speculative fix for citibank/upgrade-insecure-requests
This commit is contained in:
parent
2777050abd
commit
d7c27ac739
|
@ -368,6 +368,21 @@ nsHttpChannel::Connect()
|
|||
|
||||
LOG(("nsHttpChannel::Connect [this=%p]\n", this));
|
||||
|
||||
// Note that we are only setting the "Upgrade-Insecure-Requests" request
|
||||
// header for *all* navigational requests instead of all requests as
|
||||
// defined in the spec, see:
|
||||
// https://www.w3.org/TR/upgrade-insecure-requests/#preference
|
||||
nsContentPolicyType type = mLoadInfo ?
|
||||
mLoadInfo->GetExternalContentPolicyType() :
|
||||
nsIContentPolicy::TYPE_OTHER;
|
||||
|
||||
if (type == nsIContentPolicy::TYPE_DOCUMENT ||
|
||||
type == nsIContentPolicy::TYPE_SUBDOCUMENT) {
|
||||
rv = SetRequestHeader(NS_LITERAL_CSTRING("Upgrade-Insecure-Requests"),
|
||||
NS_LITERAL_CSTRING("1"), false);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
}
|
||||
|
||||
// Even if we're in private browsing mode, we still enforce existing STS
|
||||
// data (it is read-only).
|
||||
// if the connection is not using SSL and either the exact host matches or
|
||||
|
@ -413,7 +428,7 @@ nsHttpChannel::Connect()
|
|||
nsIScriptError::warningFlag, "CSP",
|
||||
innerWindowId);
|
||||
|
||||
Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 4);
|
||||
//Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 4);
|
||||
return AsyncCall(&nsHttpChannel::HandleAsyncRedirectChannelToHttps);
|
||||
}
|
||||
}
|
||||
|
@ -435,16 +450,16 @@ nsHttpChannel::Connect()
|
|||
if (isStsHost) {
|
||||
LOG(("nsHttpChannel::Connect() STS permissions found\n"));
|
||||
if (mAllowSTS) {
|
||||
Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 3);
|
||||
//Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 3);
|
||||
return AsyncCall(&nsHttpChannel::HandleAsyncRedirectChannelToHttps);
|
||||
} else {
|
||||
Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 2);
|
||||
//Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 2);
|
||||
}
|
||||
} else {
|
||||
Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 1);
|
||||
//Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 1);
|
||||
}
|
||||
} else {
|
||||
Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 0);
|
||||
//Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 0);
|
||||
}
|
||||
|
||||
// ensure that we are using a valid hostname
|
||||
|
|
Loading…
Reference in New Issue