diff options
Diffstat (limited to 'netwerk/protocol/http/nsHttpChannel.cpp')
-rw-r--r-- | netwerk/protocol/http/nsHttpChannel.cpp | 107 |
1 files changed, 85 insertions, 22 deletions
diff --git a/netwerk/protocol/http/nsHttpChannel.cpp b/netwerk/protocol/http/nsHttpChannel.cpp index b3806f761b..96e61e4fb8 100644 --- a/netwerk/protocol/http/nsHttpChannel.cpp +++ b/netwerk/protocol/http/nsHttpChannel.cpp @@ -9,11 +9,10 @@ #include <inttypes.h> -#include "DocumentChannelParent.h" #include "mozilla/ScopeExit.h" #include "mozilla/Sprintf.h" #include "mozilla/dom/nsCSPContext.h" -#include "mozilla/dom/nsCSPService.h" +#include "mozilla/glean/GleanMetrics.h" #include "mozilla/StoragePrincipalHelper.h" #include "nsContentSecurityUtils.h" @@ -29,7 +28,6 @@ #include "nsIEffectiveTLDService.h" #include "nsIHttpHeaderVisitor.h" #include "nsINetworkInterceptController.h" -#include "nsINSSErrorsService.h" #include "nsIStringBundle.h" #include "nsIStreamListenerTee.h" #include "nsISeekableStream.h" @@ -40,7 +38,6 @@ #include "nsMimeTypes.h" #include "nsNetCID.h" #include "nsNetUtil.h" -#include "nsIURL.h" #include "nsIStreamTransportService.h" #include "prnetdb.h" #include "nsEscape.h" @@ -63,11 +60,8 @@ #include "mozilla/BasePrincipal.h" #include "mozilla/DebugOnly.h" #include "mozilla/PerfStats.h" -#include "mozilla/Preferences.h" #include "mozilla/ProfilerLabels.h" #include "mozilla/Components.h" -#include "mozilla/StaticPrefs_browser.h" -#include "mozilla/StaticPrefs_fission.h" #include "mozilla/StaticPrefs_network.h" #include "mozilla/StaticPrefs_privacy.h" #include "mozilla/StaticPrefs_security.h" @@ -93,15 +87,12 @@ #include "nsIStreamConverterService.h" #include "nsISiteSecurityService.h" #include "nsString.h" -#include "CacheObserver.h" #include "mozilla/dom/PerformanceStorage.h" #include "mozilla/dom/ReferrerInfo.h" #include "mozilla/Telemetry.h" #include "AlternateServices.h" #include "NetworkMarker.h" #include "nsIHttpPushListener.h" -#include "nsIX509Cert.h" -#include "ScopedNSSTypes.h" #include "nsIDNSRecord.h" #include "mozilla/dom/Document.h" #include "nsICompressConvStats.h" @@ -116,14 +107,11 @@ #include "CacheStorageService.h" #include "HttpChannelParent.h" #include "HttpTransactionParent.h" -#include "ParentChannelListener.h" #include "ThirdPartyUtil.h" #include "InterceptedHttpChannel.h" #include "../../cache2/CacheFileUtils.h" -#include "nsIMultiplexInputStream.h" #include "nsINetworkLinkService.h" #include "mozilla/ContentBlockingAllowList.h" -#include "mozilla/dom/Promise.h" #include "mozilla/dom/ServiceWorkerUtils.h" #include "mozilla/dom/nsHTTPSOnlyStreamListener.h" #include "mozilla/dom/nsHTTPSOnlyUtils.h" @@ -134,7 +122,6 @@ #include "mozilla/net/UrlClassifierFeatureFactory.h" #include "HttpTrafficAnalyzer.h" #include "mozilla/net/SocketProcessParent.h" -#include "js/Conversions.h" #include "mozilla/dom/SecFetch.h" #include "mozilla/net/TRRService.h" #include "nsUnknownDecoder.h" @@ -560,7 +547,8 @@ nsresult nsHttpChannel::OnBeforeConnect() { } rv = sss->IsSecureURI(mURI, originAttributes, &isSecureURI); NS_ENSURE_SUCCESS(rv, rv); - // Save that on the loadInfo so it can later be consumed by SecurityInfo.jsm + // Save that on the loadInfo so it can later be consumed by + // SecurityInfo.sys.mjs mLoadInfo->SetHstsStatus(isSecureURI); RefPtr<mozilla::dom::BrowsingContext> bc; @@ -797,6 +785,19 @@ nsresult nsHttpChannel::ContinueOnBeforeConnect(bool aShouldUpgrade, mConnectionInfo->SetAnonymousAllowClientCert( (mLoadFlags & LOAD_ANONYMOUS_ALLOW_CLIENT_CERT) != 0); + if (mWebTransportSessionEventListener) { + nsTArray<RefPtr<nsIWebTransportHash>> aServerCertHashes; + nsresult rv; + nsCOMPtr<WebTransportConnectionSettings> wtconSettings = + do_QueryInterface(mWebTransportSessionEventListener, &rv); + NS_ENSURE_SUCCESS(rv, rv); + + wtconSettings->GetServerCertificateHashes(aServerCertHashes); + gHttpHandler->ConnMgr()->StoreServerCertHashes( + mConnectionInfo, gHttpHandler->IsHttp2Excluded(mConnectionInfo), + !Http3Allowed(), std::move(aServerCertHashes)); + } + // notify "http-on-before-connect" observers gHttpHandler->OnBeforeConnect(this); @@ -2277,8 +2278,10 @@ nsresult nsHttpChannel::ContinueProcessResponse1() { // Given a successful connection, process any STS or PKP data that's // relevant. - DebugOnly<nsresult> rv = ProcessSecurityHeaders(); - MOZ_ASSERT(NS_SUCCEEDED(rv), "ProcessSTSHeader failed, continuing load."); + nsresult rv = ProcessSecurityHeaders(); + if (NS_FAILED(rv)) { + NS_WARNING("ProcessSTSHeader failed, continuing load."); + } if ((httpStatus < 500) && (httpStatus != 421)) { ProcessAltService(); @@ -2400,7 +2403,6 @@ nsresult nsHttpChannel::ContinueProcessResponse3(nsresult rv) { rv = ProcessNormal(); } break; - case 300: case 301: case 302: case 307: @@ -6443,6 +6445,16 @@ nsresult nsHttpChannel::BeginConnect() { connInfo = new nsHttpConnectionInfo(host, port, "h3"_ns, mUsername, proxyInfo, originAttributes, isHttps, true, true); + bool dedicated = true; + nsresult rv; + nsCOMPtr<WebTransportConnectionSettings> wtconSettings = + do_QueryInterface(mWebTransportSessionEventListener, &rv); + NS_ENSURE_SUCCESS(rv, rv); + wtconSettings->GetDedicated(&dedicated); + if (dedicated) { + connInfo->SetWebTransportId( + gHttpHandler->ConnMgr()->GenerateNewWebTransportId()); + } } else { connInfo = new nsHttpConnectionInfo(host, port, ""_ns, mUsername, proxyInfo, originAttributes, isHttps); @@ -6954,7 +6966,54 @@ nsHttpChannel::OnProxyAvailable(nsICancelable* request, nsIChannel* channel, // request was canceled. We just failover to DIRECT when proxy resolution // fails (failure can mean that the PAC URL could not be loaded). - if (NS_SUCCEEDED(status)) mProxyInfo = pi; + if (NS_SUCCEEDED(status)) { + mProxyInfo = pi; + + if (mProxyInfo) { + nsAutoCStringN<8> type; + mProxyInfo->GetType(type); + uint32_t flags = 0; + mProxyInfo->GetFlags(&flags); + + if (type.EqualsLiteral("socks")) { + if (flags & nsIProxyInfo::TRANSPARENT_PROXY_RESOLVES_HOST) { + glean::networking::proxy_info_type + .EnumGet(glean::networking::ProxyInfoTypeLabel::eSocks5h) + .Add(1); + } else { + glean::networking::proxy_info_type + .EnumGet(glean::networking::ProxyInfoTypeLabel::eSocks5) + .Add(1); + } + } else if (type.EqualsLiteral("socks4")) { + if (flags & nsIProxyInfo::TRANSPARENT_PROXY_RESOLVES_HOST) { + glean::networking::proxy_info_type + .EnumGet(glean::networking::ProxyInfoTypeLabel::eSocks4a) + .Add(1); + } else { + glean::networking::proxy_info_type + .EnumGet(glean::networking::ProxyInfoTypeLabel::eSocks4) + .Add(1); + } + } else if (type.EqualsLiteral("http")) { + glean::networking::proxy_info_type + .EnumGet(glean::networking::ProxyInfoTypeLabel::eHttp) + .Add(1); + } else if (type.EqualsLiteral("https")) { + glean::networking::proxy_info_type + .EnumGet(glean::networking::ProxyInfoTypeLabel::eHttps) + .Add(1); + } else if (type.EqualsLiteral("direct")) { + glean::networking::proxy_info_type + .EnumGet(glean::networking::ProxyInfoTypeLabel::eDirect) + .Add(1); + } else { + glean::networking::proxy_info_type + .EnumGet(glean::networking::ProxyInfoTypeLabel::eUnknown) + .Add(1); + } + } + } if (!gHttpHandler->Active()) { LOG( @@ -8203,6 +8262,10 @@ nsresult nsHttpChannel::ContinueOnStopRequest(nsresult aStatus, bool aIsFromNet, } mAuthRetryPending = false; } + + // notify "http-on-before-stop-request" observers + gHttpHandler->OnBeforeStopRequest(this); + if (mListener) { LOG(("nsHttpChannel %p calling OnStopRequest\n", this)); MOZ_ASSERT(LoadOnStartRequestCalled(), @@ -8219,7 +8282,7 @@ nsresult nsHttpChannel::ContinueOnStopRequest(nsresult aStatus, bool aIsFromNet, mRedirectChannel = nullptr; - // notify "http-on-stop-connect" observers + // notify "http-on-stop-request" observers gHttpHandler->OnStopRequest(this); RemoveAsNonTailRequest(); @@ -9342,8 +9405,8 @@ nsresult nsHttpChannel::OnPush(uint32_t aPushedStreamId, const nsACString& aUrl, // static bool nsHttpChannel::IsRedirectStatus(uint32_t status) { // 305 disabled as a security measure (see bug 187996). - return status == 300 || status == 301 || status == 302 || status == 303 || - status == 307 || status == 308; + return status == 301 || status == 302 || status == 303 || status == 307 || + status == 308; } void nsHttpChannel::SetCouldBeSynthesized() { |