Bug 1236222 - CSP: Blocked URI should be empty for inline violations. r=ckerschb

2016-11-07 19:22:53 +05:30 · 2016-11-07 19:22:53 +05:30 · 134e80abde
--- a/dom/security/nsCSPContext.cpp
+++ b/dom/security/nsCSPContext.cpp
@ -797,7 +797,7 @@ StripURIForReporting(nsIURI* aURI,
 *        source line number of the violation (if available)
 */
 nsresult
-nsCSPContext::SendReports(nsISupports* aBlockedContentSource,
+nsCSPContext::SendReports(nsIURI* aBlockedURI,
                          nsIURI* aOriginalURI,
                          nsAString& aViolatedDirective,
                          uint32_t aViolatedPolicyIndex,
@ -820,26 +820,11 @@ nsCSPContext::SendReports(nsISupports* aBlockedContentSource,
  nsresult rv;

  // blocked-uri
-  if (aBlockedContentSource) {
+  if (aBlockedURI) {
    nsAutoCString reportBlockedURI;
-    nsCOMPtr<nsIURI> uri = do_QueryInterface(aBlockedContentSource);
-    // could be a string or URI
-    if (uri) {
-      StripURIForReporting(uri, mSelfURI, reportBlockedURI);
-    } else {
-      nsCOMPtr<nsISupportsCString> cstr = do_QueryInterface(aBlockedContentSource);
-      if (cstr) {
-        cstr->GetData(reportBlockedURI);
-      }
-    }
-    if (reportBlockedURI.IsEmpty()) {
-      // this can happen for frame-ancestors violation where the violating
-      // ancestor is cross-origin.
-      NS_WARNING("No blocked URI (null aBlockedContentSource) for CSP violation report.");
-    }
+    StripURIForReporting(aBlockedURI, mSelfURI, reportBlockedURI);
    report.mCsp_report.mBlocked_uri = NS_ConvertUTF8toUTF16(reportBlockedURI);
  }
-
  // document-uri
  nsAutoCString reportDocumentURI;
  StripURIForReporting(mSelfURI, mSelfURI, reportDocumentURI);
@ -1076,13 +1061,14 @@ class CSPReportSenderRunnable final : public Runnable
      NS_ENSURE_SUCCESS(rv, rv);

      // 2) send reports for the policy that was violated
-      mCSPContext->SendReports(mBlockedContentSource, mOriginalURI,
+      nsCOMPtr<nsIURI> blockedURI = do_QueryInterface(mBlockedContentSource);
+      mCSPContext->SendReports(blockedURI, mOriginalURI,
                               mViolatedDirective, mViolatedPolicyIndex,
                               mSourceFile, mScriptSample, mLineNum);

      // 3) log to console (one per policy violation)
      // mBlockedContentSource could be a URI or a string.
-      nsCOMPtr<nsIURI> blockedURI = do_QueryInterface(mBlockedContentSource);
+
      // if mBlockedContentSource is not a URI, it could be a string
      nsCOMPtr<nsISupportsCString> blockedString = do_QueryInterface(mBlockedContentSource);

--- a/dom/security/nsCSPContext.h
+++ b/dom/security/nsCSPContext.h
@ -57,7 +57,7 @@ class nsCSPContext : public nsIContentSecurityPolicy
                      uint32_t aColumnNumber,
                      uint32_t aSeverityFlag);

-    nsresult SendReports(nsISupports* aBlockedContentSource,
+    nsresult SendReports(nsIURI* aBlockedURI,
                         nsIURI* aOriginalURI,
                         nsAString& aViolatedDirective,
                         uint32_t aViolatedPolicyIndex,
--- a/dom/security/test/csp/test_report.html
+++ b/dom/security/test/csp/test_report.html
@ -48,7 +48,7 @@ window.checkResults = function(reportObj) {
  ok(cspReport["referrer"].startsWith("http://mochi.test:8888/tests/dom/security/test/csp/test_report.html"),
     "Incorrect referrer");

-  is(cspReport["blocked-uri"], "self", "Incorrect blocked-uri");
+  is(cspReport["blocked-uri"], "", "Incorrect blocked-uri");

  is(cspReport["violated-directive"], "default-src 'none'", "Incorrect violated-directive");