Add support for Upgrade request to a potentially trustworthy URL. (#34986)

* Add support for Upgrade request to a potentially trustworthy URL. Signed-off-by: Shubham Gupta <shubham13297@gmail.com> * script: Support inheritable insecure request policy in documents and workers. Signed-off-by: Josh Matthews <josh@joshmatthews.net> --------- Signed-off-by: Shubham Gupta <shubham13297@gmail.com> Signed-off-by: Josh Matthews <josh@joshmatthews.net> Co-authored-by: Shubham Gupta <shubham.gupta@chromium.org> Co-authored-by: Josh Matthews <josh@joshmatthews.net>
2025-08-06 06:00:15 +01:00 · 2025-02-05 20:49:56 +08:00 · 2025-02-05 20:49:56 +08:00 · 1e164738d8
commit 1e164738d8
parent 7b36f2beb3
57 changed files with 264 additions and 346 deletions
--- a/components/shared/net/request.rs
+++ b/components/shared/net/request.rs
@ -233,6 +233,12 @@ impl RequestBody {
    }
 }

+#[derive(Clone, Copy, Debug, Deserialize, MallocSizeOf, PartialEq, Serialize)]
+pub enum InsecureRequestsPolicy {
+    DoNotUpgrade,
+    Upgrade,
+}
+
 #[derive(Clone, Debug, Deserialize, MallocSizeOf, Serialize)]
 pub struct RequestBuilder {
    pub id: RequestId,
@ -262,6 +268,7 @@ pub struct RequestBuilder {
    pub use_url_credentials: bool,
    pub origin: ImmutableOrigin,
    pub policy_container: RequestPolicyContainer,
+    pub insecure_requests_policy: InsecureRequestsPolicy,
    // XXXManishearth these should be part of the client object
    pub referrer: Referrer,
    pub referrer_policy: ReferrerPolicy,
@ -298,6 +305,7 @@ impl RequestBuilder {
            use_url_credentials: false,
            origin: ImmutableOrigin::new_opaque(),
            policy_container: RequestPolicyContainer::default(),
+            insecure_requests_policy: InsecureRequestsPolicy::DoNotUpgrade,
            referrer,
            referrer_policy: ReferrerPolicy::EmptyString,
            pipeline_id: None,
@ -418,6 +426,14 @@ impl RequestBuilder {
        self
    }

+    pub fn insecure_requests_policy(
+        mut self,
+        insecure_requests_policy: InsecureRequestsPolicy,
+    ) -> RequestBuilder {
+        self.insecure_requests_policy = insecure_requests_policy;
+        self
+    }
+
    pub fn build(self) -> Request {
        let mut request = Request::new(
            self.id,
@ -454,6 +470,7 @@ impl RequestBuilder {
        request.response_tainting = self.response_tainting;
        request.crash = self.crash;
        request.policy_container = self.policy_container;
+        request.insecure_requests_policy = self.insecure_requests_policy;
        request
    }
 }
@ -525,6 +542,8 @@ pub struct Request {
    pub parser_metadata: ParserMetadata,
    /// <https://fetch.spec.whatwg.org/#concept-request-policy-container>
    pub policy_container: RequestPolicyContainer,
+    /// <https://w3c.github.io/webappsec-upgrade-insecure-requests/#insecure-requests-policy>
+    pub insecure_requests_policy: InsecureRequestsPolicy,
    pub https_state: HttpsState,
    /// Servo internal: if crash details are present, trigger a crash error page with these details.
    pub crash: Option<String>,
@ -570,6 +589,7 @@ impl Request {
            redirect_count: 0,
            response_tainting: ResponseTainting::Basic,
            policy_container: RequestPolicyContainer::Client,
+            insecure_requests_policy: InsecureRequestsPolicy::DoNotUpgrade,
            https_state,
            crash: None,
        }
@ -592,7 +612,14 @@ impl Request {

    /// <https://fetch.spec.whatwg.org/#navigation-request>
    pub fn is_navigation_request(&self) -> bool {
-        self.destination == Destination::Document
+        matches!(
+            self.destination,
+            Destination::Document |
+                Destination::Embed |
+                Destination::Frame |
+                Destination::IFrame |
+                Destination::Object
+        )
    }

    /// <https://fetch.spec.whatwg.org/#subresource-request>