mirror of
https://github.com/classilla/tenfourfox.git
synced 2024-09-27 14:56:16 +00:00
speculative fix for citibank/upgrade-insecure-requests
This commit is contained in:
parent
2777050abd
commit
d7c27ac739
@ -368,6 +368,21 @@ nsHttpChannel::Connect()
|
|||||||
|
|
||||||
LOG(("nsHttpChannel::Connect [this=%p]\n", this));
|
LOG(("nsHttpChannel::Connect [this=%p]\n", this));
|
||||||
|
|
||||||
|
// Note that we are only setting the "Upgrade-Insecure-Requests" request
|
||||||
|
// header for *all* navigational requests instead of all requests as
|
||||||
|
// defined in the spec, see:
|
||||||
|
// https://www.w3.org/TR/upgrade-insecure-requests/#preference
|
||||||
|
nsContentPolicyType type = mLoadInfo ?
|
||||||
|
mLoadInfo->GetExternalContentPolicyType() :
|
||||||
|
nsIContentPolicy::TYPE_OTHER;
|
||||||
|
|
||||||
|
if (type == nsIContentPolicy::TYPE_DOCUMENT ||
|
||||||
|
type == nsIContentPolicy::TYPE_SUBDOCUMENT) {
|
||||||
|
rv = SetRequestHeader(NS_LITERAL_CSTRING("Upgrade-Insecure-Requests"),
|
||||||
|
NS_LITERAL_CSTRING("1"), false);
|
||||||
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
|
}
|
||||||
|
|
||||||
// Even if we're in private browsing mode, we still enforce existing STS
|
// Even if we're in private browsing mode, we still enforce existing STS
|
||||||
// data (it is read-only).
|
// data (it is read-only).
|
||||||
// if the connection is not using SSL and either the exact host matches or
|
// if the connection is not using SSL and either the exact host matches or
|
||||||
@ -413,7 +428,7 @@ nsHttpChannel::Connect()
|
|||||||
nsIScriptError::warningFlag, "CSP",
|
nsIScriptError::warningFlag, "CSP",
|
||||||
innerWindowId);
|
innerWindowId);
|
||||||
|
|
||||||
Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 4);
|
//Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 4);
|
||||||
return AsyncCall(&nsHttpChannel::HandleAsyncRedirectChannelToHttps);
|
return AsyncCall(&nsHttpChannel::HandleAsyncRedirectChannelToHttps);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -435,16 +450,16 @@ nsHttpChannel::Connect()
|
|||||||
if (isStsHost) {
|
if (isStsHost) {
|
||||||
LOG(("nsHttpChannel::Connect() STS permissions found\n"));
|
LOG(("nsHttpChannel::Connect() STS permissions found\n"));
|
||||||
if (mAllowSTS) {
|
if (mAllowSTS) {
|
||||||
Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 3);
|
//Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 3);
|
||||||
return AsyncCall(&nsHttpChannel::HandleAsyncRedirectChannelToHttps);
|
return AsyncCall(&nsHttpChannel::HandleAsyncRedirectChannelToHttps);
|
||||||
} else {
|
} else {
|
||||||
Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 2);
|
//Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 2);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 1);
|
//Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 1);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 0);
|
//Telemetry::Accumulate(Telemetry::HTTP_SCHEME_UPGRADE, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
// ensure that we are using a valid hostname
|
// ensure that we are using a valid hostname
|
||||||
|
Loading…
Reference in New Issue
Block a user