1661275 - HTTPS-Only: httpsOnlyStatus in loadInfo has wrong value in child-process after timeout

Status: RESOLVED FIXED

(Core :: DOM: Security, defect, P2)

Description

[Julian Gaibler]

Workaround added in bug 1661077.

Background:

During a HTTPS-Only upgrade, flags get set on httpsOnlyStatus in loadInfo. These flags are then also used in nsHTTPSOnlyStreamListener.cpp to collect telemetry and in nsDocShell.cpp to determine whether to show the HTTPS-Only Error page or not.
With bug 1642387 we implemented that top-level requests can get canceled as NS_ERROR_NET_TIMEOUT when a separate HTTP request returns earlier.

Bug:

When a page times out and the request gets canceled, the httpsOnlyStatus in loadInfo is in it's default state and does not have the same value as in the parent-process. This means that the HTTPS-Only error page does not show up.

I added a bunch of printf statements in nsHTTPSOnlyStreamListener.cpp and nsDocShell.cpp, that maybe make it a bit clearer what's going on:

Website with SSL Error:

from: nsHTTPSOnlyStreamListener.cpp (Is parent-process: yes)
    HTTPS_ONLY_UNINITIALIZED =                    0
    HTTPS_ONLY_UPGRADED_LISTENER_NOT_REGISTERED = 0
    HTTPS_ONLY_UPGRADED_LISTENER_REGISTERED =     1
    HTTPS_ONLY_EXEMPT =                           0
    HTTPS_ONLY_TOP_LEVEL_LOAD_IN_PROGRESS =       1
    HTTPS_ONLY_DO_NOT_LOG_TO_CONSOLE =            0

from: docshell/base/nsDocShell.cpp (Is parent-process: no)
    HTTPS_ONLY_UNINITIALIZED =                    0
    HTTPS_ONLY_UPGRADED_LISTENER_NOT_REGISTERED = 0
    HTTPS_ONLY_UPGRADED_LISTENER_REGISTERED =     1
    HTTPS_ONLY_EXEMPT =                           0
    HTTPS_ONLY_TOP_LEVEL_LOAD_IN_PROGRESS =       1
    HTTPS_ONLY_DO_NOT_LOG_TO_CONSOLE =            0

Website with Timeout:

from: nsHTTPSOnlyStreamListener.cpp (Is parent-process: yes)
    HTTPS_ONLY_UNINITIALIZED =                    0
    HTTPS_ONLY_UPGRADED_LISTENER_NOT_REGISTERED = 0
    HTTPS_ONLY_UPGRADED_LISTENER_REGISTERED =     1
    HTTPS_ONLY_EXEMPT =                           0
    HTTPS_ONLY_TOP_LEVEL_LOAD_IN_PROGRESS =       1
    HTTPS_ONLY_DO_NOT_LOG_TO_CONSOLE =            0

from: docshell/base/nsDocShell.cpp (Is parent:-process no)
    HTTPS_ONLY_UNINITIALIZED =                    1
    HTTPS_ONLY_UPGRADED_LISTENER_NOT_REGISTERED = 0
    HTTPS_ONLY_UPGRADED_LISTENER_REGISTERED =     0
    HTTPS_ONLY_EXEMPT =                           0
    HTTPS_ONLY_TOP_LEVEL_LOAD_IN_PROGRESS =       0
    HTTPS_ONLY_DO_NOT_LOG_TO_CONSOLE =            0

Comment 1

[Julian Gaibler]

Hi Matt, since you already know bug 1642387, do you have a clue why this is happening?

Comment 2

[Matt Woodrow (:mattwoodrow)]

I think you can change the code to cancel the actual channel (httpsOnlyChannel) rather than the DocumentLoadListener.

The longer answer is normally a channel within DocumentLoadListener that fails (or is cancelled) still results in the channel being forwarded to the content process (along with the LoadInfo), and then the failure being reported as coming from that new channel.

If you cancel the DocumentLoadListener itself, then the failure is reported to the content process as coming from the placeholder channel DocumentChannelChild, which doesn't have the state from the LoadInfo that was mutated in the parent process.

Comment 3

[Julian Gaibler]

Attachment: Bug 1661275 - Cancel HTTPS-Only channel instead of DocumentLoadListener after timeout.

Comment 4

[Pulsebot]

Pushed by ncsoregi@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/2fc4eadf827f
Cancel HTTPS-Only channel instead of DocumentLoadListener after timeout. r=ckerschb

Comment 5

[Atila Butkovits]

https://hg.mozilla.org/mozilla-central/rev/2fc4eadf827f