Backed out changeset b3d1e9847a7a (bug 725490) for mochitest failures in dom/base/test/test_x-frame-options.html r=backout on a CLOSED TREE

2024-10-09 19:35:51 +00:00 · 2017-11-29 12:01:19 +02:00 · 2017-11-29 12:01:19 +02:00 · 513ba7660d
commit 513ba7660d
parent 0471643394
2 changed files with 14 additions and 16 deletions
--- a/dom/security/FramingChecker.cpp
+++ b/dom/security/FramingChecker.cpp
@ -78,11 +78,6 @@ FramingChecker::CheckOneFrameOptionsPolicy(nsIHttpChannel* aHttpChannel,
    MOZ_CRASH();
  }

-  // If the X-Frame-Options value is SAMEORIGIN, then the top frame in the
-  // parent chain must be from the same origin as this document.
-  bool checkSameOrigin = aPolicy.LowerCaseEqualsLiteral("sameorigin");
-  nsCOMPtr<nsIURI> topUri;
-
  // Traverse up the parent chain and stop when we see a docshell whose
  // parent has a system principal, or a docshell corresponding to
  // <iframe mozbrowser>.
@ -97,17 +92,6 @@ FramingChecker::CheckOneFrameOptionsPolicy(nsIHttpChannel* aHttpChannel,
    bool system = false;
    topDoc = parentDocShellItem->GetDocument();
    if (topDoc) {
-      if (checkSameOrigin) {
-        topDoc->NodePrincipal()->GetURI(getter_AddRefs(topUri));
-        rv = ssm->CheckSameOriginURI(uri, topUri, true);
-
-        // one of the ancestors is not same origin as this document
-        if (NS_FAILED(rv)) {
-          ReportXFOViolation(curDocShellItem, uri, eSAMEORIGIN);
-          return false;
-        }
-      }
-
      if (NS_SUCCEEDED(
            ssm->IsSystemPrincipal(topDoc->NodePrincipal(), &system)) &&
          system) {
@ -135,8 +119,19 @@ FramingChecker::CheckOneFrameOptionsPolicy(nsIHttpChannel* aHttpChannel,
  }

  topDoc = curDocShellItem->GetDocument();
+  nsCOMPtr<nsIURI> topUri;
  topDoc->NodePrincipal()->GetURI(getter_AddRefs(topUri));

+  // If the X-Frame-Options value is SAMEORIGIN, then the top frame in the
+  // parent chain must be from the same origin as this document.
+  if (aPolicy.LowerCaseEqualsLiteral("sameorigin")) {
+    rv = ssm->CheckSameOriginURI(uri, topUri, true);
+    if (NS_FAILED(rv)) {
+      ReportXFOViolation(curDocShellItem, uri, eSAMEORIGIN);
+      return false; /* wasn't same-origin */
+    }
+  }
+
  // If the X-Frame-Options value is "allow-from [uri]", then the top
  // frame in the parent chain must be from that origin
  if (isAllowFrom) {
--- a/testing/web-platform/meta/x-frame-options/sameorigin.sub.html.ini
+++ b/testing/web-platform/meta/x-frame-options/sameorigin.sub.html.ini
@ -3,3 +3,6 @@
  [`XFO: SAMEORIGIN` blocks cross-origin framing.]
    expected: FAIL

+  [`XFO: SAMEORIGIN` blocks same-origin nested in cross-origin framing.]
+    expected: FAIL
+