Bug 1113438 - Update SetReferrerWithPolicy to (a) send referrer when https->http and policy is ORIGIN_WHEN_XORIGIN and (b) use the triggering principal for this cross-origin check. r=sstamm,mcmanus
authorAlex Verstak <averstak@google.com>
Thu, 08 Jan 2015 01:46:00 +0100
changeset 222912 ed280f6c7b3971af331de13ec32288dce668124a
parent 222911 b1e38a68b8b5194565f5bb4768a35c9d8fbe729b
child 222926 9f11ecffb3dfc1457e42218897817763fee5f4b0
child 222975 1f43f1fcfd047777d24463847924c36eb4259491
push id10731
push usercbook@mozilla.com
push dateFri, 09 Jan 2015 14:51:37 +0000
treeherderfx-team@e6756043d930 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerssstamm, mcmanus
bugs1113438
milestone37.0a1
Bug 1113438 - Update SetReferrerWithPolicy to (a) send referrer when https->http and policy is ORIGIN_WHEN_XORIGIN and (b) use the triggering principal for this cross-origin check. r=sstamm,mcmanus
dom/base/test/csp/test_CSP_referrerdirective.html
dom/base/test/test_bug704320.html
netwerk/protocol/http/HttpBaseChannel.cpp
--- a/dom/base/test/csp/test_CSP_referrerdirective.html
+++ b/dom/base/test/csp/test_CSP_referrerdirective.html
@@ -42,17 +42,17 @@ var testData = {
   'origin':  { 'csp': "script-src * 'unsafe-inline'; referrer origin",
           'expected': {  'sameorigin': 'origin',
                         'crossorigin': 'origin',
                           'downgrade': 'origin' }},
 
   'origin-when-crossorigin':  { 'csp': "script-src * 'unsafe-inline'; referrer origin-when-crossorigin",
           'expected': {  'sameorigin': 'full',
                         'crossorigin': 'origin',
-                          'downgrade': 'none' }},
+                          'downgrade': 'origin' }},
 
   'unsafe-url':  { 'csp': "script-src * 'unsafe-inline'; referrer unsafe-url",
           'expected': {  'sameorigin': 'full',
                         'crossorigin': 'full',
                           'downgrade': 'full' }},
 
   'none':   { 'csp': "script-src * 'unsafe-inline'; referrer no-referrer",
           'expected': {  'sameorigin': 'none',
--- a/dom/base/test/test_bug704320.html
+++ b/dom/base/test/test_bug704320.html
@@ -21,144 +21,164 @@ https://bugzilla.mozilla.org/show_bug.cg
 
 
 var testIframeUrls = [
   // HTTP to HTTP
   'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=http&policy=no-referrer-when-downgrade',
   'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=http&policy=no-referrer',
   'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=http&policy=unsafe-url',
   'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=http&policy=origin',
+  'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=http&policy=origin-when-crossorigin',
   // HTTP to HTTPS
   'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=https&policy=no-referrer-when-downgrade',
   'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=https&policy=no-referrer',
   'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=https&policy=unsafe-url',
   'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=https&policy=origin',
+  'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=https&policy=origin-when-crossorigin',
   // HTTPS to HTTP
   'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=http&policy=no-referrer-when-downgrade',
   'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=http&policy=no-referrer',
   'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=http&policy=unsafe-url',
   'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=http&policy=origin',
+  'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=http&policy=origin-when-crossorigin',
   // HTTPS to HTTPS
   'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=https&policy=no-referrer-when-downgrade',
   'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=https&policy=no-referrer',
   'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=https&policy=unsafe-url',
-  'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=https&policy=origin'
+  'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=https&policy=origin',
+  'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=https&policy=origin-when-crossorigin'
 ];
 
 var expectedResults = {
   // From docshell/base/nsDocShell.cpp:
   //   "If the document containing the hyperlink being audited was not retrieved
   //    over an encrypted connection and its address does not have the same
   //    origin as "ping URL", send a referrer."
   'link-ping': {
     // Same-origin
     'http-to-http': {
       'no-referrer': '',
       'unsafe-url': '',
       'origin': '',
+      'origin-when-crossorigin': '',
       'no-referrer-when-downgrade': ''
     },
     'http-to-https': {
       'no-referrer': '',
       'unsafe-url': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=https&policy=unsafe-url',
       'origin': 'http://example.com',
+      'origin-when-crossorigin': 'http://example.com',
       'no-referrer-when-downgrade': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=https&policy=no-referrer-when-downgrade'
     },
     // Encrypted and not same-origin
     'https-to-http': {
       'no-referrer': '',
       'unsafe-url': '',
       'origin': '',
+      'origin-when-crossorigin': '',
       'no-referrer-when-downgrade': ''
     },
     // Encrypted
     'https-to-https': {
       'no-referrer': '',
       'unsafe-url': '',
       'origin': '',
+      'origin-when-crossorigin': '',
       'no-referrer-when-downgrade': ''
     }
   },
   // form is tested in a 2nd level iframe.
   'form': {
     'http-to-http': {
       'no-referrer': '',
       'unsafe-url': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=http&policy=unsafe-url&type=form',
       'origin': 'http://example.com',
+      'origin-when-crossorigin': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=http&policy=origin-when-crossorigin&type=form',
       'no-referrer-when-downgrade': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=http&policy=no-referrer-when-downgrade&type=form'
     },
     'http-to-https': {
       'no-referrer': '',
       'unsafe-url': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=https&policy=unsafe-url&type=form',
       'origin': 'http://example.com',
+      'origin-when-crossorigin': 'http://example.com',
       'no-referrer-when-downgrade': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=https&policy=no-referrer-when-downgrade&type=form'
     },
     'https-to-http': {
       'no-referrer': '',
       'unsafe-url': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=http&policy=unsafe-url&type=form',
       'origin': 'https://example.com',
+      'origin-when-crossorigin': 'https://example.com',
       'no-referrer-when-downgrade': ''
     },
     'https-to-https': {
       'no-referrer': '',
       'unsafe-url': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=https&policy=unsafe-url&type=form',
       'origin': 'https://example.com',
+      'origin-when-crossorigin': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=https&policy=origin-when-crossorigin&type=form',
       'no-referrer-when-downgrade': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=https&policy=no-referrer-when-downgrade&type=form'
     }
   },
   // window.location is tested in a 2nd level iframe.
   'window.location': {
     'http-to-http': {
       'no-referrer': '',
       'unsafe-url': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=http&policy=unsafe-url&type=window.location',
       'origin': 'http://example.com',
+      'origin-when-crossorigin': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=http&policy=origin-when-crossorigin&type=window.location',
       'no-referrer-when-downgrade': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=http&policy=no-referrer-when-downgrade&type=window.location'
     },
     'http-to-https': {
       'no-referrer': '',
       'unsafe-url': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=https&policy=unsafe-url&type=window.location',
       'origin': 'http://example.com',
+      'origin-when-crossorigin': 'http://example.com',
       'no-referrer-when-downgrade': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=http&scheme-to=https&policy=no-referrer-when-downgrade&type=window.location'
     },
     'https-to-http': {
       'no-referrer': '',
       'unsafe-url': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=http&policy=unsafe-url&type=window.location',
       'origin': 'https://example.com',
+      'origin-when-crossorigin': 'https://example.com',
       'no-referrer-when-downgrade': ''
     },
     'https-to-https': {
       'no-referrer': '',
       'unsafe-url': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=https&policy=unsafe-url&type=window.location',
       'origin': 'https://example.com',
+      'origin-when-crossorigin': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=https&policy=origin-when-crossorigin&type=window.location',
       'no-referrer-when-downgrade': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-2nd-level-iframe&scheme-from=https&scheme-to=https&policy=no-referrer-when-downgrade&type=window.location'
     }
   },
   'default': {
     'http-to-http': {
       'no-referrer': '',
       'unsafe-url': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=http&policy=unsafe-url',
       'origin': 'http://example.com',
+      'origin-when-crossorigin': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=http&policy=origin-when-crossorigin',
       'no-referrer-when-downgrade': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=http&policy=no-referrer-when-downgrade'
     },
     'http-to-https': {
       'no-referrer': '',
       'unsafe-url': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=https&policy=unsafe-url',
       'origin': 'http://example.com',
+      'origin-when-crossorigin': 'http://example.com',
       'no-referrer-when-downgrade': 'http://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=http&scheme-to=https&policy=no-referrer-when-downgrade'
     },
     'https-to-http': {
       'no-referrer': '',
       'unsafe-url': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=http&policy=unsafe-url',
       'origin': 'https://example.com',
+      'origin-when-crossorigin': 'https://example.com',
       'no-referrer-when-downgrade': ''
     },
     'https-to-https': {
       'no-referrer': '',
       'unsafe-url': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=https&policy=unsafe-url',
       'origin': 'https://example.com',
+      'origin-when-crossorigin': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=https&policy=origin-when-crossorigin',
       'no-referrer-when-downgrade': 'https://example.com/tests/dom/base/test/bug704320.sjs?action=create-1st-level-iframe&scheme-from=https&scheme-to=https&policy=no-referrer-when-downgrade'
     }
   }
 };
 
 function runit() {
   var url = 'bug704320.sjs?action=get-test-results';
   var xhr = new XMLHttpRequest();
--- a/netwerk/protocol/http/HttpBaseChannel.cpp
+++ b/netwerk/protocol/http/HttpBaseChannel.cpp
@@ -1034,18 +1034,19 @@ HttpBaseChannel::SetReferrerWithPolicy(n
   rv = referrer->SchemeIs("https", &match);
   if (NS_FAILED(rv)) return rv;
 
   if (match) {
     rv = mURI->SchemeIs("https", &match);
     if (NS_FAILED(rv)) return rv;
 
     // It's ok to send referrer for https-to-http scenarios if the referrer
-    // policy is "unsafe-url" or "origin".
+    // policy is "unsafe-url", "origin", or "origin-when-crossorigin".
     if (referrerPolicy != REFERRER_POLICY_UNSAFE_URL &&
+	referrerPolicy != REFERRER_POLICY_ORIGIN_WHEN_XORIGIN &&
         referrerPolicy != REFERRER_POLICY_ORIGIN) {
 
       // in other referrer policies, https->http is not allowed...
       if (!match) return NS_OK;
 
       // ...and https->https is possibly only allowed if the hosts match.
       if (!gHttpHandler->SendSecureXSiteReferrer()) {
         nsAutoCString referrerHost;
@@ -1061,27 +1062,34 @@ HttpBaseChannel::SetReferrerWithPolicy(n
         if (!referrerHost.Equals(host))
           return NS_OK;
       }
     }
   }
 
   // for cross-origin-based referrer changes (not just host-based), figure out
   // if the referrer is being sent cross-origin.
-  nsCOMPtr<nsIURI> loadingURI;
+  nsCOMPtr<nsIURI> triggeringURI;
   bool isCrossOrigin = true;
   if (mLoadInfo) {
-    mLoadInfo->LoadingPrincipal()->GetURI(getter_AddRefs(loadingURI));
+    mLoadInfo->TriggeringPrincipal()->GetURI(getter_AddRefs(triggeringURI));
   }
-  if (loadingURI) {
+  if (triggeringURI) {
+    if (LOG_ENABLED()) {
+      nsAutoCString triggeringURISpec;
+      rv = triggeringURI->GetAsciiSpec(triggeringURISpec);
+      if (!NS_FAILED(rv)) {
+        LOG(("triggeringURI=%s\n", triggeringURISpec.get()));
+      }
+    }
     nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
-    rv = ssm->CheckSameOriginURI(loadingURI, mURI, false);
+    rv = ssm->CheckSameOriginURI(triggeringURI, mURI, false);
     isCrossOrigin = NS_FAILED(rv);
   } else {
-    NS_WARNING("no loading principal available via loadInfo, assumming load is cross-origin");
+    NS_WARNING("no triggering principal available via loadInfo, assuming load is cross-origin");
   }
 
   nsCOMPtr<nsIURI> clone;
   //
   // we need to clone the referrer, so we can:
   //  (1) modify it
   //  (2) keep a reference to it after returning from this function
   //