diff options
| -rw-r--r-- | components/net/http_loader.rs | 43 | ||||
| -rw-r--r-- | components/net/resource_task.rs | 2 | ||||
| -rw-r--r-- | components/net_traits/lib.rs | 2 |
3 files changed, 35 insertions, 12 deletions
diff --git a/components/net/http_loader.rs b/components/net/http_loader.rs index d5e75bc2e1b..7525170c000 100644 --- a/components/net/http_loader.rs +++ b/components/net/http_loader.rs @@ -2,7 +2,7 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -use net_traits::{ControlMsg, CookieSource, LoadData, Metadata, LoadConsumer}; +use net_traits::{ControlMsg, CookieSource, LoadData, Metadata, LoadConsumer, IncludeSubdomains}; use net_traits::ProgressMsg::{Payload, Done}; use devtools_traits::{ChromeToDevtoolsControlMsg, DevtoolsControlMsg, NetworkEvent}; use mime_classifier::MIMEClassifier; @@ -15,8 +15,8 @@ use std::collections::HashSet; use file_loader; use flate2::read::{DeflateDecoder, GzDecoder}; use hyper::client::Request; -use hyper::header::{AcceptEncoding, Accept, ContentLength, ContentType, Host, Location, qitem}; -use hyper::header::{Quality, QualityItem}; +use hyper::header::{AcceptEncoding, Accept, ContentLength, ContentType, Host, Location, qitem, Quality, QualityItem}; +use hyper::header::StrictTransportSecurity; use hyper::Error as HttpError; use hyper::method::Method; use hyper::mime::{Mime, TopLevel, SubLevel}; @@ -37,13 +37,13 @@ use uuid; use std::borrow::ToOwned; use std::boxed::FnBox; -pub fn factory(cookies_chan: IpcSender<ControlMsg>, +pub fn factory(resource_mgr_chan: IpcSender<ControlMsg>, devtools_chan: Option<Sender<DevtoolsControlMsg>>, hsts_list: Arc<Mutex<HSTSList>>) -> Box<FnBox(LoadData, LoadConsumer, Arc<MIMEClassifier>) + Send> { box move |load_data, senders, classifier| { spawn_named("http_loader".to_owned(), - move || load(load_data, senders, classifier, cookies_chan, devtools_chan, hsts_list)) + move || load(load_data, senders, classifier, resource_mgr_chan, devtools_chan, hsts_list)) } } @@ -87,7 +87,7 @@ fn request_must_be_secured(hsts_list: &HSTSList, url: &Url) -> bool { fn load(mut load_data: LoadData, start_chan: LoadConsumer, classifier: Arc<MIMEClassifier>, - cookies_chan: IpcSender<ControlMsg>, + resource_mgr_chan: IpcSender<ControlMsg>, devtools_chan: Option<Sender<DevtoolsControlMsg>>, hsts_list: Arc<Mutex<HSTSList>>) { // FIXME: At the time of writing this FIXME, servo didn't have any central @@ -204,7 +204,7 @@ reason: \"certificate verify failed\" }]))"; } let (tx, rx) = ipc::channel().unwrap(); - cookies_chan.send(ControlMsg::GetCookiesForUrl(url.clone(), + resource_mgr_chan.send(ControlMsg::GetCookiesForUrl(url.clone(), tx, CookieSource::HTTP)).unwrap(); if let Some(cookie_list) = rx.recv().unwrap() { @@ -291,13 +291,36 @@ reason: \"certificate verify failed\" }]))"; if let Some(cookies) = response.headers.get_raw("set-cookie") { for cookie in cookies.iter() { if let Ok(cookies) = String::from_utf8(cookie.clone()) { - cookies_chan.send(ControlMsg::SetCookiesForUrl(url.clone(), - cookies, - CookieSource::HTTP)).unwrap(); + resource_mgr_chan.send(ControlMsg::SetCookiesForUrl(url.clone(), + cookies, + CookieSource::HTTP)).unwrap(); } } } + if url.scheme == "https" { + if let Some(header) = response.headers.get::<StrictTransportSecurity>() { + if let Some(host) = url.domain() { + info!("adding host {} to the strict transport security list", host); + info!("- max-age {}", header.max_age); + + let include_subdomains = if header.include_subdomains { + info!("- includeSubdomains"); + IncludeSubdomains::Included + } else { + IncludeSubdomains::NotIncluded + }; + + resource_mgr_chan.send( + ControlMsg::SetHSTSEntryForHost( + host.to_string(), include_subdomains, header.max_age + ) + ).unwrap(); + } + } + } + + if response.status.class() == StatusClass::Redirection { match response.headers.get::<Location>() { Some(&Location(ref new_url)) => { diff --git a/components/net/resource_task.rs b/components/net/resource_task.rs index 1ccd09d6219..2d5a5a17be4 100644 --- a/components/net/resource_task.rs +++ b/components/net/resource_task.rs @@ -238,7 +238,7 @@ impl ResourceChannelManager { consumer.send(self.resource_manager.cookie_storage.cookies_for_url(&url, source)).unwrap(); } ControlMsg::SetHSTSEntryForHost(host, include_subdomains, max_age) => { - if let Some(entry) = HSTSEntry::new(host, include_subdomains, max_age) { + if let Some(entry) = HSTSEntry::new(host, include_subdomains, Some(max_age)) { self.resource_manager.add_hsts_entry(entry) } } diff --git a/components/net_traits/lib.rs b/components/net_traits/lib.rs index 05837ec5054..5ef190e5119 100644 --- a/components/net_traits/lib.rs +++ b/components/net_traits/lib.rs @@ -145,7 +145,7 @@ pub enum ControlMsg { /// Retrieve the stored cookies for a given URL GetCookiesForUrl(Url, IpcSender<Option<String>>, CookieSource), /// Store a domain's STS information - SetHSTSEntryForHost(String, IncludeSubdomains, Option<u64>), + SetHSTSEntryForHost(String, IncludeSubdomains, u64), Exit } |