From:  Mark Hammond <mhammond@skippinet.com.au>
Date:  19 Aug 2013 16:45:05 Hong Kong Time
Newsgroup:  news.mozilla.org/mozilla.dev.tech.network
Subject:  

Re: Forcing every request from a docShell to use LOAD_ANONYMOUS

NNTP-Posting-Host:  120.148.147.96

diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp
index e72cfb3..5308432 100644
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -771,6 +771,7 @@ nsDocShell::nsDocShell():
     mIsAppTab(false),
     mUseGlobalHistory(false),
     mInPrivateBrowsing(false),
+    mIsAnonymous(false),
     mFiredUnloadEvent(false),
     mEODForCurrentDocument(false),
     mURIResultedInDocument(false),
@@ -2873,6 +2874,10 @@ nsDocShell::SetDocLoaderParent(nsDocLoader * aParent)
         {
             SetIsActive(value);
         }
+        if (NS_SUCCEEDED(parentAsDocShell->GetIsAnonymous(&value)))
+        {
+            SetIsAnonymous(value);
+        }
         if (NS_FAILED(parentAsDocShell->GetAllowDNSPrefetch(&value))) {
             value = false;
         }
@@ -5335,6 +5340,21 @@ nsDocShell::GetIsActive(bool *aIsActive)
 }
 
 NS_IMETHODIMP
+nsDocShell::SetIsAnonymous(bool aIsAnonymous)
+{
+    mIsAnonymous = aIsAnonymous;
+    // XXX - should I iterate over children like SetIsActive does?
+    return NS_OK;
+}
+
+NS_IMETHODIMP
+nsDocShell::GetIsAnonymous(bool *aIsAnonymous)
+{
+    *aIsAnonymous = mIsAnonymous;
+    return NS_OK;
+}
+
+NS_IMETHODIMP
 nsDocShell::SetIsAppTab(bool aIsAppTab)
 {
     mIsAppTab = aIsAppTab;
@@ -9422,6 +9442,18 @@ nsDocShell::DoURILoad(nsIURI * aURI,
         // Error pages are LOAD_BACKGROUND
         loadFlags |= nsIChannel::LOAD_BACKGROUND;
     }
+    if (mIsAnonymous) {
+        loadFlags |= nsIChannel::LOAD_ANONYMOUS;
+    } else {
+        // but maybe the parent is
+        nsCOMPtr parentItem;
+        GetSameTypeParent(getter_AddRefs(parentItem));
+        nsCOMPtr parentDocShell = do_GetInterface(parentItem);
+        bool anon;
+        if (parentDocShell && parentDocShell->GetIsAnonymous(&anon)) {
+            loadFlags |= nsIChannel::LOAD_ANONYMOUS;
+        }
+    }
 
     // check for Content Security Policy to pass along with the
     // new channel we are creating
diff --git a/docshell/base/nsDocShell.h b/docshell/base/nsDocShell.h
index 454ec92..5b7d5a2 100644
--- a/docshell/base/nsDocShell.h
+++ b/docshell/base/nsDocShell.h
@@ -824,6 +824,7 @@ protected:
     bool                       mIsAppTab;
     bool                       mUseGlobalHistory;
     bool                       mInPrivateBrowsing;
+    bool                       mIsAnonymous;
 
     // This boolean is set to true right before we fire pagehide and generally
     // unset when we embed a new content viewer.  While it's true no navigation
diff --git a/docshell/base/nsIDocShell.idl b/docshell/base/nsIDocShell.idl
index 3f41109..9664df6 100644
--- a/docshell/base/nsIDocShell.idl
+++ b/docshell/base/nsIDocShell.idl
@@ -42,7 +42,7 @@ interface nsIVariant;
 interface nsIPrivacyTransitionObserver;
 interface nsIReflowObserver;
 
-[scriptable, builtinclass, uuid(b5bd6052-ec8c-45bf-b55c-409ad15cecfb)]
+[scriptable, builtinclass, uuid(9ddad412-664f-4b57-bdcc-ecf9a256df88)]
 interface nsIDocShell : nsIDocShellTreeItem
 {
   /**
@@ -545,6 +545,15 @@ interface nsIDocShell : nsIDocShellTreeItem
   attribute boolean isActive;
 
   /**
+   * Sets whether the docshell should only make requests with
+   * nsIRequest::LOAD_ANONYMOUS set. docShells are not anonymous until this
+   * flag is set.
+   */
+   // XXX MARKH - maybe this should be 'loadAnonymous' to reflect that things
+   // already loaded by the docShell aren't magically going to be anonymized?
+  attribute boolean isAnonymous;
+
+  /**
    * The ID of the docshell in the session history.
    */
   readonly attribute unsigned long long historyID;
diff --git a/netwerk/base/src/nsLoadGroup.cpp b/netwerk/base/src/nsLoadGroup.cpp
index 3220230..7ebfc7a 100644
--- a/netwerk/base/src/nsLoadGroup.cpp
+++ b/netwerk/base/src/nsLoadGroup.cpp
@@ -1033,7 +1033,8 @@ nsresult nsLoadGroup::MergeLoadFlags(nsIRequest *aRequest, nsLoadFlags& outFlags
     oldFlags = flags;
 
     // Inherit the following bits...
-    flags |= (mLoadFlags & (LOAD_BACKGROUND |
+    flags |= (mLoadFlags & (LOAD_ANONYMOUS |
+                            LOAD_BACKGROUND |
                             LOAD_BYPASS_CACHE |
                             LOAD_FROM_CACHE |
                             VALIDATE_ALWAYS |