From 5e22e64603318a5ad7a0e4e53df9902e5b3669dd Mon Sep 17 00:00:00 2001 From: Nicholas Nethercote Date: Thu, 15 Aug 2019 05:29:35 +0000 Subject: [PATCH] Bug 1573720 - Convert security.view-source.reachable-from-inner-protocol to a static pref. r=bzbarsky Differential Revision: https://phabricator.services.mozilla.com/D41912 --HG-- extra : moz-landing-system : lando --- caps/nsScriptSecurityManager.cpp | 15 ++------------- modules/libpref/init/StaticPrefList.yaml | 8 ++++++++ modules/libpref/init/all.js | 4 ---- 3 files changed, 10 insertions(+), 17 deletions(-) diff --git a/caps/nsScriptSecurityManager.cpp b/caps/nsScriptSecurityManager.cpp index 59b7d0ec1652..fdf5d5d2a2f0 100644 --- a/caps/nsScriptSecurityManager.cpp +++ b/caps/nsScriptSecurityManager.cpp @@ -676,24 +676,13 @@ nsScriptSecurityManager::CheckLoadURIWithPrincipal(nsIPrincipal* aPrincipal, rv = sourceBaseURI->GetScheme(sourceScheme); if (NS_FAILED(rv)) return rv; - // When comparing schemes, if the relevant pref is set, view-source URIs - // are reachable from same-protocol (so e.g. file: can link to - // view-source:file). This is required for reftests. - static bool sViewSourceReachableFromInner = false; - static bool sCachedViewSourcePref = false; - if (!sCachedViewSourcePref) { - sCachedViewSourcePref = true; - mozilla::Preferences::AddBoolVarCache( - &sViewSourceReachableFromInner, - "security.view-source.reachable-from-inner-protocol"); - } - if (sourceScheme.LowerCaseEqualsLiteral(NS_NULLPRINCIPAL_SCHEME)) { // A null principal can target its own URI. if (sourceURI == aTargetURI) { return NS_OK; } - } else if (sViewSourceReachableFromInner && + } else if (StaticPrefs:: + security_view_source_reachable_from_inner_protocol() && sourceScheme.EqualsIgnoreCase(targetScheme.get()) && aTargetURI->SchemeIs("view-source")) { // exception for foo: linking to view-source:foo for reftests... diff --git a/modules/libpref/init/StaticPrefList.yaml b/modules/libpref/init/StaticPrefList.yaml index 2f487e1b1aec..eb457c55a748 100644 --- a/modules/libpref/init/StaticPrefList.yaml +++ b/modules/libpref/init/StaticPrefList.yaml @@ -6295,6 +6295,14 @@ mirror: always #endif +# When comparing schemes, if this pref is set, view-source URIs are reachable +# from same-protocol (so e.g. file: can link to view-source:file). This is +# required for reftests. +- name: security.view-source.reachable-from-inner-protocol + type: bool + value: false + mirror: always + # Hardware Origin-bound Second Factor Support - name: security.webauth.webauthn type: bool diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js index 28a369097779..3ab2acae0fdf 100755 --- a/modules/libpref/init/all.js +++ b/modules/libpref/init/all.js @@ -2596,10 +2596,6 @@ pref("security.cert_pinning.enforcement_level", 0); // for tests. pref("security.cert_pinning.process_headers_from_non_builtin_roots", false); -// If set to true, allow view-source URIs to be opened from URIs that share -// their protocol with the inner URI of the view-source URI -pref("security.view-source.reachable-from-inner-protocol", false); - // If set to true strict checks will happen on the triggering principal for loads. // Android is disabled at the moment pending Bug 1504968 #if !defined(RELEASE_OR_BETA) && !defined(ANDROID)