--- a/security/manager/tools/getHSTSPreloadList.js
+++ b/security/manager/tools/getHSTSPreloadList.js
@@ -12,16 +12,19 @@
// Note: Running this file outputs a new nsSTSPreloadlist.inc in the current
// working directory.
var Cc = Components.classes;
var Ci = Components.interfaces;
var Cu = Components.utils;
var Cr = Components.results;
+var gSSService = Cc["@mozilla.org/ssservice;1"]
+ .getService(Ci.nsISiteSecurityService);
+
Cu.import("resource://gre/modules/Services.jsm");
Cu.import("resource://gre/modules/FileUtils.jsm");
Cu.import("resource://gre/modules/XPCOMUtils.jsm");
const SOURCE = "https://chromium.googlesource.com/chromium/src/net/+/master/http/transport_security_state_static.json?format=TEXT";
const OUTPUT = "nsSTSPreloadList.inc";
const ERROR_OUTPUT = "nsSTSPreloadList.errors";
const MINIMUM_REQUIRED_MAX_AGE = 60 * 60 * 24 * 7 * 18;
@@ -40,51 +43,51 @@ const HEADER = "/* This Source Code Form
"/* This is an automatically generated file. If you're not */\n" +
"/* nsSiteSecurityService.cpp, you shouldn't be #including it. */\n" +
"/*****************************************************************************/\n" +
"\n" +
"#include <stdint.h>\n";
const GPERF_DELIM = "%%\n";
function download() {
- var req = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"]
+ let req = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"]
.createInstance(Ci.nsIXMLHttpRequest);
req.open("GET", SOURCE, false); // doing the request synchronously
try {
req.send();
} catch (e) {
throw new Error(`ERROR: problem downloading '${SOURCE}': ${e}`);
}
if (req.status != 200) {
throw new Error("ERROR: problem downloading '" + SOURCE + "': status " +
req.status);
}
- var resultDecoded;
+ let resultDecoded;
try {
resultDecoded = atob(req.responseText);
} catch (e) {
throw new Error("ERROR: could not decode data as base64 from '" + SOURCE +
"': " + e);
}
// we have to filter out '//' comments, while not mangling the json
- var result = resultDecoded.replace(/^(\s*)?\/\/[^\n]*\n/mg, "");
- var data = null;
+ let result = resultDecoded.replace(/^(\s*)?\/\/[^\n]*\n/mg, "");
+ let data = null;
try {
data = JSON.parse(result);
} catch (e) {
throw new Error(`ERROR: could not parse data from '${SOURCE}': ${e}`);
}
return data;
}
function getHosts(rawdata) {
- var hosts = [];
+ let hosts = [];
if (!rawdata || !rawdata.entries) {
throw new Error("ERROR: source data not formatted correctly: 'entries' " +
"not found");
}
for (let entry of rawdata.entries) {
if (entry.mode && entry.mode == "force-https") {
@@ -100,27 +103,24 @@ function getHosts(rawdata) {
throw new Error("ERROR: entry not formatted correctly: no name found");
}
}
}
return hosts;
}
-var gSSService = Cc["@mozilla.org/ssservice;1"]
- .getService(Ci.nsISiteSecurityService);
-
function processStsHeader(host, header, status, securityInfo) {
- var maxAge = { value: 0 };
- var includeSubdomains = { value: false };
- var error = ERROR_NONE;
+ let maxAge = { value: 0 };
+ let includeSubdomains = { value: false };
+ let error = ERROR_NONE;
if (header != null && securityInfo != null) {
try {
- var uri = Services.io.newURI("https://" + host.name);
- var sslStatus = securityInfo.QueryInterface(Ci.nsISSLStatusProvider)
+ let uri = Services.io.newURI("https://" + host.name);
+ let sslStatus = securityInfo.QueryInterface(Ci.nsISSLStatusProvider)
.SSLStatus;
gSSService.processHeader(Ci.nsISiteSecurityService.HEADER_HSTS,
uri, header, sslStatus, 0,
Ci.nsISiteSecurityService.SOURCE_PRELOAD_LIST,
{}, maxAge, includeSubdomains);
} catch (e) {
dump("ERROR: could not process header '" + header + "' from " +
host.name + ": " + e + "\n");
@@ -166,20 +166,20 @@ RedirectAndAuthStopper.prototype = {
return this.QueryInterface(iid);
},
QueryInterface: XPCOMUtils.generateQI([Ci.nsIChannelEventSink,
Ci.nsIAuthPrompt2])
};
function getHSTSStatus(host, resultList) {
- var req = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"]
+ let req = Cc["@mozilla.org/xmlextras/xmlhttprequest;1"]
.createInstance(Ci.nsIXMLHttpRequest);
- var inResultList = false;
- var uri = "https://" + host.name + "/";
+ let inResultList = false;
+ let uri = "https://" + host.name + "/";
req.open("GET", uri, true);
req.setRequestHeader("X-Automated-Tool",
"https://hg.mozilla.org/mozilla-central/file/tip/security/manager/tools/getHSTSPreloadList.js");
req.timeout = REQUEST_TIMEOUT;
let errorhandler = (evt) => {
dump(`ERROR: error making request to ${host.name} (type=${evt.type})\n`);
if (!inResultList) {
@@ -222,36 +222,36 @@ function compareHSTSStatus(a, b) {
function writeTo(string, fos) {
fos.write(string, string.length);
}
// Determines and returns a string representing a declaration of when this
// preload list should no longer be used.
// This is the current time plus MINIMUM_REQUIRED_MAX_AGE.
function getExpirationTimeString() {
- var now = new Date();
- var nowMillis = now.getTime();
+ let now = new Date();
+ let nowMillis = now.getTime();
// MINIMUM_REQUIRED_MAX_AGE is in seconds, so convert to milliseconds
- var expirationMillis = nowMillis + (MINIMUM_REQUIRED_MAX_AGE * 1000);
- var expirationMicros = expirationMillis * 1000;
+ let expirationMillis = nowMillis + (MINIMUM_REQUIRED_MAX_AGE * 1000);
+ let expirationMicros = expirationMillis * 1000;
return "const PRTime gPreloadListExpirationTime = INT64_C(" + expirationMicros + ");\n";
}
function errorToString(status) {
return (status.error == ERROR_MAX_AGE_TOO_LOW
? status.error + status.maxAge
: status.error);
}
function output(sortedStatuses, currentList) {
try {
- var file = FileUtils.getFile("CurWorkD", [OUTPUT]);
- var errorFile = FileUtils.getFile("CurWorkD", [ERROR_OUTPUT]);
- var fos = FileUtils.openSafeFileOutputStream(file);
- var eos = FileUtils.openSafeFileOutputStream(errorFile);
+ let file = FileUtils.getFile("CurWorkD", [OUTPUT]);
+ let errorFile = FileUtils.getFile("CurWorkD", [ERROR_OUTPUT]);
+ let fos = FileUtils.openSafeFileOutputStream(file);
+ let eos = FileUtils.openSafeFileOutputStream(errorFile);
writeTo(HEADER, fos);
writeTo(getExpirationTimeString(), fos);
for (let status of sortedStatuses) {
// If we've encountered an error for this entry (other than the site not
// sending an HSTS header), be safe and don't remove it from the list
// (given that it was already on the list).
if (!status.forceInclude &&