diff --git a/dom/base/nsContentUtils.cpp b/dom/base/nsContentUtils.cpp
index 0251d8251de5..f59e34efa712 100644
--- a/dom/base/nsContentUtils.cpp
+++ b/dom/base/nsContentUtils.cpp
@@ -1241,36 +1241,18 @@ nsContentUtils::GetParserService()
return sParserService;
}
-static nsIAtom** sSandboxFlagAttrs[] = {
- &nsGkAtoms::allowsameorigin, // SANDBOXED_ORIGIN
- &nsGkAtoms::allowforms, // SANDBOXED_FORMS
- &nsGkAtoms::allowscripts, // SANDBOXED_SCRIPTS | SANDBOXED_AUTOMATIC_FEATURES
- &nsGkAtoms::allowtopnavigation, // SANDBOXED_TOPLEVEL_NAVIGATION
- &nsGkAtoms::allowpointerlock, // SANDBOXED_POINTER_LOCK
- &nsGkAtoms::allowpopups // SANDBOXED_AUXILIARY_NAVIGATION
-};
-
-static const uint32_t sSandboxFlagValues[] = {
- SANDBOXED_ORIGIN, // allow-same-origin
- SANDBOXED_FORMS, // allow-forms
- SANDBOXED_SCRIPTS | SANDBOXED_AUTOMATIC_FEATURES, // allow-scripts
- SANDBOXED_TOPLEVEL_NAVIGATION, // allow-top-navigation
- SANDBOXED_POINTER_LOCK, // allow-pointer-lock
- SANDBOXED_AUXILIARY_NAVIGATION // allow-popups
-};
-
/**
* A helper function that parses a sandbox attribute (of an
-
-
-
-
diff --git a/dom/interfaces/security/nsIContentSecurityPolicy.idl b/dom/interfaces/security/nsIContentSecurityPolicy.idl
index 703e4237fbfd..ab017c86dfbb 100644
--- a/dom/interfaces/security/nsIContentSecurityPolicy.idl
+++ b/dom/interfaces/security/nsIContentSecurityPolicy.idl
@@ -20,7 +20,7 @@ interface nsIURI;
typedef unsigned short CSPDirective;
-[scriptable, uuid(9454a677-5342-4220-8154-e619410e07e7)]
+[scriptable, uuid(68434447-b816-4473-a731-efc4f6d59902)]
interface nsIContentSecurityPolicy : nsISerializable
{
/**
@@ -48,7 +48,6 @@ interface nsIContentSecurityPolicy : nsISerializable
const unsigned short BASE_URI_DIRECTIVE = 13;
const unsigned short FORM_ACTION_DIRECTIVE = 14;
const unsigned short REFERRER_DIRECTIVE = 15;
- const unsigned short SANDBOX_DIRECTIVE = 16;
/**
* Accessor method for a read-only string version of the policy at a given
@@ -263,17 +262,6 @@ interface nsIContentSecurityPolicy : nsISerializable
*/
boolean permits(in nsIURI aURI, in CSPDirective aDir, in boolean aSpecific);
- /**
- * Delegate method called by the service when the protected document is loaded.
- * Returns the intersection of all the sandbox flags contained in
- * CSP policies. This is the most restricting sandbox policy.
- * See nsSandboxFlags.h for the possible flags.
- *
- * @return
- * sandbox flags or SANDBOXED_NONE if no sandbox directive exists
- */
- uint32_t getCSPSandboxFlags();
-
/**
* Delegate method called by the service when sub-elements of the protected
* document are being loaded. Given a bit of information about the request,
diff --git a/dom/locales/en-US/chrome/security/csp.properties b/dom/locales/en-US/chrome/security/csp.properties
index 799f6c0c5699..35800705053a 100644
--- a/dom/locales/en-US/chrome/security/csp.properties
+++ b/dom/locales/en-US/chrome/security/csp.properties
@@ -50,9 +50,6 @@ scriptFromStringBlocked = An attempt to call JavaScript from a string (by callin
# LOCALIZATION NOTE (hostNameMightBeKeyword):
# %1$S is the hostname in question and %2$S is the keyword
hostNameMightBeKeyword = Interpreting %1$S as a hostname, not a keyword. If you intended this to be a keyword, use '%2$S' (wrapped in single quotes).
-# LOCALIZATION NOTE (ignoringReportOnlyDirective):
-# %1$S is the directive that is ignore in report-only mode.
-ignoringReportOnlyDirective = Ignoring sandbox directive when delivered in a report-only policy '%1$S'.
# LOCALIZATION NOTE (notSupportingDirective):
# directive is not supported (e.g. 'reflected-xss')
notSupportingDirective = Not supporting directive '%1$S'. Directive and values will be ignored.
@@ -73,6 +70,3 @@ couldntParsePort = Couldn't parse port in %1$S
# LOCALIZATION NOTE (duplicateDirective):
# %1$S is the name of the duplicate directive
duplicateDirective = Duplicate %1$S directives detected. All but the first instance will be ignored.
-# LOCALIZATION NOTE (couldntParseInvalidSandboxFlag):
-# %1$S is the option that could not be understood
-couldntParseInvalidSandboxFlag = Couldn't parse invalid sandbox flag %1$S
diff --git a/dom/security/nsCSPContext.cpp b/dom/security/nsCSPContext.cpp
index d7a43dcda6a8..1fa9aa9653b3 100644
--- a/dom/security/nsCSPContext.cpp
+++ b/dom/security/nsCSPContext.cpp
@@ -37,7 +37,6 @@
#include "prlog.h"
#include "mozilla/dom/CSPReportBinding.h"
#include "mozilla/net/ReferrerPolicy.h"
-#include "nsSandboxFlags.h"
using namespace mozilla;
@@ -1187,49 +1186,6 @@ nsCSPContext::Permits(nsIURI* aURI,
return NS_OK;
}
-NS_IMETHODIMP
-nsCSPContext::GetCSPSandboxFlags(uint32_t* aOutSandboxFlags)
-{
- if (aOutSandboxFlags == nullptr) {
- return NS_ERROR_FAILURE;
- }
- *aOutSandboxFlags = SANDBOXED_NONE;
-
- for (uint32_t i = 0; i < mPolicies.Length(); i++) {
- uint32_t flags = mPolicies[i]->getSandboxFlags();
-
- // current policy doesn't have sandbox flag, check next policy
- if (!flags) {
- continue;
- }
-
- // current policy has sandbox flags, if the policy is in
- // enforcement-mode (i.e., not report-only) set these flags
- // and check for policies with more restrictions
- if (!mPolicies[i]->getReportOnlyFlag()) {
- *aOutSandboxFlags |= flags;
- } else {
- // sandbox directive is ignored in report-only mode, warn about
- // it and continue the loop checking for an enforcement-mode policy
- nsAutoString policy;
- mPolicies[i]->toString(policy);
-
- CSPCONTEXTLOG(("nsCSPContext::ShouldSandbox, report only policy, ignoring sandbox in: %s",
- policy.get()));
-
- const char16_t* params[] = { policy.get() };
- CSP_LogLocalizedStr(MOZ_UTF16("ignoringReportOnlyDirective"),
- params, ArrayLength(params),
- EmptyString(),
- EmptyString(),
- 0, 0,
- nsIScriptError::warningFlag,
- "CSP", mInnerWindowID);
- }
- }
- return NS_OK;
-}
-
/* ========== CSPViolationReportListener implementation ========== */
NS_IMPL_ISUPPORTS(CSPViolationReportListener, nsIStreamListener, nsIRequestObserver, nsISupports);
diff --git a/dom/security/nsCSPParser.cpp b/dom/security/nsCSPParser.cpp
index 7cb8c7ceb33d..7bb76d2b6ac7 100644
--- a/dom/security/nsCSPParser.cpp
+++ b/dom/security/nsCSPParser.cpp
@@ -15,7 +15,6 @@
#include "nsServiceManagerUtils.h"
#include "nsUnicharUtils.h"
#include "mozilla/net/ReferrerPolicy.h"
-#include "nsContentUtils.h"
using namespace mozilla;
@@ -913,39 +912,6 @@ nsCSPParser::reportURIList(nsTArray& outSrcs)
}
}
-/* Helper function for parsing sandbox flags. This function solely
- * concatenates all the source list tokens (the sandbox flags) so the
- * attribute parser (nsContentUtils::ParseSandboxAttributeToFlags) can
- * use them.
- */
-void
-nsCSPParser::sandboxFlagList(nsTArray& outSrcs)
-{
- nsAutoString flags;
-
- // remember, srcs start at index 1
- for (uint32_t i = 1; i < mCurDir.Length(); i++) {
- mCurToken = mCurDir[i];
-
- CSPPARSERLOG(("nsCSPParser::sandboxFlagList, mCurToken: %s, mCurValue: %s",
- NS_ConvertUTF16toUTF8(mCurToken).get(),
- NS_ConvertUTF16toUTF8(mCurValue).get()));
-
- if (!nsContentUtils::IsValidSandboxFlag(mCurToken)) {
- const char16_t* params[] = { mCurToken.get() };
- logWarningErrorToConsole(nsIScriptError::warningFlag, "couldntParseInvalidSandboxFlag",
- params, ArrayLength(params));
- continue;
- }
- flags.Append(mCurToken);
- if (i != mCurDir.Length() - 1) {
- flags.AppendASCII(" ");
- }
- }
- nsCSPSandboxFlags* sandboxFlags = new nsCSPSandboxFlags(flags);
- outSrcs.AppendElement(sandboxFlags);
-}
-
// directive-value = *( WSP / )
void
nsCSPParser::directiveValue(nsTArray& outSrcs)
@@ -967,13 +933,6 @@ nsCSPParser::directiveValue(nsTArray& outSrcs)
return;
}
- // For the sandbox flag the source list is a list of flags, so we're
- // special casing this directive
- if (CSP_IsDirective(mCurDir[0], nsIContentSecurityPolicy::SANDBOX_DIRECTIVE)) {
- sandboxFlagList(outSrcs);
- return;
- }
-
// Otherwise just forward to sourceList
sourceList(outSrcs);
}
diff --git a/dom/security/nsCSPParser.h b/dom/security/nsCSPParser.h
index 6d3fffcb9a66..ab30ce26c7cc 100644
--- a/dom/security/nsCSPParser.h
+++ b/dom/security/nsCSPParser.h
@@ -128,15 +128,14 @@ class nsCSPParser {
bool port();
bool path(nsCSPHostSrc* aCspHost);
- bool subHost(); // helper function to parse subDomains
- bool atValidUnreservedChar(); // helper function to parse unreserved
- bool atValidSubDelimChar(); // helper function to parse sub-delims
- bool atValidPctEncodedChar(); // helper function to parse pct-encoded
- bool subPath(nsCSPHostSrc* aCspHost); // helper function to parse paths
- void reportURIList(nsTArray& outSrcs); // helper function to parse report-uris
- void percentDecodeStr(const nsAString& aEncStr, // helper function to percent-decode
+ bool subHost(); // helper function to parse subDomains
+ bool atValidUnreservedChar(); // helper function to parse unreserved
+ bool atValidSubDelimChar(); // helper function to parse sub-delims
+ bool atValidPctEncodedChar(); // helper function to parse pct-encoded
+ bool subPath(nsCSPHostSrc* aCspHost); // helper function to parse paths
+ void reportURIList(nsTArray& outSrcs); // helper function to parse report-uris
+ void percentDecodeStr(const nsAString& aEncStr, // helper function to percent-decode
nsAString& outDecStr);
- void sandboxFlagList(nsTArray& outSrcs); // helper function to parse sandbox flags
inline bool atEnd()
{
diff --git a/dom/security/nsCSPUtils.cpp b/dom/security/nsCSPUtils.cpp
index 787ec305fe88..3727f582b2d7 100644
--- a/dom/security/nsCSPUtils.cpp
+++ b/dom/security/nsCSPUtils.cpp
@@ -12,9 +12,6 @@
#include "nsIStringBundle.h"
#include "nsNetUtil.h"
#include "nsReadableUtils.h"
-#include "nsContentUtils.h"
-#include "nsAttrValue.h"
-#include "nsSandboxFlags.h"
#if defined(PR_LOGGING)
static PRLogModuleInfo*
@@ -675,23 +672,6 @@ nsCSPReportURI::toString(nsAString& outStr) const
outStr.AppendASCII(spec.get());
}
-/* ===== nsCSPSandboxFlags ===================== */
-
-nsCSPSandboxFlags::nsCSPSandboxFlags(const nsAString& aFlags)
- : mFlags(aFlags)
-{
-}
-
-nsCSPSandboxFlags::~nsCSPSandboxFlags()
-{
-}
-
-void
-nsCSPSandboxFlags::toString(nsAString& outStr) const
-{
- outStr.Append(mFlags);
-}
-
/* ===== nsCSPDirective ====================== */
nsCSPDirective::nsCSPDirective(CSPDirective aDirective)
@@ -994,26 +974,3 @@ nsCSPPolicy::getReportURIs(nsTArray& outReportURIs) const
}
}
}
-
-/*
- * Helper function that returns the underlying bit representation of
- * sandbox flags. The function returns SANDBOXED_NONE if there is no
- * sandbox directives.
- */
-uint32_t
-nsCSPPolicy::getSandboxFlags() const
-{
- nsAutoString flags;
- for (uint32_t i = 0; i < mDirectives.Length(); i++) {
- if (mDirectives[i]->equals(nsIContentSecurityPolicy::SANDBOX_DIRECTIVE)) {
- flags.Truncate();
- mDirectives[i]->toString(flags);
-
- nsAttrValue attr;
- attr.ParseAtomArray(flags);
-
- return nsContentUtils::ParseSandboxAttributeToFlags(&attr);
- }
- }
- return SANDBOXED_NONE;
-}
diff --git a/dom/security/nsCSPUtils.h b/dom/security/nsCSPUtils.h
index a7c91879113f..ed5e90c0fa50 100644
--- a/dom/security/nsCSPUtils.h
+++ b/dom/security/nsCSPUtils.h
@@ -74,8 +74,7 @@ static const char* CSPStrDirectives[] = {
"reflected-xss", // REFLECTED_XSS_DIRECTIVE
"base-uri", // BASE_URI_DIRECTIVE
"form-action", // FORM_ACTION_DIRECTIVE
- "referrer", // REFERRER_DIRECTIVE
- "sandbox", // SANDBOX_DIRECTIVE
+ "referrer" // REFERRER_DIRECTIVE
};
inline const char* CSP_CSPDirectiveToString(CSPDirective aDir)
@@ -269,19 +268,6 @@ class nsCSPReportURI : public nsCSPBaseSrc {
nsCOMPtr mReportURI;
};
-/* =============== nsCSPSandboxFlag ============ */
-
-class nsCSPSandboxFlags : public nsCSPBaseSrc {
- public:
- explicit nsCSPSandboxFlags(const nsAString& aFlags);
- virtual ~nsCSPSandboxFlags();
-
- void toString(nsAString& outStr) const;
-
- private:
- nsString mFlags;
-};
-
/* =============== nsCSPDirective ============= */
class nsCSPDirective {
@@ -363,8 +349,6 @@ class nsCSPPolicy {
inline uint32_t getNumDirectives() const
{ return mDirectives.Length(); }
- uint32_t getSandboxFlags() const;
-
private:
nsTArray mDirectives;
bool mReportOnly;
diff --git a/dom/webidl/Document.webidl b/dom/webidl/Document.webidl
index 2adf7c98e742..f698c832b55d 100644
--- a/dom/webidl/Document.webidl
+++ b/dom/webidl/Document.webidl
@@ -354,12 +354,6 @@ partial interface Document {
partial interface Document {
[ChromeOnly] readonly attribute boolean isSrcdocDocument;
};
-// Extension to give chrome JS the ability to get the underlying
-// sandbox flag attribute
-partial interface Document {
- [ChromeOnly] readonly attribute DOMString? sandboxFlagsAsString;
-};
-
/**
* Chrome document anonymous content management.