mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-06 09:05:45 +00:00
66b8827044
--HG-- rename : dom/base/test/TestCSPParser.cpp => dom/security/test/TestCSPParser.cpp rename : dom/base/test/csp/browser.ini => dom/security/test/csp/browser.ini rename : dom/base/test/csp/browser_test_web_manifest.js => dom/security/test/csp/browser_test_web_manifest.js rename : dom/base/test/csp/browser_test_web_manifest_mixed_content.js => dom/security/test/csp/browser_test_web_manifest_mixed_content.js rename : dom/base/test/csp/chrome.ini => dom/security/test/csp/chrome.ini rename : dom/base/test/csp/file_CSP.css => dom/security/test/csp/file_CSP.css rename : dom/base/test/csp/file_CSP.sjs => dom/security/test/csp/file_CSP.sjs rename : dom/base/test/csp/file_csp_allow_https_schemes.html => dom/security/test/csp/file_allow_https_schemes.html rename : dom/base/test/csp/file_base-uri.html => dom/security/test/csp/file_base-uri.html rename : dom/base/test/csp/file_blob_data_schemes.html => dom/security/test/csp/file_blob_data_schemes.html rename : dom/base/test/csp/file_CSP_bug663567.xsl => dom/security/test/csp/file_bug663567.xsl rename : dom/base/test/csp/file_CSP_bug663567_allows.xml => dom/security/test/csp/file_bug663567_allows.xml rename : dom/base/test/csp/file_CSP_bug663567_allows.xml^headers^ => dom/security/test/csp/file_bug663567_allows.xml^headers^ rename : dom/base/test/csp/file_CSP_bug663567_blocks.xml => dom/security/test/csp/file_bug663567_blocks.xml rename : dom/base/test/csp/file_CSP_bug663567_blocks.xml^headers^ => dom/security/test/csp/file_bug663567_blocks.xml^headers^ rename : dom/base/test/csp/file_csp_bug768029.html => dom/security/test/csp/file_bug768029.html rename : dom/base/test/csp/file_csp_bug768029.sjs => dom/security/test/csp/file_bug768029.sjs rename : dom/base/test/csp/file_csp_bug773891.html => dom/security/test/csp/file_bug773891.html rename : dom/base/test/csp/file_csp_bug773891.sjs => dom/security/test/csp/file_bug773891.sjs rename : dom/base/test/csp/file_CSP_bug802872.html => dom/security/test/csp/file_bug802872.html rename : dom/base/test/csp/file_CSP_bug802872.html^headers^ => dom/security/test/csp/file_bug802872.html^headers^ rename : dom/base/test/csp/file_CSP_bug802872.js => dom/security/test/csp/file_bug802872.js rename : dom/base/test/csp/file_CSP_bug802872.sjs => dom/security/test/csp/file_bug802872.sjs rename : dom/base/test/csp/file_bug836922_npolicies.html => dom/security/test/csp/file_bug836922_npolicies.html rename : dom/base/test/csp/file_bug836922_npolicies.html^headers^ => dom/security/test/csp/file_bug836922_npolicies.html^headers^ rename : dom/base/test/csp/file_bug836922_npolicies_ro_violation.sjs => dom/security/test/csp/file_bug836922_npolicies_ro_violation.sjs rename : dom/base/test/csp/file_bug836922_npolicies_violation.sjs => dom/security/test/csp/file_bug836922_npolicies_violation.sjs rename : dom/base/test/csp/file_CSP_bug885433_allows.html => dom/security/test/csp/file_bug885433_allows.html rename : dom/base/test/csp/file_CSP_bug885433_allows.html^headers^ => dom/security/test/csp/file_bug885433_allows.html^headers^ rename : dom/base/test/csp/file_CSP_bug885433_blocks.html => dom/security/test/csp/file_bug885433_blocks.html rename : dom/base/test/csp/file_CSP_bug885433_blocks.html^headers^ => dom/security/test/csp/file_bug885433_blocks.html^headers^ rename : dom/base/test/csp/file_bug886164.html => dom/security/test/csp/file_bug886164.html rename : dom/base/test/csp/file_bug886164.html^headers^ => dom/security/test/csp/file_bug886164.html^headers^ rename : dom/base/test/csp/file_bug886164_2.html => dom/security/test/csp/file_bug886164_2.html rename : dom/base/test/csp/file_bug886164_2.html^headers^ => dom/security/test/csp/file_bug886164_2.html^headers^ rename : dom/base/test/csp/file_bug886164_3.html => dom/security/test/csp/file_bug886164_3.html rename : dom/base/test/csp/file_bug886164_3.html^headers^ => dom/security/test/csp/file_bug886164_3.html^headers^ rename : dom/base/test/csp/file_bug886164_4.html => dom/security/test/csp/file_bug886164_4.html rename : dom/base/test/csp/file_bug886164_4.html^headers^ => dom/security/test/csp/file_bug886164_4.html^headers^ rename : dom/base/test/csp/file_bug886164_5.html => dom/security/test/csp/file_bug886164_5.html rename : dom/base/test/csp/file_bug886164_5.html^headers^ => dom/security/test/csp/file_bug886164_5.html^headers^ rename : dom/base/test/csp/file_bug886164_6.html => dom/security/test/csp/file_bug886164_6.html rename : dom/base/test/csp/file_bug886164_6.html^headers^ => dom/security/test/csp/file_bug886164_6.html^headers^ rename : dom/base/test/csp/file_CSP_bug888172.html => dom/security/test/csp/file_bug888172.html rename : dom/base/test/csp/file_CSP_bug888172.sjs => dom/security/test/csp/file_bug888172.sjs rename : dom/base/test/csp/file_CSP_bug909029_none.html => dom/security/test/csp/file_bug909029_none.html rename : dom/base/test/csp/file_CSP_bug909029_none.html^headers^ => dom/security/test/csp/file_bug909029_none.html^headers^ rename : dom/base/test/csp/file_CSP_bug909029_star.html => dom/security/test/csp/file_bug909029_star.html rename : dom/base/test/csp/file_CSP_bug909029_star.html^headers^ => dom/security/test/csp/file_bug909029_star.html^headers^ rename : dom/base/test/csp/file_CSP_bug910139.sjs => dom/security/test/csp/file_bug910139.sjs rename : dom/base/test/csp/file_CSP_bug910139.xml => dom/security/test/csp/file_bug910139.xml rename : dom/base/test/csp/file_CSP_bug910139.xsl => dom/security/test/csp/file_bug910139.xsl rename : dom/base/test/csp/file_CSP_bug941404.html => dom/security/test/csp/file_bug941404.html rename : dom/base/test/csp/file_CSP_bug941404_xhr.html => dom/security/test/csp/file_bug941404_xhr.html rename : dom/base/test/csp/file_CSP_bug941404_xhr.html^headers^ => dom/security/test/csp/file_bug941404_xhr.html^headers^ rename : dom/base/test/csp/file_connect-src-fetch.html => dom/security/test/csp/file_connect-src-fetch.html rename : dom/base/test/csp/file_connect-src.html => dom/security/test/csp/file_connect-src.html rename : dom/base/test/csp/file_dual_header_testserver.sjs => dom/security/test/csp/file_dual_header_testserver.sjs rename : dom/base/test/csp/file_CSP_evalscript_main.html => dom/security/test/csp/file_evalscript_main.html rename : dom/base/test/csp/file_CSP_evalscript_main.html^headers^ => dom/security/test/csp/file_evalscript_main.html^headers^ rename : dom/base/test/csp/file_CSP_evalscript_main.js => dom/security/test/csp/file_evalscript_main.js rename : dom/base/test/csp/file_CSP_evalscript_main_allowed.html => dom/security/test/csp/file_evalscript_main_allowed.html rename : dom/base/test/csp/file_CSP_evalscript_main_allowed.html^headers^ => dom/security/test/csp/file_evalscript_main_allowed.html^headers^ rename : dom/base/test/csp/file_CSP_evalscript_main_allowed.js => dom/security/test/csp/file_evalscript_main_allowed.js rename : dom/base/test/csp/file_form-action.html => dom/security/test/csp/file_form-action.html rename : dom/base/test/csp/file_CSP_frameancestors.sjs => dom/security/test/csp/file_frameancestors.sjs rename : dom/base/test/csp/file_CSP_frameancestors_main.html => dom/security/test/csp/file_frameancestors_main.html rename : dom/base/test/csp/file_CSP_frameancestors_main.js => dom/security/test/csp/file_frameancestors_main.js rename : dom/base/test/csp/file_hash_source.html => dom/security/test/csp/file_hash_source.html rename : dom/base/test/csp/file_hash_source.html^headers^ => dom/security/test/csp/file_hash_source.html^headers^ rename : dom/base/test/csp/file_ignore_unsafe_inline.html => dom/security/test/csp/file_ignore_unsafe_inline.html rename : dom/base/test/csp/file_CSP_inlinescript_main.html => dom/security/test/csp/file_inlinescript_main.html rename : dom/base/test/csp/file_CSP_inlinescript_main.html^headers^ => dom/security/test/csp/file_inlinescript_main.html^headers^ rename : dom/base/test/csp/file_CSP_inlinescript_main_allowed.html => dom/security/test/csp/file_inlinescript_main_allowed.html rename : dom/base/test/csp/file_CSP_inlinescript_main_allowed.html^headers^ => dom/security/test/csp/file_inlinescript_main_allowed.html^headers^ rename : dom/base/test/csp/file_CSP_inlinestyle_main.html => dom/security/test/csp/file_inlinestyle_main.html rename : dom/base/test/csp/file_CSP_inlinestyle_main.html^headers^ => dom/security/test/csp/file_inlinestyle_main.html^headers^ rename : dom/base/test/csp/file_CSP_inlinestyle_main_allowed.html => dom/security/test/csp/file_inlinestyle_main_allowed.html rename : dom/base/test/csp/file_CSP_inlinestyle_main_allowed.html^headers^ => dom/security/test/csp/file_inlinestyle_main_allowed.html^headers^ rename : dom/base/test/csp/file_csp_invalid_source_expression.html => dom/security/test/csp/file_invalid_source_expression.html rename : dom/base/test/csp/file_leading_wildcard.html => dom/security/test/csp/file_leading_wildcard.html rename : dom/base/test/csp/file_CSP_main.html => dom/security/test/csp/file_main.html rename : dom/base/test/csp/file_CSP_main.html^headers^ => dom/security/test/csp/file_main.html^headers^ rename : dom/base/test/csp/file_CSP_main.js => dom/security/test/csp/file_main.js rename : dom/base/test/csp/file_multi_policy_injection_bypass.html => dom/security/test/csp/file_multi_policy_injection_bypass.html rename : dom/base/test/csp/file_multi_policy_injection_bypass.html^headers^ => dom/security/test/csp/file_multi_policy_injection_bypass.html^headers^ rename : dom/base/test/csp/file_multi_policy_injection_bypass_2.html => dom/security/test/csp/file_multi_policy_injection_bypass_2.html rename : dom/base/test/csp/file_multi_policy_injection_bypass_2.html^headers^ => dom/security/test/csp/file_multi_policy_injection_bypass_2.html^headers^ rename : dom/base/test/csp/file_nonce_source.html => dom/security/test/csp/file_nonce_source.html rename : dom/base/test/csp/file_nonce_source.html^headers^ => dom/security/test/csp/file_nonce_source.html^headers^ rename : dom/base/test/csp/file_null_baseuri.html => dom/security/test/csp/file_null_baseuri.html rename : dom/base/test/csp/file_csp_path_matching.html => dom/security/test/csp/file_path_matching.html rename : dom/base/test/csp/file_csp_path_matching.js => dom/security/test/csp/file_path_matching.js rename : dom/base/test/csp/file_csp_path_matching_incl_query.html => dom/security/test/csp/file_path_matching_incl_query.html rename : dom/base/test/csp/file_csp_path_matching_redirect.html => dom/security/test/csp/file_path_matching_redirect.html rename : dom/base/test/csp/file_csp_path_matching_redirect_server.sjs => dom/security/test/csp/file_path_matching_redirect_server.sjs rename : dom/base/test/csp/file_policyuri_regression_from_multipolicy.html => dom/security/test/csp/file_policyuri_regression_from_multipolicy.html rename : dom/base/test/csp/file_policyuri_regression_from_multipolicy.html^headers^ => dom/security/test/csp/file_policyuri_regression_from_multipolicy.html^headers^ rename : dom/base/test/csp/file_policyuri_regression_from_multipolicy_policy => dom/security/test/csp/file_policyuri_regression_from_multipolicy_policy rename : dom/base/test/csp/file_redirect_content.sjs => dom/security/test/csp/file_redirect_content.sjs rename : dom/base/test/csp/file_redirect_report.sjs => dom/security/test/csp/file_redirect_report.sjs rename : dom/base/test/csp/file_csp_redirects_main.html => dom/security/test/csp/file_redirects_main.html rename : dom/base/test/csp/file_csp_redirects_page.sjs => dom/security/test/csp/file_redirects_page.sjs rename : dom/base/test/csp/file_csp_redirects_resource.sjs => dom/security/test/csp/file_redirects_resource.sjs rename : dom/base/test/csp/file_csp_referrerdirective.html => dom/security/test/csp/file_referrerdirective.html rename : dom/base/test/csp/file_csp_report.html => dom/security/test/csp/file_report.html rename : dom/base/test/csp/file_report_uri_missing_in_report_only_header.html => dom/security/test/csp/file_report_uri_missing_in_report_only_header.html rename : dom/base/test/csp/file_report_uri_missing_in_report_only_header.html^headers^ => dom/security/test/csp/file_report_uri_missing_in_report_only_header.html^headers^ rename : dom/base/test/csp/file_scheme_relative_sources.js => dom/security/test/csp/file_scheme_relative_sources.js rename : dom/base/test/csp/file_scheme_relative_sources.sjs => dom/security/test/csp/file_scheme_relative_sources.sjs rename : dom/base/test/csp/file_self_none_as_hostname_confusion.html => dom/security/test/csp/file_self_none_as_hostname_confusion.html rename : dom/base/test/csp/file_self_none_as_hostname_confusion.html^headers^ => dom/security/test/csp/file_self_none_as_hostname_confusion.html^headers^ rename : dom/base/test/csp/file_subframe_run_js_if_allowed.html => dom/security/test/csp/file_subframe_run_js_if_allowed.html rename : dom/base/test/csp/file_subframe_run_js_if_allowed.html^headers^ => dom/security/test/csp/file_subframe_run_js_if_allowed.html^headers^ rename : dom/base/test/csp/file_csp_testserver.sjs => dom/security/test/csp/file_testserver.sjs rename : dom/base/test/csp/file_CSP_web_manifest.html => dom/security/test/csp/file_web_manifest.html rename : dom/base/test/csp/file_CSP_web_manifest.json => dom/security/test/csp/file_web_manifest.json rename : dom/base/test/csp/file_CSP_web_manifest.json^headers^ => dom/security/test/csp/file_web_manifest.json^headers^ rename : dom/base/test/csp/file_CSP_web_manifest_https.html => dom/security/test/csp/file_web_manifest_https.html rename : dom/base/test/csp/file_CSP_web_manifest_https.json => dom/security/test/csp/file_web_manifest_https.json rename : dom/base/test/csp/file_CSP_web_manifest_mixed_content.html => dom/security/test/csp/file_web_manifest_mixed_content.html rename : dom/base/test/csp/file_CSP_web_manifest_remote.html => dom/security/test/csp/file_web_manifest_remote.html rename : dom/base/test/csp/file_worker_redirect.html => dom/security/test/csp/file_worker_redirect.html rename : dom/base/test/csp/file_worker_redirect.sjs => dom/security/test/csp/file_worker_redirect.sjs rename : dom/base/test/csp/referrerdirective.sjs => dom/security/test/csp/referrerdirective.sjs rename : dom/base/test/csp/test_301_redirect.html => dom/security/test/csp/test_301_redirect.html rename : dom/base/test/csp/test_302_redirect.html => dom/security/test/csp/test_302_redirect.html rename : dom/base/test/csp/test_303_redirect.html => dom/security/test/csp/test_303_redirect.html rename : dom/base/test/csp/test_307_redirect.html => dom/security/test/csp/test_307_redirect.html rename : dom/base/test/csp/test_CSP.html => dom/security/test/csp/test_CSP.html rename : dom/base/test/csp/test_csp_allow_https_schemes.html => dom/security/test/csp/test_allow_https_schemes.html rename : dom/base/test/csp/test_base-uri.html => dom/security/test/csp/test_base-uri.html rename : dom/base/test/csp/test_blob_data_schemes.html => dom/security/test/csp/test_blob_data_schemes.html rename : dom/base/test/csp/test_CSP_bug663567.html => dom/security/test/csp/test_bug663567.html rename : dom/base/test/csp/test_csp_bug768029.html => dom/security/test/csp/test_bug768029.html rename : dom/base/test/csp/test_csp_bug773891.html => dom/security/test/csp/test_bug773891.html rename : dom/base/test/csp/test_CSP_bug802872.html => dom/security/test/csp/test_bug802872.html rename : dom/base/test/csp/test_bug836922_npolicies.html => dom/security/test/csp/test_bug836922_npolicies.html rename : dom/base/test/csp/test_CSP_bug885433.html => dom/security/test/csp/test_bug885433.html rename : dom/base/test/csp/test_bug886164.html => dom/security/test/csp/test_bug886164.html rename : dom/base/test/csp/test_CSP_bug888172.html => dom/security/test/csp/test_bug888172.html rename : dom/base/test/csp/test_CSP_bug909029.html => dom/security/test/csp/test_bug909029.html rename : dom/base/test/csp/test_CSP_bug910139.html => dom/security/test/csp/test_bug910139.html rename : dom/base/test/csp/test_CSP_bug941404.html => dom/security/test/csp/test_bug941404.html rename : dom/base/test/csp/test_bug949549.html => dom/security/test/csp/test_bug949549.html rename : dom/base/test/csp/test_connect-src.html => dom/security/test/csp/test_connect-src.html rename : dom/base/test/csp/test_dual_header.html => dom/security/test/csp/test_dual_header.html rename : dom/base/test/csp/test_CSP_evalscript.html => dom/security/test/csp/test_evalscript.html rename : dom/base/test/csp/test_form-action.html => dom/security/test/csp/test_form-action.html rename : dom/base/test/csp/test_CSP_frameancestors.html => dom/security/test/csp/test_frameancestors.html rename : dom/base/test/csp/test_hash_source.html => dom/security/test/csp/test_hash_source.html rename : dom/base/test/csp/test_ignore_unsafe_inline.html => dom/security/test/csp/test_ignore_unsafe_inline.html rename : dom/base/test/csp/test_CSP_inlinescript.html => dom/security/test/csp/test_inlinescript.html rename : dom/base/test/csp/test_CSP_inlinestyle.html => dom/security/test/csp/test_inlinestyle.html rename : dom/base/test/csp/test_csp_invalid_source_expression.html => dom/security/test/csp/test_invalid_source_expression.html rename : dom/base/test/csp/test_leading_wildcard.html => dom/security/test/csp/test_leading_wildcard.html rename : dom/base/test/csp/test_multi_policy_injection_bypass.html => dom/security/test/csp/test_multi_policy_injection_bypass.html rename : dom/base/test/csp/test_nonce_source.html => dom/security/test/csp/test_nonce_source.html rename : dom/base/test/csp/test_null_baseuri.html => dom/security/test/csp/test_null_baseuri.html rename : dom/base/test/csp/test_csp_path_matching.html => dom/security/test/csp/test_path_matching.html rename : dom/base/test/csp/test_csp_path_matching_redirect.html => dom/security/test/csp/test_path_matching_redirect.html rename : dom/base/test/csp/test_policyuri_regression_from_multipolicy.html => dom/security/test/csp/test_policyuri_regression_from_multipolicy.html rename : dom/base/test/csp/test_csp_redirects.html => dom/security/test/csp/test_redirects.html rename : dom/base/test/csp/test_CSP_referrerdirective.html => dom/security/test/csp/test_referrerdirective.html rename : dom/base/test/csp/test_csp_report.html => dom/security/test/csp/test_report.html rename : dom/base/test/csp/test_report_uri_missing_in_report_only_header.html => dom/security/test/csp/test_report_uri_missing_in_report_only_header.html rename : dom/base/test/csp/test_scheme_relative_sources.html => dom/security/test/csp/test_scheme_relative_sources.html rename : dom/base/test/csp/test_self_none_as_hostname_confusion.html => dom/security/test/csp/test_self_none_as_hostname_confusion.html rename : dom/base/test/csp/test_subframe_run_js_if_allowed.html => dom/security/test/csp/test_subframe_run_js_if_allowed.html rename : dom/base/test/csp/test_worker_redirect.html => dom/security/test/csp/test_worker_redirect.html rename : dom/base/test/unit/test_cspreports.js => dom/security/test/unit/test_csp_reports.js extra : rebase_source : 009d78b5e741c3a6ed10744986f7b0841720f6c8
60 lines
1.6 KiB
JavaScript
60 lines
1.6 KiB
JavaScript
// SJS file that receives violation reports and then responds with nothing.
|
|
|
|
const CC = Components.Constructor;
|
|
const BinaryInputStream = CC("@mozilla.org/binaryinputstream;1",
|
|
"nsIBinaryInputStream",
|
|
"setInputStream");
|
|
|
|
const STATE = "bug836922_violations";
|
|
|
|
function handleRequest(request, response)
|
|
{
|
|
var query = {};
|
|
request.queryString.split('&').forEach(function (val) {
|
|
var [name, value] = val.split('=');
|
|
query[name] = unescape(value);
|
|
});
|
|
|
|
|
|
if ('results' in query) {
|
|
// if asked for the received data, send it.
|
|
response.setHeader("Content-Type", "text/javascript", false);
|
|
if (getState(STATE)) {
|
|
response.write(getState(STATE));
|
|
} else {
|
|
// no state has been recorded.
|
|
response.write(JSON.stringify({}));
|
|
}
|
|
} else if ('reset' in query) {
|
|
//clear state
|
|
setState(STATE, JSON.stringify(null));
|
|
} else {
|
|
// ... otherwise, just respond "ok".
|
|
response.write("null");
|
|
|
|
var bodystream = new BinaryInputStream(request.bodyInputStream);
|
|
var avail;
|
|
var bytes = [];
|
|
while ((avail = bodystream.available()) > 0)
|
|
Array.prototype.push.apply(bytes, bodystream.readByteArray(avail));
|
|
|
|
var data = String.fromCharCode.apply(null, bytes);
|
|
|
|
// figure out which test was violating a policy
|
|
var testpat = new RegExp("testid=([a-z0-9_]+)");
|
|
var testid = testpat.exec(data)[1];
|
|
|
|
// store the violation in the persistent state
|
|
var s = getState(STATE);
|
|
if (!s) s = "{}";
|
|
s = JSON.parse(s);
|
|
if (!s) s = {};
|
|
|
|
if (!s[testid]) s[testid] = 0;
|
|
s[testid]++;
|
|
setState(STATE, JSON.stringify(s));
|
|
}
|
|
}
|
|
|
|
|