Bug Summary

File:root/firefox-clang/obj-x86_64-pc-linux-gnu/dist/include/nsDocShellLoadState.h
Warning:line 47, column 7
Excessive padding in 'class nsDocShellLoadState' (54 padding bytes, where 6 is optimal). Optimal fields order: mRefCnt, _mOwningThread, mReferrerInfo, mURI, mOriginalURI, mResultPrincipalURI, mTriggeringPrincipal, mTriggeringWindowId, mCsp, mPrincipalToInherit, mPartitionedPrincipalToInherit, mHttpsFirstDowngradeData, mSHEntry, mLoadingSessionHistoryInfo, mPostDataStream, mHeadersStream, mBaseURI, mPendingRedirectedChannel, mChannelRegistrarId, mLoadIdentifier, mUnstrippedURI, mSourceElement, mNavigationAPIState, mFormDataEntryList, mTarget, mTargetBrowsingContext, mSrcdocData, mSourceBrowsingContext, mTypeHint, mFileName, mTriggeringRemoteType, mOriginalURIString, mRemoteTypeOverride, mTriggeringSandboxFlags, mLoadType, mLoadFlags, mInternalLoadFlags, mHttpsUpgradeTelemetry, mTriggeringClassificationFlags, mCancelContentJSEpoch, mResultPrincipalURIIsSome, mTriggeringStorageAccess, mKeepResultPrincipalURIIfSet, mLoadReplace, mInheritPrincipal, mPrincipalIsExplicit, mNotifiedBeforeUnloadListeners, mForceAllowDataURI, mIsExemptFromHTTPSFirstMode, mOriginalFrameSrc, mShouldCheckForRecursion, mIsFormSubmission, mUserNavigationInvolvement, mFirstParty, mHasValidUserGestureActivation, mTextDirectiveUserActivation, mAllowFocusMove, mIsFromProcessingFrameAttributes, mChannelInitialized, mIsMetaRefresh, mWasCreatedRemotely, mSchemelessInput, consider reordering the fields or adding explicit padding members

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name AccessibleWrap.cpp -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=cplusplus -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -analyzer-config-compatibility-mode=true -mrelocation-model pic -pic-level 2 -fhalf-no-semantic-interposition -mframe-pointer=all -relaxed-aliasing -ffp-contract=off -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -fdebug-compilation-dir=/root/firefox-clang/obj-x86_64-pc-linux-gnu/accessible/atk -fcoverage-compilation-dir=/root/firefox-clang/obj-x86_64-pc-linux-gnu/accessible/atk -resource-dir /usr/lib/llvm-21/lib/clang/21 -include /root/firefox-clang/config/gcc_hidden.h -include /root/firefox-clang/obj-x86_64-pc-linux-gnu/mozilla-config.h -I /root/firefox-clang/obj-x86_64-pc-linux-gnu/dist/stl_wrappers -I /root/firefox-clang/obj-x86_64-pc-linux-gnu/dist/system_wrappers -U _FORTIFY_SOURCE -D _FORTIFY_SOURCE=2 -D _GLIBCXX_ASSERTIONS -D DEBUG=1 -D MOZ_HAS_MOZGLUE -D MOZILLA_INTERNAL_API -D IMPL_LIBXUL -D MOZ_SUPPORT_LEAKCHECKING -D STATIC_EXPORTABLE_JS_API -I /root/firefox-clang/accessible/atk -I /root/firefox-clang/obj-x86_64-pc-linux-gnu/accessible/atk -I /root/firefox-clang/accessible/base -I /root/firefox-clang/accessible/generic -I /root/firefox-clang/accessible/html -I /root/firefox-clang/accessible/ipc -I /root/firefox-clang/accessible/xpcom -I /root/firefox-clang/accessible/xul -I /root/firefox-clang/layout/generic -I /root/firefox-clang/other-licenses/atk-1.0 -I /root/firefox-clang/widget -I /root/firefox-clang/widget/gtk -I /root/firefox-clang/obj-x86_64-pc-linux-gnu/ipc/ipdl/_ipdlheaders -I /root/firefox-clang/ipc/chromium/src -I /root/firefox-clang/obj-x86_64-pc-linux-gnu/dist/include -I /root/firefox-clang/obj-x86_64-pc-linux-gnu/dist/include/nspr -I /root/firefox-clang/obj-x86_64-pc-linux-gnu/dist/include/nss -D MOZILLA_CLIENT -I /usr/include/gtk-3.0 -I /usr/include/pango-1.0 -I /usr/include/glib-2.0 -I /usr/lib/x86_64-linux-gnu/glib-2.0/include -I /usr/include/sysprof-6 -I /usr/include/harfbuzz -I /usr/include/freetype2 -I /usr/include/libpng16 -I /usr/include/libmount -I /usr/include/blkid -I /usr/include/fribidi -I /usr/include/cairo -I /usr/include/pixman-1 -I /usr/include/gdk-pixbuf-2.0 -I /usr/include/x86_64-linux-gnu -I /usr/include/webp -I /usr/include/gio-unix-2.0 -I /usr/include/cloudproviders -I /usr/include/atk-1.0 -I /usr/include/at-spi2-atk/2.0 -I /usr/include/at-spi-2.0 -I /usr/include/dbus-1.0 -I /usr/lib/x86_64-linux-gnu/dbus-1.0/include -I /usr/include/gtk-3.0/unix-print -I /usr/include/dbus-1.0 -I /usr/lib/x86_64-linux-gnu/dbus-1.0/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../include/c++/14 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../include/x86_64-linux-gnu/c++/14 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../include/c++/14/backward -internal-isystem /usr/lib/llvm-21/lib/clang/21/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/14/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -O2 -Wno-error=pessimizing-move -Wno-error=large-by-value-copy=128 -Wno-error=implicit-int-float-conversion -Wno-error=thread-safety-analysis -Wno-error=tautological-type-limit-compare -Wno-invalid-offsetof -Wno-range-loop-analysis -Wno-deprecated-anon-enum-enum-conversion -Wno-deprecated-enum-enum-conversion -Wno-deprecated-this-capture -Wno-inline-new-delete -Wno-error=deprecated-declarations -Wno-error=array-bounds -Wno-error=free-nonheap-object -Wno-error=atomic-alignment -Wno-error=deprecated-builtins -Wno-psabi -Wno-error=builtin-macro-redefined -Wno-vla-cxx-extension -Wno-unknown-warning-option -Wno-error=unused-function -Wno-unused-local-typedefs -fdeprecated-macro -ferror-limit 19 -fstrict-flex-arrays=1 -stack-protector 2 -fstack-clash-protection -ftrivial-auto-var-init=pattern -fno-rtti -fgnuc-version=4.2.1 -fskip-odr-check-in-gmf -fno-sized-deallocation -fno-aligned-allocation -vectorize-loops -vectorize-slp -analyzer-checker optin.performance.Padding -analyzer-output=html -analyzer-config stable-report-filename=true -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/scan-build-2025-06-27-100320-3286336-1 -x c++ /root/firefox-clang/accessible/atk/AccessibleWrap.cpp
1/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2/* vim: set ts=8 sts=2 et sw=2 tw=80: */
3/* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7#ifndef nsDocShellLoadState_h__
8#define nsDocShellLoadState_h__
9
10#include "mozilla/dom/BrowsingContext.h"
11#include "mozilla/dom/NavigationBinding.h"
12#include "mozilla/dom/SessionHistoryEntry.h"
13#include "mozilla/dom/UserNavigationInvolvement.h"
14
15#include "nsIClassifiedChannel.h"
16#include "nsILoadInfo.h"
17
18// Helper Classes
19#include "mozilla/Maybe.h"
20#include "nsCOMPtr.h"
21#include "nsString.h"
22#include "nsDocShellLoadTypes.h"
23#include "nsTArrayForwardDeclare.h"
24
25class nsIContentSecurityPolicy;
26class nsIInputStream;
27class nsISHEntry;
28class nsIURI;
29class nsIDocShell;
30class nsIChannel;
31class nsIReferrerInfo;
32struct HTTPSFirstDowngradeData;
33namespace mozilla {
34class OriginAttributes;
35template <typename, class>
36class UniquePtr;
37namespace dom {
38class FormData;
39class DocShellLoadStateInit;
40} // namespace dom
41} // namespace mozilla
42
43/**
44 * nsDocShellLoadState contains setup information used in a nsIDocShell::loadURI
45 * call.
46 */
47class nsDocShellLoadState final {
Excessive padding in 'class nsDocShellLoadState' (54 padding bytes, where 6 is optimal). Optimal fields order: mRefCnt, _mOwningThread, mReferrerInfo, mURI, mOriginalURI, mResultPrincipalURI, mTriggeringPrincipal, mTriggeringWindowId, mCsp, mPrincipalToInherit, mPartitionedPrincipalToInherit, mHttpsFirstDowngradeData, mSHEntry, mLoadingSessionHistoryInfo, mPostDataStream, mHeadersStream, mBaseURI, mPendingRedirectedChannel, mChannelRegistrarId, mLoadIdentifier, mUnstrippedURI, mSourceElement, mNavigationAPIState, mFormDataEntryList, mTarget, mTargetBrowsingContext, mSrcdocData, mSourceBrowsingContext, mTypeHint, mFileName, mTriggeringRemoteType, mOriginalURIString, mRemoteTypeOverride, mTriggeringSandboxFlags, mLoadType, mLoadFlags, mInternalLoadFlags, mHttpsUpgradeTelemetry, mTriggeringClassificationFlags, mCancelContentJSEpoch, mResultPrincipalURIIsSome, mTriggeringStorageAccess, mKeepResultPrincipalURIIfSet, mLoadReplace, mInheritPrincipal, mPrincipalIsExplicit, mNotifiedBeforeUnloadListeners, mForceAllowDataURI, mIsExemptFromHTTPSFirstMode, mOriginalFrameSrc, mShouldCheckForRecursion, mIsFormSubmission, mUserNavigationInvolvement, mFirstParty, mHasValidUserGestureActivation, mTextDirectiveUserActivation, mAllowFocusMove, mIsFromProcessingFrameAttributes, mChannelInitialized, mIsMetaRefresh, mWasCreatedRemotely, mSchemelessInput, consider reordering the fields or adding explicit padding members
48 using BrowsingContext = mozilla::dom::BrowsingContext;
49 template <typename T>
50 using MaybeDiscarded = mozilla::dom::MaybeDiscarded<T>;
51
52 public:
53 NS_INLINE_DECL_REFCOUNTING(nsDocShellLoadState)public: MozExternalRefCountType AddRef(void) { static_assert(
!std::is_destructible_v<nsDocShellLoadState>, "Reference-counted class "
"nsDocShellLoadState" " should not have a public destructor. "
"Make this class's destructor non-public"); do { static_assert
( mozilla::detail::AssertionConditionType<decltype(int32_t
(mRefCnt) >= 0)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(int32_t(mRefCnt) >= 0))),
0))) { do { } while (false); MOZ_ReportAssertionFailure("int32_t(mRefCnt) >= 0"
" (" "illegal refcnt" ")", "/root/firefox-clang/obj-x86_64-pc-linux-gnu/dist/include/nsDocShellLoadState.h"
, 53); AnnotateMozCrashReason("MOZ_ASSERT" "(" "int32_t(mRefCnt) >= 0"
") (" "illegal refcnt" ")"); do { MOZ_CrashSequence(__null, 53
); __attribute__((nomerge)) ::abort(); } while (false); } } while
(false); _mOwningThread.AssertOwnership("nsDocShellLoadState"
" not thread-safe"); ++mRefCnt; NS_LogAddRef((this), (mRefCnt
), ("nsDocShellLoadState"), (uint32_t)(sizeof(*this))); return
mRefCnt; } MozExternalRefCountType Release(void) { do { static_assert
( mozilla::detail::AssertionConditionType<decltype(int32_t
(mRefCnt) > 0)>::isValid, "invalid assertion condition"
); if ((__builtin_expect(!!(!(!!(int32_t(mRefCnt) > 0))), 0
))) { do { } while (false); MOZ_ReportAssertionFailure("int32_t(mRefCnt) > 0"
" (" "dup release" ")", "/root/firefox-clang/obj-x86_64-pc-linux-gnu/dist/include/nsDocShellLoadState.h"
, 53); AnnotateMozCrashReason("MOZ_ASSERT" "(" "int32_t(mRefCnt) > 0"
") (" "dup release" ")"); do { MOZ_CrashSequence(__null, 53)
; __attribute__((nomerge)) ::abort(); } while (false); } } while
(false); _mOwningThread.AssertOwnership("nsDocShellLoadState"
" not thread-safe"); --mRefCnt; NS_LogRelease((this), (mRefCnt
), ("nsDocShellLoadState")); if (mRefCnt == 0) { mRefCnt = 1;
delete (this); return 0; } return mRefCnt; } using HasThreadSafeRefCnt
= std::false_type; protected: nsAutoRefCnt mRefCnt; nsAutoOwningThread
_mOwningThread; public:;
54
55 explicit nsDocShellLoadState(nsIURI* aURI);
56 explicit nsDocShellLoadState(
57 const mozilla::dom::DocShellLoadStateInit& aLoadState,
58 mozilla::ipc::IProtocol* aActor, bool* aReadSuccess);
59 explicit nsDocShellLoadState(const nsDocShellLoadState& aOther);
60 nsDocShellLoadState(nsIURI* aURI, uint64_t aLoadIdentifier);
61
62 static nsresult CreateFromPendingChannel(nsIChannel* aPendingChannel,
63 uint64_t aLoadIdentifier,
64 uint64_t aRegistarId,
65 nsDocShellLoadState** aResult);
66
67 static nsresult CreateFromLoadURIOptions(
68 BrowsingContext* aBrowsingContext, const nsAString& aURI,
69 const mozilla::dom::LoadURIOptions& aLoadURIOptions,
70 nsDocShellLoadState** aResult);
71 static nsresult CreateFromLoadURIOptions(
72 BrowsingContext* aBrowsingContext, nsIURI* aURI,
73 const mozilla::dom::LoadURIOptions& aLoadURIOptions,
74 nsDocShellLoadState** aResult);
75
76 // Getters and Setters
77
78 nsIReferrerInfo* GetReferrerInfo() const;
79
80 void SetReferrerInfo(nsIReferrerInfo* aReferrerInfo);
81
82 nsIURI* URI() const;
83
84 void SetURI(nsIURI* aURI);
85
86 nsIURI* OriginalURI() const;
87
88 void SetOriginalURI(nsIURI* aOriginalURI);
89
90 nsIURI* ResultPrincipalURI() const;
91
92 void SetResultPrincipalURI(nsIURI* aResultPrincipalURI);
93
94 bool ResultPrincipalURIIsSome() const;
95
96 void SetResultPrincipalURIIsSome(bool aIsSome);
97
98 bool KeepResultPrincipalURIIfSet() const;
99
100 void SetKeepResultPrincipalURIIfSet(bool aKeep);
101
102 nsIPrincipal* PrincipalToInherit() const;
103
104 void SetPrincipalToInherit(nsIPrincipal* aPrincipalToInherit);
105
106 nsIPrincipal* PartitionedPrincipalToInherit() const;
107
108 void SetPartitionedPrincipalToInherit(
109 nsIPrincipal* aPartitionedPrincipalToInherit);
110
111 bool LoadReplace() const;
112
113 void SetLoadReplace(bool aLoadReplace);
114
115 nsIPrincipal* TriggeringPrincipal() const;
116
117 void SetTriggeringPrincipal(nsIPrincipal* aTriggeringPrincipal);
118
119 uint32_t TriggeringSandboxFlags() const;
120
121 void SetTriggeringSandboxFlags(uint32_t aTriggeringSandboxFlags);
122
123 uint64_t TriggeringWindowId() const;
124
125 void SetTriggeringWindowId(uint64_t aTriggeringWindowId);
126
127 bool TriggeringStorageAccess() const;
128
129 void SetTriggeringStorageAccess(bool aTriggeringStorageAccess);
130
131 mozilla::net::ClassificationFlags TriggeringClassificationFlags() const;
132 void SetTriggeringClassificationFlags(
133 mozilla::net::ClassificationFlags aFlags);
134
135 nsIContentSecurityPolicy* Csp() const;
136
137 void SetCsp(nsIContentSecurityPolicy* aCsp);
138
139 bool InheritPrincipal() const;
140
141 void SetInheritPrincipal(bool aInheritPrincipal);
142
143 bool PrincipalIsExplicit() const;
144
145 void SetPrincipalIsExplicit(bool aPrincipalIsExplicit);
146
147 // If true, "beforeunload" event listeners were notified by the creater of the
148 // LoadState and given the chance to abort the navigation, and should not be
149 // notified again.
150 bool NotifiedBeforeUnloadListeners() const;
151
152 void SetNotifiedBeforeUnloadListeners(bool aNotifiedBeforeUnloadListeners);
153
154 bool ForceAllowDataURI() const;
155
156 void SetForceAllowDataURI(bool aForceAllowDataURI);
157
158 bool IsExemptFromHTTPSFirstMode() const;
159
160 void SetIsExemptFromHTTPSFirstMode(bool aIsExemptFromHTTPSFirstMode);
161
162 RefPtr<HTTPSFirstDowngradeData> GetHttpsFirstDowngradeData() const;
163
164 void SetHttpsFirstDowngradeData(
165 RefPtr<HTTPSFirstDowngradeData> const& aHttpsFirstTelemetryData);
166
167 bool OriginalFrameSrc() const;
168
169 void SetOriginalFrameSrc(bool aOriginalFrameSrc);
170
171 bool ShouldCheckForRecursion() const;
172
173 void SetShouldCheckForRecursion(bool aShouldCheckForRecursion);
174
175 bool IsFormSubmission() const;
176
177 void SetIsFormSubmission(bool aIsFormSubmission);
178
179 uint32_t LoadType() const;
180
181 void SetLoadType(uint32_t aLoadType);
182
183 mozilla::dom::UserNavigationInvolvement UserNavigationInvolvement() const;
184
185 void SetUserNavigationInvolvement(
186 mozilla::dom::UserNavigationInvolvement aUserNavigationInvolvement);
187
188 nsISHEntry* SHEntry() const;
189
190 void SetSHEntry(nsISHEntry* aSHEntry);
191
192 const mozilla::dom::LoadingSessionHistoryInfo* GetLoadingSessionHistoryInfo()
193 const;
194
195 // Copies aLoadingInfo and stores the copy in this nsDocShellLoadState.
196 void SetLoadingSessionHistoryInfo(
197 const mozilla::dom::LoadingSessionHistoryInfo& aLoadingInfo);
198
199 // Stores aLoadingInfo in this nsDocShellLoadState.
200 void SetLoadingSessionHistoryInfo(
201 mozilla::UniquePtr<mozilla::dom::LoadingSessionHistoryInfo> aLoadingInfo);
202
203 bool LoadIsFromSessionHistory() const;
204
205 const nsString& Target() const;
206
207 void SetTarget(const nsAString& aTarget);
208
209 nsIInputStream* PostDataStream() const;
210
211 void SetPostDataStream(nsIInputStream* aStream);
212
213 nsIInputStream* HeadersStream() const;
214
215 void SetHeadersStream(nsIInputStream* aHeadersStream);
216
217 bool IsSrcdocLoad() const;
218
219 const nsString& SrcdocData() const;
220
221 void SetSrcdocData(const nsAString& aSrcdocData);
222
223 const MaybeDiscarded<BrowsingContext>& SourceBrowsingContext() const {
224 return mSourceBrowsingContext;
225 }
226
227 void SetSourceBrowsingContext(BrowsingContext*);
228
229 void SetAllowFocusMove(bool aAllow) { mAllowFocusMove = aAllow; }
230
231 bool AllowFocusMove() const { return mAllowFocusMove; }
232
233 const MaybeDiscarded<BrowsingContext>& TargetBrowsingContext() const {
234 return mTargetBrowsingContext;
235 }
236
237 void SetTargetBrowsingContext(BrowsingContext* aTargetBrowsingContext);
238
239 nsIURI* BaseURI() const;
240
241 void SetBaseURI(nsIURI* aBaseURI);
242
243 // Helper function allowing convenient work with mozilla::Maybe in C++, hiding
244 // resultPrincipalURI and resultPrincipalURIIsSome attributes from the
245 // consumer.
246 void GetMaybeResultPrincipalURI(
247 mozilla::Maybe<nsCOMPtr<nsIURI>>& aRPURI) const;
248
249 void SetMaybeResultPrincipalURI(
250 mozilla::Maybe<nsCOMPtr<nsIURI>> const& aRPURI);
251
252 uint32_t LoadFlags() const;
253
254 void SetLoadFlags(uint32_t aFlags);
255
256 void SetLoadFlag(uint32_t aFlag);
257
258 void UnsetLoadFlag(uint32_t aFlag);
259
260 bool HasLoadFlags(uint32_t aFlag);
261
262 uint32_t InternalLoadFlags() const;
263
264 void SetInternalLoadFlags(uint32_t aFlags);
265
266 void SetInternalLoadFlag(uint32_t aFlag);
267
268 void UnsetInternalLoadFlag(uint32_t aFlag);
269
270 bool HasInternalLoadFlags(uint32_t aFlag);
271
272 bool FirstParty() const;
273
274 void SetFirstParty(bool aFirstParty);
275
276 bool HasValidUserGestureActivation() const;
277
278 void SetHasValidUserGestureActivation(bool HasValidUserGestureActivation);
279
280 void SetTextDirectiveUserActivation(bool aTextDirectiveUserActivation);
281
282 bool GetTextDirectiveUserActivation();
283
284 const nsCString& TypeHint() const;
285
286 void SetTypeHint(const nsCString& aTypeHint);
287
288 const nsString& FileName() const;
289
290 void SetFileName(const nsAString& aFileName);
291
292 nsIURI* GetUnstrippedURI() const;
293
294 void SetUnstrippedURI(nsIURI* aUnstrippedURI);
295
296 // Give the type of DocShell we're loading into (chrome/content/etc) and
297 // origin attributes for the URI we're loading, figure out if we should
298 // inherit our principal from the document the load was requested from, or
299 // else if the principal should be set up later in the process (after loads).
300 // See comments in function for more info on principal selection algorithm
301 nsresult SetupInheritingPrincipal(
302 mozilla::dom::BrowsingContext::Type aType,
303 const mozilla::OriginAttributes& aOriginAttributes);
304
305 // If no triggering principal exists at the moment, create one using referrer
306 // information and origin attributes.
307 nsresult SetupTriggeringPrincipal(
308 const mozilla::OriginAttributes& aOriginAttributes);
309
310 void SetIsFromProcessingFrameAttributes() {
311 mIsFromProcessingFrameAttributes = true;
312 }
313 bool GetIsFromProcessingFrameAttributes() const {
314 return mIsFromProcessingFrameAttributes;
315 }
316
317 nsIChannel* GetPendingRedirectedChannel() {
318 return mPendingRedirectedChannel;
319 }
320
321 uint64_t GetPendingRedirectChannelRegistrarId() const {
322 return mChannelRegistrarId;
323 }
324
325 void SetOriginalURIString(const nsCString& aOriginalURI) {
326 mOriginalURIString.emplace(aOriginalURI);
327 }
328 const mozilla::Maybe<nsCString>& GetOriginalURIString() const {
329 return mOriginalURIString;
330 }
331
332 void SetCancelContentJSEpoch(int32_t aCancelEpoch) {
333 mCancelContentJSEpoch.emplace(aCancelEpoch);
334 }
335 const mozilla::Maybe<int32_t>& GetCancelContentJSEpoch() const {
336 return mCancelContentJSEpoch;
337 }
338
339 uint64_t GetLoadIdentifier() const { return mLoadIdentifier; }
340
341 void SetChannelInitialized(bool aInitilized) {
342 mChannelInitialized = aInitilized;
343 }
344
345 bool GetChannelInitialized() const { return mChannelInitialized; }
346
347 void SetIsMetaRefresh(bool aMetaRefresh) { mIsMetaRefresh = aMetaRefresh; }
348
349 bool IsMetaRefresh() const { return mIsMetaRefresh; }
350
351 const mozilla::Maybe<nsCString>& GetRemoteTypeOverride() const {
352 return mRemoteTypeOverride;
353 }
354
355 void SetRemoteTypeOverride(const nsCString& aRemoteTypeOverride);
356
357 void SetSchemelessInput(nsILoadInfo::SchemelessInputType aSchemelessInput) {
358 mSchemelessInput = aSchemelessInput;
359 }
360
361 nsILoadInfo::SchemelessInputType GetSchemelessInput() {
362 return mSchemelessInput;
363 }
364
365 void SetHttpsUpgradeTelemetry(
366 nsILoadInfo::HTTPSUpgradeTelemetryType aHttpsUpgradeTelemetry) {
367 mHttpsUpgradeTelemetry = aHttpsUpgradeTelemetry;
368 }
369
370 nsILoadInfo::HTTPSUpgradeTelemetryType GetHttpsUpgradeTelemetry() {
371 return mHttpsUpgradeTelemetry;
372 }
373
374 // Determine the remote type of the process which should be considered
375 // responsible for this load for the purposes of security checks.
376 //
377 // This will generally be the process which created the nsDocShellLoadState
378 // originally, however non-errorpage history loads are always considered to be
379 // triggered by the parent process, as we can validate them against the
380 // history entry.
381 const nsCString& GetEffectiveTriggeringRemoteType() const;
382
383 void SetTriggeringRemoteType(const nsACString& aTriggeringRemoteType);
384
385 // Diagnostic assert if this is a system-principal triggered load, and it is
386 // trivial to determine that the effective triggering remote type would not be
387 // allowed to perform this load.
388 //
389 // This is called early during the load to crash as close to the cause as
390 // possible. See bug 1838686 for details.
391#ifdef MOZ_DIAGNOSTIC_ASSERT_ENABLED1
392 void AssertProcessCouldTriggerLoadIfSystem();
393#else
394 void AssertProcessCouldTriggerLoadIfSystem() {}
395#endif
396
397 // When loading a document through nsDocShell::LoadURI(), a special set of
398 // flags needs to be set based on other values in nsDocShellLoadState. This
399 // function calculates those flags, before the LoadState is passed to
400 // nsDocShell::InternalLoad.
401 void CalculateLoadURIFlags();
402
403 // Compute the load flags to be used by creating channel. aUriModified and
404 // aIsEmbeddingBlockedError are expected to be Nothing when called from parent
405 // process.
406 nsLoadFlags CalculateChannelLoadFlags(
407 mozilla::dom::BrowsingContext* aBrowsingContext, bool aUriModified,
408 mozilla::Maybe<bool> aIsEmbeddingBlockedError);
409
410 mozilla::dom::DocShellLoadStateInit Serialize(
411 mozilla::ipc::IProtocol* aActor);
412
413 void SetLoadIsFromSessionHistory(int32_t aOffset, bool aLoadingCurrentEntry);
414 void ClearLoadIsFromSessionHistory();
415
416 void MaybeStripTrackerQueryStrings(mozilla::dom::BrowsingContext* aContext);
417
418 // This is used as the parameter for https://html.spec.whatwg.org/#navigate
419 void SetSourceElement(mozilla::dom::Element* aElement);
420 already_AddRefed<mozilla::dom::Element> GetSourceElement() const;
421
422 // This is used as the parameter for https://html.spec.whatwg.org/#navigate,
423 // but it's currently missing. See bug 1966674
424 nsIStructuredCloneContainer* GetNavigationAPIState() const;
425 void SetNavigationAPIState(nsIStructuredCloneContainer* aNavigationAPIState);
426
427 // This is used as the parameter for https://html.spec.whatwg.org/#navigate
428 mozilla::dom::NavigationType GetNavigationType() const;
429
430 // This is used as the parameter for https://html.spec.whatwg.org/#navigate
431 // It should only ever be set if the method is POST.
432 mozilla::dom::FormData* GetFormDataEntryList();
433 void SetFormDataEntryList(mozilla::dom::FormData* aFormDataEntryList);
434
435 protected:
436 // Destructor can't be defaulted or inlined, as header doesn't have all type
437 // includes it needs to do so.
438 ~nsDocShellLoadState();
439
440 // Given the original `nsDocShellLoadState` which was sent to a content
441 // process, validate that they corespond to the same load.
442 // Returns a static (telemetry-safe) string naming what did not match, or
443 // nullptr if it succeeds.
444 const char* ValidateWithOriginalState(nsDocShellLoadState* aOriginalState);
445
446 static nsresult CreateFromLoadURIOptions(
447 BrowsingContext* aBrowsingContext, nsIURI* aURI,
448 const mozilla::dom::LoadURIOptions& aLoadURIOptions,
449 uint32_t aLoadFlagsOverride, nsIInputStream* aPostDataOverride,
450 nsDocShellLoadState** aResult);
451
452 // This is the referrer for the load.
453 nsCOMPtr<nsIReferrerInfo> mReferrerInfo;
454
455 // The URI we are navigating to. Will not be null once set.
456 nsCOMPtr<nsIURI> mURI;
457
458 // The URI to set as the originalURI on the channel that does the load. If
459 // null, aURI will be set as the originalURI.
460 nsCOMPtr<nsIURI> mOriginalURI;
461
462 // The URI to be set to loadInfo.resultPrincipalURI
463 // - When Nothing, there will be no change
464 // - When Some, the principal URI will overwrite even
465 // with a null value.
466 //
467 // Valid only if mResultPrincipalURIIsSome is true (has the same meaning as
468 // isSome() on mozilla::Maybe.)
469 nsCOMPtr<nsIURI> mResultPrincipalURI;
470 bool mResultPrincipalURIIsSome;
471
472 // The principal of the load, that is, the entity responsible for causing the
473 // load to occur. In most cases the referrer and the triggeringPrincipal's URI
474 // will be identical.
475 //
476 // Please note that this is the principal that is used for security checks. If
477 // the argument aURI is provided by the web, then please do not pass a
478 // SystemPrincipal as the triggeringPrincipal.
479 nsCOMPtr<nsIPrincipal> mTriggeringPrincipal;
480
481 // The SandboxFlags of the load, that are, the SandboxFlags of the entity
482 // responsible for causing the load to occur. Most likely this are the
483 // SandboxFlags of the document that started the load.
484 uint32_t mTriggeringSandboxFlags;
485
486 // The window ID and current "has storage access" value of the entity
487 // triggering the load. This allows the identification of self-initiated
488 // same-origin navigations that should propogate unpartitioned storage access.
489 uint64_t mTriggeringWindowId;
490 bool mTriggeringStorageAccess;
491
492 // The classification flags of the context responsible for causing
493 // the load to start.
494 mozilla::net::ClassificationFlags mTriggeringClassificationFlags;
495
496 // The CSP of the load, that is, the CSP of the entity responsible for causing
497 // the load to occur. Most likely this is the CSP of the document that started
498 // the load. In case the entity starting the load did not use a CSP, then mCsp
499 // can be null. Please note that this is also the CSP that will be applied to
500 // the load in case the load encounters a server side redirect.
501 nsCOMPtr<nsIContentSecurityPolicy> mCsp;
502
503 // If a refresh is caused by http-equiv="refresh" we want to set
504 // aResultPrincipalURI, but we do not want to overwrite the channel's
505 // ResultPrincipalURI, if it has already been set on the channel by a protocol
506 // handler.
507 bool mKeepResultPrincipalURIIfSet;
508
509 // If set LOAD_REPLACE flag will be set on the channel. If aOriginalURI is
510 // null, this argument is ignored.
511 bool mLoadReplace;
512
513 // If this attribute is true and no triggeringPrincipal is specified,
514 // copy the principal from the referring document.
515 bool mInheritPrincipal;
516
517 // If this attribute is true only ever use the principal specified
518 // by the triggeringPrincipal and inheritPrincipal attributes.
519 // If there are security reasons for why this is unsafe, such
520 // as trying to use a systemprincipal as the triggeringPrincipal
521 // for a content docshell the load fails.
522 bool mPrincipalIsExplicit;
523
524 bool mNotifiedBeforeUnloadListeners;
525
526 // Principal we're inheriting. If null, this means the principal should be
527 // inherited from the current document. If set to NullPrincipal, the channel
528 // will fill in principal information later in the load. See internal comments
529 // of SetupInheritingPrincipal for more info.
530 //
531 // When passed to InternalLoad, If this argument is null then
532 // principalToInherit is computed differently. See nsDocShell::InternalLoad
533 // for more comments.
534
535 nsCOMPtr<nsIPrincipal> mPrincipalToInherit;
536
537 nsCOMPtr<nsIPrincipal> mPartitionedPrincipalToInherit;
538
539 // If this attribute is true, then a top-level navigation
540 // to a data URI will be allowed.
541 bool mForceAllowDataURI;
542
543 // If this attribute is true, then the top-level navigaion
544 // will be exempt from HTTPS-Only-Mode upgrades.
545 bool mIsExemptFromHTTPSFirstMode;
546
547 // If set, this load is a HTTPS-First downgrade, and the downgrade data will
548 // be submitted to telemetry later if the load succeeds.
549 RefPtr<HTTPSFirstDowngradeData> mHttpsFirstDowngradeData;
550
551 // If this attribute is true, this load corresponds to a frame
552 // element loading its original src (or srcdoc) attribute.
553 bool mOriginalFrameSrc;
554
555 // If this attribute is true, this load corresponds to a frame, object, or
556 // embed element that needs a recursion check when loading it's src (or data).
557 // Unlike mOriginalFrameSrc, this attribute will always be set regardless
558 // whether we've loaded the src already.
559 bool mShouldCheckForRecursion;
560
561 // If this attribute is true, then the load was initiated by a
562 // form submission.
563 bool mIsFormSubmission;
564
565 // Contains a load type as specified by the nsDocShellLoadTypes::load*
566 // constants
567 uint32_t mLoadType;
568
569 // https://html.spec.whatwg.org/#user-navigation-involvement
570 mozilla::dom::UserNavigationInvolvement mUserNavigationInvolvement =
571 mozilla::dom::UserNavigationInvolvement::None;
572
573 // Active Session History entry (if loading from SH)
574 nsCOMPtr<nsISHEntry> mSHEntry;
575
576 // Loading session history info for the load
577 mozilla::UniquePtr<mozilla::dom::LoadingSessionHistoryInfo>
578 mLoadingSessionHistoryInfo;
579
580 // Target for load, like _content, _blank etc.
581 nsString mTarget;
582
583 // When set, this is the Target Browsing Context for the navigation
584 // after retargeting.
585 MaybeDiscarded<BrowsingContext> mTargetBrowsingContext;
586
587 // Post data stream (if POSTing)
588 nsCOMPtr<nsIInputStream> mPostDataStream;
589
590 // Additional Headers
591 nsCOMPtr<nsIInputStream> mHeadersStream;
592
593 // When set, the load will be interpreted as a srcdoc load, where contents of
594 // this string will be loaded instead of the URI. Setting srcdocData sets
595 // isSrcdocLoad to true
596 nsString mSrcdocData;
597
598 // When set, this is the Source Browsing Context for the navigation.
599 MaybeDiscarded<BrowsingContext> mSourceBrowsingContext;
600
601 // Used for srcdoc loads to give view-source knowledge of the load's base URI
602 // as this information isn't embedded in the load's URI.
603 nsCOMPtr<nsIURI> mBaseURI;
604
605 // Set of Load Flags, taken from nsDocShellLoadTypes.h and nsIWebNavigation
606 uint32_t mLoadFlags;
607
608 // Set of internal load flags
609 uint32_t mInternalLoadFlags;
610
611 // Is this a First Party Load?
612 bool mFirstParty;
613
614 // Is this load triggered by a user gesture?
615 bool mHasValidUserGestureActivation;
616
617 // True if a text directive can be scrolled to. This is true either if the
618 // load is triggered by a user, or the document has an unconsumed activation
619 // (eg. client redirect).
620 bool mTextDirectiveUserActivation = false;
621
622 // Whether this load can steal the focus from the source browsing context.
623 bool mAllowFocusMove;
624
625 // A hint as to the content-type of the resulting data. If no hint, IsVoid()
626 // should return true.
627 nsCString mTypeHint;
628
629 // Non-void when the link should be downloaded as the given filename.
630 // mFileName being non-void but empty means that no filename hint was
631 // specified, but link should still trigger a download. If not a download,
632 // mFileName.IsVoid() should return true.
633 nsString mFileName;
634
635 // This will be true if this load is triggered by attribute changes.
636 // See nsILoadInfo.isFromProcessingFrameAttributes
637 bool mIsFromProcessingFrameAttributes;
638
639 // If set, a pending cross-process redirected channel should be used to
640 // perform the load. The channel will be stored in this value.
641 nsCOMPtr<nsIChannel> mPendingRedirectedChannel;
642
643 // An optional string representation of mURI, before any
644 // fixups were applied, so that we can send it to a search
645 // engine service if needed.
646 mozilla::Maybe<nsCString> mOriginalURIString;
647
648 // An optional value to pass to nsIDocShell::setCancelJSEpoch
649 // when initiating the load.
650 mozilla::Maybe<int32_t> mCancelContentJSEpoch;
651
652 // If mPendingRedirectChannel is set, then this is the identifier
653 // that the parent-process equivalent channel has been registered
654 // with using RedirectChannelRegistrar.
655 uint64_t mChannelRegistrarId;
656
657 // An identifier to make it possible to examine if two loads are
658 // equal, and which browsing context they belong to (see
659 // BrowsingContext::{Get, Set}CurrentLoadIdentifier)
660 const uint64_t mLoadIdentifier;
661
662 // Optional value to indicate that a channel has been
663 // pre-initialized in the parent process.
664 bool mChannelInitialized;
665
666 // True if the load was triggered by a meta refresh.
667 bool mIsMetaRefresh;
668
669 // True if the nsDocShellLoadState was received over IPC.
670 bool mWasCreatedRemotely = false;
671
672 // The original URI before query stripping happened. If it's present, it shows
673 // the query stripping happened. Otherwise, it will be a nullptr.
674 nsCOMPtr<nsIURI> mUnstrippedURI;
675
676 // If set, the remote type which the load should be completed within.
677 mozilla::Maybe<nsCString> mRemoteTypeOverride;
678
679 // Remote type of the process which originally requested the load.
680 nsCString mTriggeringRemoteType;
681
682 // if the address had an intentional protocol
683 nsILoadInfo::SchemelessInputType mSchemelessInput =
684 nsILoadInfo::SchemelessInputTypeUnset;
685
686 // Solely for the use of collecting Telemetry for HTTPS upgrades.
687 nsILoadInfo::HTTPSUpgradeTelemetryType mHttpsUpgradeTelemetry =
688 nsILoadInfo::NOT_INITIALIZED;
689
690 nsWeakPtr mSourceElement;
691
692 nsCOMPtr<nsIStructuredCloneContainer> mNavigationAPIState;
693
694 RefPtr<mozilla::dom::FormData> mFormDataEntryList;
695};
696
697#endif /* nsDocShellLoadState_h__ */