mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Backed out changeset d0ed4d075e4d (bug 1804145) for causing Bug 1819096. a=backout

This commit is contained in:
Csoregi Natalia 2023-02-27 21:36:44 +02:00
Родитель 6cbd1f2b83
Коммит 9f14c5b03e
6 изменённых файлов: 101 добавлений и 100 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

6
dom/security/nsCSPParser.cpp
Просмотреть файл

@ -668,7 +668,8 @@ nsCSPBaseSrc* nsCSPParser::sourceExpression() {
// a nsCSPSchemeSrc, but rather a nsCSPHostSrc, which
// needs to know the scheme to enforce; remember the
// scheme and delete cspScheme;
cspScheme->getScheme(parsedScheme);
cspScheme->toString(parsedScheme);
parsedScheme.Trim(":", false, true);
delete cspScheme;
// If mCurToken provides not only a scheme, but also a host, we have to
@ -688,7 +689,6 @@ nsCSPBaseSrc* nsCSPParser::sourceExpression() {
// If mCurToken does not provide a scheme (scheme-less source), we apply the
// scheme from selfURI
bool generatedScheme = false;
if (parsedScheme.IsEmpty()) {
// Resetting internal helpers, because we might already have parsed some of
// the host when trying to parse a scheme.
@ -696,7 +696,6 @@ nsCSPBaseSrc* nsCSPParser::sourceExpression() {
nsAutoCString selfScheme;
mSelfURI->GetScheme(selfScheme);
parsedScheme.AssignASCII(selfScheme.get());
generatedScheme = true;
}
// At this point we are expecting a host to be parsed.
@ -704,7 +703,6 @@ nsCSPBaseSrc* nsCSPParser::sourceExpression() {
if (nsCSPHostSrc* cspHost = hostSource()) {
// Do not forget to set the parsed scheme.
cspHost->setScheme(parsedScheme);
cspHost->setGeneratedScheme(generatedScheme);
cspHost->setWithinFrameAncestorsDir(mParsingFrameAncestorsDir);
return cspHost;
}

14
dom/security/nsCSPUtils.cpp
Просмотреть файл

@ -581,7 +581,11 @@ void nsCSPSchemeSrc::toString(nsAString& outStr) const {
/* ===== nsCSPHostSrc ======================== */
nsCSPHostSrc::nsCSPHostSrc(const nsAString& aHost) : mHost(aHost) {
nsCSPHostSrc::nsCSPHostSrc(const nsAString& aHost)
: mHost(aHost),
mGeneratedFromSelfKeyword(false),
mIsUniqueOrigin(false),
mWithinFrameAncstorsDir(false) {
ToLowerCase(mHost);
}
@ -818,13 +822,11 @@ void nsCSPHostSrc::toString(nsAString& outStr) const {
return;
}
// append scheme if it wasn't generated from the mSelfURI
if (!mGeneratedScheme) {
outStr.Append(mScheme);
outStr.AppendLiteral("://");
}
// append scheme
outStr.Append(mScheme);
// append host
outStr.AppendLiteral("://");
outStr.Append(mHost);
// append port

15
dom/security/nsCSPUtils.h
Просмотреть файл

@ -278,15 +278,13 @@ class nsCSPHostSrc : public nsCSPBaseSrc {
void setPort(const nsAString& aPort);
void appendPath(const nsAString& aPath);
inline void setGeneratedFromSelfKeyword() {
inline void setGeneratedFromSelfKeyword() const {
mGeneratedFromSelfKeyword = true;
}
inline void setGeneratedScheme(bool aValue) { mGeneratedScheme = aValue; }
inline void setIsUniqueOrigin() const { mIsUniqueOrigin = true; }
inline void setIsUniqueOrigin() { mIsUniqueOrigin = true; }
inline void setWithinFrameAncestorsDir(bool aValue) {
inline void setWithinFrameAncestorsDir(bool aValue) const {
mWithinFrameAncstorsDir = aValue;
}
@ -303,10 +301,9 @@ class nsCSPHostSrc : public nsCSPBaseSrc {
nsString mHost;
nsString mPort;
nsString mPath;
bool mGeneratedFromSelfKeyword = false;
bool mGeneratedScheme = false;
bool mIsUniqueOrigin = false;
bool mWithinFrameAncstorsDir = false;
mutable bool mGeneratedFromSelfKeyword;
mutable bool mIsUniqueOrigin;
mutable bool mWithinFrameAncstorsDir;
};
/* =============== nsCSPKeywordSrc ============ */

148
dom/security/test/gtest/TestCSPParser.cpp
Просмотреть файл

@ -181,7 +181,7 @@ TEST(CSPParser, Directives)
static const PolicyTest policies[] = {
// clang-format off
{ "connect-src xn--mnchen-3ya.de",
"connect-src xn--mnchen-3ya.de"},
"connect-src http://xn--mnchen-3ya.de"},
{ "default-src http://www.example.com",
"default-src http://www.example.com" },
{ "script-src http://www.example.com",
@ -287,7 +287,7 @@ TEST(CSPParser, IgnoreUpperLowerCasePolicies)
{ "default-src HTTPS://*.example.COM",
"default-src https://*.example.com" },
{ "script-src 'none' test.com;",
"script-src test.com" },
"script-src http://test.com" },
{ "script-src 'NoNCE-correctscriptnonce'",
"script-src 'nonce-correctscriptnonce'" },
{ "script-src 'NoncE-NONCENEEDSTOBEUPPERCASE'",
@ -423,9 +423,9 @@ TEST(CSPParser, SimplePolicies)
{ "default-src https://*",
"default-src https://*" },
{ "default-src *:*",
"default-src *:*" },
"default-src http://*:*" },
{ "default-src *:80",
"default-src *:80" },
"default-src http://*:80" },
{ "default-src http://*:80",
"default-src http://*:80" },
{ "default-src javascript:",
@ -441,25 +441,25 @@ TEST(CSPParser, SimplePolicies)
{ "media-src http://www.example.com http://www.test.com",
"media-src http://www.example.com http://www.test.com" },
{ "connect-src http://www.test.com example.com *.other.com;",
"connect-src http://www.test.com example.com *.other.com"},
"connect-src http://www.test.com http://example.com http://*.other.com"},
{ "connect-src example.com *.other.com",
"connect-src example.com *.other.com"},
"connect-src http://example.com http://*.other.com"},
{ "style-src *.other.com example.com",
"style-src *.other.com example.com"},
"style-src http://*.other.com http://example.com"},
{ "default-src 'self'; img-src *;",
"default-src 'self'; img-src *" },
{ "object-src media1.example.com media2.example.com *.cdn.example.com;",
"object-src media1.example.com media2.example.com *.cdn.example.com" },
"object-src http://media1.example.com http://media2.example.com http://*.cdn.example.com" },
{ "script-src trustedscripts.example.com",
"script-src trustedscripts.example.com" },
"script-src http://trustedscripts.example.com" },
{ "script-src 'self' ; default-src trustedscripts.example.com",
"script-src 'self'; default-src trustedscripts.example.com" },
"script-src 'self'; default-src http://trustedscripts.example.com" },
{ "default-src 'none'; report-uri http://localhost:49938/test",
"default-src 'none'; report-uri http://localhost:49938/test" },
{ " ; default-src abc",
"default-src abc" },
"default-src http://abc" },
{ " ; ; ; ; default-src abc ; ; ; ;",
"default-src abc" },
"default-src http://abc" },
{ "script-src 'none' 'none' 'none';",
"script-src 'none'" },
{ "script-src http://www.example.com/path-1//",
@ -467,13 +467,13 @@ TEST(CSPParser, SimplePolicies)
{ "script-src http://www.example.com/path-1//path_2",
"script-src http://www.example.com/path-1//path_2" },
{ "default-src 127.0.0.1",
"default-src 127.0.0.1" },
"default-src http://127.0.0.1" },
{ "default-src 127.0.0.1:*",
"default-src 127.0.0.1:*" },
"default-src http://127.0.0.1:*" },
{ "default-src -; ",
"default-src -" },
"default-src http://-" },
{ "script-src 1",
"script-src 1" },
"script-src http://1" },
{ "upgrade-insecure-requests",
"upgrade-insecure-requests" },
{ "upgrade-insecure-requests https:",
@ -496,7 +496,7 @@ TEST(CSPParser, PoliciesWithInvalidSrc)
{ "script-src 'self'; SCRIPT-SRC http://www.example.com",
"script-src 'self'" },
{ "script-src 'none' test.com; script-src example.com",
"script-src test.com" },
"script-src http://test.com" },
{ "default-src **",
"default-src 'none'" },
{ "default-src 'self",
@ -617,31 +617,31 @@ TEST(CSPParser, GoodGeneratedPolicies)
{ "img-src *",
"img-src *" },
{ "media-src foo.bar",
"media-src foo.bar" },
"media-src http://foo.bar" },
{ "frame-src *.bar",
"frame-src *.bar" },
"frame-src http://*.bar" },
{ "font-src com",
"font-src com" },
"font-src http://com" },
{ "connect-src f00b4r.com",
"connect-src f00b4r.com" },
"connect-src http://f00b4r.com" },
{ "script-src *.a.b.c",
"script-src *.a.b.c" },
"script-src http://*.a.b.c" },
{ "object-src *.b.c",
"object-src *.b.c" },
"object-src http://*.b.c" },
{ "style-src a.b.c",
"style-src a.b.c" },
"style-src http://a.b.c" },
{ "img-src a.com",
"img-src a.com" },
"img-src http://a.com" },
{ "media-src http://abc.com",
"media-src http://abc.com" },
{ "frame-src a2-c.com",
"frame-src a2-c.com" },
"frame-src http://a2-c.com" },
{ "font-src https://a.com",
"font-src https://a.com" },
{ "connect-src *.a.com",
"connect-src *.a.com" },
"connect-src http://*.a.com" },
{ "default-src a.com:23",
"default-src a.com:23" },
"default-src http://a.com:23" },
{ "script-src https://a.com:200",
"script-src https://a.com:200" },
{ "object-src data:",
@ -661,7 +661,7 @@ TEST(CSPParser, GoodGeneratedPolicies)
{ "style-src 'none'",
"style-src 'none'" },
{ "img-src foo.bar:21 https://ras.bar",
"img-src foo.bar:21 https://ras.bar" },
"img-src http://foo.bar:21 https://ras.bar" },
{ "media-src http://foo.bar:21 https://ras.bar:443",
"media-src http://foo.bar:21 https://ras.bar:443" },
{ "frame-src http://self.com:80",
@ -673,7 +673,7 @@ TEST(CSPParser, GoodGeneratedPolicies)
{ "default-src * https://bar.com 'none'",
"default-src * https://bar.com" },
{ "script-src *.foo.com",
"script-src *.foo.com" },
"script-src http://*.foo.com" },
{ "object-src http://b.com",
"object-src http://b.com" },
{ "style-src http://bar.com:88",
@ -701,7 +701,7 @@ TEST(CSPParser, GoodGeneratedPolicies)
{ "script-src https://foo.com; ",
"script-src https://foo.com" },
{ "img-src bar.com:*",
"img-src bar.com:*" },
"img-src http://bar.com:*" },
{ "font-src https://foo.com:400",
"font-src https://foo.com:400" },
{ "connect-src http://bar.com:400",
@ -711,7 +711,7 @@ TEST(CSPParser, GoodGeneratedPolicies)
{ "script-src https://evil.com:100",
"script-src https://evil.com:100" },
{ "default-src bar.com; script-src https://foo.com",
"default-src bar.com; script-src https://foo.com" },
"default-src http://bar.com; script-src https://foo.com" },
{ "default-src 'self'; script-src 'self' https://*:*",
"default-src 'self'; script-src 'self' https://*:*" },
{ "img-src http://self.com:34",
@ -749,7 +749,7 @@ TEST(CSPParser, GoodGeneratedPolicies)
{ "img-src http://foo.org:34/report.py",
"img-src http://foo.org:34/report.py" },
{ "media-src foo/bar/report.py",
"media-src foo/bar/report.py" },
"media-src http://foo/bar/report.py" },
{ "report-uri /",
"report-uri http://www.selfuri.com/"},
{ "font-src https://self.com/report.py",
@ -769,7 +769,7 @@ TEST(CSPParser, GoodGeneratedPolicies)
{ "img-src http://foobar.com:4443",
"img-src http://foobar.com:4443" },
{ "media-src bar.com",
"media-src bar.com" },
"media-src http://bar.com" },
{ "frame-src http://bar.com",
"frame-src http://bar.com" },
{ "font-src http://self.com/",
@ -785,9 +785,9 @@ TEST(CSPParser, GoodGeneratedPolicies)
{ "style-src http://FOO.COM",
"style-src http://foo.com" },
{ "img-src HTTP",
"img-src http" },
"img-src http://http" },
{ "media-src http",
"media-src http" },
"media-src http://http" },
{ "frame-src 'SELF'",
"frame-src 'self'" },
{ "DEFAULT-src 'self';",
@ -799,11 +799,11 @@ TEST(CSPParser, GoodGeneratedPolicies)
{ "default-src 'NONE'",
"default-src 'none'" },
{ "script-src policy-uri ",
"script-src policy-uri" },
"script-src http://policy-uri" },
{ "img-src 'self'; ",
"img-src 'self'" },
{ "frame-ancestors foo-bar.com",
"frame-ancestors foo-bar.com" },
"frame-ancestors http://foo-bar.com" },
{ "frame-ancestors http://a.com",
"frame-ancestors http://a.com" },
{ "frame-ancestors 'self'",
@ -890,77 +890,77 @@ TEST(CSPParser, GoodGeneratedPoliciesForPathHandling)
{ "img-src http://test1.example.com/path-1/path_2/f.oo.js",
"img-src http://test1.example.com/path-1/path_2/f.oo.js" },
{ "img-src test1.example.com",
"img-src test1.example.com" },
"img-src http://test1.example.com" },
{ "img-src test1.example.com/",
"img-src test1.example.com/" },
"img-src http://test1.example.com/" },
{ "img-src test1.example.com/path-1",
"img-src test1.example.com/path-1" },
"img-src http://test1.example.com/path-1" },
{ "img-src test1.example.com/path-1/",
"img-src test1.example.com/path-1/" },
"img-src http://test1.example.com/path-1/" },
{ "img-src test1.example.com/path-1/path_2/",
"img-src test1.example.com/path-1/path_2/" },
"img-src http://test1.example.com/path-1/path_2/" },
{ "img-src test1.example.com/path-1/path_2/file.js",
"img-src test1.example.com/path-1/path_2/file.js" },
"img-src http://test1.example.com/path-1/path_2/file.js" },
{ "img-src test1.example.com/path-1/path_2/file_1.js",
"img-src test1.example.com/path-1/path_2/file_1.js" },
"img-src http://test1.example.com/path-1/path_2/file_1.js" },
{ "img-src test1.example.com/path-1/path_2/file-2.js",
"img-src test1.example.com/path-1/path_2/file-2.js" },
"img-src http://test1.example.com/path-1/path_2/file-2.js" },
{ "img-src test1.example.com/path-1/path_2/f.js",
"img-src test1.example.com/path-1/path_2/f.js" },
"img-src http://test1.example.com/path-1/path_2/f.js" },
{ "img-src test1.example.com/path-1/path_2/f.oo.js",
"img-src test1.example.com/path-1/path_2/f.oo.js" },
"img-src http://test1.example.com/path-1/path_2/f.oo.js" },
{ "img-src *.example.com",
"img-src *.example.com" },
"img-src http://*.example.com" },
{ "img-src *.example.com/",
"img-src *.example.com/" },
"img-src http://*.example.com/" },
{ "img-src *.example.com/path-1",
"img-src *.example.com/path-1" },
"img-src http://*.example.com/path-1" },
{ "img-src *.example.com/path-1/",
"img-src *.example.com/path-1/" },
"img-src http://*.example.com/path-1/" },
{ "img-src *.example.com/path-1/path_2/",
"img-src *.example.com/path-1/path_2/" },
"img-src http://*.example.com/path-1/path_2/" },
{ "img-src *.example.com/path-1/path_2/file.js",
"img-src *.example.com/path-1/path_2/file.js" },
"img-src http://*.example.com/path-1/path_2/file.js" },
{ "img-src *.example.com/path-1/path_2/file_1.js",
"img-src *.example.com/path-1/path_2/file_1.js" },
"img-src http://*.example.com/path-1/path_2/file_1.js" },
{ "img-src *.example.com/path-1/path_2/file-2.js",
"img-src *.example.com/path-1/path_2/file-2.js" },
"img-src http://*.example.com/path-1/path_2/file-2.js" },
{ "img-src *.example.com/path-1/path_2/f.js",
"img-src *.example.com/path-1/path_2/f.js" },
"img-src http://*.example.com/path-1/path_2/f.js" },
{ "img-src *.example.com/path-1/path_2/f.oo.js",
"img-src *.example.com/path-1/path_2/f.oo.js" },
"img-src http://*.example.com/path-1/path_2/f.oo.js" },
{ "img-src test1.example.com:80",
"img-src test1.example.com:80" },
"img-src http://test1.example.com:80" },
{ "img-src test1.example.com:80/",
"img-src test1.example.com:80/" },
"img-src http://test1.example.com:80/" },
{ "img-src test1.example.com:80/path-1",
"img-src test1.example.com:80/path-1" },
"img-src http://test1.example.com:80/path-1" },
{ "img-src test1.example.com:80/path-1/",
"img-src test1.example.com:80/path-1/" },
"img-src http://test1.example.com:80/path-1/" },
{ "img-src test1.example.com:80/path-1/path_2",
"img-src test1.example.com:80/path-1/path_2" },
"img-src http://test1.example.com:80/path-1/path_2" },
{ "img-src test1.example.com:80/path-1/path_2/",
"img-src test1.example.com:80/path-1/path_2/" },
"img-src http://test1.example.com:80/path-1/path_2/" },
{ "img-src test1.example.com:80/path-1/path_2/file.js",
"img-src test1.example.com:80/path-1/path_2/file.js" },
"img-src http://test1.example.com:80/path-1/path_2/file.js" },
{ "img-src test1.example.com:80/path-1/path_2/f.ile.js",
"img-src test1.example.com:80/path-1/path_2/f.ile.js" },
"img-src http://test1.example.com:80/path-1/path_2/f.ile.js" },
{ "img-src test1.example.com:*",
"img-src test1.example.com:*" },
"img-src http://test1.example.com:*" },
{ "img-src test1.example.com:*/",
"img-src test1.example.com:*/" },
"img-src http://test1.example.com:*/" },
{ "img-src test1.example.com:*/path-1",
"img-src test1.example.com:*/path-1" },
"img-src http://test1.example.com:*/path-1" },
{ "img-src test1.example.com:*/path-1/",
"img-src test1.example.com:*/path-1/" },
"img-src http://test1.example.com:*/path-1/" },
{ "img-src test1.example.com:*/path-1/path_2",
"img-src test1.example.com:*/path-1/path_2" },
"img-src http://test1.example.com:*/path-1/path_2" },
{ "img-src test1.example.com:*/path-1/path_2/",
"img-src test1.example.com:*/path-1/path_2/" },
"img-src http://test1.example.com:*/path-1/path_2/" },
{ "img-src test1.example.com:*/path-1/path_2/file.js",
"img-src test1.example.com:*/path-1/path_2/file.js" },
"img-src http://test1.example.com:*/path-1/path_2/file.js" },
{ "img-src test1.example.com:*/path-1/path_2/f.ile.js",
"img-src test1.example.com:*/path-1/path_2/f.ile.js" },
"img-src http://test1.example.com:*/path-1/path_2/f.ile.js" },
{ "img-src http://test1.example.com/abc//",
"img-src http://test1.example.com/abc//" },
{ "img-src https://test1.example.com/abc/def//",

10
toolkit/components/extensions/test/xpcshell/test_ext_dnr_modifyHeaders.js
Просмотреть файл

@ -710,13 +710,17 @@ add_task(async function responseHeaders_set_content_security_policy_header() {
yes: { url: "http://yes/csptest", violatedCSP: [] },
maybe: {
url: "http://maybe/csptest",
violatedCSP: ["connect-src 2-of-2 http://yes"],
violatedCSP: [
// Note: "http://" is before 2-of-2 due to bug 1804145.
"connect-src http://2-of-2 http://yes",
],
},
no: {
url: "http://no/csptest",
violatedCSP: [
"connect-src 1-of-2 http://yes http://maybe",
"connect-src 2-of-2 http://yes",
// Note: "http://" is before 1-of-2 and 2-of-2 due to bug 1804145.
"connect-src http://1-of-2 http://yes http://maybe",
"connect-src http://2-of-2 http://yes",
],
},
},

8
toolkit/components/extensions/test/xpcshell/test_ext_webRequest_mergecsp.js
Просмотреть файл

@ -387,7 +387,7 @@ add_task(async function test_remove_and_replace_csp_mv3() {
script3_loaded: true,
cspJSON: [
{ "img-src": ["'self'"], "report-only": false },
{ "img-src": ["example.com"], "report-only": false },
{ "img-src": ["http://example.com"], "report-only": false },
],
},
ext1_data: extMV3Data,
@ -408,7 +408,7 @@ add_task(async function test_remove_and_replace_csp_mv3() {
script3_loaded: false,
cspJSON: [
{ "default-src": ["'none'"], "report-only": false },
{ "img-src": ["example.com"], "report-only": false },
{ "img-src": ["http://example.com"], "report-only": false },
],
},
ext1_data: extMV3Data,
@ -430,7 +430,7 @@ add_task(async function test_remove_and_replace_csp_mv3() {
script3_loaded: false,
cspJSON: [
{ "default-src": ["'none'"], "report-only": false },
{ "img-src": ["example.com"], "report-only": false },
{ "img-src": ["http://example.com"], "report-only": false },
],
},
ext1_data: extMV3Data,
@ -452,7 +452,7 @@ add_task(async function test_remove_and_replace_csp_mv3() {
script3_loaded: false,
cspJSON: [
{ "default-src": ["'none'"], "report-only": false },
{ "img-src": ["example.com"], "report-only": false },
{ "img-src": ["http://example.com"], "report-only": false },
],
},
ext1_data: extMV3Data,