From 5a60fdf4ca9218137667af91629b34d44c36d909 Mon Sep 17 00:00:00 2001 From: Sam Gibson Date: Sat, 15 Aug 2015 17:32:01 +1000 Subject: [PATCH] Moves STS update code to a function --- components/net/http_loader.rs | 49 +++++++++++++++++++---------------- tests/unit/net/http_loader.rs | 28 ++++++++++++++++++++ 2 files changed, 54 insertions(+), 23 deletions(-) diff --git a/components/net/http_loader.rs b/components/net/http_loader.rs index d79f90e1d06..c6546dabba5 100644 --- a/components/net/http_loader.rs +++ b/components/net/http_loader.rs @@ -317,6 +317,31 @@ fn request_must_be_secured(url: &Url, resource_mgr_chan: &IpcSender) rx.recv().unwrap() } +#[inline(always)] +fn update_sts_list_from_response(url: &Url, response: &HttpResponse, resource_mgr_chan: &IpcSender) { + if url.scheme == "https" { + if let Some(header) = response.headers().get::() { + if let Some(host) = url.domain() { + info!("adding host {} to the strict transport security list", host); + info!("- max-age {}", header.max_age); + + let include_subdomains = if header.include_subdomains { + info!("- includeSubdomains"); + IncludeSubdomains::Included + } else { + IncludeSubdomains::NotIncluded + }; + + resource_mgr_chan.send( + ControlMsg::SetHSTSEntryForHost( + host.to_string(), include_subdomains, header.max_age + ) + ).unwrap(); + } + } + } +} + pub fn load(mut load_data: LoadData, resource_mgr_chan: IpcSender, devtools_chan: Option>, @@ -420,7 +445,6 @@ pub fn load(mut load_data: LoadData, net_event))).unwrap(); } - // Dump headers, but only do the iteration if info!() is enabled. info!("got HTTP response {}, headers:", response.status()); if log_enabled!(log::LogLevel::Info) { for header in response.headers().iter() { @@ -429,28 +453,7 @@ pub fn load(mut load_data: LoadData, } set_cookies_from_response(doc_url.clone(), &response, &resource_mgr_chan); - - if url.scheme == "https" { - if let Some(header) = response.headers().get::() { - if let Some(host) = url.domain() { - info!("adding host {} to the strict transport security list", host); - info!("- max-age {}", header.max_age); - - let include_subdomains = if header.include_subdomains { - info!("- includeSubdomains"); - IncludeSubdomains::Included - } else { - IncludeSubdomains::NotIncluded - }; - - resource_mgr_chan.send( - ControlMsg::SetHSTSEntryForHost( - host.to_string(), include_subdomains, header.max_age - ) - ).unwrap(); - } - } - } + update_sts_list_from_response(&url, &response, &resource_mgr_chan); // --- Loop if there's a redirect if response.status().class() == StatusClass::Redirection { diff --git a/tests/unit/net/http_loader.rs b/tests/unit/net/http_loader.rs index a787f46e3f5..79f5c29a8ba 100644 --- a/tests/unit/net/http_loader.rs +++ b/tests/unit/net/http_loader.rs @@ -188,6 +188,34 @@ fn assert_cookie_for_domain(resource_mgr: &ResourceTask, domain: &str, cookie: & } } +#[test] +fn test_load_doesnt_add_host_to_sts_list_when_url_is_http_even_if_sts_headers_are_present() { + struct Factory; + + impl HttpRequestFactory for Factory { + type R=MockRequest; + + fn create(&self, _: Url, _: Method) -> Result { + let content = <[_]>::to_vec("Yay!".as_bytes()); + let mut headers = Headers::new(); + headers.set_raw("Strict-Transport-Security", vec![b"max-age=31536000".to_vec()]); + Ok(MockRequest::new(RequestType::WithHeaders(content, headers))) + } + } + + let url = Url::parse("http://mozilla.com").unwrap(); + let resource_mgr = new_resource_task(None, None); + + let load_data = LoadData::new(url.clone(), None); + + let _ = load::(load_data, resource_mgr.clone(), None, &Factory); + + let (tx, rx) = ipc::channel().unwrap(); + resource_mgr.send(ControlMsg::GetHostMustBeSecured("mozilla.com".to_string(), tx)).unwrap(); + + assert!(!rx.recv().unwrap()); +} + #[test] fn test_load_adds_host_to_sts_list_when_url_is_https_and_sts_headers_are_present() { struct Factory;