check http_state in determine_request_referrer

[splav]

Check https status inside determine_request_referrer.

• ./mach build -d does not report any errors
• ./mach test-tidy does not report any errors
• These changes fix #14506 (GitHub issue number if applicable)

• There are tests for these changes OR
• These changes do not require tests because ___

[highfive]

Heads up! This PR modifies the following files:

• @asajeffrey: components/script/fetch.rs
• @KiChjang: components/script/fetch.rs, components/net/fetch/methods.rs, components/net/tests/http_loader.rs, components/net_traits/request.rs, components/net/http_loader.rs

[splav]

Sadly, it seems there are no tests for HttpsState::Deprecated value. At least in enabled tests.

[CYBAI]

IIRC, we've had this function in urlhelper so you can just use UrlHelper::is_origin_trustworthy.

servo/components/script/dom/urlhelper.rs

Lines 75 to 94 in 0a00ea3

	// https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy
	pub fn is_origin_trustworthy(url: &ServoUrl) -> bool {
	// Step 1
	if !url.origin().is_tuple() {
	return false;
	}
	// Step 3
	if url.scheme() == "https" || url.scheme() == "wss" {
	true
	// Step 4
	} else if url.host().is_some() {
	let host = url.host_str().unwrap();
	host == "127.0.0.0/8" || host == "::1/128"
	// Step 6
	} else {
	url.scheme() == "file"
	}
	}
	}

[splav]

Thank you! Then I think: 1. It should be moved to somewhere in the net, may be there is something like net/url helpers? What is the best place? 2. The check for local ip is incorrect, I'll fix it using Rust std Ipv*Addr structs methods.

…

--------------------------------------------------------- Александров Сергей Васильевич вс, 17 мая 2020 г., 5:42 cybai <notifications@github.com>:

*@CYBAI* commented on this pull request. ------------------------------ In components/net/http_loader.rs <#26546 (comment)>: > +/// <https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy> +fn is_origin_trustworthy(url: ServoUrl) -> bool { + match url.origin() { + // Step 1 + ImmutableOrigin::Opaque(_) => false, + ImmutableOrigin::Tuple(_, _, _) => { + // Step 3 + if url.scheme() == "https" || url.scheme() == "wss" { + return true; + } + // Step 4-5 TODO + // Step 6 + if url.scheme() == "file" { + return true; + } + // Step 7-8 TODO + // Step 9 + false + }, + } } IIRC, we've had this function in urlhelper so you can just use UrlHelper::is_origin_trustworthy. https://github.com/servo/servo/blob/0a00ea3db3c2353c78435030040fd3f57f5f4497/components/script/dom/urlhelper.rs#L75-L94 — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#26546 (review)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AABMOIUCCWT535MQPG6W5Q3RR5FLFANCNFSM4NDBUZGQ> .

[CYBAI]

1. It should be moved to somewhere in the net, may be there is something like net/url helpers? What is the best place?

Yes, agree! @gterzian tried to move it as a method of ServoUrl in #26317 ; maybe that will be a good place?

See https://github.com/servo/servo/pull/26317/files#diff-cac78be29c466ffe8160ad29af53e214R173-R191

2. The check for local ip is incorrect, I'll fix it using Rust std Ipv*Addr structs methods.

👍

[splav]

Fixed is_origin_trustworthy + moved it to ServoUrl

[jdm]

We're missing initializing the request's https state in Document::fetch_async.

We should also make net_request_from_global in component/script/fetch.rs initialize the https_state member; this might require us to:

• add a https_state method on GlobalScope
• make load_whole_resource return the HTTPS state
• update the global scope's https state based on the result of the load

Finally we should add the request's HTTPS state as an argument to load_whole_resource and set the Request's https_state member before starting the request.

[jdm]

We should make sure that the new https_state member is initialized in net_request_from_global in components/script/dom/request.rs.

[jdm]

This should be request.https_state, right?

[splav]

Yes, missed that NetTraitsRequest means 'Request from net_traits'

[splav]

I want to believe that all requested changes are fixed now.

[splav]

Forgot unit tests, fixing.

[jdm]

Since load_whole_resource now uses the default value of global's https state when we call it earlier in this file, please set global_scope's https_state to the https_state of current_global before calling load_whole_resource. This call to set_https_state should remain, however.

[splav]

Done, essentially it makes the worker global scope inherit parent global scope https state.

[jdm]

I'm 99% confident that this doesn't build, since current_global can't be moved between threads. We need to get the https state value before spawning the new thread instead.

[splav]

Yes, fixed that. Strangely it did build. May be some caching... Also sometimes rustc crashes and builds fine after rerun.

[jdm]

@bors-servo try=wpt

[bors-servo]

⌛ Trying commit 357b486 with merge e82b9da...

[bors-servo]

☀️ Test successful - status-taskcluster
State: approved= try=True

[jdm]

Huh, I'm surprised there are still no test result changes. I want to figure out what's missing before we merge this.

[splav]

Ok. If there are candidates - I can investigate concrete tests. I'll try to look for appropriate tests manually though.

[jdm]

I dug into it, and it turns out that there are no referrer-policy tests that start in an HTTPS context and make an HTTP request. This appears to be an oversight in the test suite generation, based on:

• https://github.com/web-platform-tests/wpt/blob/b62bd4a22154756bc021bdad08aafe9b57bb17f6/referrer-policy/spec.src.json#L130-L143 - expected results for omitting the referrer when starting in HTTPS and making an HTTP request with no-referrer-when-downgrade
• https://github.com/web-platform-tests/wpt/blob/b62bd4a22154756bc021bdad08aafe9b57bb17f6/referrer-policy/spec.src.json#L551- all L570 - HTTPS->HTTP tests are excluded from the set of tests to generate

It looks like either the mixed-content exclusions are over-enthusiastic, or the author thought that the mixed content standard subsumes this for some reason.

I'm inclined to merge these changes and investigate extending the test suite separately.

[jdm]

@bors-servo r+

[bors-servo]

📌 Commit 357b486 has been approved by jdm

[splav]

Random thought:
If the previous request was a modern https the it was handled correctly with checking url scheme.
Modern <=> "https" scheme; None <=> "http" scheme.
The only case not handled correctly previously I can imagine - Deprecated state from previous request.
I failed to find any uses of HttpsState::Deprecated in the code and is up to implementation what to consider deprecated. So, no fixed tests here does not seem strange.

The other thing I fixed - is_origin_trustworthy implementation. And here I do expect some test results changes.

[jdm]

@bors-servo r-
Let's answer the question about is_origin_trustworthy before merging.

[jdm]

Looks like the is_origin_trustworthy changes are difficult to test as part of the WPT harness, so let's merge these.
@bors-servo r+

[bors-servo]

📌 Commit 357b486 has been approved by jdm

[bors-servo]

⌛ Testing commit 357b486 with merge 4edf37a...

[bors-servo]

💔 Test failed - status-taskcluster

[jdm]

@bors-servo retry

• #26572

[bors-servo]

⌛ Testing commit 357b486 with merge e17b53e...

[bors-servo]

☀️ Test successful - status-taskcluster
Approved by: jdm
Pushing e17b53e to master...