#612 (from OlgaTPark/14) additional fixes

2024-12-27 20:30:39 +00:00 · 2020-10-25 21:46:59 -07:00 · 2020-10-25 21:46:59 -07:00 · 53381bf934
commit 53381bf934
parent 06bbc2e34c
2 changed files with 20 additions and 8 deletions
--- a/dom/base/nsXMLHttpRequest.cpp
+++ b/dom/base/nsXMLHttpRequest.cpp
@ -1318,7 +1318,10 @@ nsXMLHttpRequest::IsSafeHeader(const nsACString& header, nsIHttpChannel* httpCha
      return false;
    }

-    if (token.EqualsLiteral("*")) {
+    if (token.EqualsLiteral("*") &&
+        (mState & XML_HTTP_REQUEST_AC_WITH_CREDENTIALS) !=
+XML_HTTP_REQUEST_AC_WITH_CREDENTIALS /* See this->SetWithCredentials */)
+    {
      isSafe = true;
    } else if (header.Equals(token, nsCaseInsensitiveCStringComparator())) {
      isSafe = true;
--- a/netwerk/protocol/http/nsCORSListenerProxy.cpp
+++ b/netwerk/protocol/http/nsCORSListenerProxy.cpp
@ -1289,6 +1289,7 @@ nsCORSPreflightListener::CheckPreflightRequestApproved(nsIRequest* aRequest)
                          headerVal);
  nsTArray<nsCString> headers;
  nsCCharSeparatedTokenizer headerTokens(headerVal, ',');
+  bool allowAllHeaders = false;
  while(headerTokens.hasMoreTokens()) {
    const nsDependentCSubstring& header = headerTokens.nextToken();
    if (header.IsEmpty()) {
@ -1299,14 +1300,22 @@ nsCORSPreflightListener::CheckPreflightRequestApproved(nsIRequest* aRequest)
                        NS_ConvertUTF8toUTF16(header).get());
      return NS_ERROR_DOM_BAD_URI;
    }
-    headers.AppendElement(header);
+    if (header.EqualsLiteral("*") && !mWithCredentials) {
+      allowAllHeaders = true;
+    } else {
+      headers.AppendElement(header);
+    }
  }
-  for (uint32_t i = 0; i < mPreflightHeaders.Length(); ++i) {
-    if (!headers.Contains(mPreflightHeaders[i],
-                          nsCaseInsensitiveCStringArrayComparator())) {
-      LogBlockedRequest(aRequest, "CORSMissingAllowHeaderFromPreflight",
-                        NS_ConvertUTF8toUTF16(mPreflightHeaders[i]).get());
-      return NS_ERROR_DOM_BAD_URI;
+
+  if (!allowAllHeaders) {
+    const auto& comparator = nsCaseInsensitiveCStringArrayComparator();
+    for (uint32_t i = 0; i < mPreflightHeaders.Length(); ++i) {
+      if (!headers.Contains(mPreflightHeaders[i], comparator)) {
+        LogBlockedRequest(
+            aRequest, "CORSMissingAllowHeaderFromPreflight",
+            NS_ConvertUTF8toUTF16(mPreflightHeaders[i]).get());
+        return NS_ERROR_DOM_BAD_URI;
+      }
    }
  }