Bug 1934271 - Remove GetQuery check in Entra SSO for SAML use cases a=dmeehan

The [initial motivation](https://phabricator.services.mozilla.com/D216560#inline-1215772) behind checking whether the query is empty or not is to ensure that we don't perform SSO for URIs like `https://login.microsoft.com/`.

However, we observed that Entra SSO can operate via SAML using the URI `https://login.microsoftonline.com/XXXXXX/saml2`.

To address this, we decided to remove the check like in Windows

Original Revision: https://phabricator.services.mozilla.com/D230714

Differential Revision: https://phabricator.services.mozilla.com/D237075
This commit is contained in:
Sean 2025-02-13 00:23:02 +00:00
parent b2095689fc
commit 941b037ac9

View file

@ -491,11 +491,8 @@ nsresult nsHttpChannel::PrepareToConnect() {
mURI->SchemeIs("https") && !(mLoadFlags & LOAD_ANONYMOUS) &&
!mPrivateBrowsing) {
ExtContentPolicyType type = mLoadInfo->GetExternalContentPolicyType();
nsAutoCString query;
nsresult rv = mURI->GetQuery(query);
if ((type == ExtContentPolicy::TYPE_DOCUMENT ||
type == ExtContentPolicy::TYPE_SUBDOCUMENT) &&
NS_SUCCEEDED(rv) && !query.IsEmpty() &&
prefEnabledForCurrentContainer() && isUriMSAuthority()) {
nsMainThreadPtrHandle<nsHttpChannel> self(
new nsMainThreadPtrHolder<nsHttpChannel>(
@ -509,7 +506,7 @@ nsresult nsHttpChannel::PrepareToConnect() {
}
};
rv = AddMicrosoftEntraSSO(this, std::move(resultCallback));
nsresult rv = AddMicrosoftEntraSSO(this, std::move(resultCallback));
// Returns NS_OK if performRequests is called in MicrosoftEntraSSOUtils
// This temporarily stops the channel setup for the delegate.