corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1709577 - Remove CORS_* constants from imgIRequest, use CORSMode instead. r=tnikkel

Browse Source 
These don't have the same value, and is a bit confusing.

Differential Revision: https://phabricator.services.mozilla.com/D114352
This commit is contained in:
Emilio Cobos Álvarez
2021-05-05 15:23:25 +00:00
parent a01def6d87
commit 4992150e26
8 changed files with 57 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
dom/canvas/CanvasRenderingContext2D.cpp
View File

@@ -4418,9 +4418,9 @@ SurfaceFromElementResult CanvasRenderingContext2D::CachedSurfaceFromElement(
return res;
}
int32_t corsmode = imgIRequest::CORS_NONE;
int32_t corsmode = CORS_NONE;
if (NS_SUCCEEDED(imgRequest->GetCORSMode(&corsmode))) {
res.mCORSUsed = corsmode != imgIRequest::CORS_NONE;
res.mCORSUsed = corsmode != CORS_NONE;
}
res.mSize = res.mIntrinsicSize = res.mSourceSurface->GetSize();

2
dom/svg/SVGFEImageElement.cpp
View File

@@ -267,7 +267,7 @@ bool SVGFEImageElement::OutputIsTainted(const nsTArray<bool>& aInputsAreTainted,
int32_t corsmode;
if (NS_SUCCEEDED(currentRequest->GetCORSMode(&corsmode)) &&
corsmode != imgIRequest::CORS_NONE) {
corsmode != CORS_NONE) {
// If CORS was used to load the image, the page is allowed to read from it.
return false;
}

18
image/imgIRequest.idl
View File

@@ -124,23 +124,7 @@ interface imgIRequest : nsIRequest
readonly attribute bool multipart;
/**
* CORS modes images can be loaded with.
*
* By default, all images are loaded with CORS_NONE and cannot be used
* cross-origin in context like WebGL.
*
* If an HTML img element has the crossorigin attribute set, the imgIRequest
* will be validated for cross-origin usage with CORS, and, if successful,
* will have its CORS mode set to the relevant type.
*/
//@{
const long CORS_NONE = 1;
const long CORS_ANONYMOUS = 2;
const long CORS_USE_CREDENTIALS = 3;
//@}
/**
* The CORS mode that this image was loaded with.
* The CORS mode that this image was loaded with (a mozilla::CORSMode).
*/
readonly attribute long CORSMode;

92
image/imgLoader.cpp
View File

@@ -739,38 +739,45 @@ static bool ShouldLoadCachedImage(imgRequest* aImgRequest,
// Returns true if this request is compatible with the given CORS mode on the
// given loading principal, and false if the request may not be reused due
// to CORS. Also checks the Referrer Policy, since requests with different
// referrers/policies may generate different responses.
static bool ValidateSecurityInfo(imgRequest* request, bool forcePrincipalCheck,
int32_t corsmode,
nsIPrincipal* triggeringPrincipal,
Document* aLoadingDocument,
nsContentPolicyType aPolicyType) {
// to CORS.
static bool ValidateCORSMode(imgRequest* aRequest, bool aForcePrincipalCheck,
CORSMode aCORSMode,
nsIPrincipal* aTriggeringPrincipal) {
// If the entry's CORS mode doesn't match, or the CORS mode matches but the
// document principal isn't the same, we can't use this request.
if (request->GetCORSMode() != corsmode) {
if (aRequest->GetCORSMode() != aCORSMode) {
return false;
}
if (request->GetCORSMode() != imgIRequest::CORS_NONE || forcePrincipalCheck) {
nsCOMPtr<nsIPrincipal> otherprincipal = request->GetTriggeringPrincipal();
if (aRequest->GetCORSMode() != CORS_NONE || aForcePrincipalCheck) {
nsCOMPtr<nsIPrincipal> otherprincipal = aRequest->GetTriggeringPrincipal();
// If we previously had a principal, but we don't now, we can't use this
// request.
if (otherprincipal && !triggeringPrincipal) {
if (otherprincipal && !aTriggeringPrincipal) {
return false;
}
if (otherprincipal && triggeringPrincipal) {
bool equals = false;
otherprincipal->Equals(triggeringPrincipal, &equals);
if (!equals) {
return false;
}
if (otherprincipal && aTriggeringPrincipal &&
!otherprincipal->Equals(aTriggeringPrincipal)) {
return false;
}
}
return true;
}
static bool ValidateSecurityInfo(imgRequest* aRequest,
bool aForcePrincipalCheck, CORSMode aCORSMode,
nsIPrincipal* aTriggeringPrincipal,
Document* aLoadingDocument,
nsContentPolicyType aPolicyType) {
if (!ValidateCORSMode(aRequest, aForcePrincipalCheck, aCORSMode,
aTriggeringPrincipal)) {
return false;
}
// Content Policy Check on Cached Images
return ShouldLoadCachedImage(request, aLoadingDocument, triggeringPrincipal,
return ShouldLoadCachedImage(aRequest, aLoadingDocument, aTriggeringPrincipal,
aPolicyType,
/* aSendCSPViolationReports */ false);
}
@@ -784,7 +791,7 @@ static nsresult NewImageChannel(
// be set to true if this channel ends up depending on
// aTriggeringPrincipal and false otherwise.
bool* aForcePrincipalCheckForCacheEntry, nsIURI* aURI,
nsIURI* aInitialDocumentURI, int32_t aCORSMode,
nsIURI* aInitialDocumentURI, CORSMode aCORSMode,
nsIReferrerInfo* aReferrerInfo, nsILoadGroup* aLoadGroup,
nsLoadFlags aLoadFlags, nsContentPolicyType aPolicyType,
nsIPrincipal* aTriggeringPrincipal, nsINode* aRequestingNode,
@@ -815,12 +822,12 @@ static nsresult NewImageChannel(
//
nsSecurityFlags securityFlags =
aCORSMode == imgIRequest::CORS_NONE
aCORSMode == CORS_NONE
? nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_INHERITS_SEC_CONTEXT
: nsILoadInfo::SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT;
if (aCORSMode == imgIRequest::CORS_ANONYMOUS) {
if (aCORSMode == CORS_ANONYMOUS) {
securityFlags |= nsILoadInfo::SEC_COOKIES_SAME_ORIGIN;
} else if (aCORSMode == imgIRequest::CORS_USE_CREDENTIALS) {
} else if (aCORSMode == CORS_USE_CREDENTIALS) {
securityFlags |= nsILoadInfo::SEC_COOKIES_INCLUDE;
}
securityFlags |= nsILoadInfo::SEC_ALLOW_CHROME;
@@ -1172,21 +1179,6 @@ NS_IMPL_ISUPPORTS(imgLoader, imgILoader, nsIContentSniffer, imgICache,
static imgLoader* gNormalLoader = nullptr;
static imgLoader* gPrivateBrowsingLoader = nullptr;
/* static */
mozilla::CORSMode imgLoader::ConvertToCORSMode(uint32_t aImgCORS) {
switch (aImgCORS) {
case imgIRequest::CORS_NONE:
return CORSMode::CORS_NONE;
case imgIRequest::CORS_ANONYMOUS:
return CORSMode::CORS_ANONYMOUS;
case imgIRequest::CORS_USE_CREDENTIALS:
return CORSMode::CORS_USE_CREDENTIALS;
}
MOZ_ASSERT(false, "Unexpected imgIRequest CORS value");
return CORSMode::CORS_NONE;
}
/* static */
already_AddRefed<imgLoader> imgLoader::CreateImageLoader() {
// In some cases, such as xpctests, XPCOM modules are not automatically
@@ -1653,7 +1645,7 @@ bool imgLoader::ValidateRequestWithNewChannel(
imgINotificationObserver* aObserver, Document* aLoadingDocument,
uint64_t aInnerWindowId, nsLoadFlags aLoadFlags,
nsContentPolicyType aLoadPolicyType, imgRequestProxy** aProxyRequest,
nsIPrincipal* aTriggeringPrincipal, int32_t aCORSMode, bool aLinkPreload,
nsIPrincipal* aTriggeringPrincipal, CORSMode aCORSMode, bool aLinkPreload,
bool* aNewChannelCreated) {
// now we need to insert a new channel request object in between the real
// request and the proxy that basically delays loading the image until it
@@ -1683,7 +1675,7 @@ bool imgLoader::ValidateRequestWithNewChannel(
MOZ_ASSERT(aLoadingDocument);
proxy->PrioritizeAsPreload();
auto preloadKey = PreloadHashKey::CreateAsImage(
aURI, aTriggeringPrincipal, ConvertToCORSMode(aCORSMode));
aURI, aTriggeringPrincipal, aCORSMode);
proxy->NotifyOpen(preloadKey, aLoadingDocument, true);
}
@@ -1749,8 +1741,8 @@ bool imgLoader::ValidateRequestWithNewChannel(
if (aLinkPreload) {
MOZ_ASSERT(aLoadingDocument);
req->PrioritizeAsPreload();
auto preloadKey = PreloadHashKey::CreateAsImage(
aURI, aTriggeringPrincipal, ConvertToCORSMode(aCORSMode));
auto preloadKey =
PreloadHashKey::CreateAsImage(aURI, aTriggeringPrincipal, aCORSMode);
req->NotifyOpen(preloadKey, aLoadingDocument, true);
}
@@ -1784,7 +1776,7 @@ bool imgLoader::ValidateEntry(
nsLoadFlags aLoadFlags, nsContentPolicyType aLoadPolicyType,
bool aCanMakeNewChannel, bool* aNewChannelCreated,
imgRequestProxy** aProxyRequest, nsIPrincipal* aTriggeringPrincipal,
int32_t aCORSMode, bool aLinkPreload) {
CORSMode aCORSMode, bool aLinkPreload) {
LOG_SCOPE(gImgLog, "imgLoader::ValidateEntry");
// If the expiration time is zero, then the request has not gotten far enough
@@ -2193,17 +2185,17 @@ nsresult imgLoader::LoadImage(
requestFlags |= nsIRequest::LOAD_BACKGROUND;
}
int32_t corsmode = imgIRequest::CORS_NONE;
CORSMode corsmode = CORS_NONE;
if (aLoadFlags & imgILoader::LOAD_CORS_ANONYMOUS) {
corsmode = imgIRequest::CORS_ANONYMOUS;
corsmode = CORS_ANONYMOUS;
} else if (aLoadFlags & imgILoader::LOAD_CORS_USE_CREDENTIALS) {
corsmode = imgIRequest::CORS_USE_CREDENTIALS;
corsmode = CORS_USE_CREDENTIALS;
}
// Look in the preloaded images of loading document first.
if (StaticPrefs::network_preload() && !aLinkPreload && aLoadingDocument) {
auto key = PreloadHashKey::CreateAsImage(aURI, aTriggeringPrincipal,
ConvertToCORSMode(corsmode));
corsmode);
if (RefPtr<PreloaderBase> preload =
aLoadingDocument->Preloads().LookupPreload(key)) {
RefPtr<imgRequestProxy> proxy = do_QueryObject(preload);
@@ -2433,7 +2425,7 @@ nsresult imgLoader::LoadImage(
MOZ_ASSERT(aLoadingDocument);
proxy->PrioritizeAsPreload();
auto preloadKey = PreloadHashKey::CreateAsImage(
aURI, aTriggeringPrincipal, ConvertToCORSMode(corsmode));
aURI, aTriggeringPrincipal, corsmode);
proxy->NotifyOpen(preloadKey, aLoadingDocument, true);
}
@@ -2535,7 +2527,7 @@ nsresult imgLoader::LoadImageWithChannel(nsIChannel* channel,
if (ValidateEntry(entry, uri, nullptr, nullptr, nullptr, aObserver,
aLoadingDocument, requestFlags, policyType, false,
nullptr, nullptr, nullptr, imgIRequest::CORS_NONE,
nullptr, nullptr, nullptr, CORS_NONE,
false)) {
request = entry->GetRequest();
} else {
@@ -2632,7 +2624,7 @@ nsresult imgLoader::LoadImageWithChannel(nsIChannel* channel,
// can set aHadInsecureRedirect to false here.
rv = request->Init(originalURI, uri, /* aHadInsecureRedirect = */ false,
channel, channel, entry, aLoadingDocument, nullptr,
imgIRequest::CORS_NONE, nullptr);
CORS_NONE, nullptr);
NS_ENSURE_SUCCESS(rv, rv);
RefPtr<ProxyListener> pl =
@@ -3037,7 +3029,7 @@ imgCacheValidator::OnStartRequest(nsIRequest* aRequest) {
"imgCacheValidator::OnStartRequest creating new request",
"uri", uri);
int32_t corsmode = mRequest->GetCORSMode();
CORSMode corsmode = mRequest->GetCORSMode();
nsCOMPtr<nsIReferrerInfo> referrerInfo = mRequest->GetReferrerInfo();
nsCOMPtr<nsIPrincipal> triggeringPrincipal =
mRequest->GetTriggeringPrincipal();

8
image/imgLoader.h
View File

@@ -340,10 +340,6 @@ class imgLoader final : public imgILoader,
bool SetHasNoProxies(imgRequest* aRequest, imgCacheEntry* aEntry);
bool SetHasProxies(imgRequest* aRequest);
// This method converts imgIRequest::CORS_* values to mozilla::CORSMode
// values.
static mozilla::CORSMode ConvertToCORSMode(uint32_t aImgCORS);
private: // methods
static already_AddRefed<imgLoader> CreateImageLoader();
@@ -356,7 +352,7 @@ class imgLoader final : public imgILoader,
mozilla::dom::Document* aLoadingDocument, nsLoadFlags aLoadFlags,
nsContentPolicyType aLoadPolicyType, bool aCanMakeNewChannel,
bool* aNewChannelCreated, imgRequestProxy** aProxyRequest,
nsIPrincipal* aTriggeringPrincipal, int32_t aCORSMode, bool aLinkPreload);
nsIPrincipal* aTriggeringPrincipal, mozilla::CORSMode, bool aLinkPreload);
bool ValidateRequestWithNewChannel(
imgRequest* request, nsIURI* aURI, nsIURI* aInitialDocumentURI,
@@ -365,7 +361,7 @@ class imgLoader final : public imgILoader,
mozilla::dom::Document* aLoadingDocument, uint64_t aInnerWindowId,
nsLoadFlags aLoadFlags, nsContentPolicyType aContentPolicyType,
imgRequestProxy** aProxyRequest, nsIPrincipal* aLoadingPrincipal,
int32_t aCORSMode, bool aLinkPreload, bool* aNewChannelCreated);
mozilla::CORSMode, bool aLinkPreload, bool* aNewChannelCreated);
// aURI may be different from imgRequest's URI in the case of blob URIs, as we
// can share requests with different URIs.

5
image/imgRequest.cpp
View File

@@ -58,7 +58,7 @@ imgRequest::imgRequest(imgLoader* aLoader, const ImageCacheKey& aCacheKey)
mFirstProxy(nullptr),
mValidator(nullptr),
mInnerWindowId(0),
mCORSMode(imgIRequest::CORS_NONE),
mCORSMode(CORS_NONE),
mImageErrorCode(NS_OK),
mImageAvailable(false),
mIsDeniedCrossSiteCORSRequest(false),
@@ -87,7 +87,8 @@ nsresult imgRequest::Init(nsIURI* aURI, nsIURI* aFinalURI,
bool aHadInsecureRedirect, nsIRequest* aRequest,
nsIChannel* aChannel, imgCacheEntry* aCacheEntry,
mozilla::dom::Document* aLoadingDocument,
nsIPrincipal* aTriggeringPrincipal, int32_t aCORSMode,
nsIPrincipal* aTriggeringPrincipal,
mozilla::CORSMode aCORSMode,
nsIReferrerInfo* aReferrerInfo) {
MOZ_ASSERT(NS_IsMainThread(), "Cannot use nsIURI off main thread!");

9
image/imgRequest.h
View File

@@ -32,6 +32,7 @@ class nsIURI;
class nsIReferrerInfo;
namespace mozilla {
enum CORSMode : uint8_t;
namespace image {
class Image;
class ProgressTracker;
@@ -66,7 +67,7 @@ class imgRequest final : public nsIStreamListener,
nsIChannel* aChannel, imgCacheEntry* aCacheEntry,
mozilla::dom::Document* aLoadingDocument,
nsIPrincipal* aTriggeringPrincipal,
int32_t aCORSMode,
mozilla::CORSMode aCORSMode,
nsIReferrerInfo* aReferrerInfo);
void ClearLoader();
@@ -112,7 +113,7 @@ class imgRequest final : public nsIStreamListener,
bool HadInsecureRedirect() const;
// The CORS mode for which we loaded this image.
int32_t GetCORSMode() const { return mCORSMode; }
mozilla::CORSMode GetCORSMode() const { return mCORSMode; }
// The ReferrerInfo in effect when loading this image.
nsIReferrerInfo* GetReferrerInfo() const { return mReferrerInfo; }
@@ -266,8 +267,8 @@ class imgRequest final : public nsIStreamListener,
uint64_t mInnerWindowId;
// The CORS mode (defined in imgIRequest) this image was loaded with. By
// default, imgIRequest::CORS_NONE.
int32_t mCORSMode;
// default, CORS_NONE.
mozilla::CORSMode mCORSMode;
// The ReferrerInfo used for this image.
nsCOMPtr<nsIReferrerInfo> mReferrerInfo;

2
layout/base/nsLayoutUtils.cpp
View File

@@ -7107,7 +7107,7 @@ SurfaceFromElementResult nsLayoutUtils::SurfaceFromElement(
int32_t corsmode;
if (NS_SUCCEEDED(imgRequest->GetCORSMode(&corsmode))) {
result.mCORSUsed = (corsmode != imgIRequest::CORS_NONE);
result.mCORSUsed = corsmode != CORS_NONE;
}
bool hadCrossOriginRedirects = true;