadingNode
,
501 nsIPrincipal
* aTriggeringPrincipal
, nsSecurityFlags aSecurityFlags
,
502 nsContentPolicyType aContentPolicyType
,
503 PerformanceStorage
* aPerformanceStorage
/* = nullptr */,
504 nsILoadGroup
* aLoadGroup
/* = nullptr */,
505 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
506 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */,
507 nsIIOService
* aIoService
/* = nullptr */) {
508 MOZ_ASSERT(aLoadingNode
);
509 NS_ASSERTION(aTriggeringPrincipal
,
510 "Can not create channel without a triggering Principal!");
511 return NS_NewChannelInternal(
512 outChannel
, aUri
, aLoadingNode
, aLoadingNode
->NodePrincipal(),
513 aTriggeringPrincipal
, Maybe
<ClientInfo
>(),
514 Maybe
<ServiceWorkerDescriptor
>(), aSecurityFlags
, aContentPolicyType
,
515 aLoadingNode
->OwnerDoc()->CookieJarSettings(), aPerformanceStorage
,
516 aLoadGroup
, aCallbacks
, aLoadFlags
, aIoService
);
519 // See NS_NewChannelInternal for usage and argument description
520 nsresult
NS_NewChannelWithTriggeringPrincipal(
521 nsIChannel
** outChannel
, nsIURI
* aUri
, nsIPrincipal
* aLoadingPrincipal
,
522 nsIPrincipal
* aTriggeringPrincipal
, nsSecurityFlags aSecurityFlags
,
523 nsContentPolicyType aContentPolicyType
,
524 nsICookieJarSettings
* aCookieJarSettings
/* = nullptr */,
525 PerformanceStorage
* aPerformanceStorage
/* = nullptr */,
526 nsILoadGroup
* aLoadGroup
/* = nullptr */,
527 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
528 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */,
529 nsIIOService
* aIoService
/* = nullptr */) {
530 NS_ASSERTION(aLoadingPrincipal
,
531 "Can not create channel without a loading Principal!");
532 return NS_NewChannelInternal(
534 nullptr, // aLoadingNode
535 aLoadingPrincipal
, aTriggeringPrincipal
, Maybe
<ClientInfo
>(),
536 Maybe
<ServiceWorkerDescriptor
>(), aSecurityFlags
, aContentPolicyType
,
537 aCookieJarSettings
, aPerformanceStorage
, aLoadGroup
, aCallbacks
,
538 aLoadFlags
, aIoService
);
541 // See NS_NewChannelInternal for usage and argument description
542 nsresult
NS_NewChannelWithTriggeringPrincipal(
543 nsIChannel
** outChannel
, nsIURI
* aUri
, nsIPrincipal
* aLoadingPrincipal
,
544 nsIPrincipal
* aTriggeringPrincipal
, const ClientInfo
& aLoadingClientInfo
,
545 const Maybe
<ServiceWorkerDescriptor
>& aController
,
546 nsSecurityFlags aSecurityFlags
, nsContentPolicyType aContentPolicyType
,
547 nsICookieJarSettings
* aCookieJarSettings
/* = nullptr */,
548 PerformanceStorage
* aPerformanceStorage
/* = nullptr */,
549 nsILoadGroup
* aLoadGroup
/* = nullptr */,
550 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
551 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */,
552 nsIIOService
* aIoService
/* = nullptr */) {
553 AssertLoadingPrincipalAndClientInfoMatch(
554 aLoadingPrincipal
, aLoadingClientInfo
, aContentPolicyType
);
556 Maybe
<ClientInfo
> loadingClientInfo
;
557 loadingClientInfo
.emplace(aLoadingClientInfo
);
559 return NS_NewChannelInternal(
561 nullptr, // aLoadingNode
562 aLoadingPrincipal
, aTriggeringPrincipal
, loadingClientInfo
, aController
,
563 aSecurityFlags
, aContentPolicyType
, aCookieJarSettings
,
564 aPerformanceStorage
, aLoadGroup
, aCallbacks
, aLoadFlags
, aIoService
);
567 nsresult
NS_NewChannel(nsIChannel
** outChannel
, nsIURI
* aUri
,
568 nsINode
* aLoadingNode
, nsSecurityFlags aSecurityFlags
,
569 nsContentPolicyType aContentPolicyType
,
570 PerformanceStorage
* aPerformanceStorage
/* = nullptr */,
571 nsILoadGroup
* aLoadGroup
/* = nullptr */,
572 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
573 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */,
574 nsIIOService
* aIoService
/* = nullptr */,
575 uint32_t aSandboxFlags
/* = 0 */,
576 bool aSkipCheckForBrokenURLOrZeroSized
/* = false */) {
577 NS_ASSERTION(aLoadingNode
, "Can not create channel without a loading Node!");
578 return NS_NewChannelInternal(
579 outChannel
, aUri
, aLoadingNode
, aLoadingNode
->NodePrincipal(),
580 nullptr, // aTriggeringPrincipal
581 Maybe
<ClientInfo
>(), Maybe
<ServiceWorkerDescriptor
>(), aSecurityFlags
,
582 aContentPolicyType
, aLoadingNode
->OwnerDoc()->CookieJarSettings(),
583 aPerformanceStorage
, aLoadGroup
, aCallbacks
, aLoadFlags
, aIoService
,
584 aSandboxFlags
, aSkipCheckForBrokenURLOrZeroSized
);
587 nsresult
NS_GetIsDocumentChannel(nsIChannel
* aChannel
, bool* aIsDocument
) {
588 // Check if this channel is going to be used to create a document. If it has
589 // LOAD_DOCUMENT_URI set it is trivially creating a document. If
590 // LOAD_HTML_OBJECT_DATA is set it may or may not be used to create a
591 // document, depending on its MIME type.
593 if (!aChannel
|| !aIsDocument
) {
594 return NS_ERROR_NULL_POINTER
;
596 *aIsDocument
= false;
597 nsLoadFlags loadFlags
;
598 nsresult rv
= aChannel
->GetLoadFlags(&loadFlags
);
602 if (loadFlags
& nsIChannel::LOAD_DOCUMENT_URI
) {
606 if (!(loadFlags
& nsIRequest::LOAD_HTML_OBJECT_DATA
)) {
607 *aIsDocument
= false;
610 nsAutoCString mimeType
;
611 rv
= aChannel
->GetContentType(mimeType
);
615 if (nsContentUtils::HtmlObjectContentTypeForMIMEType(mimeType
) ==
616 nsIObjectLoadingContent::TYPE_DOCUMENT
) {
620 *aIsDocument
= false;
624 nsresult
NS_MakeAbsoluteURI(nsACString
& result
, const nsACString
& spec
,
628 NS_WARNING("It doesn't make sense to not supply a base URI");
631 } else if (spec
.IsEmpty()) {
632 rv
= baseURI
->GetSpec(result
);
634 rv
= baseURI
->Resolve(spec
, result
);
639 nsresult
NS_MakeAbsoluteURI(char** result
, const char* spec
, nsIURI
* baseURI
) {
641 nsAutoCString resultBuf
;
642 rv
= NS_MakeAbsoluteURI(resultBuf
, nsDependentCString(spec
), baseURI
);
643 if (NS_SUCCEEDED(rv
)) {
644 *result
= ToNewCString(resultBuf
, mozilla::fallible
);
645 if (!*result
) rv
= NS_ERROR_OUT_OF_MEMORY
;
650 nsresult
NS_MakeAbsoluteURI(nsAString
& result
, const nsAString
& spec
,
654 NS_WARNING("It doesn't make sense to not supply a base URI");
658 nsAutoCString resultBuf
;
659 if (spec
.IsEmpty()) {
660 rv
= baseURI
->GetSpec(resultBuf
);
662 rv
= baseURI
->Resolve(NS_ConvertUTF16toUTF8(spec
), resultBuf
);
664 if (NS_SUCCEEDED(rv
)) CopyUTF8toUTF16(resultBuf
, result
);
669 int32_t NS_GetDefaultPort(const char* scheme
,
670 nsIIOService
* ioService
/* = nullptr */) {
673 // Getting the default port through the protocol handler previously had a lot
674 // of XPCOM overhead involved. We optimize the protocols that matter for Web
675 // pages (HTTP and HTTPS) by hardcoding their default ports here.
677 // XXX: This might not be necessary for performance anymore.
678 if (strncmp(scheme
, "http", 4) == 0) {
679 if (scheme
[4] == 's' && scheme
[5] == '\0') {
682 if (scheme
[4] == '\0') {
687 nsCOMPtr
<nsIIOService
> grip
;
688 net_EnsureIOService(&ioService
, grip
);
689 if (!ioService
) return -1;
692 rv
= ioService
->GetDefaultPort(scheme
, &port
);
693 return NS_SUCCEEDED(rv
) ? port
: -1;
696 int32_t NS_GetRealPort(nsIURI
* aURI
) {
698 nsresult rv
= aURI
->GetPort(&port
);
699 if (NS_FAILED(rv
)) return -1;
701 if (port
!= -1) return port
; // explicitly specified
703 // Otherwise, we have to get the default port from the protocol handler
705 // Need the scheme first
706 nsAutoCString scheme
;
707 rv
= aURI
->GetScheme(scheme
);
708 if (NS_FAILED(rv
)) return -1;
710 return NS_GetDefaultPort(scheme
.get());
713 nsresult
NS_DomainToASCII(const nsACString
& aHost
, nsACString
& aASCII
) {
714 return nsStandardURL::GetIDNService()->ConvertUTF8toACE(aHost
, aASCII
);
717 nsresult
NS_DomainToDisplay(const nsACString
& aHost
, nsACString
& aDisplay
) {
719 return nsStandardURL::GetIDNService()->ConvertToDisplayIDN(aHost
, &ignored
,
723 nsresult
NS_DomainToUnicode(const nsACString
& aHost
, nsACString
& aUnicode
) {
724 return nsStandardURL::GetIDNService()->ConvertACEtoUTF8(aHost
, aUnicode
);
727 nsresult
NS_NewInputStreamChannelInternal(
728 nsIChannel
** outChannel
, nsIURI
* aUri
,
729 already_AddRefed
<nsIInputStream
> aStream
, const nsACString
& aContentType
,
730 const nsACString
& aContentCharset
, nsILoadInfo
* aLoadInfo
) {
732 nsCOMPtr
<nsIInputStreamChannel
> isc
=
733 do_CreateInstance(NS_INPUTSTREAMCHANNEL_CONTRACTID
, &rv
);
734 NS_ENSURE_SUCCESS(rv
, rv
);
735 rv
= isc
->SetURI(aUri
);
736 NS_ENSURE_SUCCESS(rv
, rv
);
738 nsCOMPtr
<nsIInputStream
> stream
= std::move(aStream
);
739 rv
= isc
->SetContentStream(stream
);
740 NS_ENSURE_SUCCESS(rv
, rv
);
742 nsCOMPtr
<nsIChannel
> channel
= do_QueryInterface(isc
, &rv
);
743 NS_ENSURE_SUCCESS(rv
, rv
);
745 if (!aContentType
.IsEmpty()) {
746 rv
= channel
->SetContentType(aContentType
);
747 NS_ENSURE_SUCCESS(rv
, rv
);
750 if (!aContentCharset
.IsEmpty()) {
751 rv
= channel
->SetContentCharset(aContentCharset
);
752 NS_ENSURE_SUCCESS(rv
, rv
);
755 MOZ_ASSERT(aLoadInfo
, "need a loadinfo to create a inputstreamchannel");
756 channel
->SetLoadInfo(aLoadInfo
);
758 // If we're sandboxed, make sure to clear any owner the channel
759 // might already have.
760 if (aLoadInfo
&& aLoadInfo
->GetLoadingSandboxed()) {
761 channel
->SetOwner(nullptr);
764 channel
.forget(outChannel
);
768 nsresult
NS_NewInputStreamChannelInternal(
769 nsIChannel
** outChannel
, nsIURI
* aUri
,
770 already_AddRefed
<nsIInputStream
> aStream
, const nsACString
& aContentType
,
771 const nsACString
& aContentCharset
, nsINode
* aLoadingNode
,
772 nsIPrincipal
* aLoadingPrincipal
, nsIPrincipal
* aTriggeringPrincipal
,
773 nsSecurityFlags aSecurityFlags
, nsContentPolicyType aContentPolicyType
) {
774 nsCOMPtr
<nsILoadInfo
> loadInfo
= new mozilla::net::LoadInfo(
775 aLoadingPrincipal
, aTriggeringPrincipal
, aLoadingNode
, aSecurityFlags
,
778 return NS_ERROR_UNEXPECTED
;
781 nsCOMPtr
<nsIInputStream
> stream
= std::move(aStream
);
783 return NS_NewInputStreamChannelInternal(outChannel
, aUri
, stream
.forget(),
784 aContentType
, aContentCharset
,
788 nsresult
NS_NewInputStreamChannel(
789 nsIChannel
** outChannel
, nsIURI
* aUri
,
790 already_AddRefed
<nsIInputStream
> aStream
, nsIPrincipal
* aLoadingPrincipal
,
791 nsSecurityFlags aSecurityFlags
, nsContentPolicyType aContentPolicyType
,
792 const nsACString
& aContentType
/* = ""_ns */,
793 const nsACString
& aContentCharset
/* = ""_ns */) {
794 nsCOMPtr
<nsIInputStream
> stream
= aStream
;
795 return NS_NewInputStreamChannelInternal(outChannel
, aUri
, stream
.forget(),
796 aContentType
, aContentCharset
,
797 nullptr, // aLoadingNode
799 nullptr, // aTriggeringPrincipal
800 aSecurityFlags
, aContentPolicyType
);
803 nsresult
NS_NewInputStreamChannelInternal(nsIChannel
** outChannel
, nsIURI
* aUri
,
804 const nsAString
& aData
,
805 const nsACString
& aContentType
,
806 nsILoadInfo
* aLoadInfo
,
807 bool aIsSrcdocChannel
/* = false */) {
809 nsCOMPtr
<nsIStringInputStream
> stream
;
810 stream
= do_CreateInstance(NS_STRINGINPUTSTREAM_CONTRACTID
, &rv
);
811 NS_ENSURE_SUCCESS(rv
, rv
);
814 char* utf8Bytes
= ToNewUTF8String(aData
, &len
);
815 rv
= stream
->AdoptData(utf8Bytes
, len
);
817 nsCOMPtr
<nsIChannel
> channel
;
818 rv
= NS_NewInputStreamChannelInternal(getter_AddRefs(channel
), aUri
,
819 stream
.forget(), aContentType
,
820 "UTF-8"_ns
, aLoadInfo
);
822 NS_ENSURE_SUCCESS(rv
, rv
);
824 if (aIsSrcdocChannel
) {
825 nsCOMPtr
<nsIInputStreamChannel
> inStrmChan
= do_QueryInterface(channel
);
826 NS_ENSURE_TRUE(inStrmChan
, NS_ERROR_FAILURE
);
827 inStrmChan
->SetSrcdocData(aData
);
829 channel
.forget(outChannel
);
833 nsresult
NS_NewInputStreamChannelInternal(
834 nsIChannel
** outChannel
, nsIURI
* aUri
, const nsAString
& aData
,
835 const nsACString
& aContentType
, nsINode
* aLoadingNode
,
836 nsIPrincipal
* aLoadingPrincipal
, nsIPrincipal
* aTriggeringPrincipal
,
837 nsSecurityFlags aSecurityFlags
, nsContentPolicyType aContentPolicyType
,
838 bool aIsSrcdocChannel
/* = false */) {
839 nsCOMPtr
<nsILoadInfo
> loadInfo
= new mozilla::net::LoadInfo(
840 aLoadingPrincipal
, aTriggeringPrincipal
, aLoadingNode
, aSecurityFlags
,
842 return NS_NewInputStreamChannelInternal(outChannel
, aUri
, aData
, aContentType
,
843 loadInfo
, aIsSrcdocChannel
);
846 nsresult
NS_NewInputStreamChannel(nsIChannel
** outChannel
, nsIURI
* aUri
,
847 const nsAString
& aData
,
848 const nsACString
& aContentType
,
849 nsIPrincipal
* aLoadingPrincipal
,
850 nsSecurityFlags aSecurityFlags
,
851 nsContentPolicyType aContentPolicyType
,
852 bool aIsSrcdocChannel
/* = false */) {
853 return NS_NewInputStreamChannelInternal(outChannel
, aUri
, aData
, aContentType
,
854 nullptr, // aLoadingNode
856 nullptr, // aTriggeringPrincipal
857 aSecurityFlags
, aContentPolicyType
,
861 nsresult
NS_NewInputStreamPump(
862 nsIInputStreamPump
** aResult
, already_AddRefed
<nsIInputStream
> aStream
,
863 uint32_t aSegsize
/* = 0 */, uint32_t aSegcount
/* = 0 */,
864 bool aCloseWhenDone
/* = false */,
865 nsISerialEventTarget
* aMainThreadTarget
/* = nullptr */) {
866 nsCOMPtr
<nsIInputStream
> stream
= std::move(aStream
);
869 nsCOMPtr
<nsIInputStreamPump
> pump
=
870 do_CreateInstance(NS_INPUTSTREAMPUMP_CONTRACTID
, &rv
);
871 if (NS_SUCCEEDED(rv
)) {
872 rv
= pump
->Init(stream
, aSegsize
, aSegcount
, aCloseWhenDone
,
874 if (NS_SUCCEEDED(rv
)) {
882 nsresult
NS_NewLoadGroup(nsILoadGroup
** result
, nsIRequestObserver
* obs
) {
884 nsCOMPtr
<nsILoadGroup
> group
=
885 do_CreateInstance(NS_LOADGROUP_CONTRACTID
, &rv
);
886 if (NS_SUCCEEDED(rv
)) {
887 rv
= group
->SetGroupObserver(obs
);
888 if (NS_SUCCEEDED(rv
)) {
896 bool NS_IsReasonableHTTPHeaderValue(const nsACString
& aValue
) {
897 return mozilla::net::nsHttp::IsReasonableHeaderValue(aValue
);
900 bool NS_IsValidHTTPToken(const nsACString
& aToken
) {
901 return mozilla::net::nsHttp::IsValidToken(aToken
);
904 void NS_TrimHTTPWhitespace(const nsACString
& aSource
, nsACString
& aDest
) {
905 mozilla::net::nsHttp::TrimHTTPWhitespace(aSource
, aDest
);
908 nsresult
NS_NewLoadGroup(nsILoadGroup
** aResult
, nsIPrincipal
* aPrincipal
) {
909 using mozilla::LoadContext
;
912 nsCOMPtr
<nsILoadGroup
> group
=
913 do_CreateInstance(NS_LOADGROUP_CONTRACTID
, &rv
);
914 NS_ENSURE_SUCCESS(rv
, rv
);
916 RefPtr
<LoadContext
> loadContext
= new LoadContext(aPrincipal
);
917 rv
= group
->SetNotificationCallbacks(loadContext
);
918 NS_ENSURE_SUCCESS(rv
, rv
);
920 group
.forget(aResult
);
924 bool NS_LoadGroupMatchesPrincipal(nsILoadGroup
* aLoadGroup
,
925 nsIPrincipal
* aPrincipal
) {
930 // If this is a null principal then the load group doesn't really matter.
931 // The principal will not be allowed to perform any actions that actually
932 // use the load group. Unconditionally treat null principals as a match.
933 if (aPrincipal
->GetIsNullPrincipal()) {
941 nsCOMPtr
<nsILoadContext
> loadContext
;
942 NS_QueryNotificationCallbacks(nullptr, aLoadGroup
, NS_GET_IID(nsILoadContext
),
943 getter_AddRefs(loadContext
));
944 NS_ENSURE_TRUE(loadContext
, false);
949 nsresult
NS_NewDownloader(nsIStreamListener
** result
,
950 nsIDownloadObserver
* observer
,
951 nsIFile
* downloadLocation
/* = nullptr */) {
953 nsCOMPtr
<nsIDownloader
> downloader
=
954 do_CreateInstance(NS_DOWNLOADER_CONTRACTID
, &rv
);
955 if (NS_SUCCEEDED(rv
)) {
956 rv
= downloader
->Init(observer
, downloadLocation
);
957 if (NS_SUCCEEDED(rv
)) {
958 downloader
.forget(result
);
964 nsresult
NS_NewIncrementalStreamLoader(
965 nsIIncrementalStreamLoader
** result
,
966 nsIIncrementalStreamLoaderObserver
* observer
) {
968 nsCOMPtr
<nsIIncrementalStreamLoader
> loader
=
969 do_CreateInstance(NS_INCREMENTALSTREAMLOADER_CONTRACTID
, &rv
);
970 if (NS_SUCCEEDED(rv
)) {
971 rv
= loader
->Init(observer
);
972 if (NS_SUCCEEDED(rv
)) {
974 loader
.swap(*result
);
980 nsresult
NS_NewStreamLoader(
981 nsIStreamLoader
** result
, nsIStreamLoaderObserver
* observer
,
982 nsIRequestObserver
* requestObserver
/* = nullptr */) {
984 nsCOMPtr
<nsIStreamLoader
> loader
=
985 do_CreateInstance(NS_STREAMLOADER_CONTRACTID
, &rv
);
986 if (NS_SUCCEEDED(rv
)) {
987 rv
= loader
->Init(observer
, requestObserver
);
988 if (NS_SUCCEEDED(rv
)) {
990 loader
.swap(*result
);
996 nsresult
NS_NewStreamLoaderInternal(
997 nsIStreamLoader
** outStream
, nsIURI
* aUri
,
998 nsIStreamLoaderObserver
* aObserver
, nsINode
* aLoadingNode
,
999 nsIPrincipal
* aLoadingPrincipal
, nsSecurityFlags aSecurityFlags
,
1000 nsContentPolicyType aContentPolicyType
,
1001 nsILoadGroup
* aLoadGroup
/* = nullptr */,
1002 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
1003 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */) {
1004 nsCOMPtr
<nsIChannel
> channel
;
1005 nsresult rv
= NS_NewChannelInternal(
1006 getter_AddRefs(channel
), aUri
, aLoadingNode
, aLoadingPrincipal
,
1007 nullptr, // aTriggeringPrincipal
1008 Maybe
<ClientInfo
>(), Maybe
<ServiceWorkerDescriptor
>(), aSecurityFlags
,
1010 nullptr, // nsICookieJarSettings
1011 nullptr, // PerformanceStorage
1012 aLoadGroup
, aCallbacks
, aLoadFlags
);
1014 NS_ENSURE_SUCCESS(rv
, rv
);
1015 rv
= NS_NewStreamLoader(outStream
, aObserver
);
1016 NS_ENSURE_SUCCESS(rv
, rv
);
1017 return channel
->AsyncOpen(*outStream
);
1020 nsresult
NS_NewStreamLoader(
1021 nsIStreamLoader
** outStream
, nsIURI
* aUri
,
1022 nsIStreamLoaderObserver
* aObserver
, nsINode
* aLoadingNode
,
1023 nsSecurityFlags aSecurityFlags
, nsContentPolicyType aContentPolicyType
,
1024 nsILoadGroup
* aLoadGroup
/* = nullptr */,
1025 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
1026 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */) {
1027 NS_ASSERTION(aLoadingNode
,
1028 "Can not create stream loader without a loading Node!");
1029 return NS_NewStreamLoaderInternal(
1030 outStream
, aUri
, aObserver
, aLoadingNode
, aLoadingNode
->NodePrincipal(),
1031 aSecurityFlags
, aContentPolicyType
, aLoadGroup
, aCallbacks
, aLoadFlags
);
1034 nsresult
NS_NewStreamLoader(
1035 nsIStreamLoader
** outStream
, nsIURI
* aUri
,
1036 nsIStreamLoaderObserver
* aObserver
, nsIPrincipal
* aLoadingPrincipal
,
1037 nsSecurityFlags aSecurityFlags
, nsContentPolicyType aContentPolicyType
,
1038 nsILoadGroup
* aLoadGroup
/* = nullptr */,
1039 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
1040 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */) {
1041 return NS_NewStreamLoaderInternal(outStream
, aUri
, aObserver
,
1042 nullptr, // aLoadingNode
1043 aLoadingPrincipal
, aSecurityFlags
,
1044 aContentPolicyType
, aLoadGroup
, aCallbacks
,
1048 nsresult
NS_NewSyncStreamListener(nsIStreamListener
** result
,
1049 nsIInputStream
** stream
) {
1050 nsCOMPtr
<nsISyncStreamListener
> listener
= new nsSyncStreamListener();
1051 nsresult rv
= listener
->GetInputStream(stream
);
1052 if (NS_SUCCEEDED(rv
)) {
1053 listener
.forget(result
);
1058 nsresult
NS_ImplementChannelOpen(nsIChannel
* channel
, nsIInputStream
** result
) {
1059 nsCOMPtr
<nsIStreamListener
> listener
;
1060 nsCOMPtr
<nsIInputStream
> stream
;
1061 nsresult rv
= NS_NewSyncStreamListener(getter_AddRefs(listener
),
1062 getter_AddRefs(stream
));
1063 NS_ENSURE_SUCCESS(rv
, rv
);
1065 rv
= channel
->AsyncOpen(listener
);
1066 NS_ENSURE_SUCCESS(rv
, rv
);
1069 // block until the initial response is received or an error occurs.
1070 rv
= stream
->Available(&n
);
1071 NS_ENSURE_SUCCESS(rv
, rv
);
1074 stream
.swap(*result
);
1079 nsresult
NS_NewRequestObserverProxy(nsIRequestObserver
** result
,
1080 nsIRequestObserver
* observer
,
1081 nsISupports
* context
) {
1082 nsCOMPtr
<nsIRequestObserverProxy
> proxy
= new nsRequestObserverProxy();
1083 nsresult rv
= proxy
->Init(observer
, context
);
1084 if (NS_SUCCEEDED(rv
)) {
1085 proxy
.forget(result
);
1090 nsresult
NS_NewSimpleStreamListener(
1091 nsIStreamListener
** result
, nsIOutputStream
* sink
,
1092 nsIRequestObserver
* observer
/* = nullptr */) {
1094 nsCOMPtr
<nsISimpleStreamListener
> listener
=
1095 do_CreateInstance(NS_SIMPLESTREAMLISTENER_CONTRACTID
, &rv
);
1096 if (NS_SUCCEEDED(rv
)) {
1097 rv
= listener
->Init(sink
, observer
);
1098 if (NS_SUCCEEDED(rv
)) {
1099 listener
.forget(result
);
1105 nsresult
NS_CheckPortSafety(int32_t port
, const char* scheme
,
1106 nsIIOService
* ioService
/* = nullptr */) {
1108 nsCOMPtr
<nsIIOService
> grip
;
1109 rv
= net_EnsureIOService(&ioService
, grip
);
1112 rv
= ioService
->AllowPort(port
, scheme
, &allow
);
1113 if (NS_SUCCEEDED(rv
) && !allow
) {
1114 NS_WARNING("port blocked");
1115 rv
= NS_ERROR_PORT_ACCESS_NOT_ALLOWED
;
1121 nsresult
NS_CheckPortSafety(nsIURI
* uri
) {
1123 nsresult rv
= uri
->GetPort(&port
);
1124 if (NS_FAILED(rv
) || port
== -1) { // port undefined or default-valued
1127 nsAutoCString scheme
;
1128 uri
->GetScheme(scheme
);
1129 return NS_CheckPortSafety(port
, scheme
.get());
1132 nsresult
NS_NewProxyInfo(const nsACString
& type
, const nsACString
& host
,
1133 int32_t port
, uint32_t flags
, nsIProxyInfo
** result
) {
1135 nsCOMPtr
<nsIProtocolProxyService
> pps
=
1136 do_GetService(NS_PROTOCOLPROXYSERVICE_CONTRACTID
, &rv
);
1137 if (NS_SUCCEEDED(rv
)) {
1138 rv
= pps
->NewProxyInfo(type
, host
, port
, ""_ns
, ""_ns
, flags
, UINT32_MAX
,
1144 nsresult
NS_GetFileProtocolHandler(nsIFileProtocolHandler
** result
,
1145 nsIIOService
* ioService
/* = nullptr */) {
1147 nsCOMPtr
<nsIIOService
> grip
;
1148 rv
= net_EnsureIOService(&ioService
, grip
);
1150 nsCOMPtr
<nsIProtocolHandler
> handler
;
1151 rv
= ioService
->GetProtocolHandler("file", getter_AddRefs(handler
));
1152 if (NS_SUCCEEDED(rv
)) rv
= CallQueryInterface(handler
, result
);
1157 nsresult
NS_GetFileFromURLSpec(const nsACString
& inURL
, nsIFile
** result
,
1158 nsIIOService
* ioService
/* = nullptr */) {
1160 nsCOMPtr
<nsIFileProtocolHandler
> fileHandler
;
1161 rv
= NS_GetFileProtocolHandler(getter_AddRefs(fileHandler
), ioService
);
1162 if (NS_SUCCEEDED(rv
)) rv
= fileHandler
->GetFileFromURLSpec(inURL
, result
);
1166 nsresult
NS_GetURLSpecFromFile(nsIFile
* file
, nsACString
& url
,
1167 nsIIOService
* ioService
/* = nullptr */) {
1169 nsCOMPtr
<nsIFileProtocolHandler
> fileHandler
;
1170 rv
= NS_GetFileProtocolHandler(getter_AddRefs(fileHandler
), ioService
);
1171 if (NS_SUCCEEDED(rv
)) rv
= fileHandler
->GetURLSpecFromFile(file
, url
);
1175 nsresult
NS_GetURLSpecFromActualFile(nsIFile
* file
, nsACString
& url
,
1176 nsIIOService
* ioService
/* = nullptr */) {
1178 nsCOMPtr
<nsIFileProtocolHandler
> fileHandler
;
1179 rv
= NS_GetFileProtocolHandler(getter_AddRefs(fileHandler
), ioService
);
1180 if (NS_SUCCEEDED(rv
)) rv
= fileHandler
->GetURLSpecFromActualFile(file
, url
);
1184 nsresult
NS_GetURLSpecFromDir(nsIFile
* file
, nsACString
& url
,
1185 nsIIOService
* ioService
/* = nullptr */) {
1187 nsCOMPtr
<nsIFileProtocolHandler
> fileHandler
;
1188 rv
= NS_GetFileProtocolHandler(getter_AddRefs(fileHandler
), ioService
);
1189 if (NS_SUCCEEDED(rv
)) rv
= fileHandler
->GetURLSpecFromDir(file
, url
);
1193 void NS_GetReferrerFromChannel(nsIChannel
* channel
, nsIURI
** referrer
) {
1194 *referrer
= nullptr;
1196 if (nsCOMPtr
<nsIPropertyBag2
> props
= do_QueryInterface(channel
)) {
1197 // We have to check for a property on a property bag because the
1198 // referrer may be empty for security reasons (for example, when loading
1199 // an http page with an https referrer).
1201 nsCOMPtr
<nsIURI
> uri(
1202 do_GetProperty(props
, u
"docshell.internalReferrer"_ns
, &rv
));
1203 if (NS_SUCCEEDED(rv
)) {
1204 uri
.forget(referrer
);
1209 // if that didn't work, we can still try to get the referrer from the
1210 // nsIHttpChannel (if we can QI to it)
1211 nsCOMPtr
<nsIHttpChannel
> chan(do_QueryInterface(channel
));
1216 nsCOMPtr
<nsIReferrerInfo
> referrerInfo
= chan
->GetReferrerInfo();
1217 if (!referrerInfo
) {
1221 referrerInfo
->GetOriginalReferrer(referrer
);
1224 already_AddRefed
<nsINetUtil
> do_GetNetUtil(nsresult
* error
/* = 0 */) {
1225 nsCOMPtr
<nsIIOService
> io
= mozilla::components::IO::Service();
1226 nsCOMPtr
<nsINetUtil
> util
;
1227 if (io
) util
= do_QueryInterface(io
);
1229 if (error
) *error
= !!util
? NS_OK
: NS_ERROR_FAILURE
;
1230 return util
.forget();
1233 nsresult
NS_ParseRequestContentType(const nsACString
& rawContentType
,
1234 nsCString
& contentType
,
1235 nsCString
& contentCharset
) {
1236 // contentCharset is left untouched if not present in rawContentType
1238 nsCOMPtr
<nsINetUtil
> util
= do_GetNetUtil(&rv
);
1239 NS_ENSURE_SUCCESS(rv
, rv
);
1242 rv
= util
->ParseRequestContentType(rawContentType
, charset
, &hadCharset
,
1244 if (NS_SUCCEEDED(rv
) && hadCharset
) contentCharset
= charset
;
1248 nsresult
NS_ParseResponseContentType(const nsACString
& rawContentType
,
1249 nsCString
& contentType
,
1250 nsCString
& contentCharset
) {
1251 // contentCharset is left untouched if not present in rawContentType
1253 nsCOMPtr
<nsINetUtil
> util
= do_GetNetUtil(&rv
);
1254 NS_ENSURE_SUCCESS(rv
, rv
);
1257 rv
= util
->ParseResponseContentType(rawContentType
, charset
, &hadCharset
,
1259 if (NS_SUCCEEDED(rv
) && hadCharset
) contentCharset
= charset
;
1263 nsresult
NS_ExtractCharsetFromContentType(const nsACString
& rawContentType
,
1264 nsCString
& contentCharset
,
1266 int32_t* charsetStart
,
1267 int32_t* charsetEnd
) {
1268 // contentCharset is left untouched if not present in rawContentType
1270 nsCOMPtr
<nsINetUtil
> util
= do_GetNetUtil(&rv
);
1271 NS_ENSURE_SUCCESS(rv
, rv
);
1273 return util
->ExtractCharsetFromContentType(
1274 rawContentType
, contentCharset
, charsetStart
, charsetEnd
, hadCharset
);
1277 nsresult
NS_NewAtomicFileOutputStream(nsIOutputStream
** result
, nsIFile
* file
,
1278 int32_t ioFlags
/* = -1 */,
1279 int32_t perm
/* = -1 */,
1280 int32_t behaviorFlags
/* = 0 */) {
1282 nsCOMPtr
<nsIFileOutputStream
> out
=
1283 do_CreateInstance(NS_ATOMICLOCALFILEOUTPUTSTREAM_CONTRACTID
, &rv
);
1284 if (NS_SUCCEEDED(rv
)) {
1285 rv
= out
->Init(file
, ioFlags
, perm
, behaviorFlags
);
1286 if (NS_SUCCEEDED(rv
)) out
.forget(result
);
1291 nsresult
NS_NewSafeLocalFileOutputStream(nsIOutputStream
** result
,
1293 int32_t ioFlags
/* = -1 */,
1294 int32_t perm
/* = -1 */,
1295 int32_t behaviorFlags
/* = 0 */) {
1297 nsCOMPtr
<nsIFileOutputStream
> out
=
1298 do_CreateInstance(NS_SAFELOCALFILEOUTPUTSTREAM_CONTRACTID
, &rv
);
1299 if (NS_SUCCEEDED(rv
)) {
1300 rv
= out
->Init(file
, ioFlags
, perm
, behaviorFlags
);
1301 if (NS_SUCCEEDED(rv
)) out
.forget(result
);
1306 nsresult
NS_NewLocalFileRandomAccessStream(nsIRandomAccessStream
** result
,
1308 int32_t ioFlags
/* = -1 */,
1309 int32_t perm
/* = -1 */,
1310 int32_t behaviorFlags
/* = 0 */) {
1311 nsCOMPtr
<nsIFileRandomAccessStream
> stream
= new nsFileRandomAccessStream();
1312 nsresult rv
= stream
->Init(file
, ioFlags
, perm
, behaviorFlags
);
1313 if (NS_SUCCEEDED(rv
)) {
1314 stream
.forget(result
);
1319 mozilla::Result
<nsCOMPtr
<nsIRandomAccessStream
>, nsresult
>
1320 NS_NewLocalFileRandomAccessStream(nsIFile
* file
, int32_t ioFlags
/* = -1 */,
1321 int32_t perm
/* = -1 */,
1322 int32_t behaviorFlags
/* = 0 */) {
1323 nsCOMPtr
<nsIRandomAccessStream
> stream
;
1324 const nsresult rv
= NS_NewLocalFileRandomAccessStream(
1325 getter_AddRefs(stream
), file
, ioFlags
, perm
, behaviorFlags
);
1326 if (NS_SUCCEEDED(rv
)) {
1332 nsresult
NS_NewBufferedOutputStream(
1333 nsIOutputStream
** aResult
, already_AddRefed
<nsIOutputStream
> aOutputStream
,
1334 uint32_t aBufferSize
) {
1335 nsCOMPtr
<nsIOutputStream
> outputStream
= std::move(aOutputStream
);
1338 nsCOMPtr
<nsIBufferedOutputStream
> out
=
1339 do_CreateInstance(NS_BUFFEREDOUTPUTSTREAM_CONTRACTID
, &rv
);
1340 if (NS_SUCCEEDED(rv
)) {
1341 rv
= out
->Init(outputStream
, aBufferSize
);
1342 if (NS_SUCCEEDED(rv
)) {
1343 out
.forget(aResult
);
1349 [[nodiscard
]] nsresult
NS_NewBufferedInputStream(
1350 nsIInputStream
** aResult
, already_AddRefed
<nsIInputStream
> aInputStream
,
1351 uint32_t aBufferSize
) {
1352 nsCOMPtr
<nsIInputStream
> inputStream
= std::move(aInputStream
);
1354 nsCOMPtr
<nsIBufferedInputStream
> in
;
1355 nsresult rv
= nsBufferedInputStream::Create(
1356 NS_GET_IID(nsIBufferedInputStream
), getter_AddRefs(in
));
1357 if (NS_SUCCEEDED(rv
)) {
1358 rv
= in
->Init(inputStream
, aBufferSize
);
1359 if (NS_SUCCEEDED(rv
)) {
1360 *aResult
= static_cast<nsBufferedInputStream
*>(in
.get())
1368 Result
<nsCOMPtr
<nsIInputStream
>, nsresult
> NS_NewBufferedInputStream(
1369 already_AddRefed
<nsIInputStream
> aInputStream
, uint32_t aBufferSize
) {
1370 nsCOMPtr
<nsIInputStream
> stream
;
1371 const nsresult rv
= NS_NewBufferedInputStream(
1372 getter_AddRefs(stream
), std::move(aInputStream
), aBufferSize
);
1373 if (NS_SUCCEEDED(rv
)) {
1381 #define BUFFER_SIZE 8192
1383 class BufferWriter final
: public nsIInputStreamCallback
{
1385 NS_DECL_THREADSAFE_ISUPPORTS
1387 BufferWriter(nsIInputStream
* aInputStream
, void* aBuffer
, int64_t aCount
)
1388 : mMonitor("BufferWriter.mMonitor"),
1389 mInputStream(aInputStream
),
1393 mBufferType(aBuffer
? eExternal
: eInternal
),
1395 MOZ_ASSERT(aInputStream
);
1396 MOZ_ASSERT(aCount
== -1 || aCount
> 0);
1397 MOZ_ASSERT_IF(mBuffer
, aCount
> 0);
1401 NS_ASSERT_OWNINGTHREAD(BufferWriter
);
1403 // Let's make the inputStream buffered if it's not.
1404 if (!NS_InputStreamIsBuffered(mInputStream
)) {
1405 nsCOMPtr
<nsIInputStream
> bufferedStream
;
1406 nsresult rv
= NS_NewBufferedInputStream(
1407 getter_AddRefs(bufferedStream
), mInputStream
.forget(), BUFFER_SIZE
);
1408 NS_ENSURE_SUCCESS(rv
, rv
);
1410 mInputStream
= bufferedStream
;
1413 mAsyncInputStream
= do_QueryInterface(mInputStream
);
1415 if (!mAsyncInputStream
) {
1419 // Let's use mAsyncInputStream only.
1420 mInputStream
= nullptr;
1422 return WriteAsync();
1425 uint64_t WrittenData() const {
1426 NS_ASSERT_OWNINGTHREAD(BufferWriter
);
1427 return mWrittenData
;
1430 void* StealBuffer() {
1431 NS_ASSERT_OWNINGTHREAD(BufferWriter
);
1432 MOZ_ASSERT(mBufferType
== eInternal
);
1434 void* buffer
= mBuffer
;
1444 if (mBuffer
&& mBufferType
== eInternal
) {
1449 mTaskQueue
->BeginShutdown();
1453 nsresult
WriteSync() {
1454 NS_ASSERT_OWNINGTHREAD(BufferWriter
);
1456 uint64_t length
= (uint64_t)mCount
;
1459 nsresult rv
= mInputStream
->Available(&length
);
1460 NS_ENSURE_SUCCESS(rv
, rv
);
1468 if (mBufferType
== eInternal
) {
1469 mBuffer
= malloc(length
);
1470 if (NS_WARN_IF(!mBuffer
)) {
1471 return NS_ERROR_OUT_OF_MEMORY
;
1475 uint32_t writtenData
;
1476 nsresult rv
= mInputStream
->ReadSegments(NS_CopySegmentToBuffer
, mBuffer
,
1477 length
, &writtenData
);
1478 NS_ENSURE_SUCCESS(rv
, rv
);
1480 mWrittenData
= writtenData
;
1484 nsresult
WriteAsync() {
1485 NS_ASSERT_OWNINGTHREAD(BufferWriter
);
1487 if (mCount
> 0 && mBufferType
== eInternal
) {
1488 mBuffer
= malloc(mCount
);
1489 if (NS_WARN_IF(!mBuffer
)) {
1490 return NS_ERROR_OUT_OF_MEMORY
;
1495 if (mCount
== -1 && !MaybeExpandBufferSize()) {
1496 return NS_ERROR_OUT_OF_MEMORY
;
1499 uint64_t offset
= mWrittenData
;
1500 uint64_t length
= mCount
== -1 ? BUFFER_SIZE
: mCount
;
1502 // Let's try to read data directly.
1503 uint32_t writtenData
;
1504 nsresult rv
= mAsyncInputStream
->ReadSegments(
1505 NS_CopySegmentToBuffer
, static_cast<char*>(mBuffer
) + offset
, length
,
1508 // Operation completed. Nothing more to read.
1509 if (NS_SUCCEEDED(rv
) && writtenData
== 0) {
1513 // If we succeeded, let's try to read again.
1514 if (NS_SUCCEEDED(rv
)) {
1515 mWrittenData
+= writtenData
;
1517 MOZ_ASSERT(mCount
>= writtenData
);
1518 mCount
-= writtenData
;
1520 // Is this the end of the reading?
1530 if (rv
== NS_BASE_STREAM_WOULD_BLOCK
) {
1531 rv
= MaybeCreateTaskQueue();
1532 if (NS_WARN_IF(NS_FAILED(rv
))) {
1536 MonitorAutoLock
lock(mMonitor
);
1538 rv
= mAsyncInputStream
->AsyncWait(this, 0, length
, mTaskQueue
);
1539 if (NS_WARN_IF(NS_FAILED(rv
))) {
1547 // Otherwise, let's propagate the error.
1551 MOZ_ASSERT_UNREACHABLE("We should not be here");
1552 return NS_ERROR_FAILURE
;
1555 nsresult
MaybeCreateTaskQueue() {
1556 NS_ASSERT_OWNINGTHREAD(BufferWriter
);
1559 nsCOMPtr
<nsIEventTarget
> target
=
1560 do_GetService(NS_STREAMTRANSPORTSERVICE_CONTRACTID
);
1562 return NS_ERROR_FAILURE
;
1565 mTaskQueue
= TaskQueue::Create(target
.forget(), "nsNetUtil:BufferWriter");
1572 OnInputStreamReady(nsIAsyncInputStream
* aStream
) override
{
1573 MOZ_ASSERT(!NS_IsMainThread());
1575 // We have something to read. Let's unlock the main-thread.
1576 MonitorAutoLock
lock(mMonitor
);
1581 bool MaybeExpandBufferSize() {
1582 NS_ASSERT_OWNINGTHREAD(BufferWriter
);
1584 MOZ_ASSERT(mCount
== -1);
1586 if (mBufferSize
>= mWrittenData
+ BUFFER_SIZE
) {
1587 // The buffer is big enough.
1591 CheckedUint32 bufferSize
=
1592 std::max
<uint32_t>(static_cast<uint32_t>(mWrittenData
), BUFFER_SIZE
);
1593 while (bufferSize
.isValid() &&
1594 bufferSize
.value() < mWrittenData
+ BUFFER_SIZE
) {
1598 if (!bufferSize
.isValid()) {
1602 void* buffer
= realloc(mBuffer
, bufferSize
.value());
1608 mBufferSize
= bufferSize
.value();
1612 // All the members of this class are touched on the owning thread only. The
1613 // monitor is only used to communicate when there is more data to read.
1614 Monitor mMonitor MOZ_UNANNOTATED
;
1616 nsCOMPtr
<nsIInputStream
> mInputStream
;
1617 nsCOMPtr
<nsIAsyncInputStream
> mAsyncInputStream
;
1619 RefPtr
<TaskQueue
> mTaskQueue
;
1623 uint64_t mWrittenData
;
1626 // The buffer is allocated internally and this object must release it
1627 // in the DTOR if not stolen. The buffer can be reallocated.
1630 // The buffer is not owned by this object and it cannot be reallocated.
1634 // The following set if needed for the async read.
1635 uint64_t mBufferSize
;
1638 NS_IMPL_ISUPPORTS(BufferWriter
, nsIInputStreamCallback
)
1640 } // anonymous namespace
1642 nsresult
NS_ReadInputStreamToBuffer(nsIInputStream
* aInputStream
, void** aDest
,
1643 int64_t aCount
, uint64_t* aWritten
) {
1644 MOZ_ASSERT(aInputStream
);
1645 MOZ_ASSERT(aCount
>= -1);
1647 uint64_t dummyWritten
;
1649 aWritten
= &dummyWritten
;
1657 // This will take care of allocating and reallocating aDest.
1658 RefPtr
<BufferWriter
> writer
= new BufferWriter(aInputStream
, *aDest
, aCount
);
1660 nsresult rv
= writer
->Write();
1661 NS_ENSURE_SUCCESS(rv
, rv
);
1663 *aWritten
= writer
->WrittenData();
1666 *aDest
= writer
->StealBuffer();
1672 nsresult
NS_ReadInputStreamToString(nsIInputStream
* aInputStream
,
1673 nsACString
& aDest
, int64_t aCount
,
1674 uint64_t* aWritten
) {
1675 uint64_t dummyWritten
;
1677 aWritten
= &dummyWritten
;
1680 // Nothing to do if aCount is 0.
1687 // If we have the size, we can pre-allocate the buffer.
1689 if (NS_WARN_IF(aCount
>= INT32_MAX
) ||
1690 NS_WARN_IF(!aDest
.SetLength(aCount
, mozilla::fallible
))) {
1691 return NS_ERROR_OUT_OF_MEMORY
;
1694 void* dest
= aDest
.BeginWriting();
1696 NS_ReadInputStreamToBuffer(aInputStream
, &dest
, aCount
, aWritten
);
1697 NS_ENSURE_SUCCESS(rv
, rv
);
1699 if ((uint64_t)aCount
> *aWritten
) {
1700 aDest
.Truncate(*aWritten
);
1706 // If the size is unknown, BufferWriter will allocate the buffer.
1707 void* dest
= nullptr;
1709 NS_ReadInputStreamToBuffer(aInputStream
, &dest
, aCount
, aWritten
);
1710 MOZ_ASSERT_IF(NS_FAILED(rv
), dest
== nullptr);
1711 NS_ENSURE_SUCCESS(rv
, rv
);
1714 MOZ_ASSERT(*aWritten
== 0);
1719 aDest
.Adopt(reinterpret_cast<char*>(dest
), *aWritten
);
1723 nsresult
NS_NewURI(nsIURI
** result
, const nsACString
& spec
,
1724 NotNull
<const Encoding
*> encoding
,
1725 nsIURI
* baseURI
/* = nullptr */) {
1726 nsAutoCString charset
;
1727 encoding
->Name(charset
);
1728 return NS_NewURI(result
, spec
, charset
.get(), baseURI
);
1731 nsresult
NS_NewURI(nsIURI
** result
, const nsAString
& aSpec
,
1732 const char* charset
/* = nullptr */,
1733 nsIURI
* baseURI
/* = nullptr */) {
1735 if (!AppendUTF16toUTF8(aSpec
, spec
, mozilla::fallible
)) {
1736 return NS_ERROR_OUT_OF_MEMORY
;
1738 return NS_NewURI(result
, spec
, charset
, baseURI
);
1741 nsresult
NS_NewURI(nsIURI
** result
, const nsAString
& aSpec
,
1742 NotNull
<const Encoding
*> encoding
,
1743 nsIURI
* baseURI
/* = nullptr */) {
1745 if (!AppendUTF16toUTF8(aSpec
, spec
, mozilla::fallible
)) {
1746 return NS_ERROR_OUT_OF_MEMORY
;
1748 return NS_NewURI(result
, spec
, encoding
, baseURI
);
1751 nsresult
NS_NewURI(nsIURI
** result
, const char* spec
,
1752 nsIURI
* baseURI
/* = nullptr */) {
1753 return NS_NewURI(result
, nsDependentCString(spec
), nullptr, baseURI
);
1756 static nsresult
NewStandardURI(const nsACString
& aSpec
, const char* aCharset
,
1757 nsIURI
* aBaseURI
, int32_t aDefaultPort
,
1759 return NS_MutateURI(new nsStandardURL::Mutator())
1760 .Apply(&nsIStandardURLMutator::Init
, nsIStandardURL::URLTYPE_AUTHORITY
,
1761 aDefaultPort
, aSpec
, aCharset
, aBaseURI
, nullptr)
1765 nsresult
NS_GetSpecWithNSURLEncoding(nsACString
& aResult
,
1766 const nsACString
& aSpec
) {
1767 nsCOMPtr
<nsIURI
> uri
;
1768 nsresult rv
= NS_NewURIWithNSURLEncoding(getter_AddRefs(uri
), aSpec
);
1769 NS_ENSURE_SUCCESS(rv
, rv
);
1770 return uri
->GetAsciiSpec(aResult
);
1773 nsresult
NS_NewURIWithNSURLEncoding(nsIURI
** aResult
, const nsACString
& aSpec
) {
1774 nsCOMPtr
<nsIURI
> uri
;
1775 nsresult rv
= NS_NewURI(getter_AddRefs(uri
), aSpec
);
1776 NS_ENSURE_SUCCESS(rv
, rv
);
1778 // Escape the ref portion of the URL. NSURL is more strict about which
1779 // characters in the URL must be % encoded. For example, an unescaped '#'
1780 // to indicate the beginning of the ref component is accepted by NSURL, but
1781 // '#' characters in the ref must be escaped. Also adds encoding for other
1782 // characters not accepted by NSURL in the ref such as '{', '|', '}', and '^'.
1783 // The ref returned from GetRef() does not include the leading '#'.
1784 nsAutoCString ref
, escapedRef
;
1785 if (NS_SUCCEEDED(uri
->GetRef(ref
)) && !ref
.IsEmpty()) {
1786 if (!NS_Escape(ref
, escapedRef
, url_NSURLRef
)) {
1787 return NS_ERROR_INVALID_ARG
;
1789 rv
= NS_MutateURI(uri
).SetRef(escapedRef
).Finalize(uri
);
1790 NS_ENSURE_SUCCESS(rv
, rv
);
1793 uri
.forget(aResult
);
1797 extern MOZ_THREAD_LOCAL(uint32_t) gTlsURLRecursionCount
;
1799 template <typename T
>
1800 class TlsAutoIncrement
{
1802 explicit TlsAutoIncrement(T
& var
) : mVar(var
) {
1803 mValue
= mVar
.get();
1804 mVar
.set(mValue
+ 1);
1806 ~TlsAutoIncrement() {
1807 typename
T::Type value
= mVar
.get();
1808 MOZ_ASSERT(value
== mValue
+ 1);
1809 mVar
.set(value
- 1);
1812 typename
T::Type
value() { return mValue
; }
1815 typename
T::Type mValue
;
1819 nsresult
NS_NewURI(nsIURI
** aURI
, const nsACString
& aSpec
,
1820 const char* aCharset
/* = nullptr */,
1821 nsIURI
* aBaseURI
/* = nullptr */) {
1822 TlsAutoIncrement
<decltype(gTlsURLRecursionCount
)> inc(gTlsURLRecursionCount
);
1823 if (inc
.value() >= MAX_RECURSION_COUNT
) {
1824 return NS_ERROR_MALFORMED_URI
;
1827 nsCOMPtr
<nsIIOService
> ioService
= do_GetIOService();
1829 // Individual protocol handlers unfortunately rely on the ioservice, let's
1830 // return an error here instead of causing unpredictable crashes later.
1831 return NS_ERROR_NOT_AVAILABLE
;
1834 if (StaticPrefs::network_url_max_length() &&
1835 aSpec
.Length() > StaticPrefs::network_url_max_length()) {
1836 return NS_ERROR_MALFORMED_URI
;
1839 nsAutoCString scheme
;
1840 nsresult rv
= net_ExtractURLScheme(aSpec
, scheme
);
1841 if (NS_FAILED(rv
)) {
1842 // then aSpec is relative
1844 return NS_ERROR_MALFORMED_URI
;
1847 if (!aSpec
.IsEmpty() && aSpec
[0] == '#') {
1848 // Looks like a reference instead of a fully-specified URI.
1849 // --> initialize |uri| as a clone of |aBaseURI|, with ref appended.
1850 return NS_GetURIWithNewRef(aBaseURI
, aSpec
, aURI
);
1853 rv
= aBaseURI
->GetScheme(scheme
);
1854 if (NS_FAILED(rv
)) return rv
;
1857 if (scheme
.EqualsLiteral("http") || scheme
.EqualsLiteral("ws")) {
1858 return NewStandardURI(aSpec
, aCharset
, aBaseURI
, NS_HTTP_DEFAULT_PORT
,
1861 if (scheme
.EqualsLiteral("https") || scheme
.EqualsLiteral("wss")) {
1862 return NewStandardURI(aSpec
, aCharset
, aBaseURI
, NS_HTTPS_DEFAULT_PORT
,
1865 if (scheme
.EqualsLiteral("ftp")) {
1866 return NewStandardURI(aSpec
, aCharset
, aBaseURI
, 21, aURI
);
1869 if (scheme
.EqualsLiteral("file")) {
1870 return NS_MutateURI(new nsStandardURL::Mutator())
1871 .Apply(&nsIFileURLMutator::MarkFileURL
)
1872 .Apply(&nsIStandardURLMutator::Init
,
1873 nsIStandardURL::URLTYPE_NO_AUTHORITY
, -1, aSpec
, aCharset
,
1878 if (scheme
.EqualsLiteral("data")) {
1879 return nsDataHandler::CreateNewURI(aSpec
, aCharset
, aBaseURI
, aURI
);
1882 if (scheme
.EqualsLiteral("moz-safe-about") ||
1883 scheme
.EqualsLiteral("page-icon") || scheme
.EqualsLiteral("moz") ||
1884 scheme
.EqualsLiteral("cached-favicon")) {
1885 return NS_MutateURI(new nsSimpleURI::Mutator())
1890 if (scheme
.EqualsLiteral("chrome")) {
1891 return nsChromeProtocolHandler::CreateNewURI(aSpec
, aCharset
, aBaseURI
,
1895 if (scheme
.EqualsLiteral("javascript")) {
1896 return nsJSProtocolHandler::CreateNewURI(aSpec
, aCharset
, aBaseURI
, aURI
);
1899 if (scheme
.EqualsLiteral("blob")) {
1900 return BlobURLProtocolHandler::CreateNewURI(aSpec
, aCharset
, aBaseURI
,
1904 if (scheme
.EqualsLiteral("view-source")) {
1905 return nsViewSourceHandler::CreateNewURI(aSpec
, aCharset
, aBaseURI
, aURI
);
1908 if (scheme
.EqualsLiteral("resource")) {
1909 RefPtr
<nsResProtocolHandler
> handler
= nsResProtocolHandler::GetSingleton();
1911 return NS_ERROR_NOT_AVAILABLE
;
1913 return handler
->NewURI(aSpec
, aCharset
, aBaseURI
, aURI
);
1916 if (scheme
.EqualsLiteral("indexeddb") || scheme
.EqualsLiteral("uuid")) {
1917 return NS_MutateURI(new nsStandardURL::Mutator())
1918 .Apply(&nsIStandardURLMutator::Init
, nsIStandardURL::URLTYPE_AUTHORITY
,
1919 0, aSpec
, aCharset
, aBaseURI
, nullptr)
1923 if (scheme
.EqualsLiteral("moz-extension")) {
1924 RefPtr
<mozilla::net::ExtensionProtocolHandler
> handler
=
1925 mozilla::net::ExtensionProtocolHandler::GetSingleton();
1927 return NS_ERROR_NOT_AVAILABLE
;
1929 return handler
->NewURI(aSpec
, aCharset
, aBaseURI
, aURI
);
1932 if (scheme
.EqualsLiteral("moz-page-thumb")) {
1933 // The moz-page-thumb service runs JS to resolve a URI to a
1934 // storage location, so this should only ever run on the main
1936 if (!NS_IsMainThread()) {
1937 return NS_ERROR_NOT_AVAILABLE
;
1940 RefPtr
<mozilla::net::PageThumbProtocolHandler
> handler
=
1941 mozilla::net::PageThumbProtocolHandler::GetSingleton();
1943 return NS_ERROR_NOT_AVAILABLE
;
1945 return handler
->NewURI(aSpec
, aCharset
, aBaseURI
, aURI
);
1948 if (scheme
.EqualsLiteral("about")) {
1949 return nsAboutProtocolHandler::CreateNewURI(aSpec
, aCharset
, aBaseURI
,
1953 if (scheme
.EqualsLiteral("jar")) {
1954 return NS_MutateURI(new nsJARURI::Mutator())
1955 .Apply(&nsIJARURIMutator::SetSpecBaseCharset
, aSpec
, aBaseURI
, aCharset
)
1960 if (scheme
.EqualsLiteral("moz-icon")) {
1961 return NS_MutateURI(new nsMozIconURI::Mutator())
1967 #ifdef MOZ_WIDGET_GTK
1968 if (scheme
.EqualsLiteral("smb") || scheme
.EqualsLiteral("sftp")) {
1969 return NS_MutateURI(new nsStandardURL::Mutator())
1970 .Apply(&nsIStandardURLMutator::Init
, nsIStandardURL::URLTYPE_STANDARD
,
1971 -1, aSpec
, aCharset
, aBaseURI
, nullptr)
1976 if (scheme
.EqualsLiteral("android")) {
1977 return NS_MutateURI(NS_STANDARDURLMUTATOR_CONTRACTID
)
1978 .Apply(&nsIStandardURLMutator::Init
, nsIStandardURL::URLTYPE_STANDARD
,
1979 -1, aSpec
, aCharset
, aBaseURI
, nullptr)
1983 // web-extensions can add custom protocol implementations with standard URLs
1984 // that have notion of hostname, authority and relative URLs. Below we
1985 // manually check agains set of known protocols schemes until more general
1986 // solution is in place (See Bug 1569733)
1987 if (!StaticPrefs::network_url_useDefaultURI()) {
1988 if (scheme
.EqualsLiteral("ssh")) {
1989 return NewStandardURI(aSpec
, aCharset
, aBaseURI
, 22, aURI
);
1992 if (scheme
.EqualsLiteral("dweb") || scheme
.EqualsLiteral("dat") ||
1993 scheme
.EqualsLiteral("ipfs") || scheme
.EqualsLiteral("ipns") ||
1994 scheme
.EqualsLiteral("ssb") || scheme
.EqualsLiteral("wtp")) {
1995 return NewStandardURI(aSpec
, aCharset
, aBaseURI
, -1, aURI
);
1999 #if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE)
2000 rv
= NS_NewMailnewsURI(aURI
, aSpec
, aCharset
, aBaseURI
);
2001 if (rv
!= NS_ERROR_UNKNOWN_PROTOCOL
) {
2007 nsAutoCString newSpec
;
2008 rv
= aBaseURI
->Resolve(aSpec
, newSpec
);
2009 NS_ENSURE_SUCCESS(rv
, rv
);
2011 nsAutoCString newScheme
;
2012 rv
= net_ExtractURLScheme(newSpec
, newScheme
);
2013 if (NS_SUCCEEDED(rv
)) {
2014 // The scheme shouldn't really change at this point.
2015 MOZ_DIAGNOSTIC_ASSERT(newScheme
== scheme
);
2018 if (StaticPrefs::network_url_useDefaultURI()) {
2019 return NS_MutateURI(new DefaultURI::Mutator())
2024 return NS_MutateURI(new nsSimpleURI::Mutator())
2029 if (StaticPrefs::network_url_useDefaultURI()) {
2030 return NS_MutateURI(new DefaultURI::Mutator())
2035 // Falls back to external protocol handler.
2036 return NS_MutateURI(new nsSimpleURI::Mutator()).SetSpec(aSpec
).Finalize(aURI
);
2039 nsresult
NS_GetSanitizedURIStringFromURI(nsIURI
* aUri
,
2040 nsAString
& aSanitizedSpec
) {
2041 aSanitizedSpec
.Truncate();
2043 nsCOMPtr
<nsISensitiveInfoHiddenURI
> safeUri
= do_QueryInterface(aUri
);
2044 nsAutoCString cSpec
;
2047 rv
= safeUri
->GetSensitiveInfoHiddenSpec(cSpec
);
2049 rv
= aUri
->GetSpec(cSpec
);
2052 if (NS_SUCCEEDED(rv
)) {
2053 aSanitizedSpec
.Assign(NS_ConvertUTF8toUTF16(cSpec
));
2058 nsresult
NS_LoadPersistentPropertiesFromURISpec(
2059 nsIPersistentProperties
** outResult
, const nsACString
& aSpec
) {
2060 nsCOMPtr
<nsIURI
> uri
;
2061 nsresult rv
= NS_NewURI(getter_AddRefs(uri
), aSpec
);
2062 NS_ENSURE_SUCCESS(rv
, rv
);
2064 nsCOMPtr
<nsIChannel
> channel
;
2065 rv
= NS_NewChannel(getter_AddRefs(channel
), uri
,
2066 nsContentUtils::GetSystemPrincipal(),
2067 nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL
,
2068 nsIContentPolicy::TYPE_OTHER
);
2069 NS_ENSURE_SUCCESS(rv
, rv
);
2070 nsCOMPtr
<nsIInputStream
> in
;
2071 rv
= channel
->Open(getter_AddRefs(in
));
2072 NS_ENSURE_SUCCESS(rv
, rv
);
2074 nsCOMPtr
<nsIPersistentProperties
> properties
= new nsPersistentProperties();
2075 rv
= properties
->Load(in
);
2076 NS_ENSURE_SUCCESS(rv
, rv
);
2078 properties
.swap(*outResult
);
2082 bool NS_UsePrivateBrowsing(nsIChannel
* channel
) {
2083 OriginAttributes attrs
;
2084 bool result
= StoragePrincipalHelper::GetOriginAttributes(
2085 channel
, attrs
, StoragePrincipalHelper::eRegularPrincipal
);
2086 NS_ENSURE_TRUE(result
, result
);
2087 return attrs
.mPrivateBrowsingId
> 0;
2090 bool NS_HasBeenCrossOrigin(nsIChannel
* aChannel
, bool aReport
) {
2091 nsCOMPtr
<nsILoadInfo
> loadInfo
= aChannel
->LoadInfo();
2092 // TYPE_DOCUMENT loads have a null LoadingPrincipal and can not be cross
2094 if (!loadInfo
->GetLoadingPrincipal()) {
2098 // Always treat tainted channels as cross-origin.
2099 if (loadInfo
->GetTainting() != LoadTainting::Basic
) {
2103 nsCOMPtr
<nsIPrincipal
> loadingPrincipal
= loadInfo
->GetLoadingPrincipal();
2104 uint32_t mode
= loadInfo
->GetSecurityMode();
2106 mode
== nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_INHERITS_SEC_CONTEXT
||
2107 mode
== nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_INHERITS_SEC_CONTEXT
||
2108 mode
== nsILoadInfo::SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT
;
2110 bool aboutBlankInherits
= dataInherits
&& loadInfo
->GetAboutBlankInherits();
2112 uint64_t innerWindowID
= loadInfo
->GetInnerWindowID();
2114 for (nsIRedirectHistoryEntry
* redirectHistoryEntry
:
2115 loadInfo
->RedirectChain()) {
2116 nsCOMPtr
<nsIPrincipal
> principal
;
2117 redirectHistoryEntry
->GetPrincipal(getter_AddRefs(principal
));
2122 nsCOMPtr
<nsIURI
> uri
;
2123 auto* basePrin
= BasePrincipal::Cast(principal
);
2124 basePrin
->GetURI(getter_AddRefs(uri
));
2129 if (aboutBlankInherits
&& NS_IsAboutBlank(uri
)) {
2135 res
= loadingPrincipal
->CheckMayLoadWithReporting(uri
, dataInherits
,
2138 res
= loadingPrincipal
->CheckMayLoad(uri
, dataInherits
);
2140 if (NS_FAILED(res
)) {
2145 nsCOMPtr
<nsIURI
> uri
;
2146 NS_GetFinalChannelURI(aChannel
, getter_AddRefs(uri
));
2151 if (aboutBlankInherits
&& NS_IsAboutBlank(uri
)) {
2157 res
= loadingPrincipal
->CheckMayLoadWithReporting(uri
, dataInherits
,
2160 res
= loadingPrincipal
->CheckMayLoad(uri
, dataInherits
);
2163 return NS_FAILED(res
);
2166 bool NS_IsSafeMethodNav(nsIChannel
* aChannel
) {
2167 RefPtr
<HttpBaseChannel
> baseChan
= do_QueryObject(aChannel
);
2171 nsHttpRequestHead
* requestHead
= baseChan
->GetRequestHead();
2175 return requestHead
->IsSafeMethod();
2178 void NS_WrapAuthPrompt(nsIAuthPrompt
* aAuthPrompt
,
2179 nsIAuthPrompt2
** aAuthPrompt2
) {
2180 nsCOMPtr
<nsIAuthPromptAdapterFactory
> factory
=
2181 do_GetService(NS_AUTHPROMPT_ADAPTER_FACTORY_CONTRACTID
);
2182 if (!factory
) return;
2184 NS_WARNING("Using deprecated nsIAuthPrompt");
2185 factory
->CreateAdapter(aAuthPrompt
, aAuthPrompt2
);
2188 void NS_QueryAuthPrompt2(nsIInterfaceRequestor
* aCallbacks
,
2189 nsIAuthPrompt2
** aAuthPrompt
) {
2190 CallGetInterface(aCallbacks
, aAuthPrompt
);
2191 if (*aAuthPrompt
) return;
2193 // Maybe only nsIAuthPrompt is provided and we have to wrap it.
2194 nsCOMPtr
<nsIAuthPrompt
> prompt(do_GetInterface(aCallbacks
));
2195 if (!prompt
) return;
2197 NS_WrapAuthPrompt(prompt
, aAuthPrompt
);
2200 void NS_QueryAuthPrompt2(nsIChannel
* aChannel
, nsIAuthPrompt2
** aAuthPrompt
) {
2201 *aAuthPrompt
= nullptr;
2203 // We want to use any auth prompt we can find on the channel's callbacks,
2204 // and if that fails use the loadgroup's prompt (if any)
2205 // Therefore, we can't just use NS_QueryNotificationCallbacks, because
2206 // that would prefer a loadgroup's nsIAuthPrompt2 over a channel's
2208 nsCOMPtr
<nsIInterfaceRequestor
> callbacks
;
2209 aChannel
->GetNotificationCallbacks(getter_AddRefs(callbacks
));
2211 NS_QueryAuthPrompt2(callbacks
, aAuthPrompt
);
2212 if (*aAuthPrompt
) return;
2215 nsCOMPtr
<nsILoadGroup
> group
;
2216 aChannel
->GetLoadGroup(getter_AddRefs(group
));
2219 group
->GetNotificationCallbacks(getter_AddRefs(callbacks
));
2220 if (!callbacks
) return;
2221 NS_QueryAuthPrompt2(callbacks
, aAuthPrompt
);
2224 nsresult
NS_NewNotificationCallbacksAggregation(
2225 nsIInterfaceRequestor
* callbacks
, nsILoadGroup
* loadGroup
,
2226 nsIEventTarget
* target
, nsIInterfaceRequestor
** result
) {
2227 nsCOMPtr
<nsIInterfaceRequestor
> cbs
;
2228 if (loadGroup
) loadGroup
->GetNotificationCallbacks(getter_AddRefs(cbs
));
2229 return NS_NewInterfaceRequestorAggregation(callbacks
, cbs
, target
, result
);
2232 nsresult
NS_NewNotificationCallbacksAggregation(
2233 nsIInterfaceRequestor
* callbacks
, nsILoadGroup
* loadGroup
,
2234 nsIInterfaceRequestor
** result
) {
2235 return NS_NewNotificationCallbacksAggregation(callbacks
, loadGroup
, nullptr,
2239 nsresult
NS_DoImplGetInnermostURI(nsINestedURI
* nestedURI
, nsIURI
** result
) {
2240 MOZ_ASSERT(nestedURI
, "Must have a nested URI!");
2241 MOZ_ASSERT(!*result
, "Must have null *result");
2243 nsCOMPtr
<nsIURI
> inner
;
2244 nsresult rv
= nestedURI
->GetInnerURI(getter_AddRefs(inner
));
2245 NS_ENSURE_SUCCESS(rv
, rv
);
2247 // We may need to loop here until we reach the innermost
2249 nsCOMPtr
<nsINestedURI
> nestedInner(do_QueryInterface(inner
));
2250 while (nestedInner
) {
2251 rv
= nestedInner
->GetInnerURI(getter_AddRefs(inner
));
2252 NS_ENSURE_SUCCESS(rv
, rv
);
2253 nestedInner
= do_QueryInterface(inner
);
2256 // Found the innermost one if we reach here.
2257 inner
.swap(*result
);
2262 nsresult
NS_ImplGetInnermostURI(nsINestedURI
* nestedURI
, nsIURI
** result
) {
2263 // Make it safe to use swap()
2266 return NS_DoImplGetInnermostURI(nestedURI
, result
);
2269 already_AddRefed
<nsIURI
> NS_GetInnermostURI(nsIURI
* aURI
) {
2270 MOZ_ASSERT(aURI
, "Must have URI");
2272 nsCOMPtr
<nsIURI
> uri
= aURI
;
2274 nsCOMPtr
<nsINestedURI
> nestedURI(do_QueryInterface(uri
));
2276 return uri
.forget();
2279 nsresult rv
= nestedURI
->GetInnermostURI(getter_AddRefs(uri
));
2280 if (NS_FAILED(rv
)) {
2284 return uri
.forget();
2287 nsresult
NS_GetFinalChannelURI(nsIChannel
* channel
, nsIURI
** uri
) {
2290 nsCOMPtr
<nsILoadInfo
> loadInfo
= channel
->LoadInfo();
2291 nsCOMPtr
<nsIURI
> resultPrincipalURI
;
2292 loadInfo
->GetResultPrincipalURI(getter_AddRefs(resultPrincipalURI
));
2293 if (resultPrincipalURI
) {
2294 resultPrincipalURI
.forget(uri
);
2297 return channel
->GetOriginalURI(uri
);
2300 nsresult
NS_URIChainHasFlags(nsIURI
* uri
, uint32_t flags
, bool* result
) {
2302 nsCOMPtr
<nsINetUtil
> util
= do_GetNetUtil(&rv
);
2303 NS_ENSURE_SUCCESS(rv
, rv
);
2305 return util
->URIChainHasFlags(uri
, flags
, result
);
2308 uint32_t NS_SecurityHashURI(nsIURI
* aURI
) {
2309 nsCOMPtr
<nsIURI
> baseURI
= NS_GetInnermostURI(aURI
);
2311 nsAutoCString scheme
;
2312 uint32_t schemeHash
= 0;
2313 if (NS_SUCCEEDED(baseURI
->GetScheme(scheme
))) {
2314 schemeHash
= mozilla::HashString(scheme
);
2317 // TODO figure out how to hash file:// URIs
2318 if (scheme
.EqualsLiteral("file")) return schemeHash
; // sad face
2320 #if IS_ORIGIN_IS_FULL_SPEC_DEFINED
2322 if (NS_FAILED(NS_URIChainHasFlags(
2323 baseURI
, nsIProtocolHandler::ORIGIN_IS_FULL_SPEC
, &hasFlag
)) ||
2327 nsresult res
= baseURI
->GetSpec(spec
);
2328 if (NS_SUCCEEDED(res
))
2329 specHash
= mozilla::HashString(spec
);
2331 specHash
= static_cast<uint32_t>(res
);
2337 uint32_t hostHash
= 0;
2338 if (NS_SUCCEEDED(baseURI
->GetAsciiHost(host
))) {
2339 hostHash
= mozilla::HashString(host
);
2342 return mozilla::AddToHash(schemeHash
, hostHash
, NS_GetRealPort(baseURI
));
2345 bool NS_SecurityCompareURIs(nsIURI
* aSourceURI
, nsIURI
* aTargetURI
,
2346 bool aStrictFileOriginPolicy
) {
2349 // Note that this is not an Equals() test on purpose -- for URIs that don't
2350 // support host/port, we want equality to basically be object identity, for
2351 // security purposes. Otherwise, for example, two javascript: URIs that
2352 // are otherwise unrelated could end up "same origin", which would be
2354 if (aSourceURI
&& aSourceURI
== aTargetURI
) {
2358 if (!aTargetURI
|| !aSourceURI
) {
2362 // If either URI is a nested URI, get the base URI
2363 nsCOMPtr
<nsIURI
> sourceBaseURI
= NS_GetInnermostURI(aSourceURI
);
2364 nsCOMPtr
<nsIURI
> targetBaseURI
= NS_GetInnermostURI(aTargetURI
);
2366 #if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE)
2367 // Check if either URI has a special origin.
2368 nsCOMPtr
<nsIURI
> origin
;
2369 nsCOMPtr
<nsIURIWithSpecialOrigin
> uriWithSpecialOrigin
=
2370 do_QueryInterface(sourceBaseURI
);
2371 if (uriWithSpecialOrigin
) {
2372 rv
= uriWithSpecialOrigin
->GetOrigin(getter_AddRefs(origin
));
2373 if (NS_WARN_IF(NS_FAILED(rv
))) {
2377 sourceBaseURI
= origin
;
2379 uriWithSpecialOrigin
= do_QueryInterface(targetBaseURI
);
2380 if (uriWithSpecialOrigin
) {
2381 rv
= uriWithSpecialOrigin
->GetOrigin(getter_AddRefs(origin
));
2382 if (NS_WARN_IF(NS_FAILED(rv
))) {
2386 targetBaseURI
= origin
;
2390 nsCOMPtr
<nsIPrincipal
> sourceBlobPrincipal
;
2391 if (BlobURLProtocolHandler::GetBlobURLPrincipal(
2392 sourceBaseURI
, getter_AddRefs(sourceBlobPrincipal
))) {
2393 nsCOMPtr
<nsIURI
> sourceBlobOwnerURI
;
2394 auto* basePrin
= BasePrincipal::Cast(sourceBlobPrincipal
);
2395 rv
= basePrin
->GetURI(getter_AddRefs(sourceBlobOwnerURI
));
2396 if (NS_SUCCEEDED(rv
)) {
2397 sourceBaseURI
= sourceBlobOwnerURI
;
2401 nsCOMPtr
<nsIPrincipal
> targetBlobPrincipal
;
2402 if (BlobURLProtocolHandler::GetBlobURLPrincipal(
2403 targetBaseURI
, getter_AddRefs(targetBlobPrincipal
))) {
2404 nsCOMPtr
<nsIURI
> targetBlobOwnerURI
;
2405 auto* basePrin
= BasePrincipal::Cast(targetBlobPrincipal
);
2406 rv
= basePrin
->GetURI(getter_AddRefs(targetBlobOwnerURI
));
2407 if (NS_SUCCEEDED(rv
)) {
2408 targetBaseURI
= targetBlobOwnerURI
;
2412 if (!sourceBaseURI
|| !targetBaseURI
) return false;
2415 nsAutoCString targetScheme
;
2416 bool sameScheme
= false;
2417 if (NS_FAILED(targetBaseURI
->GetScheme(targetScheme
)) ||
2418 NS_FAILED(sourceBaseURI
->SchemeIs(targetScheme
.get(), &sameScheme
)) ||
2420 // Not same-origin if schemes differ
2424 // For file scheme, reject unless the files are identical. See
2425 // NS_RelaxStrictFileOriginPolicy for enforcing file same-origin checking
2426 if (targetScheme
.EqualsLiteral("file")) {
2427 // in traditional unsafe behavior all files are the same origin
2428 if (!aStrictFileOriginPolicy
) return true;
2430 nsCOMPtr
<nsIFileURL
> sourceFileURL(do_QueryInterface(sourceBaseURI
));
2431 nsCOMPtr
<nsIFileURL
> targetFileURL(do_QueryInterface(targetBaseURI
));
2433 if (!sourceFileURL
|| !targetFileURL
) return false;
2435 nsCOMPtr
<nsIFile
> sourceFile
, targetFile
;
2437 sourceFileURL
->GetFile(getter_AddRefs(sourceFile
));
2438 targetFileURL
->GetFile(getter_AddRefs(targetFile
));
2440 if (!sourceFile
|| !targetFile
) return false;
2442 // Otherwise they had better match
2443 bool filesAreEqual
= false;
2444 rv
= sourceFile
->Equals(targetFile
, &filesAreEqual
);
2445 return NS_SUCCEEDED(rv
) && filesAreEqual
;
2448 #if IS_ORIGIN_IS_FULL_SPEC_DEFINED
2450 if (NS_FAILED(NS_URIChainHasFlags(
2451 targetBaseURI
, nsIProtocolHandler::ORIGIN_IS_FULL_SPEC
, &hasFlag
)) ||
2453 // URIs with this flag have the whole spec as a distinct trust
2454 // domain; use the whole spec for comparison
2455 nsAutoCString targetSpec
;
2456 nsAutoCString sourceSpec
;
2457 return (NS_SUCCEEDED(targetBaseURI
->GetSpec(targetSpec
)) &&
2458 NS_SUCCEEDED(sourceBaseURI
->GetSpec(sourceSpec
)) &&
2459 targetSpec
.Equals(sourceSpec
));
2464 nsAutoCString targetHost
;
2465 nsAutoCString sourceHost
;
2466 if (NS_FAILED(targetBaseURI
->GetAsciiHost(targetHost
)) ||
2467 NS_FAILED(sourceBaseURI
->GetAsciiHost(sourceHost
))) {
2471 nsCOMPtr
<nsIStandardURL
> targetURL(do_QueryInterface(targetBaseURI
));
2472 nsCOMPtr
<nsIStandardURL
> sourceURL(do_QueryInterface(sourceBaseURI
));
2473 if (!targetURL
|| !sourceURL
) {
2477 if (!targetHost
.Equals(sourceHost
, nsCaseInsensitiveCStringComparator
)) {
2481 return NS_GetRealPort(targetBaseURI
) == NS_GetRealPort(sourceBaseURI
);
2484 bool NS_URIIsLocalFile(nsIURI
* aURI
) {
2485 nsCOMPtr
<nsINetUtil
> util
= do_GetNetUtil();
2489 NS_SUCCEEDED(util
->ProtocolHasFlags(
2490 aURI
, nsIProtocolHandler::URI_IS_LOCAL_FILE
, &isFile
)) &&
2494 bool NS_RelaxStrictFileOriginPolicy(nsIURI
* aTargetURI
, nsIURI
* aSourceURI
,
2495 bool aAllowDirectoryTarget
/* = false */) {
2496 if (!NS_URIIsLocalFile(aTargetURI
)) {
2497 // This is probably not what the caller intended
2498 MOZ_ASSERT_UNREACHABLE(
2499 "NS_RelaxStrictFileOriginPolicy called with non-file URI");
2503 if (!NS_URIIsLocalFile(aSourceURI
)) {
2504 // If the source is not also a file: uri then forget it
2505 // (don't want resource: principals in a file: doc)
2507 // note: we're not de-nesting jar: uris here, we want to
2508 // keep archive content bottled up in its own little island
2513 // pull out the internal files
2515 nsCOMPtr
<nsIFileURL
> targetFileURL(do_QueryInterface(aTargetURI
));
2516 nsCOMPtr
<nsIFileURL
> sourceFileURL(do_QueryInterface(aSourceURI
));
2517 nsCOMPtr
<nsIFile
> targetFile
;
2518 nsCOMPtr
<nsIFile
> sourceFile
;
2521 // Make sure targetFile is not a directory (bug 209234)
2522 // and that it exists w/out unescaping (bug 395343)
2523 if (!sourceFileURL
|| !targetFileURL
||
2524 NS_FAILED(targetFileURL
->GetFile(getter_AddRefs(targetFile
))) ||
2525 NS_FAILED(sourceFileURL
->GetFile(getter_AddRefs(sourceFile
))) ||
2526 !targetFile
|| !sourceFile
|| NS_FAILED(targetFile
->Normalize()) ||
2527 #ifndef MOZ_WIDGET_ANDROID
2528 NS_FAILED(sourceFile
->Normalize()) ||
2530 (!aAllowDirectoryTarget
&&
2531 (NS_FAILED(targetFile
->IsDirectory(&targetIsDir
)) || targetIsDir
))) {
2538 bool NS_IsInternalSameURIRedirect(nsIChannel
* aOldChannel
,
2539 nsIChannel
* aNewChannel
, uint32_t aFlags
) {
2540 if (!(aFlags
& nsIChannelEventSink::REDIRECT_INTERNAL
)) {
2544 nsCOMPtr
<nsIURI
> oldURI
, newURI
;
2545 aOldChannel
->GetURI(getter_AddRefs(oldURI
));
2546 aNewChannel
->GetURI(getter_AddRefs(newURI
));
2548 if (!oldURI
|| !newURI
) {
2553 return NS_SUCCEEDED(oldURI
->Equals(newURI
, &res
)) && res
;
2556 bool NS_IsHSTSUpgradeRedirect(nsIChannel
* aOldChannel
, nsIChannel
* aNewChannel
,
2558 if (!(aFlags
& nsIChannelEventSink::REDIRECT_STS_UPGRADE
)) {
2562 nsCOMPtr
<nsIURI
> oldURI
, newURI
;
2563 aOldChannel
->GetURI(getter_AddRefs(oldURI
));
2564 aNewChannel
->GetURI(getter_AddRefs(newURI
));
2566 if (!oldURI
|| !newURI
) {
2570 if (!oldURI
->SchemeIs("http")) {
2574 nsCOMPtr
<nsIURI
> upgradedURI
;
2575 nsresult rv
= NS_GetSecureUpgradedURI(oldURI
, getter_AddRefs(upgradedURI
));
2576 if (NS_FAILED(rv
)) {
2581 return NS_SUCCEEDED(upgradedURI
->Equals(newURI
, &res
)) && res
;
2584 bool NS_ShouldRemoveAuthHeaderOnRedirect(nsIChannel
* aOldChannel
,
2585 nsIChannel
* aNewChannel
,
2587 // we need to strip Authentication headers for external cross-origin redirects
2588 // Howerver, we should NOT strip auth headers for
2589 // - internal redirects/HSTS upgrades
2590 // - same origin redirects
2591 // Ref: https://fetch.spec.whatwg.org/#http-redirect-fetch
2592 if ((aFlags
& (nsIChannelEventSink::REDIRECT_STS_UPGRADE
|
2593 nsIChannelEventSink::REDIRECT_INTERNAL
))) {
2594 // this is an internal redirect do not strip auth header
2597 nsCOMPtr
<nsIURI
> oldUri
;
2598 MOZ_ALWAYS_SUCCEEDS(
2599 NS_GetFinalChannelURI(aOldChannel
, getter_AddRefs(oldUri
)));
2601 nsCOMPtr
<nsIURI
> newUri
;
2602 MOZ_ALWAYS_SUCCEEDS(
2603 NS_GetFinalChannelURI(aNewChannel
, getter_AddRefs(newUri
)));
2605 nsresult rv
= nsContentUtils::GetSecurityManager()->CheckSameOriginURI(
2606 newUri
, oldUri
, false, false);
2608 return NS_FAILED(rv
);
2611 nsresult
NS_LinkRedirectChannels(uint64_t channelId
,
2612 nsIParentChannel
* parentChannel
,
2613 nsIChannel
** _result
) {
2614 nsCOMPtr
<nsIRedirectChannelRegistrar
> registrar
=
2615 RedirectChannelRegistrar::GetOrCreate();
2616 MOZ_ASSERT(registrar
);
2618 return registrar
->LinkChannels(channelId
, parentChannel
, _result
);
2621 nsILoadInfo::CrossOriginEmbedderPolicy
2622 NS_GetCrossOriginEmbedderPolicyFromHeader(
2623 const nsACString
& aHeader
, bool aIsOriginTrialCoepCredentiallessEnabled
) {
2624 nsCOMPtr
<nsISFVService
> sfv
= GetSFVService();
2626 nsCOMPtr
<nsISFVItem
> item
;
2627 nsresult rv
= sfv
->ParseItem(aHeader
, getter_AddRefs(item
));
2628 if (NS_FAILED(rv
)) {
2629 return nsILoadInfo::EMBEDDER_POLICY_NULL
;
2632 nsCOMPtr
<nsISFVBareItem
> value
;
2633 rv
= item
->GetValue(getter_AddRefs(value
));
2634 if (NS_FAILED(rv
)) {
2635 return nsILoadInfo::EMBEDDER_POLICY_NULL
;
2638 nsCOMPtr
<nsISFVToken
> token
= do_QueryInterface(value
);
2640 return nsILoadInfo::EMBEDDER_POLICY_NULL
;
2643 nsAutoCString embedderPolicy
;
2644 rv
= token
->GetValue(embedderPolicy
);
2645 if (NS_FAILED(rv
)) {
2646 return nsILoadInfo::EMBEDDER_POLICY_NULL
;
2649 if (embedderPolicy
.EqualsLiteral("require-corp")) {
2650 return nsILoadInfo::EMBEDDER_POLICY_REQUIRE_CORP
;
2651 } else if (embedderPolicy
.EqualsLiteral("credentialless") &&
2652 IsCoepCredentiallessEnabled(
2653 aIsOriginTrialCoepCredentiallessEnabled
)) {
2654 return nsILoadInfo::EMBEDDER_POLICY_CREDENTIALLESS
;
2657 return nsILoadInfo::EMBEDDER_POLICY_NULL
;
2660 /** Given the first (disposition) token from a Content-Disposition header,
2661 * tell whether it indicates the content is inline or attachment
2662 * @param aDispToken the disposition token from the content-disposition header
2664 uint32_t NS_GetContentDispositionFromToken(const nsAString
& aDispToken
) {
2665 // RFC 2183, section 2.8 says that an unknown disposition
2666 // value should be treated as "attachment"
2667 // If all of these tests eval to false, then we have a content-disposition of
2668 // "attachment" or unknown
2669 if (aDispToken
.IsEmpty() || aDispToken
.LowerCaseEqualsLiteral("inline") ||
2670 // Broken sites just send
2671 // Content-Disposition: filename="file"
2672 // without a disposition token... screen those out.
2673 StringHead(aDispToken
, 8).LowerCaseEqualsLiteral("filename")) {
2674 return nsIChannel::DISPOSITION_INLINE
;
2677 return nsIChannel::DISPOSITION_ATTACHMENT
;
2680 uint32_t NS_GetContentDispositionFromHeader(const nsACString
& aHeader
,
2681 nsIChannel
* aChan
/* = nullptr */) {
2683 nsCOMPtr
<nsIMIMEHeaderParam
> mimehdrpar
=
2684 do_GetService(NS_MIMEHEADERPARAM_CONTRACTID
, &rv
);
2685 if (NS_FAILED(rv
)) return nsIChannel::DISPOSITION_ATTACHMENT
;
2687 nsAutoString dispToken
;
2688 rv
= mimehdrpar
->GetParameterHTTP(aHeader
, "", ""_ns
, true, nullptr,
2691 if (NS_FAILED(rv
)) {
2692 // special case (see bug 272541): empty disposition type handled as "inline"
2693 if (rv
== NS_ERROR_FIRST_HEADER_FIELD_COMPONENT_EMPTY
) {
2694 return nsIChannel::DISPOSITION_INLINE
;
2696 return nsIChannel::DISPOSITION_ATTACHMENT
;
2699 return NS_GetContentDispositionFromToken(dispToken
);
2702 nsresult
NS_GetFilenameFromDisposition(nsAString
& aFilename
,
2703 const nsACString
& aDisposition
) {
2704 aFilename
.Truncate();
2707 nsCOMPtr
<nsIMIMEHeaderParam
> mimehdrpar
=
2708 do_GetService(NS_MIMEHEADERPARAM_CONTRACTID
, &rv
);
2709 if (NS_FAILED(rv
)) return rv
;
2711 // Get the value of 'filename' parameter
2712 rv
= mimehdrpar
->GetParameterHTTP(aDisposition
, "filename", ""_ns
, true,
2713 nullptr, aFilename
);
2715 if (NS_FAILED(rv
)) {
2716 aFilename
.Truncate();
2720 if (aFilename
.IsEmpty()) return NS_ERROR_NOT_AVAILABLE
;
2722 // Filename may still be percent-encoded. Fix:
2723 if (aFilename
.FindChar('%') != -1) {
2724 nsCOMPtr
<nsITextToSubURI
> textToSubURI
=
2725 do_GetService(NS_ITEXTTOSUBURI_CONTRACTID
, &rv
);
2726 if (NS_SUCCEEDED(rv
)) {
2727 nsAutoString unescaped
;
2728 textToSubURI
->UnEscapeURIForUI(NS_ConvertUTF16toUTF8(aFilename
),
2729 /* dontEscape = */ true, unescaped
);
2730 aFilename
.Assign(unescaped
);
2737 void net_EnsurePSMInit() {
2738 if (XRE_IsSocketProcess()) {
2739 EnsureNSSInitializedChromeOrContent();
2743 MOZ_ASSERT(XRE_IsParentProcess());
2744 MOZ_ASSERT(NS_IsMainThread());
2746 DebugOnly
<bool> rv
= EnsureNSSInitializedChromeOrContent();
2750 bool NS_IsAboutBlank(nsIURI
* uri
) {
2751 // GetSpec can be expensive for some URIs, so check the scheme first.
2752 if (!uri
->SchemeIs("about")) {
2757 if (NS_FAILED(uri
->GetSpec(spec
))) {
2761 return spec
.EqualsLiteral("about:blank");
2764 bool NS_IsAboutSrcdoc(nsIURI
* uri
) {
2765 // GetSpec can be expensive for some URIs, so check the scheme first.
2766 if (!uri
->SchemeIs("about")) {
2771 if (NS_FAILED(uri
->GetSpec(spec
))) {
2775 return spec
.EqualsLiteral("about:srcdoc");
2778 nsresult
NS_GenerateHostPort(const nsCString
& host
, int32_t port
,
2779 nsACString
& hostLine
) {
2780 if (strchr(host
.get(), ':')) {
2781 // host is an IPv6 address literal and must be encapsulated in []'s
2782 hostLine
.Assign('[');
2783 // scope id is not needed for Host header.
2784 int scopeIdPos
= host
.FindChar('%');
2785 if (scopeIdPos
== -1) {
2786 hostLine
.Append(host
);
2787 } else if (scopeIdPos
> 0) {
2788 hostLine
.Append(Substring(host
, 0, scopeIdPos
));
2790 return NS_ERROR_MALFORMED_URI
;
2792 hostLine
.Append(']');
2794 hostLine
.Assign(host
);
2797 hostLine
.Append(':');
2798 hostLine
.AppendInt(port
);
2803 void NS_SniffContent(const char* aSnifferType
, nsIRequest
* aRequest
,
2804 const uint8_t* aData
, uint32_t aLength
,
2805 nsACString
& aSniffedType
) {
2806 using ContentSnifferCache
= nsCategoryCache
<nsIContentSniffer
>;
2807 extern ContentSnifferCache
* gNetSniffers
;
2808 extern ContentSnifferCache
* gDataSniffers
;
2809 extern ContentSnifferCache
* gORBSniffers
;
2810 extern ContentSnifferCache
* gNetAndORBSniffers
;
2811 ContentSnifferCache
* cache
= nullptr;
2812 if (!strcmp(aSnifferType
, NS_CONTENT_SNIFFER_CATEGORY
)) {
2813 if (!gNetSniffers
) {
2814 gNetSniffers
= new ContentSnifferCache(NS_CONTENT_SNIFFER_CATEGORY
);
2816 cache
= gNetSniffers
;
2817 } else if (!strcmp(aSnifferType
, NS_DATA_SNIFFER_CATEGORY
)) {
2818 if (!gDataSniffers
) {
2819 gDataSniffers
= new ContentSnifferCache(NS_DATA_SNIFFER_CATEGORY
);
2821 cache
= gDataSniffers
;
2822 } else if (!strcmp(aSnifferType
, NS_ORB_SNIFFER_CATEGORY
)) {
2823 if (!gORBSniffers
) {
2824 gORBSniffers
= new ContentSnifferCache(NS_ORB_SNIFFER_CATEGORY
);
2826 cache
= gORBSniffers
;
2827 } else if (!strcmp(aSnifferType
, NS_CONTENT_AND_ORB_SNIFFER_CATEGORY
)) {
2828 if (!gNetAndORBSniffers
) {
2829 gNetAndORBSniffers
=
2830 new ContentSnifferCache(NS_CONTENT_AND_ORB_SNIFFER_CATEGORY
);
2832 cache
= gNetAndORBSniffers
;
2834 // Invalid content sniffer type was requested
2839 // In case XCTO nosniff was present, we could just skip sniffing here
2840 nsCOMPtr
<nsIChannel
> channel
= do_QueryInterface(aRequest
);
2842 nsCOMPtr
<nsILoadInfo
> loadInfo
= channel
->LoadInfo();
2843 if (loadInfo
->GetSkipContentSniffing()) {
2845 * We cannot skip snffing if the current MIME-Type might be a JSON.
2846 * The JSON-Viewer relies on its own sniffer to determine, if it can
2847 * render the page, so we need to make an exception if the Server provides
2848 * a application/ mime, as it might be json.
2850 nsAutoCString currentContentType
;
2851 channel
->GetContentType(currentContentType
);
2852 if (!StringBeginsWith(currentContentType
, "application/"_ns
)) {
2857 nsCOMArray
<nsIContentSniffer
> sniffers
;
2858 cache
->GetEntries(sniffers
);
2859 for (int32_t i
= 0; i
< sniffers
.Count(); ++i
) {
2860 nsresult rv
= sniffers
[i
]->GetMIMETypeFromContent(aRequest
, aData
, aLength
,
2862 if (NS_SUCCEEDED(rv
) && !aSniffedType
.IsEmpty()) {
2867 aSniffedType
.Truncate();
2870 bool NS_IsSrcdocChannel(nsIChannel
* aChannel
) {
2872 nsCOMPtr
<nsIInputStreamChannel
> isr
= do_QueryInterface(aChannel
);
2874 isr
->GetIsSrcdocChannel(&isSrcdoc
);
2877 nsCOMPtr
<nsIViewSourceChannel
> vsc
= do_QueryInterface(aChannel
);
2879 nsresult rv
= vsc
->GetIsSrcdocChannel(&isSrcdoc
);
2880 if (NS_SUCCEEDED(rv
)) {
2887 // helper function for NS_ShouldSecureUpgrade for checking HSTS
2888 bool handleResultFunc(bool aAllowSTS
, bool aIsStsHost
) {
2890 LOG(("nsHttpChannel::Connect() STS permissions found\n"));
2892 Telemetry::AccumulateCategorical(
2893 Telemetry::LABELS_HTTP_SCHEME_UPGRADE_TYPE::STS
);
2896 Telemetry::AccumulateCategorical(
2897 Telemetry::LABELS_HTTP_SCHEME_UPGRADE_TYPE::PrefBlockedSTS
);
2899 Telemetry::AccumulateCategorical(
2900 Telemetry::LABELS_HTTP_SCHEME_UPGRADE_TYPE::NoReasonToUpgrade
);
2904 // That function is a helper function of NS_ShouldSecureUpgrade to check if
2905 // CSP upgrade-insecure-requests, Mixed content auto upgrading or HTTPs-Only/-
2906 // First should upgrade the given request.
2907 static bool ShouldSecureUpgradeNoHSTS(nsIURI
* aURI
, nsILoadInfo
* aLoadInfo
) {
2908 // 2. CSP upgrade-insecure-requests
2909 if (aLoadInfo
->GetUpgradeInsecureRequests()) {
2910 // let's log a message to the console that we are upgrading a request
2911 nsAutoCString scheme
;
2912 aURI
->GetScheme(scheme
);
2913 // append the additional 's' for security to the scheme :-)
2914 scheme
.AppendLiteral("s");
2915 NS_ConvertUTF8toUTF16
reportSpec(aURI
->GetSpecOrDefault());
2916 NS_ConvertUTF8toUTF16
reportScheme(scheme
);
2917 AutoTArray
<nsString
, 2> params
= {reportSpec
, reportScheme
};
2918 uint64_t innerWindowId
= aLoadInfo
->GetInnerWindowID();
2919 CSP_LogLocalizedStr("upgradeInsecureRequest", params
,
2920 u
""_ns
, // aSourceFile
2921 u
""_ns
, // aScriptSample
2924 nsIScriptError::warningFlag
,
2925 "upgradeInsecureRequest"_ns
, innerWindowId
,
2926 !!aLoadInfo
->GetOriginAttributes().mPrivateBrowsingId
);
2927 Telemetry::AccumulateCategorical(
2928 Telemetry::LABELS_HTTP_SCHEME_UPGRADE_TYPE::CSP
);
2931 // 3. Mixed content auto upgrading
2932 if (aLoadInfo
->GetBrowserUpgradeInsecureRequests()) {
2933 // let's log a message to the console that we are upgrading a request
2934 nsAutoCString scheme
;
2935 aURI
->GetScheme(scheme
);
2936 // append the additional 's' for security to the scheme :-)
2937 scheme
.AppendLiteral("s");
2938 NS_ConvertUTF8toUTF16
reportSpec(aURI
->GetSpecOrDefault());
2939 NS_ConvertUTF8toUTF16
reportScheme(scheme
);
2940 AutoTArray
<nsString
, 2> params
= {reportSpec
, reportScheme
};
2942 nsAutoString localizedMsg
;
2943 nsContentUtils::FormatLocalizedString(nsContentUtils::eSECURITY_PROPERTIES
,
2944 "MixedContentAutoUpgrade", params
,
2947 // Prepending ixed Content to the outgoing console message
2949 message
.AppendLiteral(u
"Mixed Content: ");
2950 message
.Append(localizedMsg
);
2952 uint64_t innerWindowId
= aLoadInfo
->GetInnerWindowID();
2953 nsContentUtils::ReportToConsoleByWindowID(
2954 message
, nsIScriptError::warningFlag
, "Mixed Content Message"_ns
,
2955 innerWindowId
, aURI
);
2957 // Set this flag so we know we'll upgrade because of
2958 // 'security.mixed_content.upgrade_display_content'.
2959 aLoadInfo
->SetBrowserDidUpgradeInsecureRequests(true);
2960 Telemetry::AccumulateCategorical(
2961 Telemetry::LABELS_HTTP_SCHEME_UPGRADE_TYPE::BrowserDisplay
);
2967 if (nsHTTPSOnlyUtils::ShouldUpgradeRequest(aURI
, aLoadInfo
)) {
2968 Telemetry::AccumulateCategorical(
2969 Telemetry::LABELS_HTTP_SCHEME_UPGRADE_TYPE::HTTPSOnly
);
2973 if (nsHTTPSOnlyUtils::ShouldUpgradeHttpsFirstRequest(aURI
, aLoadInfo
)) {
2974 Telemetry::AccumulateCategorical(
2975 Telemetry::LABELS_HTTP_SCHEME_UPGRADE_TYPE::HTTPSFirst
);
2981 // Check if channel should be upgraded. check in the following order:
2983 // 2. CSP upgrade-insecure-requests
2984 // 3. Mixed content auto upgrading
2985 // 4. Https-Only / first
2986 // (5. Https RR - will be checked in nsHttpChannel)
2987 nsresult
NS_ShouldSecureUpgrade(
2988 nsIURI
* aURI
, nsILoadInfo
* aLoadInfo
, nsIPrincipal
* aChannelResultPrincipal
,
2989 bool aAllowSTS
, const OriginAttributes
& aOriginAttributes
,
2990 bool& aShouldUpgrade
, std::function
<void(bool, nsresult
)>&& aResultCallback
,
2991 bool& aWillCallback
) {
2992 MOZ_ASSERT(XRE_IsParentProcess());
2993 if (!XRE_IsParentProcess()) {
2994 return NS_ERROR_NOT_AVAILABLE
;
2997 aWillCallback
= false;
2998 aShouldUpgrade
= false;
3000 // Even if we're in private browsing mode, we still enforce existing STS
3001 // data (it is read-only).
3002 // if the connection is not using SSL and either the exact host matches or
3003 // a superdomain wants to force HTTPS, do it.
3004 bool isHttps
= aURI
->SchemeIs("https");
3006 // If request is https, then there is nothing to do here.
3008 Telemetry::AccumulateCategorical(
3009 Telemetry::LABELS_HTTP_SCHEME_UPGRADE_TYPE::AlreadyHTTPS
);
3010 aShouldUpgrade
= false;
3013 // If it is a mixed content trustworthy loopback, then we shouldn't upgrade
3015 if (nsMixedContentBlocker::IsPotentiallyTrustworthyLoopbackURL(aURI
)) {
3016 aShouldUpgrade
= false;
3019 // If no loadInfo exist there is nothing to upgrade here.
3021 aShouldUpgrade
= false;
3024 MOZ_ASSERT(!aURI
->SchemeIs("https"));
3026 // enforce Strict-Transport-Security
3027 nsISiteSecurityService
* sss
= gHttpHandler
->GetSSService();
3028 NS_ENSURE_TRUE(sss
, NS_ERROR_OUT_OF_MEMORY
);
3030 bool isStsHost
= false;
3031 // Calling |IsSecureURI| before the storage is ready to read will
3032 // block the main thread. Once the storage is ready, we can call it
3033 // from main thread.
3034 static Atomic
<bool, Relaxed
> storageReady(false);
3035 if (!storageReady
&& gSocketTransportService
&& aResultCallback
) {
3036 nsCOMPtr
<nsILoadInfo
> loadInfo
= aLoadInfo
;
3037 nsCOMPtr
<nsIURI
> uri
= aURI
;
3038 auto callbackWrapper
= [resultCallback
{std::move(aResultCallback
)}, uri
,
3039 loadInfo
](bool aShouldUpgrade
, nsresult aStatus
) {
3040 MOZ_ASSERT(NS_IsMainThread());
3043 if (aShouldUpgrade
|| NS_FAILED(aStatus
)) {
3044 resultCallback(aShouldUpgrade
, aStatus
);
3047 // Check if we need to upgrade because of other reasons.
3048 // 2. CSP upgrade-insecure-requests
3049 // 3. Mixed content auto upgrading
3050 // 4. Https-Only / first
3051 bool shouldUpgrade
= ShouldSecureUpgradeNoHSTS(uri
, loadInfo
);
3052 resultCallback(shouldUpgrade
, aStatus
);
3054 nsCOMPtr
<nsISiteSecurityService
> service
= sss
;
3055 nsresult rv
= gSocketTransportService
->Dispatch(
3056 NS_NewRunnableFunction(
3057 "net::NS_ShouldSecureUpgrade",
3058 [service
{std::move(service
)}, uri
{std::move(uri
)},
3059 originAttributes(aOriginAttributes
),
3060 handleResultFunc
{std::move(handleResultFunc
)},
3061 callbackWrapper
{std::move(callbackWrapper
)},
3062 allowSTS
{std::move(aAllowSTS
)}]() mutable {
3063 bool isStsHost
= false;
3065 service
->IsSecureURI(uri
, originAttributes
, &isStsHost
);
3067 // Successfully get the result from |IsSecureURI| implies that
3068 // the storage is ready to read.
3069 storageReady
= NS_SUCCEEDED(rv
);
3070 bool shouldUpgrade
= handleResultFunc(allowSTS
, isStsHost
);
3071 // Check if request should be upgraded.
3072 NS_DispatchToMainThread(NS_NewRunnableFunction(
3073 "net::NS_ShouldSecureUpgrade::ResultCallback",
3075 callbackWrapper
{std::move(callbackWrapper
)}]() {
3076 callbackWrapper(shouldUpgrade
, rv
);
3079 NS_DISPATCH_NORMAL
);
3080 aWillCallback
= NS_SUCCEEDED(rv
);
3084 nsresult rv
= sss
->IsSecureURI(aURI
, aOriginAttributes
, &isStsHost
);
3086 // if the SSS check fails, it's likely because this load is on a
3087 // malformed URI or something else in the setup is wrong, so any error
3088 // should be reported.
3089 NS_ENSURE_SUCCESS(rv
, rv
);
3091 aShouldUpgrade
= handleResultFunc(aAllowSTS
, isStsHost
);
3092 if (!aShouldUpgrade
) {
3093 // Check for CSP upgrade-insecure-requests, Mixed content auto upgrading
3094 // and Https-Only / -First.
3095 aShouldUpgrade
= ShouldSecureUpgradeNoHSTS(aURI
, aLoadInfo
);
3100 nsresult
NS_GetSecureUpgradedURI(nsIURI
* aURI
, nsIURI
** aUpgradedURI
) {
3101 NS_MutateURI
mutator(aURI
);
3102 mutator
.SetScheme("https"_ns
); // Change the scheme to HTTPS:
3104 // Change the default port to 443:
3105 nsCOMPtr
<nsIStandardURL
> stdURL
= do_QueryInterface(aURI
);
3107 mutator
.Apply(&nsIStandardURLMutator::SetDefaultPort
, 443, nullptr);
3109 // If we don't have a nsStandardURL, fall back to using GetPort/SetPort.
3110 // XXXdholbert Is this function even called with a non-nsStandardURL arg,
3112 NS_WARNING("Calling NS_GetSecureUpgradedURI for non nsStandardURL");
3113 int32_t oldPort
= -1;
3114 nsresult rv
= aURI
->GetPort(&oldPort
);
3115 if (NS_FAILED(rv
)) return rv
;
3117 // Keep any nonstandard ports so only the scheme is changed.
3119 // http://foo.com:80 -> https://foo.com:443
3120 // http://foo.com:81 -> https://foo.com:81
3122 if (oldPort
== 80 || oldPort
== -1) {
3123 mutator
.SetPort(-1);
3125 mutator
.SetPort(oldPort
);
3129 return mutator
.Finalize(aUpgradedURI
);
3132 nsresult
NS_CompareLoadInfoAndLoadContext(nsIChannel
* aChannel
) {
3133 nsCOMPtr
<nsILoadInfo
> loadInfo
= aChannel
->LoadInfo();
3135 nsCOMPtr
<nsILoadContext
> loadContext
;
3136 NS_QueryNotificationCallbacks(aChannel
, loadContext
);
3141 // We try to skip about:newtab.
3142 // about:newtab will use SystemPrincipal to download thumbnails through
3143 // https:// and blob URLs.
3144 bool isAboutPage
= false;
3145 nsINode
* node
= loadInfo
->LoadingNode();
3147 nsIURI
* uri
= node
->OwnerDoc()->GetDocumentURI();
3148 isAboutPage
= uri
->SchemeIs("about");
3155 // We skip the favicon loading here. The favicon loading might be
3156 // triggered by the XUL image. For that case, the loadContext will have
3157 // default originAttributes since the XUL image uses SystemPrincipal, but
3158 // the loadInfo will use originAttributes from the content. Thus, the
3159 // originAttributes between loadInfo and loadContext will be different.
3160 // That's why we have to skip the comparison for the favicon loading.
3161 if (loadInfo
->GetLoadingPrincipal() &&
3162 loadInfo
->GetLoadingPrincipal()->IsSystemPrincipal() &&
3163 loadInfo
->InternalContentPolicyType() ==
3164 nsIContentPolicy::TYPE_INTERNAL_IMAGE_FAVICON
) {
3168 OriginAttributes originAttrsLoadInfo
= loadInfo
->GetOriginAttributes();
3169 OriginAttributes originAttrsLoadContext
;
3170 loadContext
->GetOriginAttributes(originAttrsLoadContext
);
3173 ("NS_CompareLoadInfoAndLoadContext - loadInfo: %d, %d; "
3174 "loadContext: %d, %d. [channel=%p]",
3175 originAttrsLoadInfo
.mUserContextId
,
3176 originAttrsLoadInfo
.mPrivateBrowsingId
,
3177 originAttrsLoadContext
.mUserContextId
,
3178 originAttrsLoadContext
.mPrivateBrowsingId
, aChannel
));
3180 MOZ_ASSERT(originAttrsLoadInfo
.mUserContextId
==
3181 originAttrsLoadContext
.mUserContextId
,
3182 "The value of mUserContextId in the loadContext and in the "
3183 "loadInfo are not the same!");
3185 MOZ_ASSERT(originAttrsLoadInfo
.mPrivateBrowsingId
==
3186 originAttrsLoadContext
.mPrivateBrowsingId
,
3187 "The value of mPrivateBrowsingId in the loadContext and in the "
3188 "loadInfo are not the same!");
3193 nsresult
NS_SetRequestBlockingReason(nsIChannel
* channel
, uint32_t reason
) {
3194 NS_ENSURE_ARG(channel
);
3196 nsCOMPtr
<nsILoadInfo
> loadInfo
= channel
->LoadInfo();
3197 return NS_SetRequestBlockingReason(loadInfo
, reason
);
3200 nsresult
NS_SetRequestBlockingReason(nsILoadInfo
* loadInfo
, uint32_t reason
) {
3201 NS_ENSURE_ARG(loadInfo
);
3203 return loadInfo
->SetRequestBlockingReason(reason
);
3206 nsresult
NS_SetRequestBlockingReasonIfNull(nsILoadInfo
* loadInfo
,
3208 NS_ENSURE_ARG(loadInfo
);
3210 uint32_t existingReason
;
3211 if (NS_SUCCEEDED(loadInfo
->GetRequestBlockingReason(&existingReason
)) &&
3212 existingReason
!= nsILoadInfo::BLOCKING_REASON_NONE
) {
3216 return loadInfo
->SetRequestBlockingReason(reason
);
3219 bool NS_IsOffline() {
3220 bool offline
= true;
3221 bool connectivity
= true;
3222 nsCOMPtr
<nsIIOService
> ios
= do_GetIOService();
3224 ios
->GetOffline(&offline
);
3225 ios
->GetConnectivity(&connectivity
);
3227 return offline
|| !connectivity
;
3231 * This function returns true if this channel should be classified by
3232 * the URL Classifier, false otherwise.
3234 * The idea of the algorithm to determine if a channel should be
3235 * classified is based on:
3236 * 1. Channels created by non-privileged code should be classified.
3237 * 2. Top-level document’s channels, if loaded by privileged code
3238 * (system principal), should be classified.
3239 * 3. Any other channel, created by privileged code, is considered safe.
3241 * A bad/hacked/corrupted safebrowsing database, plus a mistakenly
3242 * classified critical channel (this may result from a bug in the exemption
3243 * rules or incorrect information being passed into) can cause serious
3244 * problems. For example, if the updater channel is classified and blocked
3245 * by the Safe Browsing, Firefox can't update itself, and there is no way to
3246 * recover from that.
3248 * So two safeguards are added to ensure critical channels are never
3249 * automatically classified either because there is a bug in the algorithm
3250 * or the data in loadinfo is wrong.
3251 * 1. beConservative, this is set by ServiceRequest and we treat
3252 * channel created for ServiceRequest as critical channels.
3253 * 2. nsIChannel::LOAD_BYPASS_URL_CLASSIFIER, channel's opener can use this
3254 * flag to enforce bypassing the URL classifier check.
3256 bool NS_ShouldClassifyChannel(nsIChannel
* aChannel
) {
3257 nsLoadFlags loadFlags
;
3258 Unused
<< aChannel
->GetLoadFlags(&loadFlags
);
3259 // If our load flags dictate that we must let this channel through without
3260 // URL classification, obey that here without performing more checks.
3261 if (loadFlags
& nsIChannel::LOAD_BYPASS_URL_CLASSIFIER
) {
3265 nsCOMPtr
<nsIHttpChannelInternal
> httpChannel(do_QueryInterface(aChannel
));
3267 bool beConservative
;
3268 nsresult rv
= httpChannel
->GetBeConservative(&beConservative
);
3270 // beConservative flag, set by ServiceRequest to ensure channels that
3271 // fetch update use conservative TLS setting, are used here to identify
3272 // channels are critical to bypass classification. for channels don't
3273 // support beConservative, continue to apply the exemption rules.
3274 if (NS_SUCCEEDED(rv
) && beConservative
) {
3279 nsCOMPtr
<nsILoadInfo
> loadInfo
= aChannel
->LoadInfo();
3280 ExtContentPolicyType type
= loadInfo
->GetExternalContentPolicyType();
3281 // Skip classifying channel triggered by system unless it is a top-level
3283 return !(loadInfo
->TriggeringPrincipal()->IsSystemPrincipal() &&
3284 ExtContentPolicy::TYPE_DOCUMENT
!= type
);
3290 bool InScriptableRange(int64_t val
) {
3291 return (val
<= kJS_MAX_SAFE_INTEGER
) && (val
>= kJS_MIN_SAFE_INTEGER
);
3294 bool InScriptableRange(uint64_t val
) { return val
<= kJS_MAX_SAFE_UINTEGER
; }
3296 nsresult
GetParameterHTTP(const nsACString
& aHeaderVal
, const char* aParamName
,
3297 nsAString
& aResult
) {
3298 return nsMIMEHeaderParamImpl::GetParameterHTTP(aHeaderVal
, aParamName
,
3302 bool ChannelIsPost(nsIChannel
* aChannel
) {
3303 if (nsCOMPtr
<nsIHttpChannel
> httpChannel
= do_QueryInterface(aChannel
)) {
3304 nsAutoCString method
;
3305 Unused
<< httpChannel
->GetRequestMethod(method
);
3306 return method
.EqualsLiteral("POST");
3311 bool SchemeIsHTTP(nsIURI
* aURI
) {
3313 return aURI
->SchemeIs("http");
3316 bool SchemeIsHTTPS(nsIURI
* aURI
) {
3318 return aURI
->SchemeIs("https");
3321 bool SchemeIsJavascript(nsIURI
* aURI
) {
3323 return aURI
->SchemeIs("javascript");
3326 bool SchemeIsChrome(nsIURI
* aURI
) {
3328 return aURI
->SchemeIs("chrome");
3331 bool SchemeIsAbout(nsIURI
* aURI
) {
3333 return aURI
->SchemeIs("about");
3336 bool SchemeIsBlob(nsIURI
* aURI
) {
3338 return aURI
->SchemeIs("blob");
3341 bool SchemeIsFile(nsIURI
* aURI
) {
3343 return aURI
->SchemeIs("file");
3346 bool SchemeIsData(nsIURI
* aURI
) {
3348 return aURI
->SchemeIs("data");
3351 bool SchemeIsViewSource(nsIURI
* aURI
) {
3353 return aURI
->SchemeIs("view-source");
3356 bool SchemeIsResource(nsIURI
* aURI
) {
3358 return aURI
->SchemeIs("resource");
3361 bool SchemeIsFTP(nsIURI
* aURI
) {
3363 return aURI
->SchemeIs("ftp");
3366 bool SchemeIsSpecial(const nsACString
& aScheme
) {
3367 // See https://url.spec.whatwg.org/#special-scheme
3368 return aScheme
.EqualsIgnoreCase("ftp") || aScheme
.EqualsIgnoreCase("file") ||
3369 aScheme
.EqualsIgnoreCase("http") ||
3370 aScheme
.EqualsIgnoreCase("https") || aScheme
.EqualsIgnoreCase("ws") ||
3371 aScheme
.EqualsIgnoreCase("wss");
3374 bool IsSchemeChangePermitted(nsIURI
* aOldURI
, const nsACString
& newScheme
) {
3375 // See step 2.1 in https://url.spec.whatwg.org/#special-scheme
3376 // Note: The spec text uses "buffer" instead of newScheme, and "url"
3377 MOZ_ASSERT(aOldURI
);
3380 nsresult rv
= aOldURI
->GetScheme(tmp
);
3381 // If url's scheme is a special scheme and buffer is not a
3382 // special scheme, then return.
3383 // If url's scheme is not a special scheme and buffer is a
3384 // special scheme, then return.
3385 if (NS_FAILED(rv
) || SchemeIsSpecial(tmp
) != SchemeIsSpecial(newScheme
)) {
3389 // If url's scheme is "file" and its host is an empty host, then return.
3390 if (aOldURI
->SchemeIs("file")) {
3391 rv
= aOldURI
->GetHost(tmp
);
3392 if (NS_FAILED(rv
) || tmp
.IsEmpty()) {
3397 // URL Spec: If url includes credentials or has a non-null port, and
3398 // buffer is "file", then return.
3399 if (newScheme
.EqualsIgnoreCase("file")) {
3401 if (NS_FAILED(aOldURI
->GetHasUserPass(&hasUserPass
)) || hasUserPass
) {
3405 rv
= aOldURI
->GetPort(&port
);
3406 if (NS_FAILED(rv
) || port
!= -1) {
3414 already_AddRefed
<nsIURI
> TryChangeProtocol(nsIURI
* aURI
,
3415 const nsAString
& aProtocol
) {
3418 nsAString::const_iterator start
;
3419 aProtocol
.BeginReading(start
);
3421 nsAString::const_iterator end
;
3422 aProtocol
.EndReading(end
);
3424 nsAString::const_iterator
iter(start
);
3425 FindCharInReadable(':', iter
, end
);
3427 // Changing the protocol of a URL, changes the "nature" of the URI
3428 // implementation. In order to do this properly, we have to serialize the
3429 // existing URL and reparse it in a new object.
3430 nsCOMPtr
<nsIURI
> clone
;
3431 nsresult rv
= NS_MutateURI(aURI
)
3432 .SetScheme(NS_ConvertUTF16toUTF8(Substring(start
, iter
)))
3434 if (NS_WARN_IF(NS_FAILED(rv
))) {
3438 if (StaticPrefs::network_url_strict_protocol_setter()) {
3439 nsAutoCString newScheme
;
3440 rv
= clone
->GetScheme(newScheme
);
3441 if (NS_FAILED(rv
) || !net::IsSchemeChangePermitted(aURI
, newScheme
)) {
3443 Unused
<< clone
->GetSpec(url
);
3444 AutoTArray
<nsString
, 2> params
;
3445 params
.AppendElement(NS_ConvertUTF8toUTF16(url
));
3446 params
.AppendElement(NS_ConvertUTF8toUTF16(newScheme
));
3447 nsContentUtils::ReportToConsole(
3448 nsIScriptError::warningFlag
, "Strict Url Protocol Setter"_ns
, nullptr,
3449 nsContentUtils::eNECKO_PROPERTIES
, "StrictUrlProtocolSetter", params
);
3455 rv
= clone
->GetSpec(href
);
3456 if (NS_WARN_IF(NS_FAILED(rv
))) {
3461 rv
= NS_NewURI(getter_AddRefs(uri
), href
);
3462 if (NS_WARN_IF(NS_FAILED(rv
))) {
3465 return uri
.forget();
3468 // Decode a parameter value using the encoding defined in RFC 5987 (in place)
3470 // charset "'" [ language ] "'" value-chars
3472 // returns true when decoding happened successfully (otherwise leaves
3473 // passed value alone)
3474 static bool Decode5987Format(nsAString
& aEncoded
) {
3476 nsCOMPtr
<nsIMIMEHeaderParam
> mimehdrpar
=
3477 do_GetService(NS_MIMEHEADERPARAM_CONTRACTID
, &rv
);
3478 if (NS_FAILED(rv
)) return false;
3480 nsAutoCString asciiValue
;
3482 const char16_t
* encstart
= aEncoded
.BeginReading();
3483 const char16_t
* encend
= aEncoded
.EndReading();
3485 // create a plain ASCII string, aborting if we can't do that
3486 // converted form is always shorter than input
3487 while (encstart
!= encend
) {
3488 if (*encstart
> 0 && *encstart
< 128) {
3489 asciiValue
.Append((char)*encstart
);
3496 nsAutoString decoded
;
3497 nsAutoCString language
;
3499 rv
= mimehdrpar
->DecodeRFC5987Param(asciiValue
, language
, decoded
);
3500 if (NS_FAILED(rv
)) return false;
3506 LinkHeader::LinkHeader() { mCrossOrigin
.SetIsVoid(true); }
3508 void LinkHeader::Reset() {
3513 mIntegrity
.Truncate();
3519 mCrossOrigin
.Truncate();
3520 mReferrerPolicy
.Truncate();
3522 mCrossOrigin
.SetIsVoid(true);
3523 mFetchPriority
.Truncate();
3526 nsresult
LinkHeader::NewResolveHref(nsIURI
** aOutURI
, nsIURI
* aBaseURI
) const {
3527 if (mAnchor
.IsEmpty()) {
3529 return NS_NewURI(aOutURI
, mHref
, nullptr, aBaseURI
);
3532 // compute the anchored URI
3533 nsCOMPtr
<nsIURI
> anchoredURI
;
3535 NS_NewURI(getter_AddRefs(anchoredURI
), mAnchor
, nullptr, aBaseURI
);
3536 NS_ENSURE_SUCCESS(rv
, rv
);
3538 return NS_NewURI(aOutURI
, mHref
, nullptr, anchoredURI
);
3541 bool LinkHeader::operator==(const LinkHeader
& rhs
) const {
3542 return mHref
== rhs
.mHref
&& mRel
== rhs
.mRel
&& mTitle
== rhs
.mTitle
&&
3543 mNonce
== rhs
.mNonce
&& mIntegrity
== rhs
.mIntegrity
&&
3544 mSrcset
== rhs
.mSrcset
&& mSizes
== rhs
.mSizes
&& mType
== rhs
.mType
&&
3545 mMedia
== rhs
.mMedia
&& mAnchor
== rhs
.mAnchor
&&
3546 mCrossOrigin
== rhs
.mCrossOrigin
&&
3547 mReferrerPolicy
== rhs
.mReferrerPolicy
&& mAs
== rhs
.mAs
&&
3548 mFetchPriority
== rhs
.mFetchPriority
;
3551 constexpr auto kTitleStar
= "title*"_ns
;
3553 nsTArray
<LinkHeader
> ParseLinkHeader(const nsAString
& aLinkData
) {
3554 nsTArray
<LinkHeader
> linkHeaders
;
3556 // keep track where we are within the header field
3557 bool seenParameters
= false;
3559 // parse link content and add to array
3561 nsAutoString titleStar
;
3563 // copy to work buffer
3564 nsAutoString
stringList(aLinkData
);
3566 // put an extra null at the end
3567 stringList
.Append(kNullCh
);
3569 char16_t
* start
= stringList
.BeginWriting();
3571 while (*start
!= kNullCh
) {
3572 // parse link content and call process style link
3574 // skip leading space
3575 while ((*start
!= kNullCh
) && nsCRT::IsAsciiSpace(*start
)) {
3579 char16_t
* end
= start
;
3580 char16_t
* last
= end
- 1;
3582 bool wasQuotedString
= false;
3584 // look for semicolon or comma
3585 while (*end
!= kNullCh
&& *end
!= kSemicolon
&& *end
!= kComma
) {
3588 if (ch
== kQuote
|| ch
== kLessThan
) {
3591 char16_t quote
= ch
;
3592 if (quote
== kLessThan
) {
3593 quote
= kGreaterThan
;
3596 wasQuotedString
= (ch
== kQuote
);
3598 char16_t
* closeQuote
= (end
+ 1);
3600 // seek closing quote
3601 while (*closeQuote
!= kNullCh
&& quote
!= *closeQuote
) {
3602 // in quoted-string, "\" is an escape character
3603 if (wasQuotedString
&& *closeQuote
== kBackSlash
&&
3604 *(closeQuote
+ 1) != kNullCh
) {
3611 if (quote
== *closeQuote
) {
3614 // skip to close quote
3621 if (ch
!= kNullCh
&& ch
!= kSemicolon
&& ch
!= kComma
) {
3627 // keep going until semi or comma
3628 while (ch
!= kNullCh
&& ch
!= kSemicolon
&& ch
!= kComma
) {
3641 char16_t endCh
= *end
;
3647 if ((*start
== kLessThan
) && (*last
== kGreaterThan
)) {
3650 // first instance of <...> wins
3651 // also, do not allow hrefs after the first param was seen
3652 if (header
.mHref
.IsEmpty() && !seenParameters
) {
3653 header
.mHref
= (start
+ 1);
3654 header
.mHref
.StripWhitespace();
3657 char16_t
* equals
= start
;
3658 seenParameters
= true;
3660 while ((*equals
!= kNullCh
) && (*equals
!= kEqual
)) {
3664 const bool hadEquals
= *equals
!= kNullCh
;
3666 nsAutoString
attr(start
);
3667 attr
.StripWhitespace();
3669 char16_t
* value
= hadEquals
? ++equals
: equals
;
3670 while (nsCRT::IsAsciiSpace(*value
)) {
3674 if ((*value
== kQuote
) && (*value
== *last
)) {
3679 if (wasQuotedString
) {
3680 // unescape in-place
3681 char16_t
* unescaped
= value
;
3682 char16_t
* src
= value
;
3684 while (*src
!= kNullCh
) {
3685 if (*src
== kBackSlash
&& *(src
+ 1) != kNullCh
) {
3688 *unescaped
++ = *src
++;
3691 *unescaped
= kNullCh
;
3694 if (attr
.LowerCaseEqualsASCII(kTitleStar
.get())) {
3695 if (titleStar
.IsEmpty() && !wasQuotedString
) {
3696 // RFC 5987 encoding; uses token format only, so skip if we get
3697 // here with a quoted-string
3700 if (Decode5987Format(tmp
)) {
3702 titleStar
.CompressWhitespace();
3704 // header value did not parse, throw it away
3705 titleStar
.Truncate();
3709 header
.MaybeUpdateAttribute(attr
, value
);
3714 if (endCh
== kComma
) {
3715 // hit a comma, process what we've got so far
3717 header
.mHref
.Trim(" \t\n\r\f"); // trim HTML5 whitespace
3718 if (!header
.mHref
.IsEmpty() && !header
.mRel
.IsEmpty()) {
3719 if (!titleStar
.IsEmpty()) {
3720 // prefer RFC 5987 variant over non-I18zed version
3721 header
.mTitle
= titleStar
;
3723 linkHeaders
.AppendElement(header
);
3726 titleStar
.Truncate();
3729 seenParameters
= false;
3735 header
.mHref
.Trim(" \t\n\r\f"); // trim HTML5 whitespace
3736 if (!header
.mHref
.IsEmpty() && !header
.mRel
.IsEmpty()) {
3737 if (!titleStar
.IsEmpty()) {
3738 // prefer RFC 5987 variant over non-I18zed version
3739 header
.mTitle
= titleStar
;
3741 linkHeaders
.AppendElement(header
);
3747 void LinkHeader::MaybeUpdateAttribute(const nsAString
& aAttribute
,
3748 const char16_t
* aValue
) {
3749 MOZ_ASSERT(!aAttribute
.LowerCaseEqualsASCII(kTitleStar
.get()));
3751 if (aAttribute
.LowerCaseEqualsLiteral("rel")) {
3752 if (mRel
.IsEmpty()) {
3754 mRel
.CompressWhitespace();
3756 } else if (aAttribute
.LowerCaseEqualsLiteral("title")) {
3757 if (mTitle
.IsEmpty()) {
3759 mTitle
.CompressWhitespace();
3761 } else if (aAttribute
.LowerCaseEqualsLiteral("type")) {
3762 if (mType
.IsEmpty()) {
3764 mType
.StripWhitespace();
3766 } else if (aAttribute
.LowerCaseEqualsLiteral("media")) {
3767 if (mMedia
.IsEmpty()) {
3770 // The HTML5 spec is formulated in terms of the CSS3 spec,
3771 // which specifies that media queries are case insensitive.
3772 nsContentUtils::ASCIIToLower(mMedia
);
3774 } else if (aAttribute
.LowerCaseEqualsLiteral("anchor")) {
3775 if (mAnchor
.IsEmpty()) {
3777 mAnchor
.StripWhitespace();
3779 } else if (aAttribute
.LowerCaseEqualsLiteral("crossorigin")) {
3780 if (mCrossOrigin
.IsVoid()) {
3781 mCrossOrigin
.SetIsVoid(false);
3782 mCrossOrigin
= aValue
;
3783 mCrossOrigin
.StripWhitespace();
3785 } else if (aAttribute
.LowerCaseEqualsLiteral("as")) {
3786 if (mAs
.IsEmpty()) {
3788 mAs
.CompressWhitespace();
3790 } else if (aAttribute
.LowerCaseEqualsLiteral("referrerpolicy")) {
3791 // https://html.spec.whatwg.org/multipage/urls-and-fetching.html#referrer-policy-attribute
3792 // Specs says referrer policy attribute is an enumerated attribute,
3793 // case insensitive and includes the empty string
3794 // We will parse the aValue with AttributeReferrerPolicyFromString
3795 // later, which will handle parsing it as an enumerated attribute.
3796 if (mReferrerPolicy
.IsEmpty()) {
3797 mReferrerPolicy
= aValue
;
3800 } else if (aAttribute
.LowerCaseEqualsLiteral("nonce")) {
3801 if (mNonce
.IsEmpty()) {
3804 } else if (aAttribute
.LowerCaseEqualsLiteral("integrity")) {
3805 if (mIntegrity
.IsEmpty()) {
3806 mIntegrity
= aValue
;
3808 } else if (aAttribute
.LowerCaseEqualsLiteral("imagesrcset")) {
3809 if (mSrcset
.IsEmpty()) {
3812 } else if (aAttribute
.LowerCaseEqualsLiteral("imagesizes")) {
3813 if (mSizes
.IsEmpty()) {
3816 } else if (aAttribute
.LowerCaseEqualsLiteral("fetchpriority")) {
3817 if (mFetchPriority
.IsEmpty()) {
3818 LOG(("Update fetchPriority to \"%s\"",
3819 NS_ConvertUTF16toUTF8(aValue
).get()));
3820 mFetchPriority
= aValue
;
3825 // We will use official mime-types from:
3826 // https://www.iana.org/assignments/media-types/media-types.xhtml#font
3827 // We do not support old deprecated mime-types for preload feature.
3828 // (We currectly do not support font/collection)
3829 static uint32_t StyleLinkElementFontMimeTypesNum
= 5;
3830 static const char* StyleLinkElementFontMimeTypes
[] = {
3831 "font/otf", "font/sfnt", "font/ttf", "font/woff", "font/woff2"};
3833 bool IsFontMimeType(const nsAString
& aType
) {
3834 if (aType
.IsEmpty()) {
3837 for (uint32_t i
= 0; i
< StyleLinkElementFontMimeTypesNum
; i
++) {
3838 if (aType
.EqualsASCII(StyleLinkElementFontMimeTypes
[i
])) {
3845 static const nsAttrValue::EnumTable kAsAttributeTable
[] = {
3846 {"", DESTINATION_INVALID
}, {"audio", DESTINATION_AUDIO
},
3847 {"font", DESTINATION_FONT
}, {"image", DESTINATION_IMAGE
},
3848 {"script", DESTINATION_SCRIPT
}, {"style", DESTINATION_STYLE
},
3849 {"track", DESTINATION_TRACK
}, {"video", DESTINATION_VIDEO
},
3850 {"fetch", DESTINATION_FETCH
}, {nullptr, 0}};
3852 void ParseAsValue(const nsAString
& aValue
, nsAttrValue
& aResult
) {
3853 DebugOnly
<bool> success
=
3854 aResult
.ParseEnumValue(aValue
, kAsAttributeTable
, false,
3855 // default value is a empty string
3856 // if aValue is not a value we
3858 &kAsAttributeTable
[0]);
3859 MOZ_ASSERT(success
);
3862 nsContentPolicyType
AsValueToContentPolicy(const nsAttrValue
& aValue
) {
3863 switch (aValue
.GetEnumValue()) {
3864 case DESTINATION_INVALID
:
3865 return nsIContentPolicy::TYPE_INVALID
;
3866 case DESTINATION_AUDIO
:
3867 return nsIContentPolicy::TYPE_INTERNAL_AUDIO
;
3868 case DESTINATION_TRACK
:
3869 return nsIContentPolicy::TYPE_INTERNAL_TRACK
;
3870 case DESTINATION_VIDEO
:
3871 return nsIContentPolicy::TYPE_INTERNAL_VIDEO
;
3872 case DESTINATION_FONT
:
3873 return nsIContentPolicy::TYPE_FONT
;
3874 case DESTINATION_IMAGE
:
3875 return nsIContentPolicy::TYPE_IMAGE
;
3876 case DESTINATION_SCRIPT
:
3877 return nsIContentPolicy::TYPE_SCRIPT
;
3878 case DESTINATION_STYLE
:
3879 return nsIContentPolicy::TYPE_STYLESHEET
;
3880 case DESTINATION_FETCH
:
3881 return nsIContentPolicy::TYPE_INTERNAL_FETCH_PRELOAD
;
3883 return nsIContentPolicy::TYPE_INVALID
;
3886 // TODO: implement this using nsAttrValue's destination enums when support for
3887 // the new destinations is added; see this diff for a possible start:
3888 // https://phabricator.services.mozilla.com/D172368?vs=705114&id=708720
3889 bool IsScriptLikeOrInvalid(const nsAString
& aAs
) {
3891 aAs
.LowerCaseEqualsASCII("fetch") || aAs
.LowerCaseEqualsASCII("audio") ||
3892 aAs
.LowerCaseEqualsASCII("document") ||
3893 aAs
.LowerCaseEqualsASCII("embed") || aAs
.LowerCaseEqualsASCII("font") ||
3894 aAs
.LowerCaseEqualsASCII("frame") || aAs
.LowerCaseEqualsASCII("iframe") ||
3895 aAs
.LowerCaseEqualsASCII("image") ||
3896 aAs
.LowerCaseEqualsASCII("manifest") ||
3897 aAs
.LowerCaseEqualsASCII("object") ||
3898 aAs
.LowerCaseEqualsASCII("report") || aAs
.LowerCaseEqualsASCII("style") ||
3899 aAs
.LowerCaseEqualsASCII("track") || aAs
.LowerCaseEqualsASCII("video") ||
3900 aAs
.LowerCaseEqualsASCII("webidentity") ||
3901 aAs
.LowerCaseEqualsASCII("xslt"));
3904 bool CheckPreloadAttrs(const nsAttrValue
& aAs
, const nsAString
& aType
,
3905 const nsAString
& aMedia
,
3906 mozilla::dom::Document
* aDocument
) {
3907 nsContentPolicyType policyType
= AsValueToContentPolicy(aAs
);
3908 if (policyType
== nsIContentPolicy::TYPE_INVALID
) {
3912 // Check if media attribute is valid.
3913 if (!aMedia
.IsEmpty()) {
3914 RefPtr
<mozilla::dom::MediaList
> mediaList
=
3915 mozilla::dom::MediaList::Create(NS_ConvertUTF16toUTF8(aMedia
));
3916 if (!mediaList
->Matches(*aDocument
)) {
3921 if (aType
.IsEmpty()) {
3925 if (policyType
== nsIContentPolicy::TYPE_INTERNAL_FETCH_PRELOAD
) {
3929 nsAutoString
type(aType
);
3931 if (policyType
== nsIContentPolicy::TYPE_MEDIA
) {
3932 if (aAs
.GetEnumValue() == DESTINATION_TRACK
) {
3933 return type
.EqualsASCII("text/vtt");
3935 Maybe
<MediaContainerType
> mimeType
= MakeMediaContainerType(aType
);
3939 DecoderDoctorDiagnostics diagnostics
;
3940 CanPlayStatus status
=
3941 DecoderTraits::CanHandleContainerType(*mimeType
, &diagnostics
);
3942 // Preload if this return CANPLAY_YES and CANPLAY_MAYBE.
3943 return status
!= CANPLAY_NO
;
3945 if (policyType
== nsIContentPolicy::TYPE_FONT
) {
3946 return IsFontMimeType(type
);
3948 if (policyType
== nsIContentPolicy::TYPE_IMAGE
) {
3949 return imgLoader::SupportImageWithMimeType(
3950 NS_ConvertUTF16toUTF8(type
), AcceptedMimeTypes::IMAGES_AND_DOCUMENTS
);
3952 if (policyType
== nsIContentPolicy::TYPE_SCRIPT
) {
3953 return nsContentUtils::IsJavascriptMIMEType(type
);
3955 if (policyType
== nsIContentPolicy::TYPE_STYLESHEET
) {
3956 return type
.EqualsASCII("text/css");
3961 void WarnIgnoredPreload(const mozilla::dom::Document
& aDoc
, nsIURI
& aURI
) {
3962 AutoTArray
<nsString
, 1> params
;
3964 nsCString uri
= nsContentUtils::TruncatedURLForDisplay(&aURI
);
3965 AppendUTF8toUTF16(uri
, *params
.AppendElement());
3967 nsContentUtils::ReportToConsole(nsIScriptError::warningFlag
, "DOM"_ns
, &aDoc
,
3968 nsContentUtils::eDOM_PROPERTIES
,
3969 "PreloadIgnoredInvalidAttr", params
);
3972 nsresult
HasRootDomain(const nsACString
& aInput
, const nsACString
& aHost
,
3974 if (NS_WARN_IF(!aResult
)) {
3975 return NS_ERROR_FAILURE
;
3980 // If the strings are the same, we obviously have a match.
3981 if (aInput
== aHost
) {
3986 // If aHost is not found, we know we do not have it as a root domain.
3987 int32_t index
= nsAutoCString(aInput
).Find(aHost
);
3988 if (index
== kNotFound
) {
3992 // Otherwise, we have aHost as our root domain iff the index of aHost is
3993 // aHost.length subtracted from our length and (since we do not have an
3994 // exact match) the character before the index is a dot or slash.
3995 *aResult
= index
> 0 && (uint32_t)index
== aInput
.Length() - aHost
.Length() &&
3996 (aInput
[index
- 1] == '.' || aInput
[index
- 1] == '/');
4000 void CheckForBrokenChromeURL(nsILoadInfo
* aLoadInfo
, nsIURI
* aURI
) {
4004 nsAutoCString scheme
;
4005 aURI
->GetScheme(scheme
);
4006 if (!scheme
.EqualsLiteral("chrome") && !scheme
.EqualsLiteral("resource")) {
4010 aURI
->GetHost(host
);
4011 // Ignore test hits.
4012 if (host
.EqualsLiteral("mochitests") || host
.EqualsLiteral("reftest")) {
4016 nsAutoCString filePath
;
4017 aURI
->GetFilePath(filePath
);
4018 // Fluent likes checking for files everywhere and expects failure.
4019 if (StringEndsWith(filePath
, ".ftl"_ns
)) {
4023 // Ignore fetches/xhrs, as they are frequently used in a way where
4024 // non-existence is OK (ie with fallbacks). This risks false negatives (ie
4025 // files that *should* be there but aren't) - which we accept for now.
4026 ExtContentPolicy policy
= aLoadInfo
4027 ? aLoadInfo
->GetExternalContentPolicyType()
4028 : ExtContentPolicy::TYPE_OTHER
;
4029 if (policy
== ExtContentPolicy::TYPE_FETCH
||
4030 policy
== ExtContentPolicy::TYPE_XMLHTTPREQUEST
) {
4035 bool shouldSkipCheckForBrokenURLOrZeroSized
;
4036 MOZ_ALWAYS_SUCCEEDS(aLoadInfo
->GetShouldSkipCheckForBrokenURLOrZeroSized(
4037 &shouldSkipCheckForBrokenURLOrZeroSized
));
4038 if (shouldSkipCheckForBrokenURLOrZeroSized
) {
4044 aURI
->GetSpec(spec
);
4047 // Various toolkit files use this and are shipped on android, but
4048 // info-pages.css and aboutLicense.css are not - bug 1808987
4049 if (StringEndsWith(spec
, "info-pages.css"_ns
) ||
4050 StringEndsWith(spec
, "aboutLicense.css"_ns
) ||
4051 // Error page CSS is also missing: bug 1810039
4052 StringEndsWith(spec
, "aboutNetError.css"_ns
) ||
4053 StringEndsWith(spec
, "aboutHttpsOnlyError.css"_ns
) ||
4054 StringEndsWith(spec
, "error-pages.css"_ns
) ||
4055 // popup.css is used in a single mochitest: bug 1810577
4056 StringEndsWith(spec
, "/popup.css"_ns
) ||
4057 // Used by an extension installation test - bug 1809650
4058 StringBeginsWith(spec
, "resource://android/assets/web_extensions/"_ns
)) {
4063 // DTD files from gre may not exist when requested by tests.
4064 if (StringBeginsWith(spec
, "resource://gre/res/dtd/"_ns
)) {
4068 // The background task machinery allows the caller to specify a JSM on the
4069 // command line, which is then looked up in both app-specific and toolkit-wide
4071 if (spec
.Find("backgroundtasks") != kNotFound
) {
4075 if (xpc::IsInAutomation()) {
4077 if (NS_IsMainThread()) {
4078 nsCOMPtr
<nsIXPConnect
> xpc
= nsIXPConnect::XPConnect();
4079 Unused
<< xpc
->DebugDumpJSStack(false, false, false);
4082 MOZ_CRASH_UNSAFE_PRINTF("Missing chrome or resource URLs: %s", spec
.get());
4084 printf_stderr("Missing chrome or resource URL: %s\n", spec
.get());
4088 bool IsCoepCredentiallessEnabled(bool aIsOriginTrialCoepCredentiallessEnabled
) {
4089 return StaticPrefs::
4090 browser_tabs_remote_coep_credentialless_DoNotUseDirectly() ||
4091 aIsOriginTrialCoepCredentiallessEnabled
;
4095 } // namespace mozilla