Bug 451081 - Add flag to protocol handler to distinguish that trust domain is the whole spec, mozilla-central part, r=bzbarsky
☠☠ backed out by 74e7ea3b71be ☠ ☠
authorHonza Bambas <honzab.moz@firemni.cz>
Wed, 31 Aug 2011 23:51:24 +0200
changeset 76351 f3e28e0f909f8f33dde174240088ad03897cfdfd
parent 76350 1b888ee836c6f0c177f105b04a2f1b52c8cdb30b
child 76352 ef216b965a04d5f16d121961972a780ceec36216
push id3
push userfelipc@gmail.com
push dateFri, 30 Sep 2011 20:09:13 +0000
reviewersbzbarsky
bugs451081
milestone9.0a1
Bug 451081 - Add flag to protocol handler to distinguish that trust domain is the whole spec, mozilla-central part, r=bzbarsky
netwerk/base/public/nsIProtocolHandler.idl
netwerk/base/public/nsNetUtil.h
--- a/netwerk/base/public/nsIProtocolHandler.idl
+++ b/netwerk/base/public/nsIProtocolHandler.idl
@@ -128,16 +128,37 @@ interface nsIProtocolHandler : nsISuppor
     const unsigned long URI_NORELATIVE = (1<<0);
 
     /**
      * no authority component (file, ...)
      */
     const unsigned long URI_NOAUTH = (1<<1);
 
     /**
+     * This protocol handler can be proxied via a proxy (socks or http)
+     * (e.g., irc, smtp, http, etc.).  If the protocol supports transparent
+     * proxying, the handler should implement nsIProxiedProtocolHandler.
+     *
+     * If it supports only HTTP proxying, then it need not support
+     * nsIProxiedProtocolHandler, but should instead set the ALLOWS_PROXY_HTTP
+     * flag (see below).
+     *
+     * @see nsIProxiedProtocolHandler
+     */
+    const unsigned long ALLOWS_PROXY = (1<<2);
+
+    /**
+     * This protocol handler can be proxied using a http proxy (e.g., http,
+     * ftp, etc.).  nsIIOService::newChannelFromURI will feed URIs from this
+     * protocol handler to the HTTP protocol handler instead.  This flag is
+     * ignored if ALLOWS_PROXY is not set.
+     */
+    const unsigned long ALLOWS_PROXY_HTTP = (1<<3);
+
+    /**
      * The URIs for this protocol have no inherent security context, so
      * documents loaded via this protocol should inherit the security context
      * from the document that loads them.
      */
     const unsigned long URI_INHERITS_SECURITY_CONTEXT = (1<<4);
 
     /**
      * "Automatic" loads that would replace the document (e.g. <meta> refresh,
@@ -203,23 +224,16 @@ interface nsIProtocolHandler : nsISuppor
      * allowed if those origins should have access to the local filesystem.
      * It's up to the application to decide what origins should have such
      * access.  Protocols like "file" that point to local data should set this
      * flag.
      */
     const unsigned long URI_IS_LOCAL_FILE = (1<<9);
 
     /**
-     * The URIs for this protocol can be loaded only by callers with a
-     * principal that subsumes this uri. For example, privileged code and
-     * websites that are same origin as this uri.
-     */
-    const unsigned long URI_LOADABLE_BY_SUBSUMERS = (1<<14);
-
-    /**
      * Loading channels from this protocol has side-effects that make
      * it unsuitable for saving to a local file.
      */
     const unsigned long URI_NON_PERSISTABLE = (1<<10);
 
     /**
      * Channels using this protocol never call OnDataAvailable
      * on the listener passed to AsyncOpen and they therefore
@@ -234,41 +248,33 @@ interface nsIProtocolHandler : nsISuppor
      */
     const unsigned long URI_IS_LOCAL_RESOURCE = (1<<12);
 
     /**
      * URIs for this protocol execute script when they are opened.
      */
     const unsigned long URI_OPENING_EXECUTES_SCRIPT = (1<<13);
 
-    // Note that 1 << 14 is used above
+    /**
+     * The URIs for this protocol can be loaded only by callers with a
+     * principal that subsumes this uri. For example, privileged code and
+     * websites that are same origin as this uri.
+     */
+    const unsigned long URI_LOADABLE_BY_SUBSUMERS = (1<<14);
 
     /**
-     * This protocol handler can be proxied via a proxy (socks or http)
-     * (e.g., irc, smtp, http, etc.).  If the protocol supports transparent
-     * proxying, the handler should implement nsIProxiedProtocolHandler.
-     *
-     * If it supports only HTTP proxying, then it need not support
-     * nsIProxiedProtocolHandler, but should instead set the ALLOWS_PROXY_HTTP
-     * flag (see below).
-     *
-     * @see nsIProxiedProtocolHandler
+     * If this flag is set, then the origin for this protocol is the full URI 
+     * spec, not just the scheme + host + port.
      */
-    const unsigned long ALLOWS_PROXY = (1<<2);
-
-    /**
-     * This protocol handler can be proxied using a http proxy (e.g., http,
-     * ftp, etc.).  nsIIOService::newChannelFromURI will feed URIs from this
-     * protocol handler to the HTTP protocol handler instead.  This flag is
-     * ignored if ALLOWS_PROXY is not set.
-     */
-    const unsigned long ALLOWS_PROXY_HTTP = (1<<3);
+    const unsigned long ORIGIN_IS_FULL_SPEC = (1<<15);
 };
 
 %{C++
 /**
  * Protocol handlers are registered with XPCOM under the following CONTRACTID prefix:
  */
 #define NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "@mozilla.org/network/protocol;1?name="
 /**
  * For example, "@mozilla.org/network/protocol;1?name=http"
  */
+ 
+#define IS_ORIGIN_IS_FULL_SPEC_DEFINED 1
 %}
--- a/netwerk/base/public/nsNetUtil.h
+++ b/netwerk/base/public/nsNetUtil.h
@@ -1631,19 +1631,20 @@ NS_SecurityHashURI(nsIURI* aURI)
     PRUint32 schemeHash = 0;
     if (NS_SUCCEEDED(baseURI->GetScheme(scheme)))
         schemeHash = nsCRT::HashCode(scheme.get());
 
     // TODO figure out how to hash file:// URIs
     if (scheme.EqualsLiteral("file"))
         return schemeHash; // sad face
 
-    if (scheme.EqualsLiteral("imap") ||
-        scheme.EqualsLiteral("mailbox") ||
-        scheme.EqualsLiteral("news"))
+    PRBool hasFlag;
+    if (NS_FAILED(NS_URIChainHasFlags(baseURI, 
+        nsIProtocolHandler::ORIGIN_IS_FULL_SPEC, &hasFlag)) ||
+        hasFlag) 
     {
         nsCAutoString spec;
         PRUint32 specHash = baseURI->GetSpec(spec);
         if (NS_SUCCEEDED(specHash))
             specHash = nsCRT::HashCode(spec.get());
         return specHash;
     }
 
@@ -1727,23 +1728,23 @@ NS_SecurityCompareURIs(nsIURI* aSourceUR
             return PR_FALSE;
 
         // Otherwise they had better match
         PRBool filesAreEqual = PR_FALSE;
         nsresult rv = sourceFile->Equals(targetFile, &filesAreEqual);
         return NS_SUCCEEDED(rv) && filesAreEqual;
     }
 
-    // Special handling for mailnews schemes
-    if (targetScheme.EqualsLiteral("imap") ||
-        targetScheme.EqualsLiteral("mailbox") ||
-        targetScheme.EqualsLiteral("news"))
+    PRBool hasFlag;
+    if (NS_FAILED(NS_URIChainHasFlags(targetBaseURI, 
+        nsIProtocolHandler::ORIGIN_IS_FULL_SPEC, &hasFlag)) ||
+        hasFlag) 
     {
-        // Each message is a distinct trust domain; use the
-        // whole spec for comparison
+        // URIs with this flag have the whole spec as a distinct trust 
+        // domain; use the whole spec for comparison
         nsCAutoString targetSpec;
         nsCAutoString sourceSpec;
         return ( NS_SUCCEEDED( targetBaseURI->GetSpec(targetSpec) ) &&
                  NS_SUCCEEDED( sourceBaseURI->GetSpec(sourceSpec) ) &&
                  targetSpec.Equals(sourceSpec) );
     }
 
     // Compare hosts