commit 349dcb1c5776936a37d21dfd70f9d0d2f1227513 Author: Mike Perry mikeperry-git@fscked.org Date: Sat Aug 20 17:42:20 2011 -0700
Bug 3739: SafeCache policy fails for https->http CORS
We use the cookie permissions api to get the origin URI. It can do some magic we can't do from XPCOM. Thanks to Georg Koppen for the tip! --- src/chrome/content/stanford-safecache.js | 15 +++++++++++---- 1 files changed, 11 insertions(+), 4 deletions(-)
diff --git a/src/chrome/content/stanford-safecache.js b/src/chrome/content/stanford-safecache.js index bf2fb16..0b08bda 100644 --- a/src/chrome/content/stanford-safecache.js +++ b/src/chrome/content/stanford-safecache.js @@ -55,6 +55,7 @@ function SSC_dump(msg) {
function SSC_RequestListener(controller) { this.controller = controller; + this.cookie_permissions = Cc["@mozilla.org/cookie/permission;1"].getService(Ci.nsICookiePermission); }
SSC_RequestListener.prototype = @@ -119,10 +120,16 @@ SSC_RequestListener.prototype = parent_host = null; // first party interaction } else if(!parent_host) { // Questionable first party interaction.. - if (!channel.referrer) { - torbutton_safelog(3, "SSC: No parent for ", channel.URI.spec); - } else { - parent_host = channel.referrer.host; + try { + var anuri = this.cookie_permissions.getOriginatingURI(channel); + parent_host = anuri.host; + } catch(e) { + torbutton_safelog(2, "Cookie API failed to get parent: "+e,channel.URI.spec); + if (!channel.referrer) { + torbutton_safelog(3, "SSC: No parent for ", channel.URI.spec); + } else { + parent_host = channel.referrer.host; + } } }