1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim:set ts=4 sw=2 sts=2 et cin: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 // HttpLog.h should generally be included first
8 #include "DecoderDoctorDiagnostics.h"
11 #include "nsNetUtil.h"
13 #include "mozilla/Atomics.h"
14 #include "mozilla/BasePrincipal.h"
15 #include "mozilla/Components.h"
16 #include "mozilla/Encoding.h"
17 #include "mozilla/LoadContext.h"
18 #include "mozilla/LoadInfo.h"
19 #include "mozilla/Monitor.h"
20 #include "mozilla/StaticPrefs_browser.h"
21 #include "mozilla/StaticPrefs_network.h"
22 #include "mozilla/StaticPrefs_privacy.h"
23 #include "mozilla/StoragePrincipalHelper.h"
24 #include "mozilla/TaskQueue.h"
25 #include "mozilla/Telemetry.h"
26 #include "nsAboutProtocolUtils.h"
27 #include "nsBufferedStreams.h"
28 #include "nsCategoryCache.h"
29 #include "nsComponentManagerUtils.h"
30 #include "nsContentUtils.h"
32 #include "nsFileStreams.h"
33 #include "nsHashKeys.h"
35 #include "nsMimeTypes.h"
36 #include "nsIAuthPrompt.h"
37 #include "nsIAuthPrompt2.h"
38 #include "nsIAuthPromptAdapterFactory.h"
39 #include "nsIBufferedStreams.h"
40 #include "nsBufferedStreams.h"
41 #include "nsIChannelEventSink.h"
42 #include "nsIContentSniffer.h"
43 #include "mozilla/dom/Document.h"
44 #include "nsIDownloader.h"
45 #include "nsIFileProtocolHandler.h"
46 #include "nsIFileStreams.h"
47 #include "nsIFileURL.h"
48 #include "nsIIDNService.h"
49 #include "nsIInputStreamChannel.h"
50 #include "nsIInputStreamPump.h"
51 #include "nsIInterfaceRequestorUtils.h"
52 #include "nsILoadContext.h"
53 #include "nsIMIMEHeaderParam.h"
55 #include "nsIObjectLoadingContent.h"
56 #include "nsPersistentProperties.h"
57 #include "nsIPrivateBrowsingChannel.h"
58 #include "nsIPropertyBag2.h"
59 #include "nsIProtocolProxyService.h"
60 #include "mozilla/net/RedirectChannelRegistrar.h"
61 #include "nsRequestObserverProxy.h"
62 #include "nsISensitiveInfoHiddenURI.h"
63 #include "nsISimpleStreamListener.h"
64 #include "nsISocketProvider.h"
65 #include "nsIStandardURL.h"
66 #include "nsIStreamLoader.h"
67 #include "nsIIncrementalStreamLoader.h"
68 #include "nsStringStream.h"
69 #include "nsSyncStreamListener.h"
70 #include "nsITextToSubURI.h"
71 #include "nsIURIWithSpecialOrigin.h"
72 #include "nsIViewSourceChannel.h"
73 #include "nsInterfaceRequestorAgg.h"
74 #include "nsINestedURI.h"
75 #include "mozilla/dom/nsCSPUtils.h"
76 #include "mozilla/dom/nsHTTPSOnlyUtils.h"
77 #include "mozilla/dom/nsMixedContentBlocker.h"
78 #include "mozilla/dom/BlobURLProtocolHandler.h"
79 #include "mozilla/net/HttpBaseChannel.h"
80 #include "nsIScriptError.h"
81 #include "nsISiteSecurityService.h"
82 #include "nsHttpHandler.h"
83 #include "nsNSSComponent.h"
84 #include "nsIRedirectHistoryEntry.h"
85 #include "nsICertStorage.h"
86 #include "nsICertOverrideService.h"
87 #include "nsQueryObject.h"
88 #include "mozIThirdPartyUtil.h"
89 #include "../mime/nsMIMEHeaderParamImpl.h"
90 #include "nsStandardURL.h"
91 #include "DefaultURI.h"
92 #include "nsChromeProtocolHandler.h"
93 #include "nsJSProtocolHandler.h"
94 #include "nsDataHandler.h"
95 #include "mozilla/dom/BlobURLProtocolHandler.h"
96 #include "nsStreamUtils.h"
97 #include "nsSocketTransportService2.h"
98 #include "nsViewSourceHandler.h"
101 # include "nsIconURI.h"
103 #include "nsAboutProtocolHandler.h"
104 #include "nsResProtocolHandler.h"
105 #include "mozilla/net/ExtensionProtocolHandler.h"
106 #include "mozilla/net/PageThumbProtocolHandler.h"
107 #include "mozilla/net/SFVService.h"
109 #include "nsIXPConnect.h"
110 #include "nsParserConstants.h"
112 #include "nsServiceManagerUtils.h"
113 #include "mozilla/dom/MediaList.h"
114 #include "MediaContainerType.h"
115 #include "DecoderTraits.h"
116 #include "imgLoader.h"
118 #if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE)
119 # include "nsNewMailnewsURI.h"
122 using namespace mozilla
;
123 using namespace mozilla::net
;
124 using mozilla::dom::BlobURLProtocolHandler
;
125 using mozilla::dom::ClientInfo
;
126 using mozilla::dom::PerformanceStorage
;
127 using mozilla::dom::ServiceWorkerDescriptor
;
129 #define MAX_RECURSION_COUNT 50
131 already_AddRefed
<nsIIOService
> do_GetIOService(nsresult
* error
/* = 0 */) {
132 nsCOMPtr
<nsIIOService
> io
;
133 io
= mozilla::components::IO::Service();
134 if (error
) *error
= io
? NS_OK
: NS_ERROR_FAILURE
;
138 nsresult
NS_NewLocalFileInputStream(nsIInputStream
** result
, nsIFile
* file
,
139 int32_t ioFlags
/* = -1 */,
140 int32_t perm
/* = -1 */,
141 int32_t behaviorFlags
/* = 0 */) {
143 nsCOMPtr
<nsIFileInputStream
> in
=
144 do_CreateInstance(NS_LOCALFILEINPUTSTREAM_CONTRACTID
, &rv
);
145 if (NS_SUCCEEDED(rv
)) {
146 rv
= in
->Init(file
, ioFlags
, perm
, behaviorFlags
);
147 if (NS_SUCCEEDED(rv
)) in
.forget(result
);
152 Result
<nsCOMPtr
<nsIInputStream
>, nsresult
> NS_NewLocalFileInputStream(
153 nsIFile
* file
, int32_t ioFlags
/* = -1 */, int32_t perm
/* = -1 */,
154 int32_t behaviorFlags
/* = 0 */) {
155 nsCOMPtr
<nsIInputStream
> stream
;
156 const nsresult rv
= NS_NewLocalFileInputStream(getter_AddRefs(stream
), file
,
157 ioFlags
, perm
, behaviorFlags
);
158 if (NS_SUCCEEDED(rv
)) {
164 nsresult
NS_NewLocalFileOutputStream(nsIOutputStream
** result
, nsIFile
* file
,
165 int32_t ioFlags
/* = -1 */,
166 int32_t perm
/* = -1 */,
167 int32_t behaviorFlags
/* = 0 */) {
169 nsCOMPtr
<nsIFileOutputStream
> out
=
170 do_CreateInstance(NS_LOCALFILEOUTPUTSTREAM_CONTRACTID
, &rv
);
171 if (NS_SUCCEEDED(rv
)) {
172 rv
= out
->Init(file
, ioFlags
, perm
, behaviorFlags
);
173 if (NS_SUCCEEDED(rv
)) out
.forget(result
);
178 Result
<nsCOMPtr
<nsIOutputStream
>, nsresult
> NS_NewLocalFileOutputStream(
179 nsIFile
* file
, int32_t ioFlags
/* = -1 */, int32_t perm
/* = -1 */,
180 int32_t behaviorFlags
/* = 0 */) {
181 nsCOMPtr
<nsIOutputStream
> stream
;
182 const nsresult rv
= NS_NewLocalFileOutputStream(getter_AddRefs(stream
), file
,
183 ioFlags
, perm
, behaviorFlags
);
184 if (NS_SUCCEEDED(rv
)) {
190 nsresult
NS_NewLocalFileOutputStream(nsIOutputStream
** result
,
191 const mozilla::ipc::FileDescriptor
& fd
) {
192 nsCOMPtr
<nsIFileOutputStream
> out
;
193 nsFileOutputStream::Create(NS_GET_IID(nsIFileOutputStream
),
194 getter_AddRefs(out
));
197 static_cast<nsFileOutputStream
*>(out
.get())->InitWithFileDescriptor(fd
);
206 nsresult
net_EnsureIOService(nsIIOService
** ios
, nsCOMPtr
<nsIIOService
>& grip
) {
209 grip
= do_GetIOService(&rv
);
215 nsresult
NS_NewFileURI(
216 nsIURI
** result
, nsIFile
* spec
,
218 ioService
/* = nullptr */) // pass in nsIIOService to optimize callers
221 nsCOMPtr
<nsIIOService
> grip
;
222 rv
= net_EnsureIOService(&ioService
, grip
);
223 if (ioService
) rv
= ioService
->NewFileURI(spec
, result
);
227 nsresult
NS_GetURIWithNewRef(nsIURI
* aInput
, const nsACString
& aRef
,
229 MOZ_DIAGNOSTIC_ASSERT(aRef
.IsEmpty() || aRef
[0] == '#');
231 if (NS_WARN_IF(!aInput
|| !aOutput
)) {
232 return NS_ERROR_INVALID_ARG
;
236 nsresult rv
= aInput
->GetHasRef(&hasRef
);
239 if (NS_SUCCEEDED(rv
)) {
240 rv
= aInput
->GetRef(ref
);
243 // If the ref is already equal to the new ref, we do not need to do anything.
244 // Also, if the GetRef failed (it could return NS_ERROR_NOT_IMPLEMENTED)
245 // we can assume SetRef would fail as well, so returning the original
248 // Note that aRef contains the hash, but ref doesn't, so need to account for
249 // that in the equality check.
250 if (NS_FAILED(rv
) || (!hasRef
&& aRef
.IsEmpty()) ||
251 (!aRef
.IsEmpty() && hasRef
&&
252 Substring(aRef
.Data() + 1, aRef
.Length() - 1) == ref
)) {
253 nsCOMPtr
<nsIURI
> uri
= aInput
;
258 return NS_MutateURI(aInput
).SetRef(aRef
).Finalize(aOutput
);
261 nsresult
NS_GetURIWithoutRef(nsIURI
* aInput
, nsIURI
** aOutput
) {
262 return NS_GetURIWithNewRef(aInput
, ""_ns
, aOutput
);
265 nsresult
NS_NewChannelInternal(
266 nsIChannel
** outChannel
, nsIURI
* aUri
, nsILoadInfo
* aLoadInfo
,
267 PerformanceStorage
* aPerformanceStorage
/* = nullptr */,
268 nsILoadGroup
* aLoadGroup
/* = nullptr */,
269 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
270 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */,
271 nsIIOService
* aIoService
/* = nullptr */) {
272 // NS_NewChannelInternal is mostly called for channel redirects. We should
273 // allow the creation of a channel even if the original channel did not have a
274 // loadinfo attached.
275 NS_ENSURE_ARG_POINTER(outChannel
);
277 nsCOMPtr
<nsIIOService
> grip
;
278 nsresult rv
= net_EnsureIOService(&aIoService
, grip
);
279 NS_ENSURE_SUCCESS(rv
, rv
);
281 nsCOMPtr
<nsIChannel
> channel
;
282 rv
= aIoService
->NewChannelFromURIWithLoadInfo(aUri
, aLoadInfo
,
283 getter_AddRefs(channel
));
284 NS_ENSURE_SUCCESS(rv
, rv
);
287 rv
= channel
->SetLoadGroup(aLoadGroup
);
288 NS_ENSURE_SUCCESS(rv
, rv
);
292 rv
= channel
->SetNotificationCallbacks(aCallbacks
);
293 NS_ENSURE_SUCCESS(rv
, rv
);
297 nsLoadFlags channelLoadFlags
= 0;
298 channel
->GetLoadFlags(&channelLoadFlags
);
299 // Will be removed when we remove LOAD_REPLACE altogether
300 // This check is trying to catch protocol handlers that still
301 // try to set the LOAD_REPLACE flag.
302 MOZ_DIAGNOSTIC_ASSERT(!(channelLoadFlags
& nsIChannel::LOAD_REPLACE
));
305 if (aLoadFlags
!= nsIRequest::LOAD_NORMAL
) {
306 rv
= channel
->SetLoadFlags(aLoadFlags
);
307 NS_ENSURE_SUCCESS(rv
, rv
);
310 if (aPerformanceStorage
) {
311 nsCOMPtr
<nsILoadInfo
> loadInfo
= channel
->LoadInfo();
312 loadInfo
->SetPerformanceStorage(aPerformanceStorage
);
315 channel
.forget(outChannel
);
321 void AssertLoadingPrincipalAndClientInfoMatch(
322 nsIPrincipal
* aLoadingPrincipal
, const ClientInfo
& aLoadingClientInfo
,
323 nsContentPolicyType aType
) {
324 #ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED
325 // Verify that the provided loading ClientInfo matches the loading
326 // principal. Unfortunately we can't just use nsIPrincipal::Equals() here
327 // because of some corner cases:
329 // 1. Worker debugger scripts want to use a system loading principal for
330 // worker scripts with a content principal. We exempt these from this
332 // 2. Null principals currently require exact object identity for
333 // nsIPrincipal::Equals() to return true. This doesn't work here because
334 // ClientInfo::GetPrincipal() uses PrincipalInfoToPrincipal() to allocate
335 // a new object. To work around this we compare the principal origin
336 // string itself. If bug 1431771 is fixed then we could switch to
339 // Allow worker debugger to load with a system principal.
340 if (aLoadingPrincipal
->IsSystemPrincipal() &&
341 (aType
== nsIContentPolicy::TYPE_INTERNAL_WORKER
||
342 aType
== nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER
||
343 aType
== nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER
||
344 aType
== nsIContentPolicy::TYPE_INTERNAL_WORKER_IMPORT_SCRIPTS
||
345 aType
== nsIContentPolicy::TYPE_INTERNAL_WORKER_STATIC_MODULE
)) {
349 // Perform a fast comparison for most principal checks.
350 auto clientPrincipalOrErr(aLoadingClientInfo
.GetPrincipal());
351 if (clientPrincipalOrErr
.isOk()) {
352 nsCOMPtr
<nsIPrincipal
> clientPrincipal
= clientPrincipalOrErr
.unwrap();
353 if (aLoadingPrincipal
->Equals(clientPrincipal
)) {
356 // Fall back to a slower origin equality test to support null principals.
357 nsAutoCString loadingOriginNoSuffix
;
359 aLoadingPrincipal
->GetOriginNoSuffix(loadingOriginNoSuffix
));
361 nsAutoCString clientOriginNoSuffix
;
363 clientPrincipal
->GetOriginNoSuffix(clientOriginNoSuffix
));
365 // The client principal will have the partitionKey set if it's in a third
366 // party context, but the loading principal won't. So, we ignore he
367 // partitionKey when doing the verification here.
368 MOZ_DIAGNOSTIC_ASSERT(loadingOriginNoSuffix
== clientOriginNoSuffix
);
369 MOZ_DIAGNOSTIC_ASSERT(
370 aLoadingPrincipal
->OriginAttributesRef().EqualsIgnoringPartitionKey(
371 clientPrincipal
->OriginAttributesRef()));
378 nsresult
NS_NewChannel(nsIChannel
** outChannel
, nsIURI
* aUri
,
379 nsIPrincipal
* aLoadingPrincipal
,
380 nsSecurityFlags aSecurityFlags
,
381 nsContentPolicyType aContentPolicyType
,
382 nsICookieJarSettings
* aCookieJarSettings
/* = nullptr */,
383 PerformanceStorage
* aPerformanceStorage
/* = nullptr */,
384 nsILoadGroup
* aLoadGroup
/* = nullptr */,
385 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
386 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */,
387 nsIIOService
* aIoService
/* = nullptr */,
388 uint32_t aSandboxFlags
/* = 0 */,
389 bool aSkipCheckForBrokenURLOrZeroSized
/* = false */) {
390 return NS_NewChannelInternal(
392 nullptr, // aLoadingNode,
394 nullptr, // aTriggeringPrincipal
395 Maybe
<ClientInfo
>(), Maybe
<ServiceWorkerDescriptor
>(), aSecurityFlags
,
396 aContentPolicyType
, aCookieJarSettings
, aPerformanceStorage
, aLoadGroup
,
397 aCallbacks
, aLoadFlags
, aIoService
, aSandboxFlags
,
398 aSkipCheckForBrokenURLOrZeroSized
);
401 nsresult
NS_NewChannel(nsIChannel
** outChannel
, nsIURI
* aUri
,
402 nsIPrincipal
* aLoadingPrincipal
,
403 const ClientInfo
& aLoadingClientInfo
,
404 const Maybe
<ServiceWorkerDescriptor
>& aController
,
405 nsSecurityFlags aSecurityFlags
,
406 nsContentPolicyType aContentPolicyType
,
407 nsICookieJarSettings
* aCookieJarSettings
/* = nullptr */,
408 PerformanceStorage
* aPerformanceStorage
/* = nullptr */,
409 nsILoadGroup
* aLoadGroup
/* = nullptr */,
410 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
411 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */,
412 nsIIOService
* aIoService
/* = nullptr */,
413 uint32_t aSandboxFlags
/* = 0 */,
414 bool aSkipCheckForBrokenURLOrZeroSized
/* = false */) {
415 AssertLoadingPrincipalAndClientInfoMatch(
416 aLoadingPrincipal
, aLoadingClientInfo
, aContentPolicyType
);
418 Maybe
<ClientInfo
> loadingClientInfo
;
419 loadingClientInfo
.emplace(aLoadingClientInfo
);
421 return NS_NewChannelInternal(
423 nullptr, // aLoadingNode,
425 nullptr, // aTriggeringPrincipal
426 loadingClientInfo
, aController
, aSecurityFlags
, aContentPolicyType
,
427 aCookieJarSettings
, aPerformanceStorage
, aLoadGroup
, aCallbacks
,
428 aLoadFlags
, aIoService
, aSandboxFlags
, aSkipCheckForBrokenURLOrZeroSized
);
431 nsresult
NS_NewChannelInternal(
432 nsIChannel
** outChannel
, nsIURI
* aUri
, nsINode
* aLoadingNode
,
433 nsIPrincipal
* aLoadingPrincipal
, nsIPrincipal
* aTriggeringPrincipal
,
434 const Maybe
<ClientInfo
>& aLoadingClientInfo
,
435 const Maybe
<ServiceWorkerDescriptor
>& aController
,
436 nsSecurityFlags aSecurityFlags
, nsContentPolicyType aContentPolicyType
,
437 nsICookieJarSettings
* aCookieJarSettings
/* = nullptr */,
438 PerformanceStorage
* aPerformanceStorage
/* = nullptr */,
439 nsILoadGroup
* aLoadGroup
/* = nullptr */,
440 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
441 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */,
442 nsIIOService
* aIoService
/* = nullptr */, uint32_t aSandboxFlags
/* = 0 */,
443 bool aSkipCheckForBrokenURLOrZeroSized
/* = false */) {
444 NS_ENSURE_ARG_POINTER(outChannel
);
446 nsCOMPtr
<nsIIOService
> grip
;
447 nsresult rv
= net_EnsureIOService(&aIoService
, grip
);
448 NS_ENSURE_SUCCESS(rv
, rv
);
450 nsCOMPtr
<nsIChannel
> channel
;
451 rv
= aIoService
->NewChannelFromURIWithClientAndController(
452 aUri
, aLoadingNode
, aLoadingPrincipal
, aTriggeringPrincipal
,
453 aLoadingClientInfo
, aController
, aSecurityFlags
, aContentPolicyType
,
454 aSandboxFlags
, aSkipCheckForBrokenURLOrZeroSized
,
455 getter_AddRefs(channel
));
461 rv
= channel
->SetLoadGroup(aLoadGroup
);
462 NS_ENSURE_SUCCESS(rv
, rv
);
466 rv
= channel
->SetNotificationCallbacks(aCallbacks
);
467 NS_ENSURE_SUCCESS(rv
, rv
);
471 nsLoadFlags channelLoadFlags
= 0;
472 channel
->GetLoadFlags(&channelLoadFlags
);
473 // Will be removed when we remove LOAD_REPLACE altogether
474 // This check is trying to catch protocol handlers that still
475 // try to set the LOAD_REPLACE flag.
476 MOZ_DIAGNOSTIC_ASSERT(!(channelLoadFlags
& nsIChannel::LOAD_REPLACE
));
479 if (aLoadFlags
!= nsIRequest::LOAD_NORMAL
) {
480 rv
= channel
->SetLoadFlags(aLoadFlags
);
481 NS_ENSURE_SUCCESS(rv
, rv
);
484 if (aPerformanceStorage
|| aCookieJarSettings
) {
485 nsCOMPtr
<nsILoadInfo
> loadInfo
= channel
->LoadInfo();
487 if (aPerformanceStorage
) {
488 loadInfo
->SetPerformanceStorage(aPerformanceStorage
);
491 if (aCookieJarSettings
) {
492 loadInfo
->SetCookieJarSettings(aCookieJarSettings
);
496 channel
.forget(outChannel
);
500 nsresult
/*NS_NewChannelWithNodeAndTriggeringPrincipal */
501 NS_NewChannelWithTriggeringPrincipal(
502 nsIChannel
** outChannel
, nsIURI
* aUri
, nsINode
* aLoadingNode
,
503 nsIPrincipal
* aTriggeringPrincipal
, nsSecurityFlags aSecurityFlags
,
504 nsContentPolicyType aContentPolicyType
,
505 PerformanceStorage
* aPerformanceStorage
/* = nullptr */,
506 nsILoadGroup
* aLoadGroup
/* = nullptr */,
507 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
508 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */,
509 nsIIOService
* aIoService
/* = nullptr */) {
510 MOZ_ASSERT(aLoadingNode
);
511 NS_ASSERTION(aTriggeringPrincipal
,
512 "Can not create channel without a triggering Principal!");
513 return NS_NewChannelInternal(
514 outChannel
, aUri
, aLoadingNode
, aLoadingNode
->NodePrincipal(),
515 aTriggeringPrincipal
, Maybe
<ClientInfo
>(),
516 Maybe
<ServiceWorkerDescriptor
>(), aSecurityFlags
, aContentPolicyType
,
517 aLoadingNode
->OwnerDoc()->CookieJarSettings(), aPerformanceStorage
,
518 aLoadGroup
, aCallbacks
, aLoadFlags
, aIoService
);
521 // See NS_NewChannelInternal for usage and argument description
522 nsresult
NS_NewChannelWithTriggeringPrincipal(
523 nsIChannel
** outChannel
, nsIURI
* aUri
, nsIPrincipal
* aLoadingPrincipal
,
524 nsIPrincipal
* aTriggeringPrincipal
, nsSecurityFlags aSecurityFlags
,
525 nsContentPolicyType aContentPolicyType
,
526 nsICookieJarSettings
* aCookieJarSettings
/* = nullptr */,
527 PerformanceStorage
* aPerformanceStorage
/* = nullptr */,
528 nsILoadGroup
* aLoadGroup
/* = nullptr */,
529 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
530 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */,
531 nsIIOService
* aIoService
/* = nullptr */) {
532 NS_ASSERTION(aLoadingPrincipal
,
533 "Can not create channel without a loading Principal!");
534 return NS_NewChannelInternal(
536 nullptr, // aLoadingNode
537 aLoadingPrincipal
, aTriggeringPrincipal
, Maybe
<ClientInfo
>(),
538 Maybe
<ServiceWorkerDescriptor
>(), aSecurityFlags
, aContentPolicyType
,
539 aCookieJarSettings
, aPerformanceStorage
, aLoadGroup
, aCallbacks
,
540 aLoadFlags
, aIoService
);
543 // See NS_NewChannelInternal for usage and argument description
544 nsresult
NS_NewChannelWithTriggeringPrincipal(
545 nsIChannel
** outChannel
, nsIURI
* aUri
, nsIPrincipal
* aLoadingPrincipal
,
546 nsIPrincipal
* aTriggeringPrincipal
, const ClientInfo
& aLoadingClientInfo
,
547 const Maybe
<ServiceWorkerDescriptor
>& aController
,
548 nsSecurityFlags aSecurityFlags
, nsContentPolicyType aContentPolicyType
,
549 nsICookieJarSettings
* aCookieJarSettings
/* = nullptr */,
550 PerformanceStorage
* aPerformanceStorage
/* = nullptr */,
551 nsILoadGroup
* aLoadGroup
/* = nullptr */,
552 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
553 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */,
554 nsIIOService
* aIoService
/* = nullptr */) {
555 AssertLoadingPrincipalAndClientInfoMatch(
556 aLoadingPrincipal
, aLoadingClientInfo
, aContentPolicyType
);
558 Maybe
<ClientInfo
> loadingClientInfo
;
559 loadingClientInfo
.emplace(aLoadingClientInfo
);
561 return NS_NewChannelInternal(
563 nullptr, // aLoadingNode
564 aLoadingPrincipal
, aTriggeringPrincipal
, loadingClientInfo
, aController
,
565 aSecurityFlags
, aContentPolicyType
, aCookieJarSettings
,
566 aPerformanceStorage
, aLoadGroup
, aCallbacks
, aLoadFlags
, aIoService
);
569 nsresult
NS_NewChannel(nsIChannel
** outChannel
, nsIURI
* aUri
,
570 nsINode
* aLoadingNode
, nsSecurityFlags aSecurityFlags
,
571 nsContentPolicyType aContentPolicyType
,
572 PerformanceStorage
* aPerformanceStorage
/* = nullptr */,
573 nsILoadGroup
* aLoadGroup
/* = nullptr */,
574 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
575 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */,
576 nsIIOService
* aIoService
/* = nullptr */,
577 uint32_t aSandboxFlags
/* = 0 */,
578 bool aSkipCheckForBrokenURLOrZeroSized
/* = false */) {
579 NS_ASSERTION(aLoadingNode
, "Can not create channel without a loading Node!");
580 return NS_NewChannelInternal(
581 outChannel
, aUri
, aLoadingNode
, aLoadingNode
->NodePrincipal(),
582 nullptr, // aTriggeringPrincipal
583 Maybe
<ClientInfo
>(), Maybe
<ServiceWorkerDescriptor
>(), aSecurityFlags
,
584 aContentPolicyType
, aLoadingNode
->OwnerDoc()->CookieJarSettings(),
585 aPerformanceStorage
, aLoadGroup
, aCallbacks
, aLoadFlags
, aIoService
,
586 aSandboxFlags
, aSkipCheckForBrokenURLOrZeroSized
);
589 nsresult
NS_GetIsDocumentChannel(nsIChannel
* aChannel
, bool* aIsDocument
) {
590 // Check if this channel is going to be used to create a document. If it has
591 // LOAD_DOCUMENT_URI set it is trivially creating a document. If
592 // LOAD_HTML_OBJECT_DATA is set it may or may not be used to create a
593 // document, depending on its MIME type.
595 if (!aChannel
|| !aIsDocument
) {
596 return NS_ERROR_NULL_POINTER
;
598 *aIsDocument
= false;
599 nsLoadFlags loadFlags
;
600 nsresult rv
= aChannel
->GetLoadFlags(&loadFlags
);
604 if (loadFlags
& nsIChannel::LOAD_DOCUMENT_URI
) {
608 if (!(loadFlags
& nsIRequest::LOAD_HTML_OBJECT_DATA
)) {
609 *aIsDocument
= false;
612 nsAutoCString mimeType
;
613 rv
= aChannel
->GetContentType(mimeType
);
617 if (nsContentUtils::HtmlObjectContentTypeForMIMEType(mimeType
) ==
618 nsIObjectLoadingContent::TYPE_DOCUMENT
) {
622 *aIsDocument
= false;
626 nsresult
NS_MakeAbsoluteURI(nsACString
& result
, const nsACString
& spec
,
630 NS_WARNING("It doesn't make sense to not supply a base URI");
633 } else if (spec
.IsEmpty()) {
634 rv
= baseURI
->GetSpec(result
);
636 rv
= baseURI
->Resolve(spec
, result
);
641 nsresult
NS_MakeAbsoluteURI(char** result
, const char* spec
, nsIURI
* baseURI
) {
643 nsAutoCString resultBuf
;
644 rv
= NS_MakeAbsoluteURI(resultBuf
, nsDependentCString(spec
), baseURI
);
645 if (NS_SUCCEEDED(rv
)) {
646 *result
= ToNewCString(resultBuf
, mozilla::fallible
);
647 if (!*result
) rv
= NS_ERROR_OUT_OF_MEMORY
;
652 nsresult
NS_MakeAbsoluteURI(nsAString
& result
, const nsAString
& spec
,
656 NS_WARNING("It doesn't make sense to not supply a base URI");
660 nsAutoCString resultBuf
;
661 if (spec
.IsEmpty()) {
662 rv
= baseURI
->GetSpec(resultBuf
);
664 rv
= baseURI
->Resolve(NS_ConvertUTF16toUTF8(spec
), resultBuf
);
666 if (NS_SUCCEEDED(rv
)) CopyUTF8toUTF16(resultBuf
, result
);
671 int32_t NS_GetDefaultPort(const char* scheme
,
672 nsIIOService
* ioService
/* = nullptr */) {
675 // Getting the default port through the protocol handler previously had a lot
676 // of XPCOM overhead involved. We optimize the protocols that matter for Web
677 // pages (HTTP and HTTPS) by hardcoding their default ports here.
679 // XXX: This might not be necessary for performance anymore.
680 if (strncmp(scheme
, "http", 4) == 0) {
681 if (scheme
[4] == 's' && scheme
[5] == '\0') {
684 if (scheme
[4] == '\0') {
689 nsCOMPtr
<nsIIOService
> grip
;
690 net_EnsureIOService(&ioService
, grip
);
691 if (!ioService
) return -1;
694 rv
= ioService
->GetDefaultPort(scheme
, &port
);
695 return NS_SUCCEEDED(rv
) ? port
: -1;
698 int32_t NS_GetRealPort(nsIURI
* aURI
) {
700 nsresult rv
= aURI
->GetPort(&port
);
701 if (NS_FAILED(rv
)) return -1;
703 if (port
!= -1) return port
; // explicitly specified
705 // Otherwise, we have to get the default port from the protocol handler
707 // Need the scheme first
708 nsAutoCString scheme
;
709 rv
= aURI
->GetScheme(scheme
);
710 if (NS_FAILED(rv
)) return -1;
712 return NS_GetDefaultPort(scheme
.get());
715 nsresult
NS_NewInputStreamChannelInternal(
716 nsIChannel
** outChannel
, nsIURI
* aUri
,
717 already_AddRefed
<nsIInputStream
> aStream
, const nsACString
& aContentType
,
718 const nsACString
& aContentCharset
, nsILoadInfo
* aLoadInfo
) {
720 nsCOMPtr
<nsIInputStreamChannel
> isc
=
721 do_CreateInstance(NS_INPUTSTREAMCHANNEL_CONTRACTID
, &rv
);
722 NS_ENSURE_SUCCESS(rv
, rv
);
723 rv
= isc
->SetURI(aUri
);
724 NS_ENSURE_SUCCESS(rv
, rv
);
726 nsCOMPtr
<nsIInputStream
> stream
= std::move(aStream
);
727 rv
= isc
->SetContentStream(stream
);
728 NS_ENSURE_SUCCESS(rv
, rv
);
730 nsCOMPtr
<nsIChannel
> channel
= do_QueryInterface(isc
, &rv
);
731 NS_ENSURE_SUCCESS(rv
, rv
);
733 if (!aContentType
.IsEmpty()) {
734 rv
= channel
->SetContentType(aContentType
);
735 NS_ENSURE_SUCCESS(rv
, rv
);
738 if (!aContentCharset
.IsEmpty()) {
739 rv
= channel
->SetContentCharset(aContentCharset
);
740 NS_ENSURE_SUCCESS(rv
, rv
);
743 MOZ_ASSERT(aLoadInfo
, "need a loadinfo to create a inputstreamchannel");
744 channel
->SetLoadInfo(aLoadInfo
);
746 // If we're sandboxed, make sure to clear any owner the channel
747 // might already have.
748 if (aLoadInfo
&& aLoadInfo
->GetLoadingSandboxed()) {
749 channel
->SetOwner(nullptr);
752 channel
.forget(outChannel
);
756 nsresult
NS_NewInputStreamChannelInternal(
757 nsIChannel
** outChannel
, nsIURI
* aUri
,
758 already_AddRefed
<nsIInputStream
> aStream
, const nsACString
& aContentType
,
759 const nsACString
& aContentCharset
, nsINode
* aLoadingNode
,
760 nsIPrincipal
* aLoadingPrincipal
, nsIPrincipal
* aTriggeringPrincipal
,
761 nsSecurityFlags aSecurityFlags
, nsContentPolicyType aContentPolicyType
) {
762 nsCOMPtr
<nsILoadInfo
> loadInfo
= new mozilla::net::LoadInfo(
763 aLoadingPrincipal
, aTriggeringPrincipal
, aLoadingNode
, aSecurityFlags
,
766 return NS_ERROR_UNEXPECTED
;
769 nsCOMPtr
<nsIInputStream
> stream
= std::move(aStream
);
771 return NS_NewInputStreamChannelInternal(outChannel
, aUri
, stream
.forget(),
772 aContentType
, aContentCharset
,
776 nsresult
NS_NewInputStreamChannel(
777 nsIChannel
** outChannel
, nsIURI
* aUri
,
778 already_AddRefed
<nsIInputStream
> aStream
, nsIPrincipal
* aLoadingPrincipal
,
779 nsSecurityFlags aSecurityFlags
, nsContentPolicyType aContentPolicyType
,
780 const nsACString
& aContentType
/* = ""_ns */,
781 const nsACString
& aContentCharset
/* = ""_ns */) {
782 nsCOMPtr
<nsIInputStream
> stream
= aStream
;
783 return NS_NewInputStreamChannelInternal(outChannel
, aUri
, stream
.forget(),
784 aContentType
, aContentCharset
,
785 nullptr, // aLoadingNode
787 nullptr, // aTriggeringPrincipal
788 aSecurityFlags
, aContentPolicyType
);
791 nsresult
NS_NewInputStreamChannelInternal(nsIChannel
** outChannel
, nsIURI
* aUri
,
792 const nsAString
& aData
,
793 const nsACString
& aContentType
,
794 nsILoadInfo
* aLoadInfo
,
795 bool aIsSrcdocChannel
/* = false */) {
797 nsCOMPtr
<nsIStringInputStream
> stream
;
798 stream
= do_CreateInstance(NS_STRINGINPUTSTREAM_CONTRACTID
, &rv
);
799 NS_ENSURE_SUCCESS(rv
, rv
);
802 char* utf8Bytes
= ToNewUTF8String(aData
, &len
);
803 rv
= stream
->AdoptData(utf8Bytes
, len
);
805 nsCOMPtr
<nsIChannel
> channel
;
806 rv
= NS_NewInputStreamChannelInternal(getter_AddRefs(channel
), aUri
,
807 stream
.forget(), aContentType
,
808 "UTF-8"_ns
, aLoadInfo
);
810 NS_ENSURE_SUCCESS(rv
, rv
);
812 if (aIsSrcdocChannel
) {
813 nsCOMPtr
<nsIInputStreamChannel
> inStrmChan
= do_QueryInterface(channel
);
814 NS_ENSURE_TRUE(inStrmChan
, NS_ERROR_FAILURE
);
815 inStrmChan
->SetSrcdocData(aData
);
817 channel
.forget(outChannel
);
821 nsresult
NS_NewInputStreamChannelInternal(
822 nsIChannel
** outChannel
, nsIURI
* aUri
, const nsAString
& aData
,
823 const nsACString
& aContentType
, nsINode
* aLoadingNode
,
824 nsIPrincipal
* aLoadingPrincipal
, nsIPrincipal
* aTriggeringPrincipal
,
825 nsSecurityFlags aSecurityFlags
, nsContentPolicyType aContentPolicyType
,
826 bool aIsSrcdocChannel
/* = false */) {
827 nsCOMPtr
<nsILoadInfo
> loadInfo
= new mozilla::net::LoadInfo(
828 aLoadingPrincipal
, aTriggeringPrincipal
, aLoadingNode
, aSecurityFlags
,
830 return NS_NewInputStreamChannelInternal(outChannel
, aUri
, aData
, aContentType
,
831 loadInfo
, aIsSrcdocChannel
);
834 nsresult
NS_NewInputStreamChannel(nsIChannel
** outChannel
, nsIURI
* aUri
,
835 const nsAString
& aData
,
836 const nsACString
& aContentType
,
837 nsIPrincipal
* aLoadingPrincipal
,
838 nsSecurityFlags aSecurityFlags
,
839 nsContentPolicyType aContentPolicyType
,
840 bool aIsSrcdocChannel
/* = false */) {
841 return NS_NewInputStreamChannelInternal(outChannel
, aUri
, aData
, aContentType
,
842 nullptr, // aLoadingNode
844 nullptr, // aTriggeringPrincipal
845 aSecurityFlags
, aContentPolicyType
,
849 nsresult
NS_NewInputStreamPump(
850 nsIInputStreamPump
** aResult
, already_AddRefed
<nsIInputStream
> aStream
,
851 uint32_t aSegsize
/* = 0 */, uint32_t aSegcount
/* = 0 */,
852 bool aCloseWhenDone
/* = false */,
853 nsISerialEventTarget
* aMainThreadTarget
/* = nullptr */) {
854 nsCOMPtr
<nsIInputStream
> stream
= std::move(aStream
);
857 nsCOMPtr
<nsIInputStreamPump
> pump
=
858 do_CreateInstance(NS_INPUTSTREAMPUMP_CONTRACTID
, &rv
);
859 if (NS_SUCCEEDED(rv
)) {
860 rv
= pump
->Init(stream
, aSegsize
, aSegcount
, aCloseWhenDone
,
862 if (NS_SUCCEEDED(rv
)) {
870 nsresult
NS_NewLoadGroup(nsILoadGroup
** result
, nsIRequestObserver
* obs
) {
872 nsCOMPtr
<nsILoadGroup
> group
=
873 do_CreateInstance(NS_LOADGROUP_CONTRACTID
, &rv
);
874 if (NS_SUCCEEDED(rv
)) {
875 rv
= group
->SetGroupObserver(obs
);
876 if (NS_SUCCEEDED(rv
)) {
884 bool NS_IsReasonableHTTPHeaderValue(const nsACString
& aValue
) {
885 return mozilla::net::nsHttp::IsReasonableHeaderValue(aValue
);
888 bool NS_IsValidHTTPToken(const nsACString
& aToken
) {
889 return mozilla::net::nsHttp::IsValidToken(aToken
);
892 void NS_TrimHTTPWhitespace(const nsACString
& aSource
, nsACString
& aDest
) {
893 mozilla::net::nsHttp::TrimHTTPWhitespace(aSource
, aDest
);
896 nsresult
NS_NewLoadGroup(nsILoadGroup
** aResult
, nsIPrincipal
* aPrincipal
) {
897 using mozilla::LoadContext
;
900 nsCOMPtr
<nsILoadGroup
> group
=
901 do_CreateInstance(NS_LOADGROUP_CONTRACTID
, &rv
);
902 NS_ENSURE_SUCCESS(rv
, rv
);
904 RefPtr
<LoadContext
> loadContext
= new LoadContext(aPrincipal
);
905 rv
= group
->SetNotificationCallbacks(loadContext
);
906 NS_ENSURE_SUCCESS(rv
, rv
);
908 group
.forget(aResult
);
912 bool NS_LoadGroupMatchesPrincipal(nsILoadGroup
* aLoadGroup
,
913 nsIPrincipal
* aPrincipal
) {
918 // If this is a null principal then the load group doesn't really matter.
919 // The principal will not be allowed to perform any actions that actually
920 // use the load group. Unconditionally treat null principals as a match.
921 if (aPrincipal
->GetIsNullPrincipal()) {
929 nsCOMPtr
<nsILoadContext
> loadContext
;
930 NS_QueryNotificationCallbacks(nullptr, aLoadGroup
, NS_GET_IID(nsILoadContext
),
931 getter_AddRefs(loadContext
));
932 NS_ENSURE_TRUE(loadContext
, false);
937 nsresult
NS_NewDownloader(nsIStreamListener
** result
,
938 nsIDownloadObserver
* observer
,
939 nsIFile
* downloadLocation
/* = nullptr */) {
941 nsCOMPtr
<nsIDownloader
> downloader
=
942 do_CreateInstance(NS_DOWNLOADER_CONTRACTID
, &rv
);
943 if (NS_SUCCEEDED(rv
)) {
944 rv
= downloader
->Init(observer
, downloadLocation
);
945 if (NS_SUCCEEDED(rv
)) {
946 downloader
.forget(result
);
952 nsresult
NS_NewIncrementalStreamLoader(
953 nsIIncrementalStreamLoader
** result
,
954 nsIIncrementalStreamLoaderObserver
* observer
) {
956 nsCOMPtr
<nsIIncrementalStreamLoader
> loader
=
957 do_CreateInstance(NS_INCREMENTALSTREAMLOADER_CONTRACTID
, &rv
);
958 if (NS_SUCCEEDED(rv
)) {
959 rv
= loader
->Init(observer
);
960 if (NS_SUCCEEDED(rv
)) {
962 loader
.swap(*result
);
968 nsresult
NS_NewStreamLoader(
969 nsIStreamLoader
** result
, nsIStreamLoaderObserver
* observer
,
970 nsIRequestObserver
* requestObserver
/* = nullptr */) {
972 nsCOMPtr
<nsIStreamLoader
> loader
=
973 do_CreateInstance(NS_STREAMLOADER_CONTRACTID
, &rv
);
974 if (NS_SUCCEEDED(rv
)) {
975 rv
= loader
->Init(observer
, requestObserver
);
976 if (NS_SUCCEEDED(rv
)) {
978 loader
.swap(*result
);
984 nsresult
NS_NewStreamLoaderInternal(
985 nsIStreamLoader
** outStream
, nsIURI
* aUri
,
986 nsIStreamLoaderObserver
* aObserver
, nsINode
* aLoadingNode
,
987 nsIPrincipal
* aLoadingPrincipal
, nsSecurityFlags aSecurityFlags
,
988 nsContentPolicyType aContentPolicyType
,
989 nsILoadGroup
* aLoadGroup
/* = nullptr */,
990 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
991 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */) {
992 nsCOMPtr
<nsIChannel
> channel
;
993 nsresult rv
= NS_NewChannelInternal(
994 getter_AddRefs(channel
), aUri
, aLoadingNode
, aLoadingPrincipal
,
995 nullptr, // aTriggeringPrincipal
996 Maybe
<ClientInfo
>(), Maybe
<ServiceWorkerDescriptor
>(), aSecurityFlags
,
998 nullptr, // nsICookieJarSettings
999 nullptr, // PerformanceStorage
1000 aLoadGroup
, aCallbacks
, aLoadFlags
);
1002 NS_ENSURE_SUCCESS(rv
, rv
);
1003 rv
= NS_NewStreamLoader(outStream
, aObserver
);
1004 NS_ENSURE_SUCCESS(rv
, rv
);
1005 return channel
->AsyncOpen(*outStream
);
1008 nsresult
NS_NewStreamLoader(
1009 nsIStreamLoader
** outStream
, nsIURI
* aUri
,
1010 nsIStreamLoaderObserver
* aObserver
, nsINode
* aLoadingNode
,
1011 nsSecurityFlags aSecurityFlags
, nsContentPolicyType aContentPolicyType
,
1012 nsILoadGroup
* aLoadGroup
/* = nullptr */,
1013 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
1014 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */) {
1015 NS_ASSERTION(aLoadingNode
,
1016 "Can not create stream loader without a loading Node!");
1017 return NS_NewStreamLoaderInternal(
1018 outStream
, aUri
, aObserver
, aLoadingNode
, aLoadingNode
->NodePrincipal(),
1019 aSecurityFlags
, aContentPolicyType
, aLoadGroup
, aCallbacks
, aLoadFlags
);
1022 nsresult
NS_NewStreamLoader(
1023 nsIStreamLoader
** outStream
, nsIURI
* aUri
,
1024 nsIStreamLoaderObserver
* aObserver
, nsIPrincipal
* aLoadingPrincipal
,
1025 nsSecurityFlags aSecurityFlags
, nsContentPolicyType aContentPolicyType
,
1026 nsILoadGroup
* aLoadGroup
/* = nullptr */,
1027 nsIInterfaceRequestor
* aCallbacks
/* = nullptr */,
1028 nsLoadFlags aLoadFlags
/* = nsIRequest::LOAD_NORMAL */) {
1029 return NS_NewStreamLoaderInternal(outStream
, aUri
, aObserver
,
1030 nullptr, // aLoadingNode
1031 aLoadingPrincipal
, aSecurityFlags
,
1032 aContentPolicyType
, aLoadGroup
, aCallbacks
,
1036 nsresult
NS_NewSyncStreamListener(nsIStreamListener
** result
,
1037 nsIInputStream
** stream
) {
1038 nsCOMPtr
<nsISyncStreamListener
> listener
= new nsSyncStreamListener();
1039 nsresult rv
= listener
->GetInputStream(stream
);
1040 if (NS_SUCCEEDED(rv
)) {
1041 listener
.forget(result
);
1046 nsresult
NS_ImplementChannelOpen(nsIChannel
* channel
, nsIInputStream
** result
) {
1047 nsCOMPtr
<nsIStreamListener
> listener
;
1048 nsCOMPtr
<nsIInputStream
> stream
;
1049 nsresult rv
= NS_NewSyncStreamListener(getter_AddRefs(listener
),
1050 getter_AddRefs(stream
));
1051 NS_ENSURE_SUCCESS(rv
, rv
);
1053 rv
= channel
->AsyncOpen(listener
);
1054 NS_ENSURE_SUCCESS(rv
, rv
);
1057 // block until the initial response is received or an error occurs.
1058 rv
= stream
->Available(&n
);
1059 NS_ENSURE_SUCCESS(rv
, rv
);
1062 stream
.swap(*result
);
1067 nsresult
NS_NewRequestObserverProxy(nsIRequestObserver
** result
,
1068 nsIRequestObserver
* observer
,
1069 nsISupports
* context
) {
1070 nsCOMPtr
<nsIRequestObserverProxy
> proxy
= new nsRequestObserverProxy();
1071 nsresult rv
= proxy
->Init(observer
, context
);
1072 if (NS_SUCCEEDED(rv
)) {
1073 proxy
.forget(result
);
1078 nsresult
NS_NewSimpleStreamListener(
1079 nsIStreamListener
** result
, nsIOutputStream
* sink
,
1080 nsIRequestObserver
* observer
/* = nullptr */) {
1082 nsCOMPtr
<nsISimpleStreamListener
> listener
=
1083 do_CreateInstance(NS_SIMPLESTREAMLISTENER_CONTRACTID
, &rv
);
1084 if (NS_SUCCEEDED(rv
)) {
1085 rv
= listener
->Init(sink
, observer
);
1086 if (NS_SUCCEEDED(rv
)) {
1087 listener
.forget(result
);
1093 nsresult
NS_CheckPortSafety(int32_t port
, const char* scheme
,
1094 nsIIOService
* ioService
/* = nullptr */) {
1096 nsCOMPtr
<nsIIOService
> grip
;
1097 rv
= net_EnsureIOService(&ioService
, grip
);
1100 rv
= ioService
->AllowPort(port
, scheme
, &allow
);
1101 if (NS_SUCCEEDED(rv
) && !allow
) {
1102 NS_WARNING("port blocked");
1103 rv
= NS_ERROR_PORT_ACCESS_NOT_ALLOWED
;
1109 nsresult
NS_CheckPortSafety(nsIURI
* uri
) {
1111 nsresult rv
= uri
->GetPort(&port
);
1112 if (NS_FAILED(rv
) || port
== -1) { // port undefined or default-valued
1115 nsAutoCString scheme
;
1116 uri
->GetScheme(scheme
);
1117 return NS_CheckPortSafety(port
, scheme
.get());
1120 nsresult
NS_NewProxyInfo(const nsACString
& type
, const nsACString
& host
,
1121 int32_t port
, uint32_t flags
, nsIProxyInfo
** result
) {
1123 nsCOMPtr
<nsIProtocolProxyService
> pps
;
1124 pps
= mozilla::components::ProtocolProxy::Service(&rv
);
1125 if (NS_SUCCEEDED(rv
)) {
1126 rv
= pps
->NewProxyInfo(type
, host
, port
, ""_ns
, ""_ns
, flags
, UINT32_MAX
,
1132 nsresult
NS_GetFileProtocolHandler(nsIFileProtocolHandler
** result
,
1133 nsIIOService
* ioService
/* = nullptr */) {
1135 nsCOMPtr
<nsIIOService
> grip
;
1136 rv
= net_EnsureIOService(&ioService
, grip
);
1138 nsCOMPtr
<nsIProtocolHandler
> handler
;
1139 rv
= ioService
->GetProtocolHandler("file", getter_AddRefs(handler
));
1140 if (NS_SUCCEEDED(rv
)) rv
= CallQueryInterface(handler
, result
);
1145 nsresult
NS_GetFileFromURLSpec(const nsACString
& inURL
, nsIFile
** result
,
1146 nsIIOService
* ioService
/* = nullptr */) {
1148 nsCOMPtr
<nsIFileProtocolHandler
> fileHandler
;
1149 rv
= NS_GetFileProtocolHandler(getter_AddRefs(fileHandler
), ioService
);
1150 if (NS_SUCCEEDED(rv
)) rv
= fileHandler
->GetFileFromURLSpec(inURL
, result
);
1154 nsresult
NS_GetURLSpecFromFile(nsIFile
* file
, nsACString
& url
,
1155 nsIIOService
* ioService
/* = nullptr */) {
1157 nsCOMPtr
<nsIFileProtocolHandler
> fileHandler
;
1158 rv
= NS_GetFileProtocolHandler(getter_AddRefs(fileHandler
), ioService
);
1159 if (NS_SUCCEEDED(rv
)) rv
= fileHandler
->GetURLSpecFromFile(file
, url
);
1163 nsresult
NS_GetURLSpecFromActualFile(nsIFile
* file
, nsACString
& url
,
1164 nsIIOService
* ioService
/* = nullptr */) {
1166 nsCOMPtr
<nsIFileProtocolHandler
> fileHandler
;
1167 rv
= NS_GetFileProtocolHandler(getter_AddRefs(fileHandler
), ioService
);
1168 if (NS_SUCCEEDED(rv
)) rv
= fileHandler
->GetURLSpecFromActualFile(file
, url
);
1172 nsresult
NS_GetURLSpecFromDir(nsIFile
* file
, nsACString
& url
,
1173 nsIIOService
* ioService
/* = nullptr */) {
1175 nsCOMPtr
<nsIFileProtocolHandler
> fileHandler
;
1176 rv
= NS_GetFileProtocolHandler(getter_AddRefs(fileHandler
), ioService
);
1177 if (NS_SUCCEEDED(rv
)) rv
= fileHandler
->GetURLSpecFromDir(file
, url
);
1181 void NS_GetReferrerFromChannel(nsIChannel
* channel
, nsIURI
** referrer
) {
1182 *referrer
= nullptr;
1184 if (nsCOMPtr
<nsIPropertyBag2
> props
= do_QueryInterface(channel
)) {
1185 // We have to check for a property on a property bag because the
1186 // referrer may be empty for security reasons (for example, when loading
1187 // an http page with an https referrer).
1189 nsCOMPtr
<nsIURI
> uri(
1190 do_GetProperty(props
, u
"docshell.internalReferrer"_ns
, &rv
));
1191 if (NS_SUCCEEDED(rv
)) {
1192 uri
.forget(referrer
);
1197 // if that didn't work, we can still try to get the referrer from the
1198 // nsIHttpChannel (if we can QI to it)
1199 nsCOMPtr
<nsIHttpChannel
> chan(do_QueryInterface(channel
));
1204 nsCOMPtr
<nsIReferrerInfo
> referrerInfo
= chan
->GetReferrerInfo();
1205 if (!referrerInfo
) {
1209 referrerInfo
->GetOriginalReferrer(referrer
);
1212 already_AddRefed
<nsINetUtil
> do_GetNetUtil(nsresult
* error
/* = 0 */) {
1213 nsCOMPtr
<nsIIOService
> io
;
1214 nsCOMPtr
<nsINetUtil
> util
;
1216 io
= mozilla::components::IO::Service();
1217 if (io
) util
= do_QueryInterface(io
);
1219 if (error
) *error
= !!util
? NS_OK
: NS_ERROR_FAILURE
;
1220 return util
.forget();
1223 nsresult
NS_ParseRequestContentType(const nsACString
& rawContentType
,
1224 nsCString
& contentType
,
1225 nsCString
& contentCharset
) {
1226 // contentCharset is left untouched if not present in rawContentType
1228 nsCOMPtr
<nsINetUtil
> util
= do_GetNetUtil(&rv
);
1229 NS_ENSURE_SUCCESS(rv
, rv
);
1232 rv
= util
->ParseRequestContentType(rawContentType
, charset
, &hadCharset
,
1234 if (NS_SUCCEEDED(rv
) && hadCharset
) contentCharset
= charset
;
1238 nsresult
NS_ParseResponseContentType(const nsACString
& rawContentType
,
1239 nsCString
& contentType
,
1240 nsCString
& contentCharset
) {
1241 // contentCharset is left untouched if not present in rawContentType
1243 nsCOMPtr
<nsINetUtil
> util
= do_GetNetUtil(&rv
);
1244 NS_ENSURE_SUCCESS(rv
, rv
);
1247 rv
= util
->ParseResponseContentType(rawContentType
, charset
, &hadCharset
,
1249 if (NS_SUCCEEDED(rv
) && hadCharset
) contentCharset
= charset
;
1253 nsresult
NS_ExtractCharsetFromContentType(const nsACString
& rawContentType
,
1254 nsCString
& contentCharset
,
1256 int32_t* charsetStart
,
1257 int32_t* charsetEnd
) {
1258 // contentCharset is left untouched if not present in rawContentType
1260 nsCOMPtr
<nsINetUtil
> util
= do_GetNetUtil(&rv
);
1261 NS_ENSURE_SUCCESS(rv
, rv
);
1263 return util
->ExtractCharsetFromContentType(
1264 rawContentType
, contentCharset
, charsetStart
, charsetEnd
, hadCharset
);
1267 nsresult
NS_NewAtomicFileOutputStream(nsIOutputStream
** result
, nsIFile
* file
,
1268 int32_t ioFlags
/* = -1 */,
1269 int32_t perm
/* = -1 */,
1270 int32_t behaviorFlags
/* = 0 */) {
1272 nsCOMPtr
<nsIFileOutputStream
> out
=
1273 do_CreateInstance(NS_ATOMICLOCALFILEOUTPUTSTREAM_CONTRACTID
, &rv
);
1274 if (NS_SUCCEEDED(rv
)) {
1275 rv
= out
->Init(file
, ioFlags
, perm
, behaviorFlags
);
1276 if (NS_SUCCEEDED(rv
)) out
.forget(result
);
1281 nsresult
NS_NewSafeLocalFileOutputStream(nsIOutputStream
** result
,
1283 int32_t ioFlags
/* = -1 */,
1284 int32_t perm
/* = -1 */,
1285 int32_t behaviorFlags
/* = 0 */) {
1287 nsCOMPtr
<nsIFileOutputStream
> out
=
1288 do_CreateInstance(NS_SAFELOCALFILEOUTPUTSTREAM_CONTRACTID
, &rv
);
1289 if (NS_SUCCEEDED(rv
)) {
1290 rv
= out
->Init(file
, ioFlags
, perm
, behaviorFlags
);
1291 if (NS_SUCCEEDED(rv
)) out
.forget(result
);
1296 nsresult
NS_NewLocalFileRandomAccessStream(nsIRandomAccessStream
** result
,
1298 int32_t ioFlags
/* = -1 */,
1299 int32_t perm
/* = -1 */,
1300 int32_t behaviorFlags
/* = 0 */) {
1301 nsCOMPtr
<nsIFileRandomAccessStream
> stream
= new nsFileRandomAccessStream();
1302 nsresult rv
= stream
->Init(file
, ioFlags
, perm
, behaviorFlags
);
1303 if (NS_SUCCEEDED(rv
)) {
1304 stream
.forget(result
);
1309 mozilla::Result
<nsCOMPtr
<nsIRandomAccessStream
>, nsresult
>
1310 NS_NewLocalFileRandomAccessStream(nsIFile
* file
, int32_t ioFlags
/* = -1 */,
1311 int32_t perm
/* = -1 */,
1312 int32_t behaviorFlags
/* = 0 */) {
1313 nsCOMPtr
<nsIRandomAccessStream
> stream
;
1314 const nsresult rv
= NS_NewLocalFileRandomAccessStream(
1315 getter_AddRefs(stream
), file
, ioFlags
, perm
, behaviorFlags
);
1316 if (NS_SUCCEEDED(rv
)) {
1322 nsresult
NS_NewBufferedOutputStream(
1323 nsIOutputStream
** aResult
, already_AddRefed
<nsIOutputStream
> aOutputStream
,
1324 uint32_t aBufferSize
) {
1325 nsCOMPtr
<nsIOutputStream
> outputStream
= std::move(aOutputStream
);
1328 nsCOMPtr
<nsIBufferedOutputStream
> out
=
1329 do_CreateInstance(NS_BUFFEREDOUTPUTSTREAM_CONTRACTID
, &rv
);
1330 if (NS_SUCCEEDED(rv
)) {
1331 rv
= out
->Init(outputStream
, aBufferSize
);
1332 if (NS_SUCCEEDED(rv
)) {
1333 out
.forget(aResult
);
1339 [[nodiscard
]] nsresult
NS_NewBufferedInputStream(
1340 nsIInputStream
** aResult
, already_AddRefed
<nsIInputStream
> aInputStream
,
1341 uint32_t aBufferSize
) {
1342 nsCOMPtr
<nsIInputStream
> inputStream
= std::move(aInputStream
);
1344 nsCOMPtr
<nsIBufferedInputStream
> in
;
1345 nsresult rv
= nsBufferedInputStream::Create(
1346 NS_GET_IID(nsIBufferedInputStream
), getter_AddRefs(in
));
1347 if (NS_SUCCEEDED(rv
)) {
1348 rv
= in
->Init(inputStream
, aBufferSize
);
1349 if (NS_SUCCEEDED(rv
)) {
1350 *aResult
= static_cast<nsBufferedInputStream
*>(in
.get())
1358 Result
<nsCOMPtr
<nsIInputStream
>, nsresult
> NS_NewBufferedInputStream(
1359 already_AddRefed
<nsIInputStream
> aInputStream
, uint32_t aBufferSize
) {
1360 nsCOMPtr
<nsIInputStream
> stream
;
1361 const nsresult rv
= NS_NewBufferedInputStream(
1362 getter_AddRefs(stream
), std::move(aInputStream
), aBufferSize
);
1363 if (NS_SUCCEEDED(rv
)) {
1371 #define BUFFER_SIZE 8192
1373 class BufferWriter final
: public nsIInputStreamCallback
{
1375 NS_DECL_THREADSAFE_ISUPPORTS
1377 BufferWriter(nsIInputStream
* aInputStream
, void* aBuffer
, int64_t aCount
)
1378 : mMonitor("BufferWriter.mMonitor"),
1379 mInputStream(aInputStream
),
1383 mBufferType(aBuffer
? eExternal
: eInternal
),
1385 MOZ_ASSERT(aInputStream
);
1386 MOZ_ASSERT(aCount
== -1 || aCount
> 0);
1387 MOZ_ASSERT_IF(mBuffer
, aCount
> 0);
1391 NS_ASSERT_OWNINGTHREAD(BufferWriter
);
1393 // Let's make the inputStream buffered if it's not.
1394 if (!NS_InputStreamIsBuffered(mInputStream
)) {
1395 nsCOMPtr
<nsIInputStream
> bufferedStream
;
1396 nsresult rv
= NS_NewBufferedInputStream(
1397 getter_AddRefs(bufferedStream
), mInputStream
.forget(), BUFFER_SIZE
);
1398 NS_ENSURE_SUCCESS(rv
, rv
);
1400 mInputStream
= bufferedStream
;
1403 mAsyncInputStream
= do_QueryInterface(mInputStream
);
1405 if (!mAsyncInputStream
) {
1409 // Let's use mAsyncInputStream only.
1410 mInputStream
= nullptr;
1412 return WriteAsync();
1415 uint64_t WrittenData() const {
1416 NS_ASSERT_OWNINGTHREAD(BufferWriter
);
1417 return mWrittenData
;
1420 void* StealBuffer() {
1421 NS_ASSERT_OWNINGTHREAD(BufferWriter
);
1422 MOZ_ASSERT(mBufferType
== eInternal
);
1424 void* buffer
= mBuffer
;
1434 if (mBuffer
&& mBufferType
== eInternal
) {
1439 mTaskQueue
->BeginShutdown();
1443 nsresult
WriteSync() {
1444 NS_ASSERT_OWNINGTHREAD(BufferWriter
);
1446 uint64_t length
= (uint64_t)mCount
;
1449 nsresult rv
= mInputStream
->Available(&length
);
1450 NS_ENSURE_SUCCESS(rv
, rv
);
1458 if (mBufferType
== eInternal
) {
1459 mBuffer
= malloc(length
);
1460 if (NS_WARN_IF(!mBuffer
)) {
1461 return NS_ERROR_OUT_OF_MEMORY
;
1465 uint32_t writtenData
;
1466 nsresult rv
= mInputStream
->ReadSegments(NS_CopySegmentToBuffer
, mBuffer
,
1467 length
, &writtenData
);
1468 NS_ENSURE_SUCCESS(rv
, rv
);
1470 mWrittenData
= writtenData
;
1474 nsresult
WriteAsync() {
1475 NS_ASSERT_OWNINGTHREAD(BufferWriter
);
1477 if (mCount
> 0 && mBufferType
== eInternal
) {
1478 mBuffer
= malloc(mCount
);
1479 if (NS_WARN_IF(!mBuffer
)) {
1480 return NS_ERROR_OUT_OF_MEMORY
;
1485 if (mCount
== -1 && !MaybeExpandBufferSize()) {
1486 return NS_ERROR_OUT_OF_MEMORY
;
1489 uint64_t offset
= mWrittenData
;
1490 uint64_t length
= mCount
== -1 ? BUFFER_SIZE
: mCount
;
1492 // Let's try to read data directly.
1493 uint32_t writtenData
;
1494 nsresult rv
= mAsyncInputStream
->ReadSegments(
1495 NS_CopySegmentToBuffer
, static_cast<char*>(mBuffer
) + offset
, length
,
1498 // Operation completed. Nothing more to read.
1499 if (NS_SUCCEEDED(rv
) && writtenData
== 0) {
1503 // If we succeeded, let's try to read again.
1504 if (NS_SUCCEEDED(rv
)) {
1505 mWrittenData
+= writtenData
;
1507 MOZ_ASSERT(mCount
>= writtenData
);
1508 mCount
-= writtenData
;
1510 // Is this the end of the reading?
1520 if (rv
== NS_BASE_STREAM_WOULD_BLOCK
) {
1521 rv
= MaybeCreateTaskQueue();
1522 if (NS_WARN_IF(NS_FAILED(rv
))) {
1526 MonitorAutoLock
lock(mMonitor
);
1528 rv
= mAsyncInputStream
->AsyncWait(this, 0, length
, mTaskQueue
);
1529 if (NS_WARN_IF(NS_FAILED(rv
))) {
1537 // Otherwise, let's propagate the error.
1541 MOZ_ASSERT_UNREACHABLE("We should not be here");
1542 return NS_ERROR_FAILURE
;
1545 nsresult
MaybeCreateTaskQueue() {
1546 NS_ASSERT_OWNINGTHREAD(BufferWriter
);
1549 nsCOMPtr
<nsIEventTarget
> target
;
1550 target
= mozilla::components::StreamTransport::Service();
1552 return NS_ERROR_FAILURE
;
1555 mTaskQueue
= TaskQueue::Create(target
.forget(), "nsNetUtil:BufferWriter");
1562 OnInputStreamReady(nsIAsyncInputStream
* aStream
) override
{
1563 MOZ_ASSERT(!NS_IsMainThread());
1565 // We have something to read. Let's unlock the main-thread.
1566 MonitorAutoLock
lock(mMonitor
);
1571 bool MaybeExpandBufferSize() {
1572 NS_ASSERT_OWNINGTHREAD(BufferWriter
);
1574 MOZ_ASSERT(mCount
== -1);
1576 if (mBufferSize
>= mWrittenData
+ BUFFER_SIZE
) {
1577 // The buffer is big enough.
1581 CheckedUint32 bufferSize
=
1582 std::max
<uint32_t>(static_cast<uint32_t>(mWrittenData
), BUFFER_SIZE
);
1583 while (bufferSize
.isValid() &&
1584 bufferSize
.value() < mWrittenData
+ BUFFER_SIZE
) {
1588 if (!bufferSize
.isValid()) {
1592 void* buffer
= realloc(mBuffer
, bufferSize
.value());
1598 mBufferSize
= bufferSize
.value();
1602 // All the members of this class are touched on the owning thread only. The
1603 // monitor is only used to communicate when there is more data to read.
1604 Monitor mMonitor MOZ_UNANNOTATED
;
1606 nsCOMPtr
<nsIInputStream
> mInputStream
;
1607 nsCOMPtr
<nsIAsyncInputStream
> mAsyncInputStream
;
1609 RefPtr
<TaskQueue
> mTaskQueue
;
1613 uint64_t mWrittenData
;
1616 // The buffer is allocated internally and this object must release it
1617 // in the DTOR if not stolen. The buffer can be reallocated.
1620 // The buffer is not owned by this object and it cannot be reallocated.
1624 // The following set if needed for the async read.
1625 uint64_t mBufferSize
;
1628 NS_IMPL_ISUPPORTS(BufferWriter
, nsIInputStreamCallback
)
1630 } // anonymous namespace
1632 nsresult
NS_ReadInputStreamToBuffer(nsIInputStream
* aInputStream
, void** aDest
,
1633 int64_t aCount
, uint64_t* aWritten
) {
1634 MOZ_ASSERT(aInputStream
);
1635 MOZ_ASSERT(aCount
>= -1);
1637 uint64_t dummyWritten
;
1639 aWritten
= &dummyWritten
;
1647 // This will take care of allocating and reallocating aDest.
1648 RefPtr
<BufferWriter
> writer
= new BufferWriter(aInputStream
, *aDest
, aCount
);
1650 nsresult rv
= writer
->Write();
1651 NS_ENSURE_SUCCESS(rv
, rv
);
1653 *aWritten
= writer
->WrittenData();
1656 *aDest
= writer
->StealBuffer();
1662 nsresult
NS_ReadInputStreamToString(nsIInputStream
* aInputStream
,
1663 nsACString
& aDest
, int64_t aCount
,
1664 uint64_t* aWritten
) {
1665 uint64_t dummyWritten
;
1667 aWritten
= &dummyWritten
;
1670 // Nothing to do if aCount is 0.
1677 // If we have the size, we can pre-allocate the buffer.
1679 if (NS_WARN_IF(aCount
>= INT32_MAX
) ||
1680 NS_WARN_IF(!aDest
.SetLength(aCount
, mozilla::fallible
))) {
1681 return NS_ERROR_OUT_OF_MEMORY
;
1684 void* dest
= aDest
.BeginWriting();
1686 NS_ReadInputStreamToBuffer(aInputStream
, &dest
, aCount
, aWritten
);
1687 NS_ENSURE_SUCCESS(rv
, rv
);
1689 if ((uint64_t)aCount
> *aWritten
) {
1690 aDest
.Truncate(*aWritten
);
1696 // If the size is unknown, BufferWriter will allocate the buffer.
1697 void* dest
= nullptr;
1699 NS_ReadInputStreamToBuffer(aInputStream
, &dest
, aCount
, aWritten
);
1700 MOZ_ASSERT_IF(NS_FAILED(rv
), dest
== nullptr);
1701 NS_ENSURE_SUCCESS(rv
, rv
);
1704 MOZ_ASSERT(*aWritten
== 0);
1709 aDest
.Adopt(reinterpret_cast<char*>(dest
), *aWritten
);
1713 nsresult
NS_NewURI(nsIURI
** result
, const nsACString
& spec
,
1714 NotNull
<const Encoding
*> encoding
,
1715 nsIURI
* baseURI
/* = nullptr */) {
1716 nsAutoCString charset
;
1717 encoding
->Name(charset
);
1718 return NS_NewURI(result
, spec
, charset
.get(), baseURI
);
1721 nsresult
NS_NewURI(nsIURI
** result
, const nsAString
& aSpec
,
1722 const char* charset
/* = nullptr */,
1723 nsIURI
* baseURI
/* = nullptr */) {
1725 if (!AppendUTF16toUTF8(aSpec
, spec
, mozilla::fallible
)) {
1726 return NS_ERROR_OUT_OF_MEMORY
;
1728 return NS_NewURI(result
, spec
, charset
, baseURI
);
1731 nsresult
NS_NewURI(nsIURI
** result
, const nsAString
& aSpec
,
1732 NotNull
<const Encoding
*> encoding
,
1733 nsIURI
* baseURI
/* = nullptr */) {
1735 if (!AppendUTF16toUTF8(aSpec
, spec
, mozilla::fallible
)) {
1736 return NS_ERROR_OUT_OF_MEMORY
;
1738 return NS_NewURI(result
, spec
, encoding
, baseURI
);
1741 nsresult
NS_NewURI(nsIURI
** result
, const char* spec
,
1742 nsIURI
* baseURI
/* = nullptr */) {
1743 return NS_NewURI(result
, nsDependentCString(spec
), nullptr, baseURI
);
1746 static nsresult
NewStandardURI(const nsACString
& aSpec
, const char* aCharset
,
1747 nsIURI
* aBaseURI
, int32_t aDefaultPort
,
1749 return NS_MutateURI(new nsStandardURL::Mutator())
1750 .Apply(&nsIStandardURLMutator::Init
, nsIStandardURL::URLTYPE_AUTHORITY
,
1751 aDefaultPort
, aSpec
, aCharset
, aBaseURI
, nullptr)
1755 nsresult
NS_GetSpecWithNSURLEncoding(nsACString
& aResult
,
1756 const nsACString
& aSpec
) {
1757 nsCOMPtr
<nsIURI
> uri
;
1758 nsresult rv
= NS_NewURIWithNSURLEncoding(getter_AddRefs(uri
), aSpec
);
1759 NS_ENSURE_SUCCESS(rv
, rv
);
1760 return uri
->GetAsciiSpec(aResult
);
1763 nsresult
NS_NewURIWithNSURLEncoding(nsIURI
** aResult
, const nsACString
& aSpec
) {
1764 nsCOMPtr
<nsIURI
> uri
;
1765 nsresult rv
= NS_NewURI(getter_AddRefs(uri
), aSpec
);
1766 NS_ENSURE_SUCCESS(rv
, rv
);
1768 // Escape the ref portion of the URL. NSURL is more strict about which
1769 // characters in the URL must be % encoded. For example, an unescaped '#'
1770 // to indicate the beginning of the ref component is accepted by NSURL, but
1771 // '#' characters in the ref must be escaped. Also adds encoding for other
1772 // characters not accepted by NSURL in the ref such as '{', '|', '}', and '^'.
1773 // The ref returned from GetRef() does not include the leading '#'.
1774 nsAutoCString ref
, escapedRef
;
1775 if (NS_SUCCEEDED(uri
->GetRef(ref
)) && !ref
.IsEmpty()) {
1776 if (!NS_Escape(ref
, escapedRef
, url_NSURLRef
)) {
1777 return NS_ERROR_INVALID_ARG
;
1779 rv
= NS_MutateURI(uri
).SetRef(escapedRef
).Finalize(uri
);
1780 NS_ENSURE_SUCCESS(rv
, rv
);
1783 uri
.forget(aResult
);
1787 extern MOZ_THREAD_LOCAL(uint32_t) gTlsURLRecursionCount
;
1789 template <typename T
>
1790 class TlsAutoIncrement
{
1792 explicit TlsAutoIncrement(T
& var
) : mVar(var
) {
1793 mValue
= mVar
.get();
1794 mVar
.set(mValue
+ 1);
1796 ~TlsAutoIncrement() {
1797 typename
T::Type value
= mVar
.get();
1798 MOZ_ASSERT(value
== mValue
+ 1);
1799 mVar
.set(value
- 1);
1802 typename
T::Type
value() { return mValue
; }
1805 typename
T::Type mValue
;
1809 static nsTHashSet
<nsCString
> sSimpleURISchemes
;
1810 static StaticRWLock sSchemeLock
;
1812 namespace mozilla::net
{
1814 void ParseSimpleURISchemes(const nsACString
& schemeList
) {
1815 StaticAutoWriteLock
lock(sSchemeLock
);
1817 sSimpleURISchemes
.Clear();
1818 for (const auto& scheme
: schemeList
.Split(',')) {
1819 nsAutoCString
s(scheme
);
1820 s
.CompressWhitespace();
1822 sSimpleURISchemes
.Insert(s
);
1827 } // namespace mozilla::net
1829 nsresult
NS_NewURI(nsIURI
** aURI
, const nsACString
& aSpec
,
1830 const char* aCharset
/* = nullptr */,
1831 nsIURI
* aBaseURI
/* = nullptr */) {
1832 TlsAutoIncrement
<decltype(gTlsURLRecursionCount
)> inc(gTlsURLRecursionCount
);
1833 if (inc
.value() >= MAX_RECURSION_COUNT
) {
1834 return NS_ERROR_MALFORMED_URI
;
1837 nsCOMPtr
<nsIIOService
> ioService
= do_GetIOService();
1839 // Individual protocol handlers unfortunately rely on the ioservice, let's
1840 // return an error here instead of causing unpredictable crashes later.
1841 return NS_ERROR_NOT_AVAILABLE
;
1844 if (StaticPrefs::network_url_max_length() &&
1845 aSpec
.Length() > StaticPrefs::network_url_max_length()) {
1846 return NS_ERROR_MALFORMED_URI
;
1849 nsAutoCString scheme
;
1850 nsresult rv
= net_ExtractURLScheme(aSpec
, scheme
);
1851 if (NS_FAILED(rv
)) {
1852 // then aSpec is relative
1854 return NS_ERROR_MALFORMED_URI
;
1857 if (!aSpec
.IsEmpty() && aSpec
[0] == '#') {
1858 // Looks like a reference instead of a fully-specified URI.
1859 // --> initialize |uri| as a clone of |aBaseURI|, with ref appended.
1860 return NS_GetURIWithNewRef(aBaseURI
, aSpec
, aURI
);
1863 rv
= aBaseURI
->GetScheme(scheme
);
1864 if (NS_FAILED(rv
)) return rv
;
1867 if (scheme
.EqualsLiteral("http") || scheme
.EqualsLiteral("ws")) {
1868 return NewStandardURI(aSpec
, aCharset
, aBaseURI
, NS_HTTP_DEFAULT_PORT
,
1871 if (scheme
.EqualsLiteral("https") || scheme
.EqualsLiteral("wss")) {
1872 return NewStandardURI(aSpec
, aCharset
, aBaseURI
, NS_HTTPS_DEFAULT_PORT
,
1875 if (scheme
.EqualsLiteral("ftp")) {
1876 return NewStandardURI(aSpec
, aCharset
, aBaseURI
, 21, aURI
);
1879 if (scheme
.EqualsLiteral("file")) {
1880 return NS_MutateURI(new nsStandardURL::Mutator())
1881 .Apply(&nsIFileURLMutator::MarkFileURL
)
1882 .Apply(&nsIStandardURLMutator::Init
,
1883 nsIStandardURL::URLTYPE_NO_AUTHORITY
, -1, aSpec
, aCharset
,
1888 if (scheme
.EqualsLiteral("data")) {
1889 return nsDataHandler::CreateNewURI(aSpec
, aCharset
, aBaseURI
, aURI
);
1892 if (scheme
.EqualsLiteral("moz-safe-about") ||
1893 scheme
.EqualsLiteral("page-icon") || scheme
.EqualsLiteral("moz") ||
1894 scheme
.EqualsLiteral("cached-favicon")) {
1895 return NS_MutateURI(new nsSimpleURI::Mutator())
1900 if (scheme
.EqualsLiteral("chrome")) {
1901 return nsChromeProtocolHandler::CreateNewURI(aSpec
, aCharset
, aBaseURI
,
1905 if (scheme
.EqualsLiteral("javascript")) {
1906 return nsJSProtocolHandler::CreateNewURI(aSpec
, aCharset
, aBaseURI
, aURI
);
1909 if (scheme
.EqualsLiteral("blob")) {
1910 return BlobURLProtocolHandler::CreateNewURI(aSpec
, aCharset
, aBaseURI
,
1914 if (scheme
.EqualsLiteral("view-source")) {
1915 return nsViewSourceHandler::CreateNewURI(aSpec
, aCharset
, aBaseURI
, aURI
);
1918 if (scheme
.EqualsLiteral("resource")) {
1919 RefPtr
<nsResProtocolHandler
> handler
= nsResProtocolHandler::GetSingleton();
1921 return NS_ERROR_NOT_AVAILABLE
;
1923 return handler
->NewURI(aSpec
, aCharset
, aBaseURI
, aURI
);
1926 if (scheme
.EqualsLiteral("indexeddb") || scheme
.EqualsLiteral("uuid")) {
1927 return NS_MutateURI(new nsStandardURL::Mutator())
1928 .Apply(&nsIStandardURLMutator::Init
, nsIStandardURL::URLTYPE_AUTHORITY
,
1929 0, aSpec
, aCharset
, aBaseURI
, nullptr)
1933 if (scheme
.EqualsLiteral("moz-extension")) {
1934 RefPtr
<mozilla::net::ExtensionProtocolHandler
> handler
=
1935 mozilla::net::ExtensionProtocolHandler::GetSingleton();
1937 return NS_ERROR_NOT_AVAILABLE
;
1939 return handler
->NewURI(aSpec
, aCharset
, aBaseURI
, aURI
);
1942 if (scheme
.EqualsLiteral("moz-page-thumb")) {
1943 // The moz-page-thumb service runs JS to resolve a URI to a
1944 // storage location, so this should only ever run on the main
1946 if (!NS_IsMainThread()) {
1947 return NS_ERROR_NOT_AVAILABLE
;
1950 RefPtr
<mozilla::net::PageThumbProtocolHandler
> handler
=
1951 mozilla::net::PageThumbProtocolHandler::GetSingleton();
1953 return NS_ERROR_NOT_AVAILABLE
;
1955 return handler
->NewURI(aSpec
, aCharset
, aBaseURI
, aURI
);
1958 if (scheme
.EqualsLiteral("about")) {
1959 return nsAboutProtocolHandler::CreateNewURI(aSpec
, aCharset
, aBaseURI
,
1963 if (scheme
.EqualsLiteral("jar")) {
1964 return NS_MutateURI(new nsJARURI::Mutator())
1965 .Apply(&nsIJARURIMutator::SetSpecBaseCharset
, aSpec
, aBaseURI
, aCharset
)
1970 if (scheme
.EqualsLiteral("moz-icon")) {
1971 return NS_MutateURI(new nsMozIconURI::Mutator())
1977 #ifdef MOZ_WIDGET_GTK
1978 if (scheme
.EqualsLiteral("smb") || scheme
.EqualsLiteral("sftp")) {
1979 return NS_MutateURI(new nsStandardURL::Mutator())
1980 .Apply(&nsIStandardURLMutator::Init
, nsIStandardURL::URLTYPE_STANDARD
,
1981 -1, aSpec
, aCharset
, aBaseURI
, nullptr)
1986 if (scheme
.EqualsLiteral("android")) {
1987 return NS_MutateURI(NS_STANDARDURLMUTATOR_CONTRACTID
)
1988 .Apply(&nsIStandardURLMutator::Init
, nsIStandardURL::URLTYPE_STANDARD
,
1989 -1, aSpec
, aCharset
, aBaseURI
, nullptr)
1993 // web-extensions can add custom protocol implementations with standard URLs
1994 // that have notion of hostname, authority and relative URLs. Below we
1995 // manually check agains set of known protocols schemes until more general
1996 // solution is in place (See Bug 1569733)
1997 if (!StaticPrefs::network_url_useDefaultURI()) {
1998 if (scheme
.EqualsLiteral("ssh")) {
1999 return NewStandardURI(aSpec
, aCharset
, aBaseURI
, 22, aURI
);
2002 if (scheme
.EqualsLiteral("dweb") || scheme
.EqualsLiteral("dat") ||
2003 scheme
.EqualsLiteral("ipfs") || scheme
.EqualsLiteral("ipns") ||
2004 scheme
.EqualsLiteral("ssb") || scheme
.EqualsLiteral("wtp")) {
2005 return NewStandardURI(aSpec
, aCharset
, aBaseURI
, -1, aURI
);
2009 #if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE)
2010 rv
= NS_NewMailnewsURI(aURI
, aSpec
, aCharset
, aBaseURI
);
2011 if (rv
!= NS_ERROR_UNKNOWN_PROTOCOL
) {
2016 auto mustUseSimpleURI
= [](const nsCString
& scheme
) -> bool {
2017 if (!StaticPrefs::network_url_some_schemes_bypass_defaultURI_fallback()) {
2020 StaticAutoReadLock
lock(sSchemeLock
);
2021 return sSimpleURISchemes
.Contains(scheme
);
2025 nsAutoCString newSpec
;
2026 rv
= aBaseURI
->Resolve(aSpec
, newSpec
);
2027 NS_ENSURE_SUCCESS(rv
, rv
);
2029 nsAutoCString newScheme
;
2030 rv
= net_ExtractURLScheme(newSpec
, newScheme
);
2031 if (NS_SUCCEEDED(rv
)) {
2032 // The scheme shouldn't really change at this point.
2033 MOZ_DIAGNOSTIC_ASSERT(newScheme
== scheme
);
2036 if (StaticPrefs::network_url_useDefaultURI()) {
2037 if (mustUseSimpleURI(scheme
)) {
2038 return NS_MutateURI(new nsSimpleURI::Mutator())
2043 return NS_MutateURI(new DefaultURI::Mutator())
2048 return NS_MutateURI(new nsSimpleURI::Mutator())
2053 if (StaticPrefs::network_url_useDefaultURI()) {
2054 if (mustUseSimpleURI(scheme
)) {
2055 return NS_MutateURI(new nsSimpleURI::Mutator())
2059 return NS_MutateURI(new DefaultURI::Mutator())
2064 // Falls back to external protocol handler.
2065 return NS_MutateURI(new nsSimpleURI::Mutator()).SetSpec(aSpec
).Finalize(aURI
);
2068 nsresult
NS_GetSanitizedURIStringFromURI(nsIURI
* aUri
,
2069 nsACString
& aSanitizedSpec
) {
2070 aSanitizedSpec
.Truncate();
2072 nsCOMPtr
<nsISensitiveInfoHiddenURI
> safeUri
= do_QueryInterface(aUri
);
2073 nsAutoCString cSpec
;
2076 rv
= safeUri
->GetSensitiveInfoHiddenSpec(cSpec
);
2078 rv
= aUri
->GetSpec(cSpec
);
2081 if (NS_SUCCEEDED(rv
)) {
2082 aSanitizedSpec
.Assign(cSpec
);
2087 nsresult
NS_LoadPersistentPropertiesFromURISpec(
2088 nsIPersistentProperties
** outResult
, const nsACString
& aSpec
) {
2089 nsCOMPtr
<nsIURI
> uri
;
2090 nsresult rv
= NS_NewURI(getter_AddRefs(uri
), aSpec
);
2091 NS_ENSURE_SUCCESS(rv
, rv
);
2093 nsCOMPtr
<nsIChannel
> channel
;
2094 rv
= NS_NewChannel(getter_AddRefs(channel
), uri
,
2095 nsContentUtils::GetSystemPrincipal(),
2096 nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL
,
2097 nsIContentPolicy::TYPE_OTHER
);
2098 NS_ENSURE_SUCCESS(rv
, rv
);
2099 nsCOMPtr
<nsIInputStream
> in
;
2100 rv
= channel
->Open(getter_AddRefs(in
));
2101 NS_ENSURE_SUCCESS(rv
, rv
);
2103 nsCOMPtr
<nsIPersistentProperties
> properties
= new nsPersistentProperties();
2104 rv
= properties
->Load(in
);
2105 NS_ENSURE_SUCCESS(rv
, rv
);
2107 properties
.swap(*outResult
);
2111 bool NS_UsePrivateBrowsing(nsIChannel
* channel
) {
2112 OriginAttributes attrs
;
2113 bool result
= StoragePrincipalHelper::GetOriginAttributes(
2114 channel
, attrs
, StoragePrincipalHelper::eRegularPrincipal
);
2115 NS_ENSURE_TRUE(result
, result
);
2116 return attrs
.IsPrivateBrowsing();
2119 bool NS_HasBeenCrossOrigin(nsIChannel
* aChannel
, bool aReport
) {
2120 nsCOMPtr
<nsILoadInfo
> loadInfo
= aChannel
->LoadInfo();
2121 // TYPE_DOCUMENT loads have a null LoadingPrincipal and can not be cross
2123 if (!loadInfo
->GetLoadingPrincipal()) {
2127 // Always treat tainted channels as cross-origin.
2128 if (loadInfo
->GetTainting() != LoadTainting::Basic
) {
2132 nsCOMPtr
<nsIPrincipal
> loadingPrincipal
= loadInfo
->GetLoadingPrincipal();
2133 uint32_t mode
= loadInfo
->GetSecurityMode();
2135 mode
== nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_INHERITS_SEC_CONTEXT
||
2136 mode
== nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_INHERITS_SEC_CONTEXT
||
2137 mode
== nsILoadInfo::SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT
;
2139 bool aboutBlankInherits
= dataInherits
&& loadInfo
->GetAboutBlankInherits();
2141 uint64_t innerWindowID
= loadInfo
->GetInnerWindowID();
2143 for (nsIRedirectHistoryEntry
* redirectHistoryEntry
:
2144 loadInfo
->RedirectChain()) {
2145 nsCOMPtr
<nsIPrincipal
> principal
;
2146 redirectHistoryEntry
->GetPrincipal(getter_AddRefs(principal
));
2151 nsCOMPtr
<nsIURI
> uri
;
2152 auto* basePrin
= BasePrincipal::Cast(principal
);
2153 basePrin
->GetURI(getter_AddRefs(uri
));
2158 if (aboutBlankInherits
&& NS_IsAboutBlank(uri
)) {
2164 res
= loadingPrincipal
->CheckMayLoadWithReporting(uri
, dataInherits
,
2167 res
= loadingPrincipal
->CheckMayLoad(uri
, dataInherits
);
2169 if (NS_FAILED(res
)) {
2174 nsCOMPtr
<nsIURI
> uri
;
2175 NS_GetFinalChannelURI(aChannel
, getter_AddRefs(uri
));
2180 if (aboutBlankInherits
&& NS_IsAboutBlank(uri
)) {
2186 res
= loadingPrincipal
->CheckMayLoadWithReporting(uri
, dataInherits
,
2189 res
= loadingPrincipal
->CheckMayLoad(uri
, dataInherits
);
2192 return NS_FAILED(res
);
2195 bool NS_IsSafeMethodNav(nsIChannel
* aChannel
) {
2196 RefPtr
<HttpBaseChannel
> baseChan
= do_QueryObject(aChannel
);
2200 nsHttpRequestHead
* requestHead
= baseChan
->GetRequestHead();
2204 return requestHead
->IsSafeMethod();
2207 void NS_WrapAuthPrompt(nsIAuthPrompt
* aAuthPrompt
,
2208 nsIAuthPrompt2
** aAuthPrompt2
) {
2209 nsCOMPtr
<nsIAuthPromptAdapterFactory
> factory
;
2210 factory
= mozilla::components::AuthPromptAdapter::Service();
2211 if (!factory
) return;
2213 NS_WARNING("Using deprecated nsIAuthPrompt");
2214 factory
->CreateAdapter(aAuthPrompt
, aAuthPrompt2
);
2217 void NS_QueryAuthPrompt2(nsIInterfaceRequestor
* aCallbacks
,
2218 nsIAuthPrompt2
** aAuthPrompt
) {
2219 CallGetInterface(aCallbacks
, aAuthPrompt
);
2220 if (*aAuthPrompt
) return;
2222 // Maybe only nsIAuthPrompt is provided and we have to wrap it.
2223 nsCOMPtr
<nsIAuthPrompt
> prompt(do_GetInterface(aCallbacks
));
2224 if (!prompt
) return;
2226 NS_WrapAuthPrompt(prompt
, aAuthPrompt
);
2229 void NS_QueryAuthPrompt2(nsIChannel
* aChannel
, nsIAuthPrompt2
** aAuthPrompt
) {
2230 *aAuthPrompt
= nullptr;
2232 // We want to use any auth prompt we can find on the channel's callbacks,
2233 // and if that fails use the loadgroup's prompt (if any)
2234 // Therefore, we can't just use NS_QueryNotificationCallbacks, because
2235 // that would prefer a loadgroup's nsIAuthPrompt2 over a channel's
2237 nsCOMPtr
<nsIInterfaceRequestor
> callbacks
;
2238 aChannel
->GetNotificationCallbacks(getter_AddRefs(callbacks
));
2240 NS_QueryAuthPrompt2(callbacks
, aAuthPrompt
);
2241 if (*aAuthPrompt
) return;
2244 nsCOMPtr
<nsILoadGroup
> group
;
2245 aChannel
->GetLoadGroup(getter_AddRefs(group
));
2248 group
->GetNotificationCallbacks(getter_AddRefs(callbacks
));
2249 if (!callbacks
) return;
2250 NS_QueryAuthPrompt2(callbacks
, aAuthPrompt
);
2253 nsresult
NS_NewNotificationCallbacksAggregation(
2254 nsIInterfaceRequestor
* callbacks
, nsILoadGroup
* loadGroup
,
2255 nsIEventTarget
* target
, nsIInterfaceRequestor
** result
) {
2256 nsCOMPtr
<nsIInterfaceRequestor
> cbs
;
2257 if (loadGroup
) loadGroup
->GetNotificationCallbacks(getter_AddRefs(cbs
));
2258 return NS_NewInterfaceRequestorAggregation(callbacks
, cbs
, target
, result
);
2261 nsresult
NS_NewNotificationCallbacksAggregation(
2262 nsIInterfaceRequestor
* callbacks
, nsILoadGroup
* loadGroup
,
2263 nsIInterfaceRequestor
** result
) {
2264 return NS_NewNotificationCallbacksAggregation(callbacks
, loadGroup
, nullptr,
2268 nsresult
NS_DoImplGetInnermostURI(nsINestedURI
* nestedURI
, nsIURI
** result
) {
2269 MOZ_ASSERT(nestedURI
, "Must have a nested URI!");
2270 MOZ_ASSERT(!*result
, "Must have null *result");
2272 nsCOMPtr
<nsIURI
> inner
;
2273 nsresult rv
= nestedURI
->GetInnerURI(getter_AddRefs(inner
));
2274 NS_ENSURE_SUCCESS(rv
, rv
);
2276 // We may need to loop here until we reach the innermost
2278 nsCOMPtr
<nsINestedURI
> nestedInner(do_QueryInterface(inner
));
2279 while (nestedInner
) {
2280 rv
= nestedInner
->GetInnerURI(getter_AddRefs(inner
));
2281 NS_ENSURE_SUCCESS(rv
, rv
);
2282 nestedInner
= do_QueryInterface(inner
);
2285 // Found the innermost one if we reach here.
2286 inner
.swap(*result
);
2291 nsresult
NS_ImplGetInnermostURI(nsINestedURI
* nestedURI
, nsIURI
** result
) {
2292 // Make it safe to use swap()
2295 return NS_DoImplGetInnermostURI(nestedURI
, result
);
2298 already_AddRefed
<nsIURI
> NS_GetInnermostURI(nsIURI
* aURI
) {
2299 MOZ_ASSERT(aURI
, "Must have URI");
2301 nsCOMPtr
<nsIURI
> uri
= aURI
;
2303 nsCOMPtr
<nsINestedURI
> nestedURI(do_QueryInterface(uri
));
2305 return uri
.forget();
2308 nsresult rv
= nestedURI
->GetInnermostURI(getter_AddRefs(uri
));
2309 if (NS_FAILED(rv
)) {
2313 return uri
.forget();
2316 nsresult
NS_GetFinalChannelURI(nsIChannel
* channel
, nsIURI
** uri
) {
2319 nsCOMPtr
<nsILoadInfo
> loadInfo
= channel
->LoadInfo();
2320 nsCOMPtr
<nsIURI
> resultPrincipalURI
;
2321 loadInfo
->GetResultPrincipalURI(getter_AddRefs(resultPrincipalURI
));
2322 if (resultPrincipalURI
) {
2323 resultPrincipalURI
.forget(uri
);
2326 return channel
->GetOriginalURI(uri
);
2329 nsresult
NS_URIChainHasFlags(nsIURI
* uri
, uint32_t flags
, bool* result
) {
2331 nsCOMPtr
<nsINetUtil
> util
= do_GetNetUtil(&rv
);
2332 NS_ENSURE_SUCCESS(rv
, rv
);
2334 return util
->URIChainHasFlags(uri
, flags
, result
);
2337 uint32_t NS_SecurityHashURI(nsIURI
* aURI
) {
2338 nsCOMPtr
<nsIURI
> baseURI
= NS_GetInnermostURI(aURI
);
2340 nsAutoCString scheme
;
2341 uint32_t schemeHash
= 0;
2342 if (NS_SUCCEEDED(baseURI
->GetScheme(scheme
))) {
2343 schemeHash
= mozilla::HashString(scheme
);
2346 // TODO figure out how to hash file:// URIs
2347 if (scheme
.EqualsLiteral("file")) return schemeHash
; // sad face
2349 #if IS_ORIGIN_IS_FULL_SPEC_DEFINED
2351 if (NS_FAILED(NS_URIChainHasFlags(
2352 baseURI
, nsIProtocolHandler::ORIGIN_IS_FULL_SPEC
, &hasFlag
)) ||
2356 nsresult res
= baseURI
->GetSpec(spec
);
2357 if (NS_SUCCEEDED(res
))
2358 specHash
= mozilla::HashString(spec
);
2360 specHash
= static_cast<uint32_t>(res
);
2366 uint32_t hostHash
= 0;
2367 if (NS_SUCCEEDED(baseURI
->GetAsciiHost(host
))) {
2368 hostHash
= mozilla::HashString(host
);
2371 return mozilla::AddToHash(schemeHash
, hostHash
, NS_GetRealPort(baseURI
));
2374 bool NS_SecurityCompareURIs(nsIURI
* aSourceURI
, nsIURI
* aTargetURI
,
2375 bool aStrictFileOriginPolicy
) {
2378 // Note that this is not an Equals() test on purpose -- for URIs that don't
2379 // support host/port, we want equality to basically be object identity, for
2380 // security purposes. Otherwise, for example, two javascript: URIs that
2381 // are otherwise unrelated could end up "same origin", which would be
2383 if (aSourceURI
&& aSourceURI
== aTargetURI
) {
2387 if (!aTargetURI
|| !aSourceURI
) {
2391 // If either URI is a nested URI, get the base URI
2392 nsCOMPtr
<nsIURI
> sourceBaseURI
= NS_GetInnermostURI(aSourceURI
);
2393 nsCOMPtr
<nsIURI
> targetBaseURI
= NS_GetInnermostURI(aTargetURI
);
2395 #if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE)
2396 // Check if either URI has a special origin.
2397 nsCOMPtr
<nsIURI
> origin
;
2398 nsCOMPtr
<nsIURIWithSpecialOrigin
> uriWithSpecialOrigin
=
2399 do_QueryInterface(sourceBaseURI
);
2400 if (uriWithSpecialOrigin
) {
2401 rv
= uriWithSpecialOrigin
->GetOrigin(getter_AddRefs(origin
));
2402 if (NS_WARN_IF(NS_FAILED(rv
))) {
2406 sourceBaseURI
= origin
;
2408 uriWithSpecialOrigin
= do_QueryInterface(targetBaseURI
);
2409 if (uriWithSpecialOrigin
) {
2410 rv
= uriWithSpecialOrigin
->GetOrigin(getter_AddRefs(origin
));
2411 if (NS_WARN_IF(NS_FAILED(rv
))) {
2415 targetBaseURI
= origin
;
2419 nsCOMPtr
<nsIPrincipal
> sourceBlobPrincipal
;
2420 if (BlobURLProtocolHandler::GetBlobURLPrincipal(
2421 sourceBaseURI
, getter_AddRefs(sourceBlobPrincipal
))) {
2422 nsCOMPtr
<nsIURI
> sourceBlobOwnerURI
;
2423 auto* basePrin
= BasePrincipal::Cast(sourceBlobPrincipal
);
2424 rv
= basePrin
->GetURI(getter_AddRefs(sourceBlobOwnerURI
));
2425 if (NS_SUCCEEDED(rv
)) {
2426 sourceBaseURI
= sourceBlobOwnerURI
;
2430 nsCOMPtr
<nsIPrincipal
> targetBlobPrincipal
;
2431 if (BlobURLProtocolHandler::GetBlobURLPrincipal(
2432 targetBaseURI
, getter_AddRefs(targetBlobPrincipal
))) {
2433 nsCOMPtr
<nsIURI
> targetBlobOwnerURI
;
2434 auto* basePrin
= BasePrincipal::Cast(targetBlobPrincipal
);
2435 rv
= basePrin
->GetURI(getter_AddRefs(targetBlobOwnerURI
));
2436 if (NS_SUCCEEDED(rv
)) {
2437 targetBaseURI
= targetBlobOwnerURI
;
2441 if (!sourceBaseURI
|| !targetBaseURI
) return false;
2444 nsAutoCString targetScheme
;
2445 bool sameScheme
= false;
2446 if (NS_FAILED(targetBaseURI
->GetScheme(targetScheme
)) ||
2447 NS_FAILED(sourceBaseURI
->SchemeIs(targetScheme
.get(), &sameScheme
)) ||
2449 // Not same-origin if schemes differ
2453 // For file scheme, reject unless the files are identical. See
2454 // NS_RelaxStrictFileOriginPolicy for enforcing file same-origin checking
2455 if (targetScheme
.EqualsLiteral("file")) {
2456 // in traditional unsafe behavior all files are the same origin
2457 if (!aStrictFileOriginPolicy
) return true;
2459 nsCOMPtr
<nsIFileURL
> sourceFileURL(do_QueryInterface(sourceBaseURI
));
2460 nsCOMPtr
<nsIFileURL
> targetFileURL(do_QueryInterface(targetBaseURI
));
2462 if (!sourceFileURL
|| !targetFileURL
) return false;
2464 nsCOMPtr
<nsIFile
> sourceFile
, targetFile
;
2466 sourceFileURL
->GetFile(getter_AddRefs(sourceFile
));
2467 targetFileURL
->GetFile(getter_AddRefs(targetFile
));
2469 if (!sourceFile
|| !targetFile
) return false;
2471 // Otherwise they had better match
2472 bool filesAreEqual
= false;
2473 rv
= sourceFile
->Equals(targetFile
, &filesAreEqual
);
2474 return NS_SUCCEEDED(rv
) && filesAreEqual
;
2477 #if IS_ORIGIN_IS_FULL_SPEC_DEFINED
2479 if (NS_FAILED(NS_URIChainHasFlags(
2480 targetBaseURI
, nsIProtocolHandler::ORIGIN_IS_FULL_SPEC
, &hasFlag
)) ||
2482 // URIs with this flag have the whole spec as a distinct trust
2483 // domain; use the whole spec for comparison
2484 nsAutoCString targetSpec
;
2485 nsAutoCString sourceSpec
;
2486 return (NS_SUCCEEDED(targetBaseURI
->GetSpec(targetSpec
)) &&
2487 NS_SUCCEEDED(sourceBaseURI
->GetSpec(sourceSpec
)) &&
2488 targetSpec
.Equals(sourceSpec
));
2493 nsAutoCString targetHost
;
2494 nsAutoCString sourceHost
;
2495 if (NS_FAILED(targetBaseURI
->GetAsciiHost(targetHost
)) ||
2496 NS_FAILED(sourceBaseURI
->GetAsciiHost(sourceHost
))) {
2500 nsCOMPtr
<nsIStandardURL
> targetURL(do_QueryInterface(targetBaseURI
));
2501 nsCOMPtr
<nsIStandardURL
> sourceURL(do_QueryInterface(sourceBaseURI
));
2502 if (!targetURL
|| !sourceURL
) {
2506 if (!targetHost
.Equals(sourceHost
, nsCaseInsensitiveCStringComparator
)) {
2510 return NS_GetRealPort(targetBaseURI
) == NS_GetRealPort(sourceBaseURI
);
2513 bool NS_URIIsLocalFile(nsIURI
* aURI
) {
2514 nsCOMPtr
<nsINetUtil
> util
= do_GetNetUtil();
2518 NS_SUCCEEDED(util
->ProtocolHasFlags(
2519 aURI
, nsIProtocolHandler::URI_IS_LOCAL_FILE
, &isFile
)) &&
2523 bool NS_RelaxStrictFileOriginPolicy(nsIURI
* aTargetURI
, nsIURI
* aSourceURI
,
2524 bool aAllowDirectoryTarget
/* = false */) {
2525 if (!NS_URIIsLocalFile(aTargetURI
)) {
2526 // This is probably not what the caller intended
2527 MOZ_ASSERT_UNREACHABLE(
2528 "NS_RelaxStrictFileOriginPolicy called with non-file URI");
2532 if (!NS_URIIsLocalFile(aSourceURI
)) {
2533 // If the source is not also a file: uri then forget it
2534 // (don't want resource: principals in a file: doc)
2536 // note: we're not de-nesting jar: uris here, we want to
2537 // keep archive content bottled up in its own little island
2542 // pull out the internal files
2544 nsCOMPtr
<nsIFileURL
> targetFileURL(do_QueryInterface(aTargetURI
));
2545 nsCOMPtr
<nsIFileURL
> sourceFileURL(do_QueryInterface(aSourceURI
));
2546 nsCOMPtr
<nsIFile
> targetFile
;
2547 nsCOMPtr
<nsIFile
> sourceFile
;
2550 // Make sure targetFile is not a directory (bug 209234)
2551 // and that it exists w/out unescaping (bug 395343)
2552 if (!sourceFileURL
|| !targetFileURL
||
2553 NS_FAILED(targetFileURL
->GetFile(getter_AddRefs(targetFile
))) ||
2554 NS_FAILED(sourceFileURL
->GetFile(getter_AddRefs(sourceFile
))) ||
2555 !targetFile
|| !sourceFile
|| NS_FAILED(targetFile
->Normalize()) ||
2556 #ifndef MOZ_WIDGET_ANDROID
2557 NS_FAILED(sourceFile
->Normalize()) ||
2559 (!aAllowDirectoryTarget
&&
2560 (NS_FAILED(targetFile
->IsDirectory(&targetIsDir
)) || targetIsDir
))) {
2567 bool NS_IsInternalSameURIRedirect(nsIChannel
* aOldChannel
,
2568 nsIChannel
* aNewChannel
, uint32_t aFlags
) {
2569 if (!(aFlags
& nsIChannelEventSink::REDIRECT_INTERNAL
)) {
2573 nsCOMPtr
<nsIURI
> oldURI
, newURI
;
2574 aOldChannel
->GetURI(getter_AddRefs(oldURI
));
2575 aNewChannel
->GetURI(getter_AddRefs(newURI
));
2577 if (!oldURI
|| !newURI
) {
2582 return NS_SUCCEEDED(oldURI
->Equals(newURI
, &res
)) && res
;
2585 bool NS_IsHSTSUpgradeRedirect(nsIChannel
* aOldChannel
, nsIChannel
* aNewChannel
,
2587 if (!(aFlags
& nsIChannelEventSink::REDIRECT_STS_UPGRADE
)) {
2591 nsCOMPtr
<nsIURI
> oldURI
, newURI
;
2592 aOldChannel
->GetURI(getter_AddRefs(oldURI
));
2593 aNewChannel
->GetURI(getter_AddRefs(newURI
));
2595 if (!oldURI
|| !newURI
) {
2599 if (!oldURI
->SchemeIs("http")) {
2603 nsCOMPtr
<nsIURI
> upgradedURI
;
2604 nsresult rv
= NS_GetSecureUpgradedURI(oldURI
, getter_AddRefs(upgradedURI
));
2605 if (NS_FAILED(rv
)) {
2610 return NS_SUCCEEDED(upgradedURI
->Equals(newURI
, &res
)) && res
;
2613 bool NS_ShouldRemoveAuthHeaderOnRedirect(nsIChannel
* aOldChannel
,
2614 nsIChannel
* aNewChannel
,
2616 // we need to strip Authentication headers for external cross-origin redirects
2617 // Howerver, we should NOT strip auth headers for
2618 // - internal redirects/HSTS upgrades
2619 // - same origin redirects
2620 // Ref: https://fetch.spec.whatwg.org/#http-redirect-fetch
2621 if ((aFlags
& (nsIChannelEventSink::REDIRECT_STS_UPGRADE
|
2622 nsIChannelEventSink::REDIRECT_INTERNAL
))) {
2623 // this is an internal redirect do not strip auth header
2626 nsCOMPtr
<nsIURI
> oldUri
;
2627 MOZ_ALWAYS_SUCCEEDS(
2628 NS_GetFinalChannelURI(aOldChannel
, getter_AddRefs(oldUri
)));
2630 nsCOMPtr
<nsIURI
> newUri
;
2631 MOZ_ALWAYS_SUCCEEDS(
2632 NS_GetFinalChannelURI(aNewChannel
, getter_AddRefs(newUri
)));
2634 nsresult rv
= nsContentUtils::GetSecurityManager()->CheckSameOriginURI(
2635 newUri
, oldUri
, false, false);
2637 return NS_FAILED(rv
);
2640 nsresult
NS_LinkRedirectChannels(uint64_t channelId
,
2641 nsIParentChannel
* parentChannel
,
2642 nsIChannel
** _result
) {
2643 nsCOMPtr
<nsIRedirectChannelRegistrar
> registrar
=
2644 RedirectChannelRegistrar::GetOrCreate();
2645 MOZ_ASSERT(registrar
);
2647 return registrar
->LinkChannels(channelId
, parentChannel
, _result
);
2650 nsILoadInfo::CrossOriginEmbedderPolicy
2651 NS_GetCrossOriginEmbedderPolicyFromHeader(
2652 const nsACString
& aHeader
, bool aIsOriginTrialCoepCredentiallessEnabled
) {
2653 nsCOMPtr
<nsISFVService
> sfv
= GetSFVService();
2655 nsCOMPtr
<nsISFVItem
> item
;
2656 nsresult rv
= sfv
->ParseItem(aHeader
, getter_AddRefs(item
));
2657 if (NS_FAILED(rv
)) {
2658 return nsILoadInfo::EMBEDDER_POLICY_NULL
;
2661 nsCOMPtr
<nsISFVBareItem
> value
;
2662 rv
= item
->GetValue(getter_AddRefs(value
));
2663 if (NS_FAILED(rv
)) {
2664 return nsILoadInfo::EMBEDDER_POLICY_NULL
;
2667 nsCOMPtr
<nsISFVToken
> token
= do_QueryInterface(value
);
2669 return nsILoadInfo::EMBEDDER_POLICY_NULL
;
2672 nsAutoCString embedderPolicy
;
2673 rv
= token
->GetValue(embedderPolicy
);
2674 if (NS_FAILED(rv
)) {
2675 return nsILoadInfo::EMBEDDER_POLICY_NULL
;
2678 if (embedderPolicy
.EqualsLiteral("require-corp")) {
2679 return nsILoadInfo::EMBEDDER_POLICY_REQUIRE_CORP
;
2680 } else if (embedderPolicy
.EqualsLiteral("credentialless") &&
2681 IsCoepCredentiallessEnabled(
2682 aIsOriginTrialCoepCredentiallessEnabled
)) {
2683 return nsILoadInfo::EMBEDDER_POLICY_CREDENTIALLESS
;
2686 return nsILoadInfo::EMBEDDER_POLICY_NULL
;
2689 bool NS_GetForceLoadAtTopFromHeader(const nsACString
& aHeader
) {
2690 nsCOMPtr
<nsISFVService
> sfv
= mozilla::net::GetSFVService();
2692 nsCOMPtr
<nsISFVDictionary
> dict
;
2693 if (NS_FAILED(sfv
->ParseDictionary(aHeader
, getter_AddRefs(dict
)))) {
2696 nsCOMPtr
<nsISFVItemOrInnerList
> iil
;
2697 if (NS_FAILED(dict
->Get("force-load-at-top"_ns
, getter_AddRefs(iil
)))) {
2701 nsCOMPtr
<nsISFVItem
> item(do_QueryInterface(iil
));
2706 nsCOMPtr
<nsISFVBareItem
> bareItem
;
2707 if (NS_FAILED(item
->GetValue(getter_AddRefs(bareItem
)))) {
2712 if (NS_FAILED(bareItem
->GetType(&type
))) {
2716 nsCOMPtr
<nsISFVBool
> boolItem(do_QueryInterface(bareItem
));
2722 if (NS_FAILED(boolItem
->GetValue(&b
))) {
2729 /** Given the first (disposition) token from a Content-Disposition header,
2730 * tell whether it indicates the content is inline or attachment
2731 * @param aDispToken the disposition token from the content-disposition header
2733 uint32_t NS_GetContentDispositionFromToken(const nsAString
& aDispToken
) {
2734 // RFC 2183, section 2.8 says that an unknown disposition
2735 // value should be treated as "attachment"
2736 // If all of these tests eval to false, then we have a content-disposition of
2737 // "attachment" or unknown
2738 if (aDispToken
.IsEmpty() || aDispToken
.LowerCaseEqualsLiteral("inline") ||
2739 // Broken sites just send
2740 // Content-Disposition: filename="file"
2741 // without a disposition token... screen those out.
2742 StringHead(aDispToken
, 8).LowerCaseEqualsLiteral("filename")) {
2743 return nsIChannel::DISPOSITION_INLINE
;
2746 return nsIChannel::DISPOSITION_ATTACHMENT
;
2749 uint32_t NS_GetContentDispositionFromHeader(const nsACString
& aHeader
,
2750 nsIChannel
* aChan
/* = nullptr */) {
2752 nsCOMPtr
<nsIMIMEHeaderParam
> mimehdrpar
;
2753 mimehdrpar
= mozilla::components::MimeHeaderParam::Service(&rv
);
2754 if (NS_FAILED(rv
)) return nsIChannel::DISPOSITION_ATTACHMENT
;
2756 nsAutoString dispToken
;
2757 rv
= mimehdrpar
->GetParameterHTTP(aHeader
, "", ""_ns
, true, nullptr,
2760 if (NS_FAILED(rv
)) {
2761 // special case (see bug 272541): empty disposition type handled as "inline"
2762 if (rv
== NS_ERROR_FIRST_HEADER_FIELD_COMPONENT_EMPTY
) {
2763 return nsIChannel::DISPOSITION_INLINE
;
2765 return nsIChannel::DISPOSITION_ATTACHMENT
;
2768 return NS_GetContentDispositionFromToken(dispToken
);
2771 nsresult
NS_GetFilenameFromDisposition(nsAString
& aFilename
,
2772 const nsACString
& aDisposition
) {
2773 aFilename
.Truncate();
2776 nsCOMPtr
<nsIMIMEHeaderParam
> mimehdrpar
;
2777 mimehdrpar
= mozilla::components::MimeHeaderParam::Service(&rv
);
2778 if (NS_FAILED(rv
)) return rv
;
2780 // Get the value of 'filename' parameter
2781 rv
= mimehdrpar
->GetParameterHTTP(aDisposition
, "filename", ""_ns
, true,
2782 nullptr, aFilename
);
2784 if (NS_FAILED(rv
)) {
2785 aFilename
.Truncate();
2789 if (aFilename
.IsEmpty()) return NS_ERROR_NOT_AVAILABLE
;
2791 // Filename may still be percent-encoded. Fix:
2792 if (aFilename
.FindChar('%') != -1) {
2793 nsCOMPtr
<nsITextToSubURI
> textToSubURI
;
2794 textToSubURI
= mozilla::components::TextToSubURI::Service(&rv
);
2795 if (NS_SUCCEEDED(rv
)) {
2796 nsAutoString unescaped
;
2797 textToSubURI
->UnEscapeURIForUI(NS_ConvertUTF16toUTF8(aFilename
),
2798 /* dontEscape = */ true, unescaped
);
2799 aFilename
.Assign(unescaped
);
2806 void net_EnsurePSMInit() {
2807 if (XRE_IsSocketProcess()) {
2808 EnsureNSSInitializedChromeOrContent();
2812 MOZ_ASSERT(XRE_IsParentProcess());
2813 MOZ_ASSERT(NS_IsMainThread());
2815 DebugOnly
<bool> rv
= EnsureNSSInitializedChromeOrContent();
2819 bool NS_IsAboutBlank(nsIURI
* uri
) {
2820 // GetSpec can be expensive for some URIs, so check the scheme first.
2821 if (!uri
->SchemeIs("about")) {
2826 if (NS_FAILED(uri
->GetSpec(spec
))) {
2830 return spec
.EqualsLiteral("about:blank");
2833 bool NS_IsAboutBlankAllowQueryAndFragment(nsIURI
* uri
) {
2834 // GetSpec can be expensive for some URIs, so check the scheme first.
2835 if (!uri
->SchemeIs("about")) {
2840 if (NS_FAILED(NS_GetAboutModuleName(uri
, name
))) {
2844 return name
.EqualsLiteral("blank");
2847 bool NS_IsAboutSrcdoc(nsIURI
* uri
) {
2848 // GetSpec can be expensive for some URIs, so check the scheme first.
2849 if (!uri
->SchemeIs("about")) {
2854 if (NS_FAILED(uri
->GetSpec(spec
))) {
2858 return spec
.EqualsLiteral("about:srcdoc");
2861 nsresult
NS_GenerateHostPort(const nsCString
& host
, int32_t port
,
2862 nsACString
& hostLine
) {
2863 if (strchr(host
.get(), ':')) {
2864 // host is an IPv6 address literal and must be encapsulated in []'s
2865 hostLine
.Assign('[');
2866 // scope id is not needed for Host header.
2867 int scopeIdPos
= host
.FindChar('%');
2868 if (scopeIdPos
== -1) {
2869 hostLine
.Append(host
);
2870 } else if (scopeIdPos
> 0) {
2871 hostLine
.Append(Substring(host
, 0, scopeIdPos
));
2873 return NS_ERROR_MALFORMED_URI
;
2875 hostLine
.Append(']');
2877 hostLine
.Assign(host
);
2880 hostLine
.Append(':');
2881 hostLine
.AppendInt(port
);
2886 void NS_SniffContent(const char* aSnifferType
, nsIRequest
* aRequest
,
2887 const uint8_t* aData
, uint32_t aLength
,
2888 nsACString
& aSniffedType
) {
2889 using ContentSnifferCache
= nsCategoryCache
<nsIContentSniffer
>;
2890 extern ContentSnifferCache
* gNetSniffers
;
2891 extern ContentSnifferCache
* gDataSniffers
;
2892 extern ContentSnifferCache
* gORBSniffers
;
2893 extern ContentSnifferCache
* gNetAndORBSniffers
;
2894 ContentSnifferCache
* cache
= nullptr;
2895 if (!strcmp(aSnifferType
, NS_CONTENT_SNIFFER_CATEGORY
)) {
2896 if (!gNetSniffers
) {
2897 gNetSniffers
= new ContentSnifferCache(NS_CONTENT_SNIFFER_CATEGORY
);
2899 cache
= gNetSniffers
;
2900 } else if (!strcmp(aSnifferType
, NS_DATA_SNIFFER_CATEGORY
)) {
2901 if (!gDataSniffers
) {
2902 gDataSniffers
= new ContentSnifferCache(NS_DATA_SNIFFER_CATEGORY
);
2904 cache
= gDataSniffers
;
2905 } else if (!strcmp(aSnifferType
, NS_ORB_SNIFFER_CATEGORY
)) {
2906 if (!gORBSniffers
) {
2907 gORBSniffers
= new ContentSnifferCache(NS_ORB_SNIFFER_CATEGORY
);
2909 cache
= gORBSniffers
;
2910 } else if (!strcmp(aSnifferType
, NS_CONTENT_AND_ORB_SNIFFER_CATEGORY
)) {
2911 if (!gNetAndORBSniffers
) {
2912 gNetAndORBSniffers
=
2913 new ContentSnifferCache(NS_CONTENT_AND_ORB_SNIFFER_CATEGORY
);
2915 cache
= gNetAndORBSniffers
;
2917 // Invalid content sniffer type was requested
2922 // In case XCTO nosniff was present, we could just skip sniffing here
2923 nsCOMPtr
<nsIChannel
> channel
= do_QueryInterface(aRequest
);
2925 nsCOMPtr
<nsILoadInfo
> loadInfo
= channel
->LoadInfo();
2926 if (loadInfo
->GetSkipContentSniffing()) {
2928 * We cannot skip snffing if the current MIME-Type might be a JSON.
2929 * The JSON-Viewer relies on its own sniffer to determine, if it can
2930 * render the page, so we need to make an exception if the Server provides
2931 * a application/ mime, as it might be json.
2933 nsAutoCString currentContentType
;
2934 channel
->GetContentType(currentContentType
);
2935 if (!StringBeginsWith(currentContentType
, "application/"_ns
)) {
2940 nsCOMArray
<nsIContentSniffer
> sniffers
;
2941 cache
->GetEntries(sniffers
);
2942 for (int32_t i
= 0; i
< sniffers
.Count(); ++i
) {
2943 nsresult rv
= sniffers
[i
]->GetMIMETypeFromContent(aRequest
, aData
, aLength
,
2945 if (NS_SUCCEEDED(rv
) && !aSniffedType
.IsEmpty()) {
2950 aSniffedType
.Truncate();
2953 bool NS_IsSrcdocChannel(nsIChannel
* aChannel
) {
2955 nsCOMPtr
<nsIInputStreamChannel
> isr
= do_QueryInterface(aChannel
);
2957 isr
->GetIsSrcdocChannel(&isSrcdoc
);
2960 nsCOMPtr
<nsIViewSourceChannel
> vsc
= do_QueryInterface(aChannel
);
2962 nsresult rv
= vsc
->GetIsSrcdocChannel(&isSrcdoc
);
2963 if (NS_SUCCEEDED(rv
)) {
2970 // helper function for NS_ShouldSecureUpgrade for checking HSTS
2971 bool handleResultFunc(bool aAllowSTS
, bool aIsStsHost
) {
2973 LOG(("nsHttpChannel::Connect() STS permissions found\n"));
2980 // That function is a helper function of NS_ShouldSecureUpgrade to check if
2981 // CSP upgrade-insecure-requests, Mixed content auto upgrading or HTTPs-Only/-
2982 // First should upgrade the given request.
2983 static bool ShouldSecureUpgradeNoHSTS(nsIURI
* aURI
, nsILoadInfo
* aLoadInfo
) {
2984 // 2. CSP upgrade-insecure-requests
2985 if (aLoadInfo
->GetUpgradeInsecureRequests()) {
2986 // let's log a message to the console that we are upgrading a request
2987 nsAutoCString scheme
;
2988 aURI
->GetScheme(scheme
);
2989 // append the additional 's' for security to the scheme :-)
2990 scheme
.AppendLiteral("s");
2991 NS_ConvertUTF8toUTF16
reportSpec(aURI
->GetSpecOrDefault());
2992 NS_ConvertUTF8toUTF16
reportScheme(scheme
);
2993 AutoTArray
<nsString
, 2> params
= {reportSpec
, reportScheme
};
2994 uint64_t innerWindowId
= aLoadInfo
->GetInnerWindowID();
2995 CSP_LogLocalizedStr("upgradeInsecureRequest", params
,
2996 ""_ns
, // aSourceFile
2997 u
""_ns
, // aScriptSample
3000 nsIScriptError::warningFlag
,
3001 "upgradeInsecureRequest"_ns
, innerWindowId
,
3002 aLoadInfo
->GetOriginAttributes().IsPrivateBrowsing());
3003 aLoadInfo
->SetHttpsUpgradeTelemetry(nsILoadInfo::CSP_UIR
);
3006 // 3. Mixed content auto upgrading
3007 if (aLoadInfo
->GetBrowserUpgradeInsecureRequests()) {
3008 // let's log a message to the console that we are upgrading a request
3009 nsAutoCString scheme
;
3010 aURI
->GetScheme(scheme
);
3011 // append the additional 's' for security to the scheme :-)
3012 scheme
.AppendLiteral("s");
3013 NS_ConvertUTF8toUTF16
reportSpec(aURI
->GetSpecOrDefault());
3014 NS_ConvertUTF8toUTF16
reportScheme(scheme
);
3015 AutoTArray
<nsString
, 2> params
= {reportSpec
, reportScheme
};
3017 nsAutoString localizedMsg
;
3018 nsContentUtils::FormatLocalizedString(nsContentUtils::eSECURITY_PROPERTIES
,
3019 "MixedContentAutoUpgrade", params
,
3022 // Prepending ixed Content to the outgoing console message
3024 message
.AppendLiteral(u
"Mixed Content: ");
3025 message
.Append(localizedMsg
);
3027 uint64_t innerWindowId
= aLoadInfo
->GetInnerWindowID();
3028 nsContentUtils::ReportToConsoleByWindowID(
3029 message
, nsIScriptError::warningFlag
, "Mixed Content Message"_ns
,
3030 innerWindowId
, SourceLocation(aURI
));
3032 // Set this flag so we know we'll upgrade because of
3033 // 'security.mixed_content.upgrade_display_content'.
3034 aLoadInfo
->SetBrowserDidUpgradeInsecureRequests(true);
3039 if (nsHTTPSOnlyUtils::ShouldUpgradeRequest(aURI
, aLoadInfo
)) {
3040 aLoadInfo
->SetHttpsUpgradeTelemetry(nsILoadInfo::HTTPS_ONLY_UPGRADE
);
3044 if (nsHTTPSOnlyUtils::ShouldUpgradeHttpsFirstRequest(aURI
, aLoadInfo
)) {
3045 if (aLoadInfo
->GetWasSchemelessInput()) {
3046 aLoadInfo
->SetHttpsUpgradeTelemetry(
3047 nsILoadInfo::HTTPS_FIRST_SCHEMELESS_UPGRADE
);
3049 aLoadInfo
->SetHttpsUpgradeTelemetry(nsILoadInfo::HTTPS_FIRST_UPGRADE
);
3056 // Check if channel should be upgraded. check in the following order:
3058 // 2. CSP upgrade-insecure-requests
3059 // 3. Mixed content auto upgrading
3060 // 4. Https-Only / first
3061 // (5. Https RR - will be checked in nsHttpChannel)
3062 nsresult
NS_ShouldSecureUpgrade(
3063 nsIURI
* aURI
, nsILoadInfo
* aLoadInfo
, nsIPrincipal
* aChannelResultPrincipal
,
3064 bool aAllowSTS
, const OriginAttributes
& aOriginAttributes
,
3065 bool& aShouldUpgrade
, std::function
<void(bool, nsresult
)>&& aResultCallback
,
3066 bool& aWillCallback
) {
3067 MOZ_ASSERT(XRE_IsParentProcess());
3068 if (!XRE_IsParentProcess()) {
3069 return NS_ERROR_NOT_AVAILABLE
;
3072 aWillCallback
= false;
3073 aShouldUpgrade
= false;
3075 // Even if we're in private browsing mode, we still enforce existing STS
3076 // data (it is read-only).
3077 // if the connection is not using SSL and either the exact host matches or
3078 // a superdomain wants to force HTTPS, do it.
3079 bool isHttps
= aURI
->SchemeIs("https");
3081 // If request is https, then there is nothing to do here.
3083 aLoadInfo
->SetHttpsUpgradeTelemetry(nsILoadInfo::ALREADY_HTTPS
);
3084 aShouldUpgrade
= false;
3087 // If it is a mixed content trustworthy loopback, then we shouldn't upgrade
3089 if (nsMixedContentBlocker::IsPotentiallyTrustworthyLoopbackURL(aURI
)) {
3090 aShouldUpgrade
= false;
3093 // If no loadInfo exist there is nothing to upgrade here.
3095 aShouldUpgrade
= false;
3098 MOZ_ASSERT(!aURI
->SchemeIs("https"));
3100 // enforce Strict-Transport-Security
3101 nsISiteSecurityService
* sss
= gHttpHandler
->GetSSService();
3102 NS_ENSURE_TRUE(sss
, NS_ERROR_OUT_OF_MEMORY
);
3104 bool isStsHost
= false;
3105 // Calling |IsSecureURI| before the storage is ready to read will
3106 // block the main thread. Once the storage is ready, we can call it
3107 // from main thread.
3108 static Atomic
<bool, Relaxed
> storageReady(false);
3109 if (!storageReady
&& gSocketTransportService
&& aResultCallback
) {
3110 nsCOMPtr
<nsILoadInfo
> loadInfo
= aLoadInfo
;
3111 nsCOMPtr
<nsIURI
> uri
= aURI
;
3112 auto callbackWrapper
= [resultCallback
{std::move(aResultCallback
)}, uri
,
3113 loadInfo
](bool aShouldUpgrade
, nsresult aStatus
) {
3114 MOZ_ASSERT(NS_IsMainThread());
3117 if (aShouldUpgrade
|| NS_FAILED(aStatus
)) {
3118 resultCallback(aShouldUpgrade
, aStatus
);
3121 // Check if we need to upgrade because of other reasons.
3122 // 2. CSP upgrade-insecure-requests
3123 // 3. Mixed content auto upgrading
3124 // 4. Https-Only / first
3125 bool shouldUpgrade
= ShouldSecureUpgradeNoHSTS(uri
, loadInfo
);
3126 resultCallback(shouldUpgrade
, aStatus
);
3128 nsCOMPtr
<nsISiteSecurityService
> service
= sss
;
3129 nsresult rv
= gSocketTransportService
->Dispatch(
3130 NS_NewRunnableFunction(
3131 "net::NS_ShouldSecureUpgrade",
3132 [service
{std::move(service
)}, uri
{std::move(uri
)},
3133 originAttributes(aOriginAttributes
),
3134 handleResultFunc
{std::move(handleResultFunc
)},
3135 callbackWrapper
{std::move(callbackWrapper
)},
3136 allowSTS
{std::move(aAllowSTS
)}]() mutable {
3137 bool isStsHost
= false;
3139 service
->IsSecureURI(uri
, originAttributes
, &isStsHost
);
3141 // Successfully get the result from |IsSecureURI| implies that
3142 // the storage is ready to read.
3143 storageReady
= NS_SUCCEEDED(rv
);
3144 bool shouldUpgrade
= handleResultFunc(allowSTS
, isStsHost
);
3145 // Check if request should be upgraded.
3146 NS_DispatchToMainThread(NS_NewRunnableFunction(
3147 "net::NS_ShouldSecureUpgrade::ResultCallback",
3149 callbackWrapper
{std::move(callbackWrapper
)}]() {
3150 callbackWrapper(shouldUpgrade
, rv
);
3153 NS_DISPATCH_NORMAL
);
3154 aWillCallback
= NS_SUCCEEDED(rv
);
3158 nsresult rv
= sss
->IsSecureURI(aURI
, aOriginAttributes
, &isStsHost
);
3160 // if the SSS check fails, it's likely because this load is on a
3161 // malformed URI or something else in the setup is wrong, so any error
3162 // should be reported.
3163 NS_ENSURE_SUCCESS(rv
, rv
);
3165 aShouldUpgrade
= handleResultFunc(aAllowSTS
, isStsHost
);
3166 // we can't pass the loadinfo to handleResultFunc since it's not threadsafe
3167 // hence we set the http telemetry information on the loadinfo here.
3168 if (aShouldUpgrade
) {
3169 aLoadInfo
->SetHttpsUpgradeTelemetry(nsILoadInfo::HSTS
);
3171 if (!aShouldUpgrade
) {
3172 // Check for CSP upgrade-insecure-requests, Mixed content auto upgrading
3173 // and Https-Only / -First.
3174 aShouldUpgrade
= ShouldSecureUpgradeNoHSTS(aURI
, aLoadInfo
);
3179 nsresult
NS_GetSecureUpgradedURI(nsIURI
* aURI
, nsIURI
** aUpgradedURI
) {
3180 NS_MutateURI
mutator(aURI
);
3181 mutator
.SetScheme("https"_ns
); // Change the scheme to HTTPS:
3183 // Change the default port to 443:
3184 nsCOMPtr
<nsIStandardURL
> stdURL
= do_QueryInterface(aURI
);
3186 mutator
.Apply(&nsIStandardURLMutator::SetDefaultPort
, 443, nullptr);
3188 // If we don't have a nsStandardURL, fall back to using GetPort/SetPort.
3189 // XXXdholbert Is this function even called with a non-nsStandardURL arg,
3191 NS_WARNING("Calling NS_GetSecureUpgradedURI for non nsStandardURL");
3192 int32_t oldPort
= -1;
3193 nsresult rv
= aURI
->GetPort(&oldPort
);
3194 if (NS_FAILED(rv
)) return rv
;
3196 // Keep any nonstandard ports so only the scheme is changed.
3198 // http://foo.com:80 -> https://foo.com:443
3199 // http://foo.com:81 -> https://foo.com:81
3201 if (oldPort
== 80 || oldPort
== -1) {
3202 mutator
.SetPort(-1);
3204 mutator
.SetPort(oldPort
);
3208 return mutator
.Finalize(aUpgradedURI
);
3211 nsresult
NS_CompareLoadInfoAndLoadContext(nsIChannel
* aChannel
) {
3212 nsCOMPtr
<nsILoadInfo
> loadInfo
= aChannel
->LoadInfo();
3214 nsCOMPtr
<nsILoadContext
> loadContext
;
3215 NS_QueryNotificationCallbacks(aChannel
, loadContext
);
3220 // We try to skip about:newtab.
3221 // about:newtab will use SystemPrincipal to download thumbnails through
3222 // https:// and blob URLs.
3223 bool isAboutPage
= false;
3224 nsINode
* node
= loadInfo
->LoadingNode();
3226 nsIURI
* uri
= node
->OwnerDoc()->GetDocumentURI();
3227 isAboutPage
= uri
->SchemeIs("about");
3234 // We skip the favicon loading here. The favicon loading might be
3235 // triggered by the XUL image. For that case, the loadContext will have
3236 // default originAttributes since the XUL image uses SystemPrincipal, but
3237 // the loadInfo will use originAttributes from the content. Thus, the
3238 // originAttributes between loadInfo and loadContext will be different.
3239 // That's why we have to skip the comparison for the favicon loading.
3240 if (loadInfo
->GetLoadingPrincipal() &&
3241 loadInfo
->GetLoadingPrincipal()->IsSystemPrincipal() &&
3242 loadInfo
->InternalContentPolicyType() ==
3243 nsIContentPolicy::TYPE_INTERNAL_IMAGE_FAVICON
) {
3247 OriginAttributes originAttrsLoadInfo
= loadInfo
->GetOriginAttributes();
3248 OriginAttributes originAttrsLoadContext
;
3249 loadContext
->GetOriginAttributes(originAttrsLoadContext
);
3252 ("NS_CompareLoadInfoAndLoadContext - loadInfo: %d, %d; "
3253 "loadContext: %d, %d. [channel=%p]",
3254 originAttrsLoadInfo
.mUserContextId
,
3255 originAttrsLoadInfo
.mPrivateBrowsingId
,
3256 originAttrsLoadContext
.mUserContextId
,
3257 originAttrsLoadContext
.mPrivateBrowsingId
, aChannel
));
3259 MOZ_ASSERT(originAttrsLoadInfo
.mUserContextId
==
3260 originAttrsLoadContext
.mUserContextId
,
3261 "The value of mUserContextId in the loadContext and in the "
3262 "loadInfo are not the same!");
3264 MOZ_ASSERT(originAttrsLoadInfo
.mPrivateBrowsingId
==
3265 originAttrsLoadContext
.mPrivateBrowsingId
,
3266 "The value of mPrivateBrowsingId in the loadContext and in the "
3267 "loadInfo are not the same!");
3272 nsresult
NS_SetRequestBlockingReason(nsIChannel
* channel
, uint32_t reason
) {
3273 NS_ENSURE_ARG(channel
);
3275 nsCOMPtr
<nsILoadInfo
> loadInfo
= channel
->LoadInfo();
3276 return NS_SetRequestBlockingReason(loadInfo
, reason
);
3279 nsresult
NS_SetRequestBlockingReason(nsILoadInfo
* loadInfo
, uint32_t reason
) {
3280 NS_ENSURE_ARG(loadInfo
);
3282 return loadInfo
->SetRequestBlockingReason(reason
);
3285 nsresult
NS_SetRequestBlockingReasonIfNull(nsILoadInfo
* loadInfo
,
3287 NS_ENSURE_ARG(loadInfo
);
3289 uint32_t existingReason
;
3290 if (NS_SUCCEEDED(loadInfo
->GetRequestBlockingReason(&existingReason
)) &&
3291 existingReason
!= nsILoadInfo::BLOCKING_REASON_NONE
) {
3295 return loadInfo
->SetRequestBlockingReason(reason
);
3298 bool NS_IsOffline() {
3299 bool offline
= true;
3300 bool connectivity
= true;
3301 nsCOMPtr
<nsIIOService
> ios
= do_GetIOService();
3303 ios
->GetOffline(&offline
);
3304 ios
->GetConnectivity(&connectivity
);
3306 return offline
|| !connectivity
;
3310 * This function returns true if this channel should be classified by
3311 * the URL Classifier, false otherwise.
3313 * The idea of the algorithm to determine if a channel should be
3314 * classified is based on:
3315 * 1. Channels created by non-privileged code should be classified.
3316 * 2. Top-level document’s channels, if loaded by privileged code
3317 * (system principal), should be classified.
3318 * 3. Any other channel, created by privileged code, is considered safe.
3320 * A bad/hacked/corrupted safebrowsing database, plus a mistakenly
3321 * classified critical channel (this may result from a bug in the exemption
3322 * rules or incorrect information being passed into) can cause serious
3323 * problems. For example, if the updater channel is classified and blocked
3324 * by the Safe Browsing, Firefox can't update itself, and there is no way to
3325 * recover from that.
3327 * So two safeguards are added to ensure critical channels are never
3328 * automatically classified either because there is a bug in the algorithm
3329 * or the data in loadinfo is wrong.
3330 * 1. beConservative, this is set by ServiceRequest and we treat
3331 * channel created for ServiceRequest as critical channels.
3332 * 2. nsIChannel::LOAD_BYPASS_URL_CLASSIFIER, channel's opener can use this
3333 * flag to enforce bypassing the URL classifier check.
3335 bool NS_ShouldClassifyChannel(nsIChannel
* aChannel
) {
3336 nsLoadFlags loadFlags
;
3337 Unused
<< aChannel
->GetLoadFlags(&loadFlags
);
3338 // If our load flags dictate that we must let this channel through without
3339 // URL classification, obey that here without performing more checks.
3340 if (loadFlags
& nsIChannel::LOAD_BYPASS_URL_CLASSIFIER
) {
3344 nsCOMPtr
<nsIHttpChannelInternal
> httpChannel(do_QueryInterface(aChannel
));
3346 bool beConservative
;
3347 nsresult rv
= httpChannel
->GetBeConservative(&beConservative
);
3349 // beConservative flag, set by ServiceRequest to ensure channels that
3350 // fetch update use conservative TLS setting, are used here to identify
3351 // channels are critical to bypass classification. for channels don't
3352 // support beConservative, continue to apply the exemption rules.
3353 if (NS_SUCCEEDED(rv
) && beConservative
) {
3358 nsCOMPtr
<nsILoadInfo
> loadInfo
= aChannel
->LoadInfo();
3359 ExtContentPolicyType type
= loadInfo
->GetExternalContentPolicyType();
3360 // Skip classifying channel triggered by system unless it is a top-level
3362 return !(loadInfo
->TriggeringPrincipal()->IsSystemPrincipal() &&
3363 ExtContentPolicy::TYPE_DOCUMENT
!= type
);
3369 bool InScriptableRange(int64_t val
) {
3370 return (val
<= kJS_MAX_SAFE_INTEGER
) && (val
>= kJS_MIN_SAFE_INTEGER
);
3373 bool InScriptableRange(uint64_t val
) { return val
<= kJS_MAX_SAFE_UINTEGER
; }
3375 nsresult
GetParameterHTTP(const nsACString
& aHeaderVal
, const char* aParamName
,
3376 nsAString
& aResult
) {
3377 return nsMIMEHeaderParamImpl::GetParameterHTTP(aHeaderVal
, aParamName
,
3381 bool ChannelIsPost(nsIChannel
* aChannel
) {
3382 if (nsCOMPtr
<nsIHttpChannel
> httpChannel
= do_QueryInterface(aChannel
)) {
3383 nsAutoCString method
;
3384 Unused
<< httpChannel
->GetRequestMethod(method
);
3385 return method
.EqualsLiteral("POST");
3390 bool SchemeIsHTTP(nsIURI
* aURI
) {
3392 return aURI
->SchemeIs("http");
3395 bool SchemeIsHTTPS(nsIURI
* aURI
) {
3397 return aURI
->SchemeIs("https");
3400 bool SchemeIsJavascript(nsIURI
* aURI
) {
3402 return aURI
->SchemeIs("javascript");
3405 bool SchemeIsChrome(nsIURI
* aURI
) {
3407 return aURI
->SchemeIs("chrome");
3410 bool SchemeIsAbout(nsIURI
* aURI
) {
3412 return aURI
->SchemeIs("about");
3415 bool SchemeIsBlob(nsIURI
* aURI
) {
3417 return aURI
->SchemeIs("blob");
3420 bool SchemeIsFile(nsIURI
* aURI
) {
3422 return aURI
->SchemeIs("file");
3425 bool SchemeIsData(nsIURI
* aURI
) {
3427 return aURI
->SchemeIs("data");
3430 bool SchemeIsViewSource(nsIURI
* aURI
) {
3432 return aURI
->SchemeIs("view-source");
3435 bool SchemeIsResource(nsIURI
* aURI
) {
3437 return aURI
->SchemeIs("resource");
3440 bool SchemeIsFTP(nsIURI
* aURI
) {
3442 return aURI
->SchemeIs("ftp");
3445 bool SchemeIsSpecial(const nsACString
& aScheme
) {
3446 // See https://url.spec.whatwg.org/#special-scheme
3447 return aScheme
.EqualsIgnoreCase("ftp") || aScheme
.EqualsIgnoreCase("file") ||
3448 aScheme
.EqualsIgnoreCase("http") ||
3449 aScheme
.EqualsIgnoreCase("https") || aScheme
.EqualsIgnoreCase("ws") ||
3450 aScheme
.EqualsIgnoreCase("wss");
3453 bool IsSchemeChangePermitted(nsIURI
* aOldURI
, const nsACString
& newScheme
) {
3454 // See step 2.1 in https://url.spec.whatwg.org/#special-scheme
3455 // Note: The spec text uses "buffer" instead of newScheme, and "url"
3456 MOZ_ASSERT(aOldURI
);
3459 nsresult rv
= aOldURI
->GetScheme(tmp
);
3460 // If url's scheme is a special scheme and buffer is not a
3461 // special scheme, then return.
3462 // If url's scheme is not a special scheme and buffer is a
3463 // special scheme, then return.
3464 if (NS_FAILED(rv
) || SchemeIsSpecial(tmp
) != SchemeIsSpecial(newScheme
)) {
3468 // If url's scheme is "file" and its host is an empty host, then return.
3469 if (aOldURI
->SchemeIs("file")) {
3470 rv
= aOldURI
->GetHost(tmp
);
3471 if (NS_FAILED(rv
) || tmp
.IsEmpty()) {
3476 // URL Spec: If url includes credentials or has a non-null port, and
3477 // buffer is "file", then return.
3478 if (newScheme
.EqualsIgnoreCase("file")) {
3480 if (NS_FAILED(aOldURI
->GetHasUserPass(&hasUserPass
)) || hasUserPass
) {
3484 rv
= aOldURI
->GetPort(&port
);
3485 if (NS_FAILED(rv
) || port
!= -1) {
3493 already_AddRefed
<nsIURI
> TryChangeProtocol(nsIURI
* aURI
,
3494 const nsACString
& aProtocol
) {
3497 nsACString::const_iterator start
;
3498 aProtocol
.BeginReading(start
);
3500 nsACString::const_iterator end
;
3501 aProtocol
.EndReading(end
);
3503 nsACString::const_iterator
iter(start
);
3504 FindCharInReadable(':', iter
, end
);
3506 // Changing the protocol of a URL, changes the "nature" of the URI
3507 // implementation. In order to do this properly, we have to serialize the
3508 // existing URL and reparse it in a new object.
3509 nsCOMPtr
<nsIURI
> clone
;
3511 NS_MutateURI(aURI
).SetScheme(Substring(start
, iter
)).Finalize(clone
);
3512 if (NS_WARN_IF(NS_FAILED(rv
))) {
3516 if (StaticPrefs::network_url_strict_protocol_setter()) {
3517 nsAutoCString newScheme
;
3518 rv
= clone
->GetScheme(newScheme
);
3519 if (NS_FAILED(rv
) || !net::IsSchemeChangePermitted(aURI
, newScheme
)) {
3521 Unused
<< clone
->GetSpec(url
);
3522 AutoTArray
<nsString
, 2> params
;
3523 params
.AppendElement(NS_ConvertUTF8toUTF16(url
));
3524 params
.AppendElement(NS_ConvertUTF8toUTF16(newScheme
));
3525 nsContentUtils::ReportToConsole(
3526 nsIScriptError::warningFlag
, "Strict Url Protocol Setter"_ns
, nullptr,
3527 nsContentUtils::eNECKO_PROPERTIES
, "StrictUrlProtocolSetter", params
);
3533 rv
= clone
->GetSpec(href
);
3534 if (NS_WARN_IF(NS_FAILED(rv
))) {
3539 rv
= NS_NewURI(getter_AddRefs(uri
), href
);
3540 if (NS_WARN_IF(NS_FAILED(rv
))) {
3543 return uri
.forget();
3546 // Decode a parameter value using the encoding defined in RFC 5987 (in place)
3548 // charset "'" [ language ] "'" value-chars
3550 // returns true when decoding happened successfully (otherwise leaves
3551 // passed value alone)
3552 static bool Decode5987Format(nsAString
& aEncoded
) {
3554 nsCOMPtr
<nsIMIMEHeaderParam
> mimehdrpar
;
3555 mimehdrpar
= mozilla::components::MimeHeaderParam::Service(&rv
);
3556 if (NS_FAILED(rv
)) return false;
3558 nsAutoCString asciiValue
;
3560 const char16_t
* encstart
= aEncoded
.BeginReading();
3561 const char16_t
* encend
= aEncoded
.EndReading();
3563 // create a plain ASCII string, aborting if we can't do that
3564 // converted form is always shorter than input
3565 while (encstart
!= encend
) {
3566 if (*encstart
> 0 && *encstart
< 128) {
3567 asciiValue
.Append((char)*encstart
);
3574 nsAutoString decoded
;
3575 nsAutoCString language
;
3577 rv
= mimehdrpar
->DecodeRFC5987Param(asciiValue
, language
, decoded
);
3578 if (NS_FAILED(rv
)) return false;
3584 LinkHeader::LinkHeader() { mCrossOrigin
.SetIsVoid(true); }
3586 void LinkHeader::Reset() {
3591 mIntegrity
.Truncate();
3597 mCrossOrigin
.Truncate();
3598 mReferrerPolicy
.Truncate();
3600 mCrossOrigin
.SetIsVoid(true);
3601 mFetchPriority
.Truncate();
3604 nsresult
LinkHeader::NewResolveHref(nsIURI
** aOutURI
, nsIURI
* aBaseURI
) const {
3605 if (mAnchor
.IsEmpty()) {
3607 return NS_NewURI(aOutURI
, mHref
, nullptr, aBaseURI
);
3610 // compute the anchored URI
3611 nsCOMPtr
<nsIURI
> anchoredURI
;
3613 NS_NewURI(getter_AddRefs(anchoredURI
), mAnchor
, nullptr, aBaseURI
);
3614 NS_ENSURE_SUCCESS(rv
, rv
);
3616 return NS_NewURI(aOutURI
, mHref
, nullptr, anchoredURI
);
3619 bool LinkHeader::operator==(const LinkHeader
& rhs
) const {
3620 return mHref
== rhs
.mHref
&& mRel
== rhs
.mRel
&& mTitle
== rhs
.mTitle
&&
3621 mNonce
== rhs
.mNonce
&& mIntegrity
== rhs
.mIntegrity
&&
3622 mSrcset
== rhs
.mSrcset
&& mSizes
== rhs
.mSizes
&& mType
== rhs
.mType
&&
3623 mMedia
== rhs
.mMedia
&& mAnchor
== rhs
.mAnchor
&&
3624 mCrossOrigin
== rhs
.mCrossOrigin
&&
3625 mReferrerPolicy
== rhs
.mReferrerPolicy
&& mAs
== rhs
.mAs
&&
3626 mFetchPriority
== rhs
.mFetchPriority
;
3629 constexpr auto kTitleStar
= "title*"_ns
;
3631 nsTArray
<LinkHeader
> ParseLinkHeader(const nsAString
& aLinkData
) {
3632 nsTArray
<LinkHeader
> linkHeaders
;
3634 // keep track where we are within the header field
3635 bool seenParameters
= false;
3637 // parse link content and add to array
3639 nsAutoString titleStar
;
3641 // copy to work buffer
3642 nsAutoString
stringList(aLinkData
);
3644 // put an extra null at the end
3645 stringList
.Append(kNullCh
);
3647 char16_t
* start
= stringList
.BeginWriting();
3649 while (*start
!= kNullCh
) {
3650 // parse link content and call process style link
3652 // skip leading space
3653 while ((*start
!= kNullCh
) && nsCRT::IsAsciiSpace(*start
)) {
3657 char16_t
* end
= start
;
3658 char16_t
* last
= end
- 1;
3660 bool wasQuotedString
= false;
3662 // look for semicolon or comma
3663 while (*end
!= kNullCh
&& *end
!= kSemicolon
&& *end
!= kComma
) {
3666 if (ch
== kQuote
|| ch
== kLessThan
) {
3669 char16_t quote
= ch
;
3670 if (quote
== kLessThan
) {
3671 quote
= kGreaterThan
;
3674 wasQuotedString
= (ch
== kQuote
);
3676 char16_t
* closeQuote
= (end
+ 1);
3678 // seek closing quote
3679 while (*closeQuote
!= kNullCh
&& quote
!= *closeQuote
) {
3680 // in quoted-string, "\" is an escape character
3681 if (wasQuotedString
&& *closeQuote
== kBackSlash
&&
3682 *(closeQuote
+ 1) != kNullCh
) {
3689 if (quote
== *closeQuote
) {
3692 // skip to close quote
3699 if (ch
!= kNullCh
&& ch
!= kSemicolon
&& ch
!= kComma
) {
3705 // keep going until semi or comma
3706 while (ch
!= kNullCh
&& ch
!= kSemicolon
&& ch
!= kComma
) {
3719 char16_t endCh
= *end
;
3725 if ((*start
== kLessThan
) && (*last
== kGreaterThan
)) {
3728 // first instance of <...> wins
3729 // also, do not allow hrefs after the first param was seen
3730 if (header
.mHref
.IsEmpty() && !seenParameters
) {
3731 header
.mHref
= (start
+ 1);
3732 header
.mHref
.StripWhitespace();
3735 char16_t
* equals
= start
;
3736 seenParameters
= true;
3738 while ((*equals
!= kNullCh
) && (*equals
!= kEqual
)) {
3742 const bool hadEquals
= *equals
!= kNullCh
;
3744 nsAutoString
attr(start
);
3745 attr
.StripWhitespace();
3747 char16_t
* value
= hadEquals
? ++equals
: equals
;
3748 while (nsCRT::IsAsciiSpace(*value
)) {
3752 if ((*value
== kQuote
) && (*value
== *last
)) {
3757 if (wasQuotedString
) {
3758 // unescape in-place
3759 char16_t
* unescaped
= value
;
3760 char16_t
* src
= value
;
3762 while (*src
!= kNullCh
) {
3763 if (*src
== kBackSlash
&& *(src
+ 1) != kNullCh
) {
3766 *unescaped
++ = *src
++;
3769 *unescaped
= kNullCh
;
3772 if (attr
.LowerCaseEqualsASCII(kTitleStar
.get())) {
3773 if (titleStar
.IsEmpty() && !wasQuotedString
) {
3774 // RFC 5987 encoding; uses token format only, so skip if we get
3775 // here with a quoted-string
3778 if (Decode5987Format(tmp
)) {
3780 titleStar
.CompressWhitespace();
3782 // header value did not parse, throw it away
3783 titleStar
.Truncate();
3787 header
.MaybeUpdateAttribute(attr
, value
);
3792 if (endCh
== kComma
) {
3793 // hit a comma, process what we've got so far
3795 header
.mHref
.Trim(" \t\n\r\f"); // trim HTML5 whitespace
3796 if (!header
.mHref
.IsEmpty() && !header
.mRel
.IsEmpty()) {
3797 if (!titleStar
.IsEmpty()) {
3798 // prefer RFC 5987 variant over non-I18zed version
3799 header
.mTitle
= titleStar
;
3801 linkHeaders
.AppendElement(header
);
3804 titleStar
.Truncate();
3807 seenParameters
= false;
3813 header
.mHref
.Trim(" \t\n\r\f"); // trim HTML5 whitespace
3814 if (!header
.mHref
.IsEmpty() && !header
.mRel
.IsEmpty()) {
3815 if (!titleStar
.IsEmpty()) {
3816 // prefer RFC 5987 variant over non-I18zed version
3817 header
.mTitle
= titleStar
;
3819 linkHeaders
.AppendElement(header
);
3825 void LinkHeader::MaybeUpdateAttribute(const nsAString
& aAttribute
,
3826 const char16_t
* aValue
) {
3827 MOZ_ASSERT(!aAttribute
.LowerCaseEqualsASCII(kTitleStar
.get()));
3829 if (aAttribute
.LowerCaseEqualsLiteral("rel")) {
3830 if (mRel
.IsEmpty()) {
3832 mRel
.CompressWhitespace();
3834 } else if (aAttribute
.LowerCaseEqualsLiteral("title")) {
3835 if (mTitle
.IsEmpty()) {
3837 mTitle
.CompressWhitespace();
3839 } else if (aAttribute
.LowerCaseEqualsLiteral("type")) {
3840 if (mType
.IsEmpty()) {
3842 mType
.StripWhitespace();
3844 } else if (aAttribute
.LowerCaseEqualsLiteral("media")) {
3845 if (mMedia
.IsEmpty()) {
3848 // The HTML5 spec is formulated in terms of the CSS3 spec,
3849 // which specifies that media queries are case insensitive.
3850 nsContentUtils::ASCIIToLower(mMedia
);
3852 } else if (aAttribute
.LowerCaseEqualsLiteral("anchor")) {
3853 if (mAnchor
.IsEmpty()) {
3855 mAnchor
.StripWhitespace();
3857 } else if (aAttribute
.LowerCaseEqualsLiteral("crossorigin")) {
3858 if (mCrossOrigin
.IsVoid()) {
3859 mCrossOrigin
.SetIsVoid(false);
3860 mCrossOrigin
= aValue
;
3861 mCrossOrigin
.StripWhitespace();
3863 } else if (aAttribute
.LowerCaseEqualsLiteral("as")) {
3864 if (mAs
.IsEmpty()) {
3866 mAs
.CompressWhitespace();
3868 } else if (aAttribute
.LowerCaseEqualsLiteral("referrerpolicy")) {
3869 // https://html.spec.whatwg.org/multipage/urls-and-fetching.html#referrer-policy-attribute
3870 // Specs says referrer policy attribute is an enumerated attribute,
3871 // case insensitive and includes the empty string
3872 // We will parse the aValue with AttributeReferrerPolicyFromString
3873 // later, which will handle parsing it as an enumerated attribute.
3874 if (mReferrerPolicy
.IsEmpty()) {
3875 mReferrerPolicy
= aValue
;
3878 } else if (aAttribute
.LowerCaseEqualsLiteral("nonce")) {
3879 if (mNonce
.IsEmpty()) {
3882 } else if (aAttribute
.LowerCaseEqualsLiteral("integrity")) {
3883 if (mIntegrity
.IsEmpty()) {
3884 mIntegrity
= aValue
;
3886 } else if (aAttribute
.LowerCaseEqualsLiteral("imagesrcset")) {
3887 if (mSrcset
.IsEmpty()) {
3890 } else if (aAttribute
.LowerCaseEqualsLiteral("imagesizes")) {
3891 if (mSizes
.IsEmpty()) {
3894 } else if (aAttribute
.LowerCaseEqualsLiteral("fetchpriority")) {
3895 if (mFetchPriority
.IsEmpty()) {
3896 LOG(("Update fetchPriority to \"%s\"",
3897 NS_ConvertUTF16toUTF8(aValue
).get()));
3898 mFetchPriority
= aValue
;
3903 // We will use official mime-types from:
3904 // https://www.iana.org/assignments/media-types/media-types.xhtml#font
3905 // We do not support old deprecated mime-types for preload feature.
3906 // (We currectly do not support font/collection)
3907 static uint32_t StyleLinkElementFontMimeTypesNum
= 5;
3908 static const char* StyleLinkElementFontMimeTypes
[] = {
3909 "font/otf", "font/sfnt", "font/ttf", "font/woff", "font/woff2"};
3911 bool IsFontMimeType(const nsAString
& aType
) {
3912 if (aType
.IsEmpty()) {
3915 for (uint32_t i
= 0; i
< StyleLinkElementFontMimeTypesNum
; i
++) {
3916 if (aType
.EqualsASCII(StyleLinkElementFontMimeTypes
[i
])) {
3923 static const nsAttrValue::EnumTable kAsAttributeTable
[] = {
3924 {"", DESTINATION_INVALID
}, {"audio", DESTINATION_AUDIO
},
3925 {"font", DESTINATION_FONT
}, {"image", DESTINATION_IMAGE
},
3926 {"script", DESTINATION_SCRIPT
}, {"style", DESTINATION_STYLE
},
3927 {"track", DESTINATION_TRACK
}, {"video", DESTINATION_VIDEO
},
3928 {"fetch", DESTINATION_FETCH
}, {nullptr, 0}};
3930 void ParseAsValue(const nsAString
& aValue
, nsAttrValue
& aResult
) {
3931 DebugOnly
<bool> success
=
3932 aResult
.ParseEnumValue(aValue
, kAsAttributeTable
, false,
3933 // default value is a empty string
3934 // if aValue is not a value we
3936 &kAsAttributeTable
[0]);
3937 MOZ_ASSERT(success
);
3940 nsContentPolicyType
AsValueToContentPolicy(const nsAttrValue
& aValue
) {
3941 switch (aValue
.GetEnumValue()) {
3942 case DESTINATION_INVALID
:
3943 return nsIContentPolicy::TYPE_INVALID
;
3944 case DESTINATION_AUDIO
:
3945 return nsIContentPolicy::TYPE_INTERNAL_AUDIO
;
3946 case DESTINATION_TRACK
:
3947 return nsIContentPolicy::TYPE_INTERNAL_TRACK
;
3948 case DESTINATION_VIDEO
:
3949 return nsIContentPolicy::TYPE_INTERNAL_VIDEO
;
3950 case DESTINATION_FONT
:
3951 return nsIContentPolicy::TYPE_FONT
;
3952 case DESTINATION_IMAGE
:
3953 return nsIContentPolicy::TYPE_IMAGE
;
3954 case DESTINATION_SCRIPT
:
3955 return nsIContentPolicy::TYPE_SCRIPT
;
3956 case DESTINATION_STYLE
:
3957 return nsIContentPolicy::TYPE_STYLESHEET
;
3958 case DESTINATION_FETCH
:
3959 return nsIContentPolicy::TYPE_INTERNAL_FETCH_PRELOAD
;
3961 return nsIContentPolicy::TYPE_INVALID
;
3964 // TODO: implement this using nsAttrValue's destination enums when support for
3965 // the new destinations is added; see this diff for a possible start:
3966 // https://phabricator.services.mozilla.com/D172368?vs=705114&id=708720
3967 bool IsScriptLikeOrInvalid(const nsAString
& aAs
) {
3969 aAs
.LowerCaseEqualsASCII("fetch") || aAs
.LowerCaseEqualsASCII("audio") ||
3970 aAs
.LowerCaseEqualsASCII("document") ||
3971 aAs
.LowerCaseEqualsASCII("embed") || aAs
.LowerCaseEqualsASCII("font") ||
3972 aAs
.LowerCaseEqualsASCII("frame") || aAs
.LowerCaseEqualsASCII("iframe") ||
3973 aAs
.LowerCaseEqualsASCII("image") ||
3974 aAs
.LowerCaseEqualsASCII("manifest") ||
3975 aAs
.LowerCaseEqualsASCII("object") ||
3976 aAs
.LowerCaseEqualsASCII("report") || aAs
.LowerCaseEqualsASCII("style") ||
3977 aAs
.LowerCaseEqualsASCII("track") || aAs
.LowerCaseEqualsASCII("video") ||
3978 aAs
.LowerCaseEqualsASCII("webidentity") ||
3979 aAs
.LowerCaseEqualsASCII("xslt"));
3982 bool CheckPreloadAttrs(const nsAttrValue
& aAs
, const nsAString
& aType
,
3983 const nsAString
& aMedia
,
3984 mozilla::dom::Document
* aDocument
) {
3985 nsContentPolicyType policyType
= AsValueToContentPolicy(aAs
);
3986 if (policyType
== nsIContentPolicy::TYPE_INVALID
) {
3990 // Check if media attribute is valid.
3991 if (!aMedia
.IsEmpty()) {
3992 RefPtr
<mozilla::dom::MediaList
> mediaList
=
3993 mozilla::dom::MediaList::Create(NS_ConvertUTF16toUTF8(aMedia
));
3994 if (!mediaList
->Matches(*aDocument
)) {
3999 if (aType
.IsEmpty()) {
4003 if (policyType
== nsIContentPolicy::TYPE_INTERNAL_FETCH_PRELOAD
) {
4007 nsAutoString
type(aType
);
4009 if (policyType
== nsIContentPolicy::TYPE_MEDIA
) {
4010 if (aAs
.GetEnumValue() == DESTINATION_TRACK
) {
4011 return type
.EqualsASCII("text/vtt");
4013 Maybe
<MediaContainerType
> mimeType
= MakeMediaContainerType(aType
);
4017 DecoderDoctorDiagnostics diagnostics
;
4018 CanPlayStatus status
=
4019 DecoderTraits::CanHandleContainerType(*mimeType
, &diagnostics
);
4020 // Preload if this return CANPLAY_YES and CANPLAY_MAYBE.
4021 return status
!= CANPLAY_NO
;
4023 if (policyType
== nsIContentPolicy::TYPE_FONT
) {
4024 return IsFontMimeType(type
);
4026 if (policyType
== nsIContentPolicy::TYPE_IMAGE
) {
4027 return imgLoader::SupportImageWithMimeType(
4028 NS_ConvertUTF16toUTF8(type
), AcceptedMimeTypes::IMAGES_AND_DOCUMENTS
);
4030 if (policyType
== nsIContentPolicy::TYPE_SCRIPT
) {
4031 return nsContentUtils::IsJavascriptMIMEType(type
);
4033 if (policyType
== nsIContentPolicy::TYPE_STYLESHEET
) {
4034 return type
.EqualsASCII("text/css");
4039 void WarnIgnoredPreload(const mozilla::dom::Document
& aDoc
, nsIURI
& aURI
) {
4040 AutoTArray
<nsString
, 1> params
;
4042 nsCString uri
= nsContentUtils::TruncatedURLForDisplay(&aURI
);
4043 AppendUTF8toUTF16(uri
, *params
.AppendElement());
4045 nsContentUtils::ReportToConsole(nsIScriptError::warningFlag
, "DOM"_ns
, &aDoc
,
4046 nsContentUtils::eDOM_PROPERTIES
,
4047 "PreloadIgnoredInvalidAttr", params
);
4050 nsresult
HasRootDomain(const nsACString
& aInput
, const nsACString
& aHost
,
4052 if (NS_WARN_IF(!aResult
)) {
4053 return NS_ERROR_FAILURE
;
4058 // If the strings are the same, we obviously have a match.
4059 if (aInput
== aHost
) {
4064 // If aHost is not found, we know we do not have it as a root domain.
4065 int32_t index
= nsAutoCString(aInput
).Find(aHost
);
4066 if (index
== kNotFound
) {
4070 // Otherwise, we have aHost as our root domain iff the index of aHost is
4071 // aHost.length subtracted from our length and (since we do not have an
4072 // exact match) the character before the index is a dot or slash.
4073 *aResult
= index
> 0 && (uint32_t)index
== aInput
.Length() - aHost
.Length() &&
4074 (aInput
[index
- 1] == '.' || aInput
[index
- 1] == '/');
4078 void CheckForBrokenChromeURL(nsILoadInfo
* aLoadInfo
, nsIURI
* aURI
) {
4082 nsAutoCString scheme
;
4083 aURI
->GetScheme(scheme
);
4084 if (!scheme
.EqualsLiteral("chrome") && !scheme
.EqualsLiteral("resource")) {
4088 aURI
->GetHost(host
);
4089 // Ignore test hits.
4090 if (host
.EqualsLiteral("mochitests") || host
.EqualsLiteral("reftest")) {
4094 nsAutoCString filePath
;
4095 aURI
->GetFilePath(filePath
);
4096 // Fluent likes checking for files everywhere and expects failure.
4097 if (StringEndsWith(filePath
, ".ftl"_ns
)) {
4101 // Ignore fetches/xhrs, as they are frequently used in a way where
4102 // non-existence is OK (ie with fallbacks). This risks false negatives (ie
4103 // files that *should* be there but aren't) - which we accept for now.
4104 ExtContentPolicy policy
= aLoadInfo
4105 ? aLoadInfo
->GetExternalContentPolicyType()
4106 : ExtContentPolicy::TYPE_OTHER
;
4107 if (policy
== ExtContentPolicy::TYPE_FETCH
||
4108 policy
== ExtContentPolicy::TYPE_XMLHTTPREQUEST
) {
4113 bool shouldSkipCheckForBrokenURLOrZeroSized
;
4114 MOZ_ALWAYS_SUCCEEDS(aLoadInfo
->GetShouldSkipCheckForBrokenURLOrZeroSized(
4115 &shouldSkipCheckForBrokenURLOrZeroSized
));
4116 if (shouldSkipCheckForBrokenURLOrZeroSized
) {
4122 aURI
->GetSpec(spec
);
4125 // Various toolkit files use this and are shipped on android, but
4126 // info-pages.css and aboutLicense.css are not - bug 1808987
4127 if (StringEndsWith(spec
, "info-pages.css"_ns
) ||
4128 StringEndsWith(spec
, "aboutLicense.css"_ns
) ||
4129 // Error page CSS is also missing: bug 1810039
4130 StringEndsWith(spec
, "aboutNetError.css"_ns
) ||
4131 StringEndsWith(spec
, "aboutHttpsOnlyError.css"_ns
) ||
4132 StringEndsWith(spec
, "error-pages.css"_ns
) ||
4133 // popup.css is used in a single mochitest: bug 1810577
4134 StringEndsWith(spec
, "/popup.css"_ns
) ||
4135 // Used by an extension installation test - bug 1809650
4136 StringBeginsWith(spec
, "resource://android/assets/web_extensions/"_ns
)) {
4141 // DTD files from gre may not exist when requested by tests.
4142 if (StringBeginsWith(spec
, "resource://gre/res/dtd/"_ns
)) {
4146 // The background task machinery allows the caller to specify a JSM on the
4147 // command line, which is then looked up in both app-specific and toolkit-wide
4149 if (spec
.Find("backgroundtasks") != kNotFound
) {
4153 if (xpc::IsInAutomation()) {
4155 if (NS_IsMainThread()) {
4156 nsCOMPtr
<nsIXPConnect
> xpc
= nsIXPConnect::XPConnect();
4157 Unused
<< xpc
->DebugDumpJSStack(false, false, false);
4160 MOZ_CRASH_UNSAFE_PRINTF("Missing chrome or resource URLs: %s", spec
.get());
4162 printf_stderr("Missing chrome or resource URL: %s\n", spec
.get());
4166 bool IsCoepCredentiallessEnabled(bool aIsOriginTrialCoepCredentiallessEnabled
) {
4167 return StaticPrefs::
4168 browser_tabs_remote_coep_credentialless_DoNotUseDirectly() ||
4169 aIsOriginTrialCoepCredentiallessEnabled
;
4173 } // namespace mozilla