Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-08-05 05:30:08 +01:00
Code Issues Projects Releases Packages Wiki Activity

net: Use a POST request for allowing certs temporarily.

Browse source
This commit is contained in:
Josh Matthews 2020-06-09 12:50:08 -04:00
parent 6a6662195e
commit 2550600131
4 changed files with 28 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

34
components/net/fetch/methods.rs
View file

@ -15,14 +15,16 @@ use headers::{AccessControlExposeHeaders, ContentType, HeaderMapExt, Range};
use http::header::{self, HeaderMap, HeaderName};
use hyper::Method;
use hyper::StatusCode;
use ipc_channel::ipc::IpcReceiver;
use ipc_channel::ipc::{self, IpcReceiver};
use mime::{self, Mime};
use net_traits::blob_url_store::{parse_blob_url, BlobURLStoreError};
use net_traits::filemanager_thread::{FileTokenCheck, RelativePos};
use net_traits::request::{
is_cors_safelisted_method, is_cors_safelisted_request_header, Origin, ResponseTainting, Window,
};
use net_traits::request::{CredentialsMode, Destination, Referrer, Request, RequestMode};
use net_traits::request::{
BodyChunkRequest, CredentialsMode, Destination, Referrer, Request, RequestMode,
};
use net_traits::response::{Response, ResponseBody, ResponseType};
use net_traits::{FetchTaskTarget, NetworkError, ReferrerPolicy, ResourceFetchTiming};
use net_traits::{ResourceAttribute, ResourceTimeValue, ResourceTimingType};
@ -634,20 +636,26 @@ fn scheme_fetch(
"about" if url.path() == "blank" => create_blank_reply(url, request.timing_type()),
"chrome" if url.path() == "allowcert" => {
let mut secret = None;
let mut cert_bytes = None;
for (name, value) in url.as_url().query_pairs() {
match &*name {
"secret" => secret = Some(value),
"bytes" => cert_bytes = base64::decode(value.as_bytes()).ok(),
_ => (),
}
}
if let (Some(secret), Some(bytes)) = (secret, cert_bytes) {
if secret.parse() == Ok(*net_traits::PRIVILEGED_SECRET) {
let data = request.body.as_mut().and_then(|body| {
let stream = body.take_stream();
let (body_chan, body_port) = ipc::channel().unwrap();
let _ = stream.send(BodyChunkRequest::Connect(body_chan));
let _ = stream.send(BodyChunkRequest::Chunk);
body_port.recv().ok()
});
let data = data.as_ref().and_then(|b| {
let idx = b.iter().position(|b| *b == b'&')?;
Some(b.split_at(idx))
});
if let Some((secret, bytes)) = data {
let secret = str::from_utf8(secret).ok().and_then(|s| s.parse().ok());
if secret == Some(*net_traits::PRIVILEGED_SECRET) {
if let Ok(bytes) = base64::decode(&bytes[1..]) {
context.state.extra_certs.add(bytes);
}
}
}
create_blank_reply(url, request.timing_type())
},

2
components/net/http_loader.rs
View file

@ -1571,7 +1571,7 @@ fn http_network_fetch(
&url,
&request.method,
&request.headers,
request.body.as_mut().and_then(|body| body.take_stream()),
request.body.as_mut().map(|body| body.take_stream()),
&request.pipeline_id,
request_id.as_ref().map(Deref::deref),
is_xhr,

6
components/net_traits/request.rs
View file

@ -164,7 +164,7 @@ impl RequestBody {
}
}
pub fn take_stream(&mut self) -> Option<IpcSender<BodyChunkRequest>> {
pub fn take_stream(&mut self) -> IpcSender<BodyChunkRequest> {
if self.read_from {
match self.source {
BodySource::Null => panic!(
@ -174,12 +174,12 @@ impl RequestBody {
let (chan, port) = ipc::channel().unwrap();
let _ = self.chan.send(BodyChunkRequest::Extract(port));
self.chan = chan.clone();
return Some(chan);
return chan;
},
}
}
self.read_from = true;
Some(self.chan.clone())
self.chan.clone()
}
pub fn source_is_null(&self) -> bool {

4
resources/badcert.html
View file

@ -14,11 +14,11 @@
if (bytes.length) {
button.onclick = function() {
let xhr = new XMLHttpRequest();
xhr.open('GET', 'chrome:allowcert?secret=${secret}&bytes=' + btoa(bytes));
xhr.open('POST', 'chrome:allowcert');
xhr.onloadend = function() {
location.reload(true);
};
xhr.send();
xhr.send("${secret}&" + btoa(bytes));
};
} else {
button.style.display = "none";