mirror of
https://github.com/servo/servo.git
synced 2025-08-03 12:40:06 +01:00
check http_state in determine_request_referrer
This commit is contained in:
parent
79b6758cb9
commit
a7c5c97616
12 changed files with 133 additions and 46 deletions
|
@ -250,6 +250,7 @@ pub fn main_fetch(
|
||||||
request.referrer_policy.unwrap(),
|
request.referrer_policy.unwrap(),
|
||||||
url,
|
url,
|
||||||
current_url,
|
current_url,
|
||||||
|
request.https_state,
|
||||||
)
|
)
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
|
|
|
@ -166,28 +166,65 @@ pub fn set_default_accept_language(headers: &mut HeaderMap) {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-state-no-referrer-when-downgrade>
|
/// <https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-state-no-referrer-when-downgrade>
|
||||||
fn no_referrer_when_downgrade_header(referrer_url: ServoUrl, url: ServoUrl) -> Option<ServoUrl> {
|
fn no_referrer_when_downgrade_header(
|
||||||
if referrer_url.scheme() == "https" && url.scheme() != "https" {
|
referrer_url: ServoUrl,
|
||||||
|
url: ServoUrl,
|
||||||
|
https_state: HttpsState,
|
||||||
|
) -> Option<ServoUrl> {
|
||||||
|
if https_state == HttpsState::Modern && !is_origin_trustworthy(url) {
|
||||||
return None;
|
return None;
|
||||||
}
|
}
|
||||||
return strip_url(referrer_url, false);
|
return strip_url(referrer_url, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin>
|
/// <https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin>
|
||||||
fn strict_origin(referrer_url: ServoUrl, url: ServoUrl) -> Option<ServoUrl> {
|
fn strict_origin(
|
||||||
if referrer_url.scheme() == "https" && url.scheme() != "https" {
|
referrer_url: ServoUrl,
|
||||||
|
url: ServoUrl,
|
||||||
|
https_state: HttpsState,
|
||||||
|
) -> Option<ServoUrl> {
|
||||||
|
if https_state == HttpsState::Modern && !is_origin_trustworthy(url) {
|
||||||
return None;
|
return None;
|
||||||
}
|
}
|
||||||
strip_url(referrer_url, true)
|
strip_url(referrer_url, true)
|
||||||
}
|
}
|
||||||
|
|
||||||
/// <https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin-when-cross-origin>
|
/// <https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-strict-origin-when-cross-origin>
|
||||||
fn strict_origin_when_cross_origin(referrer_url: ServoUrl, url: ServoUrl) -> Option<ServoUrl> {
|
fn strict_origin_when_cross_origin(
|
||||||
if referrer_url.scheme() == "https" && url.scheme() != "https" {
|
referrer_url: ServoUrl,
|
||||||
|
url: ServoUrl,
|
||||||
|
https_state: HttpsState,
|
||||||
|
) -> Option<ServoUrl> {
|
||||||
|
let same_origin = referrer_url.origin() == url.origin();
|
||||||
|
if same_origin {
|
||||||
|
return strip_url(referrer_url, false);
|
||||||
|
}
|
||||||
|
if https_state == HttpsState::Modern && !is_origin_trustworthy(url) {
|
||||||
return None;
|
return None;
|
||||||
}
|
}
|
||||||
let cross_origin = referrer_url.origin() != url.origin();
|
strip_url(referrer_url, true)
|
||||||
strip_url(referrer_url, cross_origin)
|
}
|
||||||
|
|
||||||
|
/// <https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy>
|
||||||
|
fn is_origin_trustworthy(url: ServoUrl) -> bool {
|
||||||
|
match url.origin() {
|
||||||
|
// Step 1
|
||||||
|
ImmutableOrigin::Opaque(_) => false,
|
||||||
|
ImmutableOrigin::Tuple(_, _, _) => {
|
||||||
|
// Step 3
|
||||||
|
if url.scheme() == "https" || url.scheme() == "wss" {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
// Step 4-5 TODO
|
||||||
|
// Step 6
|
||||||
|
if url.scheme() == "file" {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
// Step 7-8 TODO
|
||||||
|
// Step 9
|
||||||
|
false
|
||||||
|
},
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/// https://html.spec.whatwg.org/multipage/#schemelessly-same-site
|
/// https://html.spec.whatwg.org/multipage/#schemelessly-same-site
|
||||||
|
@ -239,13 +276,12 @@ pub fn determine_request_referrer(
|
||||||
referrer_policy: ReferrerPolicy,
|
referrer_policy: ReferrerPolicy,
|
||||||
referrer_source: ServoUrl,
|
referrer_source: ServoUrl,
|
||||||
current_url: ServoUrl,
|
current_url: ServoUrl,
|
||||||
|
https_state: HttpsState,
|
||||||
) -> Option<ServoUrl> {
|
) -> Option<ServoUrl> {
|
||||||
assert!(!headers.contains_key(header::REFERER));
|
assert!(!headers.contains_key(header::REFERER));
|
||||||
// FIXME(#14505): this does not seem to be the correct way of checking for
|
// FIXME(#14505): this does not seem to be the correct way of checking for
|
||||||
// same-origin requests.
|
// same-origin requests.
|
||||||
let cross_origin = referrer_source.origin() != current_url.origin();
|
let cross_origin = referrer_source.origin() != current_url.origin();
|
||||||
// FIXME(#14506): some of these cases are expected to consider whether the
|
|
||||||
// request's client is "TLS-protected", whatever that means.
|
|
||||||
match referrer_policy {
|
match referrer_policy {
|
||||||
ReferrerPolicy::NoReferrer => None,
|
ReferrerPolicy::NoReferrer => None,
|
||||||
ReferrerPolicy::Origin => strip_url(referrer_source, true),
|
ReferrerPolicy::Origin => strip_url(referrer_source, true),
|
||||||
|
@ -258,12 +294,12 @@ pub fn determine_request_referrer(
|
||||||
},
|
},
|
||||||
ReferrerPolicy::UnsafeUrl => strip_url(referrer_source, false),
|
ReferrerPolicy::UnsafeUrl => strip_url(referrer_source, false),
|
||||||
ReferrerPolicy::OriginWhenCrossOrigin => strip_url(referrer_source, cross_origin),
|
ReferrerPolicy::OriginWhenCrossOrigin => strip_url(referrer_source, cross_origin),
|
||||||
ReferrerPolicy::StrictOrigin => strict_origin(referrer_source, current_url),
|
ReferrerPolicy::StrictOrigin => strict_origin(referrer_source, current_url, https_state),
|
||||||
ReferrerPolicy::StrictOriginWhenCrossOrigin => {
|
ReferrerPolicy::StrictOriginWhenCrossOrigin => {
|
||||||
strict_origin_when_cross_origin(referrer_source, current_url)
|
strict_origin_when_cross_origin(referrer_source, current_url, https_state)
|
||||||
},
|
},
|
||||||
ReferrerPolicy::NoReferrerWhenDowngrade => {
|
ReferrerPolicy::NoReferrerWhenDowngrade => {
|
||||||
no_referrer_when_downgrade_header(referrer_source, current_url)
|
no_referrer_when_downgrade_header(referrer_source, current_url, https_state)
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,7 +7,7 @@ use headers::{ContentType, HeaderMapExt};
|
||||||
use hyper_serde::Serde;
|
use hyper_serde::Serde;
|
||||||
use mime::{self, Mime};
|
use mime::{self, Mime};
|
||||||
use net_traits::request::{Origin, Request};
|
use net_traits::request::{Origin, Request};
|
||||||
use net_traits::response::ResponseBody;
|
use net_traits::response::{HttpsState, ResponseBody};
|
||||||
use net_traits::{FetchMetadata, FilteredMetadata, NetworkError};
|
use net_traits::{FetchMetadata, FilteredMetadata, NetworkError};
|
||||||
use servo_url::ServoUrl;
|
use servo_url::ServoUrl;
|
||||||
use std::ops::Deref;
|
use std::ops::Deref;
|
||||||
|
@ -21,7 +21,7 @@ fn assert_parse(
|
||||||
) {
|
) {
|
||||||
let url = ServoUrl::parse(url).unwrap();
|
let url = ServoUrl::parse(url).unwrap();
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
|
|
||||||
let response = fetch(&mut request, None);
|
let response = fetch(&mut request, None);
|
||||||
|
|
||||||
|
|
|
@ -33,7 +33,7 @@ use net_traits::filemanager_thread::FileTokenCheck;
|
||||||
use net_traits::request::{
|
use net_traits::request::{
|
||||||
Destination, Origin, RedirectMode, Referrer, Request, RequestBuilder, RequestMode,
|
Destination, Origin, RedirectMode, Referrer, Request, RequestBuilder, RequestMode,
|
||||||
};
|
};
|
||||||
use net_traits::response::{CacheState, Response, ResponseBody, ResponseType};
|
use net_traits::response::{CacheState, HttpsState, Response, ResponseBody, ResponseType};
|
||||||
use net_traits::{
|
use net_traits::{
|
||||||
FetchTaskTarget, IncludeSubdomains, NetworkError, ReferrerPolicy, ResourceFetchTiming,
|
FetchTaskTarget, IncludeSubdomains, NetworkError, ReferrerPolicy, ResourceFetchTiming,
|
||||||
ResourceTimingType,
|
ResourceTimingType,
|
||||||
|
@ -59,7 +59,7 @@ fn test_fetch_response_is_not_network_error() {
|
||||||
let (server, url) = make_server(handler);
|
let (server, url) = make_server(handler);
|
||||||
|
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
let fetch_response = fetch(&mut request, None);
|
let fetch_response = fetch(&mut request, None);
|
||||||
let _ = server.close();
|
let _ = server.close();
|
||||||
|
@ -73,7 +73,7 @@ fn test_fetch_response_is_not_network_error() {
|
||||||
fn test_fetch_on_bad_port_is_network_error() {
|
fn test_fetch_on_bad_port_is_network_error() {
|
||||||
let url = ServoUrl::parse("http://www.example.org:6667").unwrap();
|
let url = ServoUrl::parse("http://www.example.org:6667").unwrap();
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
let fetch_response = fetch(&mut request, None);
|
let fetch_response = fetch(&mut request, None);
|
||||||
assert!(fetch_response.is_network_error());
|
assert!(fetch_response.is_network_error());
|
||||||
|
@ -93,7 +93,7 @@ fn test_fetch_response_body_matches_const_message() {
|
||||||
let (server, url) = make_server(handler);
|
let (server, url) = make_server(handler);
|
||||||
|
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
let fetch_response = fetch(&mut request, None);
|
let fetch_response = fetch(&mut request, None);
|
||||||
let _ = server.close();
|
let _ = server.close();
|
||||||
|
@ -113,7 +113,7 @@ fn test_fetch_response_body_matches_const_message() {
|
||||||
fn test_fetch_aboutblank() {
|
fn test_fetch_aboutblank() {
|
||||||
let url = ServoUrl::parse("about:blank").unwrap();
|
let url = ServoUrl::parse("about:blank").unwrap();
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
|
|
||||||
let fetch_response = fetch(&mut request, None);
|
let fetch_response = fetch(&mut request, None);
|
||||||
|
@ -174,7 +174,12 @@ fn test_fetch_blob() {
|
||||||
.promote_memory(id.clone(), blob_buf, true, "http://www.example.org".into());
|
.promote_memory(id.clone(), blob_buf, true, "http://www.example.org".into());
|
||||||
let url = ServoUrl::parse(&format!("blob:{}{}", origin.as_str(), id.to_simple())).unwrap();
|
let url = ServoUrl::parse(&format!("blob:{}{}", origin.as_str(), id.to_simple())).unwrap();
|
||||||
|
|
||||||
let mut request = Request::new(url, Some(Origin::Origin(origin.origin())), None);
|
let mut request = Request::new(
|
||||||
|
url,
|
||||||
|
Some(Origin::Origin(origin.origin())),
|
||||||
|
None,
|
||||||
|
HttpsState::None,
|
||||||
|
);
|
||||||
|
|
||||||
let (sender, receiver) = unbounded();
|
let (sender, receiver) = unbounded();
|
||||||
|
|
||||||
|
@ -215,7 +220,7 @@ fn test_file() {
|
||||||
let url = ServoUrl::from_file_path(path.clone()).unwrap();
|
let url = ServoUrl::from_file_path(path.clone()).unwrap();
|
||||||
|
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
|
|
||||||
let pool = CoreResourceThreadPool::new(1);
|
let pool = CoreResourceThreadPool::new(1);
|
||||||
let pool_handle = Arc::new(pool);
|
let pool_handle = Arc::new(pool);
|
||||||
|
@ -257,7 +262,7 @@ fn test_file() {
|
||||||
fn test_fetch_ftp() {
|
fn test_fetch_ftp() {
|
||||||
let url = ServoUrl::parse("ftp://not-supported").unwrap();
|
let url = ServoUrl::parse("ftp://not-supported").unwrap();
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
let fetch_response = fetch(&mut request, None);
|
let fetch_response = fetch(&mut request, None);
|
||||||
assert!(fetch_response.is_network_error());
|
assert!(fetch_response.is_network_error());
|
||||||
|
@ -267,7 +272,7 @@ fn test_fetch_ftp() {
|
||||||
fn test_fetch_bogus_scheme() {
|
fn test_fetch_bogus_scheme() {
|
||||||
let url = ServoUrl::parse("bogus://whatever").unwrap();
|
let url = ServoUrl::parse("bogus://whatever").unwrap();
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
let fetch_response = fetch(&mut request, None);
|
let fetch_response = fetch(&mut request, None);
|
||||||
assert!(fetch_response.is_network_error());
|
assert!(fetch_response.is_network_error());
|
||||||
|
@ -314,7 +319,7 @@ fn test_cors_preflight_fetch() {
|
||||||
let target_url = url.clone().join("a.html").unwrap();
|
let target_url = url.clone().join("a.html").unwrap();
|
||||||
|
|
||||||
let origin = Origin::Origin(ImmutableOrigin::new_opaque());
|
let origin = Origin::Origin(ImmutableOrigin::new_opaque());
|
||||||
let mut request = Request::new(url.clone(), Some(origin), None);
|
let mut request = Request::new(url.clone(), Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::ReferrerUrl(target_url);
|
request.referrer = Referrer::ReferrerUrl(target_url);
|
||||||
request.referrer_policy = Some(ReferrerPolicy::Origin);
|
request.referrer_policy = Some(ReferrerPolicy::Origin);
|
||||||
request.use_cors_preflight = true;
|
request.use_cors_preflight = true;
|
||||||
|
@ -366,7 +371,7 @@ fn test_cors_preflight_cache_fetch() {
|
||||||
let (server, url) = make_server(handler);
|
let (server, url) = make_server(handler);
|
||||||
|
|
||||||
let origin = Origin::Origin(ImmutableOrigin::new_opaque());
|
let origin = Origin::Origin(ImmutableOrigin::new_opaque());
|
||||||
let mut request = Request::new(url.clone(), Some(origin.clone()), None);
|
let mut request = Request::new(url.clone(), Some(origin.clone()), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
request.use_cors_preflight = true;
|
request.use_cors_preflight = true;
|
||||||
request.mode = RequestMode::CorsMode;
|
request.mode = RequestMode::CorsMode;
|
||||||
|
@ -428,7 +433,7 @@ fn test_cors_preflight_fetch_network_error() {
|
||||||
let (server, url) = make_server(handler);
|
let (server, url) = make_server(handler);
|
||||||
|
|
||||||
let origin = Origin::Origin(ImmutableOrigin::new_opaque());
|
let origin = Origin::Origin(ImmutableOrigin::new_opaque());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.method = Method::from_bytes(b"CHICKEN").unwrap();
|
request.method = Method::from_bytes(b"CHICKEN").unwrap();
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
request.use_cors_preflight = true;
|
request.use_cors_preflight = true;
|
||||||
|
@ -457,7 +462,7 @@ fn test_fetch_response_is_basic_filtered() {
|
||||||
let (server, url) = make_server(handler);
|
let (server, url) = make_server(handler);
|
||||||
|
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
let fetch_response = fetch(&mut request, None);
|
let fetch_response = fetch(&mut request, None);
|
||||||
let _ = server.close();
|
let _ = server.close();
|
||||||
|
@ -520,7 +525,7 @@ fn test_fetch_response_is_cors_filtered() {
|
||||||
|
|
||||||
// an origin mis-match will stop it from defaulting to a basic filtered response
|
// an origin mis-match will stop it from defaulting to a basic filtered response
|
||||||
let origin = Origin::Origin(ImmutableOrigin::new_opaque());
|
let origin = Origin::Origin(ImmutableOrigin::new_opaque());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
request.mode = RequestMode::CorsMode;
|
request.mode = RequestMode::CorsMode;
|
||||||
let fetch_response = fetch(&mut request, None);
|
let fetch_response = fetch(&mut request, None);
|
||||||
|
@ -554,7 +559,7 @@ fn test_fetch_response_is_opaque_filtered() {
|
||||||
|
|
||||||
// an origin mis-match will fall through to an Opaque filtered response
|
// an origin mis-match will fall through to an Opaque filtered response
|
||||||
let origin = Origin::Origin(ImmutableOrigin::new_opaque());
|
let origin = Origin::Origin(ImmutableOrigin::new_opaque());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
let fetch_response = fetch(&mut request, None);
|
let fetch_response = fetch(&mut request, None);
|
||||||
let _ = server.close();
|
let _ = server.close();
|
||||||
|
@ -602,7 +607,7 @@ fn test_fetch_response_is_opaque_redirect_filtered() {
|
||||||
let (server, url) = make_server(handler);
|
let (server, url) = make_server(handler);
|
||||||
|
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
request.redirect_mode = RedirectMode::Manual;
|
request.redirect_mode = RedirectMode::Manual;
|
||||||
let fetch_response = fetch(&mut request, None);
|
let fetch_response = fetch(&mut request, None);
|
||||||
|
@ -636,7 +641,7 @@ fn test_fetch_with_local_urls_only() {
|
||||||
|
|
||||||
let do_fetch = |url: ServoUrl| {
|
let do_fetch = |url: ServoUrl| {
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
|
|
||||||
// Set the flag.
|
// Set the flag.
|
||||||
|
@ -698,7 +703,7 @@ fn test_fetch_with_hsts() {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
// Set the flag.
|
// Set the flag.
|
||||||
request.local_urls_only = false;
|
request.local_urls_only = false;
|
||||||
|
@ -780,7 +785,7 @@ fn test_fetch_with_sri_network_error() {
|
||||||
let (server, url) = make_server(handler);
|
let (server, url) = make_server(handler);
|
||||||
|
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
// To calulate hash use :
|
// To calulate hash use :
|
||||||
// echo -n "alert('Hello, Network Error');" | openssl dgst -sha384 -binary | openssl base64 -A
|
// echo -n "alert('Hello, Network Error');" | openssl dgst -sha384 -binary | openssl base64 -A
|
||||||
|
@ -804,7 +809,7 @@ fn test_fetch_with_sri_sucess() {
|
||||||
let (server, url) = make_server(handler);
|
let (server, url) = make_server(handler);
|
||||||
|
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
// To calulate hash use :
|
// To calulate hash use :
|
||||||
// echo -n "alert('Hello, Network Error');" | openssl dgst -sha384 -binary | openssl base64 -A
|
// echo -n "alert('Hello, Network Error');" | openssl dgst -sha384 -binary | openssl base64 -A
|
||||||
|
@ -844,7 +849,7 @@ fn test_fetch_blocked_nosniff() {
|
||||||
let (server, url) = make_server(handler);
|
let (server, url) = make_server(handler);
|
||||||
|
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.destination = destination;
|
request.destination = destination;
|
||||||
let fetch_response = fetch(&mut request, None);
|
let fetch_response = fetch(&mut request, None);
|
||||||
let _ = server.close();
|
let _ = server.close();
|
||||||
|
@ -888,7 +893,7 @@ fn setup_server_and_fetch(message: &'static [u8], redirect_cap: u32) -> Response
|
||||||
let (server, url) = make_server(handler);
|
let (server, url) = make_server(handler);
|
||||||
|
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
let fetch_response = fetch(&mut request, None);
|
let fetch_response = fetch(&mut request, None);
|
||||||
let _ = server.close();
|
let _ = server.close();
|
||||||
|
@ -976,7 +981,7 @@ fn test_fetch_redirect_updates_method_runner(
|
||||||
let (server, url) = make_server(handler);
|
let (server, url) = make_server(handler);
|
||||||
|
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
request.method = method;
|
request.method = method;
|
||||||
|
|
||||||
|
@ -1059,7 +1064,7 @@ fn test_fetch_async_returns_complete_response() {
|
||||||
let (server, url) = make_server(handler);
|
let (server, url) = make_server(handler);
|
||||||
|
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
|
|
||||||
let fetch_response = fetch(&mut request, None);
|
let fetch_response = fetch(&mut request, None);
|
||||||
|
@ -1078,7 +1083,7 @@ fn test_opaque_filtered_fetch_async_returns_complete_response() {
|
||||||
|
|
||||||
// an origin mis-match will fall through to an Opaque filtered response
|
// an origin mis-match will fall through to an Opaque filtered response
|
||||||
let origin = Origin::Origin(ImmutableOrigin::new_opaque());
|
let origin = Origin::Origin(ImmutableOrigin::new_opaque());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
|
|
||||||
let fetch_response = fetch(&mut request, None);
|
let fetch_response = fetch(&mut request, None);
|
||||||
|
@ -1114,7 +1119,7 @@ fn test_opaque_redirect_filtered_fetch_async_returns_complete_response() {
|
||||||
let (server, url) = make_server(handler);
|
let (server, url) = make_server(handler);
|
||||||
|
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url, Some(origin), None);
|
let mut request = Request::new(url, Some(origin), None, HttpsState::None);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
request.redirect_mode = RedirectMode::Manual;
|
request.redirect_mode = RedirectMode::Manual;
|
||||||
|
|
||||||
|
@ -1136,7 +1141,12 @@ fn test_fetch_with_devtools() {
|
||||||
let (server, url) = make_server(handler);
|
let (server, url) = make_server(handler);
|
||||||
|
|
||||||
let origin = Origin::Origin(url.origin());
|
let origin = Origin::Origin(url.origin());
|
||||||
let mut request = Request::new(url.clone(), Some(origin), Some(TEST_PIPELINE_ID));
|
let mut request = Request::new(
|
||||||
|
url.clone(),
|
||||||
|
Some(origin),
|
||||||
|
Some(TEST_PIPELINE_ID),
|
||||||
|
HttpsState::None,
|
||||||
|
);
|
||||||
request.referrer = Referrer::NoReferrer;
|
request.referrer = Referrer::NoReferrer;
|
||||||
|
|
||||||
let (devtools_chan, devtools_port) = unbounded();
|
let (devtools_chan, devtools_port) = unbounded();
|
||||||
|
|
|
@ -8,7 +8,7 @@ use http::StatusCode;
|
||||||
use msg::constellation_msg::TEST_PIPELINE_ID;
|
use msg::constellation_msg::TEST_PIPELINE_ID;
|
||||||
use net::http_cache::HttpCache;
|
use net::http_cache::HttpCache;
|
||||||
use net_traits::request::{Origin, Request};
|
use net_traits::request::{Origin, Request};
|
||||||
use net_traits::response::{Response, ResponseBody};
|
use net_traits::response::{HttpsState, Response, ResponseBody};
|
||||||
use net_traits::{ResourceFetchTiming, ResourceTimingType};
|
use net_traits::{ResourceFetchTiming, ResourceTimingType};
|
||||||
use servo_url::ServoUrl;
|
use servo_url::ServoUrl;
|
||||||
|
|
||||||
|
@ -24,6 +24,7 @@ fn test_refreshing_resource_sets_done_chan_the_appropriate_value() {
|
||||||
url.clone(),
|
url.clone(),
|
||||||
Some(Origin::Origin(url.clone().origin())),
|
Some(Origin::Origin(url.clone().origin())),
|
||||||
Some(TEST_PIPELINE_ID),
|
Some(TEST_PIPELINE_ID),
|
||||||
|
HttpsState::None,
|
||||||
);
|
);
|
||||||
let timing = ResourceFetchTiming::new(ResourceTimingType::Navigation);
|
let timing = ResourceFetchTiming::new(ResourceTimingType::Navigation);
|
||||||
let mut response = Response::new(url.clone(), timing);
|
let mut response = Response::new(url.clone(), timing);
|
||||||
|
|
|
@ -31,7 +31,7 @@ use net::http_loader::determine_request_referrer;
|
||||||
use net::resource_thread::AuthCacheEntry;
|
use net::resource_thread::AuthCacheEntry;
|
||||||
use net::test::replace_host_table;
|
use net::test::replace_host_table;
|
||||||
use net_traits::request::{CredentialsMode, Destination, RequestBuilder, RequestMode};
|
use net_traits::request::{CredentialsMode, Destination, RequestBuilder, RequestMode};
|
||||||
use net_traits::response::ResponseBody;
|
use net_traits::response::{HttpsState, ResponseBody};
|
||||||
use net_traits::{CookieSource, NetworkError, ReferrerPolicy};
|
use net_traits::{CookieSource, NetworkError, ReferrerPolicy};
|
||||||
use servo_url::{ImmutableOrigin, ServoUrl};
|
use servo_url::{ImmutableOrigin, ServoUrl};
|
||||||
use std::collections::HashMap;
|
use std::collections::HashMap;
|
||||||
|
@ -1433,6 +1433,7 @@ fn test_determine_request_referrer_shorter_than_4k() {
|
||||||
ReferrerPolicy::UnsafeUrl,
|
ReferrerPolicy::UnsafeUrl,
|
||||||
referrer_source,
|
referrer_source,
|
||||||
current_url,
|
current_url,
|
||||||
|
HttpsState::None,
|
||||||
);
|
);
|
||||||
|
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
|
@ -1457,6 +1458,7 @@ fn test_determine_request_referrer_longer_than_4k() {
|
||||||
ReferrerPolicy::UnsafeUrl,
|
ReferrerPolicy::UnsafeUrl,
|
||||||
referrer_source,
|
referrer_source,
|
||||||
current_url,
|
current_url,
|
||||||
|
HttpsState::None,
|
||||||
);
|
);
|
||||||
|
|
||||||
assert_eq!(referer.unwrap().as_str(), "http://example.com/");
|
assert_eq!(referer.unwrap().as_str(), "http://example.com/");
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||||
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
|
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
|
||||||
|
|
||||||
|
use crate::response::HttpsState;
|
||||||
use crate::ReferrerPolicy;
|
use crate::ReferrerPolicy;
|
||||||
use crate::ResourceTimingType;
|
use crate::ResourceTimingType;
|
||||||
use content_security_policy::{self as csp, CspList};
|
use content_security_policy::{self as csp, CspList};
|
||||||
|
@ -156,6 +157,7 @@ pub struct RequestBuilder {
|
||||||
pub url_list: Vec<ServoUrl>,
|
pub url_list: Vec<ServoUrl>,
|
||||||
pub parser_metadata: ParserMetadata,
|
pub parser_metadata: ParserMetadata,
|
||||||
pub initiator: Initiator,
|
pub initiator: Initiator,
|
||||||
|
pub https_state: HttpsState,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl RequestBuilder {
|
impl RequestBuilder {
|
||||||
|
@ -184,6 +186,7 @@ impl RequestBuilder {
|
||||||
parser_metadata: ParserMetadata::Default,
|
parser_metadata: ParserMetadata::Default,
|
||||||
initiator: Initiator::None,
|
initiator: Initiator::None,
|
||||||
csp_list: None,
|
csp_list: None,
|
||||||
|
https_state: HttpsState::None,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -277,11 +280,17 @@ impl RequestBuilder {
|
||||||
self
|
self
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn https_state(mut self, https_state: HttpsState) -> RequestBuilder {
|
||||||
|
self.https_state = https_state;
|
||||||
|
self
|
||||||
|
}
|
||||||
|
|
||||||
pub fn build(self) -> Request {
|
pub fn build(self) -> Request {
|
||||||
let mut request = Request::new(
|
let mut request = Request::new(
|
||||||
self.url.clone(),
|
self.url.clone(),
|
||||||
Some(Origin::Origin(self.origin)),
|
Some(Origin::Origin(self.origin)),
|
||||||
self.pipeline_id,
|
self.pipeline_id,
|
||||||
|
self.https_state,
|
||||||
);
|
);
|
||||||
request.initiator = self.initiator;
|
request.initiator = self.initiator;
|
||||||
request.method = self.method;
|
request.method = self.method;
|
||||||
|
@ -380,10 +389,16 @@ pub struct Request {
|
||||||
// boundary every time a redirect occurs.
|
// boundary every time a redirect occurs.
|
||||||
#[ignore_malloc_size_of = "Defined in rust-content-security-policy"]
|
#[ignore_malloc_size_of = "Defined in rust-content-security-policy"]
|
||||||
pub csp_list: Option<CspList>,
|
pub csp_list: Option<CspList>,
|
||||||
|
pub https_state: HttpsState,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Request {
|
impl Request {
|
||||||
pub fn new(url: ServoUrl, origin: Option<Origin>, pipeline_id: Option<PipelineId>) -> Request {
|
pub fn new(
|
||||||
|
url: ServoUrl,
|
||||||
|
origin: Option<Origin>,
|
||||||
|
pipeline_id: Option<PipelineId>,
|
||||||
|
https_state: HttpsState,
|
||||||
|
) -> Request {
|
||||||
Request {
|
Request {
|
||||||
method: Method::GET,
|
method: Method::GET,
|
||||||
local_urls_only: false,
|
local_urls_only: false,
|
||||||
|
@ -413,6 +428,7 @@ impl Request {
|
||||||
redirect_count: 0,
|
redirect_count: 0,
|
||||||
response_tainting: ResponseTainting::Basic,
|
response_tainting: ResponseTainting::Basic,
|
||||||
csp_list: None,
|
csp_list: None,
|
||||||
|
https_state: https_state,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -306,6 +306,7 @@ impl DedicatedWorkerGlobalScope {
|
||||||
let current_global = GlobalScope::current().expect("No current global object");
|
let current_global = GlobalScope::current().expect("No current global object");
|
||||||
let origin = current_global.origin().immutable().clone();
|
let origin = current_global.origin().immutable().clone();
|
||||||
let parent = current_global.runtime_handle();
|
let parent = current_global.runtime_handle();
|
||||||
|
let current_global_https_state = current_global.get_https_state();
|
||||||
|
|
||||||
thread::Builder::new()
|
thread::Builder::new()
|
||||||
.name(name)
|
.name(name)
|
||||||
|
@ -375,6 +376,8 @@ impl DedicatedWorkerGlobalScope {
|
||||||
let scope = global.upcast::<WorkerGlobalScope>();
|
let scope = global.upcast::<WorkerGlobalScope>();
|
||||||
let global_scope = global.upcast::<GlobalScope>();
|
let global_scope = global.upcast::<GlobalScope>();
|
||||||
|
|
||||||
|
global_scope.set_https_state(current_global_https_state);
|
||||||
|
|
||||||
let (metadata, bytes) = match load_whole_resource(
|
let (metadata, bytes) = match load_whole_resource(
|
||||||
request,
|
request,
|
||||||
&global_scope.resource_threads().sender(),
|
&global_scope.resource_threads().sender(),
|
||||||
|
@ -395,6 +398,7 @@ impl DedicatedWorkerGlobalScope {
|
||||||
Ok((metadata, bytes)) => (metadata, bytes),
|
Ok((metadata, bytes)) => (metadata, bytes),
|
||||||
};
|
};
|
||||||
scope.set_url(metadata.final_url);
|
scope.set_url(metadata.final_url);
|
||||||
|
global_scope.set_https_state(metadata.https_state);
|
||||||
let source = String::from_utf8_lossy(&bytes);
|
let source = String::from_utf8_lossy(&bytes);
|
||||||
|
|
||||||
unsafe {
|
unsafe {
|
||||||
|
|
|
@ -1872,6 +1872,7 @@ impl Document {
|
||||||
fetch_target: IpcSender<FetchResponseMsg>,
|
fetch_target: IpcSender<FetchResponseMsg>,
|
||||||
) {
|
) {
|
||||||
request.csp_list = self.get_csp_list().map(|x| x.clone());
|
request.csp_list = self.get_csp_list().map(|x| x.clone());
|
||||||
|
request.https_state = self.https_state.get();
|
||||||
let mut loader = self.loader.borrow_mut();
|
let mut loader = self.loader.borrow_mut();
|
||||||
loader.fetch_async(load, request, fetch_target);
|
loader.fetch_async(load, request, fetch_target);
|
||||||
}
|
}
|
||||||
|
|
|
@ -87,6 +87,7 @@ use net_traits::filemanager_thread::{
|
||||||
FileManagerResult, FileManagerThreadMsg, ReadFileProgress, RelativePos,
|
FileManagerResult, FileManagerThreadMsg, ReadFileProgress, RelativePos,
|
||||||
};
|
};
|
||||||
use net_traits::image_cache::ImageCache;
|
use net_traits::image_cache::ImageCache;
|
||||||
|
use net_traits::response::HttpsState;
|
||||||
use net_traits::{CoreResourceMsg, CoreResourceThread, IpcSend, ResourceThreads};
|
use net_traits::{CoreResourceMsg, CoreResourceThread, IpcSend, ResourceThreads};
|
||||||
use parking_lot::Mutex;
|
use parking_lot::Mutex;
|
||||||
use profile_traits::{ipc as profile_ipc, mem as profile_mem, time as profile_time};
|
use profile_traits::{ipc as profile_ipc, mem as profile_mem, time as profile_time};
|
||||||
|
@ -238,6 +239,9 @@ pub struct GlobalScope {
|
||||||
// https://w3c.github.io/performance-timeline/#supportedentrytypes-attribute
|
// https://w3c.github.io/performance-timeline/#supportedentrytypes-attribute
|
||||||
#[ignore_malloc_size_of = "mozjs"]
|
#[ignore_malloc_size_of = "mozjs"]
|
||||||
frozen_supported_performance_entry_types: DomRefCell<Option<Heap<JSVal>>>,
|
frozen_supported_performance_entry_types: DomRefCell<Option<Heap<JSVal>>>,
|
||||||
|
|
||||||
|
/// currect https state (from previous request)
|
||||||
|
https_state: Cell<HttpsState>,
|
||||||
}
|
}
|
||||||
|
|
||||||
/// A wrapper for glue-code between the ipc router and the event-loop.
|
/// A wrapper for glue-code between the ipc router and the event-loop.
|
||||||
|
@ -588,6 +592,7 @@ impl GlobalScope {
|
||||||
user_agent,
|
user_agent,
|
||||||
gpu_id_hub,
|
gpu_id_hub,
|
||||||
frozen_supported_performance_entry_types: DomRefCell::new(Default::default()),
|
frozen_supported_performance_entry_types: DomRefCell::new(Default::default()),
|
||||||
|
https_state: Cell::new(HttpsState::None),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2503,6 +2508,14 @@ impl GlobalScope {
|
||||||
self.user_agent.clone()
|
self.user_agent.clone()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn get_https_state(&self) -> HttpsState {
|
||||||
|
self.https_state.get()
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn set_https_state(&self, https_state: HttpsState) {
|
||||||
|
self.https_state.set(https_state);
|
||||||
|
}
|
||||||
|
|
||||||
/// https://www.w3.org/TR/CSP/#get-csp-of-object
|
/// https://www.w3.org/TR/CSP/#get-csp-of-object
|
||||||
pub fn get_csp_list(&self) -> Option<CspList> {
|
pub fn get_csp_list(&self) -> Option<CspList> {
|
||||||
if let Some(window) = self.downcast::<Window>() {
|
if let Some(window) = self.downcast::<Window>() {
|
||||||
|
|
|
@ -507,8 +507,9 @@ impl Request {
|
||||||
|
|
||||||
fn net_request_from_global(global: &GlobalScope, url: ServoUrl) -> NetTraitsRequest {
|
fn net_request_from_global(global: &GlobalScope, url: ServoUrl) -> NetTraitsRequest {
|
||||||
let origin = Origin::Origin(global.get_url().origin());
|
let origin = Origin::Origin(global.get_url().origin());
|
||||||
|
let https_state = global.get_https_state();
|
||||||
let pipeline_id = global.pipeline_id();
|
let pipeline_id = global.pipeline_id();
|
||||||
NetTraitsRequest::new(url, Some(origin), Some(pipeline_id))
|
NetTraitsRequest::new(url, Some(origin), Some(pipeline_id), https_state)
|
||||||
}
|
}
|
||||||
|
|
||||||
// https://fetch.spec.whatwg.org/#concept-method-normalize
|
// https://fetch.spec.whatwg.org/#concept-method-normalize
|
||||||
|
|
|
@ -128,6 +128,7 @@ fn request_init_from_request(request: NetTraitsRequest) -> RequestBuilder {
|
||||||
parser_metadata: request.parser_metadata,
|
parser_metadata: request.parser_metadata,
|
||||||
initiator: request.initiator,
|
initiator: request.initiator,
|
||||||
csp_list: None,
|
csp_list: None,
|
||||||
|
https_state: request.https_state,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -315,6 +316,7 @@ pub fn load_whole_resource(
|
||||||
core_resource_thread: &CoreResourceThread,
|
core_resource_thread: &CoreResourceThread,
|
||||||
global: &GlobalScope,
|
global: &GlobalScope,
|
||||||
) -> Result<(Metadata, Vec<u8>), NetworkError> {
|
) -> Result<(Metadata, Vec<u8>), NetworkError> {
|
||||||
|
let request = request.https_state(global.get_https_state());
|
||||||
let (action_sender, action_receiver) = ipc::channel().unwrap();
|
let (action_sender, action_receiver) = ipc::channel().unwrap();
|
||||||
let url = request.url.clone();
|
let url = request.url.clone();
|
||||||
core_resource_thread
|
core_resource_thread
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue