Bug 906190 - Persist 'disable protection' option for Mixed Content Bl…

…ocker in child tabs - tabbrowser part. r=gavin
rmottola · Aug 25, 2019 · 7467fee · 7467fee
1 parent 97031e9
commit 7467fee
Show file tree

Hide file tree

Showing 4 changed files with 49 additions and 5 deletions.
diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js
@@ -5075,9 +5075,26 @@ function handleLinkClick(event, href, linkNode) {
     return true;
   }
 
+  var referrerURI = doc.documentURIObject;
+  // if the mixedContentChannel is present and the referring URI passes
+  // a same origin check with the target URI, we can preserve the users
+  // decision of disabling MCB on a page for it's child tabs.
+  var persistDisableMCBInChildTab = false;
+
+  if (where == "tab" && gBrowser.docShell.mixedContentChannel) {
+    const sm = Services.scriptSecurityManager;
+    try {
+      var targetURI = makeURI(href);
+      sm.checkSameOriginURI(referrerURI, targetURI, false);
+      persistDisableMCBInChildTab = true;
+    }
+    catch (e) { }
+  }
+
   urlSecurityCheck(href, doc.nodePrincipal);
-  openLinkIn(href, where, { referrerURI: doc.documentURIObject,
-                            charset: doc.characterSet });
+  openLinkIn(href, where, { referrerURI: referrerURI,
+                            charset: doc.characterSet,
+                            disableMCB: persistDisableMCBInChildTab});
   event.preventDefault();
   return true;
 }

diff --git a/browser/base/content/nsContextMenu.js b/browser/base/content/nsContextMenu.js
@@ -762,9 +762,27 @@ nsContextMenu.prototype = {
   openLinkInTab: function() {
     var doc = this.target.ownerDocument;
     urlSecurityCheck(this.linkURL, doc.nodePrincipal);
+    var referrerURI = doc.documentURIObject;
+
+    // if the mixedContentChannel is present and the referring URI passes
+    // a same origin check with the target URI, we can preserve the users
+    // decision of disabling MCB on a page for it's child tabs.
+    var persistDisableMCBInChildTab = false;
+
+    if (this.browser.docShell.mixedContentChannel) {
+      const sm = Services.scriptSecurityManager;
+      try {
+        var targetURI = this.linkURI;
+        sm.checkSameOriginURI(referrerURI, targetURI, false);
+        persistDisableMCBInChildTab = true;
+      }
+      catch (e) { }
+    }
+
     openLinkIn(this.linkURL, "tab",
                { charset: doc.characterSet,
-                 referrerURI: doc.documentURIObject });
+                 referrerURI: referrerURI,
+                 disableMCB:  persistDisableMCBInChildTab});
   },
 
   // open URL in current tab

diff --git a/browser/base/content/tabbrowser.xml b/browser/base/content/tabbrowser.xml
@@ -1254,6 +1254,7 @@
           <![CDATA[
             var aFromExternal;
             var aRelatedToCurrent;
+            var aDisableMCB;
             if (arguments.length == 2 &&
                 typeof arguments[1] == "object" &&
                 !(arguments[1] instanceof Ci.nsIURI)) {
@@ -1265,6 +1266,7 @@
               aAllowThirdPartyFixup = params.allowThirdPartyFixup;
               aFromExternal         = params.fromExternal;
               aRelatedToCurrent     = params.relatedToCurrent;
+              aDisableMCB           = params.disableMCB;
             }
 
             var bgLoad = (aLoadInBackground != null) ? aLoadInBackground :
@@ -1277,7 +1279,8 @@
                                   ownerTab: owner,
                                   allowThirdPartyFixup: aAllowThirdPartyFixup,
                                   fromExternal: aFromExternal,
-                                  relatedToCurrent: aRelatedToCurrent});
+                                  relatedToCurrent: aRelatedToCurrent,
+                                  disableMCB: aDisableMCB});
             if (!bgLoad)
               this.selectedTab = tab;
 
@@ -1351,6 +1354,7 @@
             var aFromExternal;
             var aRelatedToCurrent;
             var aSkipAnimation;
+            var aDisableMCB;
             if (arguments.length == 2 &&
                 typeof arguments[1] == "object" &&
                 !(arguments[1] instanceof Ci.nsIURI)) {
@@ -1363,6 +1367,7 @@
               aFromExternal         = params.fromExternal;
               aRelatedToCurrent     = params.relatedToCurrent;
               aSkipAnimation        = params.skipAnimation;
+              aDisableMCB           = params.disableMCB;
             }
 
             // if we're adding tabs, we're past interrupt mode, ditch the owner
@@ -1522,6 +1527,8 @@
               }
               if (aFromExternal)
                 flags |= Ci.nsIWebNavigation.LOAD_FLAGS_FROM_EXTERNAL;
+              if (aDisableMCB)
+                flags |= Ci.nsIWebNavigation.LOAD_FLAGS_ALLOW_MIXED_CONTENT;
               try {
                 b.loadURIWithFlags(aURI, flags, aReferrerURI, aCharset, aPostData);
               } catch (ex) {

diff --git a/browser/base/content/utilityOverlay.js b/browser/base/content/utilityOverlay.js
@@ -215,6 +215,7 @@ function openLinkIn(url, where, params) {
   var aCharset              = params.charset;
   var aReferrerURI          = params.referrerURI;
   var aRelatedToCurrent     = params.relatedToCurrent;
+  var aDisableMCB           = params.disableMCB;
   var aInBackground         = params.inBackground;
   var aDisallowInheritPrincipal = params.disallowInheritPrincipal;
   var aInitiatingDoc        = params.initiatingDoc;
@@ -328,7 +329,8 @@ function openLinkIn(url, where, params) {
                        postData: aPostData,
                        inBackground: loadInBackground,
                        allowThirdPartyFixup: aAllowThirdPartyFixup,
-                       relatedToCurrent: aRelatedToCurrent});
+                       relatedToCurrent: aRelatedToCurrent,
+                       disableMCB: aDisableMCB});
     break;
   }