зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1031372 - CSP parser should accept 127.0.0.1:* (r=sstamm)
This commit is contained in:
Родитель
7c621f7c7c
Коммит
31d4c54263
|
@ -330,7 +330,7 @@ nsCSPParser::subHost()
|
|||
/* consume */
|
||||
++charCounter;
|
||||
}
|
||||
if (accept(DOT) && !accept(isCharacterToken)) {
|
||||
if (accept(DOT) && !hostChar()) {
|
||||
return false;
|
||||
}
|
||||
if (charCounter > kSubHostPathCharacterCutoff) {
|
||||
|
@ -366,8 +366,8 @@ nsCSPParser::host()
|
|||
}
|
||||
}
|
||||
|
||||
// Expecting at least one Character
|
||||
if (!accept(isCharacterToken)) {
|
||||
// Expecting at least one host-char
|
||||
if (!hostChar()) {
|
||||
const char16_t* params[] = { mCurToken.get() };
|
||||
logWarningErrorToConsole(nsIScriptError::warningFlag, "couldntParseInvalidHost",
|
||||
params, ArrayLength(params));
|
||||
|
@ -684,6 +684,7 @@ nsCSPParser::sourceList(nsTArray<nsCSPBaseSrc*>& outSrcs)
|
|||
// mCurToken is only set here and remains the current token
|
||||
// to be processed, which avoid passing arguments between functions.
|
||||
mCurToken = mCurDir[i];
|
||||
resetCurValue();
|
||||
|
||||
CSPPARSERLOG(("nsCSPParser::sourceList, mCurToken: %s, mCurValue: %s",
|
||||
NS_ConvertUTF16toUTF8(mCurToken).get(),
|
||||
|
|
|
@ -395,6 +395,14 @@ nsresult TestSimplePolicies() {
|
|||
"script-src http://www.example.com" },
|
||||
{ "script-src http://www.example.com/path-1//path_2",
|
||||
"script-src http://www.example.com" },
|
||||
{ "default-src 127.0.0.1",
|
||||
"default-src http://127.0.0.1" },
|
||||
{ "default-src 127.0.0.1:*",
|
||||
"default-src http://127.0.0.1:*" },
|
||||
{ "default-src -; ",
|
||||
"default-src http://-" },
|
||||
{ "script-src 1",
|
||||
"script-src http://1" }
|
||||
};
|
||||
|
||||
uint32_t policyCount = sizeof(policies) / sizeof(PolicyTest);
|
||||
|
@ -432,8 +440,6 @@ nsresult TestBadPolicies() {
|
|||
{ "", "" },
|
||||
{ "; ; ; ; ; ; ;", "" },
|
||||
{ "defaut-src asdf", "" },
|
||||
{ "default-src -; ", "" },
|
||||
{ "script-src 1", "" },
|
||||
{ "default-src: aaa", "" },
|
||||
{ "default-src 'unsafe-inlin' ", "" },
|
||||
{ "default-src :88", "" },
|
||||
|
|
Загрузка…
Ссылка в новой задаче