netwerk/protocol/http/nsIHstsPrimingCallback.idl
author Kate McKinley <kmckinley@mozilla.com>
Tue, 27 Sep 2016 11:27:00 -0400
changeset 315476 380eebfd9d8928b656236d08e535fe528258e947
child 322222 a8be4ebc85cf7b0d7f67da2114fa69372668ca3d
permissions -rw-r--r--
Bug 1246540 - HSTS Priming Proof of Concept. r=ckerschb, r=mayhemer, r=jld, r=smaug, r=dkeeler, r=jmaher, p=ally HSTS priming changes the order of mixed-content blocking and HSTS upgrades, and adds a priming request to check if a mixed-content load is accesible over HTTPS and the server supports upgrading via the Strict-Transport-Security header. Every call site that uses AsyncOpen2 passes through the mixed-content blocker, and has a LoadInfo. If the mixed-content blocker marks the load as needing HSTS priming, nsHttpChannel will build and send an HSTS priming request on the same URI with the scheme upgraded to HTTPS. If the server allows the upgrade, then channel performs an internal redirect to the HTTPS URI, otherwise use the result of mixed-content blocker to allow or block the load. nsISiteSecurityService adds an optional boolean out parameter to determine if the HSTS state is already cached for negative assertions. If the host has been probed within the previous 24 hours, no HSTS priming check will be sent. MozReview-Commit-ID: ES1JruCtDdX

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#include "nsISupports.idl"

/**
 * HSTS priming attempts to prevent mixed-content by looking for the
 * Strict-Transport-Security header as a signal from the server that it is
 * safe to upgrade HTTP to HTTPS.
 *
 * Since mixed-content blocking happens very early in the process in AsyncOpen2,
 * the status of mixed-content blocking is stored in the LoadInfo and then used
 * to determine whether to send a priming request or not.
 *
 * This interface is implemented by nsHttpChannel so that it can receive the
 * result of HSTS priming.
 */
[builtinclass, uuid(eca6daca-3f2a-4a2a-b3bf-9f24f79bc999)]
interface nsIHstsPrimingCallback : nsISupports
{
  /**
   * HSTS priming has succeeded with an STS header, and the site asserts it is
   * safe to upgrade the request from HTTP to HTTPS. The request may still be
   * blocked based on the user's preferences.
   *
   * May be invoked synchronously if HSTS priming has already been performed
   * for the host.
   *
   * @param aCached whether the result was already in the HSTS cache
   */
  [noscript, nostdcall]
  void onHSTSPrimingSucceeded(in bool aCached);
  /**
   * HSTS priming has seen no STS header, the request itself has failed,
   * or some other failure which does not constitute a positive signal that the
   * site can be upgraded safely to HTTPS. The request may still be allowed
   * based on the user's preferences.
   *
   * May be invoked synchronously if HSTS priming has already been performed
   * for the host.
   *
   * @param aError The error which caused this failure, or NS_ERROR_CONTENT_BLOCKED
   * @param aCached whether the result was already in the HSTS cache
   */
  [noscript, nostdcall]
  void onHSTSPrimingFailed(in nsresult aError, in bool aCached);
};