bug 662692 - Do not allow mixed-content WebSockets r=smaug
authorPatrick McManus <mcmanus@ducksong.com>
Sun, 10 Jul 2011 12:31:41 -0400
changeset 73394 f85107f85c644a57d77136c4d77c9a23a3c6c51a
parent 73393 cc0bc9946386b9bdf41f755fe877218db5ea136a
child 73395 49d539befa07ea32ff1194227ecf314fdf401d0a
push id235
push userbzbarsky@mozilla.com
push dateTue, 27 Sep 2011 17:13:04 +0000
treeherdermozilla-beta@2d1e082d176a [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerssmaug
bugs662692
milestone8.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
bug 662692 - Do not allow mixed-content WebSockets r=smaug
content/base/src/nsWebSocket.cpp
modules/libpref/src/init/all.js
--- a/content/base/src/nsWebSocket.cpp
+++ b/content/base/src/nsWebSocket.cpp
@@ -1346,16 +1346,28 @@ nsWebSocket::Init(nsIPrincipal* aPrincip
 
     mWindowID = nsJSUtils::GetCurrentlyRunningCodeWindowID(cx);
   }
 
   // parses the url
   rv = ParseURL(PromiseFlatString(aURL));
   NS_ENSURE_SUCCESS(rv, rv);
 
+  // Don't allow https:// to open ws://
+  nsCOMPtr<nsIURI> originURI;
+  PRBool originHTTPS;
+  if (!mSecure && 
+      !Preferences::GetBool("network.websocket.allowInsecureFromHTTPS",
+                            PR_FALSE) &&
+      NS_SUCCEEDED(NS_NewURI(getter_AddRefs(originURI), mUTF16Origin)) &&
+      NS_SUCCEEDED(originURI->SchemeIs("https", &originHTTPS)) &&
+      originHTTPS) {
+    return NS_ERROR_DOM_SECURITY_ERR;
+  }
+
   // sets the protocol
   if (!aProtocol.IsEmpty()) {
     rv = SetProtocol(PromiseFlatString(aProtocol));
     NS_ENSURE_SUCCESS(rv, rv);
   }
 
   // the constructor should throw a SYNTAX_ERROR only if it fails to parse the
   // url parameter, so we don't care about the EstablishConnection result.
--- a/modules/libpref/src/init/all.js
+++ b/modules/libpref/src/init/all.js
@@ -812,16 +812,20 @@ pref("network.websocket.timeout.ping.res
 // extension with the websocket server
 pref("network.websocket.extensions.stream-deflate", true);
 
 // the maximum number of concurrent websocket sessions. By specification there
 // is never more than one handshake oustanding to an individual host at
 // one time.
 pref("network.websocket.max-connections", 200);
 
+// by default scripts loaded from a https:// origin can only open secure
+// (i.e. wss://) websockets.
+pref("network.websocket.allowInsecureFromHTTPS", false);
+
 // </ws>
 
 // Server-Sent Events
 
 pref("dom.server-events.enabled", true);
 // Equal to the DEFAULT_RECONNECTION_TIME_VALUE value in nsEventSource.cpp
 pref("dom.server-events.default-reconnection-time", 5000); // in milliseconds