corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1943577 - Consolidate IsHttpsOnlyModeEnabled and similar functions r=necko-reviewers,freddyb,simonf

Browse Source 
Remove IsHttpsOnlyModeEnabled and IsHttpsFirstModeEnabled, and replace them with
GetUpgradeMode. With that, we are way more explicit about which mode is being
used right now, and have a clearer distinction between HTTPS-First and
schemeless HTTPS-First. We also eliminate the need to call
`loadInfo->GetOriginAttributes().IsPrivateBrowsing()` all the time.

Differential Revision: https://phabricator.services.mozilla.com/D233419
This commit is contained in:
Malte Jürgens
2025-04-09 16:47:50 +00:00
parent 423b1e951c
commit 70681a65d0
6 changed files with 102 additions and 136 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
docshell/base/nsDocShell.cpp
View File

@@ -8548,13 +8548,18 @@ bool nsDocShell::IsSameDocumentNavigation(nsDocShellLoadState* aLoadState,
if (!aState.mSameExceptHashes) {
if (nsCOMPtr<nsIChannel> docChannel = GetCurrentDocChannel()) {
nsCOMPtr<nsILoadInfo> docLoadInfo = docChannel->LoadInfo();
nsHTTPSOnlyUtils::UpgradeMode upgradeMode =
nsHTTPSOnlyUtils::GetUpgradeMode(docLoadInfo);
if (!docLoadInfo->GetLoadErrorPage() &&
nsHTTPSOnlyUtils::ShouldUpgradeConnection(docLoadInfo) &&
(upgradeMode == nsHTTPSOnlyUtils::HTTPS_ONLY_MODE ||
upgradeMode == nsHTTPSOnlyUtils::HTTPS_FIRST_MODE) &&
nsHTTPSOnlyUtils::IsHttpDowngrade(currentExposableURI,
aLoadState->URI())) {
uint32_t status = docLoadInfo->GetHttpsOnlyStatus();
if (status & (nsILoadInfo::HTTPS_ONLY_UPGRADED_LISTENER_REGISTERED |
nsILoadInfo::HTTPS_ONLY_UPGRADED_HTTPS_FIRST)) {
if ((status &
(nsILoadInfo::HTTPS_ONLY_UPGRADED_LISTENER_REGISTERED |
nsILoadInfo::HTTPS_ONLY_UPGRADED_HTTPS_FIRST)) &&
!(status & nsILoadInfo::HTTPS_ONLY_EXEMPT)) {
// At this point the requested URI is for sure a fragment
// navigation via HTTP and HTTPS-Only mode or HTTPS-First is
// enabled. Also it is not interfering the upgrade order of
@@ -9390,7 +9395,8 @@ nsresult nsDocShell::InternalLoad(nsDocShellLoadState* aLoadState,
// unload and just unload.
bool okToUnload;
if (!isHistoryOrReload && aLoadState->IsExemptFromHTTPSFirstMode() &&
nsHTTPSOnlyUtils::IsHttpsFirstModeEnabled(isPrivateWin)) {
nsHTTPSOnlyUtils::GetUpgradeMode(isPrivateWin) ==
nsHTTPSOnlyUtils::HTTPS_FIRST_MODE) {
rv = mDocumentViewer->PermitUnload(
nsIDocumentViewer::PermitUnloadAction::eDontPromptAndUnload,
&okToUnload);

157
dom/security/nsHTTPSOnlyUtils.cpp
View File

@@ -29,40 +29,34 @@
#include "prnetdb.h"
/* static */
bool nsHTTPSOnlyUtils::IsHttpsOnlyModeEnabled(bool aFromPrivateWindow) {
// if the general pref is set to true, then we always return
if (mozilla::StaticPrefs::dom_security_https_only_mode()) {
return true;
nsHTTPSOnlyUtils::UpgradeMode nsHTTPSOnlyUtils::GetUpgradeMode(
bool aFromPrivateWindow,
nsILoadInfo::SchemelessInputType aSchemelessInputType) {
if (mozilla::StaticPrefs::dom_security_https_only_mode() ||
(aFromPrivateWindow &&
mozilla::StaticPrefs::dom_security_https_only_mode_pbm())) {
return nsHTTPSOnlyUtils::HTTPS_ONLY_MODE;
}
// otherwise we check if executing in private browsing mode and return true
// if the PBM pref for HTTPS-Only is set.
if (aFromPrivateWindow &&
mozilla::StaticPrefs::dom_security_https_only_mode_pbm()) {
return true;
if (mozilla::StaticPrefs::dom_security_https_first() ||
(aFromPrivateWindow &&
mozilla::StaticPrefs::dom_security_https_first_pbm())) {
return nsHTTPSOnlyUtils::HTTPS_FIRST_MODE;
}
return false;
if (mozilla::StaticPrefs::dom_security_https_first_schemeless() &&
aSchemelessInputType == nsILoadInfo::SchemelessInputTypeSchemeless) {
return nsHTTPSOnlyUtils::SCHEMELESS_HTTPS_FIRST_MODE;
}
return NO_UPGRADE_MODE;
}
/* static */
bool nsHTTPSOnlyUtils::IsHttpsFirstModeEnabled(bool aFromPrivateWindow) {
// HTTPS-Only takes priority over HTTPS-First
if (IsHttpsOnlyModeEnabled(aFromPrivateWindow)) {
return false;
}
// if the general pref is set to true, then we always return
if (mozilla::StaticPrefs::dom_security_https_first()) {
return true;
}
// otherwise we check if executing in private browsing mode and return true
// if the PBM pref for HTTPS-First is set.
if (aFromPrivateWindow &&
mozilla::StaticPrefs::dom_security_https_first_pbm()) {
return true;
}
return false;
nsHTTPSOnlyUtils::UpgradeMode nsHTTPSOnlyUtils::GetUpgradeMode(
nsILoadInfo* aLoadInfo) {
bool isPrivateWin = aLoadInfo->GetOriginAttributes().IsPrivateBrowsing();
return GetUpgradeMode(isPrivateWin, aLoadInfo->GetSchemelessInput());
}
/* static */
@@ -81,15 +75,11 @@ void nsHTTPSOnlyUtils::PotentiallyFireHttpRequestToShortenTimout(
}
nsCOMPtr<nsILoadInfo> loadInfo = channel->LoadInfo();
bool isPrivateWin = loadInfo->GetOriginAttributes().IsPrivateBrowsing();
UpgradeMode upgradeMode = GetUpgradeMode(loadInfo);
// if neither HTTPS-Only nor HTTPS-First mode is enabled, then there is
// nothing to do here.
if ((!IsHttpsOnlyModeEnabled(isPrivateWin) &&
!IsHttpsFirstModeEnabled(isPrivateWin)) &&
!(loadInfo->GetSchemelessInput() ==
nsILoadInfo::SchemelessInputTypeSchemeless &&
mozilla::StaticPrefs::dom_security_https_first_schemeless())) {
if (upgradeMode == NO_UPGRADE_MODE) {
return;
}
@@ -132,10 +122,8 @@ void nsHTTPSOnlyUtils::PotentiallyFireHttpRequestToShortenTimout(
// HTTPS-First is enabled, but HTTPS-Only is not enabled, we might return
// early if attempting to send a background request to a non standard port.
if (!mozilla::StaticPrefs::dom_security_https_first_for_custom_ports() &&
(IsHttpsFirstModeEnabled(isPrivateWin) ||
(loadInfo->GetSchemelessInput() ==
nsILoadInfo::SchemelessInputTypeSchemeless &&
mozilla::StaticPrefs::dom_security_https_first_schemeless()))) {
(upgradeMode == HTTPS_FIRST_MODE ||
upgradeMode == SCHEMELESS_HTTPS_FIRST_MODE)) {
int32_t port = 0;
nsresult rv = channelURI->GetPort(&port);
int defaultPortforScheme = NS_GetDefaultPort("http");
@@ -158,8 +146,7 @@ void nsHTTPSOnlyUtils::PotentiallyFireHttpRequestToShortenTimout(
bool nsHTTPSOnlyUtils::ShouldUpgradeRequest(nsIURI* aURI,
nsILoadInfo* aLoadInfo) {
// 1. Check if the HTTPS-Only Mode is even enabled, before we do anything else
bool isPrivateWin = aLoadInfo->GetOriginAttributes().IsPrivateBrowsing();
if (!IsHttpsOnlyModeEnabled(isPrivateWin)) {
if (GetUpgradeMode(aLoadInfo) != HTTPS_ONLY_MODE) {
return false;
}
@@ -183,7 +170,8 @@ bool nsHTTPSOnlyUtils::ShouldUpgradeRequest(nsIURI* aURI,
ExtContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
if (contentType != ExtContentPolicy::TYPE_DOCUMENT) {
if (!aLoadInfo->TriggeringPrincipal()->IsSystemPrincipal() &&
TestIfPrincipalIsExempt(aLoadInfo->TriggeringPrincipal())) {
TestIfPrincipalIsExempt(aLoadInfo->TriggeringPrincipal(),
HTTPS_ONLY_MODE)) {
return false;
}
}
@@ -226,8 +214,7 @@ bool nsHTTPSOnlyUtils::ShouldUpgradeRequest(nsIURI* aURI,
bool nsHTTPSOnlyUtils::ShouldUpgradeWebSocket(nsIURI* aURI,
nsILoadInfo* aLoadInfo) {
// 1. Check if the HTTPS-Only Mode is even enabled, before we do anything else
bool isPrivateWin = aLoadInfo->GetOriginAttributes().IsPrivateBrowsing();
if (!IsHttpsOnlyModeEnabled(isPrivateWin)) {
if (GetUpgradeMode(aLoadInfo) != HTTPS_ONLY_MODE) {
return false;
}
@@ -250,7 +237,8 @@ bool nsHTTPSOnlyUtils::ShouldUpgradeWebSocket(nsIURI* aURI,
// All subresources of an exempt triggering principal are also exempt.
if (!aLoadInfo->TriggeringPrincipal()->IsSystemPrincipal() &&
TestIfPrincipalIsExempt(aLoadInfo->TriggeringPrincipal())) {
TestIfPrincipalIsExempt(aLoadInfo->TriggeringPrincipal(),
HTTPS_ONLY_MODE)) {
return false;
}
@@ -275,13 +263,13 @@ bool nsHTTPSOnlyUtils::IsUpgradeDowngradeEndlessLoop(
const mozilla::EnumSet<UpgradeDowngradeEndlessLoopOptions>& aOptions) {
// 1. Check if the HTTPS-Only/HTTPS-First is even enabled, before doing
// anything else
bool isPrivateWin = aLoadInfo->GetOriginAttributes().IsPrivateBrowsing();
UpgradeMode upgradeMode = GetUpgradeMode(aLoadInfo);
bool enforceForHTTPSOnlyMode =
IsHttpsOnlyModeEnabled(isPrivateWin) &&
upgradeMode == HTTPS_ONLY_MODE &&
aOptions.contains(
UpgradeDowngradeEndlessLoopOptions::EnforceForHTTPSOnlyMode);
bool enforceForHTTPSFirstMode =
IsHttpsFirstModeEnabled(isPrivateWin) &&
upgradeMode == HTTPS_FIRST_MODE &&
aOptions.contains(
UpgradeDowngradeEndlessLoopOptions::EnforceForHTTPSFirstMode);
bool enforceForHTTPSRR =
@@ -357,11 +345,9 @@ bool nsHTTPSOnlyUtils::ShouldUpgradeHttpsFirstRequest(nsIURI* aURI,
MOZ_ASSERT(aURI->SchemeIs("http"), "how come the request is not 'http'?");
// 1. Check if HTTPS-First Mode is enabled
bool isPrivateWin = aLoadInfo->GetOriginAttributes().IsPrivateBrowsing();
if (!IsHttpsFirstModeEnabled(isPrivateWin) &&
!(aLoadInfo->GetSchemelessInput() ==
nsILoadInfo::SchemelessInputTypeSchemeless &&
mozilla::StaticPrefs::dom_security_https_first_schemeless())) {
UpgradeMode upgradeMode = GetUpgradeMode(aLoadInfo);
if (upgradeMode != HTTPS_FIRST_MODE &&
upgradeMode != SCHEMELESS_HTTPS_FIRST_MODE) {
return false;
}
// 2. HTTPS-First only upgrades top-level loads (and speculative connections)
@@ -416,9 +402,7 @@ bool nsHTTPSOnlyUtils::ShouldUpgradeHttpsFirstRequest(nsIURI* aURI,
// We can upgrade the request - let's log to the console and set the status
// so we know that we upgraded the request.
if (aLoadInfo->GetSchemelessInput() ==
nsILoadInfo::SchemelessInputTypeSchemeless &&
!IsHttpsFirstModeEnabled(isPrivateWin)) {
if (upgradeMode == SCHEMELESS_HTTPS_FIRST_MODE) {
nsAutoCString urlCString;
aURI->GetSpec(urlCString);
NS_ConvertUTF8toUTF16 urlString(urlCString);
@@ -604,19 +588,14 @@ void nsHTTPSOnlyUtils::UpdateLoadStateAfterHTTPSFirstDowngrade(
mozilla::TimeDuration duration =
mozilla::TimeStamp::Now() - navigationStart;
bool isPrivateWin = loadInfo->GetOriginAttributes().IsPrivateBrowsing();
bool isSchemeless =
loadInfo->GetSchemelessInput() ==
nsILoadInfo::SchemelessInputTypeSchemeless &&
!nsHTTPSOnlyUtils::IsHttpsFirstModeEnabled(isPrivateWin);
nsresult channelStatus;
channel->GetStatus(&channelStatus);
RefPtr downgradeData = mozilla::MakeRefPtr<HTTPSFirstDowngradeData>();
downgradeData->downgradeTime = duration;
downgradeData->isOnTimer = channelStatus == NS_ERROR_NET_TIMEOUT_EXTERNAL;
downgradeData->isSchemeless = isSchemeless;
downgradeData->isSchemeless =
GetUpgradeMode(loadInfo) == SCHEMELESS_HTTPS_FIRST_MODE;
aLoadState->SetHttpsFirstDowngradeData(downgradeData);
}
}
@@ -649,8 +628,7 @@ void nsHTTPSOnlyUtils::SubmitHTTPSFirstTelemetry(
nsILoadInfo::HTTPS_ONLY_UPGRADED_HTTPS_FIRST) {
// Successfully upgraded load
if (aLoadInfo->GetSchemelessInput() ==
nsILoadInfo::SchemelessInputTypeSchemeless) {
if (GetUpgradeMode(aLoadInfo) == SCHEMELESS_HTTPS_FIRST_MODE) {
upgraded_schemeless.Add();
} else {
upgraded.Add();
@@ -668,8 +646,7 @@ bool nsHTTPSOnlyUtils::CouldBeHttpsOnlyError(nsIChannel* aChannel,
// If HTTPS-Only Mode is not enabled, then there is nothing to do here.
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
bool isPrivateWin = loadInfo->GetOriginAttributes().IsPrivateBrowsing();
if (!IsHttpsOnlyModeEnabled(isPrivateWin)) {
if (GetUpgradeMode(loadInfo) != HTTPS_ONLY_MODE) {
return false;
}
@@ -688,7 +665,7 @@ bool nsHTTPSOnlyUtils::CouldBeHttpsOnlyError(nsIChannel* aChannel,
/* static */
bool nsHTTPSOnlyUtils::TestIfPrincipalIsExempt(nsIPrincipal* aPrincipal,
bool aCheckForHTTPSFirst) {
UpgradeMode aUpgradeMode) {
static nsCOMPtr<nsIPermissionManager> sPermMgr;
if (!sPermMgr) {
sPermMgr = mozilla::components::PermissionManager::Service();
@@ -701,9 +678,12 @@ bool nsHTTPSOnlyUtils::TestIfPrincipalIsExempt(nsIPrincipal* aPrincipal,
aPrincipal, "https-only-load-insecure"_ns, &perm);
NS_ENSURE_SUCCESS(rv, false);
bool checkForHTTPSFirst = aUpgradeMode == HTTPS_FIRST_MODE ||
aUpgradeMode == SCHEMELESS_HTTPS_FIRST_MODE;
return perm == nsIHttpsOnlyModePermission::LOAD_INSECURE_ALLOW ||
perm == nsIHttpsOnlyModePermission::LOAD_INSECURE_ALLOW_SESSION ||
(aCheckForHTTPSFirst &&
(checkForHTTPSFirst &&
perm == nsIHttpsOnlyModePermission::HTTPSFIRST_LOAD_INSECURE_ALLOW);
}
@@ -715,15 +695,9 @@ void nsHTTPSOnlyUtils::TestSitePermissionAndPotentiallyAddExemption(
// If HTTPS-Only or HTTPS-First Mode is not enabled, then there is nothing to
// do here.
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
bool isPrivateWin = loadInfo->GetOriginAttributes().IsPrivateBrowsing();
bool isHttpsOnly = IsHttpsOnlyModeEnabled(isPrivateWin);
bool isHttpsFirst = IsHttpsFirstModeEnabled(isPrivateWin);
bool isSchemelessHttpsFirst =
(loadInfo->GetSchemelessInput() ==
nsILoadInfo::SchemelessInputTypeSchemeless) &&
mozilla::StaticPrefs::dom_security_https_first_schemeless() &&
!isHttpsOnly && !isHttpsFirst;
if (!isHttpsOnly && !isHttpsFirst && !isSchemelessHttpsFirst) {
UpgradeMode upgradeMode = GetUpgradeMode(loadInfo);
if (upgradeMode == NO_UPGRADE_MODE) {
return;
}
@@ -745,8 +719,7 @@ void nsHTTPSOnlyUtils::TestSitePermissionAndPotentiallyAddExemption(
NS_ENSURE_SUCCESS_VOID(rv);
uint32_t httpsOnlyStatus = loadInfo->GetHttpsOnlyStatus();
bool isPrincipalExempt = TestIfPrincipalIsExempt(
principal, isHttpsFirst || isSchemelessHttpsFirst);
bool isPrincipalExempt = TestIfPrincipalIsExempt(principal, upgradeMode);
if (isPrincipalExempt) {
httpsOnlyStatus |= nsILoadInfo::HTTPS_ONLY_EXEMPT;
}
@@ -776,8 +749,7 @@ bool nsHTTPSOnlyUtils::IsSafeToAcceptCORSOrMixedContent(
return false;
}
// Check if HTTPS-Only Mode is enabled for this request
bool isPrivateWin = aLoadInfo->GetOriginAttributes().IsPrivateBrowsing();
return nsHTTPSOnlyUtils::IsHttpsOnlyModeEnabled(isPrivateWin);
return GetUpgradeMode(aLoadInfo) == HTTPS_ONLY_MODE;
}
/* static */
@@ -894,29 +866,6 @@ bool nsHTTPSOnlyUtils::UnknownPublicSuffixException(nsIURI* aURI) {
return !hasKnownPublicSuffix;
}
/* static */
bool nsHTTPSOnlyUtils::ShouldUpgradeConnection(nsILoadInfo* aLoadInfo) {
// Check if one of parameters is null then webpage can't be loaded yet
// and no further inspections are needed
if (!aLoadInfo) {
return false;
}
// Check if the HTTPS-Only Mode is even enabled, before we do anything else
bool isPrivateWin = aLoadInfo->GetOriginAttributes().IsPrivateBrowsing();
if (!IsHttpsOnlyModeEnabled(isPrivateWin) &&
!IsHttpsFirstModeEnabled(isPrivateWin)) {
return false;
}
// If the load is exempt, then don't upgrade
uint32_t httpsOnlyStatus = aLoadInfo->GetHttpsOnlyStatus();
if (httpsOnlyStatus & nsILoadInfo::HTTPS_ONLY_EXEMPT) {
return false;
}
return true;
}
/* static */
bool nsHTTPSOnlyUtils::IsHttpDowngrade(nsIURI* aFromURI, nsIURI* aToURI) {
MOZ_ASSERT(aFromURI);

51
dom/security/nsHTTPSOnlyUtils.h
View File

@@ -13,19 +13,35 @@
class nsHTTPSOnlyUtils {
public:
/**
* Returns if HTTPS-Only Mode preference is enabled
* @param aFromPrivateWindow true if executing in private browsing mode
* @return true if HTTPS-Only Mode is enabled
*/
static bool IsHttpsOnlyModeEnabled(bool aFromPrivateWindow);
enum UpgradeMode {
NO_UPGRADE_MODE,
HTTPS_ONLY_MODE,
HTTPS_FIRST_MODE,
SCHEMELESS_HTTPS_FIRST_MODE
};
/**
* Returns if HTTPS-First Mode preference is enabled
* @param aFromPrivateWindow true if executing in private browsing mode
* @return true if HTTPS-First Mode is enabled
* Returns the upgrade mode which should be used for a given load, based on
* the prefs currently set.
* @param aFromPrivateWindow Whether the load in question is from a private
* window.
* @param aSchemelessInputType Information about the load possibly originating
* from a schemeful or schemeless address bar
* input.
* @return Upgrade mode as an enum.
*/
static bool IsHttpsFirstModeEnabled(bool aFromPrivateWindow);
static UpgradeMode GetUpgradeMode(
bool aFromPrivateWindow,
nsILoadInfo::SchemelessInputType aSchemelessInputType =
nsILoadInfo::SchemelessInputTypeUnset);
/**
* Returns the upgrade mode which should be used for a given load, based on
* the prefs currently set.
* @param aLoadInfo Load info for the load in question.
* @return Upgrade mode as an enum.
*/
static UpgradeMode GetUpgradeMode(nsILoadInfo* aLoadInfo);
/**
* Potentially fires an http request for a top-level load (provided by
@@ -128,12 +144,13 @@ class nsHTTPSOnlyUtils {
bool aUseHttpsFirst = false);
/**
* Tests if the HTTPS-Only upgrade exception is set for a given principal.
* @param aPrincipal The principal for whom the exception should be checked
* @return True if exempt
* Tests if a upgrade exception is set for a given principal.
* @param aPrincipal The principal for whom the exception should be checked
* @param aUpgradeMode The upgrade mode that should be checked for
* @return True if exempt
*/
static bool TestIfPrincipalIsExempt(nsIPrincipal* aPrincipal,
bool aCheckForHTTPSFirst = false);
UpgradeMode aUpgradeMode);
/**
* Tests if the HTTPS-Only Mode upgrade exception is set for channel result
@@ -153,12 +170,6 @@ class nsHTTPSOnlyUtils {
*/
static bool IsSafeToAcceptCORSOrMixedContent(nsILoadInfo* aLoadInfo);
/**
* Checks if https only or https first mode is enabled for this load
* @param aLoadInfo nsILoadInfo of the request
*/
static bool ShouldUpgradeConnection(nsILoadInfo* aLoadInfo);
/**
* Checks if two URIs are same origin modulo the difference that
* aToURI scheme is downgraded to http from https aFromURI.

3
netwerk/base/TRRLoadInfo.cpp
View File

@@ -904,7 +904,8 @@ TRRLoadInfo::SetHasInjectedCookieForCookieBannerHandling(
NS_IMETHODIMP
TRRLoadInfo::GetSchemelessInput(
nsILoadInfo::SchemelessInputType* aSchemelessInput) {
return NS_ERROR_NOT_IMPLEMENTED;
*aSchemelessInput = nsILoadInfo::SchemelessInputTypeUnset;
return NS_OK;
}
NS_IMETHODIMP

8
netwerk/ipc/DocumentLoadListener.cpp
View File

@@ -159,9 +159,9 @@ static auto CreateDocumentLoadInfo(CanonicalBrowsingContext* aBrowsingContext,
sandboxFlags);
}
bool isPrivateWin = aBrowsingContext->UsePrivateBrowsing();
if (aLoadState->IsExemptFromHTTPSFirstMode() &&
nsHTTPSOnlyUtils::IsHttpsFirstModeEnabled(isPrivateWin)) {
nsHTTPSOnlyUtils::GetUpgradeMode(loadInfo) ==
nsHTTPSOnlyUtils::HTTPS_FIRST_MODE) {
uint32_t httpsOnlyStatus = loadInfo->GetHttpsOnlyStatus();
httpsOnlyStatus |= nsILoadInfo::HTTPS_ONLY_EXEMPT;
loadInfo->SetHttpsOnlyStatus(httpsOnlyStatus);
@@ -2627,8 +2627,8 @@ nsresult DocumentLoadListener::DoOnStartRequest(nsIRequest* aRequest) {
// do not kick in.
if (httpChannel) {
nsCOMPtr<nsILoadInfo> loadInfo = httpChannel->LoadInfo();
bool isPrivateWin = loadInfo->GetOriginAttributes().IsPrivateBrowsing();
if (nsHTTPSOnlyUtils::IsHttpsOnlyModeEnabled(isPrivateWin)) {
if (nsHTTPSOnlyUtils::GetUpgradeMode(loadInfo) ==
nsHTTPSOnlyUtils::HTTPS_ONLY_MODE) {
uint32_t httpsOnlyStatus = loadInfo->GetHttpsOnlyStatus();
httpsOnlyStatus |= nsILoadInfo::HTTPS_ONLY_TOP_LEVEL_LOAD_IN_PROGRESS;
loadInfo->SetHttpsOnlyStatus(httpsOnlyStatus);

5
uriloader/exthandler/nsExternalHelperAppService.cpp
View File

@@ -1594,9 +1594,8 @@ NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) {
// the download is in progress we set that flag so that timeout counter
// measures do not kick in.
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
bool isPrivateWin = loadInfo->GetOriginAttributes().IsPrivateBrowsing();
if (nsHTTPSOnlyUtils::IsHttpsOnlyModeEnabled(isPrivateWin) ||
nsHTTPSOnlyUtils::IsHttpsFirstModeEnabled(isPrivateWin)) {
if (nsHTTPSOnlyUtils::GetUpgradeMode(loadInfo) !=
nsHTTPSOnlyUtils::NO_UPGRADE_MODE) {
uint32_t httpsOnlyStatus = loadInfo->GetHttpsOnlyStatus();
httpsOnlyStatus |= nsILoadInfo::HTTPS_ONLY_DOWNLOAD_IN_PROGRESS;
loadInfo->SetHttpsOnlyStatus(httpsOnlyStatus);