/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /* vim: set ts=8 sts=2 et sw=2 tw=80: */ /* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
// Assign same type as in nsDocShell::DetermineContentType. // N.B. internal content policy type will never be TYPE_DOCUMENT return embedderElementType.EqualsLiteral("iframe")
? nsIContentPolicy::TYPE_INTERNAL_IFRAME
: nsIContentPolicy::TYPE_INTERNAL_FRAME;
}
#ifdef DEBUG // TYPE_DOCUMENT loads initiated by javascript tests will go through // nsIOService and use the wrong constructor. Don't enforce the // !TYPE_DOCUMENT check in those cases bool skipContentTypeCheck = false;
skipContentTypeCheck =
Preferences::GetBool("network.loadinfo.skip_type_assertion"); #endif
// This constructor shouldn't be used for TYPE_DOCUMENT loads that don't // have a loadingPrincipal
MOZ_ASSERT(skipContentTypeCheck || mLoadingPrincipal ||
mInternalContentPolicyType != nsIContentPolicy::TYPE_DOCUMENT);
// We should only get an explicit controller for subresource requests.
MOZ_DIAGNOSTIC_ASSERT(aController.isNothing() ||
!nsContentUtils::IsNonSubresourceInternalPolicyType(
mInternalContentPolicyType));
// TODO(bug 1259873): Above, we initialize mIsThirdPartyContext to false // meaning that consumers of LoadInfo that don't pass a context or pass a // context from which we can't find a window will default to assuming that // they're 1st party. It would be nice if we could default "safe" and assume // that we are 3rd party until proven otherwise.
// if consumers pass both, aLoadingContext and aLoadingPrincipal // then the loadingPrincipal must be the same as the node's principal
MOZ_ASSERT(!aLoadingContext || !aLoadingPrincipal ||
aLoadingContext->NodePrincipal() == aLoadingPrincipal);
// if the load is sandboxed, we can not also inherit the principal if (mSandboxFlags & SANDBOXED_ORIGIN) {
mForceInheritPrincipalDropped =
(mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
}
if (aLoadingContext) { // Ensure that all network requests for a window client have the ClientInfo // properly set. Workers must currently pass the loading ClientInfo // explicitly. We allow main thread requests to explicitly pass the value as // well. if (mClientInfo.isNothing()) {
mClientInfo = aLoadingContext->OwnerDoc()->GetClientInfo();
}
// For subresource loads set the service worker based on the calling // context's controller. Workers must currently pass the controller in // explicitly. We allow main thread requests to explicitly pass the value // as well, but otherwise extract from the loading context here. if (mController.isNothing() &&
!nsContentUtils::IsNonSubresourceInternalPolicyType(
mInternalContentPolicyType)) {
mController = aLoadingContext->OwnerDoc()->GetController();
}
nsCOMPtr<nsPIDOMWindowOuter> contextOuter =
aLoadingContext->OwnerDoc()->GetWindow(); if (contextOuter) {
ComputeIsThirdPartyContext(contextOuter);
RefPtr<dom::BrowsingContext> bc = contextOuter->GetBrowsingContext();
MOZ_ASSERT(bc);
mBrowsingContextID = bc->Id();
nsGlobalWindowInner* innerWindow =
nsGlobalWindowInner::Cast(contextOuter->GetCurrentInnerWindow()); if (innerWindow) {
mTopLevelPrincipal = innerWindow->GetTopLevelAntiTrackingPrincipal();
if (!mTopLevelPrincipal &&
externalType == ExtContentPolicy::TYPE_SUBDOCUMENT && bc->IsTop()) { // If this is the first level iframe, innerWindow is our top-level // principal.
mTopLevelPrincipal = innerWindow->GetPrincipal();
}
}
// Let's inherit the cookie behavior and permission from the parent // document.
mCookieJarSettings = aLoadingContext->OwnerDoc()->CookieJarSettings();
}
// When the element being loaded is a frame, we choose the frame's window // for the window ID and the frame element's window as the parent // window. This is the behavior that Chrome exposes to add-ons. // NB: If the frameLoaderOwner doesn't have a frame loader, then the load // must be coming from an object (such as a plugin) that's loaded into it // instead of a document being loaded. In that case, treat this object like // any other non-document-loading element.
RefPtr<nsFrameLoaderOwner> frameLoaderOwner =
do_QueryObject(aLoadingContext);
RefPtr<nsFrameLoader> fl =
frameLoaderOwner ? frameLoaderOwner->GetFrameLoader() : nullptr; if (fl) {
nsCOMPtr<nsIDocShell> docShell = fl->GetDocShell(IgnoreErrors()); if (docShell) {
nsCOMPtr<nsPIDOMWindowOuter> outerWindow = do_GetInterface(docShell); if (outerWindow) {
RefPtr<dom::BrowsingContext> bc = outerWindow->GetBrowsingContext();
mFrameBrowsingContextID = bc ? bc->Id() : 0;
}
}
}
// if the document forces all mixed content to be blocked, then we // store that bit for all requests on the loadinfo.
mBlockAllMixedContent =
aLoadingContext->OwnerDoc()->GetBlockAllMixedContent(false) ||
(nsContentUtils::IsPreloadType(mInternalContentPolicyType) &&
aLoadingContext->OwnerDoc()->GetBlockAllMixedContent(true));
if (mLoadingPrincipal && BasePrincipal::Cast(mTriggeringPrincipal)
->OverridesCSP(mLoadingPrincipal)) { // if the load is triggered by an addon which potentially overrides the // CSP of the document, then do not force insecure requests to be // upgraded.
mUpgradeInsecureRequests = false;
} else { // if the document forces all requests to be upgraded from http to https, // then we should do that for all requests. If it only forces preloads to // be upgraded then we should enforce upgrade insecure requests only for // preloads.
mUpgradeInsecureRequests =
aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(false) ||
(nsContentUtils::IsPreloadType(mInternalContentPolicyType) &&
aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(true));
}
if (nsMixedContentBlocker::IsUpgradableContentType(
mInternalContentPolicyType, /* aConsiderPrefs */ false)) { // Check the load is within a secure context but ignore loopback URLs if (mLoadingPrincipal->GetIsOriginPotentiallyTrustworthy() &&
!mLoadingPrincipal->GetIsLoopbackHost()) { if (nsMixedContentBlocker::IsUpgradableContentType(
mInternalContentPolicyType, /* aConsiderPrefs */ true)) {
mBrowserUpgradeInsecureRequests = true;
} else {
mBrowserWouldUpgradeInsecureRequests = true;
}
}
}
}
mOriginAttributes = mLoadingPrincipal->OriginAttributesRef();
// We need to do this after inheriting the document's origin attributes // above, in case the loading principal ends up being the system principal. if (aLoadingContext) {
nsCOMPtr<nsILoadContext> loadContext =
aLoadingContext->OwnerDoc()->GetLoadContext();
nsCOMPtr<nsIDocShell> docShell = aLoadingContext->OwnerDoc()->GetDocShell(); if (loadContext && docShell &&
docShell->GetBrowsingContext()->IsContent()) { bool usePrivateBrowsing;
nsresult rv = loadContext->GetUsePrivateBrowsing(&usePrivateBrowsing); if (NS_SUCCEEDED(rv)) {
mOriginAttributes.SyncAttributesWithPrivateBrowsing(usePrivateBrowsing);
}
}
if (!loadContext) { // Things like svg documents being used as images don't have a load // context or a docshell, in that case try to inherit private browsing // from the documents channel (which is how we determine which imgLoader // is used).
nsCOMPtr<nsIChannel> channel = aLoadingContext->OwnerDoc()->GetChannel(); if (channel) {
mOriginAttributes.SyncAttributesWithPrivateBrowsing(
NS_UsePrivateBrowsing(channel));
}
}
// For chrome docshell, the mPrivateBrowsingId remains 0 even its // UsePrivateBrowsing() is true, so we only update the mPrivateBrowsingId in // origin attributes if the type of the docshell is content.
MOZ_ASSERT(!docShell || !docShell->GetBrowsingContext()->IsChrome() ||
mOriginAttributes.mPrivateBrowsingId == 0, "chrome docshell shouldn't have mPrivateBrowsingId set.");
}
}
/* Constructor takes an outer window, but no loadingNode or loadingPrincipal. * This constructor should only be used for TYPE_DOCUMENT loads, since they * have a null loadingNode and loadingPrincipal.
*/
LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow, nsIURI* aURI,
nsIPrincipal* aTriggeringPrincipal,
nsISupports* aContextForTopLevelLoad,
nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags)
: mTriggeringPrincipal(aTriggeringPrincipal),
mTriggeringRemoteType(CurrentRemoteType()),
mSandboxedNullPrincipalID(nsID::GenerateUUID()),
mContextForTopLevelLoad(do_GetWeakReference(aContextForTopLevelLoad)),
mSecurityFlags(aSecurityFlags),
mSandboxFlags(aSandboxFlags),
mInternalContentPolicyType(nsIContentPolicy::TYPE_DOCUMENT) { // Top-level loads are never third-party // Grab the information we can out of the window.
MOZ_ASSERT(aOuterWindow);
MOZ_ASSERT(mTriggeringPrincipal);
// if the load is sandboxed, we can not also inherit the principal if (mSandboxFlags & SANDBOXED_ORIGIN) {
mForceInheritPrincipalDropped =
(mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
}
RefPtr<BrowsingContext> bc = aOuterWindow->GetBrowsingContext();
mBrowsingContextID = bc ? bc->Id() : 0;
// This should be removed in bug 1618557
nsGlobalWindowInner* innerWindow =
nsGlobalWindowInner::Cast(aOuterWindow->GetCurrentInnerWindow()); if (innerWindow) {
mTopLevelPrincipal = innerWindow->GetTopLevelAntiTrackingPrincipal();
}
// get the docshell from the outerwindow, and then get the originattributes
nsCOMPtr<nsIDocShell> docShell = aOuterWindow->GetDocShell();
MOZ_ASSERT(docShell);
mOriginAttributes = nsDocShell::Cast(docShell)->GetOriginAttributes();
// We sometimes use this constructor for security checks for outer windows // that aren't top level. if (aSecurityFlags != nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK) {
MOZ_ASSERT(aOuterWindow->GetBrowsingContext()->IsTop());
}
#ifdef DEBUG if (docShell->GetBrowsingContext()->IsChrome()) {
MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0, "chrome docshell shouldn't have mPrivateBrowsingId set.");
} #endif
// Let's take the current cookie behavior and current cookie permission // for the documents' loadInfo. Note that for any other loadInfos, // cookieBehavior will be BEHAVIOR_REJECT for security reasons. bool isPrivate = mOriginAttributes.IsPrivateBrowsing(); bool shouldResistFingerprinting =
nsContentUtils::ShouldResistFingerprinting_dangerous(
aURI, mOriginAttributes, "We are creating CookieJarSettings, so we can't have one already.",
RFPTarget::IsAlwaysEnabledForPrecompute);
mCookieJarSettings = CookieJarSettings::Create(
isPrivate ? CookieJarSettings::ePrivate : CookieJarSettings::eRegular,
shouldResistFingerprinting);
}
LoadInfo::LoadInfo(dom::CanonicalBrowsingContext* aBrowsingContext,
nsIURI* aURI, nsIPrincipal* aTriggeringPrincipal, const nsACString& aTriggeringRemoteType, const OriginAttributes& aOriginAttributes,
nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags)
: mTriggeringPrincipal(aTriggeringPrincipal),
mTriggeringRemoteType(aTriggeringRemoteType),
mSandboxedNullPrincipalID(nsID::GenerateUUID()),
mSecurityFlags(aSecurityFlags),
mSandboxFlags(aSandboxFlags),
mInternalContentPolicyType(nsIContentPolicy::TYPE_DOCUMENT) { // Top-level loads are never third-party // Grab the information we can out of the window.
MOZ_ASSERT(aBrowsingContext);
MOZ_ASSERT(mTriggeringPrincipal);
MOZ_ASSERT(aSecurityFlags !=
nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK);
// if the load is sandboxed, we can not also inherit the principal if (mSandboxFlags & SANDBOXED_ORIGIN) {
mForceInheritPrincipalDropped =
(mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
}
#ifdef DEBUG if (aBrowsingContext->IsChrome()) {
MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0, "chrome docshell shouldn't have mPrivateBrowsingId set.");
} #endif
// This code path can be taken when loading an about:blank document, which // means we might think that we should be exempted from resist fingerprinting. // If we think that, we should defer to any opener, if it is present. If the // opener is also exempted, then it continues to be exempted. Regardless of // what ShouldRFP says, we _also_ need to propagate any RandomizationKey we // have. bool shouldResistFingerprinting =
nsContentUtils::ShouldResistFingerprinting_dangerous(
aURI, mOriginAttributes, "We are creating CookieJarSettings, so we can't have one already.",
RFPTarget::IsAlwaysEnabledForPrecompute);
// In the parent, we need to get the CJS from the CanonicalBrowsingContext's // WindowGlobalParent If we're in the child, we probably have a reference to // the opener's document, and can get it from there. if (XRE_IsParentProcess()) {
MOZ_ASSERT(opener->Canonical()->GetCurrentWindowGlobal()); if (opener->Canonical()->GetCurrentWindowGlobal()) {
MOZ_ASSERT(
opener->Canonical()->GetCurrentWindowGlobal()->CookieJarSettings());
rv = opener->Canonical()
->GetCurrentWindowGlobal()
->CookieJarSettings()
->GetFingerprintingRandomizationKey(randomKey);
}
} elseif (opener->GetDocument()) {
MOZ_ASSERT(false, "Code is in child");
rv = opener->GetDocument()
->CookieJarSettings()
->GetFingerprintingRandomizationKey(randomKey);
}
}
// Let's take the current cookie behavior and current cookie permission // for the documents' loadInfo. Note that for any other loadInfos, // cookieBehavior will be BEHAVIOR_REJECT for security reasons.
mCookieJarSettings = CookieJarSettings::Create(
isPrivate ? CookieJarSettings::ePrivate : CookieJarSettings::eRegular,
shouldResistFingerprinting);
if (NS_SUCCEEDED(rv)) {
net::CookieJarSettings::Cast(mCookieJarSettings)
->SetFingerprintingRandomizationKey(randomKey);
}
}
// if the load is sandboxed, we can not also inherit the principal if (mSandboxFlags & SANDBOXED_ORIGIN) {
mForceInheritPrincipalDropped =
(mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
}
// Ensure that all network requests for a window client have the ClientInfo // properly set.
mClientInfo = aParentWGP->GetClientInfo();
mLoadingPrincipal = aParentWGP->DocumentPrincipal();
ComputeIsThirdPartyContext(aParentWGP);
mBrowsingContextID = parentBC->Id();
// Let's inherit the cookie behavior and permission from the embedder // document.
mCookieJarSettings = aParentWGP->CookieJarSettings(); if (topLevelWGP->BrowsingContext()->IsTop()) { if (mCookieJarSettings) { bool stopAtOurLevel = mCookieJarSettings->GetCookieBehavior() ==
nsICookieService::BEHAVIOR_REJECT_TRACKER; if (!stopAtOurLevel ||
topLevelWGP->OuterWindowId() != aParentWGP->OuterWindowId()) {
mTopLevelPrincipal = topLevelWGP->DocumentPrincipal();
}
}
}
if (!mTopLevelPrincipal && parentBC->IsTop()) { // If this is the first level iframe, embedder WindowGlobalParent's document // principal is our top-level principal.
mTopLevelPrincipal = aParentWGP->DocumentPrincipal();
}
// if the document forces all mixed content to be blocked, then we // store that bit for all requests on the loadinfo.
mBlockAllMixedContent = aParentWGP->GetDocumentBlockAllMixedContent();
if (mTopLevelPrincipal && BasePrincipal::Cast(mTriggeringPrincipal)
->OverridesCSP(mTopLevelPrincipal)) { // if the load is triggered by an addon which potentially overrides the // CSP of the document, then do not force insecure requests to be // upgraded.
mUpgradeInsecureRequests = false;
} else { // if the document forces all requests to be upgraded from http to https, // then we should do that for all requests. If it only forces preloads to // be upgraded then we should enforce upgrade insecure requests only for // preloads.
mUpgradeInsecureRequests = aParentWGP->GetDocumentUpgradeInsecureRequests();
}
mOriginAttributes = mLoadingPrincipal->OriginAttributesRef();
// We need to do this after inheriting the document's origin attributes // above, in case the loading principal ends up being the system principal. if (parentBC->IsContent()) {
mOriginAttributes.SyncAttributesWithPrivateBrowsing(
parentBC->UsePrivateBrowsing());
}
// For chrome BC, the mPrivateBrowsingId remains 0 even its // UsePrivateBrowsing() is true, so we only update the mPrivateBrowsingId in // origin attributes if the type of the BC is content. if (parentBC->IsChrome()) {
MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId == 0, "chrome docshell shouldn't have mPrivateBrowsingId set.");
}
RefPtr<WindowContext> ctx = WindowContext::GetById(mInnerWindowID); if (ctx) {
mLoadingEmbedderPolicy = ctx->GetEmbedderPolicy();
NS_IMETHODIMP
LoadInfo::SetPrincipalToInherit(nsIPrincipal* aPrincipalToInherit) {
MOZ_ASSERT(aPrincipalToInherit, "must be a valid principal to inherit");
mPrincipalToInherit = aPrincipalToInherit; return NS_OK;
}
already_AddRefed<nsISupports> LoadInfo::ContextForTopLevelLoad() { // Most likely you want to query LoadingNode() instead of // ContextForTopLevelLoad() if this assertion fires.
MOZ_ASSERT(mInternalContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT, "should only query this context for top level document loads");
nsCOMPtr<nsISupports> context = do_QueryReferent(mContextForTopLevelLoad); return context.forget();
}
// These contentPolictTypes require a real CookieJarSettings because favicon // and save-as requests must send cookies. Anything else should not // send/receive cookies. if (aContentPolicyType == nsIContentPolicy::TYPE_INTERNAL_IMAGE_FAVICON ||
aContentPolicyType == nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD) { return aIsPrivate ? CookieJarSettings::Create(CookieJarSettings::ePrivate,
shouldResistFingerprinting)
: CookieJarSettings::Create(CookieJarSettings::eRegular,
shouldResistFingerprinting);
}
// Exclude this check if the target browsing context is for the parent // process.
MOZ_ASSERT_IF(XRE_IsParentProcess() && browsingContext &&
!browsingContext->IsInProcess(),
mOverriddenFingerprintingSettingsIsSet); #endif return mOverriddenFingerprintingSettings;
}
NS_IMETHODIMP
LoadInfo::GetExternalContentPolicyType(nsContentPolicyType* aResult) { // We have to use nsContentPolicyType because ExtContentPolicyType is not // visible from xpidl.
*aResult = static_cast<nsContentPolicyType>(
nsContentUtils::InternalContentPolicyTypeToExternal(
mInternalContentPolicyType)); return NS_OK;
}
NS_IMETHODIMP
LoadInfo::ResetPrincipalToInheritToNullPrincipal() { // take the originAttributes from the LoadInfo and create // a new NullPrincipal using those origin attributes.
nsCOMPtr<nsIPrincipal> newNullPrincipal =
NullPrincipal::Create(mOriginAttributes);
mPrincipalToInherit = newNullPrincipal;
// setting SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER will overrule // any non null owner set on the channel and will return the principal // form the loadinfo instead.
mSecurityFlags |= SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER;
NS_IMETHODIMP
LoadInfo::SetInitialSecurityCheckDone(bool aInitialSecurityCheckDone) { // Indicates whether the channel was ever evaluated by the // ContentSecurityManager. Once set to true, this flag must // remain true throughout the lifetime of the channel. // Setting it to anything else than true will be discarded.
MOZ_ASSERT(aInitialSecurityCheckDone, "aInitialSecurityCheckDone must be true");
mInitialSecurityCheckDone =
mInitialSecurityCheckDone || aInitialSecurityCheckDone; return NS_OK;
}
// To prevent unintenional credential and information leaks in content // processes we can use this function to truncate a Principal's URI as much as // possible.
already_AddRefed<nsIPrincipal> CreateTruncatedPrincipal(
nsIPrincipal* aPrincipal) {
nsCOMPtr<nsIPrincipal> truncatedPrincipal; // System Principal URIs don't need to be truncated as they don't contain any // sensitive browsing history information. if (aPrincipal->IsSystemPrincipal()) {
truncatedPrincipal = aPrincipal; return truncatedPrincipal.forget();
}
// Content Principal URIs are the main location of the information we need to // truncate. if (aPrincipal->GetIsContentPrincipal()) { // Certain URIs (chrome, resource, about, jar) don't need to be truncated // as they should be free of any sensitive user browsing history. if (aPrincipal->SchemeIs("chrome") || aPrincipal->SchemeIs("resource") ||
aPrincipal->SchemeIs("about") || aPrincipal->SchemeIs("jar")) {
truncatedPrincipal = aPrincipal; return truncatedPrincipal.forget();
}
// Different parts of the URI are preserved due to being vital to the // browser's operation. // Scheme for differentiating between different types of URIs and how to // truncate them and later on utilize them. // Host and Port to retain the redirect chain's core functionality. // Path would ideally be removed but needs to be retained to ensure that // http/https redirect loops can be detected. // The entirety of the Query String, Reference Fragment, and User Info // subcomponents must be stripped to avoid leaking Oauth tokens, user // identifiers, and similar bits of information that these subcomponents may // contain.
nsAutoCString scheme;
nsAutoCString separator("://");
nsAutoCString hostPort;
nsAutoCString path;
nsAutoCString uriString(""); if (aPrincipal->SchemeIs("view-source")) { // The path portion of the view-source URI will be the URI whose source is // being viewed, so we create a new URI object with a truncated form of // the path and append the view-source scheme to the front again.
nsAutoCString viewSourcePath;
aPrincipal->GetFilePath(viewSourcePath);
if (NS_FAILED(rv)) { // Since the path here should be an already validated URI this should // never happen.
NS_WARNING(viewSourcePath.get());
MOZ_ASSERT(false, "Failed to create truncated form of URI with NS_NewURI.");
truncatedPrincipal = aPrincipal; return truncatedPrincipal.forget();
}
nsCOMPtr<nsIURI> truncatedURI;
nsresult rv = NS_NewURI(getter_AddRefs(truncatedURI), uriString); if (NS_FAILED(rv)) {
NS_WARNING(uriString.get());
MOZ_ASSERT(false, "Failed to create truncated form of URI with NS_NewURI.");
truncatedPrincipal = aPrincipal; return truncatedPrincipal.forget();
}
// Null Principal Precursor URIs can also contain information that needs to // be truncated. if (aPrincipal->GetIsNullPrincipal()) {
nsCOMPtr<nsIPrincipal> precursorPrincipal =
aPrincipal->GetPrecursorPrincipal(); // If there is no precursor then nothing needs to be truncated. if (!precursorPrincipal) {
truncatedPrincipal = aPrincipal; return truncatedPrincipal.forget();
}
// Otherwise we return a new Null Principal with the original's Origin // Attributes and a truncated version of the original's precursor URI.
nsCOMPtr<nsIPrincipal> truncatedPrecursor =
CreateTruncatedPrincipal(precursorPrincipal); return NullPrincipal::CreateWithInheritedAttributes(truncatedPrecursor);
}
// Expanded Principals shouldn't contain sensitive information but their // allowlists might so we truncate that information here. if (aPrincipal->GetIsExpandedPrincipal()) {
nsTArray<nsCOMPtr<nsIPrincipal>> truncatedAllowList;
for (constauto& allowedPrincipal : BasePrincipal::Cast(aPrincipal)
--> --------------------
--> maximum size reached
--> --------------------
¤ Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.0.55Bemerkung:
(vorverarbeitet)
¤
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung ist noch experimentell.
