Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-05 16:46:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
d7757bf8dd
gecko-dev/dom/base/nsDataDocumentContentPolicy.cpp

157 lines
6.2 KiB
C++
Raw Normal View History

Bug 1152551, part 2 - Fix mode lines in dom/. r=jst
2015-05-03 19:32:37 +00:00
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
Bug 716478 - update licence to MPL 2.
2012-05-21 11:12:37 +00:00
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
Disable loading of images in data documents on the document level, not on the node level. Bug 251354, r=sicking, sr=peterv, a=asa
2005-04-11 00:29:36 +00:00
Add some comments explaining what these files do. rs=jst
2006-03-30 08:03:04 +00:00
/*
* Content policy implementation that prevents all loads of images,
* subframes, etc from documents loaded as data (eg documents loaded
* via XMLHttpRequest).
*/
Bug 1175344 - Include nsContentUtils.h explicitly to avoid compile error on unified building. r=ehsan --HG-- extra : rebase_source : 35f0ae9195fd6486f6a7c723ea62bf4f29dcca04
2015-06-16 14:39:00 +00:00
#include "nsContentUtils.h"
Disable loading of images in data documents on the document level, not on the node level. Bug 251354, r=sicking, sr=peterv, a=asa
2005-04-11 00:29:36 +00:00
#include "nsDataDocumentContentPolicy.h"
Bug 628747: (patch v2) Disallow SVG-as-an-image from loading external resources, unless we're sure they won't hit the network. r=bz r=roc a=roc
2011-01-28 15:59:15 +00:00
#include "nsNetUtil.h"
Bug 905127 - Part 1 - Make some functions from nsNetUtil not inline. r=jduell
2015-07-07 02:17:00 +00:00
#include "nsIProtocolHandler.h"
Bug 628747: (patch v2) Disallow SVG-as-an-image from loading external resources, unless we're sure they won't hit the network. r=bz r=roc a=roc
2011-01-28 15:59:15 +00:00
#include "nsScriptSecurityManager.h"
Disable loading of images in data documents on the document level, not on the node level. Bug 251354, r=sicking, sr=peterv, a=asa
2005-04-11 00:29:36 +00:00
#include "nsIDocument.h"
More use of nsINode. Bug 325006, r=sicking, sr=peterv
2006-01-31 04:25:22 +00:00
#include "nsINode.h"
Disable loading of images in data documents on the document level, not on the node level. Bug 251354, r=sicking, sr=peterv, a=asa
2005-04-11 00:29:36 +00:00
#include "nsIDOMWindow.h"
Bug 1185381 - Make FileList clonable - patch 1 - move code into FileList.h/.cpp, r=smaug
2015-07-22 16:03:07 +00:00
#include "nsIURI.h"
Disable loading of images in data documents on the document level, not on the node level. Bug 251354, r=sicking, sr=peterv, a=asa
2005-04-11 00:29:36 +00:00
Bug 900908 - Part 3: Change uses of numbered macros in nsIClassInfoImpl.h/nsISupportsImpl.h to the variadic variants. r=froydnj
2014-04-27 07:06:00 +00:00
NS_IMPL_ISUPPORTS(nsDataDocumentContentPolicy, nsIContentPolicy)
Disable loading of images in data documents on the document level, not on the node level. Bug 251354, r=sicking, sr=peterv, a=asa
2005-04-11 00:29:36 +00:00
Bug 693940: Restrict SVG-as-an-image to being able to load (local) URIs that have either the URI_INHERITS_SECURITY_CONTEXT or URI_LOADABLE_BY_SUBSUMERS flags. r=bz
2011-11-07 21:45:42 +00:00
// Helper method for ShouldLoad()
// Checks a URI for the given flags. Returns true if the URI has the flags,
// and false if not (or if we weren't able to tell).
static bool
Bug 579517 - Part 1: Automated conversion of NSPR numeric types to stdint types in Gecko; r=bsmedberg This patch was generated by a script. Here's the source of the script for future reference: function convert() { echo "Converting $1 to $2..." find . ! -wholename "*nsprpub*" \ ! -wholename "*security/nss*" \ ! -wholename "*/.hg*" \ ! -wholename "obj-ff-dbg*" \ ! -name nsXPCOMCID.h \ ! -name prtypes.h \ -type f \ \( -iname "*.cpp" \ -o -iname "*.h" \ -o -iname "*.c" \ -o -iname "*.cc" \ -o -iname "*.idl" \ -o -iname "*.ipdl" \ -o -iname "*.ipdlh" \ -o -iname "*.mm" \) | \ xargs -n 1 sed -i -e "s/\b$1\b/$2/g" } convert PRInt8 int8_t convert PRUint8 uint8_t convert PRInt16 int16_t convert PRUint16 uint16_t convert PRInt32 int32_t convert PRUint32 uint32_t convert PRInt64 int64_t convert PRUint64 uint64_t convert PRIntn int convert PRUintn unsigned convert PRSize size_t convert PROffset32 int32_t convert PROffset64 int64_t convert PRPtrdiff ptrdiff_t convert PRFloat64 double
2012-08-22 15:56:38 +00:00
HasFlags(nsIURI* aURI, uint32_t aURIFlags)
Bug 693940: Restrict SVG-as-an-image to being able to load (local) URIs that have either the URI_INHERITS_SECURITY_CONTEXT or URI_LOADABLE_BY_SUBSUMERS flags. r=bz
2011-11-07 21:45:42 +00:00
{
bool hasFlags;
nsresult rv = NS_URIChainHasFlags(aURI, aURIFlags, &hasFlags);
return NS_SUCCEEDED(rv) && hasFlags;
}
Bug 771942, normal content policy checks for chrome data documents, r=bz, a=akeybl
2013-01-08 17:16:28 +00:00
// If you change DataDocumentContentPolicy, make sure to check that
// CHECK_PRINCIPAL_AND_DATA in nsContentPolicyUtils is still valid.
// nsContentPolicyUtils may not pass all the parameters to ShouldLoad.
Disable loading of images in data documents on the document level, not on the node level. Bug 251354, r=sicking, sr=peterv, a=asa
2005-04-11 00:29:36 +00:00
NS_IMETHODIMP
Bug 579517 - Part 1: Automated conversion of NSPR numeric types to stdint types in Gecko; r=bsmedberg This patch was generated by a script. Here's the source of the script for future reference: function convert() { echo "Converting $1 to $2..." find . ! -wholename "*nsprpub*" \ ! -wholename "*security/nss*" \ ! -wholename "*/.hg*" \ ! -wholename "obj-ff-dbg*" \ ! -name nsXPCOMCID.h \ ! -name prtypes.h \ -type f \ \( -iname "*.cpp" \ -o -iname "*.h" \ -o -iname "*.c" \ -o -iname "*.cc" \ -o -iname "*.idl" \ -o -iname "*.ipdl" \ -o -iname "*.ipdlh" \ -o -iname "*.mm" \) | \ xargs -n 1 sed -i -e "s/\b$1\b/$2/g" } convert PRInt8 int8_t convert PRUint8 uint8_t convert PRInt16 int16_t convert PRUint16 uint16_t convert PRInt32 int32_t convert PRUint32 uint32_t convert PRInt64 int64_t convert PRUint64 uint64_t convert PRIntn int convert PRUintn unsigned convert PRSize size_t convert PROffset32 int32_t convert PROffset64 int64_t convert PRPtrdiff ptrdiff_t convert PRFloat64 double
2012-08-22 15:56:38 +00:00
nsDataDocumentContentPolicy::ShouldLoad(uint32_t aContentType,
Disable loading of images in data documents on the document level, not on the node level. Bug 251354, r=sicking, sr=peterv, a=asa
2005-04-11 00:29:36 +00:00
nsIURI *aContentLocation,
nsIURI *aRequestingLocation,
nsISupports *aRequestingContext,
const nsACString &aMimeGuess,
nsISupports *aExtra,
Bug 767134 - Stuff the source principal into nsIContentPolicy (r=bz, sr=jst)
2012-07-02 23:16:11 +00:00
nsIPrincipal *aRequestPrincipal,
Bug 579517 - Part 1: Automated conversion of NSPR numeric types to stdint types in Gecko; r=bsmedberg This patch was generated by a script. Here's the source of the script for future reference: function convert() { echo "Converting $1 to $2..." find . ! -wholename "*nsprpub*" \ ! -wholename "*security/nss*" \ ! -wholename "*/.hg*" \ ! -wholename "obj-ff-dbg*" \ ! -name nsXPCOMCID.h \ ! -name prtypes.h \ -type f \ \( -iname "*.cpp" \ -o -iname "*.h" \ -o -iname "*.c" \ -o -iname "*.cc" \ -o -iname "*.idl" \ -o -iname "*.ipdl" \ -o -iname "*.ipdlh" \ -o -iname "*.mm" \) | \ xargs -n 1 sed -i -e "s/\b$1\b/$2/g" } convert PRInt8 int8_t convert PRUint8 uint8_t convert PRInt16 int16_t convert PRUint16 uint16_t convert PRInt32 int32_t convert PRUint32 uint32_t convert PRInt64 int64_t convert PRUint64 uint64_t convert PRIntn int convert PRUintn unsigned convert PRSize size_t convert PROffset32 int32_t convert PROffset64 int64_t convert PRPtrdiff ptrdiff_t convert PRFloat64 double
2012-08-22 15:56:38 +00:00
int16_t *aDecision)
Disable loading of images in data documents on the document level, not on the node level. Bug 251354, r=sicking, sr=peterv, a=asa
2005-04-11 00:29:36 +00:00
{
Bug 1174307 - Add some internal content policy types for the purpose of reflecting them on RequestContext; r=sicking These new content policy types will be internal ones that we will map to external nsContentPolicyTypes before passing them to content policy implementations.
2015-06-12 20:52:07 +00:00
MOZ_ASSERT(aContentType == nsContentUtils::InternalContentPolicyTypeToExternal(aContentType),
"We should only see external content policy types here.");
Disable loading of images in data documents on the document level, not on the node level. Bug 251354, r=sicking, sr=peterv, a=asa
2005-04-11 00:29:36 +00:00
*aDecision = nsIContentPolicy::ACCEPT;
More use of nsINode. Bug 325006, r=sicking, sr=peterv
2006-01-31 04:25:22 +00:00
// Look for the document. In most cases, aRequestingContext is a node.
Fix bug 325005. r=sicking, sr=jst
2006-01-31 01:47:30 +00:00
nsCOMPtr<nsIDocument> doc;
More use of nsINode. Bug 325006, r=sicking, sr=peterv
2006-01-31 04:25:22 +00:00
nsCOMPtr<nsINode> node = do_QueryInterface(aRequestingContext);
if (node) {
Bug 682420 - Rename nsINode::GetOwnerDoc to nsINode::OwnerDoc, part 1, r=jst --HG-- extra : rebase_source : baf1a25cdea68d499a7673fdf96e27b5a12dc83c
2011-10-18 10:53:36 +00:00
doc = node->OwnerDoc();
Fix bug 325005. r=sicking, sr=jst
2006-01-31 01:47:30 +00:00
} else {
Bug 1241764: Replace nsPIDOMWindow with nsPIDOMWindowInner/Outer. r=mrbkap,smaug
2016-01-30 17:05:36 +00:00
if (nsCOMPtr<nsPIDOMWindowOuter> window = do_QueryInterface(aRequestingContext)) {
Bug 952973: Perform some content/base decom r=bz
2014-01-15 14:26:51 +00:00
doc = window->GetDoc();
Disable loading of images in data documents on the document level, not on the node level. Bug 251354, r=sicking, sr=peterv, a=asa
2005-04-11 00:29:36 +00:00
}
}
Backed out changeset 4e7a2d27d636: relanding Bug 433616 part 2. Implement loading of external resource documents. r=jst, sr=roc
2008-10-04 20:00:09 +00:00
// DTDs are always OK to load
if (!doc || aContentType == nsIContentPolicy::TYPE_DTD) {
return NS_OK;
}
Bug 628747: Back out 0435ed183c2d (first version of this bug's patch). a=backout
2011-01-28 15:52:16 +00:00
// Nothing else is OK to load for data documents
if (doc->IsLoadedAsData()) {
Bug 468568. Main patch: support downloading fonts in printing and print preview. r=smaug --HG-- extra : rebase_source : 2fbaef2896d218e6900449c9510fc867419eac30
2012-09-04 13:29:27 +00:00
// ...but let static (print/print preview) documents to load fonts.
if (!doc->IsStaticDocument() || aContentType != nsIContentPolicy::TYPE_FONT) {
*aDecision = nsIContentPolicy::REJECT_TYPE;
return NS_OK;
}
Backed out changeset 4e7a2d27d636: relanding Bug 433616 part 2. Implement loading of external resource documents. r=jst, sr=roc
2008-10-04 20:00:09 +00:00
}
Bug 628747: (patch v2) Disallow SVG-as-an-image from loading external resources, unless we're sure they won't hit the network. r=bz r=roc a=roc
2011-01-28 15:59:15 +00:00
if (doc->IsBeingUsedAsImage()) {
Bug 693940: Restrict SVG-as-an-image to being able to load (local) URIs that have either the URI_INHERITS_SECURITY_CONTEXT or URI_LOADABLE_BY_SUBSUMERS flags. r=bz
2011-11-07 21:45:42 +00:00
// We only allow SVG images to load content from URIs that are local and
// also satisfy one of the following conditions:
// - URI inherits security context, e.g. data URIs
// OR
Bug 716570 - Rename blob URI scheme from "moz-filedata" to "blob" per spec. r=sicking --HG-- rename : content/base/src/nsFileDataProtocolHandler.cpp => content/base/src/nsBlobProtocolHandler.cpp rename : content/base/src/nsFileDataProtocolHandler.h => content/base/src/nsBlobProtocolHandler.h
2012-01-12 10:36:03 +00:00
// - URI loadable by subsumers, e.g. blob URIs
Bug 693940: Restrict SVG-as-an-image to being able to load (local) URIs that have either the URI_INHERITS_SECURITY_CONTEXT or URI_LOADABLE_BY_SUBSUMERS flags. r=bz
2011-11-07 21:45:42 +00:00
// Any URI that doesn't meet these requirements will be rejected below.
Bug 1195123: Restructure logic (pulling out "!") for SVG image rejection, to make it clearer that it matches the comment. r=longsonr
2015-08-16 20:37:56 +00:00
if (!(HasFlags(aContentLocation,
nsIProtocolHandler::URI_IS_LOCAL_RESOURCE) &&
(HasFlags(aContentLocation,
nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT) ||
HasFlags(aContentLocation,
nsIProtocolHandler::URI_LOADABLE_BY_SUBSUMERS)))) {
Bug 628747: (patch v2) Disallow SVG-as-an-image from loading external resources, unless we're sure they won't hit the network. r=bz r=roc a=roc
2011-01-28 15:59:15 +00:00
*aDecision = nsIContentPolicy::REJECT_TYPE;
Bug 693940: Restrict SVG-as-an-image to being able to load (local) URIs that have either the URI_INHERITS_SECURITY_CONTEXT or URI_LOADABLE_BY_SUBSUMERS flags. r=bz
2011-11-07 21:45:42 +00:00
// Report error, if we can.
Bug 628747: (patch v2) Disallow SVG-as-an-image from loading external resources, unless we're sure they won't hit the network. r=bz r=roc a=roc
2011-01-28 15:59:15 +00:00
if (node) {
nsIPrincipal* requestingPrincipal = node->NodePrincipal();
Bug 1207245 - part 6 - rename nsRefPtr<T> to RefPtr<T>; r=ehsan; a=Tomcat The bulk of this commit was generated with a script, executed at the top level of a typical source code checkout. The only non-machine-generated part was modifying MFBT's moz.build to reflect the new naming. CLOSED TREE makes big refactorings like this a piece of cake. # The main substitution. find . -name '*.cpp' -o -name '*.cc' -o -name '*.h' -o -name '*.mm' -o -name '*.idl'| \ xargs perl -p -i -e ' s/nsRefPtr\.h/RefPtr\.h/g; # handle includes s/nsRefPtr ?</RefPtr</g; # handle declarations and variables ' # Handle a special friend declaration in gfx/layers/AtomicRefCountedWithFinalize.h. perl -p -i -e 's/::nsRefPtr;/::RefPtr;/' gfx/layers/AtomicRefCountedWithFinalize.h # Handle nsRefPtr.h itself, a couple places that define constructors # from nsRefPtr, and code generators specially. We do this here, rather # than indiscriminantly s/nsRefPtr/RefPtr/, because that would rename # things like nsRefPtrHashtable. perl -p -i -e 's/nsRefPtr/RefPtr/g' \ mfbt/nsRefPtr.h \ xpcom/glue/nsCOMPtr.h \ xpcom/base/OwningNonNull.h \ ipc/ipdl/ipdl/lower.py \ ipc/ipdl/ipdl/builtin.py \ dom/bindings/Codegen.py \ python/lldbutils/lldbutils/utils.py # In our indiscriminate substitution above, we renamed # nsRefPtrGetterAddRefs, the class behind getter_AddRefs. Fix that up. find . -name '*.cpp' -o -name '*.h' -o -name '*.idl' | \ xargs perl -p -i -e 's/nsRefPtrGetterAddRefs/RefPtrGetterAddRefs/g' if [ -d .git ]; then git mv mfbt/nsRefPtr.h mfbt/RefPtr.h else hg mv mfbt/nsRefPtr.h mfbt/RefPtr.h fi --HG-- rename : mfbt/nsRefPtr.h => mfbt/RefPtr.h
2015-10-18 05:24:48 +00:00
RefPtr<nsIURI> principalURI;
Bug 693940: Restrict SVG-as-an-image to being able to load (local) URIs that have either the URI_INHERITS_SECURITY_CONTEXT or URI_LOADABLE_BY_SUBSUMERS flags. r=bz
2011-11-07 21:45:42 +00:00
nsresult rv =
requestingPrincipal->GetURI(getter_AddRefs(principalURI));
Bug 628747: (patch v2) Disallow SVG-as-an-image from loading external resources, unless we're sure they won't hit the network. r=bz r=roc a=roc
2011-01-28 15:59:15 +00:00
if (NS_SUCCEEDED(rv) && principalURI) {
nsScriptSecurityManager::ReportError(
Bug 629682 - Add a better warning message for SVG-as-an-image external resources being blocked. r=dholbert
2015-03-07 09:15:23 +00:00
nullptr, NS_LITERAL_STRING("ExternalDataError"), principalURI,
Bug 628747: (patch v2) Disallow SVG-as-an-image from loading external resources, unless we're sure they won't hit the network. r=bz r=roc a=roc
2011-01-28 15:59:15 +00:00
aContentLocation);
}
}
Bug 1055750 - Part 1 - Add content policy TYPE_IMAGESET. r=tanvi
2014-08-19 21:12:34 +00:00
} else if ((aContentType == nsIContentPolicy::TYPE_IMAGE ||
aContentType == nsIContentPolicy::TYPE_IMAGESET) &&
Bug 665209: Disable recursive image loads in content(). r=bz
2011-06-23 05:21:47 +00:00
doc->GetDocumentURI()) {
// Check for (& disallow) recursive image-loads
Bug 675553 - Switch from PRBool to bool on a CLOSED TREE , r=bsmedberg,khuey,bz,cjones --HG-- rename : tools/trace-malloc/bloatblame.c => tools/trace-malloc/bloatblame.cpp
2011-09-29 06:19:26 +00:00
bool isRecursiveLoad;
Bug 693940: Restrict SVG-as-an-image to being able to load (local) URIs that have either the URI_INHERITS_SECURITY_CONTEXT or URI_LOADABLE_BY_SUBSUMERS flags. r=bz
2011-11-07 21:45:42 +00:00
nsresult rv = aContentLocation->EqualsExceptRef(doc->GetDocumentURI(),
&isRecursiveLoad);
Bug 665209: Disable recursive image loads in content(). r=bz
2011-06-23 05:21:47 +00:00
if (NS_FAILED(rv) || isRecursiveLoad) {
NS_WARNING("Refusing to recursively load image");
*aDecision = nsIContentPolicy::REJECT_TYPE;
}
Bug 628747: (patch v2) Disallow SVG-as-an-image from loading external resources, unless we're sure they won't hit the network. r=bz r=roc a=roc
2011-01-28 15:59:15 +00:00
}
return NS_OK;
}
Bug 700895 patch 3: Apply nsDataDocumentContentPolicy::ShouldLoad()'s external-resource-doc restrictions to image documents, too. r=roc
2011-11-13 22:21:41 +00:00
// Allow all loads for non-resource documents
if (!doc->IsResourceDoc()) {
Backed out changeset 4e7a2d27d636: relanding Bug 433616 part 2. Implement loading of external resource documents. r=jst, sr=roc
2008-10-04 20:00:09 +00:00
return NS_OK;
}
Bug 700895 patch 3: Apply nsDataDocumentContentPolicy::ShouldLoad()'s external-resource-doc restrictions to image documents, too. r=roc
2011-11-13 22:21:41 +00:00
// For resource documents, blacklist some load types
Backed out changeset 4e7a2d27d636: relanding Bug 433616 part 2. Implement loading of external resource documents. r=jst, sr=roc
2008-10-04 20:00:09 +00:00
if (aContentType == nsIContentPolicy::TYPE_OBJECT ||
aContentType == nsIContentPolicy::TYPE_DOCUMENT ||
aContentType == nsIContentPolicy::TYPE_SUBDOCUMENT ||
Bug 910139 - Add TYPE_XSLT to nsIContentPolicy for XSLT loads and update CSP to treat XSLT as script. r=grobinson, r=jst
2013-09-11 21:11:49 +00:00
aContentType == nsIContentPolicy::TYPE_SCRIPT ||
Bug 1082924 - Add CSP type for fetch API. r=tvyas,baku --HG-- extra : transplant_source : i%D8%5C%7C%9D%FEQL%C1G%B8%3B2%06%AA%AE%3A%09%29%7E
2014-10-13 22:09:58 +00:00
aContentType == nsIContentPolicy::TYPE_XSLT ||
Bug 1089255 - Implement and test manifest-src CSP directive. r=bholley, r=dveditz, r=ckerschb --- dom/base/nsContentPolicyUtils.h | 1 + dom/base/nsDataDocumentContentPolicy.cpp | 3 +- dom/base/nsIContentPolicy.idl | 2 +- dom/base/nsIContentPolicyBase.idl | 7 +- dom/base/nsISimpleContentPolicy.idl | 2 +- dom/base/test/csp/browser.ini | 4 + dom/base/test/csp/browser_test_web_manifest.js | 265 +++++++++++++++++++++ .../csp/browser_test_web_manifest_mixed_content.js | 55 +++++ dom/base/test/csp/file_CSP_web_manifest.html | 6 + dom/base/test/csp/file_CSP_web_manifest.json | 1 + .../test/csp/file_CSP_web_manifest.json^headers^ | 1 + dom/base/test/csp/file_CSP_web_manifest_https.html | 4 + dom/base/test/csp/file_CSP_web_manifest_https.json | 1 + .../csp/file_CSP_web_manifest_mixed_content.html | 9 + .../test/csp/file_CSP_web_manifest_remote.html | 8 + dom/base/test/csp/file_csp_testserver.sjs | 14 +- dom/base/test/csp/mochitest.ini | 7 + dom/base/test/moz.build | 5 +- dom/fetch/InternalRequest.cpp | 3 + dom/fetch/InternalRequest.h | 2 +- .../security/nsIContentSecurityPolicy.idl | 3 +- dom/ipc/manifestMessages.js | 25 +- dom/security/nsCSPUtils.cpp | 7 + dom/security/nsCSPUtils.h | 10 +- dom/security/nsMixedContentBlocker.cpp | 1 + dom/webidl/CSPDictionaries.webidl | 1 + extensions/permissions/nsContentBlocker.cpp | 6 +- netwerk/mime/nsMimeTypes.h | 1 + 28 files changed, 439 insertions(+), 15 deletions(-) create mode 100644 dom/base/test/csp/browser.ini create mode 100644 dom/base/test/csp/browser_test_web_manifest.js create mode 100644 dom/base/test/csp/browser_test_web_manifest_mixed_content.js create mode 100644 dom/base/test/csp/file_CSP_web_manifest.html create mode 100644 dom/base/test/csp/file_CSP_web_manifest.json create mode 100644 dom/base/test/csp/file_CSP_web_manifest.json^headers^ create mode 100644 dom/base/test/csp/file_CSP_web_manifest_https.html create mode 100644 dom/base/test/csp/file_CSP_web_manifest_https.json create mode 100644 dom/base/test/csp/file_CSP_web_manifest_mixed_content.html create mode 100644 dom/base/test/csp/file_CSP_web_manifest_remote.html
2015-06-02 19:42:19 +00:00
aContentType == nsIContentPolicy::TYPE_FETCH ||
aContentType == nsIContentPolicy::TYPE_WEB_MANIFEST) {
Fix bug 325005. r=sicking, sr=jst
2006-01-31 01:47:30 +00:00
*aDecision = nsIContentPolicy::REJECT_TYPE;
}
Bug 771942, normal content policy checks for chrome data documents, r=bz, a=akeybl
2013-01-08 17:16:28 +00:00
// If you add more restrictions here, make sure to check that
// CHECK_PRINCIPAL_AND_DATA in nsContentPolicyUtils is still valid.
// nsContentPolicyUtils may not pass all the parameters to ShouldLoad
Disable loading of images in data documents on the document level, not on the node level. Bug 251354, r=sicking, sr=peterv, a=asa
2005-04-11 00:29:36 +00:00
return NS_OK;
}
NS_IMETHODIMP
Bug 579517 - Part 1: Automated conversion of NSPR numeric types to stdint types in Gecko; r=bsmedberg This patch was generated by a script. Here's the source of the script for future reference: function convert() { echo "Converting $1 to $2..." find . ! -wholename "*nsprpub*" \ ! -wholename "*security/nss*" \ ! -wholename "*/.hg*" \ ! -wholename "obj-ff-dbg*" \ ! -name nsXPCOMCID.h \ ! -name prtypes.h \ -type f \ \( -iname "*.cpp" \ -o -iname "*.h" \ -o -iname "*.c" \ -o -iname "*.cc" \ -o -iname "*.idl" \ -o -iname "*.ipdl" \ -o -iname "*.ipdlh" \ -o -iname "*.mm" \) | \ xargs -n 1 sed -i -e "s/\b$1\b/$2/g" } convert PRInt8 int8_t convert PRUint8 uint8_t convert PRInt16 int16_t convert PRUint16 uint16_t convert PRInt32 int32_t convert PRUint32 uint32_t convert PRInt64 int64_t convert PRUint64 uint64_t convert PRIntn int convert PRUintn unsigned convert PRSize size_t convert PROffset32 int32_t convert PROffset64 int64_t convert PRPtrdiff ptrdiff_t convert PRFloat64 double
2012-08-22 15:56:38 +00:00
nsDataDocumentContentPolicy::ShouldProcess(uint32_t aContentType,
Disable loading of images in data documents on the document level, not on the node level. Bug 251354, r=sicking, sr=peterv, a=asa
2005-04-11 00:29:36 +00:00
nsIURI *aContentLocation,
nsIURI *aRequestingLocation,
nsISupports *aRequestingContext,
const nsACString &aMimeGuess,
nsISupports *aExtra,
Bug 767134 - Stuff the source principal into nsIContentPolicy (r=bz, sr=jst)
2012-07-02 23:16:11 +00:00
nsIPrincipal *aRequestPrincipal,
Bug 579517 - Part 1: Automated conversion of NSPR numeric types to stdint types in Gecko; r=bsmedberg This patch was generated by a script. Here's the source of the script for future reference: function convert() { echo "Converting $1 to $2..." find . ! -wholename "*nsprpub*" \ ! -wholename "*security/nss*" \ ! -wholename "*/.hg*" \ ! -wholename "obj-ff-dbg*" \ ! -name nsXPCOMCID.h \ ! -name prtypes.h \ -type f \ \( -iname "*.cpp" \ -o -iname "*.h" \ -o -iname "*.c" \ -o -iname "*.cc" \ -o -iname "*.idl" \ -o -iname "*.ipdl" \ -o -iname "*.ipdlh" \ -o -iname "*.mm" \) | \ xargs -n 1 sed -i -e "s/\b$1\b/$2/g" } convert PRInt8 int8_t convert PRUint8 uint8_t convert PRInt16 int16_t convert PRUint16 uint16_t convert PRInt32 int32_t convert PRUint32 uint32_t convert PRInt64 int64_t convert PRUint64 uint64_t convert PRIntn int convert PRUintn unsigned convert PRSize size_t convert PROffset32 int32_t convert PROffset64 int64_t convert PRPtrdiff ptrdiff_t convert PRFloat64 double
2012-08-22 15:56:38 +00:00
int16_t *aDecision)
Disable loading of images in data documents on the document level, not on the node level. Bug 251354, r=sicking, sr=peterv, a=asa
2005-04-11 00:29:36 +00:00
{
return ShouldLoad(aContentType, aContentLocation, aRequestingLocation,
Bug 767134 - Stuff the source principal into nsIContentPolicy (r=bz, sr=jst)
2012-07-02 23:16:11 +00:00
aRequestingContext, aMimeGuess, aExtra, aRequestPrincipal,
aDecision);
Disable loading of images in data documents on the document level, not on the node level. Bug 251354, r=sicking, sr=peterv, a=asa
2005-04-11 00:29:36 +00:00
}
Reference in New Issue Copy Permalink