Ziele Untersuchung
mit Columbo Integrität von
Datenbanken Interaktion und
Portierbarkeit Ergonomie der
Schnittstellen

Angebot Produkte Projekt Beratung

Mittel Analytik Modellierung Sprachen Algebra Logik Hardware Denken Kreativität

Zusammenhänge Gesellschaft Wirtschaft Branche Firma


products/sources/formale Sprachen/C/Firefox/netwerk/protocol/http/ (Browser von der Mozilla Stiftung Version 136.0.1^©) Datei vom 10.2.2025 mit Größe 7 kB

Quelle nsHttpChannelAuthProvider.h Sprache: C

/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim:set et cin ts=4 sw=2 sts=2: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#ifndef nsHttpChannelAuthProvider_h__
#define nsHttpChannelAuthProvider_h__

#include "nsIHttpChannelAuthProvider.h"
#include "nsIAuthPromptCallback.h"
#include "nsIHttpAuthenticatorCallback.h"
#include "nsString.h"
#include "nsCOMPtr.h"
#include "nsHttpAuthCache.h"
#include "nsProxyInfo.h"
#include "nsICancelable.h"

class nsIHttpAuthenticableChannel;
class nsIHttpAuthenticator;
class nsIURI;

namespace mozilla {
namespace net {

class nsHttpHandler;
struct nsHttpAtom;

class nsHttpChannelAuthProvider final : public nsIHttpChannelAuthProvider,
                                        public nsIAuthPromptCallback,
                                        public nsIHttpAuthenticatorCallback {
public:
  NS_DECL_ISUPPORTS
  NS_DECL_NSICANCELABLE
  NS_DECL_NSIHTTPCHANNELAUTHPROVIDER
  NS_DECL_NSIAUTHPROMPTCALLBACK
  NS_DECL_NSIHTTPAUTHENTICATORCALLBACK

  nsHttpChannelAuthProvider();

private:
  virtual ~nsHttpChannelAuthProvider();

  const nsCString& ProxyHost() const {
    return mProxyInfo ? mProxyInfo->Host() : EmptyCString();
  }

  int32_t ProxyPort() const { return mProxyInfo ? mProxyInfo->Port() : -1; }

  const nsCString& Host() const { return mHost; }
  int32_t Port() const { return mPort; }
  bool UsingSSL() const { return mUsingSSL; }

  bool UsingHttpProxy() const {
    return mProxyInfo && (mProxyInfo->IsHTTP() || mProxyInfo->IsHTTPS());
  }

  [[nodiscard]] nsresult PrepareForAuthentication(bool proxyAuth);
  [[nodiscard]] nsresult GenCredsAndSetEntry(
      nsIHttpAuthenticator*, bool proxyAuth, const nsACString& scheme,
      const nsACString& host, int32_t port, const nsACString& dir,
      const nsACString& realm, const nsACString& challenge,
      const nsHttpAuthIdentity& ident, nsCOMPtr<nsISupports>& session,
      nsACString& result);
  [[nodiscard]] nsresult GetAuthenticator(const nsACString& aChallenge,
                                          nsCString& authType,
                                          nsIHttpAuthenticator** auth);
  void ParseRealm(const nsACString&, nsACString& realm);
  void GetIdentityFromURI(uint32_t authFlags, nsHttpAuthIdentity&);

  /**
   * Following three methods return NS_ERROR_IN_PROGRESS when
   * nsIAuthPrompt2.asyncPromptAuth method is called. This result indicates
   * the user's decision will be gathered in a callback and is not an actual
   * error.
   */
  [[nodiscard]] nsresult GetCredentials(const nsACString& challenges,
                                        bool proxyAuth, nsCString& creds);
  [[nodiscard]] nsresult GetCredentialsForChallenge(
      const nsACString& aChallenge, const nsACString& aAuthType, bool proxyAuth,
      nsIHttpAuthenticator* auth, nsCString& creds);
  [[nodiscard]] nsresult PromptForIdentity(uint32_t level, bool proxyAuth,
                                           const nsACString& realm,
                                           const nsACString& authType,
                                           uint32_t authFlags,
                                           nsHttpAuthIdentity&);

  bool ConfirmAuth(const char* bundleKey, bool doYesNoPrompt);
  void SetAuthorizationHeader(nsHttpAuthCache*, const nsHttpAtom& header,
                              const nsACString& scheme, const nsACString& host,
                              int32_t port, const nsACString& path,
                              nsHttpAuthIdentity& ident);
  [[nodiscard]] nsresult GetCurrentPath(nsACString&);
  /**
   * Return all information needed to build authorization information,
   * all parameters except proxyAuth are out parameters. proxyAuth specifies
   * with what authorization we work (WWW or proxy).
   */
  [[nodiscard]] nsresult GetAuthorizationMembers(
      bool proxyAuth, nsACString& scheme, nsCString& host, int32_t& port,
      nsACString& path, nsHttpAuthIdentity*& ident,
      nsISupports**& continuationState);
  /**
   * Method called to resume suspended transaction after we got credentials
   * from the user. Called from OnAuthAvailable callback or OnAuthCancelled
   * when credentials for next challenge were obtained synchronously.
   */
  [[nodiscard]] nsresult ContinueOnAuthAvailable(const nsACString& creds);

  [[nodiscard]] nsresult DoRedirectChannelToHttps();

  /**
   * A function that takes care of reading STS headers and enforcing STS
   * load rules.  After a secure channel is erected, STS requires the channel
   * to be trusted or any STS header data on the channel is ignored.
   * This is called from ProcessResponse.
   */
  [[nodiscard]] nsresult ProcessSTSHeader();

  // Depending on the pref setting, the authentication dialog may be blocked
  // for all sub-resources, blocked for cross-origin sub-resources, or
  // always allowed for sub-resources.
  // For more details look at the bug 647010.
  bool BlockPrompt(bool proxyAuth);

  // Store credentials to the cache when appropriate aFlags are set.
  [[nodiscard]] nsresult UpdateCache(
      nsIHttpAuthenticator* aAuth, const nsACString& aScheme,
      const nsACString& aHost, int32_t aPort, const nsACString& aDirectory,
      const nsACString& aRealm, const nsACString& aChallenge,
      const nsHttpAuthIdentity& aIdent, const nsACString& aCreds,
      uint32_t aGenerateFlags, nsISupports* aSessionState, bool aProxyAuth);

private:
  nsIHttpAuthenticableChannel* mAuthChannel{nullptr};  // weak ref

  nsCOMPtr<nsIURI> mURI;
  nsCOMPtr<nsProxyInfo> mProxyInfo;
  nsCString mHost;
  int32_t mPort{-1};
  bool mUsingSSL{false};
  bool mProxyUsingSSL{false};
  bool mIsPrivate{false};

  nsISupports* mProxyAuthContinuationState{nullptr};
  nsCString mProxyAuthType;
  nsISupports* mAuthContinuationState{nullptr};
  nsCString mAuthType;
  nsHttpAuthIdentity mIdent;
  nsHttpAuthIdentity mProxyIdent;

  // Reference to the prompt waiting in prompt queue. The channel is
  // responsible to call its cancel method when user in any way cancels
  // this request.
  nsCOMPtr<nsICancelable> mAsyncPromptAuthCancelable;
  // Saved in GetCredentials when prompt is asynchronous, the first challenge
  // we obtained from the server with 401/407 response, will be processed in
  // OnAuthAvailable callback.
  nsCString mCurrentChallenge;
  // Saved in GetCredentials when prompt is asynchronous, remaning challenges
  // we have to process when user cancels the auth dialog for the current
  // challenge.
  nsCString mRemainingChallenges;

  // True when we need to authenticate to proxy, i.e. when we get 407
  // response. Used in OnAuthAvailable and OnAuthCancelled callbacks.
  uint32_t mProxyAuth : 1;
  uint32_t mTriedProxyAuth : 1;
  uint32_t mTriedHostAuth : 1;
  uint32_t mSuppressDefensiveAuth : 1;

  // If a cross-origin sub-resource is being loaded, this flag will be set.
  // In that case, the prompt text will be different to warn users.
  uint32_t mCrossOrigin : 1;
  uint32_t mConnectionBased : 1;

  RefPtr<nsHttpHandler> mHttpHandler;  // keep gHttpHandler alive

  nsCOMPtr<nsICancelable> mGenerateCredentialsCancelable;
};

}  // namespace net
}  // namespace mozilla

#endif  // nsHttpChannelAuthProvider_h__

quality86%

¤ Dauer der Verarbeitung: 0.28 Sekunden (vorverarbeitet) ¤

Wurzel

Suchen

Beweissystem der NASA

Beweissystem Isabelle

NIST Cobol Testsuite

Cephes Mathematical Library

Wiener Entwicklungsmethode

Haftungshinweis

Die Informationen auf dieser Webseite wurden nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit, noch Qualität der bereit gestellten Informationen zugesichert.