mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-09 19:35:51 +00:00
Backed out 2 changesets (bug 1509738) for failures in propagate-nonce-external-classic.html
Backed out changeset fbf4b73c8786 (bug 1509738) Backed out changeset 53f624bc7c22 (bug 1509738)
This commit is contained in:
Noemi Erli
parent
3c72e5c582
commit
0a63dd9be6
@ -302,8 +302,7 @@ interface nsIContentSecurityPolicy : nsISerializable
|
||||
in nsISupports aContext,
|
||||
in ACString aMimeTypeGuess,
|
||||
in nsIURI aOriginalURIIfRedirect,
|
||||
in bool aSendViolationReports,
|
||||
in AString aNonce);
|
||||
in bool aSendViolationReports);
|
||||
|
||||
%{ C++
|
||||
// nsIObserver topic to fire when the policy encounters a violation.
|
||||
|
||||
@ -311,16 +311,6 @@ nsresult ScriptLoader::CheckContentPolicy(Document* aDocument,
|
||||
requestingNode, nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK,
|
||||
contentPolicyType);
|
||||
|
||||
// snapshot the nonce at load start time for performing CSP checks
|
||||
if (contentPolicyType == nsIContentPolicy::TYPE_INTERNAL_SCRIPT) {
|
||||
nsCOMPtr<Element> element = do_QueryInterface(aContext);
|
||||
if (element && element->IsHTMLElement()) {
|
||||
nsAutoString cspNonce;
|
||||
element->GetAttribute(NS_LITERAL_STRING("nonce"), cspNonce);
|
||||
secCheckLoadInfo->SetCspNonce(cspNonce);
|
||||
}
|
||||
}
|
||||
|
||||
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
|
||||
nsresult rv = NS_CheckContentLoadPolicy(
|
||||
aRequest->mURI, secCheckLoadInfo, NS_LossyConvertUTF16toASCII(aType),
|
||||
@ -1262,17 +1252,6 @@ nsresult ScriptLoader::StartLoad(ScriptLoadRequest* aRequest) {
|
||||
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// snapshot the nonce at load start time for performing CSP checks
|
||||
if (contentPolicyType == nsIContentPolicy::TYPE_INTERNAL_SCRIPT) {
|
||||
nsCOMPtr<Element> element = do_QueryInterface(context);
|
||||
if (element && element->IsHTMLElement()) {
|
||||
nsAutoString cspNonce;
|
||||
element->GetAttribute(NS_LITERAL_STRING("nonce"), cspNonce);
|
||||
nsCOMPtr<nsILoadInfo> loadInfo = channel->GetLoadInfo();
|
||||
loadInfo->SetCspNonce(cspNonce);
|
||||
}
|
||||
}
|
||||
|
||||
// To avoid decoding issues, the build-id is part of the JSBytecodeMimeType
|
||||
// constant.
|
||||
aRequest->mCacheInfo = nullptr;
|
||||
|
||||
@ -121,8 +121,7 @@ nsCSPContext::ShouldLoad(nsContentPolicyType aContentType,
|
||||
nsISupports* aRequestContext,
|
||||
const nsACString& aMimeTypeGuess,
|
||||
nsIURI* aOriginalURIIfRedirect,
|
||||
bool aSendViolationReports, const nsAString& aNonce,
|
||||
int16_t* outDecision) {
|
||||
bool aSendViolationReports, int16_t* outDecision) {
|
||||
if (CSPCONTEXTLOGENABLED()) {
|
||||
CSPCONTEXTLOG(("nsCSPContext::ShouldLoad, aContentLocation: %s",
|
||||
aContentLocation->GetSpecOrDefault().get()));
|
||||
@ -156,8 +155,18 @@ nsCSPContext::ShouldLoad(nsContentPolicyType aContentType,
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsAutoString nonce;
|
||||
bool parserCreated = false;
|
||||
if (!isPreload) {
|
||||
if (aContentType == nsIContentPolicy::TYPE_SCRIPT ||
|
||||
aContentType == nsIContentPolicy::TYPE_STYLESHEET) {
|
||||
nsCOMPtr<Element> element = do_QueryInterface(aRequestContext);
|
||||
if (element && element->IsHTMLElement()) {
|
||||
// XXXbz What about SVG elements that can have nonce?
|
||||
element->GetAttribute(NS_LITERAL_STRING("nonce"), nonce);
|
||||
}
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIScriptElement> script = do_QueryInterface(aRequestContext);
|
||||
if (script && script->GetParserCreated() != mozilla::dom::NOT_FROM_PARSER) {
|
||||
parserCreated = true;
|
||||
@ -168,7 +177,7 @@ nsCSPContext::ShouldLoad(nsContentPolicyType aContentType,
|
||||
permitsInternal(dir,
|
||||
nullptr, // aTriggeringElement
|
||||
aCSPEventListener, aContentLocation,
|
||||
aOriginalURIIfRedirect, aNonce, isPreload,
|
||||
aOriginalURIIfRedirect, nonce, isPreload,
|
||||
false, // allow fallback to default-src
|
||||
aSendViolationReports,
|
||||
true, // send blocked URI in violation reports
|
||||
|
||||
@ -172,10 +172,6 @@ CSPService::ShouldLoad(nsIURI *aContentLocation, nsILoadInfo *aLoadInfo,
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsAutoString cspNonce;
|
||||
rv = aLoadInfo->GetCspNonce(cspNonce);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// 1) Apply speculate CSP for preloads
|
||||
bool isPreload = nsContentUtils::IsPreloadType(contentType);
|
||||
|
||||
@ -190,7 +186,7 @@ CSPService::ShouldLoad(nsIURI *aContentLocation, nsILoadInfo *aLoadInfo,
|
||||
contentType, cspEventListener, aContentLocation, requestOrigin,
|
||||
requestContext, aMimeTypeGuess,
|
||||
nullptr, // no redirect, aOriginal URL is null.
|
||||
aLoadInfo->GetSendCSPViolationEvents(), cspNonce, aDecision);
|
||||
aLoadInfo->GetSendCSPViolationEvents(), aDecision);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// if the preload policy already denied the load, then there
|
||||
@ -211,8 +207,7 @@ CSPService::ShouldLoad(nsIURI *aContentLocation, nsILoadInfo *aLoadInfo,
|
||||
rv = csp->ShouldLoad(contentType, cspEventListener, aContentLocation,
|
||||
requestOrigin, requestContext, aMimeTypeGuess,
|
||||
nullptr, // no redirect, aOriginal URL is null.
|
||||
aLoadInfo->GetSendCSPViolationEvents(), cspNonce,
|
||||
aDecision);
|
||||
aLoadInfo->GetSendCSPViolationEvents(), aDecision);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
}
|
||||
return NS_OK;
|
||||
@ -256,6 +251,17 @@ CSPService::AsyncOnChannelRedirect(nsIChannel *oldChannel,
|
||||
nsIAsyncVerifyRedirectCallback *callback) {
|
||||
net::nsAsyncRedirectAutoCallback autoCallback(callback);
|
||||
|
||||
if (XRE_IsE10sParentProcess()) {
|
||||
nsCOMPtr<nsIParentChannel> parentChannel;
|
||||
NS_QueryNotificationCallbacks(oldChannel, parentChannel);
|
||||
if (parentChannel) {
|
||||
// This is an IPC'd channel. Don't check it here, because we won't have
|
||||
// access to the request context; we'll check them in the content
|
||||
// process instead. Bug 1509738 covers fixing this.
|
||||
return NS_OK;
|
||||
}
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIURI> newUri;
|
||||
nsresult rv = newChannel->GetURI(getter_AddRefs(newUri));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
@ -297,10 +303,6 @@ CSPService::AsyncOnChannelRedirect(nsIChannel *oldChannel,
|
||||
return rv;
|
||||
}
|
||||
|
||||
nsAutoString cspNonce;
|
||||
rv = loadInfo->GetCspNonce(cspNonce);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
bool isPreload = nsContentUtils::IsPreloadType(policyType);
|
||||
|
||||
/* On redirect, if the content policy is a preload type, rejecting the preload
|
||||
@ -328,7 +330,6 @@ CSPService::AsyncOnChannelRedirect(nsIChannel *oldChannel,
|
||||
EmptyCString(), // ACString - MIME guess
|
||||
originalUri, // Original nsIURI
|
||||
true, // aSendViolationReports
|
||||
cspNonce, // nonce
|
||||
&aDecision);
|
||||
|
||||
// if the preload policy already denied the load, then there
|
||||
@ -355,7 +356,6 @@ CSPService::AsyncOnChannelRedirect(nsIChannel *oldChannel,
|
||||
EmptyCString(), // ACString - MIME guess
|
||||
originalUri, // Original nsIURI
|
||||
true, // aSendViolationReports
|
||||
cspNonce, // nonce
|
||||
&aDecision);
|
||||
}
|
||||
|
||||
|
||||
@ -1,48 +0,0 @@
|
||||
"use strict";
|
||||
|
||||
const TEST_FRAME =
|
||||
`<!DOCTYPE HTML>
|
||||
<html>
|
||||
<body>
|
||||
<script id='myScript' nonce='123456789' type='application/javascript'></script>
|
||||
<script nonce='123456789'>
|
||||
let myScript = document.getElementById('myScript');
|
||||
// 1) start loading the script using the nonce 123456789
|
||||
myScript.src='file_nonce_snapshot.sjs?redir-script';
|
||||
// 2) dynamically change the nonce, load should use initial nonce
|
||||
myScript.setAttribute('nonce','987654321');
|
||||
</script>
|
||||
</body>
|
||||
</html>`;
|
||||
|
||||
const SCRIPT = "window.parent.postMessage('script-loaded', '*');";
|
||||
|
||||
function handleRequest(request, response)
|
||||
{
|
||||
// avoid confusing cache behaviors
|
||||
response.setHeader("Cache-Control", "no-cache", false);
|
||||
|
||||
let queryString = request.queryString;
|
||||
|
||||
if (queryString === "load-frame") {
|
||||
response.setHeader("Content-Security-Policy", "script-src 'nonce-123456789'", false);
|
||||
response.setHeader("Content-Type", "text/html", false);
|
||||
response.write(TEST_FRAME);
|
||||
return;
|
||||
}
|
||||
|
||||
if (queryString === "redir-script") {
|
||||
response.setStatusLine("1.1", 302, "Found");
|
||||
response.setHeader("Location", "file_nonce_snapshot.sjs?load-script", false);
|
||||
return;
|
||||
}
|
||||
|
||||
if (queryString === "load-script") {
|
||||
response.setHeader("Content-Type", "application/javascript", false);
|
||||
response.write(SCRIPT);
|
||||
return;
|
||||
}
|
||||
|
||||
// we should never get here but just in case return something unexpected
|
||||
response.write("do'h");
|
||||
}
|
||||
@ -368,6 +368,3 @@ support-files =
|
||||
worker_helper.js
|
||||
main_csp_worker.html
|
||||
main_csp_worker.html^headers^
|
||||
[test_nonce_snapshot.html]
|
||||
support-files =
|
||||
file_nonce_snapshot.sjs
|
||||
|
||||
@ -1,35 +0,0 @@
|
||||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<title>Bug 1509738 - Snapshot nonce at load start time</title>
|
||||
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
||||
</head>
|
||||
<body>
|
||||
<iframe style="width:100%;" id="testframe"></iframe>
|
||||
|
||||
<script class="testbody" type="text/javascript">
|
||||
|
||||
/* Description of the test:
|
||||
* a) the test starts loading a script using whitelisted nonce
|
||||
* b) the nonce of the script gets modified
|
||||
* c) the script hits a 302 server side redirect
|
||||
* d) we ensure the script still loads and does not use the modified nonce
|
||||
*/
|
||||
|
||||
window.addEventListener("message", receiveMessage);
|
||||
function receiveMessage(event) {
|
||||
is(event.data, "script-loaded", "script loaded even though nonce was dynamically modified");
|
||||
window.removeEventListener("message", receiveMessage);
|
||||
SimpleTest.finish();
|
||||
}
|
||||
|
||||
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
let src = "file_nonce_snapshot.sjs?load-frame";
|
||||
document.getElementById("testframe").src = src;
|
||||
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
@ -153,7 +153,7 @@ function run_test() {
|
||||
csp.shouldLoad(Ci.nsIContentPolicy.TYPE_SCRIPT,
|
||||
null, // nsICSPEventListener
|
||||
NetUtil.newURI("http://blocked.test/foo.js"),
|
||||
null, null, null, null, true, null);
|
||||
null, null, null, null, true);
|
||||
});
|
||||
|
||||
// test that inline script violations cause a report in report-only policy
|
||||
@ -206,7 +206,7 @@ function run_test() {
|
||||
csp.shouldLoad(Ci.nsIContentPolicy.TYPE_IMAGE,
|
||||
null, // nsICSPEventListener
|
||||
NetUtil.newURI("data:image/png;base64," + base64data),
|
||||
null, null, null, null, true, null);
|
||||
null, null, null, null, true);
|
||||
});
|
||||
|
||||
// test that only the uri's scheme is reported for globally unique identifiers
|
||||
@ -216,7 +216,7 @@ function run_test() {
|
||||
csp.shouldLoad(Ci.nsIContentPolicy.TYPE_SUBDOCUMENT,
|
||||
null, // nsICSPEventListener
|
||||
NetUtil.newURI("intent://mymaps.com/maps?um=1&ie=UTF-8&fb=1&sll"),
|
||||
null, null, null, null, true, null);
|
||||
null, null, null, null, true);
|
||||
});
|
||||
|
||||
// test fragment removal
|
||||
@ -227,7 +227,7 @@ function run_test() {
|
||||
csp.shouldLoad(Ci.nsIContentPolicy.TYPE_SCRIPT,
|
||||
null, // nsICSPEventListener
|
||||
NetUtil.newURI(selfSpec + "#bar"),
|
||||
null, null, null, null, true, null);
|
||||
null, null, null, null, true);
|
||||
});
|
||||
|
||||
// test scheme of ftp:
|
||||
@ -237,6 +237,6 @@ function run_test() {
|
||||
csp.shouldLoad(Ci.nsIContentPolicy.TYPE_SCRIPT,
|
||||
null, // nsICSPEventListener
|
||||
NetUtil.newURI("ftp://blocked.test/profile.png"),
|
||||
null, null, null, null, true, null);
|
||||
null, null, null, null, true);
|
||||
});
|
||||
}
|
||||
|
||||
@ -457,9 +457,6 @@ nsresult LoadInfoToLoadInfoArgs(nsILoadInfo* aLoadInfo,
|
||||
ipcController = controller.ref().ToIPC();
|
||||
}
|
||||
|
||||
nsAutoString cspNonce;
|
||||
Unused << NS_WARN_IF(NS_FAILED(aLoadInfo->GetCspNonce(cspNonce)));
|
||||
|
||||
*aOptionalLoadInfoArgs = LoadInfoArgs(
|
||||
loadingPrincipalInfo, triggeringPrincipalInfo, principalToInheritInfo,
|
||||
sandboxedLoadingPrincipalInfo, topLevelPrincipalInfo,
|
||||
@ -487,7 +484,7 @@ nsresult LoadInfoToLoadInfoArgs(nsILoadInfo* aLoadInfo,
|
||||
aLoadInfo->GetIsPreflight(), aLoadInfo->GetLoadTriggeredFromExternal(),
|
||||
aLoadInfo->GetServiceWorkerTaintingSynthesized(),
|
||||
aLoadInfo->GetDocumentHasUserInteracted(),
|
||||
aLoadInfo->GetDocumentHasLoaded(), cspNonce,
|
||||
aLoadInfo->GetDocumentHasLoaded(),
|
||||
aLoadInfo->GetIsFromProcessingFrameAttributes());
|
||||
|
||||
return NS_OK;
|
||||
@ -643,7 +640,7 @@ nsresult LoadInfoArgsToLoadInfo(
|
||||
loadInfoArgs.isPreflight(), loadInfoArgs.loadTriggeredFromExternal(),
|
||||
loadInfoArgs.serviceWorkerTaintingSynthesized(),
|
||||
loadInfoArgs.documentHasUserInteracted(),
|
||||
loadInfoArgs.documentHasLoaded(), loadInfoArgs.cspNonce());
|
||||
loadInfoArgs.documentHasLoaded());
|
||||
|
||||
if (loadInfoArgs.isFromProcessingFrameAttributes()) {
|
||||
loadInfo->SetIsFromProcessingFrameAttributes();
|
||||
|
||||
@ -858,16 +858,6 @@ nsresult Loader::CheckContentPolicy(nsIPrincipal* aLoadingPrincipal,
|
||||
aLoadingPrincipal, aTriggeringPrincipal, aRequestingNode,
|
||||
nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK, contentPolicyType);
|
||||
|
||||
// snapshot the nonce at load start time for performing CSP checks
|
||||
if (contentPolicyType == nsIContentPolicy::TYPE_INTERNAL_STYLESHEET) {
|
||||
nsCOMPtr<Element> element = do_QueryInterface(aRequestingNode);
|
||||
if (element && element->IsHTMLElement()) {
|
||||
nsAutoString cspNonce;
|
||||
element->GetAttribute(NS_LITERAL_STRING("nonce"), cspNonce);
|
||||
secCheckLoadInfo->SetCspNonce(cspNonce);
|
||||
}
|
||||
}
|
||||
|
||||
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
|
||||
nsresult rv = NS_CheckContentLoadPolicy(
|
||||
aTargetURI, secCheckLoadInfo, NS_LITERAL_CSTRING("text/css"), &shouldLoad,
|
||||
@ -1320,18 +1310,6 @@ nsresult Loader::LoadSheet(SheetLoadData* aLoadData,
|
||||
return rv;
|
||||
}
|
||||
|
||||
// snapshot the nonce at load start time for performing CSP checks
|
||||
if (contentPolicyType == nsIContentPolicy::TYPE_INTERNAL_STYLESHEET) {
|
||||
nsCOMPtr<Element> element =
|
||||
do_QueryInterface(aLoadData->mRequestingNode);
|
||||
if (element && element->IsHTMLElement()) {
|
||||
nsAutoString cspNonce;
|
||||
element->GetAttribute(NS_LITERAL_STRING("nonce"), cspNonce);
|
||||
nsCOMPtr<nsILoadInfo> loadInfo = channel->GetLoadInfo();
|
||||
loadInfo->SetCspNonce(cspNonce);
|
||||
}
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIInputStream> stream;
|
||||
rv = channel->Open(getter_AddRefs(stream));
|
||||
|
||||
@ -1460,17 +1438,6 @@ nsresult Loader::LoadSheet(SheetLoadData* aLoadData,
|
||||
return rv;
|
||||
}
|
||||
|
||||
// snapshot the nonce at load start time for performing CSP checks
|
||||
if (contentPolicyType == nsIContentPolicy::TYPE_INTERNAL_STYLESHEET) {
|
||||
nsCOMPtr<Element> element = do_QueryInterface(aLoadData->mRequestingNode);
|
||||
if (element && element->IsHTMLElement()) {
|
||||
nsAutoString cspNonce;
|
||||
element->GetAttribute(NS_LITERAL_STRING("nonce"), cspNonce);
|
||||
nsCOMPtr<nsILoadInfo> loadInfo = channel->GetLoadInfo();
|
||||
loadInfo->SetCspNonce(cspNonce);
|
||||
}
|
||||
}
|
||||
|
||||
if (!aLoadData->ShouldDefer()) {
|
||||
nsCOMPtr<nsIClassOfService> cos(do_QueryInterface(channel));
|
||||
if (cos) {
|
||||
|
||||
@ -478,7 +478,6 @@ LoadInfo::LoadInfo(const LoadInfo& rhs)
|
||||
mServiceWorkerTaintingSynthesized(false),
|
||||
mDocumentHasUserInteracted(rhs.mDocumentHasUserInteracted),
|
||||
mDocumentHasLoaded(rhs.mDocumentHasLoaded),
|
||||
mCspNonce(rhs.mCspNonce),
|
||||
mIsFromProcessingFrameAttributes(rhs.mIsFromProcessingFrameAttributes) {}
|
||||
|
||||
LoadInfo::LoadInfo(
|
||||
@ -511,7 +510,7 @@ LoadInfo::LoadInfo(
|
||||
const nsTArray<nsCString>& aCorsUnsafeHeaders, bool aForcePreflight,
|
||||
bool aIsPreflight, bool aLoadTriggeredFromExternal,
|
||||
bool aServiceWorkerTaintingSynthesized, bool aDocumentHasUserInteracted,
|
||||
bool aDocumentHasLoaded, const nsAString& aCspNonce)
|
||||
bool aDocumentHasLoaded)
|
||||
: mLoadingPrincipal(aLoadingPrincipal),
|
||||
mTriggeringPrincipal(aTriggeringPrincipal),
|
||||
mPrincipalToInherit(aPrincipalToInherit),
|
||||
@ -557,7 +556,6 @@ LoadInfo::LoadInfo(
|
||||
mServiceWorkerTaintingSynthesized(aServiceWorkerTaintingSynthesized),
|
||||
mDocumentHasUserInteracted(aDocumentHasUserInteracted),
|
||||
mDocumentHasLoaded(aDocumentHasLoaded),
|
||||
mCspNonce(aCspNonce),
|
||||
mIsFromProcessingFrameAttributes(false) {
|
||||
// Only top level TYPE_DOCUMENT loads can have a null loadingPrincipal
|
||||
MOZ_ASSERT(mLoadingPrincipal ||
|
||||
@ -1256,20 +1254,6 @@ LoadInfo::SetDocumentHasLoaded(bool aDocumentHasLoaded) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
LoadInfo::GetCspNonce(nsAString& aCspNonce) {
|
||||
aCspNonce = mCspNonce;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
LoadInfo::SetCspNonce(const nsAString& aCspNonce) {
|
||||
MOZ_ASSERT(!mInitialSecurityCheckDone,
|
||||
"setting the nonce is only allowed before any sec checks");
|
||||
mCspNonce = aCspNonce;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
LoadInfo::GetIsTopLevelLoad(bool* aResult) {
|
||||
*aResult = mFrameOuterWindowID ? mFrameOuterWindowID == mOuterWindowID
|
||||
|
||||
@ -12,7 +12,6 @@
|
||||
#include "nsIPrincipal.h"
|
||||
#include "nsIWeakReferenceUtils.h" // for nsWeakPtr
|
||||
#include "nsIURI.h"
|
||||
#include "nsString.h"
|
||||
#include "nsTArray.h"
|
||||
|
||||
#include "mozilla/BasePrincipal.h"
|
||||
@ -122,8 +121,7 @@ class LoadInfo final : public nsILoadInfo {
|
||||
const nsTArray<nsCString>& aUnsafeHeaders, bool aForcePreflight,
|
||||
bool aIsPreflight, bool aLoadTriggeredFromExternal,
|
||||
bool aServiceWorkerTaintingSynthesized,
|
||||
bool aDocumentHasUserInteracted, bool aDocumentHasLoaded,
|
||||
const nsAString& aCspNonce);
|
||||
bool aDocumentHasUserInteracted, bool aDocumentHasLoaded);
|
||||
LoadInfo(const LoadInfo& rhs);
|
||||
|
||||
NS_IMETHOD GetRedirects(JSContext* aCx,
|
||||
@ -200,7 +198,6 @@ class LoadInfo final : public nsILoadInfo {
|
||||
bool mServiceWorkerTaintingSynthesized;
|
||||
bool mDocumentHasUserInteracted;
|
||||
bool mDocumentHasLoaded;
|
||||
nsString mCspNonce;
|
||||
|
||||
// Is true if this load was triggered by processing the attributes of the
|
||||
// browsing context container.
|
||||
|
||||
@ -1047,14 +1047,6 @@ interface nsILoadInfo : nsISupports
|
||||
*/
|
||||
[infallible] attribute boolean documentHasLoaded;
|
||||
|
||||
/**
|
||||
* A snapshot of the nonce at load start time which is used for CSP
|
||||
* checks and only set for:
|
||||
* * TYPE_SCRIPT and
|
||||
* * TYPE_STYLESHEET
|
||||
*/
|
||||
attribute AString cspNonce;
|
||||
|
||||
/**
|
||||
* The object in charged to receive CSP violation events. It can be null.
|
||||
* This attribute will be merged into the CSP object eventually.
|
||||
|
||||
@ -109,7 +109,6 @@ struct LoadInfoArgs
|
||||
bool serviceWorkerTaintingSynthesized;
|
||||
bool documentHasUserInteracted;
|
||||
bool documentHasLoaded;
|
||||
nsString cspNonce;
|
||||
bool isFromProcessingFrameAttributes;
|
||||
};
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user