Closed Bug 1198669 Opened 5 years ago Closed 5 years ago
Unable to get the original http header inside through ns
In new security model, we need to check the integrity of each resource in the package. While we can get the original body for each subresource, there's no way to get the original http header. The closest way is to serialize the object nsHttpResponseHead which we obtain from nsIMultipartChannel. It could be different from the original one for a couple of reasons. We need to either add API to nsIMultipartChannel to expose original http header.
see bug 669259
(In reply to Dragana Damjanovic [:dragana] from comment #1) > see bug 669259 If you are referring to get them from cache, it would be a little difficult for packaged app since we will copy some headers from the base channel to the part channel and save to the cache. Sigh...
(In reply to Henry Chang [:henry] from comment #2) > (In reply to Dragana Damjanovic [:dragana] from comment #1) > > see bug 669259 > > If you are referring to get them from cache, it would be a little difficult > for packaged app since we will copy some headers from the base channel to > the part channel and save to the cache. Sigh... Sorry, I think, I understand now what you mean with "It could be different from the original one for a couple of reasons." Because you have not really define the part "different to what" I have understood it wrong.
Hi Valentin, Sorry for bothering again :p I just realised we need this patch to get rid of the header we copy from the base channel for verification. (since the integrity hash covers the header). I will provide the test case tomorrow. If you are busy or not able to review this, I may ask Jason to do the review. Just let you know first :) Thanks!
By the way, I have tested the patch and it works pretty well.
Comment on attachment 8657829 [details] [diff] [review] Bug1198669.diff This looks pretty nice. Add a test and it's good to go.
Attachment #8657829 - Flags: review+
Attachment #8657829 - Attachment is obsolete: true
You need to log in before you can comment on or make changes to this bug.