mirror of
https://github.com/servo/servo.git
synced 2025-08-03 12:40:06 +01:00
Auto merge of #26546 - splav:tls-protected-checks, r=jdm
check http_state in determine_request_referrer <!-- Please describe your changes on the following line: --> Check https status inside determine_request_referrer. --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `___` with appropriate data: --> - [X] `./mach build -d` does not report any errors - [X] `./mach test-tidy` does not report any errors - [X] These changes fix #14506 (GitHub issue number if applicable) <!-- Either: --> - [ ] There are tests for these changes OR - [ ] These changes do not require tests because ___ <!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.--> <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->
This commit is contained in:
commit
e17b53eba5
15 changed files with 138 additions and 67 deletions
|
@ -306,6 +306,7 @@ impl DedicatedWorkerGlobalScope {
|
|||
let current_global = GlobalScope::current().expect("No current global object");
|
||||
let origin = current_global.origin().immutable().clone();
|
||||
let parent = current_global.runtime_handle();
|
||||
let current_global_https_state = current_global.get_https_state();
|
||||
|
||||
thread::Builder::new()
|
||||
.name(name)
|
||||
|
@ -375,6 +376,8 @@ impl DedicatedWorkerGlobalScope {
|
|||
let scope = global.upcast::<WorkerGlobalScope>();
|
||||
let global_scope = global.upcast::<GlobalScope>();
|
||||
|
||||
global_scope.set_https_state(current_global_https_state);
|
||||
|
||||
let (metadata, bytes) = match load_whole_resource(
|
||||
request,
|
||||
&global_scope.resource_threads().sender(),
|
||||
|
@ -395,6 +398,7 @@ impl DedicatedWorkerGlobalScope {
|
|||
Ok((metadata, bytes)) => (metadata, bytes),
|
||||
};
|
||||
scope.set_url(metadata.final_url);
|
||||
global_scope.set_https_state(metadata.https_state);
|
||||
let source = String::from_utf8_lossy(&bytes);
|
||||
|
||||
unsafe {
|
||||
|
|
|
@ -1887,6 +1887,7 @@ impl Document {
|
|||
fetch_target: IpcSender<FetchResponseMsg>,
|
||||
) {
|
||||
request.csp_list = self.get_csp_list().map(|x| x.clone());
|
||||
request.https_state = self.https_state.get();
|
||||
let mut loader = self.loader.borrow_mut();
|
||||
loader.fetch_async(load, request, fetch_target);
|
||||
}
|
||||
|
|
|
@ -87,6 +87,7 @@ use net_traits::filemanager_thread::{
|
|||
FileManagerResult, FileManagerThreadMsg, ReadFileProgress, RelativePos,
|
||||
};
|
||||
use net_traits::image_cache::ImageCache;
|
||||
use net_traits::response::HttpsState;
|
||||
use net_traits::{CoreResourceMsg, CoreResourceThread, IpcSend, ResourceThreads};
|
||||
use parking_lot::Mutex;
|
||||
use profile_traits::{ipc as profile_ipc, mem as profile_mem, time as profile_time};
|
||||
|
@ -238,6 +239,9 @@ pub struct GlobalScope {
|
|||
// https://w3c.github.io/performance-timeline/#supportedentrytypes-attribute
|
||||
#[ignore_malloc_size_of = "mozjs"]
|
||||
frozen_supported_performance_entry_types: DomRefCell<Option<Heap<JSVal>>>,
|
||||
|
||||
/// currect https state (from previous request)
|
||||
https_state: Cell<HttpsState>,
|
||||
}
|
||||
|
||||
/// A wrapper for glue-code between the ipc router and the event-loop.
|
||||
|
@ -588,6 +592,7 @@ impl GlobalScope {
|
|||
user_agent,
|
||||
gpu_id_hub,
|
||||
frozen_supported_performance_entry_types: DomRefCell::new(Default::default()),
|
||||
https_state: Cell::new(HttpsState::None),
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -2503,6 +2508,14 @@ impl GlobalScope {
|
|||
self.user_agent.clone()
|
||||
}
|
||||
|
||||
pub fn get_https_state(&self) -> HttpsState {
|
||||
self.https_state.get()
|
||||
}
|
||||
|
||||
pub fn set_https_state(&self, https_state: HttpsState) {
|
||||
self.https_state.set(https_state);
|
||||
}
|
||||
|
||||
/// https://www.w3.org/TR/CSP/#get-csp-of-object
|
||||
pub fn get_csp_list(&self) -> Option<CspList> {
|
||||
if let Some(window) = self.downcast::<Window>() {
|
||||
|
|
|
@ -507,8 +507,9 @@ impl Request {
|
|||
|
||||
fn net_request_from_global(global: &GlobalScope, url: ServoUrl) -> NetTraitsRequest {
|
||||
let origin = Origin::Origin(global.get_url().origin());
|
||||
let https_state = global.get_https_state();
|
||||
let pipeline_id = global.pipeline_id();
|
||||
NetTraitsRequest::new(url, Some(origin), Some(pipeline_id))
|
||||
NetTraitsRequest::new(url, Some(origin), Some(pipeline_id), https_state)
|
||||
}
|
||||
|
||||
// https://fetch.spec.whatwg.org/#concept-method-normalize
|
||||
|
|
|
@ -72,23 +72,4 @@ impl UrlHelper {
|
|||
pub fn SetUsername(url: &mut ServoUrl, value: USVString) {
|
||||
let _ = quirks::set_username(url.as_mut_url(), &value.0);
|
||||
}
|
||||
// https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy
|
||||
pub fn is_origin_trustworthy(url: &ServoUrl) -> bool {
|
||||
// Step 1
|
||||
if !url.origin().is_tuple() {
|
||||
return false;
|
||||
}
|
||||
|
||||
// Step 3
|
||||
if url.scheme() == "https" || url.scheme() == "wss" {
|
||||
true
|
||||
// Step 4
|
||||
} else if url.host().is_some() {
|
||||
let host = url.host_str().unwrap();
|
||||
host == "127.0.0.0/8" || host == "::1/128"
|
||||
// Step 6
|
||||
} else {
|
||||
url.scheme() == "file"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue