NS_IMETHODIMP HttpBaseChannel::SetRequestMethod(const nsACString& aMethod) { ENSURE_CALLED_BEFORE_ASYNC_OPEN(); nsCAutoString upperCaseMethod; ToUpperCase(aMethod, upperCaseMethod); // Method names are restricted to valid HTTP tokens. if (!nsHttp::IsValidToken(upperCaseMethod)) return NS_ERROR_INVALID_ARG; nsCOMPtr<nsIAtom> atom = do_GetAtom(upperCaseMethod); // We've changed method names to case sensitive in bug 477578. Some // methods are kept case insensitive to keep backward compatibility and // to satisfy XMLHttpRequest specification which demands it. #define HTTP_METHOD_ATOM(name_, value_) #define HTTP_CASE_INSENSITIVE_METHOD_ATOM(name_, value_) \ if (nsHttp::name_ == atom) {} else #include "nsHttpAtomList.h" #undef HTTP_CASE_INSENSITIVE_METHOD_ATOM #undef HTTP_METHOD_ATOM { // upper case atom doesn't match any case insensitive atom atom = do_GetAtom(aMethod); } mRequestHead.SetMethod(atom); return NS_OK; }
NS_IMETHODIMP HttpBaseChannel::SetForceAllowThirdPartyCookie(bool aForce) { ENSURE_CALLED_BEFORE_ASYNC_OPEN(); mForceAllowThirdPartyCookie = aForce; return NS_OK; }
NS_IMETHODIMP HttpBaseChannel::SetDocumentURI(nsIURI *aDocumentURI) { ENSURE_CALLED_BEFORE_ASYNC_OPEN(); mDocumentURI = aDocumentURI; return NS_OK; }
NS_IMETHODIMP HttpBaseChannel::SetRedirectionLimit(PRUint32 value) { ENSURE_CALLED_BEFORE_ASYNC_OPEN(); mRedirectionLimit = NS_MIN<PRUint32>(value, 0xff); return NS_OK; }
NS_IMETHODIMP HttpBaseChannel::SetAllowPipelining(bool value) { ENSURE_CALLED_BEFORE_ASYNC_OPEN(); mAllowPipelining = value; return NS_OK; }
NS_IMETHODIMP HttpBaseChannel::SetOriginalURI(nsIURI *aOriginalURI) { ENSURE_CALLED_BEFORE_ASYNC_OPEN(); NS_ENSURE_ARG_POINTER(aOriginalURI); mOriginalURI = aOriginalURI; return NS_OK; }
NS_IMETHODIMP HttpChannelChild::ResumeAt(PRUint64 startPos, const nsACString& entityID) { ENSURE_CALLED_BEFORE_ASYNC_OPEN(); mStartPos = startPos; mEntityID = entityID; mSendResumeAt = true; return NS_OK; }
NS_IMETHODIMP HttpBaseChannel::SetRequestMethod(const nsACString& aMethod) { ENSURE_CALLED_BEFORE_ASYNC_OPEN(); const nsCString& flatMethod = PromiseFlatCString(aMethod); // Method names are restricted to valid HTTP tokens. if (!nsHttp::IsValidToken(flatMethod)) return NS_ERROR_INVALID_ARG; nsHttpAtom atom = nsHttp::ResolveAtom(flatMethod.get()); if (!atom) return NS_ERROR_FAILURE; mRequestHead.SetMethod(atom); return NS_OK; }
NS_IMETHODIMP HttpBaseChannel::SetReferrer(nsIURI *referrer) { ENSURE_CALLED_BEFORE_ASYNC_OPEN(); // clear existing referrer, if any mReferrer = nsnull; mRequestHead.ClearHeader(nsHttp::Referer); if (!referrer) return NS_OK; // check referrer blocking pref PRUint32 referrerLevel; if (mLoadFlags & LOAD_INITIAL_DOCUMENT_URI) referrerLevel = 1; // user action else referrerLevel = 2; // inline content if (gHttpHandler->ReferrerLevel() < referrerLevel) return NS_OK; nsCOMPtr<nsIURI> referrerGrip; nsresult rv; bool match; // // Strip off "wyciwyg://123/" from wyciwyg referrers. // // XXX this really belongs elsewhere since wyciwyg URLs aren't part of necko. // perhaps some sort of generic nsINestedURI could be used. then, if an URI // fails the whitelist test, then we could check for an inner URI and try // that instead. though, that might be too automatic. // rv = referrer->SchemeIs("wyciwyg", &match); if (NS_FAILED(rv)) return rv; if (match) { nsCAutoString path; rv = referrer->GetPath(path); if (NS_FAILED(rv)) return rv; PRUint32 pathLength = path.Length(); if (pathLength <= 2) return NS_ERROR_FAILURE; // Path is of the form "//123/http://foo/bar", with a variable number of digits. // To figure out where the "real" URL starts, search path for a '/', starting at // the third character. PRInt32 slashIndex = path.FindChar('/', 2); if (slashIndex == kNotFound) return NS_ERROR_FAILURE; // Get the charset of the original URI so we can pass it to our fixed up URI. nsCAutoString charset; referrer->GetOriginCharset(charset); // Replace |referrer| with a URI without wyciwyg://123/. rv = NS_NewURI(getter_AddRefs(referrerGrip), Substring(path, slashIndex + 1, pathLength - slashIndex - 1), charset.get()); if (NS_FAILED(rv)) return rv; referrer = referrerGrip.get(); } // // block referrer if not on our white list... // static const char *const referrerWhiteList[] = { "http", "https", "ftp", "gopher", nsnull }; match = false; const char *const *scheme = referrerWhiteList; for (; *scheme && !match; ++scheme) { rv = referrer->SchemeIs(*scheme, &match); if (NS_FAILED(rv)) return rv; } if (!match) return NS_OK; // kick out.... // // Handle secure referrals. // // Support referrals from a secure server if this is a secure site // and (optionally) if the host names are the same. // rv = referrer->SchemeIs("https", &match); if (NS_FAILED(rv)) return rv; if (match) { rv = mURI->SchemeIs("https", &match); if (NS_FAILED(rv)) return rv; if (!match) return NS_OK; if (!gHttpHandler->SendSecureXSiteReferrer()) { nsCAutoString referrerHost; nsCAutoString host; rv = referrer->GetAsciiHost(referrerHost); if (NS_FAILED(rv)) return rv; rv = mURI->GetAsciiHost(host); if (NS_FAILED(rv)) return rv; // GetAsciiHost returns lowercase hostname. if (!referrerHost.Equals(host)) return NS_OK; } } nsCOMPtr<nsIURI> clone; // // we need to clone the referrer, so we can: // (1) modify it // (2) keep a reference to it after returning from this function // // Use CloneIgnoringRef to strip away any fragment per RFC 2616 section 14.36 rv = referrer->CloneIgnoringRef(getter_AddRefs(clone)); if (NS_FAILED(rv)) return rv; // strip away any userpass; we don't want to be giving out passwords ;-) rv = clone->SetUserPass(EmptyCString()); if (NS_FAILED(rv)) return rv; nsCAutoString spec; rv = clone->GetAsciiSpec(spec); if (NS_FAILED(rv)) return rv; // finally, remember the referrer URI and set the Referer header. mReferrer = clone; mRequestHead.SetHeader(nsHttp::Referer, spec); return NS_OK; }