[Pkg-mozext-commits] [requestpolicy] 43/280: Merge remote-tracking branch 'Archaeopteryx/removeOldCode' into dev-restartless-and-e10s
David Prévot
taffit at moszumanska.debian.org
Sat May 2 20:29:58 UTC 2015
This is an automated email from the git hooks/post-receive script.
taffit pushed a commit to branch master
in repository requestpolicy.
commit f5e3bd115d4eadedb402ffdf7c5da9f97a4fb0e9
Merge: 8c27a0e 0fbac74
Author: Martin Kimmerle <dev at 256k.de>
Date: Fri Dec 5 00:49:46 2014 +0100
Merge remote-tracking branch 'Archaeopteryx/removeOldCode' into dev-restartless-and-e10s
the changes in requestpolicy-service have already been done before the merge
src/content/lib/request-processor.jsm | 8 --------
1 file changed, 8 deletions(-)
diff --cc src/content/lib/request-processor.jsm
index a1b8266,caefc2c..0b964d0
--- a/src/content/lib/request-processor.jsm
+++ b/src/content/lib/request-processor.jsm
@@@ -87,235 -80,162 +87,227 @@@ let RequestProcessor = (function()
* These are redirects that the user allowed when presented with a redirect
* notification.
*/
- this._userAllowedRedirects = {};
+ let userAllowedRedirects = {};
- this._blockedRedirects = {};
- this._allowedRedirectsReverse = {};
+ let allowedRedirectsReverse = {};
- this._historyRequests = {};
+ let historyRequests = {};
- this._submittedForms = {};
- this._submittedFormsReverse = {};
+ let submittedForms = {};
+ let submittedFormsReverse = {};
- this._clickedLinks = {};
- this._clickedLinksReverse = {};
+ let clickedLinks = {};
+ let clickedLinksReverse = {};
- this._faviconRequests = {};
+ let faviconRequests = {};
- this._mappedDestinations = {};
+ let mappedDestinations = {};
- this._requestObservers = [];
-}
+ let requestObservers = [];
-/**
- * Process a NormalRequest.
- *
- * @param {NormalRequest} request
- */
-RequestProcessor.prototype.process = function(request) {
- //rp.mod.Logger.vardump(request.aRequestOrigin);
- //rp.mod.Logger.vardump(request.aContentLocation);
- try {
- if (request.isInternal()) {
- return CP_OK;
+
+
+ function mapDestinations(origDestUri, newDestUri) {
+ origDestUri = DomainUtil.stripFragment(origDestUri);
+ newDestUri = DomainUtil.stripFragment(newDestUri);
+ Logger.info(Logger.TYPE_INTERNAL,
+ "Mapping destination <" + origDestUri + "> to <" + newDestUri + ">.");
+ if (!mappedDestinations[newDestUri]) {
+ mappedDestinations[newDestUri] = {};
}
+ mappedDestinations[newDestUri][origDestUri] =
+ DomainUtil.getUriObject(origDestUri);
+ }
- var originURI = request.originURI;
- var destURI = request.destURI;
- // Fx 16 changed the following: 1) we should be able to count on the
- // referrer (aRequestOrigin) being set to something besides
- // moz-nullprincipal when there is a referrer, and 2) the new argument
- // aRequestPrincipal is provided. This means our hackery to set the
- // referrer based on aContext when aRequestOrigin is moz-nullprincipal
- // is now causing requests that don't have a referrer (namely, URLs
- // entered in the address bar) to be blocked and trigger a top-level
- // document redirect notification.
- if (request.aRequestOrigin.scheme == "moz-nullprincipal" &&
- request.aRequestPrincipal) {
- rp.mod.Logger.warning(
- rp.mod.Logger.TYPE_CONTENT,
- "Allowing request that appears to be a URL entered in the "
- + "location bar or some other good explanation: " + destURI);
- return CP_OK;
+
+
+ /**
+ * Checks whether a request is initiated by a content window. If it's from a
+ * content window, then it's from unprivileged code.
+ */
+ function isContentRequest(channel) {
+ var callbacks = [];
+ if (channel.notificationCallbacks) {
+ callbacks.push(channel.notificationCallbacks);
+ }
+ if (channel.loadGroup && channel.loadGroup.notificationCallbacks) {
+ callbacks.push(channel.loadGroup.notificationCallbacks);
}
- // Note: Assuming the Fx 16 moz-nullprincipal+aRequestPrincipal check
- // above is correct, this should be able to be removed when Fx < 16 is
- // no longer supported.
- if (request.aRequestOrigin.scheme == "moz-nullprincipal" &&
- request.aContext) {
- var newOriginURI = rp.mod.DomainUtil
- .stripFragment(request.aContext.contentDocument.documentURI);
- rp.mod.Logger.info(rp.mod.Logger.TYPE_CONTENT,
- "Considering moz-nullprincipal origin <"
- + originURI + "> to be origin <" + newOriginURI + ">");
- originURI = newOriginURI;
- request.setOriginURI(originURI);
+ for (var i = 0; i < callbacks.length; i++) {
+ var callback = callbacks[i];
+ try {
- // For Gecko 1.9.1
+ return callback.getInterface(Ci.nsILoadContext).isContent;
+ } catch (e) {
+ }
- try {
- // For Gecko 1.9.0
- var itemType = callback.getInterface(Ci.nsIWebNavigation)
- .QueryInterface(Ci.nsIDocShellTreeItem).itemType;
- return itemType == Ci.nsIDocShellTreeItem.typeContent;
- } catch (e) {
- }
}
- if (request.aRequestOrigin.scheme == "view-source") {
- var newOriginURI = originURI.split(":").slice(1).join(":");
- rp.mod.Logger.info(rp.mod.Logger.TYPE_CONTENT,
- "Considering view-source origin <"
- + originURI + "> to be origin <" + newOriginURI + ">");
- originURI = newOriginURI;
- request.setOriginURI(originURI);
+ return false;
+ }
+ function processRedirect(request, httpChannel) {
+ var originURI = request.originURI;
+ var destURI = request.destURI;
+ var headerType = request.httpHeader;
+
+ // Ignore redirects to javascript. The browser will ignore them, as well.
+ if (DomainUtil.getUriObject(destURI).schemeIs("javascript")) {
+ Logger.warning(Logger.TYPE_HEADER_REDIRECT,
+ "Ignoring redirect to javascript URI <" + destURI + ">");
+ return;
}
- if (request.aContentLocation.scheme == "view-source") {
- var newDestURI = destURI.split(":").slice(1).join(":");
- if (newDestURI.indexOf("data:text/html") == 0) {
- // "View Selection Source" has been clicked
- rp.mod.Logger.info(rp.mod.Logger.TYPE_CONTENT,
- "Allowing \"data:text/html\" view-source destination"
- + " (Selection Source)");
- return CP_OK;
- } else {
- rp.mod.Logger.info(rp.mod.Logger.TYPE_CONTENT,
- "Considering view-source destination <"
- + destURI + "> to be destination <" + newDestURI + ">");
- destURI = newDestURI;
- request.setDestURI(destURI);
+ request.requestResult = checkRedirect(request);
+ if (true === request.requestResult.isAllowed) {
+ Logger.warning(Logger.TYPE_HEADER_REDIRECT, "** ALLOWED ** '"
+ + headerType + "' header to <" + destURI + "> " + "from <" + originURI
+ + ">. Same hosts or allowed origin/destination.");
+ recordAllowedRequest(originURI, destURI, false, request.requestResult);
+ allowedRedirectsReverse[destURI] = originURI;
+
+ // If this was a link click or a form submission, we register an
+ // additional click/submit with the original source but with a new
+ // destination of the target of the redirect. This is because future
+ // requests (such as using back/forward) might show up as directly from
+ // the initial origin to the ultimate redirected destination.
+ if (httpChannel.referrer) {
+ var realOrigin = httpChannel.referrer.spec;
+
+ if (clickedLinks[realOrigin] && clickedLinks[realOrigin][originURI]) {
+ Logger.warning(Logger.TYPE_HEADER_REDIRECT,
+ "This redirect was from a link click." +
+ " Registering an additional click to <" + destURI + "> " +
+ "from <" + realOrigin + ">");
+ self.registerLinkClicked(realOrigin, destURI);
+
+ } else if (submittedForms[realOrigin]
+ && submittedForms[realOrigin][originURI.split("?")[0]]) {
+ Logger.warning(Logger.TYPE_HEADER_REDIRECT,
+ "This redirect was from a form submission." +
+ " Registering an additional form submission to <" + destURI +
+ "> " + "from <" + realOrigin + ">");
+ self.registerFormSubmitted(realOrigin, destURI);
+ }
}
+
+ return;
}
- if (originURI == "about:blank" && request.aContext) {
- let domNode;
- try {
- domNode = request.aContext.QueryInterface(Ci.nsIDOMNode);
- } catch (e if e.result == Components.results.NS_ERROR_NO_INTERFACE) {}
- if (domNode && domNode.nodeType == Ci.nsIDOMNode.DOCUMENT_NODE) {
- var newOriginURI;
- if (request.aContext.documentURI &&
- request.aContext.documentURI != "about:blank") {
- newOriginURI = request.aContext.documentURI;
- } else if (request.aContext.ownerDocument &&
- request.aContext.ownerDocument.documentURI &&
- request.aContext.ownerDocument.documentURI != "about:blank") {
- newOriginURI = request.aContext.ownerDocument.documentURI;
+ // The header isn't allowed, so remove it.
+ try {
+ if (!Prefs.isBlockingDisabled()) {
+ httpChannel.setResponseHeader(headerType, "", false);
+
+ /* start - do not edit here */
+ let interfaceRequestor = httpChannel.notificationCallbacks
+ .QueryInterface(Ci.nsIInterfaceRequestor);
+ let loadContext = null;
+ try {
+ loadContext = interfaceRequestor.getInterface(Ci.nsILoadContext);
+ } catch (ex) {
+ try {
+ loadContext = aSubject.loadGroup.notificationCallbacks
+ .getInterface(Ci.nsILoadContext);
+ } catch (ex2) {}
}
- if (newOriginURI) {
- newOriginURI = rp.mod.DomainUtil.stripFragment(newOriginURI);
- rp.mod.Logger.info(rp.mod.Logger.TYPE_CONTENT, "Considering origin <" +
- originURI + "> to be origin <" + newOriginURI + ">");
- originURI = newOriginURI;
- request.setOriginURI(originURI);
+ /*end do not edit here*/
+
+
+ let browser;
+ try {
+ if (loadContext.topFrameElement) {
+ // the top frame element should be already the browser element
+ browser = loadContext.topFrameElement;
+ } else {
+ // we hope the associated window is available. in multiprocessor
+ // firefox it's not available.
+ browser = Utils.getBrowserForWindow(loadContext.topWindow);
+ }
+ // save all blocked redirects directly in the browser element. the
+ // blocked elements will be checked later when the DOM content
+ // finished loading.
+ browser.requestpolicy = browser.requestpolicy || {blockedRedirects: {}};
+ browser.requestpolicy.blockedRedirects[originURI] = destURI;
+ } catch (e) {
+ Logger.warning(Logger.TYPE_HEADER_REDIRECT, "The redirection's " +
+ "Load Context couldn't be found! " + e);
}
- }
- }
- if (this._isDuplicateRequest(request)) {
- return this._lastShouldLoadCheck.result;
- }
+ try {
+ contentDisp = httpChannel.getResponseHeader("Content-Disposition");
+ if (contentDisp.indexOf("attachment") != -1) {
+ try {
+ httpChannel.setResponseHeader("Content-Disposition", "", false);
+ Logger.warning(Logger.TYPE_HEADER_REDIRECT,
+ "Removed 'Content-Disposition: attachment' header to " +
+ "prevent display of about:neterror.");
+ } catch (e) {
+ Logger.warning(Logger.TYPE_HEADER_REDIRECT,
+ "Unable to remove 'Content-Disposition: attachment' header " +
+ "to prevent display of about:neterror. " + e);
+ }
+ }
+ } catch (e) {
+ // No Content-Disposition header.
+ }
- // Sometimes, clicking a link to a fragment will result in a request
- // where the origin is the same as the destination, but none of the
- // additional content of the page is again requested. The result is that
- // nothing ends up showing for blocked or allowed destinations because
- // all of that data was cleared due to the new request.
- // Example to test with: Click on "expand all" at
- // http://code.google.com/p/SOME_PROJECT/source/detail?r=SOME_REVISION
- if (originURI == destURI) {
- rp.mod.Logger.warning(rp.mod.Logger.TYPE_CONTENT,
- "Allowing (but not recording) request "
- + "where origin is the same as the destination: " + originURI);
- return CP_OK;
- }
+ // We try to trace the blocked redirect back to a link click or form
+ // submission if we can. It may indicate, for example, a link that
+ // was to download a file but a redirect got blocked at some point.
+ var initialOrigin = originURI;
+ var initialDest = destURI;
+ // To prevent infinite loops, bound the number of iterations.
+ // Note that an apparent redirect loop doesn't mean a problem with a
+ // website as the site may be using other information, such as cookies
+ // that get set in the redirection process, to stop the redirection.
+ var iterations = 0;
+ const ASSUME_REDIRECT_LOOP = 100; // Chosen arbitrarily.
+ while (initialOrigin in allowedRedirectsReverse &&
+ iterations++ < ASSUME_REDIRECT_LOOP) {
+ initialDest = initialOrigin;
+ initialOrigin = allowedRedirectsReverse[initialOrigin];
+ }
+ if (initialOrigin in clickedLinksReverse) {
+ for (var i in clickedLinksReverse[initialOrigin]) {
+ // We hope there's only one possibility of a source page (that is,
+ // ideally there will be one iteration of this loop).
+ var sourcePage = i;
+ }
+ notifyRequestObserversOfBlockedLinkClickRedirect(sourcePage,
+ originURI, destURI);
+
+ // Maybe we just record the clicked link and each step in between as
+ // an allowed request, and the final blocked one as a blocked request.
+ // That is, make it show up in the requestpolicy menu like anything
+ // else.
+ // We set the "isInsert" parameter so we don't clobber the existing
+ // info about allowed and deleted requests.
+ recordAllowedRequest(sourcePage, initialOrigin, true,
+ request.requestResult);
+ }
- if (request.aContext) {
- let domNode;
- try {
- domNode = request.aContext.QueryInterface(Ci.nsIDOMNode);
- } catch (e if e.result == Components.results.NS_ERROR_NO_INTERFACE) {}
+ // if (submittedFormsReverse[initialOrigin]) {
+ // // TODO: implement for form submissions whose redirects are blocked
+ // }
- if (domNode && domNode.nodeName == "LINK" &&
- (domNode.rel == "icon" || domNode.rel == "shortcut icon")) {
- this._faviconRequests[destURI] = true;
+ recordRejectedRequest(request);
}
+ Logger.warning(Logger.TYPE_HEADER_REDIRECT,
+ "** BLOCKED ** '" + headerType + "' header to <" + destURI + ">" +
+ " found in response from <" + originURI + ">");
+ } catch (e) {
+ Logger.severe(
+ Logger.TYPE_HEADER_REDIRECT, "Failed removing " +
+ "'" + headerType + "' header to <" + destURI + ">" +
+ " in response from <" + originURI + ">." + e);
}
+ }
- if (request.checkURISchemes().shouldLoad === true) {
- return CP_OK;
- }
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-mozext/requestpolicy.git
More information about the Pkg-mozext-commits
mailing list