[tor-commits] [torbutton/master] Bug 3739: SafeCache policy fails for https->http CORS

[mikeperry at torproject.org]

commit 349dcb1c5776936a37d21dfd70f9d0d2f1227513
Author: Mike Perry <mikeperry-git at fscked.org>
Date:   Sat Aug 20 17:42:20 2011 -0700

    Bug 3739: SafeCache policy fails for https->http CORS
    
    We use the cookie permissions api to get the origin URI. It can do some magic
    we can't do from XPCOM. Thanks to Georg Koppen for the tip!
---
 src/chrome/content/stanford-safecache.js |   15 +++++++++++----
 1 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/src/chrome/content/stanford-safecache.js b/src/chrome/content/stanford-safecache.js
index bf2fb16..0b08bda 100644
--- a/src/chrome/content/stanford-safecache.js
+++ b/src/chrome/content/stanford-safecache.js
@@ -55,6 +55,7 @@ function SSC_dump(msg) {
 
 function SSC_RequestListener(controller) {
   this.controller = controller;
+  this.cookie_permissions = Cc["@mozilla.org/cookie/permission;1"].getService(Ci.nsICookiePermission);
 }
 
 SSC_RequestListener.prototype =
@@ -119,10 +120,16 @@ SSC_RequestListener.prototype =
       parent_host = null;  // first party interaction
     } else if(!parent_host) {
       // Questionable first party interaction..
-      if (!channel.referrer) {
-        torbutton_safelog(3, "SSC: No parent for ", channel.URI.spec);
-      } else {
-        parent_host = channel.referrer.host;
+      try {
+        var anuri = this.cookie_permissions.getOriginatingURI(channel);
+        parent_host = anuri.host;
+      } catch(e) {
+        torbutton_safelog(2, "Cookie API failed to get parent: "+e,channel.URI.spec);
+        if (!channel.referrer) {
+          torbutton_safelog(3, "SSC: No parent for ", channel.URI.spec);
+        } else {
+          parent_host = channel.referrer.host;
+        }
       }
     }