diff options
Diffstat (limited to 'image/imgRequest.cpp')
-rw-r--r-- | image/imgRequest.cpp | 1244 |
1 files changed, 1244 insertions, 0 deletions
diff --git a/image/imgRequest.cpp b/image/imgRequest.cpp new file mode 100644 index 0000000000..f544169caa --- /dev/null +++ b/image/imgRequest.cpp @@ -0,0 +1,1244 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "imgRequest.h" +#include "ImageLogging.h" + +#include "imgLoader.h" +#include "imgRequestProxy.h" +#include "DecodePool.h" +#include "ProgressTracker.h" +#include "ImageFactory.h" +#include "Image.h" +#include "MultipartImage.h" +#include "RasterImage.h" + +#include "nsIChannel.h" +#include "nsICacheInfoChannel.h" +#include "nsIClassOfService.h" +#include "mozilla/dom/Document.h" +#include "nsIThreadRetargetableRequest.h" +#include "nsIInputStream.h" +#include "nsIMultiPartChannel.h" +#include "nsIHttpChannel.h" +#include "nsIApplicationCache.h" +#include "nsIApplicationCacheChannel.h" +#include "nsMimeTypes.h" + +#include "nsIInterfaceRequestorUtils.h" +#include "nsISupportsPrimitives.h" +#include "nsIScriptSecurityManager.h" +#include "nsComponentManagerUtils.h" +#include "nsContentUtils.h" + +#include "plstr.h" // PL_strcasestr(...) +#include "prtime.h" // for PR_Now +#include "nsNetUtil.h" +#include "nsIProtocolHandler.h" +#include "imgIRequest.h" +#include "nsProperties.h" + +#include "mozilla/IntegerPrintfMacros.h" +#include "mozilla/SizeOfState.h" + +using namespace mozilla; +using namespace mozilla::image; + +#define LOG_TEST(level) (MOZ_LOG_TEST(gImgLog, (level))) + +NS_IMPL_ISUPPORTS(imgRequest, nsIStreamListener, nsIRequestObserver, + nsIThreadRetargetableStreamListener, nsIChannelEventSink, + nsIInterfaceRequestor, nsIAsyncVerifyRedirectCallback) + +imgRequest::imgRequest(imgLoader* aLoader, const ImageCacheKey& aCacheKey) + : mLoader(aLoader), + mCacheKey(aCacheKey), + mLoadId(nullptr), + mFirstProxy(nullptr), + mValidator(nullptr), + mInnerWindowId(0), + mCORSMode(imgIRequest::CORS_NONE), + mImageErrorCode(NS_OK), + mImageAvailable(false), + mIsDeniedCrossSiteCORSRequest(false), + mIsCrossSiteNoCORSRequest(false), + mMutex("imgRequest"), + mProgressTracker(new ProgressTracker()), + mIsMultiPartChannel(false), + mIsInCache(false), + mDecodeRequested(false), + mNewPartPending(false), + mHadInsecureRedirect(false) { + LOG_FUNC(gImgLog, "imgRequest::imgRequest()"); +} + +imgRequest::~imgRequest() { + if (mLoader) { + mLoader->RemoveFromUncachedImages(this); + } + if (mURI) { + LOG_FUNC_WITH_PARAM(gImgLog, "imgRequest::~imgRequest()", "keyuri", mURI); + } else + LOG_FUNC(gImgLog, "imgRequest::~imgRequest()"); +} + +nsresult imgRequest::Init(nsIURI* aURI, nsIURI* aFinalURI, + bool aHadInsecureRedirect, nsIRequest* aRequest, + nsIChannel* aChannel, imgCacheEntry* aCacheEntry, + mozilla::dom::Document* aLoadingDocument, + nsIPrincipal* aTriggeringPrincipal, int32_t aCORSMode, + nsIReferrerInfo* aReferrerInfo) { + MOZ_ASSERT(NS_IsMainThread(), "Cannot use nsIURI off main thread!"); + + LOG_FUNC(gImgLog, "imgRequest::Init"); + + MOZ_ASSERT(!mImage, "Multiple calls to init"); + MOZ_ASSERT(aURI, "No uri"); + MOZ_ASSERT(aFinalURI, "No final uri"); + MOZ_ASSERT(aRequest, "No request"); + MOZ_ASSERT(aChannel, "No channel"); + + mProperties = new nsProperties(); + mURI = aURI; + mFinalURI = aFinalURI; + mRequest = aRequest; + mChannel = aChannel; + mTimedChannel = do_QueryInterface(mChannel); + mTriggeringPrincipal = aTriggeringPrincipal; + mCORSMode = aCORSMode; + mReferrerInfo = aReferrerInfo; + + // If the original URI and the final URI are different, check whether the + // original URI is secure. We deliberately don't take the final URI into + // account, as it needs to be handled using more complicated rules than + // earlier elements of the redirect chain. + if (aURI != aFinalURI) { + bool schemeLocal = false; + if (NS_FAILED(NS_URIChainHasFlags( + aURI, nsIProtocolHandler::URI_IS_LOCAL_RESOURCE, &schemeLocal)) || + (!aURI->SchemeIs("https") && !aURI->SchemeIs("chrome") && + !schemeLocal)) { + mHadInsecureRedirect = true; + } + } + + // imgCacheValidator may have handled redirects before we were created, so we + // allow the caller to let us know if any redirects were insecure. + mHadInsecureRedirect = mHadInsecureRedirect || aHadInsecureRedirect; + + mChannel->GetNotificationCallbacks(getter_AddRefs(mPrevChannelSink)); + + NS_ASSERTION(mPrevChannelSink != this, + "Initializing with a channel that already calls back to us!"); + + mChannel->SetNotificationCallbacks(this); + + mCacheEntry = aCacheEntry; + mCacheEntry->UpdateLoadTime(); + + SetLoadId(aLoadingDocument); + + // Grab the inner window ID of the loading document, if possible. + if (aLoadingDocument) { + mInnerWindowId = aLoadingDocument->InnerWindowID(); + } + + return NS_OK; +} + +bool imgRequest::CanReuseWithoutValidation(dom::Document* aDoc) const { + // If the request's loadId is the same as the aLoadingDocument, then it is ok + // to use this one because it has already been validated for this context. + // XXX: nullptr seems to be a 'special' key value that indicates that NO + // validation is required. + // XXX: we also check the window ID because the loadID() can return a reused + // pointer of a document. This can still happen for non-document image + // cache entries. + void* key = (void*)aDoc; + uint64_t innerWindowID = aDoc ? aDoc->InnerWindowID() : 0; + if (LoadId() == key && InnerWindowID() == innerWindowID) { + return true; + } + + // As a special-case, if this is a print preview document, also validate on + // the original document. This allows to print uncacheable images. + if (dom::Document* original = aDoc ? aDoc->GetOriginalDocument() : nullptr) { + return CanReuseWithoutValidation(original); + } + + return false; +} + +void imgRequest::ClearLoader() { mLoader = nullptr; } + +already_AddRefed<ProgressTracker> imgRequest::GetProgressTracker() const { + MutexAutoLock lock(mMutex); + + if (mImage) { + MOZ_ASSERT(!mProgressTracker, + "Should have given mProgressTracker to mImage"); + return mImage->GetProgressTracker(); + } + MOZ_ASSERT(mProgressTracker, + "Should have mProgressTracker until we create mImage"); + RefPtr<ProgressTracker> progressTracker = mProgressTracker; + MOZ_ASSERT(progressTracker); + return progressTracker.forget(); +} + +void imgRequest::SetCacheEntry(imgCacheEntry* entry) { mCacheEntry = entry; } + +bool imgRequest::HasCacheEntry() const { return mCacheEntry != nullptr; } + +void imgRequest::ResetCacheEntry() { + if (HasCacheEntry()) { + mCacheEntry->SetDataSize(0); + } +} + +void imgRequest::AddProxy(imgRequestProxy* proxy) { + MOZ_ASSERT(proxy, "null imgRequestProxy passed in"); + LOG_SCOPE_WITH_PARAM(gImgLog, "imgRequest::AddProxy", "proxy", proxy); + + if (!mFirstProxy) { + // Save a raw pointer to the first proxy we see, for use in the network + // priority logic. + mFirstProxy = proxy; + } + + // If we're empty before adding, we have to tell the loader we now have + // proxies. + RefPtr<ProgressTracker> progressTracker = GetProgressTracker(); + if (progressTracker->ObserverCount() == 0) { + MOZ_ASSERT(mURI, "Trying to SetHasProxies without key uri."); + if (mLoader) { + mLoader->SetHasProxies(this); + } + } + + progressTracker->AddObserver(proxy); +} + +nsresult imgRequest::RemoveProxy(imgRequestProxy* proxy, nsresult aStatus) { + LOG_SCOPE_WITH_PARAM(gImgLog, "imgRequest::RemoveProxy", "proxy", proxy); + + // This will remove our animation consumers, so after removing + // this proxy, we don't end up without proxies with observers, but still + // have animation consumers. + proxy->ClearAnimationConsumers(); + + // Let the status tracker do its thing before we potentially call Cancel() + // below, because Cancel() may result in OnStopRequest being called back + // before Cancel() returns, leaving the image in a different state then the + // one it was in at this point. + RefPtr<ProgressTracker> progressTracker = GetProgressTracker(); + if (!progressTracker->RemoveObserver(proxy)) { + return NS_OK; + } + + if (progressTracker->ObserverCount() == 0) { + // If we have no observers, there's nothing holding us alive. If we haven't + // been cancelled and thus removed from the cache, tell the image loader so + // we can be evicted from the cache. + if (mCacheEntry) { + MOZ_ASSERT(mURI, "Removing last observer without key uri."); + + if (mLoader) { + mLoader->SetHasNoProxies(this, mCacheEntry); + } + } else { + LOG_MSG_WITH_PARAM(gImgLog, "imgRequest::RemoveProxy no cache entry", + "uri", mURI); + } + + /* If |aStatus| is a failure code, then cancel the load if it is still in + progress. Otherwise, let the load continue, keeping 'this' in the cache + with no observers. This way, if a proxy is destroyed without calling + cancel on it, it won't leak and won't leave a bad pointer in the observer + list. + */ + if (!(progressTracker->GetProgress() & FLAG_LAST_PART_COMPLETE) && + NS_FAILED(aStatus)) { + LOG_MSG(gImgLog, "imgRequest::RemoveProxy", + "load in progress. canceling"); + + this->Cancel(NS_BINDING_ABORTED); + } + + /* break the cycle from the cache entry. */ + mCacheEntry = nullptr; + } + + return NS_OK; +} + +void imgRequest::CancelAndAbort(nsresult aStatus) { + LOG_SCOPE(gImgLog, "imgRequest::CancelAndAbort"); + + Cancel(aStatus); + + // It's possible for the channel to fail to open after we've set our + // notification callbacks. In that case, make sure to break the cycle between + // the channel and us, because it won't. + if (mChannel) { + mChannel->SetNotificationCallbacks(mPrevChannelSink); + mPrevChannelSink = nullptr; + } +} + +class imgRequestMainThreadCancel : public Runnable { + public: + imgRequestMainThreadCancel(imgRequest* aImgRequest, nsresult aStatus) + : Runnable("imgRequestMainThreadCancel"), + mImgRequest(aImgRequest), + mStatus(aStatus) { + MOZ_ASSERT(!NS_IsMainThread(), "Create me off main thread only!"); + MOZ_ASSERT(aImgRequest); + } + + NS_IMETHOD Run() override { + MOZ_ASSERT(NS_IsMainThread(), "I should be running on the main thread!"); + mImgRequest->ContinueCancel(mStatus); + return NS_OK; + } + + private: + RefPtr<imgRequest> mImgRequest; + nsresult mStatus; +}; + +void imgRequest::Cancel(nsresult aStatus) { + /* The Cancel() method here should only be called by this class. */ + LOG_SCOPE(gImgLog, "imgRequest::Cancel"); + + if (NS_IsMainThread()) { + ContinueCancel(aStatus); + } else { + RefPtr<ProgressTracker> progressTracker = GetProgressTracker(); + nsCOMPtr<nsIEventTarget> eventTarget = progressTracker->GetEventTarget(); + nsCOMPtr<nsIRunnable> ev = new imgRequestMainThreadCancel(this, aStatus); + eventTarget->Dispatch(ev.forget(), NS_DISPATCH_NORMAL); + } +} + +void imgRequest::ContinueCancel(nsresult aStatus) { + MOZ_ASSERT(NS_IsMainThread()); + + RefPtr<ProgressTracker> progressTracker = GetProgressTracker(); + progressTracker->SyncNotifyProgress(FLAG_HAS_ERROR); + + RemoveFromCache(); + + if (mRequest && !(progressTracker->GetProgress() & FLAG_LAST_PART_COMPLETE)) { + mRequest->Cancel(aStatus); + } +} + +class imgRequestMainThreadEvict : public Runnable { + public: + explicit imgRequestMainThreadEvict(imgRequest* aImgRequest) + : Runnable("imgRequestMainThreadEvict"), mImgRequest(aImgRequest) { + MOZ_ASSERT(!NS_IsMainThread(), "Create me off main thread only!"); + MOZ_ASSERT(aImgRequest); + } + + NS_IMETHOD Run() override { + MOZ_ASSERT(NS_IsMainThread(), "I should be running on the main thread!"); + mImgRequest->ContinueEvict(); + return NS_OK; + } + + private: + RefPtr<imgRequest> mImgRequest; +}; + +// EvictFromCache() is written to allowed to get called from any thread +void imgRequest::EvictFromCache() { + /* The EvictFromCache() method here should only be called by this class. */ + LOG_SCOPE(gImgLog, "imgRequest::EvictFromCache"); + + if (NS_IsMainThread()) { + ContinueEvict(); + } else { + NS_DispatchToMainThread(new imgRequestMainThreadEvict(this)); + } +} + +// Helper-method used by EvictFromCache() +void imgRequest::ContinueEvict() { + MOZ_ASSERT(NS_IsMainThread()); + + RemoveFromCache(); +} + +void imgRequest::StartDecoding() { + MutexAutoLock lock(mMutex); + mDecodeRequested = true; +} + +bool imgRequest::IsDecodeRequested() const { + MutexAutoLock lock(mMutex); + return mDecodeRequested; +} + +nsresult imgRequest::GetURI(nsIURI** aURI) { + MOZ_ASSERT(aURI); + + LOG_FUNC(gImgLog, "imgRequest::GetURI"); + + if (mURI) { + *aURI = mURI; + NS_ADDREF(*aURI); + return NS_OK; + } + + return NS_ERROR_FAILURE; +} + +nsresult imgRequest::GetFinalURI(nsIURI** aURI) { + MOZ_ASSERT(aURI); + + LOG_FUNC(gImgLog, "imgRequest::GetFinalURI"); + + if (mFinalURI) { + *aURI = mFinalURI; + NS_ADDREF(*aURI); + return NS_OK; + } + + return NS_ERROR_FAILURE; +} + +bool imgRequest::IsChrome() const { return mURI->SchemeIs("chrome"); } + +bool imgRequest::IsData() const { return mURI->SchemeIs("data"); } + +nsresult imgRequest::GetImageErrorCode() { return mImageErrorCode; } + +void imgRequest::RemoveFromCache() { + LOG_SCOPE(gImgLog, "imgRequest::RemoveFromCache"); + + bool isInCache = false; + + { + MutexAutoLock lock(mMutex); + isInCache = mIsInCache; + } + + if (isInCache && mLoader) { + // mCacheEntry is nulled out when we have no more observers. + if (mCacheEntry) { + mLoader->RemoveFromCache(mCacheEntry); + } else { + mLoader->RemoveFromCache(mCacheKey); + } + } + + mCacheEntry = nullptr; +} + +bool imgRequest::HasConsumers() const { + RefPtr<ProgressTracker> progressTracker = GetProgressTracker(); + return progressTracker && progressTracker->ObserverCount() > 0; +} + +already_AddRefed<image::Image> imgRequest::GetImage() const { + MutexAutoLock lock(mMutex); + RefPtr<image::Image> image = mImage; + return image.forget(); +} + +int32_t imgRequest::Priority() const { + int32_t priority = nsISupportsPriority::PRIORITY_NORMAL; + nsCOMPtr<nsISupportsPriority> p = do_QueryInterface(mRequest); + if (p) { + p->GetPriority(&priority); + } + return priority; +} + +void imgRequest::AdjustPriority(imgRequestProxy* proxy, int32_t delta) { + // only the first proxy is allowed to modify the priority of this image load. + // + // XXX(darin): this is probably not the most optimal algorithm as we may want + // to increase the priority of requests that have a lot of proxies. the key + // concern though is that image loads remain lower priority than other pieces + // of content such as link clicks, CSS, and JS. + // + if (!mFirstProxy || proxy != mFirstProxy) { + return; + } + + AdjustPriorityInternal(delta); +} + +void imgRequest::AdjustPriorityInternal(int32_t aDelta) { + nsCOMPtr<nsISupportsPriority> p = do_QueryInterface(mChannel); + if (p) { + p->AdjustPriority(aDelta); + } +} + +void imgRequest::BoostPriority(uint32_t aCategory) { + if (!StaticPrefs::image_layout_network_priority()) { + return; + } + + uint32_t newRequestedCategory = + (mBoostCategoriesRequested & aCategory) ^ aCategory; + if (!newRequestedCategory) { + // priority boost for each category can only apply once. + return; + } + + MOZ_LOG(gImgLog, LogLevel::Debug, + ("[this=%p] imgRequest::BoostPriority for category %x", this, + newRequestedCategory)); + + int32_t delta = 0; + + if (newRequestedCategory & imgIRequest::CATEGORY_FRAME_INIT) { + --delta; + } + + if (newRequestedCategory & imgIRequest::CATEGORY_FRAME_STYLE) { + --delta; + } + + if (newRequestedCategory & imgIRequest::CATEGORY_SIZE_QUERY) { + --delta; + } + + if (newRequestedCategory & imgIRequest::CATEGORY_DISPLAY) { + delta += nsISupportsPriority::PRIORITY_HIGH; + } + + AdjustPriorityInternal(delta); + mBoostCategoriesRequested |= newRequestedCategory; +} + +void imgRequest::SetIsInCache(bool aInCache) { + LOG_FUNC_WITH_PARAM(gImgLog, "imgRequest::SetIsCacheable", "aInCache", + aInCache); + MutexAutoLock lock(mMutex); + mIsInCache = aInCache; +} + +void imgRequest::UpdateCacheEntrySize() { + if (!mCacheEntry) { + return; + } + + RefPtr<Image> image = GetImage(); + SizeOfState state(moz_malloc_size_of); + size_t size = image->SizeOfSourceWithComputedFallback(state); + mCacheEntry->SetDataSize(size); +} + +void imgRequest::SetCacheValidation(imgCacheEntry* aCacheEntry, + nsIRequest* aRequest) { + /* get the expires info */ + if (!aCacheEntry || aCacheEntry->GetExpiryTime() != 0) { + return; + } + + auto info = nsContentUtils::GetSubresourceCacheValidationInfo(aRequest); + + // Expiration time defaults to 0. We set the expiration time on our entry if + // it hasn't been set yet. + if (!info.mExpirationTime) { + // If the channel doesn't support caching, then ensure this expires the + // next time it is used. + info.mExpirationTime.emplace(nsContentUtils::SecondsFromPRTime(PR_Now()) - + 1); + } + aCacheEntry->SetExpiryTime(*info.mExpirationTime); + // Cache entries default to not needing to validate. We ensure that + // multiple calls to this function don't override an earlier decision to + // validate by making validation a one-way decision. + if (info.mMustRevalidate) { + aCacheEntry->SetMustValidate(info.mMustRevalidate); + } +} + +namespace { + +already_AddRefed<nsIApplicationCache> GetApplicationCache( + nsIRequest* aRequest) { + nsresult rv; + + nsCOMPtr<nsIApplicationCacheChannel> appCacheChan = + do_QueryInterface(aRequest); + if (!appCacheChan) { + return nullptr; + } + + bool fromAppCache; + rv = appCacheChan->GetLoadedFromApplicationCache(&fromAppCache); + NS_ENSURE_SUCCESS(rv, nullptr); + + if (!fromAppCache) { + return nullptr; + } + + nsCOMPtr<nsIApplicationCache> appCache; + rv = appCacheChan->GetApplicationCache(getter_AddRefs(appCache)); + NS_ENSURE_SUCCESS(rv, nullptr); + + return appCache.forget(); +} + +} // namespace + +bool imgRequest::CacheChanged(nsIRequest* aNewRequest) { + nsCOMPtr<nsIApplicationCache> newAppCache = GetApplicationCache(aNewRequest); + + // Application cache not involved at all or the same app cache involved + // in both of the loads (original and new). + if (newAppCache == mApplicationCache) { + return false; + } + + // In a rare case it may happen that two objects still refer + // the same application cache version. + if (newAppCache && mApplicationCache) { + nsresult rv; + + nsAutoCString oldAppCacheClientId, newAppCacheClientId; + rv = mApplicationCache->GetClientID(oldAppCacheClientId); + NS_ENSURE_SUCCESS(rv, true); + rv = newAppCache->GetClientID(newAppCacheClientId); + NS_ENSURE_SUCCESS(rv, true); + + if (oldAppCacheClientId == newAppCacheClientId) { + return false; + } + } + + // When we get here, app caches differ or app cache is involved + // just in one of the loads what we also consider as a change + // in a loading cache. + return true; +} + +bool imgRequest::GetMultipart() const { + MutexAutoLock lock(mMutex); + return mIsMultiPartChannel; +} + +bool imgRequest::HadInsecureRedirect() const { + MutexAutoLock lock(mMutex); + return mHadInsecureRedirect; +} + +/** nsIRequestObserver methods **/ + +NS_IMETHODIMP +imgRequest::OnStartRequest(nsIRequest* aRequest) { + LOG_SCOPE(gImgLog, "imgRequest::OnStartRequest"); + + RefPtr<Image> image; + + if (nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aRequest)) { + nsresult rv; + nsCOMPtr<nsILoadInfo> loadInfo = httpChannel->LoadInfo(); + mIsDeniedCrossSiteCORSRequest = + loadInfo->GetTainting() == LoadTainting::CORS && + (NS_FAILED(httpChannel->GetStatus(&rv)) || NS_FAILED(rv)); + mIsCrossSiteNoCORSRequest = loadInfo->GetTainting() == LoadTainting::Opaque; + } + + // Figure out if we're multipart. + nsCOMPtr<nsIMultiPartChannel> multiPartChannel = do_QueryInterface(aRequest); + { + MutexAutoLock lock(mMutex); + + MOZ_ASSERT(multiPartChannel || !mIsMultiPartChannel, + "Stopped being multipart?"); + + mNewPartPending = true; + image = mImage; + mIsMultiPartChannel = bool(multiPartChannel); + } + + // If we're not multipart, we shouldn't have an image yet. + if (image && !multiPartChannel) { + MOZ_ASSERT_UNREACHABLE("Already have an image for a non-multipart request"); + Cancel(NS_IMAGELIB_ERROR_FAILURE); + return NS_ERROR_FAILURE; + } + + /* + * If mRequest is null here, then we need to set it so that we'll be able to + * cancel it if our Cancel() method is called. Note that this can only + * happen for multipart channels. We could simply not null out mRequest for + * non-last parts, if GetIsLastPart() were reliable, but it's not. See + * https://bugzilla.mozilla.org/show_bug.cgi?id=339610 + */ + if (!mRequest) { + MOZ_ASSERT(multiPartChannel, "Should have mRequest unless we're multipart"); + nsCOMPtr<nsIChannel> baseChannel; + multiPartChannel->GetBaseChannel(getter_AddRefs(baseChannel)); + mRequest = baseChannel; + } + + nsCOMPtr<nsIChannel> channel(do_QueryInterface(aRequest)); + if (channel) { + /* Get our principal */ + nsCOMPtr<nsIScriptSecurityManager> secMan = + nsContentUtils::GetSecurityManager(); + if (secMan) { + nsresult rv = secMan->GetChannelResultPrincipal( + channel, getter_AddRefs(mPrincipal)); + if (NS_FAILED(rv)) { + return rv; + } + } + } + + SetCacheValidation(mCacheEntry, aRequest); + + mApplicationCache = GetApplicationCache(aRequest); + + // Shouldn't we be dead already if this gets hit? + // Probably multipart/x-mixed-replace... + RefPtr<ProgressTracker> progressTracker = GetProgressTracker(); + if (progressTracker->ObserverCount() == 0) { + this->Cancel(NS_IMAGELIB_ERROR_FAILURE); + } + + // Try to retarget OnDataAvailable to a decode thread. We must process data + // URIs synchronously as per the spec however. + if (!channel || IsData()) { + return NS_OK; + } + + nsCOMPtr<nsIThreadRetargetableRequest> retargetable = + do_QueryInterface(aRequest); + if (retargetable) { + nsAutoCString mimeType; + nsresult rv = channel->GetContentType(mimeType); + if (NS_SUCCEEDED(rv) && !mimeType.EqualsLiteral(IMAGE_SVG_XML)) { + // Retarget OnDataAvailable to the DecodePool's IO thread. + nsCOMPtr<nsIEventTarget> target = + DecodePool::Singleton()->GetIOEventTarget(); + rv = retargetable->RetargetDeliveryTo(target); + } + MOZ_LOG(gImgLog, LogLevel::Warning, + ("[this=%p] imgRequest::OnStartRequest -- " + "RetargetDeliveryTo rv %" PRIu32 "=%s\n", + this, static_cast<uint32_t>(rv), + NS_SUCCEEDED(rv) ? "succeeded" : "failed")); + } + + return NS_OK; +} + +NS_IMETHODIMP +imgRequest::OnStopRequest(nsIRequest* aRequest, nsresult status) { + LOG_FUNC(gImgLog, "imgRequest::OnStopRequest"); + MOZ_ASSERT(NS_IsMainThread(), "Can't send notifications off-main-thread"); + + RefPtr<Image> image = GetImage(); + + RefPtr<imgRequest> strongThis = this; + + if (mIsMultiPartChannel && mNewPartPending) { + OnDataAvailable(aRequest, nullptr, 0, 0); + } + + // XXXldb What if this is a non-last part of a multipart request? + // xxx before we release our reference to mRequest, lets + // save the last status that we saw so that the + // imgRequestProxy will have access to it. + if (mRequest) { + mRequest = nullptr; // we no longer need the request + } + + // stop holding a ref to the channel, since we don't need it anymore + if (mChannel) { + mChannel->SetNotificationCallbacks(mPrevChannelSink); + mPrevChannelSink = nullptr; + mChannel = nullptr; + } + + bool lastPart = true; + nsCOMPtr<nsIMultiPartChannel> mpchan(do_QueryInterface(aRequest)); + if (mpchan) { + mpchan->GetIsLastPart(&lastPart); + } + + bool isPartial = false; + if (image && (status == NS_ERROR_NET_PARTIAL_TRANSFER)) { + isPartial = true; + status = NS_OK; // fake happy face + } + + // Tell the image that it has all of the source data. Note that this can + // trigger a failure, since the image might be waiting for more non-optional + // data and this is the point where we break the news that it's not coming. + if (image) { + nsresult rv = + image->OnImageDataComplete(aRequest, nullptr, status, lastPart); + + // If we got an error in the OnImageDataComplete() call, we don't want to + // proceed as if nothing bad happened. However, we also want to give + // precedence to failure status codes from necko, since presumably they're + // more meaningful. + if (NS_FAILED(rv) && NS_SUCCEEDED(status)) { + status = rv; + } + } + + // If the request went through, update the cache entry size. Otherwise, + // cancel the request, which removes us from the cache. + if (image && NS_SUCCEEDED(status) && !isPartial) { + // We update the cache entry size here because this is where we finish + // loading compressed source data, which is part of our size calculus. + UpdateCacheEntrySize(); + + } else if (isPartial) { + // Remove the partial image from the cache. + this->EvictFromCache(); + + } else { + mImageErrorCode = status; + + // if the error isn't "just" a partial transfer + // stops animations, removes from cache + this->Cancel(status); + } + + if (!image) { + // We have to fire the OnStopRequest notifications ourselves because there's + // no image capable of doing so. + Progress progress = + LoadCompleteProgress(lastPart, /* aError = */ false, status); + + RefPtr<ProgressTracker> progressTracker = GetProgressTracker(); + progressTracker->SyncNotifyProgress(progress); + } + + mTimedChannel = nullptr; + return NS_OK; +} + +struct mimetype_closure { + nsACString* newType; +}; + +/* prototype for these defined below */ +static nsresult sniff_mimetype_callback(nsIInputStream* in, void* closure, + const char* fromRawSegment, + uint32_t toOffset, uint32_t count, + uint32_t* writeCount); + +/** nsThreadRetargetableStreamListener methods **/ +NS_IMETHODIMP +imgRequest::CheckListenerChain() { + // TODO Might need more checking here. + NS_ASSERTION(NS_IsMainThread(), "Should be on the main thread!"); + return NS_OK; +} + +/** nsIStreamListener methods **/ + +struct NewPartResult final { + explicit NewPartResult(image::Image* aExistingImage) + : mImage(aExistingImage), + mIsFirstPart(!aExistingImage), + mSucceeded(false), + mShouldResetCacheEntry(false) {} + + nsAutoCString mContentType; + nsAutoCString mContentDisposition; + RefPtr<image::Image> mImage; + const bool mIsFirstPart; + bool mSucceeded; + bool mShouldResetCacheEntry; +}; + +static NewPartResult PrepareForNewPart(nsIRequest* aRequest, + nsIInputStream* aInStr, uint32_t aCount, + nsIURI* aURI, bool aIsMultipart, + image::Image* aExistingImage, + ProgressTracker* aProgressTracker, + uint32_t aInnerWindowId) { + NewPartResult result(aExistingImage); + + if (aInStr) { + mimetype_closure closure; + closure.newType = &result.mContentType; + + // Look at the first few bytes and see if we can tell what the data is from + // that since servers tend to lie. :( + uint32_t out; + aInStr->ReadSegments(sniff_mimetype_callback, &closure, aCount, &out); + } + + nsCOMPtr<nsIChannel> chan(do_QueryInterface(aRequest)); + if (result.mContentType.IsEmpty()) { + nsresult rv = + chan ? chan->GetContentType(result.mContentType) : NS_ERROR_FAILURE; + if (NS_FAILED(rv)) { + MOZ_LOG(gImgLog, LogLevel::Error, + ("imgRequest::PrepareForNewPart -- " + "Content type unavailable from the channel\n")); + if (!aIsMultipart) { + return result; + } + } + } + + if (chan) { + chan->GetContentDispositionHeader(result.mContentDisposition); + } + + MOZ_LOG(gImgLog, LogLevel::Debug, + ("imgRequest::PrepareForNewPart -- Got content type %s\n", + result.mContentType.get())); + + // XXX If server lied about mimetype and it's SVG, we may need to copy + // the data and dispatch back to the main thread, AND tell the channel to + // dispatch there in the future. + + // Create the new image and give it ownership of our ProgressTracker. + if (aIsMultipart) { + // Create the ProgressTracker and image for this part. + RefPtr<ProgressTracker> progressTracker = new ProgressTracker(); + RefPtr<image::Image> partImage = image::ImageFactory::CreateImage( + aRequest, progressTracker, result.mContentType, aURI, + /* aIsMultipart = */ true, aInnerWindowId); + + if (result.mIsFirstPart) { + // First part for a multipart channel. Create the MultipartImage wrapper. + MOZ_ASSERT(aProgressTracker, "Shouldn't have given away tracker yet"); + aProgressTracker->SetIsMultipart(); + result.mImage = image::ImageFactory::CreateMultipartImage( + partImage, aProgressTracker); + } else { + // Transition to the new part. + auto multipartImage = static_cast<MultipartImage*>(aExistingImage); + multipartImage->BeginTransitionToPart(partImage); + + // Reset our cache entry size so it doesn't keep growing without bound. + result.mShouldResetCacheEntry = true; + } + } else { + MOZ_ASSERT(!aExistingImage, "New part for non-multipart channel?"); + MOZ_ASSERT(aProgressTracker, "Shouldn't have given away tracker yet"); + + // Create an image using our progress tracker. + result.mImage = image::ImageFactory::CreateImage( + aRequest, aProgressTracker, result.mContentType, aURI, + /* aIsMultipart = */ false, aInnerWindowId); + } + + MOZ_ASSERT(result.mImage); + if (!result.mImage->HasError() || aIsMultipart) { + // We allow multipart images to fail to initialize (which generally + // indicates a bad content type) without cancelling the load, because + // subsequent parts might be fine. + result.mSucceeded = true; + } + + return result; +} + +class FinishPreparingForNewPartRunnable final : public Runnable { + public: + FinishPreparingForNewPartRunnable(imgRequest* aImgRequest, + NewPartResult&& aResult) + : Runnable("FinishPreparingForNewPartRunnable"), + mImgRequest(aImgRequest), + mResult(aResult) { + MOZ_ASSERT(aImgRequest); + } + + NS_IMETHOD Run() override { + mImgRequest->FinishPreparingForNewPart(mResult); + return NS_OK; + } + + private: + RefPtr<imgRequest> mImgRequest; + NewPartResult mResult; +}; + +void imgRequest::FinishPreparingForNewPart(const NewPartResult& aResult) { + MOZ_ASSERT(NS_IsMainThread()); + + mContentType = aResult.mContentType; + + SetProperties(aResult.mContentType, aResult.mContentDisposition); + + if (aResult.mIsFirstPart) { + // Notify listeners that we have an image. + mImageAvailable = true; + RefPtr<ProgressTracker> progressTracker = GetProgressTracker(); + progressTracker->OnImageAvailable(); + MOZ_ASSERT(progressTracker->HasImage()); + } + + if (aResult.mShouldResetCacheEntry) { + ResetCacheEntry(); + } + + if (IsDecodeRequested()) { + aResult.mImage->StartDecoding(imgIContainer::FLAG_NONE); + } +} + +bool imgRequest::ImageAvailable() const { return mImageAvailable; } + +NS_IMETHODIMP +imgRequest::OnDataAvailable(nsIRequest* aRequest, nsIInputStream* aInStr, + uint64_t aOffset, uint32_t aCount) { + LOG_SCOPE_WITH_PARAM(gImgLog, "imgRequest::OnDataAvailable", "count", aCount); + + NS_ASSERTION(aRequest, "imgRequest::OnDataAvailable -- no request!"); + + RefPtr<Image> image; + RefPtr<ProgressTracker> progressTracker; + bool isMultipart = false; + bool newPartPending = false; + + // Retrieve and update our state. + { + MutexAutoLock lock(mMutex); + image = mImage; + progressTracker = mProgressTracker; + isMultipart = mIsMultiPartChannel; + newPartPending = mNewPartPending; + mNewPartPending = false; + } + + // If this is a new part, we need to sniff its content type and create an + // appropriate image. + if (newPartPending) { + NewPartResult result = + PrepareForNewPart(aRequest, aInStr, aCount, mURI, isMultipart, image, + progressTracker, mInnerWindowId); + bool succeeded = result.mSucceeded; + + if (result.mImage) { + image = result.mImage; + nsCOMPtr<nsIEventTarget> eventTarget; + + // Update our state to reflect this new part. + { + MutexAutoLock lock(mMutex); + mImage = image; + + // We only get an event target if we are not on the main thread, because + // we have to dispatch in that case. If we are on the main thread, but + // on a different scheduler group than ProgressTracker would give us, + // that is okay because nothing in imagelib requires that, just our + // listeners (which have their own checks). + if (!NS_IsMainThread()) { + eventTarget = mProgressTracker->GetEventTarget(); + MOZ_ASSERT(eventTarget); + } + + mProgressTracker = nullptr; + } + + // Some property objects are not threadsafe, and we need to send + // OnImageAvailable on the main thread, so finish on the main thread. + if (!eventTarget) { + MOZ_ASSERT(NS_IsMainThread()); + FinishPreparingForNewPart(result); + } else { + nsCOMPtr<nsIRunnable> runnable = + new FinishPreparingForNewPartRunnable(this, std::move(result)); + eventTarget->Dispatch(CreateMediumHighRunnable(runnable.forget()), + NS_DISPATCH_NORMAL); + } + } + + if (!succeeded) { + // Something went wrong; probably a content type issue. + Cancel(NS_IMAGELIB_ERROR_FAILURE); + return NS_BINDING_ABORTED; + } + } + + // Notify the image that it has new data. + if (aInStr) { + nsresult rv = + image->OnImageDataAvailable(aRequest, nullptr, aInStr, aOffset, aCount); + + if (NS_FAILED(rv)) { + MOZ_LOG(gImgLog, LogLevel::Warning, + ("[this=%p] imgRequest::OnDataAvailable -- " + "copy to RasterImage failed\n", + this)); + Cancel(NS_IMAGELIB_ERROR_FAILURE); + return NS_BINDING_ABORTED; + } + } + + return NS_OK; +} + +void imgRequest::SetProperties(const nsACString& aContentType, + const nsACString& aContentDisposition) { + /* set our mimetype as a property */ + nsCOMPtr<nsISupportsCString> contentType = + do_CreateInstance("@mozilla.org/supports-cstring;1"); + if (contentType) { + contentType->SetData(aContentType); + mProperties->Set("type", contentType); + } + + /* set our content disposition as a property */ + if (!aContentDisposition.IsEmpty()) { + nsCOMPtr<nsISupportsCString> contentDisposition = + do_CreateInstance("@mozilla.org/supports-cstring;1"); + if (contentDisposition) { + contentDisposition->SetData(aContentDisposition); + mProperties->Set("content-disposition", contentDisposition); + } + } +} + +static nsresult sniff_mimetype_callback(nsIInputStream* in, void* data, + const char* fromRawSegment, + uint32_t toOffset, uint32_t count, + uint32_t* writeCount) { + mimetype_closure* closure = static_cast<mimetype_closure*>(data); + + NS_ASSERTION(closure, "closure is null!"); + + if (count > 0) { + imgLoader::GetMimeTypeFromContent(fromRawSegment, count, *closure->newType); + } + + *writeCount = 0; + return NS_ERROR_FAILURE; +} + +/** nsIInterfaceRequestor methods **/ + +NS_IMETHODIMP +imgRequest::GetInterface(const nsIID& aIID, void** aResult) { + if (!mPrevChannelSink || aIID.Equals(NS_GET_IID(nsIChannelEventSink))) { + return QueryInterface(aIID, aResult); + } + + NS_ASSERTION( + mPrevChannelSink != this, + "Infinite recursion - don't keep track of channel sinks that are us!"); + return mPrevChannelSink->GetInterface(aIID, aResult); +} + +/** nsIChannelEventSink methods **/ +NS_IMETHODIMP +imgRequest::AsyncOnChannelRedirect(nsIChannel* oldChannel, + nsIChannel* newChannel, uint32_t flags, + nsIAsyncVerifyRedirectCallback* callback) { + NS_ASSERTION(mRequest && mChannel, + "Got a channel redirect after we nulled out mRequest!"); + NS_ASSERTION(mChannel == oldChannel, + "Got a channel redirect for an unknown channel!"); + NS_ASSERTION(newChannel, "Got a redirect to a NULL channel!"); + + SetCacheValidation(mCacheEntry, oldChannel); + + // Prepare for callback + mRedirectCallback = callback; + mNewRedirectChannel = newChannel; + + nsCOMPtr<nsIChannelEventSink> sink(do_GetInterface(mPrevChannelSink)); + if (sink) { + nsresult rv = + sink->AsyncOnChannelRedirect(oldChannel, newChannel, flags, this); + if (NS_FAILED(rv)) { + mRedirectCallback = nullptr; + mNewRedirectChannel = nullptr; + } + return rv; + } + + (void)OnRedirectVerifyCallback(NS_OK); + return NS_OK; +} + +NS_IMETHODIMP +imgRequest::OnRedirectVerifyCallback(nsresult result) { + NS_ASSERTION(mRedirectCallback, "mRedirectCallback not set in callback"); + NS_ASSERTION(mNewRedirectChannel, "mNewRedirectChannel not set in callback"); + + if (NS_FAILED(result)) { + mRedirectCallback->OnRedirectVerifyCallback(result); + mRedirectCallback = nullptr; + mNewRedirectChannel = nullptr; + return NS_OK; + } + + mChannel = mNewRedirectChannel; + mTimedChannel = do_QueryInterface(mChannel); + mNewRedirectChannel = nullptr; + + if (LOG_TEST(LogLevel::Debug)) { + LOG_MSG_WITH_PARAM(gImgLog, "imgRequest::OnChannelRedirect", "old", + mFinalURI ? mFinalURI->GetSpecOrDefault().get() : ""); + } + + // If the previous URI is a non-HTTPS URI, record that fact for later use by + // security code, which needs to know whether there is an insecure load at any + // point in the redirect chain. + bool schemeLocal = false; + if (NS_FAILED(NS_URIChainHasFlags(mFinalURI, + nsIProtocolHandler::URI_IS_LOCAL_RESOURCE, + &schemeLocal)) || + (!mFinalURI->SchemeIs("https") && !mFinalURI->SchemeIs("chrome") && + !schemeLocal)) { + MutexAutoLock lock(mMutex); + + // The csp directive upgrade-insecure-requests performs an internal redirect + // to upgrade all requests from http to https before any data is fetched + // from the network. Do not pollute mHadInsecureRedirect in case of such an + // internal redirect. + nsCOMPtr<nsILoadInfo> loadInfo = mChannel->LoadInfo(); + bool upgradeInsecureRequests = + loadInfo ? loadInfo->GetUpgradeInsecureRequests() || + loadInfo->GetBrowserUpgradeInsecureRequests() + : false; + if (!upgradeInsecureRequests) { + mHadInsecureRedirect = true; + } + } + + // Update the final URI. + mChannel->GetURI(getter_AddRefs(mFinalURI)); + + if (LOG_TEST(LogLevel::Debug)) { + LOG_MSG_WITH_PARAM(gImgLog, "imgRequest::OnChannelRedirect", "new", + mFinalURI ? mFinalURI->GetSpecOrDefault().get() : ""); + } + + // Make sure we have a protocol that returns data rather than opens an + // external application, e.g. 'mailto:'. + bool doesNotReturnData = false; + nsresult rv = NS_URIChainHasFlags( + mFinalURI, nsIProtocolHandler::URI_DOES_NOT_RETURN_DATA, + &doesNotReturnData); + + if (NS_SUCCEEDED(rv) && doesNotReturnData) { + rv = NS_ERROR_ABORT; + } + + if (NS_FAILED(rv)) { + mRedirectCallback->OnRedirectVerifyCallback(rv); + mRedirectCallback = nullptr; + return NS_OK; + } + + mRedirectCallback->OnRedirectVerifyCallback(NS_OK); + mRedirectCallback = nullptr; + return NS_OK; +} |