Bug 1594234 remove extensions.content_script_csp preferences in favor of extensions.manifestV3.enabled r=robwu

Differential Revision: https://phabricator.services.mozilla.com/D101212
This commit is contained in:
Shane Caraveo 2021-01-19 19:43:09 +00:00
parent 98c9307c72
commit 6a2b434485
5 changed files with 11 additions and 44 deletions

View File

@ -414,9 +414,6 @@ bool nsScriptSecurityManager::ContentSecurityPolicyPermitsJSAction(
nsCOMPtr<nsIPrincipal> subjectPrincipal = nsContentUtils::SubjectPrincipal();
if (!csp) {
if (!StaticPrefs::extensions_content_script_csp_enabled()) {
return true;
}
// Get the CSP for addon sandboxes. If the principal is expanded and has a
// csp, we're probably in luck.
auto* basePrin = BasePrincipal::Cast(subjectPrincipal);

View File

@ -1113,9 +1113,6 @@ bool xpc::GlobalProperties::DefineInSandbox(JSContext* cx,
* provided by the extension in its manifest.
*/
nsresult ApplyAddonContentScriptCSP(nsISupports* prinOrSop) {
if (!StaticPrefs::extensions_content_script_csp_enabled()) {
return NS_OK;
}
nsCOMPtr<nsIPrincipal> principal = do_QueryInterface(prinOrSop);
if (!principal) {
return NS_OK;
@ -1166,9 +1163,7 @@ nsresult ApplyAddonContentScriptCSP(nsISupports* prinOrSop) {
csp = new nsCSPContext();
MOZ_TRY(csp->SetRequestContextWithPrincipal(expanded, selfURI, u""_ns, 0));
bool reportOnly = StaticPrefs::extensions_content_script_csp_report_only();
MOZ_TRY(csp->AppendPolicy(baseCSP, reportOnly, false));
MOZ_TRY(csp->AppendPolicy(baseCSP, false, false));
expanded->SetCsp(csp);
return NS_OK;

View File

@ -3660,18 +3660,6 @@
value: false
mirror: always
# This pref governs whether we enable content script CSP in extensions.
- name: extensions.content_script_csp.enabled
type: bool
value: false
mirror: always
# This pref governs whether content script CSP is report-only.
- name: extensions.content_script_csp.report_only
type: bool
value: true
mirror: always
# This pref governs whether we run webextensions in a separate process (true)
# or the parent/main process (false)
- name: extensions.webextensions.remote

View File

@ -6,9 +6,6 @@ const { TestUtils } = ChromeUtils.import(
"resource://testing-common/TestUtils.jsm"
);
// Enable and turn off report-only so we can validate the results.
Services.prefs.setBoolPref("extensions.content_script_csp.enabled", true);
Services.prefs.setBoolPref("extensions.content_script_csp.report_only", false);
Services.prefs.setBoolPref("extensions.manifestV3.enabled", true);
const server = createHttpServer({

View File

@ -39,7 +39,6 @@ var gContentSecurityPolicy = null;
const BASE_URL = `http://example.com`;
const CSP_REPORT_PATH = "/csp-report.sjs";
const CSP_REPORT_URL = `http://csplog.example.net/csp-report.sjs`;
/**
* Registers a static HTML document with the given content at the given
@ -1320,24 +1319,7 @@ add_task(async function test_contentscript_csp() {
* content page.
*/
add_task(async function test_extension_contentscript_csp() {
Services.prefs.setBoolPref("extensions.content_script_csp.enabled", true);
Services.prefs.setBoolPref(
"extensions.content_script_csp.report_only",
false
);
// Add reporting to base and default CSP as this cannot be done via manifest.
let baseCSP = Services.prefs.getStringPref(
"extensions.webextensions.base-content-security-policy"
);
Services.prefs.setStringPref(
"extensions.webextensions.base-content-security-policy",
`${baseCSP} report-uri ${CSP_REPORT_URL};`
);
Services.prefs.setStringPref(
"extensions.webextensions.default-content-security-policy",
`script-src 'self' 'report-sample'; object-src 'self' 'report-sample'; report-uri ${CSP_REPORT_URL};`
);
Services.prefs.setBoolPref("extensions.manifestV3.enabled", true);
// TODO bug 1408193: We currently don't get the full set of CSP reports when
// running in network scheduling chaos mode. It's not entirely clear why.
@ -1346,7 +1328,14 @@ add_task(async function test_extension_contentscript_csp() {
gContentSecurityPolicy = `default-src 'none' 'report-sample'; script-src 'nonce-deadbeef' 'unsafe-eval' 'report-sample'; report-uri ${CSP_REPORT_PATH};`;
let extension = ExtensionTestUtils.loadExtension(EXTENSION_DATA);
let data = {
...EXTENSION_DATA,
manifest: {
...EXTENSION_DATA.manifest,
manifest_version: 3,
},
};
let extension = ExtensionTestUtils.loadExtension(data);
await extension.startup();
let urlsPromise = extension.awaitMessage("css-sources").then(msg => {
@ -1369,4 +1358,5 @@ add_task(async function test_extension_contentscript_csp() {
await extension.unload();
await contentPage.close();
Services.prefs.clearUserPref("extensions.manifestV3.enabled");
});