Bug 1278013 - Remove SEC_FORCE_INHERIT_PRINCIPAL from loadinfo within baseChannel::Redirect. r=bz
authorChristoph Kerschbaumer <ckerschb@christophkerschbaumer.com>
Wed, 22 Jun 2016 17:15:06 +0200
changeset 302550 6fcf253b671231482a64fa46d2c9ca0342894e66
parent 302549 9ed9514f571d2e3e8457641fce001a9da6181b65
child 302551 3105928e631beed69207e043090f3d23d2f802c5
push id30365
push userkwierso@gmail.com
push dateFri, 24 Jun 2016 20:37:17 +0000
treeherdermozilla-central@0e073f5ca38a [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbz
bugs1278013
milestone50.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1278013 - Remove SEC_FORCE_INHERIT_PRINCIPAL from loadinfo within baseChannel::Redirect. r=bz
netwerk/base/LoadInfo.cpp
netwerk/base/LoadInfo.h
netwerk/base/nsBaseChannel.cpp
--- a/netwerk/base/LoadInfo.cpp
+++ b/netwerk/base/LoadInfo.cpp
@@ -337,16 +337,24 @@ NS_IMPL_ISUPPORTS(LoadInfo, nsILoadInfo)
 already_AddRefed<nsILoadInfo>
 LoadInfo::Clone() const
 {
   RefPtr<LoadInfo> copy(new LoadInfo(*this));
   return copy.forget();
 }
 
 already_AddRefed<nsILoadInfo>
+LoadInfo::CloneWithNewSecFlags(nsSecurityFlags aSecurityFlags) const
+{
+  RefPtr<LoadInfo> copy(new LoadInfo(*this));
+  copy->mSecurityFlags = aSecurityFlags;
+  return copy.forget();
+}
+
+already_AddRefed<nsILoadInfo>
 LoadInfo::CloneForNewRequest() const
 {
   RefPtr<LoadInfo> copy(new LoadInfo(*this));
   copy->mEnforceSecurity = false;
   copy->mInitialSecurityCheckDone = false;
   copy->mRedirectChainIncludingInternalRedirects.Clear();
   copy->mRedirectChain.Clear();
   return copy.forget();
--- a/netwerk/base/LoadInfo.h
+++ b/netwerk/base/LoadInfo.h
@@ -59,16 +59,21 @@ public:
   // Constructor used for TYPE_DOCUMENT loads which have no reasonable
   // loadingNode or loadingPrincipal
   LoadInfo(nsPIDOMWindowOuter* aOuterWindow,
            nsIPrincipal* aTriggeringPrincipal,
            nsSecurityFlags aSecurityFlags);
 
   // create an exact copy of the loadinfo
   already_AddRefed<nsILoadInfo> Clone() const;
+  // hands off!!! don't use CloneWithNewSecFlags unless you know
+  // exactly what you are doing - it should only be used within
+  // nsBaseChannel::Redirect()
+  already_AddRefed<nsILoadInfo>
+  CloneWithNewSecFlags(nsSecurityFlags aSecurityFlags) const;
   // creates a copy of the loadinfo which is appropriate to use for a
   // separate request. I.e. not for a redirect or an inner channel, but
   // when a separate request is made with the same security properties.
   already_AddRefed<nsILoadInfo> CloneForNewRequest() const;
 
   void SetIsPreflight();
 
 private:
--- a/netwerk/base/nsBaseChannel.cpp
+++ b/netwerk/base/nsBaseChannel.cpp
@@ -79,18 +79,20 @@ nsBaseChannel::Redirect(nsIChannel *newC
 
   newChannel->SetLoadGroup(mLoadGroup);
   newChannel->SetNotificationCallbacks(mCallbacks);
   newChannel->SetLoadFlags(mLoadFlags | LOAD_REPLACE);
 
   // make a copy of the loadinfo, append to the redirectchain
   // and set it on the new channel
   if (mLoadInfo) {
+    nsSecurityFlags secFlags = mLoadInfo->GetSecurityFlags() ^
+                               nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
     nsCOMPtr<nsILoadInfo> newLoadInfo =
-      static_cast<mozilla::LoadInfo*>(mLoadInfo.get())->Clone();
+      static_cast<mozilla::LoadInfo*>(mLoadInfo.get())->CloneWithNewSecFlags(secFlags);
 
     nsCOMPtr<nsIPrincipal> uriPrincipal;
     nsIScriptSecurityManager *sm = nsContentUtils::GetSecurityManager();
     sm->GetChannelURIPrincipal(this, getter_AddRefs(uriPrincipal));
     bool isInternalRedirect =
       (redirectFlags & (nsIChannelEventSink::REDIRECT_INTERNAL |
                         nsIChannelEventSink::REDIRECT_STS_UPGRADE));
     newLoadInfo->AppendRedirectedPrincipal(uriPrincipal, isInternalRedirect);