Bug 1879644 [wpt PR 44514] - Update wpt metadata, a=testonly
[gecko.git] / docshell / base / nsDocShellLoadState.h
bloba34ca1b54bdb9cf52cfa1f7bd659f43f1de9365e
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 #ifndef nsDocShellLoadState_h__
8 #define nsDocShellLoadState_h__
10 #include "mozilla/dom/BrowsingContext.h"
11 #include "mozilla/dom/SessionHistoryEntry.h"
13 // Helper Classes
14 #include "mozilla/Maybe.h"
15 #include "nsCOMPtr.h"
16 #include "nsString.h"
17 #include "nsDocShellLoadTypes.h"
18 #include "nsTArrayForwardDeclare.h"
20 class nsIContentSecurityPolicy;
21 class nsIInputStream;
22 class nsISHEntry;
23 class nsIURI;
24 class nsIDocShell;
25 class nsIChannel;
26 class nsIReferrerInfo;
27 namespace mozilla {
28 class OriginAttributes;
29 template <typename, class>
30 class UniquePtr;
31 namespace dom {
32 class DocShellLoadStateInit;
33 } // namespace dom
34 } // namespace mozilla
36 /**
37 * nsDocShellLoadState contains setup information used in a nsIDocShell::loadURI
38 * call.
40 class nsDocShellLoadState final {
41 using BrowsingContext = mozilla::dom::BrowsingContext;
42 template <typename T>
43 using MaybeDiscarded = mozilla::dom::MaybeDiscarded<T>;
45 public:
46 NS_INLINE_DECL_REFCOUNTING(nsDocShellLoadState);
48 explicit nsDocShellLoadState(nsIURI* aURI);
49 explicit nsDocShellLoadState(
50 const mozilla::dom::DocShellLoadStateInit& aLoadState,
51 mozilla::ipc::IProtocol* aActor, bool* aReadSuccess);
52 explicit nsDocShellLoadState(const nsDocShellLoadState& aOther);
53 nsDocShellLoadState(nsIURI* aURI, uint64_t aLoadIdentifier);
55 static nsresult CreateFromPendingChannel(nsIChannel* aPendingChannel,
56 uint64_t aLoadIdentifier,
57 uint64_t aRegistarId,
58 nsDocShellLoadState** aResult);
60 static nsresult CreateFromLoadURIOptions(
61 BrowsingContext* aBrowsingContext, const nsAString& aURI,
62 const mozilla::dom::LoadURIOptions& aLoadURIOptions,
63 nsDocShellLoadState** aResult);
64 static nsresult CreateFromLoadURIOptions(
65 BrowsingContext* aBrowsingContext, nsIURI* aURI,
66 const mozilla::dom::LoadURIOptions& aLoadURIOptions,
67 nsDocShellLoadState** aResult);
69 // Getters and Setters
71 nsIReferrerInfo* GetReferrerInfo() const;
73 void SetReferrerInfo(nsIReferrerInfo* aReferrerInfo);
75 nsIURI* URI() const;
77 void SetURI(nsIURI* aURI);
79 nsIURI* OriginalURI() const;
81 void SetOriginalURI(nsIURI* aOriginalURI);
83 nsIURI* ResultPrincipalURI() const;
85 void SetResultPrincipalURI(nsIURI* aResultPrincipalURI);
87 bool ResultPrincipalURIIsSome() const;
89 void SetResultPrincipalURIIsSome(bool aIsSome);
91 bool KeepResultPrincipalURIIfSet() const;
93 void SetKeepResultPrincipalURIIfSet(bool aKeep);
95 nsIPrincipal* PrincipalToInherit() const;
97 void SetPrincipalToInherit(nsIPrincipal* aPrincipalToInherit);
99 nsIPrincipal* PartitionedPrincipalToInherit() const;
101 void SetPartitionedPrincipalToInherit(
102 nsIPrincipal* aPartitionedPrincipalToInherit);
104 bool LoadReplace() const;
106 void SetLoadReplace(bool aLoadReplace);
108 nsIPrincipal* TriggeringPrincipal() const;
110 void SetTriggeringPrincipal(nsIPrincipal* aTriggeringPrincipal);
112 uint32_t TriggeringSandboxFlags() const;
114 void SetTriggeringSandboxFlags(uint32_t aTriggeringSandboxFlags);
116 uint64_t TriggeringWindowId() const;
118 void SetTriggeringWindowId(uint64_t aTriggeringWindowId);
120 bool TriggeringStorageAccess() const;
122 void SetTriggeringStorageAccess(bool aTriggeringStorageAccess);
124 nsIContentSecurityPolicy* Csp() const;
126 void SetCsp(nsIContentSecurityPolicy* aCsp);
128 bool InheritPrincipal() const;
130 void SetInheritPrincipal(bool aInheritPrincipal);
132 bool PrincipalIsExplicit() const;
134 void SetPrincipalIsExplicit(bool aPrincipalIsExplicit);
136 // If true, "beforeunload" event listeners were notified by the creater of the
137 // LoadState and given the chance to abort the navigation, and should not be
138 // notified again.
139 bool NotifiedBeforeUnloadListeners() const;
141 void SetNotifiedBeforeUnloadListeners(bool aNotifiedBeforeUnloadListeners);
143 bool ForceAllowDataURI() const;
145 void SetForceAllowDataURI(bool aForceAllowDataURI);
147 bool IsExemptFromHTTPSFirstMode() const;
149 void SetIsExemptFromHTTPSFirstMode(bool aIsExemptFromHTTPSFirstMode);
151 bool OriginalFrameSrc() const;
153 void SetOriginalFrameSrc(bool aOriginalFrameSrc);
155 bool IsFormSubmission() const;
157 void SetIsFormSubmission(bool aIsFormSubmission);
159 uint32_t LoadType() const;
161 void SetLoadType(uint32_t aLoadType);
163 nsISHEntry* SHEntry() const;
165 void SetSHEntry(nsISHEntry* aSHEntry);
167 const mozilla::dom::LoadingSessionHistoryInfo* GetLoadingSessionHistoryInfo()
168 const;
170 // Copies aLoadingInfo and stores the copy in this nsDocShellLoadState.
171 void SetLoadingSessionHistoryInfo(
172 const mozilla::dom::LoadingSessionHistoryInfo& aLoadingInfo);
174 // Stores aLoadingInfo in this nsDocShellLoadState.
175 void SetLoadingSessionHistoryInfo(
176 mozilla::UniquePtr<mozilla::dom::LoadingSessionHistoryInfo> aLoadingInfo);
178 bool LoadIsFromSessionHistory() const;
180 const nsString& Target() const;
182 void SetTarget(const nsAString& aTarget);
184 nsIInputStream* PostDataStream() const;
186 void SetPostDataStream(nsIInputStream* aStream);
188 nsIInputStream* HeadersStream() const;
190 void SetHeadersStream(nsIInputStream* aHeadersStream);
192 bool IsSrcdocLoad() const;
194 const nsString& SrcdocData() const;
196 void SetSrcdocData(const nsAString& aSrcdocData);
198 const MaybeDiscarded<BrowsingContext>& SourceBrowsingContext() const {
199 return mSourceBrowsingContext;
202 void SetSourceBrowsingContext(BrowsingContext*);
204 void SetAllowFocusMove(bool aAllow) { mAllowFocusMove = aAllow; }
206 bool AllowFocusMove() const { return mAllowFocusMove; }
208 const MaybeDiscarded<BrowsingContext>& TargetBrowsingContext() const {
209 return mTargetBrowsingContext;
212 void SetTargetBrowsingContext(BrowsingContext* aTargetBrowsingContext);
214 nsIURI* BaseURI() const;
216 void SetBaseURI(nsIURI* aBaseURI);
218 // Helper function allowing convenient work with mozilla::Maybe in C++, hiding
219 // resultPrincipalURI and resultPrincipalURIIsSome attributes from the
220 // consumer.
221 void GetMaybeResultPrincipalURI(
222 mozilla::Maybe<nsCOMPtr<nsIURI>>& aRPURI) const;
224 void SetMaybeResultPrincipalURI(
225 mozilla::Maybe<nsCOMPtr<nsIURI>> const& aRPURI);
227 uint32_t LoadFlags() const;
229 void SetLoadFlags(uint32_t aFlags);
231 void SetLoadFlag(uint32_t aFlag);
233 void UnsetLoadFlag(uint32_t aFlag);
235 bool HasLoadFlags(uint32_t aFlag);
237 uint32_t InternalLoadFlags() const;
239 void SetInternalLoadFlags(uint32_t aFlags);
241 void SetInternalLoadFlag(uint32_t aFlag);
243 void UnsetInternalLoadFlag(uint32_t aFlag);
245 bool HasInternalLoadFlags(uint32_t aFlag);
247 bool FirstParty() const;
249 void SetFirstParty(bool aFirstParty);
251 bool HasValidUserGestureActivation() const;
253 void SetHasValidUserGestureActivation(bool HasValidUserGestureActivation);
255 const nsCString& TypeHint() const;
257 void SetTypeHint(const nsCString& aTypeHint);
259 const nsString& FileName() const;
261 void SetFileName(const nsAString& aFileName);
263 nsIURI* GetUnstrippedURI() const;
265 void SetUnstrippedURI(nsIURI* aUnstrippedURI);
267 // Give the type of DocShell we're loading into (chrome/content/etc) and
268 // origin attributes for the URI we're loading, figure out if we should
269 // inherit our principal from the document the load was requested from, or
270 // else if the principal should be set up later in the process (after loads).
271 // See comments in function for more info on principal selection algorithm
272 nsresult SetupInheritingPrincipal(
273 mozilla::dom::BrowsingContext::Type aType,
274 const mozilla::OriginAttributes& aOriginAttributes);
276 // If no triggering principal exists at the moment, create one using referrer
277 // information and origin attributes.
278 nsresult SetupTriggeringPrincipal(
279 const mozilla::OriginAttributes& aOriginAttributes);
281 void SetIsFromProcessingFrameAttributes() {
282 mIsFromProcessingFrameAttributes = true;
284 bool GetIsFromProcessingFrameAttributes() const {
285 return mIsFromProcessingFrameAttributes;
288 nsIChannel* GetPendingRedirectedChannel() {
289 return mPendingRedirectedChannel;
292 uint64_t GetPendingRedirectChannelRegistrarId() const {
293 return mChannelRegistrarId;
296 void SetOriginalURIString(const nsCString& aOriginalURI) {
297 mOriginalURIString.emplace(aOriginalURI);
299 const mozilla::Maybe<nsCString>& GetOriginalURIString() const {
300 return mOriginalURIString;
303 void SetCancelContentJSEpoch(int32_t aCancelEpoch) {
304 mCancelContentJSEpoch.emplace(aCancelEpoch);
306 const mozilla::Maybe<int32_t>& GetCancelContentJSEpoch() const {
307 return mCancelContentJSEpoch;
310 uint64_t GetLoadIdentifier() const { return mLoadIdentifier; }
312 void SetChannelInitialized(bool aInitilized) {
313 mChannelInitialized = aInitilized;
316 bool GetChannelInitialized() const { return mChannelInitialized; }
318 void SetIsMetaRefresh(bool aMetaRefresh) { mIsMetaRefresh = aMetaRefresh; }
320 bool IsMetaRefresh() const { return mIsMetaRefresh; }
322 const mozilla::Maybe<nsCString>& GetRemoteTypeOverride() const {
323 return mRemoteTypeOverride;
326 void SetRemoteTypeOverride(const nsCString& aRemoteTypeOverride) {
327 mRemoteTypeOverride = mozilla::Some(aRemoteTypeOverride);
330 void SetWasSchemelessInput(bool aWasSchemelessInput) {
331 mWasSchemelessInput = aWasSchemelessInput;
334 bool GetWasSchemelessInput() { return mWasSchemelessInput; }
336 // Determine the remote type of the process which should be considered
337 // responsible for this load for the purposes of security checks.
339 // This will generally be the process which created the nsDocShellLoadState
340 // originally, however non-errorpage history loads are always considered to be
341 // triggered by the parent process, as we can validate them against the
342 // history entry.
343 const nsCString& GetEffectiveTriggeringRemoteType() const;
345 void SetTriggeringRemoteType(const nsACString& aTriggeringRemoteType);
347 // Diagnostic assert if this is a system-principal triggered load, and it is
348 // trivial to determine that the effective triggering remote type would not be
349 // allowed to perform this load.
351 // This is called early during the load to crash as close to the cause as
352 // possible. See bug 1838686 for details.
353 #ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED
354 void AssertProcessCouldTriggerLoadIfSystem();
355 #else
356 void AssertProcessCouldTriggerLoadIfSystem() {}
357 #endif
359 // When loading a document through nsDocShell::LoadURI(), a special set of
360 // flags needs to be set based on other values in nsDocShellLoadState. This
361 // function calculates those flags, before the LoadState is passed to
362 // nsDocShell::InternalLoad.
363 void CalculateLoadURIFlags();
365 // Compute the load flags to be used by creating channel. aUriModified and
366 // aIsEmbeddingBlockedError are expected to be Nothing when called from parent
367 // process.
368 nsLoadFlags CalculateChannelLoadFlags(
369 mozilla::dom::BrowsingContext* aBrowsingContext,
370 mozilla::Maybe<bool> aUriModified,
371 mozilla::Maybe<bool> aIsEmbeddingBlockedError);
373 mozilla::dom::DocShellLoadStateInit Serialize(
374 mozilla::ipc::IProtocol* aActor);
376 void SetLoadIsFromSessionHistory(int32_t aOffset, bool aLoadingCurrentEntry);
377 void ClearLoadIsFromSessionHistory();
379 void MaybeStripTrackerQueryStrings(mozilla::dom::BrowsingContext* aContext);
381 protected:
382 // Destructor can't be defaulted or inlined, as header doesn't have all type
383 // includes it needs to do so.
384 ~nsDocShellLoadState();
386 // Given the original `nsDocShellLoadState` which was sent to a content
387 // process, validate that they corespond to the same load.
388 // Returns a static (telemetry-safe) string naming what did not match, or
389 // nullptr if it succeeds.
390 const char* ValidateWithOriginalState(nsDocShellLoadState* aOriginalState);
392 static nsresult CreateFromLoadURIOptions(
393 BrowsingContext* aBrowsingContext, nsIURI* aURI,
394 const mozilla::dom::LoadURIOptions& aLoadURIOptions,
395 uint32_t aLoadFlagsOverride, nsIInputStream* aPostDataOverride,
396 nsDocShellLoadState** aResult);
398 // This is the referrer for the load.
399 nsCOMPtr<nsIReferrerInfo> mReferrerInfo;
401 // The URI we are navigating to. Will not be null once set.
402 nsCOMPtr<nsIURI> mURI;
404 // The URI to set as the originalURI on the channel that does the load. If
405 // null, aURI will be set as the originalURI.
406 nsCOMPtr<nsIURI> mOriginalURI;
408 // The URI to be set to loadInfo.resultPrincipalURI
409 // - When Nothing, there will be no change
410 // - When Some, the principal URI will overwrite even
411 // with a null value.
413 // Valid only if mResultPrincipalURIIsSome is true (has the same meaning as
414 // isSome() on mozilla::Maybe.)
415 nsCOMPtr<nsIURI> mResultPrincipalURI;
416 bool mResultPrincipalURIIsSome;
418 // The principal of the load, that is, the entity responsible for causing the
419 // load to occur. In most cases the referrer and the triggeringPrincipal's URI
420 // will be identical.
422 // Please note that this is the principal that is used for security checks. If
423 // the argument aURI is provided by the web, then please do not pass a
424 // SystemPrincipal as the triggeringPrincipal.
425 nsCOMPtr<nsIPrincipal> mTriggeringPrincipal;
427 // The SandboxFlags of the load, that are, the SandboxFlags of the entity
428 // responsible for causing the load to occur. Most likely this are the
429 // SandboxFlags of the document that started the load.
430 uint32_t mTriggeringSandboxFlags;
432 // The window ID and current "has storage access" value of the entity
433 // triggering the load. This allows the identification of self-initiated
434 // same-origin navigations that should propogate unpartitioned storage access.
435 uint64_t mTriggeringWindowId;
436 bool mTriggeringStorageAccess;
438 // The CSP of the load, that is, the CSP of the entity responsible for causing
439 // the load to occur. Most likely this is the CSP of the document that started
440 // the load. In case the entity starting the load did not use a CSP, then mCsp
441 // can be null. Please note that this is also the CSP that will be applied to
442 // the load in case the load encounters a server side redirect.
443 nsCOMPtr<nsIContentSecurityPolicy> mCsp;
445 // If a refresh is caused by http-equiv="refresh" we want to set
446 // aResultPrincipalURI, but we do not want to overwrite the channel's
447 // ResultPrincipalURI, if it has already been set on the channel by a protocol
448 // handler.
449 bool mKeepResultPrincipalURIIfSet;
451 // If set LOAD_REPLACE flag will be set on the channel. If aOriginalURI is
452 // null, this argument is ignored.
453 bool mLoadReplace;
455 // If this attribute is true and no triggeringPrincipal is specified,
456 // copy the principal from the referring document.
457 bool mInheritPrincipal;
459 // If this attribute is true only ever use the principal specified
460 // by the triggeringPrincipal and inheritPrincipal attributes.
461 // If there are security reasons for why this is unsafe, such
462 // as trying to use a systemprincipal as the triggeringPrincipal
463 // for a content docshell the load fails.
464 bool mPrincipalIsExplicit;
466 bool mNotifiedBeforeUnloadListeners;
468 // Principal we're inheriting. If null, this means the principal should be
469 // inherited from the current document. If set to NullPrincipal, the channel
470 // will fill in principal information later in the load. See internal comments
471 // of SetupInheritingPrincipal for more info.
473 // When passed to InternalLoad, If this argument is null then
474 // principalToInherit is computed differently. See nsDocShell::InternalLoad
475 // for more comments.
477 nsCOMPtr<nsIPrincipal> mPrincipalToInherit;
479 nsCOMPtr<nsIPrincipal> mPartitionedPrincipalToInherit;
481 // If this attribute is true, then a top-level navigation
482 // to a data URI will be allowed.
483 bool mForceAllowDataURI;
485 // If this attribute is true, then the top-level navigaion
486 // will be exempt from HTTPS-Only-Mode upgrades.
487 bool mIsExemptFromHTTPSFirstMode;
489 // If this attribute is true, this load corresponds to a frame
490 // element loading its original src (or srcdoc) attribute.
491 bool mOriginalFrameSrc;
493 // If this attribute is true, then the load was initiated by a
494 // form submission.
495 bool mIsFormSubmission;
497 // Contains a load type as specified by the nsDocShellLoadTypes::load*
498 // constants
499 uint32_t mLoadType;
501 // Active Session History entry (if loading from SH)
502 nsCOMPtr<nsISHEntry> mSHEntry;
504 // Loading session history info for the load
505 mozilla::UniquePtr<mozilla::dom::LoadingSessionHistoryInfo>
506 mLoadingSessionHistoryInfo;
508 // Target for load, like _content, _blank etc.
509 nsString mTarget;
511 // When set, this is the Target Browsing Context for the navigation
512 // after retargeting.
513 MaybeDiscarded<BrowsingContext> mTargetBrowsingContext;
515 // Post data stream (if POSTing)
516 nsCOMPtr<nsIInputStream> mPostDataStream;
518 // Additional Headers
519 nsCOMPtr<nsIInputStream> mHeadersStream;
521 // When set, the load will be interpreted as a srcdoc load, where contents of
522 // this string will be loaded instead of the URI. Setting srcdocData sets
523 // isSrcdocLoad to true
524 nsString mSrcdocData;
526 // When set, this is the Source Browsing Context for the navigation.
527 MaybeDiscarded<BrowsingContext> mSourceBrowsingContext;
529 // Used for srcdoc loads to give view-source knowledge of the load's base URI
530 // as this information isn't embedded in the load's URI.
531 nsCOMPtr<nsIURI> mBaseURI;
533 // Set of Load Flags, taken from nsDocShellLoadTypes.h and nsIWebNavigation
534 uint32_t mLoadFlags;
536 // Set of internal load flags
537 uint32_t mInternalLoadFlags;
539 // Is this a First Party Load?
540 bool mFirstParty;
542 // Is this load triggered by a user gesture?
543 bool mHasValidUserGestureActivation;
545 // Whether this load can steal the focus from the source browsing context.
546 bool mAllowFocusMove;
548 // A hint as to the content-type of the resulting data. If no hint, IsVoid()
549 // should return true.
550 nsCString mTypeHint;
552 // Non-void when the link should be downloaded as the given filename.
553 // mFileName being non-void but empty means that no filename hint was
554 // specified, but link should still trigger a download. If not a download,
555 // mFileName.IsVoid() should return true.
556 nsString mFileName;
558 // This will be true if this load is triggered by attribute changes.
559 // See nsILoadInfo.isFromProcessingFrameAttributes
560 bool mIsFromProcessingFrameAttributes;
562 // If set, a pending cross-process redirected channel should be used to
563 // perform the load. The channel will be stored in this value.
564 nsCOMPtr<nsIChannel> mPendingRedirectedChannel;
566 // An optional string representation of mURI, before any
567 // fixups were applied, so that we can send it to a search
568 // engine service if needed.
569 mozilla::Maybe<nsCString> mOriginalURIString;
571 // An optional value to pass to nsIDocShell::setCancelJSEpoch
572 // when initiating the load.
573 mozilla::Maybe<int32_t> mCancelContentJSEpoch;
575 // If mPendingRedirectChannel is set, then this is the identifier
576 // that the parent-process equivalent channel has been registered
577 // with using RedirectChannelRegistrar.
578 uint64_t mChannelRegistrarId;
580 // An identifier to make it possible to examine if two loads are
581 // equal, and which browsing context they belong to (see
582 // BrowsingContext::{Get, Set}CurrentLoadIdentifier)
583 const uint64_t mLoadIdentifier;
585 // Optional value to indicate that a channel has been
586 // pre-initialized in the parent process.
587 bool mChannelInitialized;
589 // True if the load was triggered by a meta refresh.
590 bool mIsMetaRefresh;
592 // True if the nsDocShellLoadState was received over IPC.
593 bool mWasCreatedRemotely = false;
595 // The original URI before query stripping happened. If it's present, it shows
596 // the query stripping happened. Otherwise, it will be a nullptr.
597 nsCOMPtr<nsIURI> mUnstrippedURI;
599 // If set, the remote type which the load should be completed within.
600 mozilla::Maybe<nsCString> mRemoteTypeOverride;
602 // Remote type of the process which originally requested the load.
603 nsCString mTriggeringRemoteType;
605 // if the to-be-loaded address had it protocol added through a fixup
606 bool mWasSchemelessInput = false;
609 #endif /* nsDocShellLoadState_h__ */