Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-08 10:44:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Backed out 7 changesets (bug 1048048) for android crashes in various chunks CLOSED TREE

Browse Source 
Backed out changeset b5abe23a4ea5 (bug 1048048)
Backed out changeset 4f91b10e8be0 (bug 1048048)
Backed out changeset 450d4a13c90e (bug 1048048)
Backed out changeset 6a727c40eb68 (bug 1048048)
Backed out changeset 88c2333ff745 (bug 1048048)
Backed out changeset 740ab1ecd079 (bug 1048048)
Backed out changeset 02c6d6aef163 (bug 1048048)
This commit is contained in:
Wes Kocher 2015-09-21 09:08:34 -07:00
parent fd3141b39a
commit cd079d2bf9
50 changed files with 147 additions and 441 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
browser/modules/ContentLinkHandler.jsm
View File

@ -164,7 +164,7 @@ this.ContentLinkHandler = {
}
// Security says okay, now ask content policy
if (contentPolicy.shouldLoad(Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE,
if (contentPolicy.shouldLoad(Ci.nsIContentPolicy.TYPE_IMAGE,
uri, targetDoc.documentURIObject,
aLink, aLink.type, null)
!= Ci.nsIContentPolicy.ACCEPT)

2
browser/modules/WindowsPreviewPerTab.jsm
View File

@ -79,7 +79,7 @@ function _imageFromURI(doc, uri, privateMode, callback) {
null, // aLoadingPrincipal
null, // aTriggeringPrincipal
Ci.nsILoadInfo.SEC_NORMAL,
Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE);
Ci.nsIContentPolicy.TYPE_IMAGE);
try {
channel.QueryInterface(Ci.nsIPrivateBrowsingChannel);
channel.setPrivate(privateMode);

16
dom/base/nsContentPolicy.cpp
View File

@ -13,7 +13,6 @@
#include "nsISupports.h"
#include "nsXPCOM.h"
#include "nsContentPolicyUtils.h"
#include "mozilla/dom/nsCSPService.h"
#include "nsContentPolicy.h"
#include "nsIURI.h"
#include "nsIDocShell.h"
@ -124,15 +123,9 @@ nsContentPolicy::CheckPolicy(CPMethod policyMethod,
nsContentPolicyType externalTypeOrScript =
nsContentUtils::InternalContentPolicyTypeToExternalOrScript(contentType);
nsContentPolicyType externalTypeOrPreload =
nsContentUtils::InternalContentPolicyTypeToExternalOrPreload(contentType);
nsCOMPtr<nsIContentPolicy> mixedContentBlocker =
do_GetService(NS_MIXEDCONTENTBLOCKER_CONTRACTID);
nsCOMPtr<nsIContentPolicy> cspService =
do_GetService(CSPSERVICE_CONTRACTID);
/*
* Enumerate mPolicies and ask each of them, taking the logical AND of
* their permissions.
@ -151,15 +144,6 @@ nsContentPolicy::CheckPolicy(CPMethod policyMethod,
if (isMixedContentBlocker) {
type = externalTypeOrScript;
}
// Send the internal content policy type for CSP which needs to
// know about preloads, in particular:
// * TYPE_INTERNAL_SCRIPT_PRELOAD
// * TYPE_INTERNAL_IMAGE_PRELOAD
// * TYPE_INTERNAL_STYLESHEET_PRELOAD
bool isCSP = cspService == entries[i];
if (isCSP) {
type = externalTypeOrPreload;
}
rv = (entries[i]->*policyMethod)(type, contentLocation,
requestingLocation, requestingContext,
mimeType, extra, requestPrincipal,

75
dom/base/nsContentPolicyUtils.h
View File

@ -92,46 +92,41 @@ inline const char *
NS_CP_ContentTypeName(uint32_t contentType)
{
switch (contentType) {
CASE_RETURN( TYPE_OTHER );
CASE_RETURN( TYPE_SCRIPT );
CASE_RETURN( TYPE_IMAGE );
CASE_RETURN( TYPE_STYLESHEET );
CASE_RETURN( TYPE_OBJECT );
CASE_RETURN( TYPE_DOCUMENT );
CASE_RETURN( TYPE_SUBDOCUMENT );
CASE_RETURN( TYPE_REFRESH );
CASE_RETURN( TYPE_XBL );
CASE_RETURN( TYPE_PING );
CASE_RETURN( TYPE_XMLHTTPREQUEST );
CASE_RETURN( TYPE_OBJECT_SUBREQUEST );
CASE_RETURN( TYPE_DTD );
CASE_RETURN( TYPE_FONT );
CASE_RETURN( TYPE_MEDIA );
CASE_RETURN( TYPE_WEBSOCKET );
CASE_RETURN( TYPE_CSP_REPORT );
CASE_RETURN( TYPE_XSLT );
CASE_RETURN( TYPE_BEACON );
CASE_RETURN( TYPE_FETCH );
CASE_RETURN( TYPE_IMAGESET );
CASE_RETURN( TYPE_WEB_MANIFEST );
CASE_RETURN( TYPE_INTERNAL_SCRIPT );
CASE_RETURN( TYPE_INTERNAL_WORKER );
CASE_RETURN( TYPE_INTERNAL_SHARED_WORKER );
CASE_RETURN( TYPE_INTERNAL_EMBED );
CASE_RETURN( TYPE_INTERNAL_OBJECT );
CASE_RETURN( TYPE_INTERNAL_FRAME );
CASE_RETURN( TYPE_INTERNAL_IFRAME );
CASE_RETURN( TYPE_INTERNAL_AUDIO );
CASE_RETURN( TYPE_INTERNAL_VIDEO );
CASE_RETURN( TYPE_INTERNAL_TRACK );
CASE_RETURN( TYPE_INTERNAL_XMLHTTPREQUEST );
CASE_RETURN( TYPE_INTERNAL_EVENTSOURCE );
CASE_RETURN( TYPE_INTERNAL_SERVICE_WORKER );
CASE_RETURN( TYPE_INTERNAL_SCRIPT_PRELOAD );
CASE_RETURN( TYPE_INTERNAL_IMAGE );
CASE_RETURN( TYPE_INTERNAL_IMAGE_PRELOAD );
CASE_RETURN( TYPE_INTERNAL_STYLESHEET );
CASE_RETURN( TYPE_INTERNAL_STYLESHEET_PRELOAD );
CASE_RETURN( TYPE_OTHER );
CASE_RETURN( TYPE_SCRIPT );
CASE_RETURN( TYPE_IMAGE );
CASE_RETURN( TYPE_STYLESHEET );
CASE_RETURN( TYPE_OBJECT );
CASE_RETURN( TYPE_DOCUMENT );
CASE_RETURN( TYPE_SUBDOCUMENT );
CASE_RETURN( TYPE_REFRESH );
CASE_RETURN( TYPE_XBL );
CASE_RETURN( TYPE_PING );
CASE_RETURN( TYPE_XMLHTTPREQUEST );
CASE_RETURN( TYPE_OBJECT_SUBREQUEST );
CASE_RETURN( TYPE_DTD );
CASE_RETURN( TYPE_FONT );
CASE_RETURN( TYPE_MEDIA );
CASE_RETURN( TYPE_WEBSOCKET );
CASE_RETURN( TYPE_CSP_REPORT );
CASE_RETURN( TYPE_XSLT );
CASE_RETURN( TYPE_BEACON );
CASE_RETURN( TYPE_FETCH );
CASE_RETURN( TYPE_IMAGESET );
CASE_RETURN( TYPE_WEB_MANIFEST );
CASE_RETURN( TYPE_INTERNAL_SCRIPT );
CASE_RETURN( TYPE_INTERNAL_WORKER );
CASE_RETURN( TYPE_INTERNAL_SHARED_WORKER );
CASE_RETURN( TYPE_INTERNAL_EMBED );
CASE_RETURN( TYPE_INTERNAL_OBJECT );
CASE_RETURN( TYPE_INTERNAL_FRAME );
CASE_RETURN( TYPE_INTERNAL_IFRAME );
CASE_RETURN( TYPE_INTERNAL_AUDIO );
CASE_RETURN( TYPE_INTERNAL_VIDEO );
CASE_RETURN( TYPE_INTERNAL_TRACK );
CASE_RETURN( TYPE_INTERNAL_XMLHTTPREQUEST );
CASE_RETURN( TYPE_INTERNAL_EVENTSOURCE );
CASE_RETURN( TYPE_INTERNAL_SERVICE_WORKER );
default:
return "<Unknown Type>";
}

20
dom/base/nsContentUtils.cpp
View File

@ -7959,7 +7959,6 @@ nsContentUtils::InternalContentPolicyTypeToExternal(nsContentPolicyType aType)
{
switch (aType) {
case nsIContentPolicy::TYPE_INTERNAL_SCRIPT:
case nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD:
case nsIContentPolicy::TYPE_INTERNAL_WORKER:
case nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER:
case nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER:
@ -7982,14 +7981,6 @@ nsContentUtils::InternalContentPolicyTypeToExternal(nsContentPolicyType aType)
case nsIContentPolicy::TYPE_INTERNAL_EVENTSOURCE:
return nsIContentPolicy::TYPE_XMLHTTPREQUEST;
case nsIContentPolicy::TYPE_INTERNAL_IMAGE:
case nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD:
return nsIContentPolicy::TYPE_IMAGE;
case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET:
case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD:
return nsIContentPolicy::TYPE_STYLESHEET;
default:
return aType;
}
@ -8011,17 +8002,6 @@ nsContentUtils::InternalContentPolicyTypeToExternalOrScript(nsContentPolicyType
}
}
/* static */
nsContentPolicyType
nsContentUtils::InternalContentPolicyTypeToExternalOrPreload(nsContentPolicyType aType)
{
if (aType == nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD ||
aType == nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD ||
aType == nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD) {
return aType;
}
return InternalContentPolicyTypeToExternal(aType);
}
nsresult
nsContentUtils::SetFetchReferrerURIWithPolicy(nsIPrincipal* aPrincipal,

18
dom/base/nsContentUtils.h
View File

@ -624,7 +624,7 @@ public:
* @param aContext the context the image is loaded in (eg an element)
* @param aLoadingDocument the document we belong to
* @param aLoadingPrincipal the principal doing the load
* @param [aContentPolicyType=nsIContentPolicy::TYPE_INTERNAL_IMAGE] (Optional)
* @param [aContentPolicyType=nsIContentPolicy::TYPE_IMAGE] (Optional)
* The CP content type to use
* @param aImageBlockingStatus the nsIContentPolicy blocking status for this
* image. This will be set even if a security check fails for the
@ -640,7 +640,7 @@ public:
nsIDocument* aLoadingDocument,
nsIPrincipal* aLoadingPrincipal,
int16_t* aImageBlockingStatus = nullptr,
uint32_t aContentPolicyType = nsIContentPolicy::TYPE_INTERNAL_IMAGE);
uint32_t aContentPolicyType = nsIContentPolicy::TYPE_IMAGE);
/**
* Returns true if objects in aDocument shouldn't initiate image loads.
@ -660,7 +660,7 @@ public:
* creation
* @param aObserver the observer for the image load
* @param aLoadFlags the load flags to use. See nsIRequest
* @param [aContentPolicyType=nsIContentPolicy::TYPE_INTERNAL_IMAGE] (Optional)
* @param [aContentPolicyType=nsIContentPolicy::TYPE_IMAGE] (Optional)
* The CP content type to use
* @return the imgIRequest for the image load
*/
@ -673,7 +673,7 @@ public:
int32_t aLoadFlags,
const nsAString& initiatorType,
imgRequestProxy** aRequest,
uint32_t aContentPolicyType = nsIContentPolicy::TYPE_INTERNAL_IMAGE);
uint32_t aContentPolicyType = nsIContentPolicy::TYPE_IMAGE);
/**
* Obtain an image loader that respects the given document/channel's privacy status.
@ -965,16 +965,6 @@ public:
*/
static nsContentPolicyType InternalContentPolicyTypeToExternalOrScript(nsContentPolicyType aType);
/**
* Map internal content policy types to external ones or preload types:
* * TYPE_INTERNAL_SCRIPT_PRELOAD
* * TYPE_INTERNAL_IMAGE_PRELOAD
* * TYPE_INTERNAL_STYLESHEET_PRELOAD
*
* Note: DO NOT call this function unless you know what you're doing!
*/
static nsContentPolicyType InternalContentPolicyTypeToExternalOrPreload(nsContentPolicyType aType);
/**
* Quick helper to determine whether there are any mutation listeners
* of a given type that apply to this content or any of its ancestors.

8
dom/base/nsDocument.cpp
View File

@ -9739,8 +9739,7 @@ nsDocument::MaybePreLoadImage(nsIURI* uri, const nsAString &aCrossOriginAttr,
int16_t blockingStatus;
if (nsContentUtils::IsImageInCache(uri, static_cast<nsIDocument *>(this)) ||
!nsContentUtils::CanLoadImage(uri, static_cast<nsIDocument *>(this),
this, NodePrincipal(), &blockingStatus,
nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD)) {
this, NodePrincipal(), &blockingStatus)) {
return;
}
@ -9770,8 +9769,7 @@ nsDocument::MaybePreLoadImage(nsIURI* uri, const nsAString &aCrossOriginAttr,
nullptr, // no observer
loadFlags,
NS_LITERAL_STRING("img"),
getter_AddRefs(request),
nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD);
getter_AddRefs(request));
// Pin image-reference to avoid evicting it from the img-cache before
// the "real" load occurs. Unpinned in DispatchContentLoadedEvents and
@ -9885,7 +9883,7 @@ nsDocument::PreloadStyle(nsIURI* uri, const nsAString& charset,
nsCOMPtr<nsICSSLoaderObserver> obs = new StubCSSLoaderObserver();
// Charset names are always ASCII.
CSSLoader()->LoadSheet(uri, true, NodePrincipal(),
CSSLoader()->LoadSheet(uri, NodePrincipal(),
NS_LossyConvertUTF16toASCII(charset),
obs,
Element::StringToCORSMode(aCrossOriginAttr),

2
dom/base/nsIContentPolicy.idl
View File

@ -20,7 +20,7 @@ interface nsIPrincipal;
* by launching a dialog to prompt the user for something).
*/
[scriptable,uuid(caad4f1f-d047-46ac-ae9d-dc598e4fb91b)]
[scriptable,uuid(ce321216-c404-40a7-a711-d80454ec6b76)]
interface nsIContentPolicy : nsIContentPolicyBase
{
/**

43
dom/base/nsIContentPolicyBase.idl
View File

@ -24,7 +24,7 @@ typedef unsigned long nsContentPolicyType;
* by launching a dialog to prompt the user for something).
*/
[scriptable,uuid(17418187-d86f-48dd-92d1-238838df0a4e)]
[scriptable,uuid(8527ae0d-0c43-4413-bc46-85c0bcb66876)]
interface nsIContentPolicyBase : nsISupports
{
/**
@ -280,47 +280,6 @@ interface nsIContentPolicyBase : nsISupports
*/
const nsContentPolicyType TYPE_INTERNAL_SERVICE_WORKER = 35;
/**
* Indicates an internal constant for *preloaded* scripts
* loaded through script elements.
*
* This will be mapped to TYPE_SCRIPT before being passed
* to content policy implementations.
*/
const nsContentPolicyType TYPE_INTERNAL_SCRIPT_PRELOAD = 36;
/**
* Indicates an internal constant for normal images.
*
* This will be mapped to TYPE_IMAGE before being passed
* to content policy implementations.
*/
const nsContentPolicyType TYPE_INTERNAL_IMAGE = 37;
/**
* Indicates an internal constant for *preloaded* images.
*
* This will be mapped to TYPE_IMAGE before being passed
* to content policy implementations.
*/
const nsContentPolicyType TYPE_INTERNAL_IMAGE_PRELOAD = 38;
/**
* Indicates an internal constant for normal stylesheets.
*
* This will be mapped to TYPE_STYLESHEET before being passed
* to content policy implementations.
*/
const nsContentPolicyType TYPE_INTERNAL_STYLESHEET = 39;
/**
* Indicates an internal constant for *preloaded* stylesheets.
*
* This will be mapped to TYPE_STYLESHEET before being passed
* to content policy implementations.
*/
const nsContentPolicyType TYPE_INTERNAL_STYLESHEET_PRELOAD = 40;
/* When adding new content types, please update nsContentBlocker,
* NS_CP_ContentTypeName, nsCSPContext, all nsIContentPolicy
* implementations, the static_assert in dom/cache/DBSchema.cpp,

2
dom/base/nsImageLoadingContent.cpp
View File

@ -589,7 +589,7 @@ nsImageLoadingContent::PolicyTypeForLoad(ImageLoadType aImageLoadType)
MOZ_ASSERT(aImageLoadType == eImageLoadType_Normal,
"Unknown ImageLoadType type in PolicyTypeForLoad");
return nsIContentPolicy::TYPE_INTERNAL_IMAGE;
return nsIContentPolicy::TYPE_IMAGE;
}
int32_t

2
dom/base/nsObjectLoadingContent.cpp
View File

@ -1530,7 +1530,7 @@ nsObjectLoadingContent::CheckProcessPolicy(int16_t *aContentPolicy)
int32_t objectType;
switch (mType) {
case eType_Image:
objectType = nsIContentPolicy::TYPE_INTERNAL_IMAGE;
objectType = nsIContentPolicy::TYPE_IMAGE;
break;
case eType_Document:
objectType = nsIContentPolicy::TYPE_DOCUMENT;

24
dom/base/nsScriptLoader.cpp
View File

@ -223,15 +223,10 @@ nsresult
nsScriptLoader::CheckContentPolicy(nsIDocument* aDocument,
nsISupports *aContext,
nsIURI *aURI,
const nsAString &aType,
bool aIsPreLoad)
const nsAString &aType)
{
nsContentPolicyType contentPolicyType = aIsPreLoad
? nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD
: nsIContentPolicy::TYPE_INTERNAL_SCRIPT;
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
nsresult rv = NS_CheckContentLoadPolicy(contentPolicyType,
nsresult rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_INTERNAL_SCRIPT,
aURI,
aDocument->NodePrincipal(),
aContext,
@ -254,8 +249,7 @@ nsresult
nsScriptLoader::ShouldLoadScript(nsIDocument* aDocument,
nsISupports* aContext,
nsIURI* aURI,
const nsAString &aType,
bool aIsPreLoad)
const nsAString &aType)
{
// Check that the containing page is allowed to load this URI.
nsresult rv = nsContentUtils::GetSecurityManager()->
@ -265,7 +259,7 @@ nsScriptLoader::ShouldLoadScript(nsIDocument* aDocument,
NS_ENSURE_SUCCESS(rv, rv);
// After the security manager, the content-policy stuff gets a veto
rv = CheckContentPolicy(aDocument, aContext, aURI, aType, aIsPreLoad);
rv = CheckContentPolicy(aDocument, aContext, aURI, aType);
if (NS_FAILED(rv)) {
return rv;
}
@ -280,7 +274,7 @@ nsScriptLoader::StartLoad(nsScriptLoadRequest *aRequest, const nsAString &aType,
nsISupports *context = aRequest->mElement.get()
? static_cast<nsISupports *>(aRequest->mElement.get())
: static_cast<nsISupports *>(mDocument);
nsresult rv = ShouldLoadScript(mDocument, context, aRequest->mURI, aType, aRequest->IsPreload());
nsresult rv = ShouldLoadScript(mDocument, context, aRequest->mURI, aType);
if (NS_FAILED(rv)) {
return rv;
}
@ -302,16 +296,12 @@ nsScriptLoader::StartLoad(nsScriptLoadRequest *aRequest, const nsAString &aType,
return NS_OK;
}
nsContentPolicyType contentPolicyType = aRequest->IsPreload()
? nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD
: nsIContentPolicy::TYPE_INTERNAL_SCRIPT;
nsCOMPtr<nsIChannel> channel;
rv = NS_NewChannel(getter_AddRefs(channel),
aRequest->mURI,
mDocument,
nsILoadInfo::SEC_NORMAL,
contentPolicyType,
nsIContentPolicy::TYPE_INTERNAL_SCRIPT,
loadGroup,
prompter,
nsIRequest::LOAD_NORMAL |
@ -540,7 +530,7 @@ nsScriptLoader::ProcessScriptElement(nsIScriptElement *aElement)
if (elementCharset.Equals(preloadCharset) &&
ourCORSMode == request->mCORSMode &&
ourRefPolicy == request->mReferrerPolicy) {
rv = CheckContentPolicy(mDocument, aElement, request->mURI, type, false);
rv = CheckContentPolicy(mDocument, aElement, request->mURI, type);
NS_ENSURE_SUCCESS(rv, false);
} else {
// Drop the preload

6
dom/base/nsScriptLoader.h
View File

@ -354,8 +354,7 @@ public:
static nsresult ShouldLoadScript(nsIDocument* aDocument,
nsISupports* aContext,
nsIURI* aURI,
const nsAString &aType,
bool aIsPreLoad);
const nsAString &aType);
/**
* Starts deferring deferred scripts and puts them in the mDeferredRequests
@ -436,8 +435,7 @@ private:
static nsresult CheckContentPolicy(nsIDocument* aDocument,
nsISupports *aContext,
nsIURI *aURI,
const nsAString &aType,
bool aIsPreLoad);
const nsAString &aType);
/**
* Start a load for aRequest's URI.

7
dom/cache/DBSchema.cpp vendored
View File

@ -275,12 +275,7 @@ static_assert(nsIContentPolicy::TYPE_INVALID == 0 &&
nsIContentPolicy::TYPE_INTERNAL_TRACK == 32 &&
nsIContentPolicy::TYPE_INTERNAL_XMLHTTPREQUEST == 33 &&
nsIContentPolicy::TYPE_INTERNAL_EVENTSOURCE == 34 &&
nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER == 35 &&
nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD == 36 &&
nsIContentPolicy::TYPE_INTERNAL_IMAGE == 37 &&
nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD == 38 &&
nsIContentPolicy::TYPE_INTERNAL_STYLESHEET == 39 &&
nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD == 40,
nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER == 35,
"nsContentPolicyType values are as expected");
namespace {

7
dom/fetch/InternalRequest.cpp
View File

@ -116,7 +116,6 @@ InternalRequest::MapContentPolicyTypeToRequestContext(nsContentPolicyType aConte
context = RequestContext::Internal;
break;
case nsIContentPolicy::TYPE_INTERNAL_SCRIPT:
case nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD:
case nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER:
context = RequestContext::Script;
break;
@ -126,12 +125,10 @@ InternalRequest::MapContentPolicyTypeToRequestContext(nsContentPolicyType aConte
case nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER:
context = RequestContext::Sharedworker;
break;
case nsIContentPolicy::TYPE_INTERNAL_IMAGE:
case nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD:
case nsIContentPolicy::TYPE_IMAGE:
context = RequestContext::Image;
break;
case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET:
case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD:
case nsIContentPolicy::TYPE_STYLESHEET:
context = RequestContext::Style;
break;
case nsIContentPolicy::TYPE_INTERNAL_OBJECT:

6
dom/fetch/InternalRequest.h
View File

@ -43,7 +43,7 @@ namespace dom {
* frame | TYPE_INTERNAL_FRAME
* hyperlink |
* iframe | TYPE_INTERNAL_IFRAME
* image | TYPE_INTERNAL_IMAGE, TYPE_INTERNAL_IMAGE_PRELOAD
* image | TYPE_IMAGE
* imageset | TYPE_IMAGESET
* import | Not supported by Gecko
* internal | TYPE_DOCUMENT, TYPE_XBL, TYPE_OTHER
@ -53,10 +53,10 @@ namespace dom {
* ping | TYPE_PING
* plugin | TYPE_OBJECT_SUBREQUEST
* prefetch |
* script | TYPE_INTERNAL_SCRIPT, TYPE_INTERNAL_SCRIPT_PRELOAD
* script | TYPE_INTERNAL_SCRIPT
* sharedworker | TYPE_INTERNAL_SHARED_WORKER
* subresource | Not supported by Gecko
* style | TYPE_INTERNAL_STYLESHEET, TYPE_INTERNAL_STYLESHEET_PRELOAD
* style | TYPE_STYLESHEET
* track | TYPE_INTERNAL_TRACK
* video | TYPE_INTERNAL_VIDEO
* worker | TYPE_INTERNAL_WORKER

2
dom/html/ImageDocument.cpp
View File

@ -99,7 +99,7 @@ ImageListener::OnStartRequest(nsIRequest* request, nsISupports *ctxt)
}
int16_t decision = nsIContentPolicy::ACCEPT;
nsresult rv = NS_CheckContentProcessPolicy(nsIContentPolicy::TYPE_INTERNAL_IMAGE,
nsresult rv = NS_CheckContentProcessPolicy(nsIContentPolicy::TYPE_IMAGE,
channelURI,
channelPrincipal,
domWindow->GetFrameElementInternal(),

2
dom/media/IdpSandbox.jsm
View File

@ -50,7 +50,7 @@ ResourceLoader.load = function(uri, doc) {
// the '2' identifies this as a script load
let ioChannel = ioService.newChannelFromURI2(uri, doc, doc.nodePrincipal,
systemPrincipal, 0,
Ci.nsIContentPolicy.TYPE_INTERNAL_SCRIPT);
Ci.nsIContentPolicy.TYPE_SCRIPT);
ioChannel.loadGroup = doc.documentLoadGroup.QueryInterface(Ci.nsILoadGroup);
ioChannel.notificationCallbacks = new RedirectHttpsOnly();

35
dom/security/nsCSPContext.cpp
View File

@ -115,14 +115,6 @@ nsCSPContext::ShouldLoad(nsContentPolicyType aContentType,
CSPCONTEXTLOG(("nsCSPContext::ShouldLoad, aContentLocation: %s", spec.get()));
}
bool isStyleOrScriptPreLoad =
(aContentType == nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD ||
aContentType == nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD);
// Since we know whether we are dealing with a preload, we have to convert
// the internal policytype ot the external policy type before moving on.
aContentType = nsContentUtils::InternalContentPolicyTypeToExternal(aContentType);
nsresult rv = NS_OK;
// This ShouldLoad function is called from nsCSPService::ShouldLoad,
@ -153,8 +145,29 @@ nsCSPContext::ShouldLoad(nsContentPolicyType aContentType,
return NS_OK;
}
// This may be a load or a preload. If it is a preload, the document will
// not have been fully parsed yet, and aRequestContext will be an
// nsIDOMHTMLDocument rather than the nsIDOMHTMLElement associated with the
// resource. As a result, we cannot extract the element's corresponding
// nonce attribute, and so we cannot correctly check the nonce on a preload.
//
// Therefore, the decision returned here for a preload may be *incorrect* as
// it cannot take the nonce into account. We will still check the load, but
// we will not cache the result or report a violation. When the "real load"
// happens subsequently, we will re-check with the additional context to
// make a final decision.
//
// We don't just return false because that would block all preloads and
// degrade performance. However, we do want to block preloads that are
// clearly blocked (their urls are not whitelisted) by CSP.
nsCOMPtr<nsIDOMHTMLDocument> doc = do_QueryInterface(aRequestContext);
bool isPreload = doc &&
(aContentType == nsIContentPolicy::TYPE_SCRIPT ||
aContentType == nsIContentPolicy::TYPE_STYLESHEET);
nsAutoString nonce;
if (!isStyleOrScriptPreLoad) {
if (!isPreload) {
nsCOMPtr<nsIDOMHTMLElement> htmlElement = do_QueryInterface(aRequestContext);
if (htmlElement) {
rv = htmlElement->GetAttribute(NS_LITERAL_STRING("nonce"), nonce);
@ -171,7 +184,7 @@ nsCSPContext::ShouldLoad(nsContentPolicyType aContentType,
originalURI,
nonce,
wasRedirected,
isStyleOrScriptPreLoad,
isPreload,
false, // allow fallback to default-src
true, // send violation reports
true); // send blocked URI in violation reports
@ -180,7 +193,7 @@ nsCSPContext::ShouldLoad(nsContentPolicyType aContentType,
: nsIContentPolicy::REJECT_SERVER;
// Done looping, cache any relevant result
if (cacheKey.Length() > 0 && !isStyleOrScriptPreLoad) {
if (cacheKey.Length() > 0 && !isPreload) {
mShouldLoadCache.Put(cacheKey, *outDecision);
}

10
dom/security/nsCSPService.cpp
View File

@ -105,9 +105,8 @@ CSPService::ShouldLoad(uint32_t aContentType,
nsIPrincipal *aRequestPrincipal,
int16_t *aDecision)
{
MOZ_ASSERT(aContentType ==
nsContentUtils::InternalContentPolicyTypeToExternalOrPreload(aContentType),
"We should only see external content policy types or preloads here.");
MOZ_ASSERT(aContentType == nsContentUtils::InternalContentPolicyTypeToExternal(aContentType),
"We should only see external content policy types here.");
if (!aContentLocation) {
return NS_ERROR_FAILURE;
@ -252,9 +251,8 @@ CSPService::ShouldProcess(uint32_t aContentType,
nsIPrincipal *aRequestPrincipal,
int16_t *aDecision)
{
MOZ_ASSERT(aContentType ==
nsContentUtils::InternalContentPolicyTypeToExternalOrPreload(aContentType),
"We should only see external content policy types or preloads here.");
MOZ_ASSERT(aContentType == nsContentUtils::InternalContentPolicyTypeToExternal(aContentType),
"We should only see external content policy types here.");
if (!aContentLocation)
return NS_ERROR_FAILURE;

1
dom/security/test/csp/file_report_for_import.css vendored
View File

@ -1 +0,0 @@
@import url("http://example.com/tests/dom/security/test/csp/file_report_for_import_server.sjs?stylesheet");

10
dom/security/test/csp/file_report_for_import.html
View File

@ -1,10 +0,0 @@
<!DOCTYPE HTML>
<html>
<head>
<title>Bug 1048048 - Test sending csp-report when using import in css</title>
<link rel="stylesheet" type="text/css" href="file_report_for_import.css">
</head>
<body>
empty body, just testing @import in the included css for bug 1048048
</body>
</html>

49
dom/security/test/csp/file_report_for_import_server.sjs
View File

@ -1,49 +0,0 @@
// Custom *.sjs file specifically for the needs of Bug:
// Bug 1048048 - CSP violation report not sent for @import
const CC = Components.Constructor;
const BinaryInputStream = CC("@mozilla.org/binaryinputstream;1",
"nsIBinaryInputStream",
"setInputStream");
function handleRequest(request, response)
{
// avoid confusing cache behaviors
response.setHeader("Cache-Control", "no-cache", false);
response.setHeader("Content-Type", "text/html", false);
var queryString = request.queryString;
// (1) lets process the queryresult request async and
// wait till we have received the image request.
if (queryString === "queryresult") {
response.processAsync();
setObjectState("queryResult", response);
return;
}
// (2) handle the csp-report and return the JSON back to
// the testfile using the afore stored xml request in (1).
if (queryString === "report") {
getObjectState("queryResult", function(queryResponse) {
if (!queryResponse) {
return;
}
// send the report back to the XML request for verification
var report = new BinaryInputStream(request.bodyInputStream);
var avail;
var bytes = [];
while ((avail = report.available()) > 0) {
Array.prototype.push.apply(bytes, report.readByteArray(avail));
}
var data = String.fromCharCode.apply(null, bytes);
queryResponse.bodyOutputStream.write(data, data.length);
queryResponse.finish();
});
return;
}
// we should not get here ever, but just in case return
// something unexpected.
response.write("doh!");
}

4
dom/security/test/csp/mochitest.ini
View File

@ -127,9 +127,6 @@ support-files =
file_upgrade_insecure_referrer_server.sjs
file_upgrade_insecure_cors.html
file_upgrade_insecure_cors_server.sjs
file_report_for_import.css
file_report_for_import.html
file_report_for_import_server.sjs
[test_base-uri.html]
[test_blob_data_schemes.html]
@ -194,6 +191,5 @@ skip-if = buildapp == 'b2g' || buildapp == 'mulet' || toolkit == 'gonk' || toolk
skip-if = buildapp == 'b2g' || buildapp == 'mulet' || toolkit == 'gonk' || toolkit == 'android'
[test_upgrade_insecure_cors.html]
skip-if = buildapp == 'b2g' || buildapp == 'mulet' || toolkit == 'gonk' || toolkit == 'android'
[test_report_for_import.html]
[test_blocked_uri_in_reports.html]
skip-if = e10s || buildapp == 'b2g' # http-on-opening-request observer not supported in child process (bug 1009632)

112
dom/security/test/csp/test_report_for_import.html
View File

@ -1,112 +0,0 @@
<!DOCTYPE HTML>
<html>
<!--
https://bugzilla.mozilla.org/show_bug.cgi?id=548193
-->
<head>
<title>Test for Bug 548193</title>
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>
<p id="display"></p>
<div id="content" style="display: none">
</div>
<iframe style="width:200px;height:200px;" id='cspframe'></iframe>
<script class="testbody" type="text/javascript">
/*
* Description of the test:
* We are loading a stylesheet using a csp policy that only allows styles from 'self'
* to be loaded. In other words, the *.css file itself should be allowed to load, but
* the @import file within the CSS should get blocked. We verify that the generated
* csp-report is sent and contains all the expected values.
* In detail, the test starts by sending an XHR request to the report-server
* which waits on the server side till the report was received and hands the
* report in JSON format back to the testfile which then verifies accuracy
* of all the different report fields in the CSP report.
*/
const TEST_FILE = "tests/dom/security/test/csp/file_report_for_import.html";
const REPORT_URI =
"http://mochi.test:8888/tests/dom/security/test/csp/file_report_for_import_server.sjs?report";
const POLICY = "style-src 'self'; report-uri " + REPORT_URI;
const DOC_URI =
"http://mochi.test:8888/tests/dom/security/test/csp/file_testserver.sjs?" +
"file=tests/dom/security/test/csp/file_report_for_import.html&" +
"csp=style-src%20%27self%27%3B%20" +
"report-uri%20http%3A//mochi.test%3A8888/tests/dom/security/test/csp/" +
"file_report_for_import_server.sjs%3Freport";
function checkResults(reportStr) {
try {
var reportObj = JSON.parse(reportStr);
var cspReport = reportObj["csp-report"];
is(cspReport["document-uri"], DOC_URI, "Incorrect document-uri");
is(cspReport["referrer"],
"http://mochi.test:8888/tests/dom/security/test/csp/test_report_for_import.html",
"Incorrect referrer");
is(cspReport["violated-directive"],
"style-src http://mochi.test:8888",
"Incorrect violated-directive");
is(cspReport["original-policy"],
"style-src http://mochi.test:8888; report-uri " +
"http://mochi.test:8888/tests/dom/security/test/csp/file_report_for_import_server.sjs?report",
"Incorrect original-policy");
is(cspReport["blocked-uri"],
"http://example.com/tests/dom/security/test/csp/file_report_for_import_server.sjs?stylesheet",
"Incorrect blocked-uri");
// we do not always set the following fields
is(cspReport["source-file"], undefined, "Incorrect source-file");
is(cspReport["script-sample"], undefined, "Incorrect script-sample");
is(cspReport["line-number"], undefined, "Incorrect line-number");
}
catch (e) {
ok(false, "Could not parse JSON (exception: " + e + ")");
}
}
function loadTestPageIntoFrame() {
// load the resource which will generate a CSP violation report
// save this for last so that our listeners are registered.
var src = "file_testserver.sjs";
// append the file that should be served
src += "?file=" + escape(TEST_FILE);
// append the CSP that should be used to serve the file
src += "&csp=" + escape(POLICY);
// appending a fragment so we can test that it's correctly stripped
// for document-uri and source-file.
src += "#foo";
document.getElementById("cspframe").src = src;
}
function runTest() {
// send an xhr request to the server which is processed async, which only
// returns after the server has received the csp report.
var myXHR = new XMLHttpRequest();
myXHR.open("GET", "file_report_for_import_server.sjs?queryresult");
myXHR.onload = function(e) {
checkResults(myXHR.responseText);
SimpleTest.finish();
}
myXHR.onerror = function(e) {
ok(false, "could not query results from server (" + e.message + ")");
SimpleTest.finish();
}
myXHR.send();
// give it some time and run the testpage
SimpleTest.executeSoon(loadTestPageIntoFrame);
}
SimpleTest.waitForExplicitFinish();
runTest();
</script>
</pre>
</body>
</html>

4
dom/workers/ServiceWorkerScriptCache.cpp
View File

@ -111,12 +111,12 @@ public:
}
// Note that because there is no "serviceworker" RequestContext type, we can
// use the TYPE_INTERNAL_SCRIPT content policy types when loading a service
// use the external TYPE_SCRIPT content policy types when loading a service
// worker.
rv = NS_NewChannel(getter_AddRefs(mChannel),
uri, aPrincipal,
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_INTERNAL_SCRIPT,
nsIContentPolicy::TYPE_SCRIPT,
loadGroup);
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;

2
dom/xbl/nsXBLResourceLoader.cpp
View File

@ -151,7 +151,7 @@ nsXBLResourceLoader::LoadResources(bool* aResult)
}
else
{
rv = cssLoader->LoadSheet(url, false, docPrincipal, EmptyCString(), this);
rv = cssLoader->LoadSheet(url, docPrincipal, EmptyCString(), this);
if (NS_SUCCEEDED(rv))
++mPendingSheets;
}

6
dom/xslt/xslt/txMozillaStylesheetCompiler.cpp
View File

@ -424,7 +424,7 @@ txCompileObserver::loadURI(const nsAString& aUri,
// Content Policy
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_INTERNAL_STYLESHEET,
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_STYLESHEET,
uri,
referrerPrincipal,
mLoaderDocument,
@ -524,7 +524,7 @@ TX_LoadSheet(nsIURI* aUri, txMozillaXSLTProcessor* aProcessor,
// Content Policy
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
nsresult rv =
NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_INTERNAL_STYLESHEET,
NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_STYLESHEET,
aUri,
principal,
aLoaderDocument,
@ -666,7 +666,7 @@ txSyncCompileObserver::loadURI(const nsAString& aUri,
// Content Policy
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_INTERNAL_STYLESHEET,
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_STYLESHEET,
uri,
referrerPrincipal,
nullptr,

3
dom/xul/XULDocument.cpp
View File

@ -3250,8 +3250,7 @@ XULDocument::LoadScript(nsXULPrototypeScript* aScriptProto, bool* aBlock)
this,
static_cast<nsIDocument*>(this),
aScriptProto->mSrcURI,
NS_LITERAL_STRING("application/x-javascript"),
false);
NS_LITERAL_STRING("application/x-javascript"));
if (NS_FAILED(rv)) {
*aBlock = false;
return rv;

2
editor/libeditor/nsHTMLEditor.cpp
View File

@ -2791,7 +2791,7 @@ nsHTMLEditor::ReplaceStyleSheet(const nsAString& aURL)
NS_ENSURE_SUCCESS(rv, rv);
return ps->GetDocument()->CSSLoader()->
LoadSheet(uaURI, false, nullptr, EmptyCString(), this);
LoadSheet(uaURI, nullptr, EmptyCString(), this);
}
NS_IMETHODIMP

2
embedding/browser/nsContextMenuInfo.cpp
View File

@ -294,7 +294,7 @@ nsContextMenuInfo::GetBackgroundImageRequestInternal(nsIDOMNode* aDOMNode,
return il->LoadImage(bgUri, nullptr, nullptr,
doc->GetReferrerPolicy(), principal, nullptr,
nullptr, nullptr, nsIRequest::LOAD_NORMAL,
nullptr, nsIContentPolicy::TYPE_INTERNAL_IMAGE,
nullptr, nsIContentPolicy::TYPE_IMAGE,
EmptyString(), aRequest);
}
}

4
image/imgLoader.cpp
View File

@ -618,7 +618,7 @@ ShouldLoadCachedImage(imgRequest* aImgRequest,
nsresult rv;
int16_t decision = nsIContentPolicy::REJECT_REQUEST;
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_INTERNAL_IMAGE,
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_IMAGE,
contentLocation,
aLoadingPrincipal,
aLoadingContext,
@ -1981,7 +1981,7 @@ imgLoader::LoadImageXPCOM(nsIURI* aURI,
{
// Optional parameter, so defaults to 0 (== TYPE_INVALID)
if (!aContentPolicyType) {
aContentPolicyType = nsIContentPolicy::TYPE_INTERNAL_IMAGE;
aContentPolicyType = nsIContentPolicy::TYPE_IMAGE;
}
imgRequestProxy* proxy;
ReferrerPolicy refpol = ReferrerPolicyFromString(aReferrerPolicy);

2
layout/generic/nsImageFrame.cpp
View File

@ -2204,7 +2204,7 @@ nsImageFrame::LoadIcon(const nsAString& aSpec,
// For icon loads, we don't need to merge with the loadgroup flags
nsLoadFlags loadFlags = nsIRequest::LOAD_NORMAL;
nsContentPolicyType contentPolicyType = nsIContentPolicy::TYPE_INTERNAL_IMAGE;
nsContentPolicyType contentPolicyType = nsIContentPolicy::TYPE_IMAGE;
return il->LoadImage(realURI, /* icon URI */
nullptr, /* initial document URI; this is only

46
layout/style/Loader.cpp
View File

@ -607,7 +607,7 @@ Loader::SetPreferredSheet(const nsAString& aTitle)
mDatasToNotifyOn += arr.Length();
for (uint32_t i = 0; i < arr.Length(); ++i) {
--mDatasToNotifyOn;
LoadSheet(arr[i], eSheetNeedsParser, false);
LoadSheet(arr[i], eSheetNeedsParser);
}
}
@ -1025,8 +1025,7 @@ Loader::ObsoleteSheet(nsIURI* aURI)
nsresult
Loader::CheckLoadAllowed(nsIPrincipal* aSourcePrincipal,
nsIURI* aTargetURI,
nsISupports* aContext,
bool aIsPreload)
nsISupports* aContext)
{
LOG(("css::Loader::CheckLoadAllowed"));
@ -1045,12 +1044,9 @@ Loader::CheckLoadAllowed(nsIPrincipal* aSourcePrincipal,
LOG((" Passed security check"));
// Check with content policy
nsContentPolicyType contentPolicyType =
aIsPreload ? nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD
: nsIContentPolicy::TYPE_INTERNAL_STYLESHEET;
int16_t shouldLoad = nsIContentPolicy::ACCEPT;
rv = NS_CheckContentLoadPolicy(contentPolicyType,
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_STYLESHEET,
aTargetURI,
aSourcePrincipal,
aContext,
@ -1415,9 +1411,7 @@ Loader::InsertChildSheet(CSSStyleSheet* aSheet,
* a new load is kicked off asynchronously.
*/
nsresult
Loader::LoadSheet(SheetLoadData* aLoadData,
StyleSheetState aSheetState,
bool aIsPreload)
Loader::LoadSheet(SheetLoadData* aLoadData, StyleSheetState aSheetState)
{
LOG(("css::Loader::LoadSheet"));
NS_PRECONDITION(aLoadData, "Need a load data");
@ -1567,7 +1561,7 @@ Loader::LoadSheet(SheetLoadData* aLoadData,
mSheets->mPendingDatas.Remove(&key);
LOG((" Forcing load of pending data"));
return LoadSheet(existingData, eSheetNeedsParser, aIsPreload);
return LoadSheet(existingData, eSheetNeedsParser);
}
// All done here; once the load completes we'll be marked complete
// automatically
@ -1589,10 +1583,6 @@ Loader::LoadSheet(SheetLoadData* aLoadData,
securityFlags |= nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
}
nsContentPolicyType contentPolicyType =
aIsPreload ? nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD
: nsIContentPolicy::TYPE_INTERNAL_STYLESHEET;
nsCOMPtr<nsIChannel> channel;
// Note we are calling NS_NewChannelWithTriggeringPrincipal here with a node
// and a principal. This is because of a case where the node is the document
@ -1604,7 +1594,7 @@ Loader::LoadSheet(SheetLoadData* aLoadData,
aLoadData->mRequestingNode,
triggeringPrincipal,
securityFlags,
contentPolicyType,
nsIContentPolicy::TYPE_STYLESHEET,
loadGroup,
nullptr, // aCallbacks
nsIChannel::LOAD_NORMAL |
@ -1620,7 +1610,7 @@ Loader::LoadSheet(SheetLoadData* aLoadData,
aLoadData->mURI,
triggeringPrincipal,
securityFlags,
contentPolicyType,
nsIContentPolicy::TYPE_STYLESHEET,
loadGroup,
nullptr, // aCallbacks
nsIChannel::LOAD_NORMAL |
@ -2054,7 +2044,7 @@ Loader::LoadStyleLink(nsIContent* aElement,
if (!context) {
context = mDocument;
}
nsresult rv = CheckLoadAllowed(principal, aURL, context, false);
nsresult rv = CheckLoadAllowed(principal, aURL, context);
if (NS_FAILED(rv)) return rv;
LOG((" Passed load check"));
@ -2110,7 +2100,7 @@ Loader::LoadStyleLink(nsIContent* aElement,
}
// Load completion will free the data
rv = LoadSheet(data, state, false);
rv = LoadSheet(data, state);
NS_ENSURE_SUCCESS(rv, rv);
data->mMustNotify = true;
@ -2188,7 +2178,7 @@ Loader::LoadChildSheet(CSSStyleSheet* aParentSheet,
}
nsIPrincipal* principal = aParentSheet->Principal();
nsresult rv = CheckLoadAllowed(principal, aURL, context, false);
nsresult rv = CheckLoadAllowed(principal, aURL, context);
if (NS_FAILED(rv)) return rv;
LOG((" Passed load check"));
@ -2252,7 +2242,7 @@ Loader::LoadChildSheet(CSSStyleSheet* aParentSheet,
bool syncLoad = data->mSyncLoad;
// Load completion will release the data
rv = LoadSheet(data, state, false);
rv = LoadSheet(data, state);
NS_ENSURE_SUCCESS(rv, rv);
// If syncLoad is true, |data| will be deleted by now.
@ -2268,7 +2258,7 @@ Loader::LoadSheetSync(nsIURI* aURL, bool aAllowUnsafeRules,
CSSStyleSheet** aSheet)
{
LOG(("css::Loader::LoadSheetSync"));
return InternalLoadNonDocumentSheet(aURL, false, aAllowUnsafeRules,
return InternalLoadNonDocumentSheet(aURL, aAllowUnsafeRules,
aUseSystemPrincipal, nullptr,
EmptyCString(), aSheet, nullptr);
}
@ -2282,14 +2272,13 @@ Loader::LoadSheet(nsIURI* aURL,
{
LOG(("css::Loader::LoadSheet(aURL, aObserver, aSheet) api call"));
NS_PRECONDITION(aSheet, "aSheet is null");
return InternalLoadNonDocumentSheet(aURL, false, false, false,
return InternalLoadNonDocumentSheet(aURL, false, false,
aOriginPrincipal, aCharset,
aSheet, aObserver);
}
nsresult
Loader::LoadSheet(nsIURI* aURL,
bool aIsPreload,
nsIPrincipal* aOriginPrincipal,
const nsCString& aCharset,
nsICSSLoaderObserver* aObserver,
@ -2298,7 +2287,7 @@ Loader::LoadSheet(nsIURI* aURL,
const nsAString& aIntegrity)
{
LOG(("css::Loader::LoadSheet(aURL, aObserver) api call"));
return InternalLoadNonDocumentSheet(aURL, aIsPreload, false, false,
return InternalLoadNonDocumentSheet(aURL, false, false,
aOriginPrincipal, aCharset,
nullptr, aObserver, aCORSMode,
aReferrerPolicy, aIntegrity);
@ -2306,7 +2295,6 @@ Loader::LoadSheet(nsIURI* aURL,
nsresult
Loader::InternalLoadNonDocumentSheet(nsIURI* aURL,
bool aIsPreload,
bool aAllowUnsafeRules,
bool aUseSystemPrincipal,
nsIPrincipal* aOriginPrincipal,
@ -2334,7 +2322,7 @@ Loader::InternalLoadNonDocumentSheet(nsIURI* aURL,
return NS_ERROR_NOT_AVAILABLE;
}
nsresult rv = CheckLoadAllowed(aOriginPrincipal, aURL, mDocument, aIsPreload);
nsresult rv = CheckLoadAllowed(aOriginPrincipal, aURL, mDocument);
if (NS_FAILED(rv)) {
return rv;
}
@ -2369,7 +2357,7 @@ Loader::InternalLoadNonDocumentSheet(nsIURI* aURL,
aOriginPrincipal, mDocument);
NS_ADDREF(data);
rv = LoadSheet(data, state, aIsPreload);
rv = LoadSheet(data, state);
NS_ENSURE_SUCCESS(rv, rv);
if (aSheet) {
@ -2561,7 +2549,7 @@ Loader::StartAlternateLoads()
mDatasToNotifyOn += arr.Length();
for (uint32_t i = 0; i < arr.Length(); ++i) {
--mDatasToNotifyOn;
LoadSheet(arr[i], eSheetNeedsParser, false);
LoadSheet(arr[i], eSheetNeedsParser);
}
}

11
layout/style/Loader.h
View File

@ -317,7 +317,6 @@ public:
* not-yet-loaded sheet.
*/
nsresult LoadSheet(nsIURI* aURL,
bool aIsPreload,
nsIPrincipal* aOriginPrincipal,
const nsCString& aCharset,
nsICSSLoaderObserver* aObserver,
@ -406,12 +405,9 @@ private:
// Note: null aSourcePrincipal indicates that the content policy and
// CheckLoadURI checks should be skipped.
// aIsPreload indicates whether the html parser preloads that
// stylesheet or if it is a regular load.
nsresult CheckLoadAllowed(nsIPrincipal* aSourcePrincipal,
nsIURI* aTargetURI,
nsISupports* aContext,
bool aIsPreload);
nsISupports* aContext);
// For inline style, the aURI param is null, but the aLinkingContent
@ -450,7 +446,6 @@ private:
ImportRule* aParentRule);
nsresult InternalLoadNonDocumentSheet(nsIURI* aURL,
bool aIsPreload,
bool aAllowUnsafeRules,
bool aUseSystemPrincipal,
nsIPrincipal* aOriginPrincipal,
@ -482,9 +477,7 @@ private:
// Note: LoadSheet is responsible for releasing aLoadData and setting the
// sheet to complete on failure.
nsresult LoadSheet(SheetLoadData* aLoadData,
StyleSheetState aSheetState,
bool aIsPreLoad);
nsresult LoadSheet(SheetLoadData* aLoadData, StyleSheetState aSheetState);
// Parse the stylesheet in aLoadData. The sheet data comes from aInput.
// Set aCompleted to true if the parse finished, false otherwise (e.g. if the

5
testing/web-platform/meta/content-security-policy/style-src/style-src-3_4.html.ini Normal file
View File

@ -0,0 +1,5 @@
[style-src-3_4.html]
type: testharness
[Violation report status OK.]
expected: FAIL

2
toolkit/components/places/AsyncFaviconHelpers.cpp
View File

@ -532,7 +532,7 @@ AsyncFetchAndSetIconFromNetwork::Run()
iconURI,
nsContentUtils::GetSystemPrincipal(),
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_INTERNAL_IMAGE);
nsIContentPolicy::TYPE_IMAGE);
NS_ENSURE_SUCCESS(rv, rv);
nsCOMPtr<nsIInterfaceRequestor> listenerRequestor =

2
toolkit/components/places/nsAnnoProtocolHandler.cpp
View File

@ -53,7 +53,7 @@ GetDefaultIcon(nsIChannel **aChannel)
defaultIconURI,
nsContentUtils::GetSystemPrincipal(),
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_INTERNAL_IMAGE);
nsIContentPolicy::TYPE_IMAGE);
}
////////////////////////////////////////////////////////////////////////////////

2
toolkit/components/places/nsFaviconService.cpp
View File

@ -330,7 +330,7 @@ nsFaviconService::ReplaceFaviconDataFromDataURL(nsIURI* aFaviconURI,
nullptr, // aTriggeringPrincipal
nullptr, // aLoadingNode
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_INTERNAL_IMAGE);
nsIContentPolicy::TYPE_IMAGE);
nsCOMPtr<nsIChannel> channel;
rv = protocolHandler->NewChannel2(dataURI, loadInfo, getter_AddRefs(channel));

2
toolkit/components/places/tests/browser/browser_favicon_setAndFetchFaviconForPage.js
View File

@ -33,7 +33,7 @@ function test() {
NetUtil.asyncFetch({
uri: favIconLocation,
loadUsingSystemPrincipal: true,
contentPolicyType: Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE
contentPolicyType: Ci.nsIContentPolicy.TYPE_IMAGE
}, function(inputStream, status) {
if (!Components.isSuccessCode(status)) {
ok(false, "Could not get the icon file");

6
toolkit/components/places/tests/favicons/test_moz-anno_favicon_mime_type.js
View File

@ -63,7 +63,7 @@ function run_test()
Services.scriptSecurityManager.getSystemPrincipal(),
null, // aTriggeringPrincipal
Ci.nsILoadInfo.SEC_NORMAL,
Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE);
Ci.nsIContentPolicy.TYPE_IMAGE);
channel.asyncOpen(new streamListener("image/png"), null);
do_test_pending();
@ -76,7 +76,7 @@ function run_test()
Services.scriptSecurityManager.getSystemPrincipal(),
null, // aTriggeringPrincipal
Ci.nsILoadInfo.SEC_NORMAL,
Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE);
Ci.nsIContentPolicy.TYPE_IMAGE);
channel.asyncOpen(new streamListener("image/png"), null);
do_test_pending();
@ -94,7 +94,7 @@ function run_test()
Services.scriptSecurityManager.getSystemPrincipal(),
null, // aTriggeringPrincipal
Ci.nsILoadInfo.SEC_NORMAL,
Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE);
Ci.nsIContentPolicy.TYPE_IMAGE);
channel.asyncOpen(new streamListener("image/png"), null);
do_test_pending();
}

2
toolkit/components/search/nsSearchService.js
View File

@ -2081,7 +2081,7 @@ Engine.prototype = {
Services.scriptSecurityManager.getSystemPrincipal(),
null, // aTriggeringPrincipal
Ci.nsILoadInfo.SEC_NORMAL,
Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE);
Ci.nsIContentPolicy.TYPE_IMAGE);
let iconLoadCallback = function (aByteArray, aEngine) {
// This callback may run after we've already set a preferred icon,

2
toolkit/devtools/gcli/commands/screenshot.js
View File

@ -357,7 +357,7 @@ function saveToClipboard(context, reply) {
Services.scriptSecurityManager.getSystemPrincipal(),
null, // aTriggeringPrincipal
Ci.nsILoadInfo.SEC_NORMAL,
Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE);
Ci.nsIContentPolicy.TYPE_IMAGE);
const input = channel.open();
const imgTools = Cc["@mozilla.org/image/tools;1"]
.getService(Ci.imgITools);

2
toolkit/devtools/server/actors/styleeditor.js
View File

@ -455,7 +455,7 @@ var OldStyleSheetActor = protocol.ActorClass({
}
let options = {
policy: Ci.nsIContentPolicy.TYPE_INTERNAL_STYLESHEET,
policy: Ci.nsIContentPolicy.TYPE_STYLESHEET,
window: this.window,
charset: this._getCSSCharset()
};

6
toolkit/devtools/server/actors/stylesheets.js
View File

@ -606,7 +606,7 @@ var StyleSheetActor = protocol.ActorClass({
let options = {
loadFromCache: true,
policy: Ci.nsIContentPolicy.TYPE_INTERNAL_STYLESHEET,
policy: Ci.nsIContentPolicy.TYPE_STYLESHEET,
window: this.window,
charset: this._getCSSCharset()
};
@ -692,7 +692,7 @@ var StyleSheetActor = protocol.ActorClass({
url = normalize(url, this.href);
let options = {
loadFromCache: false,
policy: Ci.nsIContentPolicy.TYPE_INTERNAL_STYLESHEET,
policy: Ci.nsIContentPolicy.TYPE_STYLESHEET,
window: this.window
};
let map = fetch(url, options)
@ -1020,7 +1020,7 @@ var OriginalSourceActor = protocol.ActorClass({
return promise.resolve(content);
}
let options = {
policy: Ci.nsIContentPolicy.TYPE_INTERNAL_STYLESHEET,
policy: Ci.nsIContentPolicy.TYPE_STYLESHEET,
window: this.window
};
return fetch(this.url, options).then(({content}) => {

2
toolkit/mozapps/extensions/internal/LightweightThemeImageOptimizer.jsm
View File

@ -119,7 +119,7 @@ var ImageFile = {
this._netUtil.asyncFetch({
uri: aURI,
loadUsingSystemPrincipal: true,
contentPolicyType: Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE
contentPolicyType: Ci.nsIContentPolicy.TYPE_IMAGE
}, function read_asyncFetch(aInputStream, aStatus, aRequest) {
if (Components.isSuccessCode(aStatus) && aRequest instanceof Ci.nsIChannel) {
let channel = aRequest.QueryInterface(Ci.nsIChannel);

2
toolkit/webapps/NativeApp.jsm
View File

@ -464,7 +464,7 @@ function downloadIcon(aIconURI) {
let channel = NetUtil.newChannel({
uri: aIconURI,
loadingPrincipal: principal,
contentPolicyType: Ci.nsIContentPolicy.TYPE_INTERNAL_IMAGE});
contentPolicyType: Ci.nsIContentPolicy.TYPE_IMAGE});
let { BadCertHandler } = Cu.import("resource://gre/modules/CertUtils.jsm", {});
// Pass true to avoid optional redirect-cert-checking behavior.
channel.notificationCallbacks = new BadCertHandler(true);

2
widget/cocoa/OSXNotificationCenter.mm
View File

@ -250,7 +250,7 @@ OSXNotificationCenter::ShowAlertNotification(const nsAString & aImageUrl, const
this, nullptr,
aInPrivateBrowsing ? nsIRequest::LOAD_ANONYMOUS :
nsIRequest::LOAD_NORMAL,
nullptr, nsIContentPolicy::TYPE_INTERNAL_IMAGE,
nullptr, nsIContentPolicy::TYPE_IMAGE,
EmptyString(),
getter_AddRefs(osxni->mIconRequest));
if (NS_SUCCEEDED(rv)) {

2
widget/cocoa/nsMenuItemIconX.mm
View File

@ -310,7 +310,7 @@ nsMenuItemIconX::LoadIcon(nsIURI* aIconURI)
mozilla::net::RP_Default,
nullptr, loadGroup, this,
nullptr, nsIRequest::LOAD_NORMAL, nullptr,
nsIContentPolicy::TYPE_INTERNAL_IMAGE, EmptyString(),
nsIContentPolicy::TYPE_IMAGE, EmptyString(),
getter_AddRefs(mIconRequest));
if (NS_FAILED(rv)) return rv;

2
widget/windows/WinUtils.cpp
View File

@ -1108,7 +1108,7 @@ nsresult AsyncFaviconDataReady::OnFaviconDataNotAvailable(void)
mozIconURI,
nsContentUtils::GetSystemPrincipal(),
nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL,
nsIContentPolicy::TYPE_INTERNAL_IMAGE);
nsIContentPolicy::TYPE_IMAGE);
NS_ENSURE_SUCCESS(rv, rv);