mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-19 08:15:31 +00:00
Backed out 6 changesets (bug 1638711) for Geckoview failures in NavigationDelegateTest.loadUriReferrerSessionFileUrl.CLOSED TREE
Backed out changeset 22a7b8f16c44 (bug 1638711) Backed out changeset 75d97b8df5ba (bug 1638711) Backed out changeset 254871b49de9 (bug 1638711) Backed out changeset 97d1d2390586 (bug 1638711) Backed out changeset bebe76fca022 (bug 1638711) Backed out changeset 164b842bea99 (bug 1638711)
This commit is contained in:
parent
67d7efa11e
commit
34b793064e
@ -5494,10 +5494,6 @@ void nsGlobalWindowInner::SetCsp(nsIContentSecurityPolicy* aCsp) {
|
||||
mClientSource->SetCsp(aCsp);
|
||||
// Also cache the CSP within the document
|
||||
mDoc->SetCsp(aCsp);
|
||||
|
||||
if (mWindowGlobalChild) {
|
||||
mWindowGlobalChild->SendSetClientInfo(mClientSource->Info().ToIPC());
|
||||
}
|
||||
}
|
||||
|
||||
void nsGlobalWindowInner::SetPreloadCsp(nsIContentSecurityPolicy* aPreloadCsp) {
|
||||
@ -5507,10 +5503,6 @@ void nsGlobalWindowInner::SetPreloadCsp(nsIContentSecurityPolicy* aPreloadCsp) {
|
||||
mClientSource->SetPreloadCsp(aPreloadCsp);
|
||||
// Also cache the preload CSP within the document
|
||||
mDoc->SetPreloadCsp(aPreloadCsp);
|
||||
|
||||
if (mWindowGlobalChild) {
|
||||
mWindowGlobalChild->SendSetClientInfo(mClientSource->Info().ToIPC());
|
||||
}
|
||||
}
|
||||
|
||||
nsIContentSecurityPolicy* nsGlobalWindowInner::GetCsp() {
|
||||
|
@ -357,7 +357,6 @@ support-files = file_bug357450.js
|
||||
[test_bug372964.html]
|
||||
[test_bug373181.xhtml]
|
||||
[test_bug375314.html]
|
||||
[test_bug375314-2.html]
|
||||
[test_bug378969.html]
|
||||
[test_bug380418.html]
|
||||
support-files = test_bug380418.html^headers^
|
||||
|
@ -1,139 +0,0 @@
|
||||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<!--
|
||||
https://bugzilla.mozilla.org/show_bug.cgi?id=375314
|
||||
-->
|
||||
<head>
|
||||
<title>Test for Bug 375314</title>
|
||||
<script src="/tests/SimpleTest/SimpleTest.js"></script>
|
||||
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
|
||||
</head>
|
||||
<body>
|
||||
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=375314">Mozilla Bug 375314</a>
|
||||
<p id="display"></p>
|
||||
<div id="content" style="display: none">
|
||||
|
||||
</div>
|
||||
<pre id="test">
|
||||
<script class="testbody" type="text/javascript">
|
||||
|
||||
/** Test for Bug 375314 **/
|
||||
|
||||
var lastContentType = -1;
|
||||
const testURL = window.location.href + "/this/is/the/test/url";
|
||||
|
||||
function createChromeScript() {
|
||||
var categoryManager = Cc["@mozilla.org/categorymanager;1"].getService(
|
||||
Ci.nsICategoryManager
|
||||
);
|
||||
|
||||
const POLICYNAME = "@mozilla.org/testpolicy;1";
|
||||
const POLICYID = Components.ID("{6cc95ef3-40e1-4d59-87f0-86f100373227}");
|
||||
|
||||
var policy = {
|
||||
// nsISupports implementation
|
||||
QueryInterface: ChromeUtils.generateQI([
|
||||
Ci.nsIFactory,
|
||||
Ci.nsIContentPolicy,
|
||||
]),
|
||||
|
||||
// nsIFactory implementation
|
||||
createInstance(outer, iid) {
|
||||
return this.QueryInterface(iid);
|
||||
},
|
||||
|
||||
// nsIContentPolicy implementation
|
||||
shouldLoad(contentLocation, loadInfo, mimeTypeGuess) {
|
||||
if (contentLocation.asciiSpec === "http://mochi.test:8888/tests/dom/base/test/test_bug375314-2.html/this/is/the/test/url") {
|
||||
sendAsyncMessage("loadBlocked", { policyType: loadInfo.externalContentPolicyType});
|
||||
return Ci.nsIContentPolicy.REJECT_REQUEST;
|
||||
}
|
||||
return Ci.nsIContentPolicy.ACCEPT;
|
||||
},
|
||||
|
||||
shouldProcess(contentLocation, loadInfo, mimeTypeGuess) {
|
||||
return Ci.nsIContentPolicy.ACCEPT;
|
||||
}
|
||||
};
|
||||
|
||||
// Register content policy
|
||||
var componentManager = Components.manager.QueryInterface(
|
||||
Ci.nsIComponentRegistrar
|
||||
);
|
||||
|
||||
componentManager.registerFactory(
|
||||
POLICYID,
|
||||
"Test content policy",
|
||||
POLICYNAME,
|
||||
policy
|
||||
);
|
||||
categoryManager.addCategoryEntry(
|
||||
"content-policy",
|
||||
POLICYNAME,
|
||||
POLICYNAME,
|
||||
false,
|
||||
true
|
||||
);
|
||||
|
||||
addMessageListener("shutdown", _ => {
|
||||
categoryManager.deleteCategoryEntry(
|
||||
"content-policy",
|
||||
POLICYNAME,
|
||||
false
|
||||
);
|
||||
componentManager.unregisterFactory(POLICYID, policy);
|
||||
});
|
||||
|
||||
// Adding a new category dispatches an event to update
|
||||
// caches, so we need to also dispatch an event to make
|
||||
// sure we don't start the load until after that happens.
|
||||
Services.tm.dispatchToMainThread(() => {
|
||||
sendAsyncMessage("setupComplete");
|
||||
});
|
||||
}
|
||||
|
||||
// Request creating functions
|
||||
|
||||
function requestDocument() {
|
||||
// GeckoView shows an error page for CSP errors, which breaks this test, so just skip in that case.
|
||||
try {
|
||||
if (!SpecialPowers.Cc["@mozilla.org/android/bridge;1"].getService(SpecialPowers.Ci.nsIAndroidBridge).isFennec) {
|
||||
lastContentType = SpecialPowers.Ci.nsIContentPolicy.TYPE_DOCUMENT;
|
||||
return;
|
||||
}
|
||||
} catch (e){}
|
||||
|
||||
top.location.href = testURL;
|
||||
}
|
||||
|
||||
function requestSubdocument() {
|
||||
var content = $("content");
|
||||
|
||||
var frame = document.createElement("iframe");
|
||||
frame.setAttribute("src", testURL);
|
||||
content.appendChild(frame);
|
||||
}
|
||||
|
||||
add_task(async function() {
|
||||
let chromeScript = SpecialPowers.loadChromeScript(createChromeScript);
|
||||
await chromeScript.promiseOneMessage("setupComplete");
|
||||
|
||||
requestDocument();
|
||||
let result = await chromeScript.promiseOneMessage("loadBlocked");
|
||||
|
||||
is(result.policyType, SpecialPowers.Ci.nsIContentPolicy.TYPE_DOCUMENT, "Content policies triggered for TYPE_DOCUMENT");
|
||||
|
||||
requestSubdocument();
|
||||
result = await chromeScript.promiseOneMessage("loadBlocked");
|
||||
|
||||
is(result.policyType, SpecialPowers.Ci.nsIContentPolicy.TYPE_SUBDOCUMENT, "Content policies triggered for TYPE_SUBDOCUMENT");
|
||||
|
||||
chromeScript.sendAsyncMessage("shutdown");
|
||||
chromeScript.destroy();
|
||||
});
|
||||
|
||||
</script>
|
||||
</pre>
|
||||
</body>
|
||||
</html>
|
||||
|
@ -75,7 +75,7 @@ var categoryManager = Cc["@mozilla.org/categorymanager;1"].getService(Ci.nsICate
|
||||
categoryManager.addCategoryEntry("content-policy", policyName, policyName, false, true);
|
||||
|
||||
// Try creating different request types
|
||||
var tests = ["SCRIPT", "IMAGE", "STYLESHEET", "OBJECT", "XMLHTTPREQUEST"];
|
||||
var tests = ["SCRIPT", "IMAGE", "STYLESHEET", "OBJECT", "DOCUMENT", "SUBDOCUMENT", "XMLHTTPREQUEST"];
|
||||
var curTest = -1;
|
||||
var div;
|
||||
|
||||
@ -147,6 +147,26 @@ function request_object() {
|
||||
content.appendChild(object);
|
||||
}
|
||||
|
||||
function request_document() {
|
||||
// GeckoView shows an error page for CSP errors, which breaks this test, so just skip in that case.
|
||||
try {
|
||||
if (!SpecialPowers.Cc["@mozilla.org/android/bridge;1"].getService(SpecialPowers.Ci.nsIAndroidBridge).isFennec) {
|
||||
lastContentType = Ci.nsIContentPolicy.TYPE_DOCUMENT;
|
||||
return;
|
||||
}
|
||||
} catch (e){}
|
||||
|
||||
top.location.href = testURL;
|
||||
}
|
||||
|
||||
function request_subdocument() {
|
||||
var content = $("content");
|
||||
|
||||
var frame = document.createElement("iframe");
|
||||
frame.setAttribute("src", testURL);
|
||||
content.appendChild(frame);
|
||||
}
|
||||
|
||||
function request_xmlhttprequest() {
|
||||
var request = new XMLHttpRequest();
|
||||
request.open("GET", testURL, false);
|
||||
|
@ -20,7 +20,6 @@
|
||||
#include "nsContentPolicyUtils.h"
|
||||
#include "nsNetUtil.h"
|
||||
#include "mozilla/net/DocumentLoadListener.h"
|
||||
#include "mozilla/net/DocumentChannel.h"
|
||||
|
||||
using namespace mozilla;
|
||||
|
||||
@ -252,16 +251,6 @@ CSPService::AsyncOnChannelRedirect(nsIChannel* oldChannel,
|
||||
}
|
||||
}
|
||||
|
||||
// Don't do these checks if we're switching from DocumentChannel
|
||||
// to a real channel. In that case, we should already have done
|
||||
// the checks in the parent process. AsyncOnChannelRedirect
|
||||
// isn't called in the content process if we switch process,
|
||||
// so checking here would just hide bugs in the process switch
|
||||
// cases.
|
||||
if (RefPtr<net::DocumentChannel> docChannel = do_QueryObject(oldChannel)) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIURI> newUri;
|
||||
nsresult rv = newChannel->GetURI(getter_AddRefs(newUri));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
@ -46,7 +46,6 @@
|
||||
#include "mozilla/ipc/URIUtils.h"
|
||||
#include "mozilla/net/DNS.h"
|
||||
#include "mozilla/net/DocumentLoadListener.h"
|
||||
#include "mozilla/net/DocumentChannel.h"
|
||||
|
||||
using namespace mozilla;
|
||||
using namespace mozilla::dom;
|
||||
@ -144,16 +143,6 @@ nsMixedContentBlocker::AsyncOnChannelRedirect(
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// Don't do these checks if we're switching from DocumentChannel
|
||||
// to a real channel. In that case, we should already have done
|
||||
// the checks in the parent process. AsyncOnChannelRedirect
|
||||
// isn't called in the content process if we switch process,
|
||||
// so checking here would just hide bugs in the process switch
|
||||
// cases.
|
||||
if (RefPtr<net::DocumentChannel> docChannel = do_QueryObject(aOldChannel)) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsresult rv;
|
||||
nsCOMPtr<nsIURI> oldUri;
|
||||
rv = aOldChannel->GetURI(getter_AddRefs(oldUri));
|
||||
|
@ -37,13 +37,10 @@ window.tests = {
|
||||
object_bad: -1,
|
||||
};
|
||||
|
||||
SpecialPowers.registerObservers("csp-on-violate-policy");
|
||||
|
||||
// This is used to watch the blocked data bounce off CSP and allowed data
|
||||
// get sent out to the wire.
|
||||
function examiner() {
|
||||
SpecialPowers.addObserver(this, "csp-on-violate-policy");
|
||||
SpecialPowers.addObserver(this, "specialpowers-csp-on-violate-policy");
|
||||
SpecialPowers.addObserver(this, "specialpowers-http-notify-request");
|
||||
}
|
||||
examiner.prototype = {
|
||||
@ -66,8 +63,7 @@ examiner.prototype = {
|
||||
uri + " allowed by csp");
|
||||
}
|
||||
|
||||
if (topic === "csp-on-violate-policy" ||
|
||||
topic === "specialpowers-csp-on-violate-policy") {
|
||||
if (topic === "csp-on-violate-policy") {
|
||||
// these were blocked... record that they were blocked
|
||||
var asciiSpec = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIURI"), "asciiSpec");
|
||||
if (!testpat.test(asciiSpec)) return;
|
||||
@ -82,7 +78,6 @@ examiner.prototype = {
|
||||
// or mochitests might get borked.
|
||||
remove() {
|
||||
SpecialPowers.removeObserver(this, "csp-on-violate-policy");
|
||||
SpecialPowers.removeObserver(this, "specialpowers-csp-on-violate-policy");
|
||||
SpecialPowers.removeObserver(this, "specialpowers-http-notify-request");
|
||||
}
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
<!DOCTYPE HTML>
|
||||
<!DOCTYPE HTML>
|
||||
<html>
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
@ -17,90 +17,77 @@
|
||||
* type used for content policy checks is of TYPE_SUBDOCUMENT.
|
||||
*/
|
||||
|
||||
function createChromeScript() {
|
||||
var categoryManager = Cc["@mozilla.org/categorymanager;1"].getService(
|
||||
Ci.nsICategoryManager
|
||||
);
|
||||
const Cc = SpecialPowers.Cc;
|
||||
const Ci = SpecialPowers.Ci;
|
||||
|
||||
const POLICYNAME = "@mozilla.org/testpolicy;1";
|
||||
const POLICYID = Components.ID("{6cc95ef3-40e1-4d59-87f0-86f100373227}");
|
||||
const EXPECTED_URL =
|
||||
"http://mochi.test:8888/tests/dom/security/test/general/file_contentpolicytype_targeted_link_iframe.sjs?innerframe";
|
||||
const EXPECTED_CONTENT_TYPE = Ci.nsIContentPolicy.TYPE_SUBDOCUMENT;
|
||||
const EXPECTED_URL =
|
||||
"http://mochi.test:8888/tests/dom/security/test/general/file_contentpolicytype_targeted_link_iframe.sjs?innerframe";
|
||||
const TEST_FRAME_URL =
|
||||
"file_contentpolicytype_targeted_link_iframe.sjs?testframe";
|
||||
|
||||
var policy = {
|
||||
// nsISupports implementation
|
||||
QueryInterface: ChromeUtils.generateQI([
|
||||
Ci.nsIFactory,
|
||||
Ci.nsIContentPolicy,
|
||||
]),
|
||||
// ----- START Content Policy implementation for the test
|
||||
var categoryManager = Cc["@mozilla.org/categorymanager;1"].getService(Ci.nsICategoryManager);
|
||||
|
||||
// nsIFactory implementation
|
||||
createInstance(outer, iid) {
|
||||
return this.QueryInterface(iid);
|
||||
},
|
||||
const POLICYNAME = "@mozilla.org/iframetestpolicy;1";
|
||||
const POLICYID = SpecialPowers.wrap(SpecialPowers.Components)
|
||||
.ID("{6cc95ef3-40e1-4d59-87f0-86f100373227}");
|
||||
|
||||
// nsIContentPolicy implementation
|
||||
shouldLoad(contentLocation, loadInfo, mimeTypeGuess) {
|
||||
if (contentLocation.asciiSpec === EXPECTED_URL) {
|
||||
sendAsyncMessage("loadBlocked", { policyType: loadInfo.externalContentPolicyType});
|
||||
categoryManager.deleteCategoryEntry(
|
||||
"content-policy",
|
||||
POLICYNAME,
|
||||
false
|
||||
);
|
||||
componentManager.unregisterFactory(POLICYID, policy);
|
||||
return Ci.nsIContentPolicy.REJECT_REQUEST;
|
||||
}
|
||||
return Ci.nsIContentPolicy.ACCEPT;
|
||||
},
|
||||
var policy = {
|
||||
// nsISupports implementation
|
||||
QueryInterface(iid) {
|
||||
iid = SpecialPowers.wrap(iid);
|
||||
if (iid.equals(Ci.nsISupports) ||
|
||||
iid.equals(Ci.nsIFactory) ||
|
||||
iid.equals(Ci.nsIContentPolicy))
|
||||
return this;
|
||||
|
||||
shouldProcess(contentLocation, loadInfo, mimeTypeGuess) {
|
||||
return Ci.nsIContentPolicy.ACCEPT;
|
||||
throw SpecialPowers.Cr.NS_ERROR_NO_INTERFACE;
|
||||
},
|
||||
|
||||
// nsIFactory implementation
|
||||
createInstance(outer, iid) {
|
||||
return this.QueryInterface(iid);
|
||||
},
|
||||
|
||||
// nsIContentPolicy implementation
|
||||
shouldLoad(contentLocation, loadInfo, mimeTypeGuess) {
|
||||
let contentType = loadInfo.externalContentPolicyType;
|
||||
|
||||
// make sure we get the right amount of content policy calls
|
||||
// e.g. about:blank also gets chrcked by content policies
|
||||
if (contentLocation.asciiSpec === EXPECTED_URL) {
|
||||
is(contentType, EXPECTED_CONTENT_TYPE,
|
||||
"content policy type should TYPESUBDOCUMENT");
|
||||
categoryManager.deleteCategoryEntry("content-policy", POLICYNAME, false);
|
||||
componentManager.unregisterFactory(POLICYID, policy);
|
||||
SimpleTest.finish();
|
||||
return Ci.nsIContentPolicy.REJECT_REQUEST;
|
||||
}
|
||||
};
|
||||
return Ci.nsIContentPolicy.ACCEPT;
|
||||
},
|
||||
|
||||
// Register content policy
|
||||
var componentManager = Components.manager.QueryInterface(
|
||||
Ci.nsIComponentRegistrar
|
||||
);
|
||||
|
||||
componentManager.registerFactory(
|
||||
POLICYID,
|
||||
"Test content policy",
|
||||
POLICYNAME,
|
||||
policy
|
||||
);
|
||||
categoryManager.addCategoryEntry(
|
||||
"content-policy",
|
||||
POLICYNAME,
|
||||
POLICYNAME,
|
||||
false,
|
||||
true
|
||||
);
|
||||
|
||||
// Adding a new category dispatches an event to update
|
||||
// caches, so we need to also dispatch an event to make
|
||||
// sure we don't start the load until after that happens.
|
||||
Services.tm.dispatchToMainThread(() => {
|
||||
sendAsyncMessage("setupComplete");
|
||||
});
|
||||
shouldProcess(contentLocation, loadInfo, mimeTypeGuess) {
|
||||
return Ci.nsIContentPolicy.ACCEPT;
|
||||
}
|
||||
}
|
||||
policy = SpecialPowers.wrapCallbackObject(policy);
|
||||
|
||||
add_task(async function() {
|
||||
let chromeScript = SpecialPowers.loadChromeScript(createChromeScript);
|
||||
await chromeScript.promiseOneMessage("setupComplete");
|
||||
// Register content policy
|
||||
var componentManager = SpecialPowers.wrap(SpecialPowers.Components).manager
|
||||
.QueryInterface(Ci.nsIComponentRegistrar);
|
||||
|
||||
var testframe = document.getElementById("testframe");
|
||||
testframe.src =
|
||||
"file_contentpolicytype_targeted_link_iframe.sjs?testframe";
|
||||
componentManager.registerFactory(POLICYID, "Test content policy", POLICYNAME, policy);
|
||||
categoryManager.addCategoryEntry("content-policy", POLICYNAME, POLICYNAME, false, true);
|
||||
|
||||
let result = await chromeScript.promiseOneMessage("loadBlocked");
|
||||
// ----- END Content Policy implementation for the test
|
||||
|
||||
is(result.policyType, SpecialPowers.Ci.nsIContentPolicy.TYPE_SUBDOCUMENT,
|
||||
"content policy type should TYPESUBDOCUMENT");
|
||||
|
||||
chromeScript.destroy();
|
||||
});
|
||||
// start the test
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
var testframe = document.getElementById("testframe");
|
||||
testframe.src = TEST_FRAME_URL;
|
||||
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
|
@ -26,7 +26,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=840388
|
||||
iframe_test1.setAttribute("id", "test1");
|
||||
iframe_test1.src = baseUrl + "?securePage_navigate_child";
|
||||
iframe_test1.onerror = function() {
|
||||
parent.postMessage({"test": "securePage_navigate_child", "msg": "navigating to insecure iframe blocked on secure page"}, "http://mochi.test:8888");
|
||||
parent.postMessage({"test": "securePage_navigate_child", "msg": "got an onerror event when loading or navigating testing iframe"}, "http://mochi.test:8888");
|
||||
};
|
||||
testContent.appendChild(iframe_test1);
|
||||
|
||||
|
@ -570,7 +570,10 @@ LoadInfo::LoadInfo(dom::CanonicalBrowsingContext* aBrowsingContext,
|
||||
mFrameOuterWindowID(aFrameOuterWindowID),
|
||||
mBrowsingContextID(0),
|
||||
mFrameBrowsingContextID(0),
|
||||
mInitialSecurityCheckDone(false),
|
||||
// annyG: we are mimicking the old LoadInfo since it has gone through
|
||||
// security checks in the content and we wouldn't reach this point
|
||||
// if the load got blocked earlier.
|
||||
mInitialSecurityCheckDone(true),
|
||||
mIsThirdPartyContext(false),
|
||||
mIsThirdPartyContextToTopWindow(true),
|
||||
mIsFormSubmission(false),
|
||||
|
@ -46,6 +46,8 @@ DocumentChannelChild::AsyncOpen(nsIStreamListener* aListener) {
|
||||
nsresult rv = NS_OK;
|
||||
|
||||
nsCOMPtr<nsIStreamListener> listener = aListener;
|
||||
rv = nsContentSecurityManager::doContentSecurityCheck(this, listener);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
NS_ENSURE_TRUE(gNeckoChild, NS_ERROR_FAILURE);
|
||||
NS_ENSURE_ARG_POINTER(listener);
|
||||
|
@ -0,0 +1,5 @@
|
||||
[policy-inherited-correctly-by-plznavigate.html]
|
||||
expected: TIMEOUT
|
||||
[iframe still inherits correct CSP]
|
||||
expected: NOTRUN
|
||||
|
Loading…
Reference in New Issue
Block a user