From 40a355a42d4a9444dc753c04c6608dade2f06a23 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Fri, 19 Apr 2024 03:13:27 +0200
Subject: Adding upstream version 125.0.1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 dom/security/nsHTTPSOnlyUtils.cpp | 63 +++++++++++++++++++++++++++++++++++----
 1 file changed, 57 insertions(+), 6 deletions(-)

(limited to 'dom/security/nsHTTPSOnlyUtils.cpp')

diff --git a/dom/security/nsHTTPSOnlyUtils.cpp b/dom/security/nsHTTPSOnlyUtils.cpp
index 2a3880ba70..535efaba4e 100644
--- a/dom/security/nsHTTPSOnlyUtils.cpp
+++ b/dom/security/nsHTTPSOnlyUtils.cpp
@@ -6,6 +6,8 @@
 
 #include "mozilla/Components.h"
 #include "mozilla/ClearOnShutdown.h"
+#include "mozilla/TimeStamp.h"
+#include "mozilla/glean/GleanMetrics.h"
 #include "mozilla/NullPrincipal.h"
 #include "mozilla/StaticPrefs_dom.h"
 #include "mozilla/net/DNS.h"
@@ -438,7 +440,7 @@ bool nsHTTPSOnlyUtils::ShouldUpgradeHttpsFirstRequest(nsIURI* aURI,
   // We can upgrade the request - let's log to the console and set the status
   // so we know that we upgraded the request.
   if (aLoadInfo->GetWasSchemelessInput() &&
-      mozilla::StaticPrefs::dom_security_https_first_schemeless()) {
+      !IsHttpsFirstModeEnabled(isPrivateWin)) {
     nsAutoCString urlCString;
     aURI->GetSpec(urlCString);
     NS_ConvertUTF8toUTF16 urlString(urlCString);
@@ -447,6 +449,8 @@ bool nsHTTPSOnlyUtils::ShouldUpgradeHttpsFirstRequest(nsIURI* aURI,
     nsHTTPSOnlyUtils::LogLocalizedString("HTTPSFirstSchemeless", params,
                                          nsIScriptError::warningFlag, aLoadInfo,
                                          aURI, true);
+
+    mozilla::glean::httpsfirst::upgraded_schemeless.Add();
   } else {
     nsAutoCString scheme;
 
@@ -461,7 +465,12 @@ bool nsHTTPSOnlyUtils::ShouldUpgradeHttpsFirstRequest(nsIURI* aURI,
         isSpeculative ? "HTTPSOnlyUpgradeSpeculativeConnection"
                       : "HTTPSOnlyUpgradeRequest",
         params, nsIScriptError::warningFlag, aLoadInfo, aURI, true);
+
+    if (!isSpeculative) {
+      mozilla::glean::httpsfirst::upgraded.Add();
+    }
   }
+
   // Set flag so we know that we upgraded the request
   httpsOnlyStatus |= nsILoadInfo::HTTPS_ONLY_UPGRADED_HTTPS_FIRST;
   aLoadInfo->SetHttpsOnlyStatus(httpsOnlyStatus);
@@ -470,9 +479,11 @@ bool nsHTTPSOnlyUtils::ShouldUpgradeHttpsFirstRequest(nsIURI* aURI,
 
 /* static */
 already_AddRefed<nsIURI>
-nsHTTPSOnlyUtils::PotentiallyDowngradeHttpsFirstRequest(nsIChannel* aChannel,
-                                                        nsresult aStatus) {
-  nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
+nsHTTPSOnlyUtils::PotentiallyDowngradeHttpsFirstRequest(
+    mozilla::net::DocumentLoadListener* aDocumentLoadListener,
+    nsresult aStatus) {
+  nsCOMPtr<nsIChannel> channel = aDocumentLoadListener->GetChannel();
+  nsCOMPtr<nsILoadInfo> loadInfo = channel->LoadInfo();
   uint32_t httpsOnlyStatus = loadInfo->GetHttpsOnlyStatus();
   // Only downgrade if we this request was upgraded using HTTPS-First Mode
   if (!(httpsOnlyStatus & nsILoadInfo::HTTPS_ONLY_UPGRADED_HTTPS_FIRST)) {
@@ -488,7 +499,7 @@ nsHTTPSOnlyUtils::PotentiallyDowngradeHttpsFirstRequest(nsIChannel* aChannel,
   // to check each NS_OK for those errors.
   // Only downgrade an NS_OK status if it is an 4xx or 5xx error.
   if (NS_SUCCEEDED(aStatus)) {
-    nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel);
+    nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(channel);
     // If no httpChannel exists we have nothing to do here.
     if (!httpChannel) {
       return nullptr;
@@ -532,7 +543,7 @@ nsHTTPSOnlyUtils::PotentiallyDowngradeHttpsFirstRequest(nsIChannel* aChannel,
   }
 
   nsCOMPtr<nsIURI> uri;
-  nsresult rv = aChannel->GetURI(getter_AddRefs(uri));
+  nsresult rv = channel->GetURI(getter_AddRefs(uri));
   NS_ENSURE_SUCCESS(rv, nullptr);
 
   nsAutoCString spec;
@@ -584,6 +595,33 @@ nsHTTPSOnlyUtils::PotentiallyDowngradeHttpsFirstRequest(nsIChannel* aChannel,
                                        nsIScriptError::warningFlag, loadInfo,
                                        uri, true);
 
+  // Record telemety
+  nsDOMNavigationTiming* timing = aDocumentLoadListener->GetTiming();
+  if (timing) {
+    mozilla::TimeStamp navigationStart = timing->GetNavigationStartTimeStamp();
+    if (navigationStart) {
+      mozilla::TimeDuration duration =
+          mozilla::TimeStamp::Now() - navigationStart;
+      bool isPrivateWin =
+          loadInfo->GetOriginAttributes().mPrivateBrowsingId > 0;
+
+      if (loadInfo->GetWasSchemelessInput() &&
+          !IsHttpsFirstModeEnabled(isPrivateWin)) {
+        mozilla::glean::httpsfirst::downgraded_schemeless.Add();
+        if (timing) {
+          mozilla::glean::httpsfirst::downgrade_time_schemeless
+              .AccumulateRawDuration(duration);
+        }
+      } else {
+        mozilla::glean::httpsfirst::downgraded.Add();
+        if (timing) {
+          mozilla::glean::httpsfirst::downgrade_time.AccumulateRawDuration(
+              duration);
+        }
+      }
+    }
+  }
+
   return newURI.forget();
 }
 
@@ -954,6 +992,19 @@ TestHTTPAnswerRunnable::OnStartRequest(nsIRequest* aRequest) {
       nsresult httpsOnlyChannelStatus;
       httpsOnlyChannel->GetStatus(&httpsOnlyChannelStatus);
       if (httpsOnlyChannelStatus == NS_OK) {
+        bool isPrivateWin =
+            loadInfo->GetOriginAttributes().mPrivateBrowsingId > 0;
+        if (!nsHTTPSOnlyUtils::IsHttpsOnlyModeEnabled(isPrivateWin)) {
+          // Record HTTPS-First Telemetry
+          if (loadInfo->GetWasSchemelessInput() &&
+              !nsHTTPSOnlyUtils::IsHttpsFirstModeEnabled(isPrivateWin)) {
+            mozilla::glean::httpsfirst::downgraded_on_timer_schemeless
+                .AddToNumerator();
+          } else {
+            mozilla::glean::httpsfirst::downgraded_on_timer.AddToNumerator();
+          }
+        }
+
         httpsOnlyChannel->Cancel(NS_ERROR_NET_TIMEOUT_EXTERNAL);
       }
     }
-- 
cgit v1.2.3