mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-09 03:15:11 +00:00
Bug 1252829 - CSP Telemetry. r=ckerschb, p=bsmedberg
MozReview-Commit-ID: CiNAxh2ZrHB --HG-- extra : transplant_source : %B8%00%E0%83%1B%29%BDI%DE%09%CDPN%AE%7B9Tk%8B%99
This commit is contained in:
parent
301ab6716b
commit
bf87c6c564
@ -1585,6 +1585,17 @@ nsDocument::~nsDocument()
|
||||
/* no mixed object subrequests loaded on page*/
|
||||
Accumulate(Telemetry::MIXED_CONTENT_OBJECT_SUBREQUEST, 0);
|
||||
}
|
||||
|
||||
// record CSP telemetry on this document
|
||||
if (mHasCSP) {
|
||||
Accumulate(Telemetry::CSP_DOCUMENTS_COUNT, 1);
|
||||
}
|
||||
if (mHasUnsafeInlineCSP) {
|
||||
Accumulate(Telemetry::CSP_UNSAFE_INLINE_DOCUMENTS_COUNT, 1);
|
||||
}
|
||||
if (mHasUnsafeEvalCSP) {
|
||||
Accumulate(Telemetry::CSP_UNSAFE_EVAL_DOCUMENTS_COUNT, 1);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -631,6 +631,30 @@ public:
|
||||
mHasMixedContentObjectSubrequest = aHasMixedContentObjectSubrequest;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set CSP flag for this document.
|
||||
*/
|
||||
void SetHasCSP(bool aHasCSP)
|
||||
{
|
||||
mHasCSP = aHasCSP;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set unsafe-inline CSP flag for this document.
|
||||
*/
|
||||
void SetHasUnsafeInlineCSP(bool aHasUnsafeInlineCSP)
|
||||
{
|
||||
mHasUnsafeInlineCSP = aHasUnsafeInlineCSP;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set unsafe-eval CSP flag for this document.
|
||||
*/
|
||||
void SetHasUnsafeEvalCSP(bool aHasUnsafeEvalCSP)
|
||||
{
|
||||
mHasUnsafeEvalCSP = aHasUnsafeEvalCSP;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get tracking content blocked flag for this document.
|
||||
*/
|
||||
@ -2934,6 +2958,15 @@ protected:
|
||||
// True if a document loads a plugin object that attempts to load mixed content subresources through necko(see nsMixedContentBlocker.cpp)
|
||||
bool mHasMixedContentObjectSubrequest : 1;
|
||||
|
||||
// True if a document load has a CSP attached.
|
||||
bool mHasCSP : 1;
|
||||
|
||||
// True if a document load has a CSP with unsafe-eval attached.
|
||||
bool mHasUnsafeEvalCSP : 1;
|
||||
|
||||
// True if a document load has a CSP with unsafe-inline attached.
|
||||
bool mHasUnsafeInlineCSP : 1;
|
||||
|
||||
// True if a document has blocked Tracking Content
|
||||
bool mHasTrackingContentBlocked : 1;
|
||||
|
||||
|
@ -614,6 +614,9 @@ nsCSPContext::SetRequestContext(nsIDOMDocument* aDOMDocument,
|
||||
// console messages until it becomes available, see flushConsoleMessages
|
||||
mQueueUpMessages = !mInnerWindowID;
|
||||
mCallingChannelLoadGroup = doc->GetDocumentLoadGroup();
|
||||
|
||||
// set the flag on the document for CSP telemetry
|
||||
doc->SetHasCSP(true);
|
||||
}
|
||||
else {
|
||||
NS_WARNING("No Document in SetRequestContext; can not query loadgroup; sending reports may fail.");
|
||||
|
@ -81,6 +81,10 @@ class nsCSPContext : public nsIContentSecurityPolicy
|
||||
mLoadingPrincipal = nullptr;
|
||||
}
|
||||
|
||||
nsWeakPtr GetLoadingContext(){
|
||||
return mLoadingContext;
|
||||
}
|
||||
|
||||
private:
|
||||
bool permitsInternal(CSPDirective aDir,
|
||||
nsIURI* aContentLocation,
|
||||
|
@ -578,6 +578,10 @@ nsCSPParser::keywordSource()
|
||||
}
|
||||
|
||||
if (CSP_IsKeyword(mCurToken, CSP_UNSAFE_INLINE)) {
|
||||
nsCOMPtr<nsIDocument> doc = do_QueryReferent(mCSPContext->GetLoadingContext());
|
||||
if (doc) {
|
||||
doc->SetHasUnsafeInlineCSP(true);
|
||||
}
|
||||
// make sure script-src only contains 'unsafe-inline' once;
|
||||
// ignore duplicates and log warning
|
||||
if (mUnsafeInlineKeywordSrc) {
|
||||
@ -593,6 +597,10 @@ nsCSPParser::keywordSource()
|
||||
}
|
||||
|
||||
if (CSP_IsKeyword(mCurToken, CSP_UNSAFE_EVAL)) {
|
||||
nsCOMPtr<nsIDocument> doc = do_QueryReferent(mCSPContext->GetLoadingContext());
|
||||
if (doc) {
|
||||
doc->SetHasUnsafeEvalCSP(true);
|
||||
}
|
||||
return new nsCSPKeywordSrc(CSP_KeywordToEnum(mCurToken));
|
||||
}
|
||||
return nullptr;
|
||||
|
@ -3279,6 +3279,27 @@
|
||||
"bug_numbers": [1150921],
|
||||
"description": "Server HTTP status code from remote SafeBrowsing gethash lookups. (0=1xx, 1=200, 2=2xx, 3=204, 4=3xx, 5=400, 6=4xx, 7=403, 8=404, 9=408, 10=413, 11=5xx, 12=502|504|511, 13=503, 14=505, 15=Other)"
|
||||
},
|
||||
"CSP_DOCUMENTS_COUNT": {
|
||||
"alert_emails": ["seceng@mozilla.com"],
|
||||
"bug_numbers": [1252829],
|
||||
"expires_in_version": "55",
|
||||
"kind": "count",
|
||||
"description": "Number of unique pages that contain a CSP"
|
||||
},
|
||||
"CSP_UNSAFE_INLINE_DOCUMENTS_COUNT": {
|
||||
"alert_emails": ["seceng@mozilla.com"],
|
||||
"bug_numbers": [1252829],
|
||||
"expires_in_version": "55",
|
||||
"kind": "count",
|
||||
"description": "Number of unique pages that contain an unsafe-inline CSP directive"
|
||||
},
|
||||
"CSP_UNSAFE_EVAL_DOCUMENTS_COUNT": {
|
||||
"alert_emails": ["seceng@mozilla.com"],
|
||||
"bug_numbers": [1252829],
|
||||
"expires_in_version": "55",
|
||||
"kind": "count",
|
||||
"description": "Number of unique pages that contain an unsafe-eval CSP directive"
|
||||
},
|
||||
"PLACES_PAGES_COUNT": {
|
||||
"expires_in_version": "never",
|
||||
"kind": "exponential",
|
||||
|
Loading…
Reference in New Issue
Block a user