Bug 1119302 - Implement nsIContentPolicy.shouldProcess for plugin subresource loads, r=bz
--- a/dom/plugins/base/nsPluginStreamListenerPeer.cpp
+++ b/dom/plugins/base/nsPluginStreamListenerPeer.cpp
@@ -1,22 +1,25 @@
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsPluginStreamListenerPeer.h"
+#include "nsIContentPolicy.h"
+#include "nsContentPolicyUtils.h"
#include "nsIDOMElement.h"
#include "nsIStreamConverterService.h"
#include "nsIHttpChannel.h"
#include "nsIHttpChannelInternal.h"
#include "nsIFileChannel.h"
#include "nsMimeTypes.h"
#include "nsISupportsPrimitives.h"
#include "nsNetCID.h"
+#include "nsPluginInstanceOwner.h"
#include "nsPluginLogging.h"
#include "nsIURI.h"
#include "nsIURL.h"
#include "nsPluginHost.h"
#include "nsIByteRangeRequest.h"
#include "nsIMultiPartChannel.h"
#include "nsIInputStreamTee.h"
#include "nsPrintfCString.h"
@@ -421,31 +424,64 @@ nsPluginStreamListenerPeer::SetupPluginC
NS_IMETHODIMP
nsPluginStreamListenerPeer::OnStartRequest(nsIRequest *request,
nsISupports* aContext)
{
nsresult rv = NS_OK;
PROFILER_LABEL("nsPluginStreamListenerPeer", "OnStartRequest",
js::ProfileEntry::Category::OTHER);
+ nsCOMPtr<nsIChannel> channel = do_QueryInterface(request);
+ NS_ENSURE_TRUE(channel, NS_ERROR_FAILURE);
+
+ nsAutoCString contentType;
+ rv = channel->GetContentType(contentType);
+ if (NS_FAILED(rv))
+ return rv;
+
+ // Check ShouldProcess with content policy
+ nsRefPtr<nsPluginInstanceOwner> owner;
+ if (mPluginInstance) {
+ owner = mPluginInstance->GetOwner();
+ }
+ nsCOMPtr<nsIDOMElement> element;
+ nsCOMPtr<nsIDocument> doc;
+ if (owner) {
+ owner->GetDOMElement(getter_AddRefs(element));
+ owner->GetDocument(getter_AddRefs(doc));
+ }
+ nsCOMPtr<nsIPrincipal> principal = doc ? doc->NodePrincipal() : nullptr;
+
+ int16_t shouldLoad = nsIContentPolicy::ACCEPT;
+ rv = NS_CheckContentProcessPolicy(nsIContentPolicy::TYPE_OBJECT_SUBREQUEST,
+ mURL,
+ principal,
+ element,
+ contentType,
+ nullptr,
+ &shouldLoad);
+ if (NS_FAILED(rv)) {
+ return rv;
+ }
+ if (NS_CP_REJECTED(shouldLoad)) {
+ return NS_ERROR_CONTENT_BLOCKED;
+ }
+
if (mRequests.IndexOfObject(GetBaseRequest(request)) == -1) {
NS_ASSERTION(mRequests.Count() == 0,
"Only our initial stream should be unknown!");
TrackRequest(request);
}
if (mHaveFiredOnStartRequest) {
return NS_OK;
}
mHaveFiredOnStartRequest = true;
- nsCOMPtr<nsIChannel> channel = do_QueryInterface(request);
- NS_ENSURE_TRUE(channel, NS_ERROR_FAILURE);
-
// deal with 404 (Not Found) HTTP response,
// just return, this causes the request to be ignored.
nsCOMPtr<nsIHttpChannel> httpChannel(do_QueryInterface(channel));
if (httpChannel) {
uint32_t responseCode = 0;
rv = httpChannel->GetResponseStatus(&responseCode);
if (NS_FAILED(rv)) {
// NPP_Notify() will be called from OnStopRequest
@@ -504,35 +540,30 @@ nsPluginStreamListenerPeer::OnStartReque
return NS_ERROR_FAILURE;
}
mLength = 0;
}
else {
mLength = uint32_t(length);
}
- nsAutoCString aContentType; // XXX but we already got the type above!
- rv = channel->GetContentType(aContentType);
- if (NS_FAILED(rv))
- return rv;
-
nsCOMPtr<nsIURI> aURL;
rv = channel->GetURI(getter_AddRefs(aURL));
if (NS_FAILED(rv))
return rv;
aURL->GetSpec(mURLSpec);
- if (!aContentType.IsEmpty())
- mContentType = aContentType;
+ if (!contentType.IsEmpty())
+ mContentType = contentType;
#ifdef PLUGIN_LOGGING
PR_LOG(nsPluginLogging::gPluginLog, PLUGIN_LOG_NOISY,
("nsPluginStreamListenerPeer::OnStartRequest this=%p request=%p mime=%s, url=%s\n",
- this, request, aContentType.get(), mURLSpec.get()));
+ this, request, contentType.get(), mURLSpec.get()));
PR_LogFlush();
#endif
// Set up the stream listener...
rv = SetUpStreamListener(request, aURL);
if (NS_FAILED(rv)) {
return rv;