From 5f62b175fee8114bcc3cb1eb299e69e1fda27902 Mon Sep 17 00:00:00 2001
From: Uthman Yahaya Baba <uthmanyahayababa@gmail.com>
Date: Tue, 22 Apr 2025 15:57:47 +0100
Subject: [PATCH] Replace NetworkError::CorsViolation and
 NetworkError::SecurityBlock  with granular enum variants

Signed-off-by: Uthman Yahaya Baba <uthmanyahayababa@gmail.com>
---
 components/net/fetch/methods.rs | 12 ++++++------
 components/net/http_loader.rs   | 20 ++++++++++----------
 components/shared/net/lib.rs    | 17 +++++++++++++----
 3 files changed, 29 insertions(+), 20 deletions(-)

diff --git a/components/net/fetch/methods.rs b/components/net/fetch/methods.rs
index 17f3ccb9f32..a08128d1471 100644
--- a/components/net/fetch/methods.rs
+++ b/components/net/fetch/methods.rs
@@ -283,7 +283,7 @@ pub async fn main_fetch(
 
     if check_result == csp::CheckResult::Blocked {
         warn!("Request blocked by CSP");
-        response = Some(Response::network_error(NetworkError::SecurityBlock))
+        response = Some(Response::network_error(NetworkError::ContentSecurityPolicy))
     }
     if should_request_be_blocked_due_to_a_bad_port(&request.current_url()) {
         response = Some(Response::network_error(NetworkError::InvalidPort));
@@ -363,11 +363,11 @@ pub async fn main_fetch(
                 // Substep 2. Return the result of running scheme fetch given fetchParams.
                 scheme_fetch(fetch_params, cache, target, done_chan, context).await
             } else if request.mode == RequestMode::SameOrigin {
-                Response::network_error(NetworkError::CorsViolation)
+                Response::network_error(NetworkError::CrossOriginResponse)
             } else if request.mode == RequestMode::NoCors {
                 // Substep 1. If request’s redirect mode is not "follow", then return a network error.
                 if request.redirect_mode != RedirectMode::Follow {
-                    Response::network_error(NetworkError::CorsViolation)
+                    Response::network_error(NetworkError::RedirectError)
                 } else {
                     // Substep 2. Set request’s response tainting to "opaque".
                     request.response_tainting = ResponseTainting::Opaque;
@@ -511,11 +511,11 @@ pub async fn main_fetch(
 
         let internal_response = if should_replace_with_nosniff_error {
             // Defer rebinding result
-            blocked_error_response = Response::network_error(NetworkError::SecurityBlock);
+            blocked_error_response = Response::network_error(NetworkError::Nosniff);
             &blocked_error_response
         } else if should_replace_with_mime_type_error {
             // Defer rebinding result
-            blocked_error_response = Response::network_error(NetworkError::SecurityBlock);
+            blocked_error_response = Response::network_error(NetworkError::MimeType);
             &blocked_error_response
         } else if should_replace_with_mixed_content {
             blocked_error_response = Response::network_error(NetworkError::MixedContent);
@@ -579,7 +579,7 @@ pub async fn main_fetch(
         if response.termination_reason.is_none() &&
             !is_response_integrity_valid(integrity_metadata, &response)
         {
-            Response::network_error(NetworkError::SecurityBlock)
+            Response::network_error(NetworkError::SubresourceIntegrity)
         } else {
             response
         }
diff --git a/components/net/http_loader.rs b/components/net/http_loader.rs
index c23593f1baa..0a0ab4d696b 100644
--- a/components/net/http_loader.rs
+++ b/components/net/http_loader.rs
@@ -843,7 +843,7 @@ pub async fn http_fetch(
 
         // Substep 4
         if cors_flag && cors_check(&fetch_params.request, &fetch_result).is_err() {
-            return Response::network_error(NetworkError::CorsViolation);
+            return Response::network_error(NetworkError::CorsGeneral);
         }
 
         fetch_result.return_internal = false;
@@ -1036,7 +1036,7 @@ pub async fn http_redirect_fetch(
     let has_credentials = has_credentials(&location_url);
 
     if request.mode == RequestMode::CorsMode && !same_origin && has_credentials {
-        return Response::network_error(NetworkError::CorsViolation);
+        return Response::network_error(NetworkError::CorsCredentials);
     }
 
     // Step 9
@@ -1046,7 +1046,7 @@ pub async fn http_redirect_fetch(
 
     // Step 10
     if cors_flag && has_credentials {
-        return Response::network_error(NetworkError::CorsViolation);
+        return Response::network_error(NetworkError::CorsCredentials);
     }
 
     // Step 11: If internalResponse’s status is not 303, request’s body is non-null, and request’s
@@ -1601,7 +1601,7 @@ async fn http_network_or_cache_fetch(
         cross_origin_resource_policy_check(http_request, &response) ==
             CrossOriginResourcePolicy::Blocked
     {
-        return Response::network_error(NetworkError::CorsViolation);
+        return Response::network_error(NetworkError::CorsGeneral);
     }
 
     // TODO(#33616): Step 11. Set response’s URL list to a clone of httpRequest’s URL list.
@@ -2169,7 +2169,7 @@ async fn cors_preflight_fetch(
                 Some(methods) => methods.iter().collect(),
                 // Substep 3
                 None => {
-                    return Response::network_error(NetworkError::CorsViolation);
+                    return Response::network_error(NetworkError::CorsAllowMethods);
                 },
             }
         } else {
@@ -2185,7 +2185,7 @@ async fn cors_preflight_fetch(
                 Some(names) => names.iter().collect(),
                 // Substep 3
                 None => {
-                    return Response::network_error(NetworkError::CorsViolation);
+                    return Response::network_error(NetworkError::CorsAllowHeaders);
                 },
             }
         } else {
@@ -2210,7 +2210,7 @@ async fn cors_preflight_fetch(
             (request.credentials_mode == CredentialsMode::Include ||
                 methods.iter().all(|m| m.as_ref() != "*"))
         {
-            return Response::network_error(NetworkError::CorsViolation);
+            return Response::network_error(NetworkError::CorsMethod);
         }
 
         debug!(
@@ -2223,7 +2223,7 @@ async fn cors_preflight_fetch(
             is_cors_non_wildcard_request_header_name(name) &&
                 header_names.iter().all(|hn| hn != name)
         }) {
-            return Response::network_error(NetworkError::CorsViolation);
+            return Response::network_error(NetworkError::CorsAuthorization);
         }
 
         // Substep 7
@@ -2236,7 +2236,7 @@ async fn cors_preflight_fetch(
                 (request.credentials_mode == CredentialsMode::Include ||
                     !header_names_contains_star)
             {
-                return Response::network_error(NetworkError::CorsViolation);
+                return Response::network_error(NetworkError::CorsHeaders);
             }
         }
 
@@ -2266,7 +2266,7 @@ async fn cors_preflight_fetch(
     }
 
     // Step 8
-    Response::network_error(NetworkError::CorsViolation)
+    Response::network_error(NetworkError::CorsGeneral)
 }
 
 /// [CORS check](https://fetch.spec.whatwg.org#concept-cors-check)
diff --git a/components/shared/net/lib.rs b/components/shared/net/lib.rs
index 0da8867d4c8..8d1c199ef48 100644
--- a/components/shared/net/lib.rs
+++ b/components/shared/net/lib.rs
@@ -934,17 +934,26 @@ pub enum NetworkError {
     /// Crash error, to be converted to Resource::Crash in the HTML parser.
     Crash(String),
     UnsupportedScheme,
-    CorsViolation,
+    CorsGeneral,
+    CrossOriginResponse,
+    CorsCredentials,
+    CorsAllowMethods,
+    CorsAllowHeaders,
+    CorsMethod,
+    CorsAuthorization,
+    CorsHeaders,
     ConnectionFailure,
-    Timeout,
     RedirectError,
     InvalidMethod,
     ResourceError,
-    SecurityBlock,
+    ContentSecurityPolicy,
+    Nosniff,
+    MimeType,
+    SubresourceIntegrity,
     MixedContent,
     CacheError,
     InvalidPort,
-    LocalDirectoryError,
+    LocalDirectoryError, 
 }
 
 impl NetworkError {