Backed out changeset de12da283e67 (bug 1668071) for build bustages on nsCSPContext.cpp. CLOSED TREE

2020-10-14 11:39:46 +03:00 · 2020-10-14 11:39:46 +03:00 · 0ea5139865
--- a/dom/security/nsCSPContext.cpp
+++ b/dom/security/nsCSPContext.cpp
@ -1550,7 +1550,7 @@ nsCSPContext::PermitsAncestry(nsILoadInfo* aLoadInfo,
  nsCOMPtr<nsIURI> uriClone;

  while (ctx) {
-    nsCOMPtr<nsIPrincipal> currentPrincipal;
+    nsCOMPtr<nsIURI> currentURI;
    // Generally permitsAncestry is consulted from within the
    // DocumentLoadListener in the parent process. For loads of type object
    // and embed it's called from the Document in the content process.
@ -1559,36 +1559,28 @@ nsCSPContext::PermitsAncestry(nsILoadInfo* aLoadInfo,
    if (XRE_IsParentProcess()) {
      WindowGlobalParent* window = ctx->Canonical()->GetCurrentWindowGlobal();
      if (window) {
-        // Using the URI of the Principal and not the document because e.g.
-        // about:blank inherits the principal and hence the URI of the
-        // document does not reflect the security context of the document.
-        currentPrincipal = window->DocumentPrincipal();
+        currentURI = window->GetDocumentURI();
      }
    } else if (nsPIDOMWindowOuter* windowOuter = ctx->GetDOMWindow()) {
-      currentPrincipal = nsGlobalWindowOuter::Cast(windowOuter)->GetPrincipal();
+      currentURI = windowOuter->GetDocumentURI();
    }

-    if (currentPrincipal) {
-      nsCOMPtr<nsIURI> currentURI;
-      currentPrincipal->GetURI(getter_AddRefs(currentURI));
+    if (currentURI) {
+      nsAutoCString spec;
+      currentURI->GetSpec(spec);
+      // delete the userpass from the URI.
+      rv = NS_MutateURI(currentURI)
+               .SetRef(""_ns)
+               .SetUserPass(""_ns)
+               .Finalize(uriClone);

-      if (currentURI) {
-        nsAutoCString spec;
-        currentURI->GetSpec(spec);
-        // delete the userpass from the URI.
-        rv = NS_MutateURI(currentURI)
-                 .SetRef(""_ns)
-                 .SetUserPass(""_ns)
-                 .Finalize(uriClone);
-
-        // If setUserPass fails for some reason, just return a clone of the
-        // current URI
-        if (NS_FAILED(rv)) {
-          rv = NS_GetURIWithoutRef(currentURI, getter_AddRefs(uriClone));
-          NS_ENSURE_SUCCESS(rv, rv);
-        }
-        ancestorsArray.AppendElement(uriClone);
+      // If setUserPass fails for some reason, just return a clone of the
+      // current URI
+      if (NS_FAILED(rv)) {
+        rv = NS_GetURIWithoutRef(currentURI, getter_AddRefs(uriClone));
+        NS_ENSURE_SUCCESS(rv, rv);
      }
+      ancestorsArray.AppendElement(uriClone);
    }
    ctx = ctx->GetParent();
  }
--- a/dom/security/test/csp/file_csp_frame_ancestors_about_blank.html
+++ b/dom/security/test/csp/file_csp_frame_ancestors_about_blank.html
@ -1,9 +0,0 @@
-<!DOCTYPE HTML>
-<html>
-<head>
-  <title>Helper file for Bug 1668071 - CSP frame-ancestors in about:blank</title>
-</head>
-<body>
-  CSP frame-ancestors in about:blank
-</body>
-</html>
--- a/dom/security/test/csp/file_csp_frame_ancestors_about_blank.html^headers^
+++ b/dom/security/test/csp/file_csp_frame_ancestors_about_blank.html^headers^
@ -1,2 +0,0 @@
-Cache-Control: no-cache
-Content-Security-Policy: frame-ancestors http://mochi.test:8888
--- a/dom/security/test/csp/mochitest.ini
+++ b/dom/security/test/csp/mochitest.ini
@ -433,7 +433,3 @@ support-files =
  file_upgrade_insecure_navigation_redirect_same_origin.html
  file_upgrade_insecure_navigation_redirect_cross_origin.html
 [test_csp_style_src_empty_hash.html]
-[test_csp_frame_ancestors_about_blank.html]
-support-files =
-  file_csp_frame_ancestors_about_blank.html
-  file_csp_frame_ancestors_about_blank.html^headers^
--- a/dom/security/test/csp/test_csp_frame_ancestors_about_blank.html
+++ b/dom/security/test/csp/test_csp_frame_ancestors_about_blank.html
@ -1,59 +0,0 @@
-<!DOCTYPE HTML>
-<html>
-<head>
-  <meta charset="utf-8">
-  <title>Bug 1668071 - CSP frame-ancestors in about:blank</title>
-  <script src="/tests/SimpleTest/SimpleTest.js"></script>
-  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
-</head>
-<body>
-
-<script class="testbody" type="text/javascript">
-
-/* Description of the test:
- * We dynamically load an about:blank iframe which then loads a testframe
- * including a CSP frame-ancestors directive which matches the including
- * security context. We make sure that we not incorrectly block on
- * about:blank which should inherit the security context.
- */
-
-SimpleTest.waitForExplicitFinish();
-
-let aboutBlankFrame = document.createElement("iframe");
-document.body.appendChild(aboutBlankFrame);
-
-aboutBlankFrame.onload = function() {
-  ok(true, "aboutBlankFrame onload should fire");
-  let aboutBlankDoc = aboutBlankFrame.contentDocument;
-  is(aboutBlankDoc.documentURI, "about:blank",
-    "sanity: aboutBlankFrame URI should be about:blank");
-
-  let testframe = aboutBlankDoc.createElement("iframe");
-  aboutBlankDoc.body.appendChild(testframe);
-  testframe.onload = function() {
-    ok(true, "testframe onload should fire");
-    let testDoc = SpecialPowers.wrap(testframe.contentDocument);
-    ok(testDoc.documentURI.endsWith("file_csp_frame_ancestors_about_blank.html"),
-       "sanity: document in testframe should be the testfile");
-
-    let cspJSON = testDoc.cspJSON;
-    ok(cspJSON.includes("frame-ancestors"), "found frame-ancestors directive");
-    ok(cspJSON.includes("http://mochi.test:8888"), "found frame-ancestors value");
-
-    SimpleTest.finish();
-  }
-
-  testframe.onerror = function() {
-    ok(false, "testframe onerror should not fire");
-  }
-  testframe.src = "file_csp_frame_ancestors_about_blank.html";
-}
-
-aboutBlankFrame.onerror = function() {
-  ok(false, "aboutBlankFrame onerror should not be called");
-}
-aboutBlankFrame.src = "about:blank";
-
-</script>
-</body>
-</html>