LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
nsIPrincipal* aTriggeringPrincipal,
nsINode* aLoadingContext,
nsSecurityFlags aSecurityFlags,
nsContentPolicyType aContentPolicyType)
: mLoadingPrincipal(aLoadingContext ?
aLoadingContext->NodePrincipal() : aLoadingPrincipal)
, mTriggeringPrincipal(aTriggeringPrincipal ?
aTriggeringPrincipal : mLoadingPrincipal.get())
, mLoadingContext(do_GetWeakReference(aLoadingContext))
, mSecurityFlags(aSecurityFlags)
, mInternalContentPolicyType(aContentPolicyType)
, mTainting(LoadTainting::Basic)
, mUpgradeInsecureRequests(false)
, mInnerWindowID(0)
, mOuterWindowID(0)
, mParentOuterWindowID(0)
, mEnforceSecurity(false)
, mInitialSecurityCheckDone(false)
, mIsThirdPartyContext(true)
, mForcePreflight(false)
, mIsPreflight(false)
{
MOZ_ASSERT(mLoadingPrincipal);
MOZ_ASSERT(mTriggeringPrincipal);
// if consumers pass both, aLoadingContext and aLoadingPrincipal
// then the loadingPrincipal must be the same as the node's principal
MOZ_ASSERT(!aLoadingContext || !aLoadingPrincipal ||
aLoadingContext->NodePrincipal() == aLoadingPrincipal);
// if the load is sandboxed, we can not also inherit the principal
if (mSecurityFlags & nsILoadInfo::SEC_SANDBOXED) {
mSecurityFlags ^= nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
}
if (aLoadingContext) {
nsCOMPtr<nsPIDOMWindow> outerWindow;
// When the element being loaded is a frame, we choose the frame's window
// for the window ID and the frame element's window as the parent
// window. This is the behavior that Chrome exposes to add-ons.
nsCOMPtr<nsIFrameLoaderOwner> frameLoaderOwner = do_QueryInterface(aLoadingContext);
if (frameLoaderOwner) {
nsCOMPtr<nsIFrameLoader> fl = frameLoaderOwner->GetFrameLoader();
nsCOMPtr<nsIDocShell> docShell;
if (fl && NS_SUCCEEDED(fl->GetDocShell(getter_AddRefs(docShell))) && docShell) {
outerWindow = do_GetInterface(docShell);
}
} else {
outerWindow = aLoadingContext->OwnerDoc()->GetWindow();
}
if (outerWindow) {
nsCOMPtr<nsPIDOMWindow> inner = outerWindow->GetCurrentInnerWindow();
mInnerWindowID = inner ? inner->WindowID() : 0;
mOuterWindowID = outerWindow->WindowID();
nsCOMPtr<nsPIDOMWindow> parent = outerWindow->GetScriptableParent();
mParentOuterWindowID = parent->WindowID();
ComputeIsThirdPartyContext(outerWindow);
}
// if the document forces all requests to be upgraded from http to https, then
// we should do that for all requests. If it only forces preloads to be upgraded
// then we should enforce upgrade insecure requests only for preloads.
mUpgradeInsecureRequests =
aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(false) ||
(nsContentUtils::IsPreloadType(mInternalContentPolicyType) &&
aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(true));
}
const PrincipalOriginAttributes attrs = BasePrincipal::Cast(mLoadingPrincipal)->OriginAttributesRef();
mOriginAttributes.InheritFromDocToNecko(attrs);
}
LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
nsIPrincipal* aTriggeringPrincipal,
nsINode* aLoadingContext,
nsSecurityFlags aSecurityFlags,
nsContentPolicyType aContentPolicyType)
: mLoadingPrincipal(aLoadingContext ?
aLoadingContext->NodePrincipal() : aLoadingPrincipal)
, mTriggeringPrincipal(aTriggeringPrincipal ?
aTriggeringPrincipal : mLoadingPrincipal.get())
, mLoadingContext(do_GetWeakReference(aLoadingContext))
, mSecurityFlags(aSecurityFlags)
, mInternalContentPolicyType(aContentPolicyType)
, mTainting(LoadTainting::Basic)
, mUpgradeInsecureRequests(false)
, mInnerWindowID(0)
, mOuterWindowID(0)
, mParentOuterWindowID(0)
, mEnforceSecurity(false)
, mInitialSecurityCheckDone(false)
, mIsThirdPartyContext(false)
, mForcePreflight(false)
, mIsPreflight(false)
{
MOZ_ASSERT(mLoadingPrincipal);
MOZ_ASSERT(mTriggeringPrincipal);
// TODO(bug 1259873): Above, we initialize mIsThirdPartyContext to false meaning
// that consumers of LoadInfo that don't pass a context or pass a context from
// which we can't find a window will default to assuming that they're 1st
// party. It would be nice if we could default "safe" and assume that we are
// 3rd party until proven otherwise.
// if consumers pass both, aLoadingContext and aLoadingPrincipal
// then the loadingPrincipal must be the same as the node's principal
MOZ_ASSERT(!aLoadingContext || !aLoadingPrincipal ||
aLoadingContext->NodePrincipal() == aLoadingPrincipal);
// if the load is sandboxed, we can not also inherit the principal
if (mSecurityFlags & nsILoadInfo::SEC_SANDBOXED) {
mSecurityFlags ^= nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
}
if (aLoadingContext) {
nsCOMPtr<nsPIDOMWindow> contextOuter = aLoadingContext->OwnerDoc()->GetWindow();
if (contextOuter) {
ComputeIsThirdPartyContext(contextOuter);
}
nsCOMPtr<nsPIDOMWindow> outerWindow;
// When the element being loaded is a frame, we choose the frame's window
// for the window ID and the frame element's window as the parent
// window. This is the behavior that Chrome exposes to add-ons.
// NB: If the frameLoaderOwner doesn't have a frame loader, then the load
// must be coming from an object (such as a plugin) that's loaded into it
// instead of a document being loaded. In that case, treat this object like
// any other non-document-loading element.
nsCOMPtr<nsIFrameLoaderOwner> frameLoaderOwner =
do_QueryInterface(aLoadingContext);
nsCOMPtr<nsIFrameLoader> fl = frameLoaderOwner ?
frameLoaderOwner->GetFrameLoader() : nullptr;
if (fl) {
nsCOMPtr<nsIDocShell> docShell;
if (NS_SUCCEEDED(fl->GetDocShell(getter_AddRefs(docShell))) && docShell) {
outerWindow = do_GetInterface(docShell);
}
} else {
outerWindow = contextOuter.forget();
}
if (outerWindow) {
nsCOMPtr<nsPIDOMWindow> inner = outerWindow->GetCurrentInnerWindow();
mInnerWindowID = inner ? inner->WindowID() : 0;
mOuterWindowID = outerWindow->WindowID();
nsCOMPtr<nsPIDOMWindow> parent = outerWindow->GetScriptableParent();
mParentOuterWindowID = parent->WindowID();
}
// if the document forces all requests to be upgraded from http to https, then
// we should do that for all requests. If it only forces preloads to be upgraded
// then we should enforce upgrade insecure requests only for preloads.
mUpgradeInsecureRequests =
aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(false) ||
(nsContentUtils::IsPreloadType(mInternalContentPolicyType) &&
aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(true));
}
const PrincipalOriginAttributes attrs = BasePrincipal::Cast(mLoadingPrincipal)->OriginAttributesRef();
mOriginAttributes.InheritFromDocToNecko(attrs);
}
