Loading browser/components/search/SearchUIUtils.sys.mjs +5 −1 Original line number Diff line number Diff line Loading @@ -181,7 +181,11 @@ export var SearchUIUtils = { */ async addOpenSearchEngine(locationURL, image, browsingContext) { try { await Services.search.addOpenSearchEngine(locationURL, image); await Services.search.addOpenSearchEngine( locationURL, image, browsingContext?.embedderElement?.contentPrincipal?.originAttributes ); } catch (ex) { let titleMsgName; let descMsgName; Loading toolkit/components/search/OpenSearchLoader.sys.mjs +15 −4 Original line number Diff line number Diff line Loading @@ -97,10 +97,18 @@ const MOZSEARCH_LOCALNAME = "SearchPlugin"; * The uri from which to load the OpenSearch engine data. * @param {string} [lastModified] * The UTC date when the engine was last updated, if any. * @param {object} [originAttributes] * The origin attributes of the site loading the manifest. If none are * specified, the origin attributes will be formed of the first party domain * based on the domain of the manifest. * @returns {Promise<OpenSearchProperties>} * The properties of the loaded OpenSearch engine. */ export async function loadAndParseOpenSearchEngine(sourceURI, lastModified) { export async function loadAndParseOpenSearchEngine( sourceURI, lastModified, originAttributes ) { if (!sourceURI) { throw Components.Exception( "Must have URI when calling _install!", Loading @@ -116,7 +124,7 @@ export async function loadAndParseOpenSearchEngine(sourceURI, lastModified) { lazy.logConsole.debug("Downloading OpenSearch engine from:", sourceURI.spec); let xmlData = await loadEngineXML(sourceURI, lastModified); let xmlData = await loadEngineXML(sourceURI, lastModified, originAttributes); let xmlDocument = await parseXML(xmlData); lazy.logConsole.debug("Loading search plugin"); Loading Loading @@ -147,16 +155,19 @@ export async function loadAndParseOpenSearchEngine(sourceURI, lastModified) { * The uri from which to load the OpenSearch engine data. * @param {string} [lastModified] * The UTC date when the engine was last updated, if any. * @param {object} [originAttributes] * The origin attributes to use to load the manifest. * @returns {Promise} * A promise that is resolved with the data if the engine is successfully loaded * and rejected otherwise. */ function loadEngineXML(sourceURI, lastModified) { function loadEngineXML(sourceURI, lastModified, originAttributes = null) { var chan = lazy.SearchUtils.makeChannel( sourceURI, // OpenSearchEngine is loading a definition file for a search engine, // TYPE_DOCUMENT captures that load best. Ci.nsIContentPolicy.TYPE_DOCUMENT Ci.nsIContentPolicy.TYPE_DOCUMENT, originAttributes ); // we collect https telemetry for all top-level (document) loads. Loading toolkit/components/search/SearchService.sys.mjs +4 −2 Original line number Diff line number Diff line Loading @@ -759,13 +759,15 @@ export class SearchService { }); } async addOpenSearchEngine(engineURL, iconURL) { async addOpenSearchEngine(engineURL, iconURL, originAttributes) { lazy.logConsole.debug("addOpenSearchEngine: Adding", engineURL); await this.init(); let engine; try { let engineData = await lazy.loadAndParseOpenSearchEngine( Services.io.newURI(engineURL) Services.io.newURI(engineURL), null, originAttributes ); engine = new lazy.OpenSearchEngine({ engineData, faviconURL: iconURL }); } catch (ex) { Loading toolkit/components/search/SearchUtils.sys.mjs +20 −5 Original line number Diff line number Diff line Loading @@ -244,19 +244,34 @@ export var SearchUtils = { * The URL string from which to create an nsIChannel. * @param {nsContentPolicyType} contentPolicyType * The type of document being loaded. * @param {object} [originAttributes] * The origin attributes to associate to this channel. * @returns {nsIChannel} * an nsIChannel object, or null if the url is invalid. */ makeChannel(url, contentPolicyType) { makeChannel(url, contentPolicyType, originAttributes = null) { if (!contentPolicyType) { throw new Error("makeChannel called with invalid content policy type"); } try { let uri = typeof url == "string" ? Services.io.newURI(url) : url; let principal = uri.scheme == "moz-extension" ? Services.scriptSecurityManager.createContentPrincipal(uri, {}) : Services.scriptSecurityManager.createNullPrincipal({}); let principal; if (uri.scheme == "moz-extension") { principal = Services.scriptSecurityManager.createContentPrincipal( uri, {} ); } else { if (!originAttributes) { originAttributes = {}; try { originAttributes.firstPartyDomain = Services.eTLD.getSchemelessSite(uri); } catch {} } principal = Services.scriptSecurityManager.createNullPrincipal(originAttributes); } return Services.io.newChannelFromURI( uri, Loading toolkit/components/search/nsISearchService.idl +5 −1 Original line number Diff line number Diff line Loading @@ -340,10 +340,14 @@ interface nsISearchService : nsISupports * icon. This value may be overridden by an icon specified in the * engine description file. * * @param originAttributes [optional] The origin attributes to use to load this manifest. * * @throws NS_ERROR_FAILURE if the description file cannot be successfully * loaded. */ Promise addOpenSearchEngine(in AString engineURL, in AString iconURL); Promise addOpenSearchEngine(in AString engineURL, in AString iconURL, [optional] in jsval originAttributes); /** * Adds a new search engine defined by the user. Loading Loading
browser/components/search/SearchUIUtils.sys.mjs +5 −1 Original line number Diff line number Diff line Loading @@ -181,7 +181,11 @@ export var SearchUIUtils = { */ async addOpenSearchEngine(locationURL, image, browsingContext) { try { await Services.search.addOpenSearchEngine(locationURL, image); await Services.search.addOpenSearchEngine( locationURL, image, browsingContext?.embedderElement?.contentPrincipal?.originAttributes ); } catch (ex) { let titleMsgName; let descMsgName; Loading
toolkit/components/search/OpenSearchLoader.sys.mjs +15 −4 Original line number Diff line number Diff line Loading @@ -97,10 +97,18 @@ const MOZSEARCH_LOCALNAME = "SearchPlugin"; * The uri from which to load the OpenSearch engine data. * @param {string} [lastModified] * The UTC date when the engine was last updated, if any. * @param {object} [originAttributes] * The origin attributes of the site loading the manifest. If none are * specified, the origin attributes will be formed of the first party domain * based on the domain of the manifest. * @returns {Promise<OpenSearchProperties>} * The properties of the loaded OpenSearch engine. */ export async function loadAndParseOpenSearchEngine(sourceURI, lastModified) { export async function loadAndParseOpenSearchEngine( sourceURI, lastModified, originAttributes ) { if (!sourceURI) { throw Components.Exception( "Must have URI when calling _install!", Loading @@ -116,7 +124,7 @@ export async function loadAndParseOpenSearchEngine(sourceURI, lastModified) { lazy.logConsole.debug("Downloading OpenSearch engine from:", sourceURI.spec); let xmlData = await loadEngineXML(sourceURI, lastModified); let xmlData = await loadEngineXML(sourceURI, lastModified, originAttributes); let xmlDocument = await parseXML(xmlData); lazy.logConsole.debug("Loading search plugin"); Loading Loading @@ -147,16 +155,19 @@ export async function loadAndParseOpenSearchEngine(sourceURI, lastModified) { * The uri from which to load the OpenSearch engine data. * @param {string} [lastModified] * The UTC date when the engine was last updated, if any. * @param {object} [originAttributes] * The origin attributes to use to load the manifest. * @returns {Promise} * A promise that is resolved with the data if the engine is successfully loaded * and rejected otherwise. */ function loadEngineXML(sourceURI, lastModified) { function loadEngineXML(sourceURI, lastModified, originAttributes = null) { var chan = lazy.SearchUtils.makeChannel( sourceURI, // OpenSearchEngine is loading a definition file for a search engine, // TYPE_DOCUMENT captures that load best. Ci.nsIContentPolicy.TYPE_DOCUMENT Ci.nsIContentPolicy.TYPE_DOCUMENT, originAttributes ); // we collect https telemetry for all top-level (document) loads. Loading
toolkit/components/search/SearchService.sys.mjs +4 −2 Original line number Diff line number Diff line Loading @@ -759,13 +759,15 @@ export class SearchService { }); } async addOpenSearchEngine(engineURL, iconURL) { async addOpenSearchEngine(engineURL, iconURL, originAttributes) { lazy.logConsole.debug("addOpenSearchEngine: Adding", engineURL); await this.init(); let engine; try { let engineData = await lazy.loadAndParseOpenSearchEngine( Services.io.newURI(engineURL) Services.io.newURI(engineURL), null, originAttributes ); engine = new lazy.OpenSearchEngine({ engineData, faviconURL: iconURL }); } catch (ex) { Loading
toolkit/components/search/SearchUtils.sys.mjs +20 −5 Original line number Diff line number Diff line Loading @@ -244,19 +244,34 @@ export var SearchUtils = { * The URL string from which to create an nsIChannel. * @param {nsContentPolicyType} contentPolicyType * The type of document being loaded. * @param {object} [originAttributes] * The origin attributes to associate to this channel. * @returns {nsIChannel} * an nsIChannel object, or null if the url is invalid. */ makeChannel(url, contentPolicyType) { makeChannel(url, contentPolicyType, originAttributes = null) { if (!contentPolicyType) { throw new Error("makeChannel called with invalid content policy type"); } try { let uri = typeof url == "string" ? Services.io.newURI(url) : url; let principal = uri.scheme == "moz-extension" ? Services.scriptSecurityManager.createContentPrincipal(uri, {}) : Services.scriptSecurityManager.createNullPrincipal({}); let principal; if (uri.scheme == "moz-extension") { principal = Services.scriptSecurityManager.createContentPrincipal( uri, {} ); } else { if (!originAttributes) { originAttributes = {}; try { originAttributes.firstPartyDomain = Services.eTLD.getSchemelessSite(uri); } catch {} } principal = Services.scriptSecurityManager.createNullPrincipal(originAttributes); } return Services.io.newChannelFromURI( uri, Loading
toolkit/components/search/nsISearchService.idl +5 −1 Original line number Diff line number Diff line Loading @@ -340,10 +340,14 @@ interface nsISearchService : nsISupports * icon. This value may be overridden by an icon specified in the * engine description file. * * @param originAttributes [optional] The origin attributes to use to load this manifest. * * @throws NS_ERROR_FAILURE if the description file cannot be successfully * loaded. */ Promise addOpenSearchEngine(in AString engineURL, in AString iconURL); Promise addOpenSearchEngine(in AString engineURL, in AString iconURL, [optional] in jsval originAttributes); /** * Adds a new search engine defined by the user. Loading
