Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2025-01-27 07:34:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1331838 - Remove support for app URIs in CSP directives; r=ckerschb

Browse Source
This commit is contained in:
Ehsan Akhgari 2017-01-17 22:00:08 -05:00
parent ee5969e9c2
commit 4ef7762311
3 changed files with 0 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
dom/security/nsCSPParser.cpp
View File

@ -42,8 +42,6 @@ static const char16_t UNDERLINE = '_';
static const char16_t TILDE = '~';
static const char16_t WILDCARD = '*';
static const char16_t SINGLEQUOTE = '\'';
static const char16_t OPEN_CURL = '{';
static const char16_t CLOSE_CURL = '}';
static const char16_t NUMBER_SIGN = '#';
static const char16_t QUESTIONMARK = '?';
static const char16_t PERCENT_SIGN = '%';
@ -526,26 +524,6 @@ nsCSPParser::host()
return new nsCSPHostSrc(mCurValue);
}
// apps use special hosts; "app://{app-host-is-uid}""
nsCSPHostSrc*
nsCSPParser::appHost()
{
CSPPARSERLOG(("nsCSPParser::appHost, mCurToken: %s, mCurValue: %s",
NS_ConvertUTF16toUTF8(mCurToken).get(),
NS_ConvertUTF16toUTF8(mCurValue).get()));
while (hostChar()) { /* consume */ }
// appHosts have to end with "}", otherwise we have to report an error
if (!accept(CLOSE_CURL)) {
const char16_t* params[] = { mCurToken.get() };
logWarningErrorToConsole(nsIScriptError::warningFlag, "couldntParseInvalidSource",
params, ArrayLength(params));
return nullptr;
}
return new nsCSPHostSrc(mCurValue);
}
// keyword-source = "'self'" / "'unsafe-inline'" / "'unsafe-eval'"
nsCSPBaseSrc*
nsCSPParser::keywordSource()
@ -615,13 +593,6 @@ nsCSPParser::hostSource()
NS_ConvertUTF16toUTF8(mCurToken).get(),
NS_ConvertUTF16toUTF8(mCurValue).get()));
// Special case handling for app specific hosts
if (accept(OPEN_CURL)) {
// If appHost() returns null, the error was handled in appHost().
// appHosts can not have a port, or path, we can return.
return appHost();
}
nsCSPHostSrc* cspHost = host();
if (!cspHost) {
// Error was reported in host()

1
dom/security/nsCSPParser.h
View File

@ -133,7 +133,6 @@ class nsCSPParser {
nsCSPBaseSrc* keywordSource();
nsCSPNonceSrc* nonceSource();
nsCSPHashSrc* hashSource();
nsCSPHostSrc* appHost(); // helper function to support app specific hosts
nsCSPHostSrc* host();
bool hostChar();
bool schemeChar();

10
dom/security/test/gtest/TestCSPParser.cpp
View File

@ -462,8 +462,6 @@ TEST(CSPParser, SimplePolicies)
"script-src http://www.selfuri.com; default-src http://trustedscripts.example.com" },
{ "default-src 'none'; report-uri http://localhost:49938/test",
"default-src 'none'; report-uri http://localhost:49938/test" },
{ "default-src app://{app-host-is-uid}",
"default-src app://{app-host-is-uid}" },
{ " ; default-src abc",
"default-src http://abc" },
{ " ; ; ; ; default-src abc ; ; ; ;",
@ -633,8 +631,6 @@ TEST(CSPParser, GoodGeneratedPolicies)
"font-src http://com" },
{ "connect-src f00b4r.com",
"connect-src http://f00b4r.com" },
{ "default-src {app-url-is-uid}",
"default-src http://{app-url-is-uid}" },
{ "script-src *.a.b.c",
"script-src http://*.a.b.c" },
{ "object-src *.b.c",
@ -659,10 +655,6 @@ TEST(CSPParser, GoodGeneratedPolicies)
"object-src data:" },
{ "style-src javascript:",
"style-src javascript:" },
{ "img-src {app-host-is-uid}",
"img-src http://{app-host-is-uid}" },
{ "media-src app://{app-host-is-uid}",
"media-src app://{app-host-is-uid}" },
{ "frame-src https://foobar.com:443",
"frame-src https://foobar.com:443" },
{ "font-src https://a.com:443",
@ -673,8 +665,6 @@ TEST(CSPParser, GoodGeneratedPolicies)
"default-src http://foobar.com" },
{ "script-src https://foobar.com",
"script-src https://foobar.com" },
{ "object-src https://{app-host-is-uid}",
"object-src https://{app-host-is-uid}" },
{ "style-src 'none'",
"style-src 'none'" },
{ "img-src foo.bar:21 https://ras.bar",