Bug 1499000 - Make CORS use the right security flags to check whether an URL can be loaded. r=ckerschb

This fixes at least part of the problem. Without this patch, some of the flags may get lost, like the ALLOW_CHROME flag which controls whether stuff like resource:// URLs can be loaded or not. Differential Revision: https://phabricator.services.mozilla.com/D40633 --HG-- extra : moz-landing-system : lando
2024-10-20 00:35:44 +00:00 · 2019-08-05 19:28:00 +00:00 · 2019-08-05 19:28:00 +00:00 · 6da1e7506f
commit 6da1e7506f
parent 30fc8c8c4d
3 changed files with 19 additions and 12 deletions
--- a/dom/security/nsContentSecurityManager.cpp
+++ b/dom/security/nsContentSecurityManager.cpp
@ -615,19 +615,11 @@ static nsresult DoCheckLoadURIChecks(nsIURI* aURI, nsILoadInfo* aLoadInfo) {
    return NS_OK;
  }

-  uint32_t flags = nsIScriptSecurityManager::STANDARD;
-  if (aLoadInfo->GetAllowChrome()) {
-    flags |= nsIScriptSecurityManager::ALLOW_CHROME;
-  }
-  if (aLoadInfo->GetDisallowScript()) {
-    flags |= nsIScriptSecurityManager::DISALLOW_SCRIPT;
-  }
-
  // Only call CheckLoadURIWithPrincipal() using the TriggeringPrincipal and not
  // the LoadingPrincipal when SEC_ALLOW_CROSS_ORIGIN_* security flags are set,
  // to allow, e.g. user stylesheets to load chrome:// URIs.
  return nsContentUtils::GetSecurityManager()->CheckLoadURIWithPrincipal(
-      aLoadInfo->TriggeringPrincipal(), aURI, flags);
+      aLoadInfo->TriggeringPrincipal(), aURI, aLoadInfo->CheckLoadURIFlags());
 }

 static bool URIHasFlags(nsIURI* aURI, uint32_t aURIFlags) {
--- a/netwerk/base/nsILoadInfo.idl
+++ b/netwerk/base/nsILoadInfo.idl
@ -6,6 +6,7 @@

 #include "nsISupports.idl"
 #include "nsIContentPolicy.idl"
+#include "nsIScriptSecurityManager.idl"

 interface nsIChannel;
 interface nsIContentSecurityPolicy;
@ -398,7 +399,7 @@ interface nsILoadInfo : nsISupports
   */
  readonly attribute nsSecurityFlags securityFlags;

-%{ C++
+%{C++
  inline nsSecurityFlags GetSecurityFlags()
  {
    nsSecurityFlags result;
@ -494,6 +495,19 @@ interface nsILoadInfo : nsISupports
   */
  [infallible] readonly attribute boolean disallowScript;

+%{C++
+  uint32_t CheckLoadURIFlags() {
+    uint32_t flags = nsIScriptSecurityManager::STANDARD;
+    if (GetAllowChrome()) {
+      flags |= nsIScriptSecurityManager::ALLOW_CHROME;
+    }
+    if (GetDisallowScript()) {
+      flags |= nsIScriptSecurityManager::DISALLOW_SCRIPT;
+    }
+    return flags;
+  }
+%}
+
  /**
   * Returns true if SEC_DONT_FOLLOW_REDIRECTS is set.
   */
--- a/netwerk/protocol/http/nsCORSListenerProxy.cpp
+++ b/netwerk/protocol/http/nsCORSListenerProxy.cpp
@ -920,13 +920,14 @@ nsresult nsCORSListenerProxy::UpdateChannel(nsIChannel* aChannel,
  // consider calling SetBlockedRequest in nsCORSListenerProxy::UpdateChannel
  //
  // Check that the uri is ok to load
+  uint32_t flags = loadInfo->CheckLoadURIFlags();
  rv = nsContentUtils::GetSecurityManager()->CheckLoadURIWithPrincipal(
-      mRequestingPrincipal, uri, nsIScriptSecurityManager::STANDARD);
+      mRequestingPrincipal, uri, flags);
  NS_ENSURE_SUCCESS(rv, rv);

  if (originalURI != uri) {
    rv = nsContentUtils::GetSecurityManager()->CheckLoadURIWithPrincipal(
-        mRequestingPrincipal, originalURI, nsIScriptSecurityManager::STANDARD);
+        mRequestingPrincipal, originalURI, flags);
    NS_ENSURE_SUCCESS(rv, rv);
  }