Backed out changeset de12da283e67 (bug 1668071) for build bustages on nsCSPContext.cpp. CLOSED TREE

This commit is contained in:
Butkovits Atila 2020-10-14 11:39:46 +03:00
Родитель 9ee7388644
Коммит 0ea5139865
5 изменённых файлов: 17 добавлений и 99 удалений

Просмотреть файл

@ -1550,7 +1550,7 @@ nsCSPContext::PermitsAncestry(nsILoadInfo* aLoadInfo,
nsCOMPtr<nsIURI> uriClone;
while (ctx) {
nsCOMPtr<nsIPrincipal> currentPrincipal;
nsCOMPtr<nsIURI> currentURI;
// Generally permitsAncestry is consulted from within the
// DocumentLoadListener in the parent process. For loads of type object
// and embed it's called from the Document in the content process.
@ -1559,19 +1559,12 @@ nsCSPContext::PermitsAncestry(nsILoadInfo* aLoadInfo,
if (XRE_IsParentProcess()) {
WindowGlobalParent* window = ctx->Canonical()->GetCurrentWindowGlobal();
if (window) {
// Using the URI of the Principal and not the document because e.g.
// about:blank inherits the principal and hence the URI of the
// document does not reflect the security context of the document.
currentPrincipal = window->DocumentPrincipal();
currentURI = window->GetDocumentURI();
}
} else if (nsPIDOMWindowOuter* windowOuter = ctx->GetDOMWindow()) {
currentPrincipal = nsGlobalWindowOuter::Cast(windowOuter)->GetPrincipal();
currentURI = windowOuter->GetDocumentURI();
}
if (currentPrincipal) {
nsCOMPtr<nsIURI> currentURI;
currentPrincipal->GetURI(getter_AddRefs(currentURI));
if (currentURI) {
nsAutoCString spec;
currentURI->GetSpec(spec);
@ -1589,7 +1582,6 @@ nsCSPContext::PermitsAncestry(nsILoadInfo* aLoadInfo,
}
ancestorsArray.AppendElement(uriClone);
}
}
ctx = ctx->GetParent();
}

Просмотреть файл

@ -1,9 +0,0 @@
<!DOCTYPE HTML>
<html>
<head>
<title>Helper file for Bug 1668071 - CSP frame-ancestors in about:blank</title>
</head>
<body>
CSP frame-ancestors in about:blank
</body>
</html>

Просмотреть файл

@ -1,2 +0,0 @@
Cache-Control: no-cache
Content-Security-Policy: frame-ancestors http://mochi.test:8888

Просмотреть файл

@ -433,7 +433,3 @@ support-files =
file_upgrade_insecure_navigation_redirect_same_origin.html
file_upgrade_insecure_navigation_redirect_cross_origin.html
[test_csp_style_src_empty_hash.html]
[test_csp_frame_ancestors_about_blank.html]
support-files =
file_csp_frame_ancestors_about_blank.html
file_csp_frame_ancestors_about_blank.html^headers^

Просмотреть файл

@ -1,59 +0,0 @@
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Bug 1668071 - CSP frame-ancestors in about:blank</title>
<script src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>
<script class="testbody" type="text/javascript">
/* Description of the test:
* We dynamically load an about:blank iframe which then loads a testframe
* including a CSP frame-ancestors directive which matches the including
* security context. We make sure that we not incorrectly block on
* about:blank which should inherit the security context.
*/
SimpleTest.waitForExplicitFinish();
let aboutBlankFrame = document.createElement("iframe");
document.body.appendChild(aboutBlankFrame);
aboutBlankFrame.onload = function() {
ok(true, "aboutBlankFrame onload should fire");
let aboutBlankDoc = aboutBlankFrame.contentDocument;
is(aboutBlankDoc.documentURI, "about:blank",
"sanity: aboutBlankFrame URI should be about:blank");
let testframe = aboutBlankDoc.createElement("iframe");
aboutBlankDoc.body.appendChild(testframe);
testframe.onload = function() {
ok(true, "testframe onload should fire");
let testDoc = SpecialPowers.wrap(testframe.contentDocument);
ok(testDoc.documentURI.endsWith("file_csp_frame_ancestors_about_blank.html"),
"sanity: document in testframe should be the testfile");
let cspJSON = testDoc.cspJSON;
ok(cspJSON.includes("frame-ancestors"), "found frame-ancestors directive");
ok(cspJSON.includes("http://mochi.test:8888"), "found frame-ancestors value");
SimpleTest.finish();
}
testframe.onerror = function() {
ok(false, "testframe onerror should not fire");
}
testframe.src = "file_csp_frame_ancestors_about_blank.html";
}
aboutBlankFrame.onerror = function() {
ok(false, "aboutBlankFrame onerror should not be called");
}
aboutBlankFrame.src = "about:blank";
</script>
</body>
</html>