mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-07 18:04:46 +00:00
Bug 1770094 r=freddyb,emilio
Differential Revision: https://phabricator.services.mozilla.com/D154518
This commit is contained in:
parent
2e3088ee79
commit
8b61fb65a2
@ -792,7 +792,8 @@ nsresult HTMLFormSubmission::GetFromForm(HTMLFormElement* aForm,
|
||||
// policy - do *not* consult default-src, see:
|
||||
// http://www.w3.org/TR/CSP2/#directive-default-src
|
||||
rv = csp->Permits(aForm, nullptr /* nsICSPEventListener */, actionURL,
|
||||
nsIContentSecurityPolicy::FORM_ACTION_DIRECTIVE, true,
|
||||
nsIContentSecurityPolicy::FORM_ACTION_DIRECTIVE,
|
||||
true /* aSpecific */, true /* aSendViolationReports */,
|
||||
&permitsFormAction);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
if (!permitsFormAction) {
|
||||
|
@ -155,10 +155,10 @@ static void SetBaseURIUsingFirstBaseWithHref(Document* aDocument,
|
||||
// policy - do *not* consult default-src, see:
|
||||
// http://www.w3.org/TR/CSP2/#directive-default-src
|
||||
bool cspPermitsBaseURI = true;
|
||||
rv = csp->Permits(child->AsElement(), nullptr /* nsICSPEventListener */,
|
||||
newBaseURI,
|
||||
nsIContentSecurityPolicy::BASE_URI_DIRECTIVE, true,
|
||||
&cspPermitsBaseURI);
|
||||
rv = csp->Permits(
|
||||
child->AsElement(), nullptr /* nsICSPEventListener */, newBaseURI,
|
||||
nsIContentSecurityPolicy::BASE_URI_DIRECTIVE, true /* aSpecific */,
|
||||
true /* aSendViolationReports */, &cspPermitsBaseURI);
|
||||
if (NS_FAILED(rv) || !cspPermitsBaseURI) {
|
||||
newBaseURI = nullptr;
|
||||
}
|
||||
|
@ -307,11 +307,8 @@ interface nsIContentSecurityPolicy : nsISerializable
|
||||
/**
|
||||
* Checks if a specific directive permits loading of a URI.
|
||||
*
|
||||
* NOTE: Calls to this may trigger violation reports when queried, so the
|
||||
* return value should not be cached.
|
||||
*
|
||||
* @param aTriggeringElement
|
||||
* The element that triggers this CSP check. It can be null.
|
||||
* The element that triggers this CSP check. It can be null.
|
||||
* @param aURI
|
||||
* The URI about to be loaded or used.
|
||||
* @param aDir
|
||||
@ -323,6 +320,9 @@ interface nsIContentSecurityPolicy : nsISerializable
|
||||
* "false" allows CSP to fall back to default-src. This function
|
||||
* behaves the same for both values of canUseDefault when querying
|
||||
* directives that don't fall-back.
|
||||
* @param aSendViolationReports
|
||||
* If `true` and the uri is not allowed then trigger violation reports.
|
||||
* This should be `false` for caching or preloads.
|
||||
* @return
|
||||
* Whether or not the provided URI is allowed by CSP under the given
|
||||
* directive. (block the pending operation if false).
|
||||
@ -331,7 +331,8 @@ interface nsIContentSecurityPolicy : nsISerializable
|
||||
in nsICSPEventListener aCSPEventListener,
|
||||
in nsIURI aURI,
|
||||
in nsIContentSecurityPolicy_CSPDirective aDir,
|
||||
in boolean aSpecific);
|
||||
in boolean aSpecific,
|
||||
in boolean aSendViolationReports);
|
||||
|
||||
/**
|
||||
* Delegate method called by the service when sub-elements of the protected
|
||||
|
@ -1721,7 +1721,8 @@ nsCSPContext::PermitsAncestry(nsILoadInfo* aLoadInfo,
|
||||
NS_IMETHODIMP
|
||||
nsCSPContext::Permits(Element* aTriggeringElement,
|
||||
nsICSPEventListener* aCSPEventListener, nsIURI* aURI,
|
||||
CSPDirective aDir, bool aSpecific, bool* outPermits) {
|
||||
CSPDirective aDir, bool aSpecific,
|
||||
bool aSendViolationReports, bool* outPermits) {
|
||||
// Can't perform check without aURI
|
||||
if (aURI == nullptr) {
|
||||
return NS_ERROR_FAILURE;
|
||||
@ -1743,14 +1744,14 @@ nsCSPContext::Permits(Element* aTriggeringElement,
|
||||
permitsInternal(aDir, aTriggeringElement, aCSPEventListener, aURI,
|
||||
nullptr, // no original (pre-redirect) URI
|
||||
u""_ns, // no nonce
|
||||
aSpecific,
|
||||
true, // send violation reports
|
||||
aSpecific, aSendViolationReports,
|
||||
true, // send blocked URI in violation reports
|
||||
false); // not parser created
|
||||
|
||||
if (CSPCONTEXTLOGENABLED()) {
|
||||
CSPCONTEXTLOG(("nsCSPContext::Permits, aUri: %s, aDir: %d, isAllowed: %s",
|
||||
aURI->GetSpecOrDefault().get(), aDir,
|
||||
CSPCONTEXTLOG(("nsCSPContext::Permits, aUri: %s, aDir: %s, isAllowed: %s",
|
||||
aURI->GetSpecOrDefault().get(),
|
||||
CSP_CSPDirectiveToString(aDir),
|
||||
*outPermits ? "allow" : "deny"));
|
||||
}
|
||||
|
||||
|
@ -1314,11 +1314,28 @@ void nsHtml5TreeOpExecutor::SetSpeculationBase(const nsAString& aURL) {
|
||||
// the first one wins
|
||||
return;
|
||||
}
|
||||
|
||||
auto encoding = mDocument->GetDocumentCharacterSet();
|
||||
DebugOnly<nsresult> rv = NS_NewURI(getter_AddRefs(mSpeculationBaseURI), aURL,
|
||||
encoding, mDocument->GetDocumentURI());
|
||||
nsCOMPtr<nsIURI> newBaseURI;
|
||||
DebugOnly<nsresult> rv = NS_NewURI(getter_AddRefs(newBaseURI), aURL, encoding,
|
||||
mDocument->GetDocumentURI());
|
||||
NS_WARNING_ASSERTION(NS_SUCCEEDED(rv), "Failed to create a URI");
|
||||
|
||||
nsCOMPtr<nsIContentSecurityPolicy> csp = mDocument->GetPreloadCsp();
|
||||
if (csp && newBaseURI) {
|
||||
// base-uri should not fallback to the default-src and preloads should not
|
||||
// trigger violation reports.
|
||||
bool cspPermitsBaseURI = true;
|
||||
nsresult rv = csp->Permits(
|
||||
nullptr, nullptr, newBaseURI,
|
||||
nsIContentSecurityPolicy::BASE_URI_DIRECTIVE, true /* aSpecific */,
|
||||
false /* aSendViolationReports */, &cspPermitsBaseURI);
|
||||
if (NS_FAILED(rv) || !cspPermitsBaseURI) {
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
mSpeculationBaseURI = newBaseURI;
|
||||
mDocument->Preloads().SetSpeculationBase(mSpeculationBaseURI);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user