Bug 1210941 P9 Use LOAD_BYPASS_SERVICE_WORKER in nsCORSListenerProxy. r=ehsan
authorBen Kelly <ben@wanderview.com>
Tue, 06 Oct 2015 06:37:07 -0700
changeset 298045 d523fa9b2ac157184023a7a155ba941bbe99fdb6
parent 298044 6c4ddce7e2b2fab2bd8042b66474fd5140c20752
child 298046 3009a16d818bb7f8330b8514f0dd55d2c03e8897
push id962
push userjlund@mozilla.com
push dateFri, 04 Dec 2015 23:28:54 +0000
treeherdermozilla-release@23a2d286e80f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersehsan
bugs1210941
milestone43.0a2
Bug 1210941 P9 Use LOAD_BYPASS_SERVICE_WORKER in nsCORSListenerProxy. r=ehsan
netwerk/protocol/http/nsCORSListenerProxy.cpp
--- a/netwerk/protocol/http/nsCORSListenerProxy.cpp
+++ b/netwerk/protocol/http/nsCORSListenerProxy.cpp
@@ -1342,42 +1342,39 @@ nsCORSListenerProxy::StartCORSPreflight(
   nsCOMPtr<nsILoadGroup> loadGroup;
   rv = aRequestChannel->GetLoadGroup(getter_AddRefs(loadGroup));
   NS_ENSURE_SUCCESS(rv, rv);
 
   nsLoadFlags loadFlags;
   rv = aRequestChannel->GetLoadFlags(&loadFlags);
   NS_ENSURE_SUCCESS(rv, rv);
 
+  // Preflight requests should never be intercepted by service workers.
+  // NOTE: We ignore CORS checks on synthesized responses (see the CORS
+  // preflights, then we need to extend the GetResponseSynthesized() check in
+  // nsCORSListenerProxy::CheckRequestApproved()). If we change our behavior
+  // here and allow service workers to intercept CORS preflights, then that
+  // check won't be safe any more.
+  loadFlags |= nsIChannel::LOAD_BYPASS_SERVICE_WORKER;
+
   nsCOMPtr<nsIChannel> preflightChannel;
   rv = NS_NewChannelInternal(getter_AddRefs(preflightChannel),
                              uri,
                              loadInfo,
                              loadGroup,
                              nullptr,   // aCallbacks
                              loadFlags);
   NS_ENSURE_SUCCESS(rv, rv);
 
   nsCOMPtr<nsIHttpChannel> preHttp = do_QueryInterface(preflightChannel);
   NS_ASSERTION(preHttp, "Failed to QI to nsIHttpChannel!");
 
   rv = preHttp->SetRequestMethod(NS_LITERAL_CSTRING("OPTIONS"));
   NS_ENSURE_SUCCESS(rv, rv);
 
-  // Preflight requests should never be intercepted by service workers.
-  nsCOMPtr<nsIHttpChannelInternal> preInternal = do_QueryInterface(preflightChannel);
-  if (preInternal) {
-    // NOTE: We ignore CORS checks on synthesized responses (see the CORS
-    // preflights, then we need to extend the GetResponseSynthesized() check in
-    // nsCORSListenerProxy::CheckRequestApproved()). If we change our behavior
-    // here and allow service workers to intercept CORS preflights, then that
-    // check won't be safe any more.
-    preInternal->ForceNoIntercept();
-  }
-  
   // Set up listener which will start the original channel
   nsCOMPtr<nsIStreamListener> preflightListener =
     new nsCORSPreflightListener(aRequestChannel, aListener, nullptr, aPrincipal,
                                 aCallback, aWithCredentials);
   NS_ENSURE_TRUE(preflightListener, NS_ERROR_OUT_OF_MEMORY);
 
   // Start preflight
   if (securityMode == nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS) {