Bug 1896344: part 7) Move effective directive to `CSPViolationData`. r=tschuster

Differential Revision: https://phabricator.services.mozilla.com/D213573

dom/security/CSPViolationData.cpp

@@ -34,11 +34,13 @@ static nsString MaybeTruncateSample(const nsAString& aSample) {
 
 CSPViolationData::CSPViolationData(uint32_t aViolatedPolicyIndex,
                                    Resource&& aResource,
+                                   const CSPDirective aEffectiveDirective,
                                    const nsAString& aSourceFile,
                                    uint32_t aLineNumber, uint32_t aColumnNumber,
                                    Element* aElement, const nsAString& aSample)
     : mViolatedPolicyIndex{aViolatedPolicyIndex},
       mResource{std::move(aResource)},
+      mEffectiveDirective{aEffectiveDirective},
       mSourceFile{aSourceFile},
       mLineNumber{aLineNumber},
       mColumnNumber{aColumnNumber},

dom/security/CSPViolationData.h

@@ -8,6 +8,7 @@
 #define DOM_SECURITY_CSPVIOLATION_H_
 
 #include "nsCOMPtr.h"
+#include "nsIContentSecurityPolicy.h"
 #include "nsIURI.h"
 #include "nsString.h"
 #include "mozilla/RefPtr.h"
@@ -21,6 +22,7 @@ namespace mozilla::dom {
 class Element;
 
 // Represents parts of <https://w3c.github.io/webappsec-csp/#violation>.
+// The remaining parts can be deduced from the corresponding nsCSPContext.
 struct CSPViolationData {
   enum class BlockedContentSource {
     Unknown,
@@ -34,6 +36,7 @@ struct CSPViolationData {
 
   // @param aSample Will be truncated if necessary.
   CSPViolationData(uint32_t aViolatedPolicyIndex, Resource&& aResource,
+                   const CSPDirective aEffectiveDirective,
                    const nsAString& aSourceFile, uint32_t aLineNumber,
                    uint32_t aColumnNumber, Element* aElement,
                    const nsAString& aSample);
@@ -44,6 +47,7 @@ struct CSPViolationData {
 
   const uint32_t mViolatedPolicyIndex;
   const Resource mResource;
+  const CSPDirective mEffectiveDirective;
   // String representation of the URL. The empty string represents a null-URL.
   const nsString mSourceFile;
   const uint32_t mLineNumber;

dom/security/nsCSPContext.cpp

@@ -224,6 +224,7 @@ bool nsCSPContext::permitsInternal(
 
         CSPViolationData cspViolationData{p,
                                           std::move(resource),
+                                          aDir,
                                           spec,
                                           lineNumber,
                                           columnNumber,
@@ -235,7 +236,6 @@ bool nsCSPContext::permitsInternal(
             aOriginalURIIfRedirect, /* in case of redirect originalURI is not
                                        null */
             violatedDirective, violatedDirectiveString,
-            aDir,    // aViolatedDirective
             u""_ns,  // no observer subject
             false);  // aReportSample (no sample)
       }
@@ -568,6 +568,7 @@ void nsCSPContext::reportInlineViolation(
       aViolatedPolicyIndex,
       CSPViolationData::Resource{
           CSPViolationData::BlockedContentSource::Inline},
+      aEffectiveDirective,
       sourceFile,
       lineNumber,
       columnNumber,
@@ -578,7 +579,6 @@ void nsCSPContext::reportInlineViolation(
                        mSelfURI,            // aOriginalURI
                        aViolatedDirective,  // aViolatedDirective
                        aViolatedDirectiveString,
-                       aEffectiveDirective,  // aEffectiveDirective
                        observerSubject,      // aObserverSubject
                        aReportSample);       // aReportSample
 }
@@ -762,6 +762,7 @@ nsCSPContext::LogViolationDetails(
     CSPViolationData cspViolationData{
         p,
         CSPViolationData::Resource{blockedContentSource},
+        /* aEffectiveDirective */ CSPDirective::SCRIPT_SRC_DIRECTIVE,
         aSourceFile,
         static_cast<uint32_t>(aLineNum),
         static_cast<uint32_t>(aColumnNum),
@@ -771,7 +772,6 @@ nsCSPContext::LogViolationDetails(
     AsyncReportViolation(
         aCSPEventListener, std::move(cspViolationData), nullptr,
         violatedDirectiveName, violatedDirectiveNameAndValue,
-        CSPDirective::SCRIPT_SRC_DIRECTIVE /* aEffectiveDirective */,
         observerSubject, reportSample);
   }
   return NS_OK;
@@ -1402,7 +1402,6 @@ class CSPReportSenderRunnable final : public Runnable {
                           nsIURI* aOriginalURI, bool aReportOnlyFlag,
                           const nsAString& aViolatedDirectiveName,
                           const nsAString& aViolatedDirectiveNameAndValue,
-                          const CSPDirective aEffectiveDirective,
                           const nsAString& aObserverSubject, bool aReportSample,
                           nsCSPContext* aCSPContext)
       : mozilla::Runnable("CSPReportSenderRunnable"),
@@ -1413,7 +1412,6 @@ class CSPReportSenderRunnable final : public Runnable {
         mReportSample(aReportSample),
         mViolatedDirectiveName(aViolatedDirectiveName),
         mViolatedDirectiveNameAndValue(aViolatedDirectiveNameAndValue),
-        mEffectiveDirective(aEffectiveDirective),
         mCSPContext(aCSPContext) {
     NS_ASSERTION(!aViolatedDirectiveName.IsEmpty(),
                  "Can not send reports without a violated directive");
@@ -1450,7 +1448,7 @@ class CSPReportSenderRunnable final : public Runnable {
 
     nsAutoString effectiveDirective;
     effectiveDirective.AssignASCII(
-        CSP_CSPDirectiveToString(mEffectiveDirective));
+        CSP_CSPDirectiveToString(mCSPViolationData.mEffectiveDirective));
 
     nsresult rv = mCSPContext->GatherSecurityPolicyViolationEventData(
         mOriginalURI, effectiveDirective, mCSPViolationData,
@@ -1486,7 +1484,7 @@ class CSPReportSenderRunnable final : public Runnable {
  private:
   void ReportToConsole() const {
     NS_ConvertUTF8toUTF16 effectiveDirective(
-        CSP_CSPDirectiveToString(mEffectiveDirective));
+        CSP_CSPDirectiveToString(mCSPViolationData.mEffectiveDirective));
 
     const auto blockedContentSource =
         mCSPViolationData.BlockedContentSourceOrUnknown();
@@ -1494,16 +1492,18 @@ class CSPReportSenderRunnable final : public Runnable {
     switch (blockedContentSource) {
       case CSPViolationData::BlockedContentSource::Inline: {
         const char* errorName = nullptr;
-        if (mEffectiveDirective == CSPDirective::STYLE_SRC_ATTR_DIRECTIVE ||
+        if (mCSPViolationData.mEffectiveDirective ==
-            mEffectiveDirective == CSPDirective::STYLE_SRC_ELEM_DIRECTIVE) {
+                CSPDirective::STYLE_SRC_ATTR_DIRECTIVE ||
+            mCSPViolationData.mEffectiveDirective ==
+                CSPDirective::STYLE_SRC_ELEM_DIRECTIVE) {
           errorName = mReportOnlyFlag ? "CSPROInlineStyleViolation"
                                       : "CSPInlineStyleViolation";
-        } else if (mEffectiveDirective ==
+        } else if (mCSPViolationData.mEffectiveDirective ==
                    CSPDirective::SCRIPT_SRC_ATTR_DIRECTIVE) {
           errorName = mReportOnlyFlag ? "CSPROEventHandlerScriptViolation"
                                       : "CSPEventHandlerScriptViolation";
         } else {
-          MOZ_ASSERT(mEffectiveDirective ==
+          MOZ_ASSERT(mCSPViolationData.mEffectiveDirective ==
                      CSPDirective::SCRIPT_SRC_ELEM_DIRECTIVE);
           errorName = mReportOnlyFlag ? "CSPROInlineScriptViolation"
                                       : "CSPInlineScriptViolation";
@@ -1563,7 +1563,7 @@ class CSPReportSenderRunnable final : public Runnable {
         }
 
         const char* errorName = nullptr;
-        switch (mEffectiveDirective) {
+        switch (mCSPViolationData.mEffectiveDirective) {
           case CSPDirective::STYLE_SRC_ELEM_DIRECTIVE:
             errorName =
                 mReportOnlyFlag ? "CSPROStyleViolation" : "CSPStyleViolation";
@@ -1598,7 +1598,6 @@ class CSPReportSenderRunnable final : public Runnable {
   bool mReportSample;
   nsString mViolatedDirectiveName;
   nsString mViolatedDirectiveNameAndValue;
-  CSPDirective mEffectiveDirective;
   nsCOMPtr<nsISupports> mObserverSubject;
   RefPtr<nsCSPContext> mCSPContext;
 };
@@ -1621,8 +1620,7 @@ nsresult nsCSPContext::AsyncReportViolation(
     mozilla::dom::CSPViolationData&& aCSPViolationData, nsIURI* aOriginalURI,
     const nsAString& aViolatedDirectiveName,
     const nsAString& aViolatedDirectiveNameAndValue,
-    const CSPDirective aEffectiveDirective, const nsAString& aObserverSubject,
+    const nsAString& aObserverSubject, bool aReportSample) {
-    bool aReportSample) {
   EnsureIPCPoliciesRead();
   NS_ENSURE_ARG_MAX(aCSPViolationData.mViolatedPolicyIndex,
                     mPolicies.Length() - 1);
@@ -1630,8 +1628,8 @@ nsresult nsCSPContext::AsyncReportViolation(
   nsCOMPtr<nsIRunnable> task = new CSPReportSenderRunnable(
       aCSPEventListener, std::move(aCSPViolationData), aOriginalURI,
       mPolicies[aCSPViolationData.mViolatedPolicyIndex]->getReportOnlyFlag(),
-      aViolatedDirectiveName, aViolatedDirectiveNameAndValue,
+      aViolatedDirectiveName, aViolatedDirectiveNameAndValue, aObserverSubject,
-      aEffectiveDirective, aObserverSubject, aReportSample, this);
+      aReportSample, this);
 
   if (XRE_IsContentProcess()) {
     if (mEventTarget) {

dom/security/nsCSPContext.h

@@ -111,8 +111,7 @@ class nsCSPContext : public nsIContentSecurityPolicy {
       mozilla::dom::CSPViolationData&& aCSPViolationData, nsIURI* aOriginalURI,
       const nsAString& aViolatedDirectiveName,
       const nsAString& aViolatedDirectiveNameAndValue,
-      const CSPDirective aEffectiveDirective, const nsAString& aObserverSubject,
+      const nsAString& aObserverSubject, bool aReportSample);
-      bool aReportSample);
 
   // Hands off! Don't call this method unless you know what you
   // are doing. It's only supposed to be called from within