Commit a4773d96 authored by Cathy Lu's avatar Cathy Lu Committed by Pier Angelo Vendrame
Browse files

Bug 1791322 - GeckoView should call classifyDownloads to sandbox downloads... 

Bug 1791322 - GeckoView should call classifyDownloads to sandbox downloads r=geckoview-reviewers,nika

Differential Revision: https://phabricator.services.mozilla.com/D249683
parent 2e737459

dom/security/nsContentSecurityUtils.cpp

+1 −2
Original line number Diff line number Diff line
@@ -2206,8 +2206,7 @@ void nsContentSecurityUtils::LogMessageToConsole(nsIHttpChannel* aChannel, 
}



/* static */

long nsContentSecurityUtils::ClassifyDownload(

    nsIChannel* aChannel, const nsAutoCString& aMimeTypeGuess) {

long nsContentSecurityUtils::ClassifyDownload(nsIChannel* aChannel) {

  MOZ_ASSERT(aChannel, "IsDownloadAllowed without channel?");



  nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();

dom/security/nsContentSecurityUtils.h

+1 −2
Original line number Diff line number Diff line
@@ -74,8 +74,7 @@ class nsContentSecurityUtils { 
      const mozilla::dom::Element& aElement);



  // Helper function to Check if a Download is allowed;

  static long ClassifyDownload(nsIChannel* aChannel,

                               const nsAutoCString& aMimeTypeGuess);

  static long ClassifyDownload(nsIChannel* aChannel);



  // Public only for testing

  static FilenameTypeAndDetails FilenameToFilenameType(

mobile/android/components/geckoview/GeckoViewStreamListener.cpp

+12 −0
Original line number Diff line number Diff line
@@ -16,6 +16,8 @@ 
#include "nsIWebProgressListener.h"

#include "nsIX509Cert.h"

#include "nsPrintfCString.h"

#include "nsContentSecurityUtils.h"

#include "nsITransfer.h"



#include "nsNetUtil.h"
@@ -85,6 +87,16 @@ GeckoViewStreamListener::OnStartRequest(nsIRequest* aRequest) { 
    return NS_OK;

  }



  nsCOMPtr<nsIChannel> channel = do_QueryInterface(aRequest);

  if (channel) {

    int32_t classification = nsContentSecurityUtils::ClassifyDownload(channel);

    if (classification == nsITransfer::DOWNLOAD_FORBIDDEN) {

      channel->Cancel(NS_ERROR_ABORT);

      CompleteWithError(NS_ERROR_ABORT, channel);

      return NS_OK;

    }

  }



  // We're expecting data later via OnDataAvailable, so create the stream now.

  InitializeStreamSupport(aRequest);

uriloader/exthandler/nsExternalHelperAppService.cpp

+1 −2
Original line number Diff line number Diff line
@@ -1607,8 +1607,7 @@ NS_IMETHODIMP nsExternalAppHandler::OnStartRequest(nsIRequest* request) { 
    return NS_OK;

  }



  mDownloadClassification =

      nsContentSecurityUtils::ClassifyDownload(aChannel, MIMEType);

  mDownloadClassification = nsContentSecurityUtils::ClassifyDownload(aChannel);



  if (mDownloadClassification == nsITransfer::DOWNLOAD_FORBIDDEN) {

    // If the download is rated as forbidden,