diff options
Diffstat (limited to 'netwerk/protocol/http/nsHttpHandler.cpp')
-rw-r--r-- | netwerk/protocol/http/nsHttpHandler.cpp | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/netwerk/protocol/http/nsHttpHandler.cpp b/netwerk/protocol/http/nsHttpHandler.cpp index b6440c88b5..d0aebdf965 100644 --- a/netwerk/protocol/http/nsHttpHandler.cpp +++ b/netwerk/protocol/http/nsHttpHandler.cpp @@ -2204,12 +2204,8 @@ nsresult nsHttpHandler::SpeculativeConnectInternal( originAttributes = std::move(aOriginAttributes.ref()); } else if (aPrincipal) { originAttributes = aPrincipal->OriginAttributesRef(); - StoragePrincipalHelper::UpdateOriginAttributesForNetworkState( - aURI, originAttributes); } else if (loadContext) { loadContext->GetOriginAttributes(originAttributes); - StoragePrincipalHelper::UpdateOriginAttributesForNetworkState( - aURI, originAttributes); } nsCOMPtr<nsIURI> clone; @@ -2222,6 +2218,15 @@ nsresult nsHttpHandler::SpeculativeConnectInternal( } } + if (!aOriginAttributes) { + // We must update the originAttributes with the network state first party + // domain **after** we upgrade aURI to https. + // Otherwise the speculative connection will be keyed by a http URL + // and end up not being used. + StoragePrincipalHelper::UpdateOriginAttributesForNetworkState( + aURI, originAttributes); + } + nsAutoCString scheme; nsresult rv = aURI->GetScheme(scheme); if (NS_FAILED(rv)) return rv; @@ -2748,12 +2753,15 @@ bool nsHttpHandler::UseHTTPSRRAsAltSvcEnabled() const { } bool nsHttpHandler::EchConfigEnabled(bool aIsHttp3) const { + if (mParentalControlEnabled) { + return false; + } + if (!aIsHttp3) { return StaticPrefs::network_dns_echconfig_enabled(); } - return StaticPrefs::network_dns_echconfig_enabled() && - StaticPrefs::network_dns_http3_echconfig_enabled(); + return StaticPrefs::network_dns_http3_echconfig_enabled(); } bool nsHttpHandler::FallbackToOriginIfConfigsAreECHAndAllFailed() const { |