1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ 2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */ 3 /* This Source Code Form is subject to the terms of the Mozilla Public 4 * License, v. 2.0. If a copy of the MPL was not distributed with this 5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 6 7 #ifndef mozilla_LoadInfo_h 8 #define mozilla_LoadInfo_h 9 10 #include "nsIContentPolicy.h" 11 #include "nsILoadInfo.h" 12 #include "nsIPrincipal.h" 13 #include "nsIWeakReferenceUtils.h" // for nsWeakPtr 14 #include "nsIURI.h" 15 #include "nsTArray.h" 16 17 #include "mozilla/BasePrincipal.h" 18 #include "mozilla/dom/ClientInfo.h" 19 #include "mozilla/dom/ServiceWorkerDescriptor.h" 20 21 class nsINode; 22 class nsPIDOMWindowOuter; 23 24 namespace mozilla { 25 26 namespace dom { 27 class PerformanceStorage; 28 class XMLHttpRequestMainThread; 29 } // namespace dom 30 31 namespace net { 32 class OptionalLoadInfoArgs; 33 } // namespace net 34 35 namespace ipc { 36 // we have to forward declare that function so we can use it as a friend. 37 nsresult LoadInfoArgsToLoadInfo( 38 const mozilla::net::OptionalLoadInfoArgs& aLoadInfoArgs, 39 nsILoadInfo** outLoadInfo); 40 } // namespace ipc 41 42 namespace net { 43 44 typedef nsTArray<nsCOMPtr<nsIRedirectHistoryEntry>> RedirectHistoryArray; 45 46 /** 47 * Class that provides an nsILoadInfo implementation. 48 */ 49 class LoadInfo final : public nsILoadInfo { 50 public: 51 NS_DECL_ISUPPORTS 52 NS_DECL_NSILOADINFO 53 54 // aLoadingPrincipal MUST NOT BE NULL. 55 LoadInfo(nsIPrincipal* aLoadingPrincipal, nsIPrincipal* aTriggeringPrincipal, 56 nsINode* aLoadingContext, nsSecurityFlags aSecurityFlags, 57 nsContentPolicyType aContentPolicyType, 58 const Maybe<mozilla::dom::ClientInfo>& aLoadingClientInfo = 59 Maybe<mozilla::dom::ClientInfo>(), 60 const Maybe<mozilla::dom::ServiceWorkerDescriptor>& aController = 61 Maybe<mozilla::dom::ServiceWorkerDescriptor>()); 62 63 // Constructor used for TYPE_DOCUMENT loads which have a different 64 // loadingContext than other loads. This ContextForTopLevelLoad is 65 // only used for content policy checks. 66 LoadInfo(nsPIDOMWindowOuter* aOuterWindow, nsIPrincipal* aTriggeringPrincipal, 67 nsISupports* aContextForTopLevelLoad, 68 nsSecurityFlags aSecurityFlags); 69 70 // create an exact copy of the loadinfo 71 already_AddRefed<nsILoadInfo> Clone() const; 72 // hands off!!! don't use CloneWithNewSecFlags unless you know 73 // exactly what you are doing - it should only be used within 74 // nsBaseChannel::Redirect() 75 already_AddRefed<nsILoadInfo> CloneWithNewSecFlags( 76 nsSecurityFlags aSecurityFlags) const; 77 // creates a copy of the loadinfo which is appropriate to use for a 78 // separate request. I.e. not for a redirect or an inner channel, but 79 // when a separate request is made with the same security properties. 80 already_AddRefed<nsILoadInfo> CloneForNewRequest() const; 81 82 // The service worker and fetch specifications require returning the 83 // exact tainting level of the Response passed to FetchEvent.respondWith(). 84 // This method allows us to override the tainting level in that case. 85 // 86 // NOTE: This should not be used outside of service worker code! Use 87 // nsILoadInfo::MaybeIncreaseTainting() instead. 88 void SynthesizeServiceWorkerTainting(LoadTainting aTainting); 89 90 void SetIsPreflight(); 91 void SetUpgradeInsecureRequests(); 92 void SetBrowserUpgradeInsecureRequests(); 93 void SetIsFromProcessingFrameAttributes(); 94 95 private: 96 // private constructor that is only allowed to be called from within 97 // HttpChannelParent and FTPChannelParent declared as friends undeneath. 98 // In e10s we can not serialize nsINode, hence we store the innerWindowID. 99 // Please note that aRedirectChain uses swapElements. 100 LoadInfo(nsIPrincipal* aLoadingPrincipal, nsIPrincipal* aTriggeringPrincipal, 101 nsIPrincipal* aPrincipalToInherit, 102 nsIPrincipal* aSandboxedLoadingPrincipal, 103 nsIURI* aResultPrincipalURI, 104 const Maybe<mozilla::dom::ClientInfo>& aClientInfo, 105 const Maybe<mozilla::dom::ClientInfo>& aReservedClientInfo, 106 const Maybe<mozilla::dom::ClientInfo>& aInitialClientInfo, 107 const Maybe<mozilla::dom::ServiceWorkerDescriptor>& aController, 108 nsSecurityFlags aSecurityFlags, 109 nsContentPolicyType aContentPolicyType, LoadTainting aTainting, 110 bool aUpgradeInsecureRequests, bool aBrowserUpgradeInsecureRequests, 111 bool aVerifySignedContent, bool aEnforceSRI, 112 bool aAllowDocumentToBeAgnosticToCSP, bool aForceAllowDataURI, 113 bool aAllowInsecureRedirectToDataURI, 114 bool aForceInheritPrincipalDropped, uint64_t aInnerWindowID, 115 uint64_t aOuterWindowID, uint64_t aParentOuterWindowID, 116 uint64_t aTopOuterWindowID, uint64_t aFrameOuterWindowID, 117 bool aEnforceSecurity, bool aInitialSecurityCheckDone, 118 bool aIsThirdPartyRequest, bool aIsDocshellReload, 119 const OriginAttributes& aOriginAttributes, 120 RedirectHistoryArray& aRedirectChainIncludingInternalRedirects, 121 RedirectHistoryArray& aRedirectChain, 122 nsTArray<nsCOMPtr<nsIPrincipal>>&& aAncestorPrincipals, 123 const nsTArray<uint64_t>& aAncestorOuterWindowIDs, 124 const nsTArray<nsCString>& aUnsafeHeaders, bool aForcePreflight, 125 bool aIsPreflight, bool aLoadTriggeredFromExternal, 126 bool aServiceWorkerTaintingSynthesized); 127 LoadInfo(const LoadInfo& rhs); 128 129 NS_IMETHOD GetRedirects(JSContext* aCx, 130 JS::MutableHandle<JS::Value> aRedirects, 131 const RedirectHistoryArray& aArra); 132 133 friend nsresult mozilla::ipc::LoadInfoArgsToLoadInfo( 134 const mozilla::net::OptionalLoadInfoArgs& aLoadInfoArgs, 135 nsILoadInfo** outLoadInfo); 136 137 ~LoadInfo(); 138 139 void ComputeIsThirdPartyContext(nsPIDOMWindowOuter* aOuterWindow); 140 141 // This function is the *only* function which can change the securityflags 142 // of a loadinfo. It only exists because of the XHR code. Don't call it 143 // from anywhere else! 144 void SetIncludeCookiesSecFlag(); 145 friend class mozilla::dom::XMLHttpRequestMainThread; 146 147 // if you add a member, please also update the copy constructor and consider 148 // if it should be merged from parent channel through 149 // ParentLoadInfoForwarderArgs. 150 nsCOMPtr<nsIPrincipal> mLoadingPrincipal; 151 nsCOMPtr<nsIPrincipal> mTriggeringPrincipal; 152 nsCOMPtr<nsIPrincipal> mPrincipalToInherit; 153 nsCOMPtr<nsIPrincipal> mSandboxedLoadingPrincipal; 154 nsCOMPtr<nsIURI> mResultPrincipalURI; 155 156 Maybe<mozilla::dom::ClientInfo> mClientInfo; 157 UniquePtr<mozilla::dom::ClientSource> mReservedClientSource; 158 Maybe<mozilla::dom::ClientInfo> mReservedClientInfo; 159 Maybe<mozilla::dom::ClientInfo> mInitialClientInfo; 160 Maybe<mozilla::dom::ServiceWorkerDescriptor> mController; 161 RefPtr<mozilla::dom::PerformanceStorage> mPerformanceStorage; 162 163 nsWeakPtr mLoadingContext; 164 nsWeakPtr mContextForTopLevelLoad; 165 nsSecurityFlags mSecurityFlags; 166 nsContentPolicyType mInternalContentPolicyType; 167 LoadTainting mTainting; 168 bool mUpgradeInsecureRequests; 169 bool mBrowserUpgradeInsecureRequests; 170 bool mVerifySignedContent; 171 bool mEnforceSRI; 172 bool mAllowDocumentToBeAgnosticToCSP; 173 bool mForceAllowDataURI; 174 bool mAllowInsecureRedirectToDataURI; 175 bool mOriginalFrameSrcLoad; 176 bool mForceInheritPrincipalDropped; 177 uint64_t mInnerWindowID; 178 uint64_t mOuterWindowID; 179 uint64_t mParentOuterWindowID; 180 uint64_t mTopOuterWindowID; 181 uint64_t mFrameOuterWindowID; 182 bool mEnforceSecurity; 183 bool mInitialSecurityCheckDone; 184 bool mIsThirdPartyContext; 185 bool mIsDocshellReload; 186 OriginAttributes mOriginAttributes; 187 RedirectHistoryArray mRedirectChainIncludingInternalRedirects; 188 RedirectHistoryArray mRedirectChain; 189 nsTArray<nsCOMPtr<nsIPrincipal>> mAncestorPrincipals; 190 nsTArray<uint64_t> mAncestorOuterWindowIDs; 191 nsTArray<nsCString> mCorsUnsafeHeaders; 192 bool mForcePreflight; 193 bool mIsPreflight; 194 bool mLoadTriggeredFromExternal; 195 bool mServiceWorkerTaintingSynthesized; 196 197 // Is true if this load was triggered by processing the attributes of the 198 // browsing context container. 199 // See nsILoadInfo.isFromProcessingFrameAttributes 200 bool mIsFromProcessingFrameAttributes; 201 }; 202 203 } // namespace net 204 } // namespace mozilla 205 206 #endif // mozilla_LoadInfo_h 207