Bug 1244116 - Telemetry for mixed content requests by plugins, r=smaug, p=ally
MozReview-Commit-ID: F9rOb1SdPnL
--- a/dom/base/nsDocument.cpp
+++ b/dom/base/nsDocument.cpp
@@ -1569,16 +1569,25 @@ nsDocument::~nsDocument()
} else if (hasMixedActive){
mixedContentLevel = MIXED_ACTIVE_CONTENT;
} else if (hasMixedDisplay) {
mixedContentLevel = MIXED_DISPLAY_CONTENT;
}
Accumulate(Telemetry::MIXED_CONTENT_PAGE_LOAD, mixedContentLevel);
Accumulate(Telemetry::SCROLL_LINKED_EFFECT_FOUND, mHasScrollLinkedEffect);
+
+ // record mixed object subrequest telemetry
+ if (mHasMixedContentObjectSubrequest) {
+ /* mixed object subrequest loaded on page*/
+ Accumulate(Telemetry::MIXED_CONTENT_OBJECT_SUBREQUEST, 1);
+ } else {
+ /* no mixed object subrequests loaded on page*/
+ Accumulate(Telemetry::MIXED_CONTENT_OBJECT_SUBREQUEST, 0);
+ }
}
}
ReportUseCounters();
mInDestructor = true;
mInUnlinkOrDeletion = true;
--- a/dom/base/nsIDocument.h
+++ b/dom/base/nsIDocument.h
@@ -606,16 +606,24 @@ public:
* Set the mixed display content blocked flag for this document.
*/
void SetHasMixedDisplayContentBlocked(bool aHasMixedDisplayContentBlocked)
{
mHasMixedDisplayContentBlocked = aHasMixedDisplayContentBlocked;
}
/**
+ * Set the mixed content object subrequest flag for this document.
+ */
+ void SetHasMixedContentObjectSubrequest(bool aHasMixedContentObjectSubrequest)
+ {
+ mHasMixedContentObjectSubrequest = aHasMixedContentObjectSubrequest;
+ }
+
+ /**
* Get tracking content blocked flag for this document.
*/
bool GetHasTrackingContentBlocked()
{
return mHasTrackingContentBlocked;
}
/**
@@ -2902,16 +2910,19 @@ protected:
bool mHasMixedActiveContentBlocked : 1;
// True if a document has loaded Mixed Display/Passive Content (see nsMixedContentBlocker.cpp)
bool mHasMixedDisplayContentLoaded : 1;
// True if a document has blocked Mixed Display/Passive Content (see nsMixedContentBlocker.cpp)
bool mHasMixedDisplayContentBlocked : 1;
+ // True if a document loads a plugin object that attempts to load mixed content subresources through necko(see nsMixedContentBlocker.cpp)
+ bool mHasMixedContentObjectSubrequest : 1;
+
// True if a document has blocked Tracking Content
bool mHasTrackingContentBlocked : 1;
// True if a document has loaded Tracking Content
bool mHasTrackingContentLoaded : 1;
// True if DisallowBFCaching has been called on this document.
bool mBFCacheDisallowed : 1;
--- a/dom/security/nsMixedContentBlocker.cpp
+++ b/dom/security/nsMixedContentBlocker.cpp
@@ -768,16 +768,21 @@ nsMixedContentBlocker::ShouldLoad(bool a
if (cc) {
mozilla::ipc::URIParams uri;
SerializeURI(aContentLocation, uri);
cc->SendAccumulateMixedContentHSTS(uri, active);
}
}
}
+ // set hasMixedContentObjectSubrequest on this object if necessary
+ if (aContentType == TYPE_OBJECT_SUBREQUEST) {
+ rootDoc->SetHasMixedContentObjectSubrequest(true);
+ }
+
// If the content is display content, and the pref says display content should be blocked, block it.
if (sBlockMixedDisplay && classification == eMixedDisplay) {
if (allowMixedContent) {
LogMixedContentMessage(classification, aContentLocation, rootDoc, eUserOverride);
*aDecision = nsIContentPolicy::ACCEPT;
// See if mixed display content has already loaded on the page or if the state needs to be updated here.
// If mixed display hasn't loaded previously, then we need to call OnSecurityChange() to update the UI.
if (rootDoc->GetHasMixedDisplayContentLoaded()) {
--- a/toolkit/components/telemetry/Histograms.json
+++ b/toolkit/components/telemetry/Histograms.json
@@ -7785,16 +7785,24 @@
},
"MIXED_CONTENT_HSTS": {
"alert_emails": ["seceng@mozilla.org"],
"expires_in_version": "never",
"kind": "enumerated",
"n_values": 10,
"description": "How often would blocked mixed content be allowed if HSTS upgrades were allowed? 0=display/no-HSTS, 1=display/HSTS, 2=active/no-HSTS, 3=active/HSTS"
},
+ "MIXED_CONTENT_OBJECT_SUBREQUEST": {
+ "alert_emails": ["seceng@mozilla.org"],
+ "bug_numbers": [1244116],
+ "expires_in_version": "55",
+ "kind": "enumerated",
+ "n_values": 10,
+ "description": "How often objects load insecure content on secure pages (counting pages, not objects). 0=pages with no mixed object subrequests, 1=pages with mixed object subrequests"
+ },
"COOKIE_SCHEME_SECURITY": {
"alert_emails": ["seceng@mozilla.org"],
"expires_in_version": "50",
"kind": "enumerated",
"n_values": 10,
"releaseChannelCollection": "opt-out",
"description": "How often are secure cookies set from non-secure origins, and vice-versa? 0=nonsecure/http, 1=nonsecure/https, 2=secure/http, 3=secure/https"
},