summaryrefslogtreecommitdiffstats
path: root/dom/security/nsContentSecurityUtils.cpp
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-23 04:29:10 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-23 04:29:10 +0000
commite3cb9707d5a825c871111670200af02af1718195 (patch)
treee9b374d6a4dc9990a45e9b61098624f0b722ede1 /dom/security/nsContentSecurityUtils.cpp
parentAdding debian version 125.0.1-2. (diff)
downloadfirefox-e3cb9707d5a825c871111670200af02af1718195.tar.xz
firefox-e3cb9707d5a825c871111670200af02af1718195.zip
Merging upstream version 125.0.2.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'dom/security/nsContentSecurityUtils.cpp')
-rw-r--r--dom/security/nsContentSecurityUtils.cpp48
1 files changed, 30 insertions, 18 deletions
diff --git a/dom/security/nsContentSecurityUtils.cpp b/dom/security/nsContentSecurityUtils.cpp
index 01e9c6d5db..d2c1b257bc 100644
--- a/dom/security/nsContentSecurityUtils.cpp
+++ b/dom/security/nsContentSecurityUtils.cpp
@@ -1670,25 +1670,37 @@ long nsContentSecurityUtils::ClassifyDownload(
nsCOMPtr<nsIURI> contentLocation;
aChannel->GetURI(getter_AddRefs(contentLocation));
- if (StaticPrefs::dom_block_download_insecure()) {
- // If we are not dealing with a potentially trustworthy origin, or a URI
- // that is safe to be loaded like e.g. data:, then we block the load.
- bool isInsecureDownload =
- !nsMixedContentBlocker::IsPotentiallyTrustworthyOrigin(
- contentLocation) &&
- !nsMixedContentBlocker::URISafeToBeLoadedInSecureContext(
- contentLocation);
-
- Telemetry::Accumulate(mozilla::Telemetry::INSECURE_DOWNLOADS,
- isInsecureDownload);
-
- if (isInsecureDownload) {
- nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel);
- if (httpChannel) {
- LogMessageToConsole(httpChannel, "BlockedInsecureDownload");
- }
- return nsITransfer::DOWNLOAD_POTENTIALLY_UNSAFE;
+ nsCOMPtr<nsIPrincipal> loadingPrincipal = loadInfo->GetLoadingPrincipal();
+ if (!loadingPrincipal) {
+ loadingPrincipal = loadInfo->TriggeringPrincipal();
+ }
+ // Creating a fake Loadinfo that is just used for the MCB check.
+ nsCOMPtr<nsILoadInfo> secCheckLoadInfo = new mozilla::net::LoadInfo(
+ loadingPrincipal, loadInfo->TriggeringPrincipal(), nullptr,
+ nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK,
+ nsIContentPolicy::TYPE_FETCH);
+ // Disable HTTPS-Only checks for that loadinfo. This is required because
+ // otherwise nsMixedContentBlocker::ShouldLoad would assume that the request
+ // is safe, because HTTPS-Only is handling it.
+ secCheckLoadInfo->SetHttpsOnlyStatus(nsILoadInfo::HTTPS_ONLY_EXEMPT);
+
+ int16_t decission = nsIContentPolicy::ACCEPT;
+ nsMixedContentBlocker::ShouldLoad(false, // aHadInsecureImageRedirect
+ contentLocation, // aContentLocation,
+ secCheckLoadInfo, // aLoadinfo
+ false, // aReportError
+ &decission // aDecision
+ );
+ Telemetry::Accumulate(mozilla::Telemetry::MIXED_CONTENT_DOWNLOADS,
+ decission != nsIContentPolicy::ACCEPT);
+
+ if (StaticPrefs::dom_block_download_insecure() &&
+ decission != nsIContentPolicy::ACCEPT) {
+ nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel);
+ if (httpChannel) {
+ LogMessageToConsole(httpChannel, "MixedContentBlockedDownload");
}
+ return nsITransfer::DOWNLOAD_POTENTIALLY_UNSAFE;
}
if (loadInfo->TriggeringPrincipal()->IsSystemPrincipal()) {