зеркало из https://github.com/mozilla/gecko-dev.git
Bug 725490 - Change XFO sameorigin to check all ancestors for same origin. r=smaug
MozReview-Commit-ID: 5fPxGpcdVms --HG-- extra : rebase_source : f25e525c1e5f6cfe2c5002779fefe17263896d02
This commit is contained in:
Jonathan Kingston
Родитель
91d2efb8b5
Коммит
5565689b54
|
|
@ -78,6 +78,11 @@ FramingChecker::CheckOneFrameOptionsPolicy(nsIHttpChannel* aHttpChannel,
|
|||
MOZ_CRASH();
|
||||
}
|
||||
|
||||
// If the X-Frame-Options value is SAMEORIGIN, then the top frame in the
|
||||
// parent chain must be from the same origin as this document.
|
||||
bool checkSameOrigin = aPolicy.LowerCaseEqualsLiteral("sameorigin");
|
||||
nsCOMPtr<nsIURI> topUri;
|
||||
|
||||
// Traverse up the parent chain and stop when we see a docshell whose
|
||||
// parent has a system principal, or a docshell corresponding to
|
||||
// <iframe mozbrowser>.
|
||||
|
|
@ -92,6 +97,17 @@ FramingChecker::CheckOneFrameOptionsPolicy(nsIHttpChannel* aHttpChannel,
|
|||
bool system = false;
|
||||
topDoc = parentDocShellItem->GetDocument();
|
||||
if (topDoc) {
|
||||
if (checkSameOrigin) {
|
||||
topDoc->NodePrincipal()->GetURI(getter_AddRefs(topUri));
|
||||
rv = ssm->CheckSameOriginURI(uri, topUri, true);
|
||||
|
||||
// one of the ancestors is not same origin as this document
|
||||
if (NS_FAILED(rv)) {
|
||||
ReportXFOViolation(curDocShellItem, uri, eSAMEORIGIN);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
if (NS_SUCCEEDED(
|
||||
ssm->IsSystemPrincipal(topDoc->NodePrincipal(), &system)) &&
|
||||
system) {
|
||||
|
|
@ -119,19 +135,8 @@ FramingChecker::CheckOneFrameOptionsPolicy(nsIHttpChannel* aHttpChannel,
|
|||
}
|
||||
|
||||
topDoc = curDocShellItem->GetDocument();
|
||||
nsCOMPtr<nsIURI> topUri;
|
||||
topDoc->NodePrincipal()->GetURI(getter_AddRefs(topUri));
|
||||
|
||||
// If the X-Frame-Options value is SAMEORIGIN, then the top frame in the
|
||||
// parent chain must be from the same origin as this document.
|
||||
if (aPolicy.LowerCaseEqualsLiteral("sameorigin")) {
|
||||
rv = ssm->CheckSameOriginURI(uri, topUri, true);
|
||||
if (NS_FAILED(rv)) {
|
||||
ReportXFOViolation(curDocShellItem, uri, eSAMEORIGIN);
|
||||
return false; /* wasn't same-origin */
|
||||
}
|
||||
}
|
||||
|
||||
// If the X-Frame-Options value is "allow-from [uri]", then the top
|
||||
// frame in the parent chain must be from that origin
|
||||
if (isAllowFrom) {
|
||||
|
|
|
|||
|
|
@ -3,6 +3,3 @@
|
|||
[`XFO: SAMEORIGIN` blocks cross-origin framing.]
|
||||
expected: FAIL
|
||||
|
||||
[`XFO: SAMEORIGIN` blocks same-origin nested in cross-origin framing.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче