Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-08-06 14:10:11 +01:00
Code Issues Projects Releases Packages Wiki Activity

Moves STS update code to a function

Browse source
This commit is contained in:
Sam Gibson 2015-08-15 17:32:01 +10:00
parent c093ce8a5a
commit 5a60fdf4ca
2 changed files with 54 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

49
components/net/http_loader.rs
View file

@ -317,6 +317,31 @@ fn request_must_be_secured(url: &Url, resource_mgr_chan: &IpcSender<ControlMsg>)
rx.recv().unwrap()
}
#[inline(always)]
fn update_sts_list_from_response(url: &Url, response: &HttpResponse, resource_mgr_chan: &IpcSender<ControlMsg>) {
if url.scheme == "https" {
if let Some(header) = response.headers().get::<StrictTransportSecurity>() {
if let Some(host) = url.domain() {
info!("adding host {} to the strict transport security list", host);
info!("- max-age {}", header.max_age);
let include_subdomains = if header.include_subdomains {
info!("- includeSubdomains");
IncludeSubdomains::Included
} else {
IncludeSubdomains::NotIncluded
};
resource_mgr_chan.send(
ControlMsg::SetHSTSEntryForHost(
host.to_string(), include_subdomains, header.max_age
)
).unwrap();
}
}
}
}
pub fn load<A>(mut load_data: LoadData,
resource_mgr_chan: IpcSender<ControlMsg>,
devtools_chan: Option<Sender<DevtoolsControlMsg>>,
@ -420,7 +445,6 @@ pub fn load<A>(mut load_data: LoadData,
net_event))).unwrap();
}
// Dump headers, but only do the iteration if info!() is enabled.
info!("got HTTP response {}, headers:", response.status());
if log_enabled!(log::LogLevel::Info) {
for header in response.headers().iter() {
@ -429,28 +453,7 @@ pub fn load<A>(mut load_data: LoadData,
}
set_cookies_from_response(doc_url.clone(), &response, &resource_mgr_chan);
if url.scheme == "https" {
if let Some(header) = response.headers().get::<StrictTransportSecurity>() {
if let Some(host) = url.domain() {
info!("adding host {} to the strict transport security list", host);
info!("- max-age {}", header.max_age);
let include_subdomains = if header.include_subdomains {
info!("- includeSubdomains");
IncludeSubdomains::Included
} else {
IncludeSubdomains::NotIncluded
};
resource_mgr_chan.send(
ControlMsg::SetHSTSEntryForHost(
host.to_string(), include_subdomains, header.max_age
)
).unwrap();
}
}
}
update_sts_list_from_response(&url, &response, &resource_mgr_chan);
// --- Loop if there's a redirect
if response.status().class() == StatusClass::Redirection {

28
tests/unit/net/http_loader.rs
View file

@ -188,6 +188,34 @@ fn assert_cookie_for_domain(resource_mgr: &ResourceTask, domain: &str, cookie: &
}
}
#[test]
fn test_load_doesnt_add_host_to_sts_list_when_url_is_http_even_if_sts_headers_are_present() {
struct Factory;
impl HttpRequestFactory for Factory {
type R=MockRequest;
fn create(&self, _: Url, _: Method) -> Result<MockRequest, LoadError> {
let content = <[_]>::to_vec("Yay!".as_bytes());
let mut headers = Headers::new();
headers.set_raw("Strict-Transport-Security", vec![b"max-age=31536000".to_vec()]);
Ok(MockRequest::new(RequestType::WithHeaders(content, headers)))
}
}
let url = Url::parse("http://mozilla.com").unwrap();
let resource_mgr = new_resource_task(None, None);
let load_data = LoadData::new(url.clone(), None);
let _ = load::<MockRequest>(load_data, resource_mgr.clone(), None, &Factory);
let (tx, rx) = ipc::channel().unwrap();
resource_mgr.send(ControlMsg::GetHostMustBeSecured("mozilla.com".to_string(), tx)).unwrap();
assert!(!rx.recv().unwrap());
}
#[test]
fn test_load_adds_host_to_sts_list_when_url_is_https_and_sts_headers_are_present() {
struct Factory;