void
ImportLoader::Open()
{
AutoError ae(this, false);
nsCOMPtr<nsILoadGroup> loadGroup =
mImportParent->MasterDocument()->GetDocumentLoadGroup();
nsCOMPtr<nsIChannel> channel;
nsresult rv = NS_NewChannel(getter_AddRefs(channel),
mURI,
mImportParent,
nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS,
nsIContentPolicy::TYPE_SUBDOCUMENT,
loadGroup,
nullptr, // aCallbacks
nsIRequest::LOAD_BACKGROUND);
NS_ENSURE_SUCCESS_VOID(rv);
rv = channel->AsyncOpen2(this);
NS_ENSURE_SUCCESS_VOID(rv);
BlockScripts();
ae.Pass();
}
void
ImportLoader::Open()
{
AutoError ae(this, false);
// Imports should obey to the master documents CSP.
nsCOMPtr<nsIDocument> master = mImportParent->MasterDocument();
nsIPrincipal* principal = Principal();
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
nsresult rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_SUBDOCUMENT,
mURI,
principal,
mImportParent,
NS_LITERAL_CSTRING("text/html"),
/* extra = */ nullptr,
&shouldLoad,
nsContentUtils::GetContentPolicy(),
nsContentUtils::GetSecurityManager());
if (NS_FAILED(rv) || NS_CP_REJECTED(shouldLoad)) {
NS_WARN_IF_FALSE(NS_CP_ACCEPTED(shouldLoad), "ImportLoader rejected by CSP");
return;
}
nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager();
rv = secMan->CheckLoadURIWithPrincipal(principal, mURI,
nsIScriptSecurityManager::STANDARD);
NS_ENSURE_SUCCESS_VOID(rv);
nsCOMPtr<nsILoadGroup> loadGroup = master->GetDocumentLoadGroup();
nsCOMPtr<nsIChannel> channel;
rv = NS_NewChannel(getter_AddRefs(channel),
mURI,
mImportParent,
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_SUBDOCUMENT,
loadGroup,
nullptr, // aCallbacks
nsIRequest::LOAD_BACKGROUND);
NS_ENSURE_SUCCESS_VOID(rv);
// Init CORSListenerProxy and omit credentials.
nsRefPtr<nsCORSListenerProxy> corsListener =
new nsCORSListenerProxy(this, principal,
/* aWithCredentials */ false);
rv = corsListener->Init(channel, true);
NS_ENSURE_SUCCESS_VOID(rv);
rv = channel->AsyncOpen(corsListener, nullptr);
NS_ENSURE_SUCCESS_VOID(rv);
BlockScripts();
ae.Pass();
}
