diff --git a/browser/base/content/test/performance/browser_startup_content.js b/browser/base/content/test/performance/browser_startup_content.js index bb4aee2ca44f..1df6116eaf95 100644 --- a/browser/base/content/test/performance/browser_startup_content.js +++ b/browser/base/content/test/performance/browser_startup_content.js @@ -49,6 +49,7 @@ const whitelist = { "resource://gre/modules/ActorManagerChild.jsm", "resource://gre/modules/E10SUtils.jsm", "resource://gre/modules/Readerable.jsm", + "resource://gre/modules/WebProgressChild.jsm", // Telemetry "resource://gre/modules/TelemetryController.jsm", // bug 1470339 diff --git a/devtools/client/responsive/browser/tunnel.js b/devtools/client/responsive/browser/tunnel.js index 868bf4cb0685..599dce68a4cc 100644 --- a/devtools/client/responsive/browser/tunnel.js +++ b/devtools/client/responsive/browser/tunnel.js @@ -103,6 +103,7 @@ function tunnelToInnerBrowser(outer, inner) { onLocationChange: (webProgress, request, location, flags) => { if (webProgress && webProgress.isTopLevel) { + inner._securityUI = outer._securityUI; inner._documentURI = outer._documentURI; inner._documentContentType = outer._documentContentType; inner._contentTitle = outer._contentTitle; @@ -116,10 +117,6 @@ function tunnelToInnerBrowser(outer, inner) { } }, - // We do not need an onSecurityChange handler since the remote security UI - // has been copied from the inner (remote) browser to the outer (non-remote) - // browser and they share it. - QueryInterface: ChromeUtils.generateQI([ Ci.nsISupportsWeakReference, Ci.nsIWebProgressListener, @@ -467,6 +464,8 @@ MessageManagerTunnel.prototype = { "Link:AddFeed", "Link:AddSearch", "PageStyle:StyleSheets", + // Messages sent to RemoteWebProgress.jsm + "Content:SecurityChange", // Messages sent to browser.js "DOMTitleChanged", "ImageDocumentLoaded", diff --git a/dom/interfaces/base/nsIBrowser.idl b/dom/interfaces/base/nsIBrowser.idl index bfcf059e6d57..30ecbd82e90b 100644 --- a/dom/interfaces/base/nsIBrowser.idl +++ b/dom/interfaces/base/nsIBrowser.idl @@ -5,7 +5,6 @@ interface nsIContentSecurityPolicy; interface nsIPrincipal; -interface nsITransportSecurityInfo; interface nsIURI; interface nsIWebProgress; interface nsIReferrerInfo; @@ -165,18 +164,4 @@ interface nsIBrowser : nsISupports in boolean aHasRequestContextID, in uint64_t aRequestContextID, in AString aContentType); - - /** - * Called by Gecko when a security chang event needs to update the event - * state stored in the security UI object stored in the parent process. - * - * @param aSecurityInfo the transport security information from the content - * process - * @param aState the flags from the OnSecurityChange event that triggered - * this method, as outlined in nsIWebProgressListener - * @param aIsSecureContext whether or not the context is secure - */ - void updateSecurityUIForSecurityChange(in nsITransportSecurityInfo aSecurityInfo, - in uint32_t aState, - in boolean aIsSecureContext); }; diff --git a/dom/ipc/BrowserChild.cpp b/dom/ipc/BrowserChild.cpp index a704e8eae5e2..e19b71c3ea5b 100644 --- a/dom/ipc/BrowserChild.cpp +++ b/dom/ipc/BrowserChild.cpp @@ -526,20 +526,23 @@ nsresult BrowserChild::Init(mozIDOMWindowProxy* aParent, nsCOMPtr docShell = do_GetInterface(WebNavigation()); MOZ_ASSERT(docShell); + const uint32_t notifyMask = + nsIWebProgress::NOTIFY_STATE_ALL | nsIWebProgress::NOTIFY_PROGRESS | + nsIWebProgress::NOTIFY_STATUS | nsIWebProgress::NOTIFY_LOCATION | + nsIWebProgress::NOTIFY_REFRESH | nsIWebProgress::NOTIFY_CONTENT_BLOCKING; + mStatusFilter = new nsBrowserStatusFilter(); RefPtr eventTarget = TabGroup()->EventTargetFor(TaskCategory::Network); mStatusFilter->SetTarget(eventTarget); - nsresult rv = - mStatusFilter->AddProgressListener(this, nsIWebProgress::NOTIFY_ALL); + nsresult rv = mStatusFilter->AddProgressListener(this, notifyMask); NS_ENSURE_SUCCESS(rv, rv); { nsCOMPtr webProgress = do_QueryInterface(docShell); - rv = webProgress->AddProgressListener(mStatusFilter, - nsIWebProgress::NOTIFY_ALL); + rv = webProgress->AddProgressListener(mStatusFilter, notifyMask); NS_ENSURE_SUCCESS(rv, rv); } @@ -669,7 +672,6 @@ NS_INTERFACE_MAP_BEGIN_CYCLE_COLLECTION(BrowserChild) NS_INTERFACE_MAP_ENTRY(nsISupportsWeakReference) NS_INTERFACE_MAP_ENTRY(nsITooltipListener) NS_INTERFACE_MAP_ENTRY(nsIWebProgressListener) - NS_INTERFACE_MAP_ENTRY(nsIWebProgressListener2) NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIBrowserChild) NS_INTERFACE_MAP_END @@ -3592,12 +3594,31 @@ NS_IMETHODIMP BrowserChild::OnLocationChange(nsIWebProgress* aWebProgress, locationChangeData->charsetAutodetected() = docShell->GetCharsetAutodetected(); - locationChangeData->contentPrincipal() = document->NodePrincipal(); - locationChangeData->contentStoragePrincipal() = - document->EffectiveStoragePrincipal(); - locationChangeData->csp() = document->GetCsp(); - locationChangeData->contentBlockingAllowListPrincipal() = + MOZ_TRY(PrincipalToPrincipalInfo( + document->EffectiveStoragePrincipal(), + &locationChangeData->contentStoragePrincipal(), false)); + + MOZ_TRY(PrincipalToPrincipalInfo(document->NodePrincipal(), + &locationChangeData->contentPrincipal(), + false)); + + nsIPrincipal* contentBlockingAllowListPrincipal = + document->GetContentBlockingAllowListPrincipal(); + if (contentBlockingAllowListPrincipal) { + PrincipalInfo principalInfo; + MOZ_TRY(PrincipalToPrincipalInfo(contentBlockingAllowListPrincipal, + &principalInfo, false)); + locationChangeData->contentBlockingAllowListPrincipal() = principalInfo; + } else { + locationChangeData->contentBlockingAllowListPrincipal() = void_t(); + } + + if (const nsCOMPtr csp = document->GetCsp()) { + locationChangeData->csp().emplace(); + MOZ_TRY(CSPToCSPInfo(csp, &locationChangeData->csp().ref())); + } + locationChangeData->referrerInfo() = document->ReferrerInfo(); locationChangeData->isSyntheticDocument() = document->IsSyntheticDocument(); @@ -3659,59 +3680,8 @@ NS_IMETHODIMP BrowserChild::OnStatusChange(nsIWebProgress* aWebProgress, NS_IMETHODIMP BrowserChild::OnSecurityChange(nsIWebProgress* aWebProgress, nsIRequest* aRequest, uint32_t aState) { - if (!IPCOpen() || !mShouldSendWebProgressEventsToParent) { - return NS_OK; - } - - Maybe webProgressData; - RequestData requestData; - - MOZ_TRY(PrepareProgressListenerData(aWebProgress, aRequest, webProgressData, - requestData)); - - Maybe securityChangeData; - - if (aWebProgress && webProgressData->isTopLevel()) { - nsCOMPtr docShell = do_GetInterface(WebNavigation()); - if (!docShell) { - return NS_OK; - } - - nsCOMPtr securityInfo; - { - nsCOMPtr securityUI; - MOZ_TRY(docShell->GetSecurityUI(getter_AddRefs(securityUI))); - - if (securityUI) { - MOZ_TRY(securityUI->GetSecInfo(getter_AddRefs(securityInfo))); - } - } - - bool isSecureContext = false; - { - nsCOMPtr outerWindow = do_GetInterface(docShell); - if (!outerWindow) { - return NS_OK; - } - - if (nsPIDOMWindowInner* window = outerWindow->GetCurrentInnerWindow()) { - isSecureContext = window->IsSecureContext(); - } else { - return NS_OK; - } - } - - securityChangeData.emplace(); - securityChangeData->securityInfo() = securityInfo.forget(); - securityChangeData->isSecureContext() = isSecureContext; - } - - Unused << SendOnSecurityChange(webProgressData, requestData, aState, - securityChangeData); - - return NS_OK; + return NS_ERROR_NOT_IMPLEMENTED; } - NS_IMETHODIMP BrowserChild::OnContentBlockingEvent(nsIWebProgress* aWebProgress, nsIRequest* aRequest, uint32_t aEvent) { diff --git a/dom/ipc/BrowserParent.cpp b/dom/ipc/BrowserParent.cpp index 27cb93302593..bb36feeee104 100644 --- a/dom/ipc/BrowserParent.cpp +++ b/dom/ipc/BrowserParent.cpp @@ -2497,17 +2497,33 @@ mozilla::ipc::IPCResult BrowserParent::RecvOnLocationChange( aCanGoForward); if (aWebProgressData && aWebProgressData->isTopLevel()) { + nsCOMPtr csp; + if (aLocationChangeData->csp().isSome()) { + csp = CSPInfoToCSP(aLocationChangeData->csp().ref(), nullptr, nullptr); + } + + nsCOMPtr contentPrincipal = + PrincipalInfoToPrincipal(aLocationChangeData->contentPrincipal()); + nsCOMPtr contentStoragePrincipal = PrincipalInfoToPrincipal( + aLocationChangeData->contentStoragePrincipal()); nsCOMPtr contentBlockingAllowListPrincipal; + if (aLocationChangeData->contentBlockingAllowListPrincipal().type() == + OptionalPrincipalInfo::TPrincipalInfo) { + contentBlockingAllowListPrincipal = PrincipalInfoToPrincipal( + aLocationChangeData->contentBlockingAllowListPrincipal() + .get_PrincipalInfo()); + } + nsCOMPtr referrerInfo = + aLocationChangeData->referrerInfo(); + Unused << browser->SetIsNavigating(aLocationChangeData->isNavigating()); Unused << browser->UpdateForLocationChange( aLocation, aLocationChangeData->charset(), aLocationChangeData->mayEnableCharacterEncodingMenu(), aLocationChangeData->charsetAutodetected(), aLocationChangeData->documentURI(), aLocationChangeData->title(), - aLocationChangeData->contentPrincipal(), - aLocationChangeData->contentStoragePrincipal(), - aLocationChangeData->contentBlockingAllowListPrincipal(), - aLocationChangeData->csp(), aLocationChangeData->referrerInfo(), + contentPrincipal, contentStoragePrincipal, + contentBlockingAllowListPrincipal, csp, referrerInfo, aLocationChangeData->isSyntheticDocument(), aWebProgressData->innerDOMWindowID(), aLocationChangeData->requestContextID().isSome(), @@ -2545,35 +2561,6 @@ mozilla::ipc::IPCResult BrowserParent::RecvOnStatusChange( return IPC_OK(); } -mozilla::ipc::IPCResult BrowserParent::RecvOnSecurityChange( - const Maybe& aWebProgressData, - const RequestData& aRequestData, const uint32_t aState, - const Maybe& aSecurityChangeData) { - nsCOMPtr browser; - nsCOMPtr manager; - nsCOMPtr managerAsListener; - if (!GetWebProgressListener(getter_AddRefs(browser), getter_AddRefs(manager), - getter_AddRefs(managerAsListener))) { - return IPC_OK(); - } - - nsCOMPtr webProgress; - nsCOMPtr request; - ReconstructWebProgressAndRequest(manager, aWebProgressData, aRequestData, - getter_AddRefs(webProgress), - getter_AddRefs(request)); - - if (aWebProgressData && aWebProgressData->isTopLevel()) { - Unused << browser->UpdateSecurityUIForSecurityChange( - aSecurityChangeData->securityInfo(), aState, - aSecurityChangeData->isSecureContext()); - } - - Unused << managerAsListener->OnSecurityChange(webProgress, request, aState); - - return IPC_OK(); -} - mozilla::ipc::IPCResult BrowserParent::RecvOnContentBlockingEvent( const Maybe& aWebProgressData, const RequestData& aRequestData, const uint32_t& aEvent) { diff --git a/dom/ipc/BrowserParent.h b/dom/ipc/BrowserParent.h index dc270c92adfc..503b0b2f846c 100644 --- a/dom/ipc/BrowserParent.h +++ b/dom/ipc/BrowserParent.h @@ -311,11 +311,6 @@ class BrowserParent final : public PBrowserParent, const RequestData& aRequestData, const nsresult aStatus, const nsString& aMessage); - mozilla::ipc::IPCResult RecvOnSecurityChange( - const Maybe& aWebProgressData, - const RequestData& aRequestData, const uint32_t aState, - const Maybe& aSecurityChangeData); - mozilla::ipc::IPCResult RecvOnContentBlockingEvent( const Maybe& aWebProgressData, const RequestData& aRequestData, const uint32_t& aEvent); diff --git a/dom/ipc/PBrowser.ipdl b/dom/ipc/PBrowser.ipdl index bcd7ec124622..b031c73a6817 100644 --- a/dom/ipc/PBrowser.ipdl +++ b/dom/ipc/PBrowser.ipdl @@ -30,7 +30,6 @@ include PBackgroundSharedTypes; include "mozilla/GfxMessageUtils.h"; include "mozilla/layers/LayersMessageUtils.h"; -include "mozilla/ipc/TransportSecurityInfoUtils.h"; using mozilla::gfx::Matrix4x4 from "mozilla/gfx/Matrix.h"; using mozilla::gfx::MaybeMatrix4x4 from "mozilla/gfx/Matrix.h"; @@ -92,7 +91,6 @@ using mozilla::ScrollAxis from "mozilla/PresShellForwards.h"; using mozilla::ScrollFlags from "mozilla/PresShellForwards.h"; using struct InputFormData from "mozilla/dom/SessionStoreMessageUtils.h"; using struct CollectedInputDataValue from "mozilla/dom/SessionStoreMessageUtils.h"; -using refcounted class nsITransportSecurityInfo from "nsITransportSecurityInfo.h"; namespace mozilla { namespace dom { @@ -144,6 +142,7 @@ struct WebProgressStateChangeData nsIURI documentURI; }; + struct WebProgressLocationChangeData { bool isNavigating; @@ -154,20 +153,14 @@ struct WebProgressLocationChangeData nsString title; nsString charset; nsIURI documentURI; - nsIPrincipal contentPrincipal; - nsIPrincipal contentStoragePrincipal; - nsIPrincipal contentBlockingAllowListPrincipal; - nsIContentSecurityPolicy csp; + PrincipalInfo contentPrincipal; + PrincipalInfo contentStoragePrincipal; + OptionalPrincipalInfo contentBlockingAllowListPrincipal; + CSPInfo? csp; nsIReferrerInfo referrerInfo; uint64_t? requestContextID; }; -struct WebProgressSecurityChangeData -{ - nsITransportSecurityInfo securityInfo; - bool isSecureContext; -}; - /** * A PBrowser manages a maximal locally connected subtree of BrowsingContexts * in a content process. @@ -607,10 +600,6 @@ parent: RequestData aRequestData, nsresult aStatus, nsString aMessage); - async OnSecurityChange(WebProgressData? aWebProgressData, - RequestData aRequestData, uint32_t aState, - WebProgressSecurityChangeData? aSecurityChangeData); - async OnContentBlockingEvent(WebProgressData? aWebProgressData, RequestData aRequestData, uint32_t aEvent); diff --git a/ipc/glue/TransportSecurityInfoUtils.cpp b/ipc/glue/TransportSecurityInfoUtils.cpp deleted file mode 100644 index a545f7d2808e..000000000000 --- a/ipc/glue/TransportSecurityInfoUtils.cpp +++ /dev/null @@ -1,112 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "TransportSecurityInfoUtils.h" - -#include "ipc/IPCMessageUtils.h" -#include "mozilla/psm/TransportSecurityInfo.h" - -namespace IPC { - -void ParamTraits::Write( - Message* aMsg, nsITransportSecurityInfo* aParam) { - bool nonNull = !!aParam; - WriteParam(aMsg, nonNull); - if (!nonNull) { - return; - } - - aParam->SerializeToIPC(aMsg); -} - -bool ParamTraits::Read( - const Message* aMsg, PickleIterator* aIter, - RefPtr* aResult) { - *aResult = nullptr; - - bool nonNull = false; - if (!ReadParam(aMsg, aIter, &nonNull)) { - return false; - } - - if (!nonNull) { - return true; - } - - RefPtr info = - new mozilla::psm::TransportSecurityInfo(); - if (!info->DeserializeFromIPC(aMsg, aIter)) { - return false; - } - - *aResult = info.forget(); - return true; -} - -void ParamTraits::Write(Message* aMsg, nsIX509Cert* aParam) { - bool nonNull = !!aParam; - WriteParam(aMsg, nonNull); - if (!nonNull) { - return; - } - - aParam->SerializeToIPC(aMsg); -} - -bool ParamTraits::Read(const Message* aMsg, PickleIterator* aIter, - RefPtr* aResult) { - *aResult = nullptr; - - bool nonNull = false; - if (!ReadParam(aMsg, aIter, &nonNull)) { - return false; - } - - if (!nonNull) { - return true; - } - - RefPtr cert = new nsNSSCertificate(); - if (!cert->DeserializeFromIPC(aMsg, aIter)) { - return false; - } - - *aResult = cert.forget(); - return true; -} - -void ParamTraits::Write(Message* aMsg, - nsIX509CertList* aParam) { - bool nonNull = !!aParam; - WriteParam(aMsg, nonNull); - if (!nonNull) { - return; - } - - aParam->SerializeToIPC(aMsg); -} - -bool ParamTraits::Read(const Message* aMsg, - PickleIterator* aIter, - RefPtr* aResult) { - bool nonNull = false; - if (!ReadParam(aMsg, aIter, &nonNull)) { - return false; - } - - if (!nonNull) { - *aResult = nullptr; - return true; - } - - RefPtr certList = new nsNSSCertList(); - if (!certList->DeserializeFromIPC(aMsg, aIter)) { - return false; - } - - *aResult = certList.forget(); - return true; -} - -} // namespace IPC diff --git a/ipc/glue/TransportSecurityInfoUtils.h b/ipc/glue/TransportSecurityInfoUtils.h deleted file mode 100644 index cfc98d93fb7f..000000000000 --- a/ipc/glue/TransportSecurityInfoUtils.h +++ /dev/null @@ -1,36 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#ifndef mozilla_ipc_TransportSecurityInfoUtils_h -#define mozilla_ipc_TransportSecurityInfoUtils_h - -#include "nsCOMPtr.h" -#include "nsITransportSecurityInfo.h" - -namespace IPC { - -template <> -struct ParamTraits { - static void Write(Message* aMsg, nsITransportSecurityInfo* aParam); - static bool Read(const Message* aMsg, PickleIterator* aIter, - RefPtr* aResult); -}; - -template <> -struct ParamTraits { - static void Write(Message* aMsg, nsIX509Cert* aCert); - static bool Read(const Message* aMsg, PickleIterator* aIter, - RefPtr* aResult); -}; - -template <> -struct ParamTraits { - static void Write(Message* aMsg, nsIX509CertList* aCertList); - static bool Read(const Message* aMsg, PickleIterator* aIter, - RefPtr* aResult); -}; - -} // namespace IPC - -#endif // mozilla_ipc_TransportSecurityInfoUtils_h diff --git a/ipc/glue/moz.build b/ipc/glue/moz.build index 2e3b283c5eab..3dbf5e17bc8d 100644 --- a/ipc/glue/moz.build +++ b/ipc/glue/moz.build @@ -47,7 +47,6 @@ EXPORTS.mozilla.ipc += [ 'Shmem.h', 'TaskFactory.h', 'Transport.h', - 'TransportSecurityInfoUtils.h', 'URIUtils.h', 'WindowsMessageLoop.h', ] @@ -168,7 +167,6 @@ UNIFIED_SOURCES += [ 'SharedMemory.cpp', 'Shmem.cpp', 'StringUtil.cpp', - 'TransportSecurityInfoUtils.cpp', 'URIUtils.cpp', ] diff --git a/netwerk/socket/nsITransportSecurityInfo.idl b/netwerk/socket/nsITransportSecurityInfo.idl index 6b5feb177345..989e5842d5e8 100644 --- a/netwerk/socket/nsITransportSecurityInfo.idl +++ b/netwerk/socket/nsITransportSecurityInfo.idl @@ -9,16 +9,6 @@ interface nsIX509Cert; interface nsIX509CertList; -%{ C++ -namespace IPC { - class Message; -} -class PickleIterator; -%} - -[ptr] native IpcMessagePtr(IPC::Message); -[ptr] native PickleIteratorPtr(PickleIterator); - [builtinclass, scriptable, uuid(216112d3-28bc-4671-b057-f98cc09ba1ea)] interface nsITransportSecurityInfo : nsISupports { readonly attribute unsigned long securityState; @@ -81,10 +71,4 @@ interface nsITransportSecurityInfo : nsISupports { */ [must_use] readonly attribute boolean isExtendedValidation; - - [notxpcom, noscript] - void SerializeToIPC(in IpcMessagePtr aMsg); - - [notxpcom, noscript] - bool DeserializeFromIPC([const] in IpcMessagePtr aMsg, in PickleIteratorPtr aIter); }; diff --git a/security/apps/moz.build b/security/apps/moz.build index 8946c7546a7a..ad3fa4e3386d 100644 --- a/security/apps/moz.build +++ b/security/apps/moz.build @@ -12,8 +12,6 @@ UNIFIED_SOURCES += [ 'AppTrustDomain.cpp', ] -include('/ipc/chromium/chromium-config.mozbuild') - FINAL_LIBRARY = 'xul' LOCAL_INCLUDES += [ diff --git a/security/certverifier/moz.build b/security/certverifier/moz.build index ad8aa12dd2d4..f4df7a2fb8ff 100644 --- a/security/certverifier/moz.build +++ b/security/certverifier/moz.build @@ -55,8 +55,6 @@ CXXFLAGS += [ '-Wno-unused-parameter', ] -include('/ipc/chromium/chromium-config.mozbuild') - FINAL_LIBRARY = 'xul' if CONFIG['CC_TYPE'] == 'clang-cl': diff --git a/security/certverifier/tests/gtest/moz.build b/security/certverifier/tests/gtest/moz.build index 5b33fc1f9968..2945788989c1 100644 --- a/security/certverifier/tests/gtest/moz.build +++ b/security/certverifier/tests/gtest/moz.build @@ -13,6 +13,4 @@ LOCAL_INCLUDES += [ '/security/manager/ssl', ] -include('/ipc/chromium/chromium-config.mozbuild') - FINAL_LIBRARY = 'xul-gtest' diff --git a/security/manager/ssl/TransportSecurityInfo.cpp b/security/manager/ssl/TransportSecurityInfo.cpp index dd3e12a19d41..4734774bb2ff 100644 --- a/security/manager/ssl/TransportSecurityInfo.cpp +++ b/security/manager/ssl/TransportSecurityInfo.cpp @@ -8,7 +8,6 @@ #include "DateTimeFormat.h" #include "PSMRunnable.h" -#include "ipc/IPCMessageUtils.h" #include "mozilla/Casting.h" #include "nsComponentManagerUtils.h" #include "nsIArray.h" @@ -158,8 +157,6 @@ TransportSecurityInfo::GetInterface(const nsIID& uuid, void** result) { } static NS_DEFINE_CID(kTransportSecurityInfoMagic, TRANSPORTSECURITYINFOMAGIC); -// NB: Any updates (except disk-only fields) must be kept in sync with -// |SerializeToIPC|. NS_IMETHODIMP TransportSecurityInfo::Write(nsIObjectOutputStream* aStream) { nsresult rv = aStream->WriteID(kTransportSecurityInfoMagic); @@ -384,8 +381,6 @@ nsresult TransportSecurityInfo::ReadSSLStatus(nsIObjectInputStream* aStream) { return rv; } -// NB: Any updates (except disk-only fields) must be kept in sync with -// |DeserializeFromIPC|. NS_IMETHODIMP TransportSecurityInfo::Read(nsIObjectInputStream* aStream) { nsID id; @@ -547,64 +542,6 @@ TransportSecurityInfo::Read(nsIObjectInputStream* aStream) { #undef CHILD_DIAGNOSTIC_ASSERT -void TransportSecurityInfo::SerializeToIPC(IPC::Message* aMsg) { - MutexAutoLock guard(mMutex); - - int32_t errorCode = static_cast(mErrorCode); - - WriteParam(aMsg, mSecurityState); - WriteParam(aMsg, errorCode); - WriteParam(aMsg, mServerCert); - WriteParam(aMsg, mCipherSuite); - WriteParam(aMsg, mProtocolVersion); - WriteParam(aMsg, mIsDomainMismatch); - WriteParam(aMsg, mIsNotValidAtThisTime); - WriteParam(aMsg, mIsUntrusted); - WriteParam(aMsg, mIsEV); - WriteParam(aMsg, mHasIsEVStatus); - WriteParam(aMsg, mHaveCipherSuiteAndProtocol); - WriteParam(aMsg, mHaveCertErrorBits); - WriteParam(aMsg, mCertificateTransparencyStatus); - WriteParam(aMsg, mKeaGroup); - WriteParam(aMsg, mSignatureSchemeName); - WriteParam(aMsg, mSucceededCertChain); - WriteParam(aMsg, mFailedCertChain); -} - -bool TransportSecurityInfo::DeserializeFromIPC(const IPC::Message* aMsg, - PickleIterator* aIter) { - MutexAutoLock guard(mMutex); - - int32_t errorCode = 0; - - if (!ReadParam(aMsg, aIter, &mSecurityState) || - !ReadParam(aMsg, aIter, &errorCode) || - !ReadParam(aMsg, aIter, &mServerCert) || - !ReadParam(aMsg, aIter, &mCipherSuite) || - !ReadParam(aMsg, aIter, &mProtocolVersion) || - !ReadParam(aMsg, aIter, &mIsDomainMismatch) || - !ReadParam(aMsg, aIter, &mIsNotValidAtThisTime) || - !ReadParam(aMsg, aIter, &mIsUntrusted) || - !ReadParam(aMsg, aIter, &mIsEV) || - !ReadParam(aMsg, aIter, &mHasIsEVStatus) || - !ReadParam(aMsg, aIter, &mHaveCipherSuiteAndProtocol) || - !ReadParam(aMsg, aIter, &mHaveCertErrorBits) || - !ReadParam(aMsg, aIter, &mCertificateTransparencyStatus) || - !ReadParam(aMsg, aIter, &mKeaGroup) || - !ReadParam(aMsg, aIter, &mSignatureSchemeName) || - !ReadParam(aMsg, aIter, &mSucceededCertChain) || - !ReadParam(aMsg, aIter, &mFailedCertChain)) { - return false; - } - - mErrorCode = static_cast(errorCode); - if (mErrorCode != 0) { - mCanceled = true; - } - - return true; -} - NS_IMETHODIMP TransportSecurityInfo::GetInterfaces(nsTArray& array) { array.Clear(); diff --git a/security/manager/ssl/TransportSecurityInfo.h b/security/manager/ssl/TransportSecurityInfo.h index 5a08495a13df..c20d5fdc7eb1 100644 --- a/security/manager/ssl/TransportSecurityInfo.h +++ b/security/manager/ssl/TransportSecurityInfo.h @@ -14,14 +14,13 @@ #include "mozilla/BasePrincipal.h" #include "mozilla/Mutex.h" #include "mozilla/RefPtr.h" -#include "mozilla/ipc/TransportSecurityInfoUtils.h" -#include "mozpkix/pkixtypes.h" #include "nsDataHashtable.h" #include "nsIClassInfo.h" #include "nsIInterfaceRequestor.h" #include "nsITransportSecurityInfo.h" #include "nsNSSCertificate.h" #include "nsString.h" +#include "mozpkix/pkixtypes.h" namespace mozilla { namespace psm { diff --git a/security/manager/ssl/moz.build b/security/manager/ssl/moz.build index a4b6ad838da4..9d43a3840408 100644 --- a/security/manager/ssl/moz.build +++ b/security/manager/ssl/moz.build @@ -84,7 +84,6 @@ EXPORTS.mozilla += [ EXPORTS.mozilla.psm += [ 'PSMContentListener.h', - 'TransportSecurityInfo.h', ] EXPORTS.ipc += [ diff --git a/security/manager/ssl/nsIX509Cert.idl b/security/manager/ssl/nsIX509Cert.idl index 70bae2d246eb..a637acb226ec 100644 --- a/security/manager/ssl/nsIX509Cert.idl +++ b/security/manager/ssl/nsIX509Cert.idl @@ -12,18 +12,10 @@ interface nsIASN1Object; interface nsICertVerificationListener; %{ C++ -namespace IPC { - class Message; -} -class PickleIterator; - /* forward declaration */ typedef struct CERTCertificateStr CERTCertificate; %} - [ptr] native CERTCertificatePtr(CERTCertificate); -[ptr] native IpcMessagePtr(IPC::Message); -[ptr] native PickleIteratorPtr(PickleIterator); /** * This represents a X.509 certificate. @@ -243,10 +235,4 @@ interface nsIX509Cert : nsISupports { */ [must_use] void markForPermDeletion(); - - [notxpcom, noscript] - void SerializeToIPC(in IpcMessagePtr aMsg); - - [notxpcom, noscript] - bool DeserializeFromIPC([const] in IpcMessagePtr aMsg, in PickleIteratorPtr aIter); }; diff --git a/security/manager/ssl/nsIX509CertList.idl b/security/manager/ssl/nsIX509CertList.idl index bd87f419c612..40518b93dbf1 100644 --- a/security/manager/ssl/nsIX509CertList.idl +++ b/security/manager/ssl/nsIX509CertList.idl @@ -8,16 +8,9 @@ interface nsISimpleEnumerator; interface nsIX509Cert; %{C++ -namespace IPC { - class Message; -} -class PickleIterator; class nsNSSCertList; %} - [ptr] native nsNSSCertListPtr(nsNSSCertList); -[ptr] native IpcMessagePtr(IPC::Message); -[ptr] native PickleIteratorPtr(PickleIterator); [scriptable, builtinclass, uuid(ae74cda5-cd2f-473f-96f5-f0b7fff62c68)] interface nsIX509CertList : nsISupports { @@ -49,11 +42,6 @@ interface nsIX509CertList : nsISupports { [must_use] ACString asPKCS7Blob(); - [notxpcom, noscript] - void SerializeToIPC(in IpcMessagePtr aMsg); - - [notxpcom, noscript] - bool DeserializeFromIPC([const] in IpcMessagePtr aMsg, in PickleIteratorPtr aIter); }; %{C++ diff --git a/security/manager/ssl/nsNSSCertificate.cpp b/security/manager/ssl/nsNSSCertificate.cpp index 3cf77db9b035..52996b1c7411 100644 --- a/security/manager/ssl/nsNSSCertificate.cpp +++ b/security/manager/ssl/nsNSSCertificate.cpp @@ -941,8 +941,6 @@ nsNSSCertList::AsPKCS7Blob(/*out*/ nsACString& result) { return NS_OK; } -// NB: Any updates (except disk-only fields) must be kept in sync with -// |SerializeToIPC|. NS_IMETHODIMP nsNSSCertList::Write(nsIObjectOutputStream* aStream) { // Write the length of the list @@ -967,8 +965,6 @@ nsNSSCertList::Write(nsIObjectOutputStream* aStream) { return rv; } -// NB: Any updates (except disk-only fields) must be kept in sync with -// |DeserializeFromIPC|. NS_IMETHODIMP nsNSSCertList::Read(nsIObjectInputStream* aStream) { uint32_t certListLen; @@ -996,35 +992,6 @@ nsNSSCertList::Read(nsIObjectInputStream* aStream) { return NS_OK; } -void nsNSSCertList::SerializeToIPC(IPC::Message* aMsg) { - const size_t certCount = static_cast(mCerts.size()); - WriteParam(aMsg, certCount); - - for (const auto& certRef : mCerts) { - RefPtr cert = nsNSSCertificate::Create(certRef.get()); - MOZ_RELEASE_ASSERT(cert); - - WriteParam(aMsg, cert); - } -} - -bool nsNSSCertList::DeserializeFromIPC(const IPC::Message* aMsg, - PickleIterator* aIter) { - size_t count = 0; - if (!ReadParam(aMsg, aIter, &count)) { - return false; - } - - for (size_t i = 0; i < count; i++) { - RefPtr cert; - if (!ReadParam(aMsg, aIter, &cert) || !cert || NS_FAILED(AddCert(cert))) { - return false; - } - } - - return true; -} - NS_IMETHODIMP nsNSSCertList::GetEnumerator(nsISimpleEnumerator** _retval) { nsCOMPtr enumerator(new nsNSSCertListEnumerator(mCerts)); @@ -1230,8 +1197,6 @@ nsNSSCertListEnumerator::GetNext(nsISupports** _retval) { return NS_OK; } -// NB: Any updates (except disk-only fields) must be kept in sync with -// |SerializeToIPC|. NS_IMETHODIMP nsNSSCertificate::Write(nsIObjectOutputStream* aStream) { NS_ENSURE_STATE(mCert); @@ -1248,8 +1213,6 @@ nsNSSCertificate::Write(nsIObjectOutputStream* aStream) { AsBytes(MakeSpan(mCert->derCert.data, mCert->derCert.len))); } -// NB: Any updates (except disk-only fields) must be kept in sync with -// |DeserializeFromIPC|. NS_IMETHODIMP nsNSSCertificate::Read(nsIObjectInputStream* aStream) { NS_ENSURE_STATE(!mCert); @@ -1280,45 +1243,6 @@ nsNSSCertificate::Read(nsIObjectInputStream* aStream) { return NS_OK; } -void nsNSSCertificate::SerializeToIPC(IPC::Message* aMsg) { - bool hasCert = static_cast(mCert); - WriteParam(aMsg, hasCert); - - if (!hasCert) { - return; - } - - const nsDependentCSubstring certBytes( - reinterpret_cast(mCert->derCert.data), mCert->derCert.len); - - WriteParam(aMsg, certBytes); -} - -bool nsNSSCertificate::DeserializeFromIPC(const IPC::Message* aMsg, - PickleIterator* aIter) { - bool hasCert = false; - if (!ReadParam(aMsg, aIter, &hasCert)) { - return false; - } - - if (!hasCert) { - return true; - } - - nsCString derBytes; - if (!ReadParam(aMsg, aIter, &derBytes)) { - return false; - } - - if (derBytes.Length() == 0) { - return false; - } - - // NSS accepts a |char*| here, but doesn't modify the contents of the array - // and casts it back to an |unsigned char*|. - return InitFromDER(const_cast(derBytes.get()), derBytes.Length()); -} - NS_IMETHODIMP nsNSSCertificate::GetInterfaces(nsTArray& array) { array.Clear(); diff --git a/toolkit/content/browser-child.js b/toolkit/content/browser-child.js index 3663406ab76b..7e759390e1c9 100644 --- a/toolkit/content/browser-child.js +++ b/toolkit/content/browser-child.js @@ -10,6 +10,12 @@ ChromeUtils.defineModuleGetter( "resource://gre/modules/BrowserUtils.jsm" ); +const { WebProgressChild } = ChromeUtils.import( + "resource://gre/modules/WebProgressChild.jsm" +); + +this.WebProgress = new WebProgressChild(this); + try { docShell .QueryInterface(Ci.nsIInterfaceRequestor) diff --git a/toolkit/content/widgets/browser-custom-element.js b/toolkit/content/widgets/browser-custom-element.js index 98b1ce21cb68..149bbebc3799 100644 --- a/toolkit/content/widgets/browser-custom-element.js +++ b/toolkit/content/widgets/browser-custom-element.js @@ -1264,6 +1264,8 @@ this.messageManager.addMessageListener("DOMTitleChanged", this); this.messageManager.addMessageListener("ImageDocumentLoaded", this); + // browser-child messages, such as Content:LocationChange, are handled in + // RemoteWebProgress, ensure it is loaded and ready. let jsm = "resource://gre/modules/RemoteWebProgress.jsm"; let { RemoteWebProgressManager } = ChromeUtils.import(jsm, {}); @@ -1512,16 +1514,6 @@ } } - updateSecurityUIForSecurityChange(aSecurityInfo, aState, aIsSecureContext) { - if (this.isRemoteBrowser && this.messageManager) { - // Invoking this getter triggers the generation of the underlying object, - // which we need to access with ._securityUI, because .securityUI returns - // a wrapper that makes _update inaccessible. - void this.securityUI; - this._securityUI._update(aSecurityInfo, aState, aIsSecureContext); - } - } - updateSecurityUIForContentBlockingEvent(aEvent) { if (this.isRemoteBrowser && this.messageManager) { // Invoking this getter triggers the generation of the underlying object, diff --git a/toolkit/modules/RemoteWebProgress.jsm b/toolkit/modules/RemoteWebProgress.jsm index a4e781196edb..2606eb7fa978 100644 --- a/toolkit/modules/RemoteWebProgress.jsm +++ b/toolkit/modules/RemoteWebProgress.jsm @@ -5,11 +5,17 @@ var EXPORTED_SYMBOLS = ["RemoteWebProgressManager"]; +const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm"); const RemoteWebProgress = Components.Constructor( "@mozilla.org/dom/remote-web-progress;1", "nsIRemoteWebProgress", "init" ); +const RemoteWebProgressRequest = Components.Constructor( + "@mozilla.org/dom/remote-web-progress-request;1", + "nsIRemoteWebProgressRequest", + "init" +); class RemoteWebProgressManager { constructor(aBrowser) { @@ -23,7 +29,16 @@ class RemoteWebProgressManager { } swapBrowser(aBrowser) { + if (this._messageManager) { + this._messageManager.removeMessageListener( + "Content:SecurityChange", + this + ); + } + this._browser = aBrowser; + this._messageManager = aBrowser.messageManager; + this._messageManager.addMessageListener("Content:SecurityChange", this); } swapListeners(aOtherRemoteWebProgressManager) { @@ -54,6 +69,20 @@ class RemoteWebProgressManager { ); } + _fixSecInfo(aSecInfo) { + let deserialized = null; + if (aSecInfo) { + let helper = Cc["@mozilla.org/network/serialization-helper;1"].getService( + Ci.nsISerializationHelper + ); + + deserialized = helper.deserializeObject(aSecInfo); + deserialized.QueryInterface(Ci.nsITransportSecurityInfo); + } + + return deserialized; + } + setCurrentURI(aURI) { // This function is simpler than nsDocShell::SetCurrentURI since // it doesn't have to deal with child docshells. @@ -154,6 +183,56 @@ class RemoteWebProgressManager { aEvent ); } + + receiveMessage(aMessage) { + let json = aMessage.json; + let webProgress = null; + let isTopLevel = json.webProgress && json.webProgress.isTopLevel; + // The top-level WebProgress is always the same, but because we don't + // really have a concept of subframes/content we always create a new object + // for those. + if (json.webProgress) { + webProgress = isTopLevel + ? this._topLevelWebProgress + : new RemoteWebProgress(this, isTopLevel); + webProgress.update( + json.webProgress.DOMWindowID, + 0, + json.webProgress.loadType, + json.webProgress.isLoadingDocument + ); + webProgress.QueryInterface(Ci.nsIWebProgress); + } + + // The WebProgressRequest object however is always dynamic. + let request = null; + if (json.requestURI) { + request = new RemoteWebProgressRequest( + Services.io.newURI(json.requestURI), + Services.io.newURI(json.originalRequestURI) + ); + request = request.QueryInterface(Ci.nsIRequest); + } + + switch (aMessage.name) { + case "Content:SecurityChange": + let state = json.state; + + if (isTopLevel) { + let secInfo = this._fixSecInfo(json.secInfo); + let isSecureContext = json.isSecureContext; + + // Invoking this getter triggers the generation of the underlying object, + // which we need to access with ._securityUI, because .securityUI returns + // a wrapper that makes _update inaccessible. + void this._browser.securityUI; + this._browser._securityUI._update(secInfo, state, isSecureContext); + } + + this.onSecurityChange(webProgress, request, state); + break; + } + } } RemoteWebProgressManager.prototype.QueryInterface = ChromeUtils.generateQI([ diff --git a/toolkit/modules/WebProgressChild.jsm b/toolkit/modules/WebProgressChild.jsm new file mode 100644 index 000000000000..c711d2657ac2 --- /dev/null +++ b/toolkit/modules/WebProgressChild.jsm @@ -0,0 +1,110 @@ +/* -*- indent-tabs-mode: nil; js-indent-level: 2 -*- */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +"use strict"; + +var EXPORTED_SYMBOLS = ["WebProgressChild"]; + +const { XPCOMUtils } = ChromeUtils.import( + "resource://gre/modules/XPCOMUtils.jsm" +); + +XPCOMUtils.defineLazyServiceGetter( + this, + "serializationHelper", + "@mozilla.org/network/serialization-helper;1", + "nsISerializationHelper" +); + +class WebProgressChild { + constructor(mm) { + this.mm = mm; + + // NOTIFY_PROGRESS, NOTIFY_STATE_ALL, NOTIFY_STATUS, NOTIFY_LOCATION, NOTIFY_REFRESH, and + // NOTIFY_CONTENT_BLOCKING are handled by PBrowser. + let notifyCode = + Ci.nsIWebProgress.NOTIFY_ALL & + ~Ci.nsIWebProgress.NOTIFY_STATE_ALL & + ~Ci.nsIWebProgress.NOTIFY_PROGRESS & + ~Ci.nsIWebProgress.NOTIFY_STATUS & + ~Ci.nsIWebProgress.NOTIFY_LOCATION & + ~Ci.nsIWebProgress.NOTIFY_REFRESH & + ~Ci.nsIWebProgress.NOTIFY_CONTENT_BLOCKING; + + this._filter = Cc[ + "@mozilla.org/appshell/component/browser-status-filter;1" + ].createInstance(Ci.nsIWebProgress); + this._filter.addProgressListener(this, notifyCode); + this._filter.target = this.mm.tabEventTarget; + + let webProgress = this.mm.docShell + .QueryInterface(Ci.nsIInterfaceRequestor) + .getInterface(Ci.nsIWebProgress); + webProgress.addProgressListener(this._filter, notifyCode); + } + + _requestSpec(aRequest, aPropertyName) { + if (!aRequest || !(aRequest instanceof Ci.nsIChannel)) { + return null; + } + return aRequest[aPropertyName].spec; + } + + _setupJSON(aWebProgress, aRequest) { + if (aWebProgress) { + let domWindowID = null; + try { + domWindowID = aWebProgress.DOMWindowID; + } catch (e) { + // The DOM Window ID getters above may throw if the inner or outer + // windows aren't created yet or are destroyed at the time we're making + // this call but that isn't fatal so ignore the exceptions here. + } + + aWebProgress = { + isTopLevel: aWebProgress.isTopLevel, + isLoadingDocument: aWebProgress.isLoadingDocument, + loadType: aWebProgress.loadType, + DOMWindowID: domWindowID, + }; + } + + return { + webProgress: aWebProgress || null, + requestURI: this._requestSpec(aRequest, "URI"), + originalRequestURI: this._requestSpec(aRequest, "originalURI"), + }; + } + + _send(name, data) { + this.mm.sendAsyncMessage(name, data); + } + + getSecInfoAsString() { + let secInfo = this.mm.docShell.securityUI.secInfo; + if (secInfo) { + return serializationHelper.serializeToString(secInfo); + } + + return null; + } + + onSecurityChange(aWebProgress, aRequest, aState) { + let json = this._setupJSON(aWebProgress, aRequest); + + json.state = aState; + + if (aWebProgress.isTopLevel) { + json.secInfo = this.getSecInfoAsString(); + json.isSecureContext = this.mm.content.isSecureContext; + } + + this._send("Content:SecurityChange", json); + } +} + +WebProgressChild.prototype.QueryInterface = ChromeUtils.generateQI([ + "nsIWebProgressListener", + "nsISupportsWeakReference", +]); diff --git a/toolkit/modules/moz.build b/toolkit/modules/moz.build index 97ac31fb87c8..951c65bc661f 100644 --- a/toolkit/modules/moz.build +++ b/toolkit/modules/moz.build @@ -229,6 +229,7 @@ EXTRA_JS_MODULES += [ 'Troubleshoot.jsm', 'UpdateUtils.jsm', 'WebChannel.jsm', + 'WebProgressChild.jsm', 'ZipUtils.jsm', ]