Bug 1873474 - Use ImageBlocker directly instead of nsIContentPolicy::ShouldProcess in ImageDocument. r=smaug

Differential Revision: https://phabricator.services.mozilla.com/D198142
This commit is contained in:
Tom Schuster 2024-01-17 09:49:32 +00:00
parent 7c11f39184
commit 58300c5e90
5 changed files with 35 additions and 38 deletions

View File

@ -23,6 +23,7 @@
#include "nsGenericHTMLElement.h" #include "nsGenericHTMLElement.h"
#include "nsDocShell.h" #include "nsDocShell.h"
#include "DocumentInlines.h" #include "DocumentInlines.h"
#include "ImageBlocker.h"
#include "nsDOMTokenList.h" #include "nsDOMTokenList.h"
#include "nsIDOMEventListener.h" #include "nsIDOMEventListener.h"
#include "nsIFrame.h" #include "nsIFrame.h"
@ -76,33 +77,13 @@ ImageListener::OnStartRequest(nsIRequest* request) {
nsCOMPtr<nsPIDOMWindowOuter> domWindow = imgDoc->GetWindow(); nsCOMPtr<nsPIDOMWindowOuter> domWindow = imgDoc->GetWindow();
NS_ENSURE_TRUE(domWindow, NS_ERROR_UNEXPECTED); NS_ENSURE_TRUE(domWindow, NS_ERROR_UNEXPECTED);
// Do a ShouldProcess check to see whether to keep loading the image. // This is an image being loaded as a document, so it's not going to be
// detected by the ImageBlocker. However we don't want to call
// NS_CheckContentLoadPolicy (with an TYPE_INTERNAL_IMAGE) here, as it would
// e.g. make this image load be detectable by CSP.
nsCOMPtr<nsIURI> channelURI; nsCOMPtr<nsIURI> channelURI;
channel->GetURI(getter_AddRefs(channelURI)); channel->GetURI(getter_AddRefs(channelURI));
if (image::ImageBlocker::ShouldBlock(channelURI)) {
nsCOMPtr<nsILoadInfo> loadInfo = channel->LoadInfo();
// query the corresponding arguments for the channel loadinfo and pass
// it on to the temporary loadinfo used for content policy checks.
nsCOMPtr<nsINode> requestingNode = domWindow->GetFrameElementInternal();
nsCOMPtr<nsIPrincipal> loadingPrincipal;
if (requestingNode) {
loadingPrincipal = requestingNode->NodePrincipal();
} else {
nsContentUtils::GetSecurityManager()->GetChannelResultPrincipal(
channel, getter_AddRefs(loadingPrincipal));
}
nsCOMPtr<nsILoadInfo> secCheckLoadInfo = new net::LoadInfo(
loadingPrincipal, loadInfo->TriggeringPrincipal(), requestingNode,
nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK,
nsIContentPolicy::TYPE_INTERNAL_IMAGE);
int16_t decision = nsIContentPolicy::ACCEPT;
nsresult rv =
NS_CheckContentProcessPolicy(channelURI, secCheckLoadInfo, &decision,
nsContentUtils::GetContentPolicy());
if (NS_FAILED(rv) || NS_CP_REJECTED(decision)) {
request->Cancel(NS_ERROR_CONTENT_BLOCKED); request->Cancel(NS_ERROR_CONTENT_BLOCKED);
return NS_OK; return NS_OK;
} }

View File

@ -0,0 +1,6 @@
<!DOCTYPE html>
<html>
<body>
<iframe height="100" width="100" style="border: none;" src="bug1196784.png"></iframe>
</body>
</html>

View File

@ -60,6 +60,9 @@ fuzzy(0-3,0-7544) fuzzy-if(!geckoview,2-3,50-7544) == bug917595-exif-rotated.jpg
# Test imageset is using permissions.default.image # Test imageset is using permissions.default.image
pref(permissions.default.image,1) HTTP == bug1196784-with-srcset.html bug1196784-no-srcset.html pref(permissions.default.image,1) HTTP == bug1196784-with-srcset.html bug1196784-no-srcset.html
pref(permissions.default.image,2) HTTP == bug1196784-with-srcset.html bug1196784-no-srcset.html pref(permissions.default.image,2) HTTP == bug1196784-with-srcset.html bug1196784-no-srcset.html
# Test <iframe src=image>
pref(permissions.default.image,1) HTTP == iframe-with-image-src.html bug1196784-no-srcset.html
pref(permissions.default.image,2) HTTP == iframe-with-image-src.html about:blank
# Test video with rotation information can be rotated. # Test video with rotation information can be rotated.
fails-if(geckoview&&!swgl) == bug1228601-video-rotation-90.html bug1228601-video-rotated-ref.html # bug 1558285 for geckoview fails-if(geckoview&&!swgl) == bug1228601-video-rotation-90.html bug1228601-video-rotated-ref.html # bug 1558285 for geckoview

View File

@ -16,8 +16,6 @@ NS_IMPL_ISUPPORTS(ImageBlocker, nsIContentPolicy)
NS_IMETHODIMP NS_IMETHODIMP
ImageBlocker::ShouldLoad(nsIURI* aContentLocation, nsILoadInfo* aLoadInfo, ImageBlocker::ShouldLoad(nsIURI* aContentLocation, nsILoadInfo* aLoadInfo,
int16_t* aShouldLoad) { int16_t* aShouldLoad) {
ExtContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
*aShouldLoad = nsIContentPolicy::ACCEPT; *aShouldLoad = nsIContentPolicy::ACCEPT;
if (!aContentLocation) { if (!aContentLocation) {
@ -27,20 +25,13 @@ ImageBlocker::ShouldLoad(nsIURI* aContentLocation, nsILoadInfo* aLoadInfo,
return NS_OK; return NS_OK;
} }
// we only want to check http, https ExtContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
// for chrome:// and resources and others, no need to check. if (contentType != ExtContentPolicy::TYPE_IMAGE &&
nsAutoCString scheme; contentType != ExtContentPolicy::TYPE_IMAGESET) {
aContentLocation->GetScheme(scheme);
if (!scheme.LowerCaseEqualsLiteral("http") &&
!scheme.LowerCaseEqualsLiteral("https")) {
return NS_OK; return NS_OK;
} }
// Block loading images depending on the permissions.default.image pref. if (ImageBlocker::ShouldBlock(aContentLocation)) {
if ((contentType == ExtContentPolicy::TYPE_IMAGE ||
contentType == ExtContentPolicy::TYPE_IMAGESET) &&
StaticPrefs::permissions_default_image() ==
nsIPermissionManager::DENY_ACTION) {
NS_SetRequestBlockingReason( NS_SetRequestBlockingReason(
aLoadInfo, nsILoadInfo::BLOCKING_REASON_CONTENT_POLICY_CONTENT_BLOCKED); aLoadInfo, nsILoadInfo::BLOCKING_REASON_CONTENT_POLICY_CONTENT_BLOCKED);
*aShouldLoad = nsIContentPolicy::REJECT_TYPE; *aShouldLoad = nsIContentPolicy::REJECT_TYPE;
@ -56,3 +47,17 @@ ImageBlocker::ShouldProcess(nsIURI* aContentLocation, nsILoadInfo* aLoadInfo,
*aShouldProcess = nsIContentPolicy::ACCEPT; *aShouldProcess = nsIContentPolicy::ACCEPT;
return NS_OK; return NS_OK;
} }
/* static */
bool ImageBlocker::ShouldBlock(nsIURI* aContentLocation) {
// Block loading images depending on the permissions.default.image pref.
if (StaticPrefs::permissions_default_image() !=
nsIPermissionManager::DENY_ACTION) {
return false;
}
// we only want to check http, https
// for chrome:// and resources and others, no need to check.
return aContentLocation->SchemeIs("http") ||
aContentLocation->SchemeIs("https");
}

View File

@ -25,6 +25,8 @@ class ImageBlocker final : public nsIContentPolicy {
public: public:
NS_DECL_ISUPPORTS NS_DECL_ISUPPORTS
NS_DECL_NSICONTENTPOLICY NS_DECL_NSICONTENTPOLICY
static bool ShouldBlock(nsIURI* aContentLocation);
}; };
} // namespace image } // namespace image