mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Backed out 4 changesets (bug 671389) for frequent B2G debug test_tcpsocket_client_and_server_basics.html crashes. 

Backed out changeset b782435e5640 (bug 671389)
Backed out changeset 0f8d62109bfe (bug 671389)
Backed out changeset 8d6021f66c49 (bug 671389)
Backed out changeset cd3e227df9dc (bug 671389)
This commit is contained in:
Ryan VanderMeulen 2015-02-05 16:48:18 -05:00
Родитель 9bdcbebafe
Коммит b83ba6b825
43 изменённых файлов: 65 добавлений и 1138 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

97
dom/base/nsContentUtils.cpp
Просмотреть файл

@ -1241,36 +1241,18 @@ nsContentUtils::GetParserService()
return sParserService;
}
static nsIAtom** sSandboxFlagAttrs[] = {
&nsGkAtoms::allowsameorigin, // SANDBOXED_ORIGIN
&nsGkAtoms::allowforms, // SANDBOXED_FORMS
&nsGkAtoms::allowscripts, // SANDBOXED_SCRIPTS | SANDBOXED_AUTOMATIC_FEATURES
&nsGkAtoms::allowtopnavigation, // SANDBOXED_TOPLEVEL_NAVIGATION
&nsGkAtoms::allowpointerlock, // SANDBOXED_POINTER_LOCK
&nsGkAtoms::allowpopups // SANDBOXED_AUXILIARY_NAVIGATION
};
static const uint32_t sSandboxFlagValues[] = {
SANDBOXED_ORIGIN, // allow-same-origin
SANDBOXED_FORMS, // allow-forms
SANDBOXED_SCRIPTS | SANDBOXED_AUTOMATIC_FEATURES, // allow-scripts
SANDBOXED_TOPLEVEL_NAVIGATION, // allow-top-navigation
SANDBOXED_POINTER_LOCK, // allow-pointer-lock
SANDBOXED_AUXILIARY_NAVIGATION // allow-popups
};
/**
* A helper function that parses a sandbox attribute (of an <iframe> or
* a CSP directive) and converts it to the set of flags used internally.
*
* @param aSandboxAttr the sandbox attribute
* @return the set of flags (SANDBOXED_NONE if aSandboxAttr is null)
* @param sandboxAttr the sandbox attribute
* @return the set of flags (0 if sandboxAttr is null)
*/
uint32_t
nsContentUtils::ParseSandboxAttributeToFlags(const nsAttrValue* aSandboxAttr)
nsContentUtils::ParseSandboxAttributeToFlags(const nsAttrValue* sandboxAttr)
{
// No sandbox attribute, no sandbox flags.
if (!aSandboxAttr) { return SANDBOXED_NONE; }
if (!sandboxAttr) { return 0; }
// Start off by setting all the restriction flags.
uint32_t out = SANDBOXED_NAVIGATION
@ -1284,70 +1266,19 @@ nsContentUtils::ParseSandboxAttributeToFlags(const nsAttrValue* aSandboxAttr)
| SANDBOXED_POINTER_LOCK
| SANDBOXED_DOMAIN;
MOZ_ASSERT(ArrayLength(sSandboxFlagAttrs) == ArrayLength(sSandboxFlagValues),
"Lengths of SandboxFlagAttrs and SandboxFlagvalues do not match");
// Macro for updating the flag according to the keywords
#define IF_KEYWORD(atom, flags) \
if (sandboxAttr->Contains(nsGkAtoms::atom, eIgnoreCase)) { out &= ~(flags); }
// For each flag: if it's in the attribute, update the (out) flag
for (uint32_t i = 0; i < ArrayLength(sSandboxFlagAttrs); i++) {
if (aSandboxAttr->Contains(*sSandboxFlagAttrs[i], eIgnoreCase)) {
out &= ~(sSandboxFlagValues[i]);
}
}
IF_KEYWORD(allowsameorigin, SANDBOXED_ORIGIN)
IF_KEYWORD(allowforms, SANDBOXED_FORMS)
IF_KEYWORD(allowscripts, SANDBOXED_SCRIPTS | SANDBOXED_AUTOMATIC_FEATURES)
IF_KEYWORD(allowtopnavigation, SANDBOXED_TOPLEVEL_NAVIGATION)
IF_KEYWORD(allowpointerlock, SANDBOXED_POINTER_LOCK)
IF_KEYWORD(allowpopups, SANDBOXED_AUXILIARY_NAVIGATION)
return out;
}
/**
* A helper function that checks if a string matches (case-insensitive) a valid
* sandbox flag.
*
* @param aFlag the potential sandbox flag
* @return true if the flag is a sandbox flag
*/
bool
nsContentUtils::IsValidSandboxFlag(const nsAString& aFlag)
{
for (uint32_t i = 0; i < ArrayLength(sSandboxFlagAttrs); i++) {
if (EqualsIgnoreASCIICase(nsDependentAtomString(*sSandboxFlagAttrs[i]), aFlag)) {
return true;
}
}
return false;
}
/**
* A helper function that returns a string attribute corresponding to the
* sandbox flags.
*
* @param aFlags the sandbox flags
* @param aString the attribute corresponding to the flags (null if flags is 0)
*/
void
nsContentUtils::SandboxFlagsToString(uint32_t aFlags, nsAString& aString)
{
if (!aFlags) {
SetDOMStringToNull(aString);
return;
}
aString.Truncate();
// Macro for updating the string according to set flags
#define IF_FLAG(flag, atom) \
if (!(aFlags & flag)) { \
if (!aString.IsEmpty()) { \
aString.Append(NS_LITERAL_STRING(" ")); \
} \
aString.Append(nsDependentAtomString(nsGkAtoms::atom)); \
}
IF_FLAG(SANDBOXED_ORIGIN, allowsameorigin)
IF_FLAG(SANDBOXED_FORMS, allowforms)
IF_FLAG(SANDBOXED_SCRIPTS, allowscripts)
IF_FLAG(SANDBOXED_TOPLEVEL_NAVIGATION, allowtopnavigation)
IF_FLAG(SANDBOXED_POINTER_LOCK, allowpointerlock)
IF_FLAG(SANDBOXED_AUXILIARY_NAVIGATION, allowpopups)
#undef IF_FLAG
#undef IF_KEYWORD
}
nsIBidiKeyboard*

23
dom/base/nsContentUtils.h
Просмотреть файл

@ -832,28 +832,11 @@ public:
* A helper function that parses a sandbox attribute (of an <iframe> or
* a CSP directive) and converts it to the set of flags used internally.
*
* @param aSandboxAttr the sandbox attribute
* @return the set of flags (SANDBOXED_NONE if aSandboxAttr is null)
* @param sandboxAttr the sandbox attribute
* @return the set of flags (0 if sandboxAttr is null)
*/
static uint32_t ParseSandboxAttributeToFlags(const nsAttrValue* aSandboxAttr);
static uint32_t ParseSandboxAttributeToFlags(const nsAttrValue* sandboxAttr);
/**
* A helper function that checks if a string matches a valid sandbox
* flag.
*
* @param aFlag the potential sandbox flag
* @return true if the flag is a sandbox flag
*/
static bool IsValidSandboxFlag(const nsAString& aFlag);
/**
* A helper function that returns a string attribute corresponding to the
* sandbox flags.
*
* @param aFlags the sandbox flags
* @param aString the attribute corresponding to the flags (null if flags is 0)
*/
static void SandboxFlagsToString(uint32_t aFlags, nsAString& aString);
/**
* Fill (with the parameters given) the localized string named |aKey| in

29
dom/base/nsDocument.cpp
Просмотреть файл

@ -2864,7 +2864,7 @@ nsDocument::InitCSP(nsIChannel* aChannel)
NS_ConvertASCIItoUTF16 cspROHeaderValue(tCspROHeaderValue);
// Figure out if we need to apply an app default CSP or a CSP from an app manifest
nsCOMPtr<nsIPrincipal> principal = NodePrincipal();
nsIPrincipal* principal = NodePrincipal();
uint16_t appStatus = principal->GetAppStatus();
bool applyAppDefaultCSP = false;
@ -3036,30 +3036,11 @@ nsDocument::InitCSP(nsIChannel* aChannel)
// speculative loads.
}
// ----- Set sandbox flags according to CSP header
// The document may already have some sandbox flags set (e.g., if the
// document is an iframe with the sandbox attribute set). If we have a CSP
// sandbox directive, intersect the CSP sandbox flags with the existing
// flags. This corresponds to the _least_ permissive policy.
uint32_t cspSandboxFlags = SANDBOXED_NONE;
rv = csp->GetCSPSandboxFlags(&cspSandboxFlags);
NS_ENSURE_SUCCESS(rv, rv);
mSandboxFlags |= cspSandboxFlags;
if (cspSandboxFlags & SANDBOXED_ORIGIN) {
// If the new CSP sandbox flags do not have the allow-same-origin flag
// reset the document principal to a null principal
principal = do_CreateInstance("@mozilla.org/nullprincipal;1");
SetPrincipal(principal);
}
rv = principal->SetCsp(csp);
NS_ENSURE_SUCCESS(rv, rv);
#ifdef PR_LOGGING
PR_LOG(gCspPRLog, PR_LOG_DEBUG,
("Inserted CSP into principal %p", principal.get()));
("Inserted CSP into principal %p", principal));
#endif
return NS_OK;
@ -3729,12 +3710,6 @@ nsDocument::RemoveCharSetObserver(nsIObserver* aObserver)
mCharSetObservers.RemoveElement(aObserver);
}
void
nsIDocument::GetSandboxFlagsAsString(nsAString& aFlags)
{
nsContentUtils::SandboxFlagsToString(mSandboxFlags, aFlags);
}
void
nsDocument::GetHeaderData(nsIAtom* aHeaderField, nsAString& aData) const
{

6
dom/base/nsIDocument.h
Просмотреть файл

@ -598,12 +598,6 @@ public:
return mSandboxFlags;
}
/**
* Get string representation of sandbox flags (null if no flags as
* set).
*/
void GetSandboxFlagsAsString(nsAString& aFlags);
/**
* Set the sandbox flags for this document.
* @see nsSandboxFlags.h for the possible flags

5
dom/base/nsSandboxFlags.h
Просмотреть файл

@ -11,11 +11,6 @@
#ifndef nsSandboxFlags_h___
#define nsSandboxFlags_h___
/**
* This constant denotes the lack of a sandbox attribute/directive.
*/
const unsigned long SANDBOXED_NONE = 0x0;
/**
* This flag prevents content from navigating browsing contexts other than
* itself, browsing contexts nested inside it, the top-level browsing context

7
dom/base/test/csp/file_csp_sandbox_1.html → dom/base/test/csp/file_bug886164.html
Просмотреть файл

@ -5,12 +5,11 @@
<!-- Content-Security-Policy: default-src 'self' -->
<!-- these should be stopped by CSP -->
<img src="http://example.org/tests/dom/base/test/csp/file_CSP.sjs?testid=img1_bad&type=img/png"> </img>
<img src="http://example.org/tests/dom/base/test/csp/file_CSP.sjs?testid=img_bad&type=img/png"> </img>
<!-- these should load ok -->
<img src="/tests/dom/base/test/csp/file_CSP.sjs?testid=img1a_good&type=img/png" />
<!-- should not execute script -->
<script src='/tests/dom/base/test/csp/file_csp_sandbox_fail.js'></script>
<img src="/tests/dom/base/test/csp/file_CSP.sjs?testid=img_good&type=img/png" />
<script src='/tests/dom/base/test/csp/file_CSP.sjs?testid=scripta_bad&type=text/javascript'></script>
</body>
</html>

1
dom/base/test/csp/file_bug886164.html^headers^ Normal file
Просмотреть файл

@ -0,0 +1 @@
Content-Security-Policy: default-src 'self'

2
dom/base/test/csp/file_csp_sandbox_2.html → dom/base/test/csp/file_bug886164_2.html
Просмотреть файл

@ -9,8 +9,6 @@
<!-- these should load ok -->
<img src="/tests/dom/base/test/csp/file_CSP.sjs?testid=img2a_good&type=img/png" />
<!-- should not execute script -->
<script src='/tests/dom/base/test/csp/file_csp_sandbox_fail.js'></script>
</body>
</html>

1
dom/base/test/csp/file_bug886164_2.html^headers^ Normal file
Просмотреть файл

@ -0,0 +1 @@
Content-Security-Policy: default-src 'self'

3
dom/base/test/csp/file_csp_sandbox_3.html → dom/base/test/csp/file_bug886164_3.html
Просмотреть файл

@ -1,13 +1,12 @@
<html>
<head> <meta charset="utf-8"> </head>
<body>
<!-- sandbox="allow-same-origin" -->
<!-- sandbox -->
<!-- Content-Security-Policy: default-src 'none' -->
<!-- these should be stopped by CSP -->
<img src="http://example.org/tests/dom/base/test/csp/file_CSP.sjs?testid=img3_bad&type=img/png"> </img>
<img src="/tests/dom/base/test/csp/file_CSP.sjs?testid=img3a_bad&type=img/png" />
<script src='/tests/dom/base/test/csp/file_csp_sandbox_fail.js'></script>
</body>
</html>

1
dom/base/test/csp/file_bug886164_3.html^headers^ Normal file
Просмотреть файл

@ -0,0 +1 @@
Content-Security-Policy: default-src 'none'

1
dom/base/test/csp/file_csp_sandbox_4.html → dom/base/test/csp/file_bug886164_4.html
Просмотреть файл

@ -7,7 +7,6 @@
<!-- these should be stopped by CSP -->
<img src="http://example.org/tests/dom/base/test/csp/file_CSP.sjs?testid=img4_bad&type=img/png"> </img>
<img src="/tests/dom/base/test/csp/file_CSP.sjs?testid=img4a_bad&type=img/png" />
<script src='/tests/dom/base/test/csp/file_csp_sandbox_fail.js'></script>
</body>
</html>

1
dom/base/test/csp/file_bug886164_4.html^headers^ Normal file
Просмотреть файл

@ -0,0 +1 @@
Content-Security-Policy: default-src 'none'

4
dom/base/test/csp/file_csp_sandbox_5.html → dom/base/test/csp/file_bug886164_5.html
Просмотреть файл

@ -10,12 +10,12 @@
ok(true, "documents sandboxed with allow-scripts should be able to run inline scripts");
}
</script>
<script src='file_csp_sandbox_fail.js'></script>
<script src='file_iframe_sandbox_pass.js'></script>
<body onLoad='ok(true, "documents sandboxed with allow-scripts should be able to run script from event listeners");doStuff();'>
I am sandboxed but with only inline "allow-scripts"
<!-- sandbox="allow-scripts" -->
<!-- Content-Security-Policy: default-src 'none'; script-src 'unsafe-inline' -->
<!-- Content-Security-Policy: default-src 'none' 'unsafe-inline'-->
<!-- these should be stopped by CSP -->
<img src="/tests/dom/base/test/csp/file_CSP.sjs?testid=img5_bad&type=img/png" />

1
dom/base/test/csp/file_bug886164_5.html^headers^ Normal file
Просмотреть файл

@ -0,0 +1 @@
Content-Security-Policy: default-src 'none' 'unsafe-inline';

6
dom/base/test/csp/file_csp_sandbox_6.html → dom/base/test/csp/file_bug886164_6.html
Просмотреть файл

@ -18,13 +18,13 @@
sendMouseEvent({type:'click'}, 'a_link');
}
</script>
<script src='file_csp_sandbox_pass.js'></script>
<script src='file_iframe_sandbox_pass.js'></script>
<body onLoad='ok(true, "documents sandboxed with allow-scripts should be able to run script from event listeners");doStuff();'>
I am sandboxed but with "allow-same-origin" and allow-scripts"
I am sandboxed but with "allow-scripts"
<img src="http://example.org/tests/dom/base/test/csp/file_CSP.sjs?testid=img6_bad&type=img/png"> </img>
<script src='http://example.org/tests/dom/base/test/csp/file_CSP.sjs?testid=script6_bad&type=text/javascript'></script>
<form method="get" action="/tests/content/html/content/test/file_iframe_sandbox_form_fail.html" id="a_form">
<form method="get" action="file_iframe_sandbox_form_fail.html" id="a_form">
First name: <input type="text" name="firstname">
Last name: <input type="text" name="lastname">
<input type="submit" onclick="doSubmit()" id="a_button">

1
dom/base/test/csp/file_bug886164_6.html^headers^ Normal file
Просмотреть файл

@ -0,0 +1 @@
Content-Security-Policy: default-src 'self' 'unsafe-inline';

12
dom/base/test/csp/file_csp_sandbox_10.html
Просмотреть файл

@ -1,12 +0,0 @@
<html>
<head> <meta charset="utf-8"> </head>
<body>
<!-- Content-Security-Policy: default-src 'none'; sandbox -->
<!-- these should be stopped by CSP -->
<img src="http://example.org/tests/dom/base/test/csp/file_CSP.sjs?testid=img10_bad&type=img/png"> </img>
<img src="/tests/dom/base/test/csp/file_CSP.sjs?testid=img10a_bad&type=img/png" />
<script src='/tests/dom/base/test/csp/file_csp_sandbox_fail.js'></script>
</body>
</html>

25
dom/base/test/csp/file_csp_sandbox_11.html
Просмотреть файл

@ -1,25 +0,0 @@
<!DOCTYPE HTML>
<html>
<head> <meta charset="utf-8"> </head>
<script type="text/javascript">
function ok(result, desc) {
window.parent.postMessage({ok: result, desc: desc}, "*");
}
function doStuff() {
ok(true, "documents sandboxed with allow-scripts should be able to run inline scripts");
}
</script>
<script src='file_csp_sandbox_fail.js'></script>
<body onLoad='ok(true, "documents sandboxed with allow-scripts should be able to run script from event listeners");doStuff();'>
I am sandboxed but with only inline "allow-scripts"
<!-- Content-Security-Policy: default-src 'none'; script-src 'unsafe-inline'; sandbox allow-scripts -->
<!-- these should be stopped by CSP -->
<img src="/tests/dom/base/test/csp/file_CSP.sjs?testid=img11_bad&type=img/png" />
<img src="http://example.org/tests/dom/base/test/csp/file_CSP.sjs?testid=img11a_bad&type=img/png"> </img>
<script src='/tests/dom/base/test/csp/file_CSP.sjs?testid=script11_bad&type=text/javascript'></script>
<script src='http://example.org/tests/dom/base/test/csp/file_CSP.sjs?testid=script11a_bad&type=text/javascript'></script>
</body>
</html>

40
dom/base/test/csp/file_csp_sandbox_12.html
Просмотреть файл

@ -1,40 +0,0 @@
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<script type="text/javascript" src="/tests/SimpleTest/EventUtils.js"></script>
</head>
<script type="text/javascript">
function ok(result, desc) {
window.parent.postMessage({ok: result, desc: desc}, "*");
}
function doStuff() {
ok(true, "documents sandboxed with allow-scripts should be able to run inline scripts");
document.getElementById('a_form').submit();
// trigger the javascript: url test
sendMouseEvent({type:'click'}, 'a_link');
}
</script>
<script src='file_csp_sandbox_pass.js'></script>
<body onLoad='ok(true, "documents sandboxed with allow-scripts should be able to run script from event listeners");doStuff();'>
I am sandboxed but with "allow-same-origin" and allow-scripts"
<!-- Content-Security-Policy: sandbox allow-same-origin allow-scripts; default-src 'self' 'unsafe-inline'; -->
<!-- these should be stopped by CSP -->
<img src="http://example.org/tests/dom/base/test/csp/file_CSP.sjs?testid=img12_bad&type=img/png"> </img>
<script src='http://example.org/tests/dom/base/test/csp/file_CSP.sjs?testid=script12_bad&type=text/javascript'></script>
<form method="get" action="/tests/content/html/content/test/file_iframe_sandbox_form_fail.html" id="a_form">
First name: <input type="text" name="firstname">
Last name: <input type="text" name="lastname">
<input type="submit" onclick="doSubmit()" id="a_button">
</form>
<a href = 'javascript:ok(true, "documents sandboxed with allow-scripts should be able to run script from javascript: URLs");' id='a_link'>click me</a>
</body>
</html>

15
dom/base/test/csp/file_csp_sandbox_7.html
Просмотреть файл

@ -1,15 +0,0 @@
<html>
<head> <meta charset="utf-8"> </head>
<body>
<!-- Content-Security-Policy: default-src 'self'; sandbox allow-same-origin -->
<!-- these should be stopped by CSP -->
<img src="http://example.org/tests/dom/base/test/csp/file_CSP.sjs?testid=img7_bad&type=img/png"> </img>
<!-- these should load ok -->
<img src="/tests/dom/base/test/csp/file_CSP.sjs?testid=img7a_good&type=img/png" />
<!-- should not execute script -->
<script src='/tests/dom/base/test/csp/file_csp_sandbox_fail.js'></script>
</body>
</html>

15
dom/base/test/csp/file_csp_sandbox_8.html
Просмотреть файл

@ -1,15 +0,0 @@
<html>
<head> <meta charset="utf-8"> </head>
<body>
<!-- Content-Security-Policy: sandbox; default-src 'self' -->
<!-- these should be stopped by CSP -->
<img src="http://example.org/tests/dom/base/test/csp/file_CSP.sjs?testid=img8_bad&type=img/png"> </img>
<!-- these should load ok -->
<img src="/tests/dom/base/test/csp/file_CSP.sjs?testid=img8a_good&type=img/png" />
<!-- should not execute script -->
<script src='/tests/dom/base/test/csp/file_csp_sandbox_fail.js'></script>
</body>
</html>

12
dom/base/test/csp/file_csp_sandbox_9.html
Просмотреть файл

@ -1,12 +0,0 @@
<html>
<head> <meta charset="utf-8"> </head>
<body>
<!-- Content-Security-Policy: default-src 'none'; sandbox allow-same-origin -->
<!-- these should be stopped by CSP -->
<img src="http://example.org/tests/dom/base/test/csp/file_CSP.sjs?testid=img9_bad&type=img/png"> </img>
<img src="/tests/dom/base/test/csp/file_CSP.sjs?testid=img9a_bad&type=img/png" />
<script src='/tests/dom/base/test/csp/file_csp_sandbox_fail.js'></script>
</body>
</html>

4
dom/base/test/csp/file_csp_sandbox_fail.js
Просмотреть файл

@ -1,4 +0,0 @@
function ok(result, desc) {
window.parent.postMessage({ok: result, desc: desc}, "*");
}
ok(false, "documents sandboxed with allow-scripts should NOT be able to run <script src=...>");

4
dom/base/test/csp/file_csp_sandbox_pass.js
Просмотреть файл

@ -1,4 +0,0 @@
function ok(result, desc) {
window.parent.postMessage({ok: result, desc: desc}, "*");
}
ok(true, "documents sandboxed with allow-scripts should be able to run <script src=...>");

25
dom/base/test/csp/file_csp_testserver.sjs
Просмотреть файл

@ -30,25 +30,16 @@ function handleRequest(request, response)
query[name] = unescape(value);
});
var csp = unescape(query['csp']);
var file = unescape(query['file']);
// avoid confusing cache behaviors
response.setHeader("Cache-Control", "no-cache", false);
if (query['csp']) {
var csp = unescape(query['csp']);
// Deliver the CSP policy encoded in the URI
response.setHeader("Content-Security-Policy", csp, false);
}
// Deliver the CSP policy encoded in the URI
response.setHeader("Content-Security-Policy", csp, false);
if (query['cspRO']) {
var cspRO = unescape(query['cspRO']);
// Deliver the CSP report-only policy encoded in the URI
response.setHeader("Content-Security-Policy-Report-Only", cspRO, false);
}
if (query['file']) {
var file = unescape(query['file']);
// Send HTML to test allowed/blocked behaviors
response.setHeader("Content-Type", "text/html", false);
response.write(loadHTMLFromFile(file));
}
// Send HTML to test allowed/blocked behaviors
response.setHeader("Content-Type", "text/html", false);
response.write(loadHTMLFromFile(file));
}

21
dom/base/test/csp/file_iframe_sandbox_csp_document_write.html
Просмотреть файл

@ -1,21 +0,0 @@
<!DOCTYPE HTML>
<html>
<head> <meta charset="utf-8"> </head>
<script type="text/javascript">
function ok(result, desc) {
window.parent.postMessage({ok: result, desc: desc}, "*");
}
function doStuff() {
var beforePrincipal = SpecialPowers.wrap(document).nodePrincipal;
document.open();
document.write("rewritten sandboxed document");
document.close();
var afterPrincipal = SpecialPowers.wrap(document).nodePrincipal;
ok(beforePrincipal.equals(afterPrincipal),
"document.write() does not change underlying principal");
}
</script>
<body onLoad='doStuff();'>
sandboxed with allow-scripts
</body>
</html>

32
dom/base/test/csp/mochitest.ini
Просмотреть файл

@ -45,20 +45,18 @@ support-files =
file_bug836922_npolicies.html^headers^
file_bug836922_npolicies_ro_violation.sjs
file_bug836922_npolicies_violation.sjs
file_csp_sandbox_pass.js
file_csp_sandbox_fail.js
file_csp_sandbox_1.html
file_csp_sandbox_2.html
file_csp_sandbox_3.html
file_csp_sandbox_4.html
file_csp_sandbox_5.html
file_csp_sandbox_6.html
file_csp_sandbox_7.html
file_csp_sandbox_8.html
file_csp_sandbox_9.html
file_csp_sandbox_10.html
file_csp_sandbox_11.html
file_csp_sandbox_12.html
file_bug886164.html
file_bug886164.html^headers^
file_bug886164_2.html
file_bug886164_2.html^headers^
file_bug886164_3.html
file_bug886164_3.html^headers^
file_bug886164_4.html
file_bug886164_4.html^headers^
file_bug886164_5.html
file_bug886164_5.html^headers^
file_bug886164_6.html
file_bug886164_6.html^headers^
file_csp_bug768029.html
file_csp_bug768029.sjs
file_csp_bug773891.html
@ -107,8 +105,6 @@ support-files =
file_worker_redirect.sjs
file_csp_referrerdirective.html
referrerdirective.sjs
test_iframe_sandbox_csp_top_1.html^headers^
file_iframe_sandbox_csp_document_write.html
[test_base-uri.html]
[test_connect-src.html]
@ -126,7 +122,7 @@ skip-if = (buildapp == 'b2g' && (toolkit != 'gonk' || debug)) || toolkit == 'and
[test_CSP_inlinestyle.html]
[test_csp_invalid_source_expression.html]
[test_bug836922_npolicies.html]
[test_csp_sandbox.html]
[test_bug886164.html]
[test_csp_redirects.html]
[test_CSP_bug910139.html]
[test_CSP_bug909029.html]
@ -134,8 +130,6 @@ skip-if = (buildapp == 'b2g' && (toolkit != 'gonk' || debug)) || toolkit == 'and
[test_nonce_source.html]
[test_CSP_bug941404.html]
[test_form-action.html]
[test_iframe_sandbox_csp.html]
[test_iframe_sandbox_csp_top_1.html]
skip-if = e10s || buildapp == 'b2g' # http-on-opening-request observers are not available in child processes
[test_hash_source.html]
skip-if = e10s || buildapp == 'b2g' # can't compute hashes in child process (bug 958702)

240
dom/base/test/csp/test_csp_sandbox.html
Просмотреть файл

@ -1,240 +0,0 @@
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Tests for bugs 886164 and 671389</title>
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>
<p id="display"></p>
<div id="content">
</div>
<script class="testbody" type="text/javascript">
var testCases = [
{
// Test 1: don't load image from non-same-origin; allow loading
// images from same-same origin
sandboxAttribute: "allow-same-origin",
csp: "default-src 'self'",
file: "file_csp_sandbox_1.html",
results: { img1a_good: -1, img1_bad: -1 }
// fails if scripts execute
},
{
// Test 2: don't load image from non-same-origin; allow loading
// images from same-same origin, even without allow-same-origin
// flag
sandboxAttribute: "",
csp: "default-src 'self'",
file: "file_csp_sandbox_2.html",
results: { img2_bad: -1, img2a_good: -1 }
// fails if scripts execute
},
{
// Test 3: disallow loading images from any host, even with
// allow-same-origin flag set
sandboxAttribute: "allow-same-origin",
csp: "default-src 'none'",
file: "file_csp_sandbox_3.html",
results: { img3_bad: -1, img3a_bad: -1 },
// fails if scripts execute
},
{
// Test 4: disallow loading images from any host
sandboxAttribute: "",
csp: "default-src 'none'",
file: "file_csp_sandbox_4.html",
results: { img4_bad: -1, img4a_bad: -1 }
// fails if scripts execute
},
{
// Test 5: disallow loading images or scripts, allow inline scripts
sandboxAttribute: "allow-scripts",
csp: "default-src 'none'; script-src 'unsafe-inline';",
file: "file_csp_sandbox_5.html",
results: { img5_bad: -1, img5a_bad: -1, script5_bad: -1, script5a_bad: -1 },
nrOKmessages: 2 // sends 2 ok message
// fails if scripts execute
},
{
// Test 6: disallow non-same-origin images, allow inline and same origin scripts
sandboxAttribute: "allow-same-origin allow-scripts",
csp: "default-src 'self' 'unsafe-inline';",
file: "file_csp_sandbox_6.html",
results: { img6_bad: -1, script6_bad: -1 },
nrOKmessages: 4 // sends 4 ok message
// fails if forms are not disallowed
},
{
// Test 7: same as Test 1
csp: "default-src 'self'; sandbox allow-same-origin",
file: "file_csp_sandbox_7.html",
results: { img7a_good: -1, img7_bad: -1 }
},
{
// Test 8: same as Test 2
csp: "sandbox; default-src 'self'",
file: "file_csp_sandbox_8.html",
results: { img8_bad: -1, img8a_good: -1 }
},
{
// Test 9: same as Test 3
csp: "default-src 'none'; sandbox allow-same-origin",
file: "file_csp_sandbox_9.html",
results: { img9_bad: -1, img9a_bad: -1 }
},
{
// Test 10: same as Test 4
csp: "default-src 'none'; sandbox",
file: "file_csp_sandbox_10.html",
results: { img10_bad: -1, img10a_bad: -1 }
},
{
// Test 11: same as Test 5
csp: "default-src 'none'; script-src 'unsafe-inline'; sandbox allow-scripts",
file: "file_csp_sandbox_11.html",
results: { img11_bad: -1, img11a_bad: -1, script11_bad: -1, script11a_bad: -1 },
nrOKmessages: 2 // sends 2 ok message
},
{
// Test 12: same as Test 6
csp: "sandbox allow-same-origin allow-scripts; default-src 'self' 'unsafe-inline';",
file: "file_csp_sandbox_12.html",
results: { img12_bad: -1, script12_bad: -1 },
nrOKmessages: 4 // sends 4 ok message
},
];
// a postMessage handler that is used by sandboxed iframes without
// 'allow-same-origin' to communicate pass/fail back to this main page.
// it expects to be called with an object like:
// { ok: true/false,
// desc: <description of the test> which it then forwards to ok() }
window.addEventListener("message", receiveMessage, false);
function receiveMessage(event) {
ok_wrapper(event.data.ok, event.data.desc);
}
var completedTests = 0;
var passedTests = 0;
var totalTests = (function() {
var nrCSPloadTests = 0;
for(var i = 0; i < testCases.length; i++) {
nrCSPloadTests += Object.keys(testCases[i].results).length;
if (testCases[i].nrOKmessages) {
// + number of expected postMessages from iframe
nrCSPloadTests += testCases[i].nrOKmessages;
}
}
return nrCSPloadTests;
})();
function ok_wrapper(result, desc) {
ok(result, desc);
completedTests++;
if (result) {
passedTests++;
}
if (completedTests === totalTests) {
window.examiner.remove();
SimpleTest.finish();
}
}
// Set the iframe src and sandbox attribute
function runTest(test) {
var iframe = document.createElement('iframe');
document.getElementById('content').appendChild(iframe);
// set sandbox attribute
if (test.sandboxAttribute !== undefined) {
iframe.sandbox = test.sandboxAttribute;
}
// set query string
var src = 'file_csp_testserver.sjs';
// path where the files are
var path = '/tests/dom/base/test/csp/';
src += '?file=' + escape(path+test.file);
if (test.csp !== undefined) {
src += '&csp=' + escape(test.csp);
}
iframe.src = src;
iframe.width = iframe.height = 10;
}
// Examiner related
// This is used to watch the blocked data bounce off CSP and allowed data
// get sent out to the wire.
function examiner() {
SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
SpecialPowers.addObserver(this, "specialpowers-http-notify-request", false);
}
examiner.prototype = {
observe: function(subject, topic, data) {
var testpat = new RegExp("testid=([a-z0-9_]+)");
//_good things better be allowed!
//_bad things better be stopped!
if (topic === "specialpowers-http-notify-request") {
//these things were allowed by CSP
var uri = data;
if (!testpat.test(uri)) return;
var testid = testpat.exec(uri)[1];
if(/_good/.test(testid)) {
ok_wrapper(true, uri + " is allowed by csp");
} else {
ok_wrapper(false, uri + " should not be allowed by csp");
}
}
if(topic === "csp-on-violate-policy") {
//these were blocked... record that they were blocked
var asciiSpec = SpecialPowers.getPrivilegedProps(SpecialPowers.do_QueryInterface(subject, "nsIURI"), "asciiSpec");
if (!testpat.test(asciiSpec)) return;
var testid = testpat.exec(asciiSpec)[1];
if(/_bad/.test(testid)) {
ok_wrapper(true, asciiSpec + " was blocked by \"" + data + "\"");
} else {
ok_wrapper(false, asciiSpec + " should have been blocked by \"" + data + "\"");
}
}
},
// must eventually call this to remove the listener,
// or mochitests might get borked.
remove: function() {
SpecialPowers.removeObserver(this, "csp-on-violate-policy");
SpecialPowers.removeObserver(this, "specialpowers-http-notify-request");
}
}
window.examiner = new examiner();
SimpleTest.waitForExplicitFinish();
(function() { // Run tests:
for(var i = 0; i < testCases.length; i++) {
runTest(testCases[i]);
}
})();
</script>
</body>
</html>

239
dom/base/test/csp/test_iframe_sandbox_csp.html
Просмотреть файл

@ -1,239 +0,0 @@
<!DOCTYPE HTML>
<html>
<!--
https://bugzilla.mozilla.org/show_bug.cgi?id=671389
Bug 671389 - Implement CSP sandbox directive
-->
<head>
<meta charset="utf-8">
<title>Tests for Bug 671389</title>
<script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
</head>
<script type="application/javascript">
SimpleTest.waitForExplicitFinish();
// Check if two sandbox flags are the same, ignoring case-sensitivity.
// getSandboxFlags returns a list of sandbox flags (if any) or
// null if the flag is not set.
// This function checks if two flags are the same, i.e., they're
// either not set or have the same flags.
function eqFlags(a, b) {
if (a === null && b === null) { return true; }
if (a === null || b === null) { return false; }
if (a.length !== b.length) { return false; }
var a_sorted = a.map(function(e) { return e.toLowerCase(); }).sort();
var b_sorted = b.map(function(e) { return e.toLowerCase(); }).sort();
for (var i in a_sorted) {
if (a_sorted[i] !== b_sorted[i]) {
return false;
}
}
return true;
}
// Get the sandbox flags of document doc.
// If the flag is not set sandboxFlagsAsString returns null,
// this function also returns null.
// If the flag is set it may have some flags; in this case
// this function returns the (potentially empty) list of flags.
function getSandboxFlags(doc) {
var flags = doc.sandboxFlagsAsString;
if (flags === null) { return null; }
return flags? flags.split(" "):[];
}
// Constructor for a CSP sandbox flags test. The constructor
// expectes a description 'desc' and set of options 'opts':
// - sandboxAttribute: [null] or string corresponding to the iframe sandbox attributes
// - csp: [null] or string corresponding to the CSP sandbox flags
// - cspReportOnly: [null] or string corresponding to the CSP report-only sandbox flags
// - file: [null] or string corresponding to file the server should serve
// Above, we use [brackets] to denote default values.
function CSPFlagsTest(desc, opts) {
function ifundef(x, v) {
return (x !== undefined) ? x : v;
}
function intersect(as, bs) { // Intersect two csp attributes:
as = as === null ? null
: as.split(' ').filter(function(x) { return !!x; });
bs = bs === null ? null
: bs.split(' ').filter(function(x) { return !!x; });
if (as === null) { return bs; }
if (bs === null) { return as; }
var cs = [];
as.forEach(function(a) {
if (a && bs.indexOf(a) != -1)
cs.push(a);
});
return cs;
}
this.desc = desc || "Untitled test";
this.attr = ifundef(opts.sandboxAttribute, null);
this.csp = ifundef(opts.csp, null);
this.cspRO = ifundef(opts.cspReportOnly, null);
this.file = ifundef(opts.file, null);
this.expected = intersect(this.attr, this.csp);
}
// Return function that checks that the actual flags are the same as the
// expected flags
CSPFlagsTest.prototype.checkFlags = function(iframe) {
var this_ = this;
return function() {
try {
var actual = getSandboxFlags(SpecialPowers.wrap(iframe).contentDocument);
ok(eqFlags(actual, this_.expected),
this_.desc, 'expected: "' + this_.expected + '", got: "' + actual + '"');
} catch (e) {
ok(false, this_.desc, 'expected: "' + this_.expected + '", failed with: "' + e + '"');
}
runNextTest();
};
};
// Set the iframe src and sandbox attribute
CSPFlagsTest.prototype.runTest = function () {
var iframe = document.createElement('iframe');
document.getElementById("content").appendChild(iframe);
iframe.onload = this.checkFlags(iframe);
// set sandbox attribute
if (this.attr === null) {
iframe.removeAttribute('sandbox');
} else {
iframe.sandbox = this.attr;
}
// set query string
var src = 'file_csp_testserver.sjs';
var delim = '?';
if (this.csp !== null) {
src += delim + 'csp=' + escape('sandbox ' + this.csp);
delim = '&';
}
if (this.cspRO !== null) {
src += delim + 'cspRO=' + escape('sandbox ' + this.cspRO);
delim = '&';
}
if (this.file !== null) {
src += delim + 'file=' + escape(this.file);
delim = '&';
}
iframe.src = src;
iframe.width = iframe.height = 10;
}
testCases = [
{
desc: "Test 1: Header should not override attribute",
sandboxAttribute: "",
csp: "allow-forms aLLOw-POinter-lock alLOW-popups aLLOW-SAME-ORIGin ALLOW-SCRIPTS allow-top-navigation"
},
{
desc: "Test 2: Attribute should not override header",
sandboxAttribute: "sandbox allow-forms allow-pointer-lock allow-popups allow-same-origin allow-scripts allow-top-navigation",
csp: ""
},
{
desc: "Test 3: Header and attribute intersect",
sandboxAttribute: "allow-same-origin allow-scripts",
csp: "allow-forms allow-same-origin allow-scripts"
},
{
desc: "Test 4: CSP sandbox sets the right flags (pt 1)",
csp: "alLOW-FORms ALLOW-pointer-lock allow-popups allow-same-origin allow-scripts ALLOW-TOP-NAVIGation"
},
{
desc: "Test 5: CSP sandbox sets the right flags (pt 2)",
csp: "allow-same-origin allow-TOP-navigation"
},
{
desc: "Test 6: CSP sandbox sets the right flags (pt 3)",
csp: "allow-FORMS ALLOW-scripts"
},
{
desc: "Test 7: CSP sandbox sets the right flags (pt 4)",
csp: ""
},
{
desc: "Test 8: CSP sandbox sets the right flags (pt 5)",
csp: null
},
{
desc: "Test 9: Read-only header should not override attribute",
sandboxAttribute: "",
cspReportOnly: "allow-forms ALLOW-pointer-lock allow-POPUPS allow-same-origin ALLOW-scripts allow-top-NAVIGATION"
},
{
desc: "Test 10: Read-only header should not override CSP header",
csp: "allow-forms allow-scripts",
cspReportOnly: "allow-forms aLlOw-PoInTeR-lOcK aLLow-pOPupS aLLoW-SaME-oRIgIN alLow-scripts allow-tOp-navigation"
},
{
desc: "Test 11: Read-only header should not override attribute or CSP header",
sandboxAttribute: "allow-same-origin allow-scripts",
csp: "allow-forms allow-same-origin allow-scripts",
cspReportOnly: "allow-forms allow-pointer-lock allow-popups allow-same-origin allow-scripts allow-top-navigation"
},
{
desc: "Test 12: CSP sandbox not affected by document.write()",
csp: "allow-scripts",
file: 'tests/dom/base/test/csp/file_iframe_sandbox_csp_document_write.html'
},
].map(function(t) { return (new CSPFlagsTest(t.desc,t)); });
var testCaseIndex = 0;
// Track ok messages from iframes
var childMessages = 0;
var totalChildMessages = 1;
// Check to see if we ran all the tests and received all messges
// from child iframes. If so, finish.
function tryFinish() {
if (testCaseIndex === testCases.length && childMessages === totalChildMessages){
SimpleTest.finish();
}
}
function runNextTest() {
tryFinish();
if (testCaseIndex < testCases.length) {
testCases[testCaseIndex].runTest();
testCaseIndex++;
}
}
function receiveMessage(event) {
ok(event.data.ok, event.data.desc);
childMessages++;
tryFinish();
}
window.addEventListener("message", receiveMessage, false);
addLoadEvent(runNextTest);
</script>
<body>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=671389">Mozilla Bug 671389</a> - Implement CSP sandbox directive
<p id="display"></p>
<div id="content">
</div>
</body>
</html>

80
dom/base/test/csp/test_iframe_sandbox_csp_top_1.html
Просмотреть файл

@ -1,80 +0,0 @@
<!DOCTYPE HTML>
<html>
<!--
https://bugzilla.mozilla.org/show_bug.cgi?id=671389
Bug 671389 - Implement CSP sandbox directive
Tests CSP sandbox attribute on top-level page.
Minimal flags: allow-same-origin allow-scripts:
Since we need to load the SimpleTest files, we have to set the
allow-same-origin flag. Additionally, we set the allow-scripts flag
since we need JS to check the flags.
Though not necessary, for this test we also set the allow-forms flag.
We may later wish to extend the testing suite with sandbox_csp_top_*
tests that set different permutations of the flags.
CSP header: Content-Security-Policy: sandbox allow-forms allow-scripts allow-same-origin
-->
<head>
<meta charset="utf-8">
<title>Tests for Bug 671389</title>
<script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
</head>
<script type="application/javascript">
SimpleTest.waitForExplicitFinish();
// Check if two sandbox flags are the same.
// getSandboxFlags returns a list of sandbox flags (if any) or
// null if the flag is not set.
// This function checks if two flags are the same, i.e., they're
// either not set or have the same flags.
function eqFlags(a, b) {
if (a === null && b === null) { return true; }
if (a === null || b === null) { return false; }
if (a.length !== b.length) { return false; }
var a_sorted = a.sort();
var b_sorted = b.sort();
for (var i in a_sorted) {
if (a_sorted[i] !== b_sorted[i]) {
return false;
}
}
return true;
}
// Get the sandbox flags of document doc.
// If the flag is not set sandboxFlagsAsString returns null,
// this function also returns null.
// If the flag is set it may have some flags; in this case
// this function returns the (potentially empty) list of flags.
function getSandboxFlags(doc) {
var flags = doc.sandboxFlagsAsString;
if (flags === null) { return null; }
return flags? flags.split(" "):[];
}
function checkFlags(expected) {
try {
var flags = getSandboxFlags(SpecialPowers.wrap(document));
ok(eqFlags(flags, expected), name + ' expected: "' + expected + '", got: "' + flags + '"');
} catch (e) {
ok(false, name + ' expected "' + expected + ', but failed with ' + e);
}
SimpleTest.finish();
}
</script>
<body onLoad='checkFlags(["allow-forms", "allow-scripts", "allow-same-origin"]);'>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=671389">Mozilla Bug 671389</a> - Implement CSP sandbox directive
<p id="display"></p>
<div id="content">
I am a top-level page sandboxed with "allow-scripts allow-forms
allow-same-origin".
</div>
</body>
</html>

1
dom/base/test/csp/test_iframe_sandbox_csp_top_1.html^headers^
Просмотреть файл

@ -1 +0,0 @@
Content-Security-Policy: sAnDbOx aLLow-FOrms aLlOw-ScRiPtS ALLOW-same-origin

17
dom/html/test/file_iframe_sandbox_c_if9.html
Просмотреть файл

@ -1,17 +0,0 @@
<!DOCTYPE HTML>
<html>
<head>
<meta charset="utf-8">
<title>Test for Bug 671389</title>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
</head>
<body>
I am
<ul>
<li>sandboxed but with "allow-forms", "allow-pointer-lock", "allow-popups", "allow-same-origin", "allow-scripts", and "allow-top-navigation", </li>
<li>sandboxed but with "allow-same-origin", "allow-scripts", </li>
<li>sandboxed, or </li>
<li>not sandboxed.</li>
</ul>
</body>
</html>

1
dom/html/test/mochitest.ini
Просмотреть файл

@ -92,7 +92,6 @@ support-files =
file_iframe_sandbox_c_if6.html
file_iframe_sandbox_c_if7.html
file_iframe_sandbox_c_if8.html
file_iframe_sandbox_c_if9.html
file_iframe_sandbox_close.html
file_iframe_sandbox_d_if1.html
file_iframe_sandbox_d_if10.html

44
dom/html/test/test_iframe_sandbox_general.html
Просмотреть файл

@ -41,7 +41,7 @@ function ok_wrapper(result, desc) {
passedTests++;
}
if (completedTests == 33) {
if (completedTests == 27) {
is(passedTests, completedTests, "There are " + completedTests + " general tests that should pass");
SimpleTest.finish();
}
@ -180,14 +180,6 @@ function doTest() {
// This is done via file_iframe_sandbox_c_if4.html which is sandboxed with "allow-scripts" and "allow-same-origin"
// the window it attempts to open calls window.opener.ok(false, ...) and file_iframe_c_if4.html has an ok()
// function that calls window.parent.ok_wrapper.
// passes twice if good
// 29-32) Test that sandboxFlagsAsString returns the set flags.
// see if_14 and if_15
// passes once if good
// 33) Test that sandboxFlagsAsString returns null if iframe does not have sandbox flag set.
// see if_16
}
addLoadEvent(doTest);
@ -220,36 +212,6 @@ function do_if_10() {
var if_10 = document.getElementById('if_10');
if_10.src = 'javascript:"<html><script>window.parent.ok_wrapper(true, \'an iframe sandboxed with allow-scripts should execute script in a javascript URL in a newly set src attribute\');<\/script><\/html>"';
}
function eqFlags(a, b) {
// both a and b should be either null or have the array same flags
if (a === null && b === null) { return true; }
if (a === null || b === null) { return false; }
if (a.length !== b.length) { return false; }
var a_sorted = a.sort();
var b_sorted = b.sort();
for (var i in a_sorted) {
if (a_sorted[i] !== b_sorted[i]) { return false; }
}
return true;
}
function getSandboxFlags(doc) {
var flags = doc.sandboxFlagsAsString;
if (flags === null) { return null; }
return flags? flags.split(" "):[];
}
function test_sandboxFlagsAsString(name, expected) {
var ifr = document.getElementById(name);
try {
var flags = getSandboxFlags(SpecialPowers.wrap(ifr).contentDocument);
ok_wrapper(eqFlags(flags, expected), name + ' expected: "' + expected + '", got: "' + flags + '"');
} catch (e) {
ok_wrapper(false, name + ' expected "' + expected + ', but failed with ' + e);
}
}
</script>
<body>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=341604">Mozilla Bug 341604</a> - Implement HTML5 sandbox attribute for IFRAMEs
@ -272,10 +234,6 @@ function test_sandboxFlagsAsString(name, expected) {
<iframe sandbox="allow-same-origin allow-scripts" onload='start_if_10()' id='if_10' src="about:blank" height="10" width="10"></iframe>
<iframe sandbox="allow-scripts" id='if_11' src="file_iframe_sandbox_c_if7.html" height="10" width="10"></iframe>
<iframe sandbox="allow-same-origin allow-scripts" id='if_12' src="file_iframe_sandbox_c_if8.html" height="10" width="10"></iframe>
<iframe sandbox="allow-forms allow-pointer-lock allow-popups allow-same-origin allow-scripts allow-top-navigation " id='if_13' src="file_iframe_sandbox_c_if9.html" height="10" width="10" onload='test_sandboxFlagsAsString("if_13",["allow-forms", "allow-pointer-lock", "allow-popups", "allow-same-origin", "allow-scripts", "allow-top-navigation"])'></iframe>
<iframe sandbox="&#x09;allow-same-origin&#x09;allow-scripts&#x09;" id="if_14" src="file_iframe_sandbox_c_if6.html" height="10" width="10" onload='test_sandboxFlagsAsString("if_14",["allow-same-origin","allow-scripts"])'></iframe>
<iframe sandbox="" id="if_15" src="file_iframe_sandbox_c_if9.html" height="10" width="10" onload='test_sandboxFlagsAsString("if_15",[])'></iframe>
<iframe id="if_16" src="file_iframe_sandbox_c_if9.html" height="10" width="10" onload='test_sandboxFlagsAsString("if_16",null)'></iframe>
<input type='button' id="a_button" onclick='do_if_9()'>
<input type='button' id="a_button2" onclick='do_if_10()'>
</div>

14
dom/interfaces/security/nsIContentSecurityPolicy.idl
Просмотреть файл

@ -20,7 +20,7 @@ interface nsIURI;
typedef unsigned short CSPDirective;
[scriptable, uuid(9454a677-5342-4220-8154-e619410e07e7)]
[scriptable, uuid(68434447-b816-4473-a731-efc4f6d59902)]
interface nsIContentSecurityPolicy : nsISerializable
{
/**
@ -48,7 +48,6 @@ interface nsIContentSecurityPolicy : nsISerializable
const unsigned short BASE_URI_DIRECTIVE = 13;
const unsigned short FORM_ACTION_DIRECTIVE = 14;
const unsigned short REFERRER_DIRECTIVE = 15;
const unsigned short SANDBOX_DIRECTIVE = 16;
/**
* Accessor method for a read-only string version of the policy at a given
@ -263,17 +262,6 @@ interface nsIContentSecurityPolicy : nsISerializable
*/
boolean permits(in nsIURI aURI, in CSPDirective aDir, in boolean aSpecific);
/**
* Delegate method called by the service when the protected document is loaded.
* Returns the intersection of all the sandbox flags contained in
* CSP policies. This is the most restricting sandbox policy.
* See nsSandboxFlags.h for the possible flags.
*
* @return
* sandbox flags or SANDBOXED_NONE if no sandbox directive exists
*/
uint32_t getCSPSandboxFlags();
/**
* Delegate method called by the service when sub-elements of the protected
* document are being loaded. Given a bit of information about the request,

6
dom/locales/en-US/chrome/security/csp.properties
Просмотреть файл

@ -50,9 +50,6 @@ scriptFromStringBlocked = An attempt to call JavaScript from a string (by callin
# LOCALIZATION NOTE (hostNameMightBeKeyword):
# %1$S is the hostname in question and %2$S is the keyword
hostNameMightBeKeyword = Interpreting %1$S as a hostname, not a keyword. If you intended this to be a keyword, use '%2$S' (wrapped in single quotes).
# LOCALIZATION NOTE (ignoringReportOnlyDirective):
# %1$S is the directive that is ignore in report-only mode.
ignoringReportOnlyDirective = Ignoring sandbox directive when delivered in a report-only policy '%1$S'.
# LOCALIZATION NOTE (notSupportingDirective):
# directive is not supported (e.g. 'reflected-xss')
notSupportingDirective = Not supporting directive '%1$S'. Directive and values will be ignored.
@ -73,6 +70,3 @@ couldntParsePort = Couldn't parse port in %1$S
# LOCALIZATION NOTE (duplicateDirective):
# %1$S is the name of the duplicate directive
duplicateDirective = Duplicate %1$S directives detected. All but the first instance will be ignored.
# LOCALIZATION NOTE (couldntParseInvalidSandboxFlag):
# %1$S is the option that could not be understood
couldntParseInvalidSandboxFlag = Couldn't parse invalid sandbox flag %1$S

44
dom/security/nsCSPContext.cpp
Просмотреть файл

@ -37,7 +37,6 @@
#include "prlog.h"
#include "mozilla/dom/CSPReportBinding.h"
#include "mozilla/net/ReferrerPolicy.h"
#include "nsSandboxFlags.h"
using namespace mozilla;
@ -1187,49 +1186,6 @@ nsCSPContext::Permits(nsIURI* aURI,
return NS_OK;
}
NS_IMETHODIMP
nsCSPContext::GetCSPSandboxFlags(uint32_t* aOutSandboxFlags)
{
if (aOutSandboxFlags == nullptr) {
return NS_ERROR_FAILURE;
}
*aOutSandboxFlags = SANDBOXED_NONE;
for (uint32_t i = 0; i < mPolicies.Length(); i++) {
uint32_t flags = mPolicies[i]->getSandboxFlags();
// current policy doesn't have sandbox flag, check next policy
if (!flags) {
continue;
}
// current policy has sandbox flags, if the policy is in
// enforcement-mode (i.e., not report-only) set these flags
// and check for policies with more restrictions
if (!mPolicies[i]->getReportOnlyFlag()) {
*aOutSandboxFlags |= flags;
} else {
// sandbox directive is ignored in report-only mode, warn about
// it and continue the loop checking for an enforcement-mode policy
nsAutoString policy;
mPolicies[i]->toString(policy);
CSPCONTEXTLOG(("nsCSPContext::ShouldSandbox, report only policy, ignoring sandbox in: %s",
policy.get()));
const char16_t* params[] = { policy.get() };
CSP_LogLocalizedStr(MOZ_UTF16("ignoringReportOnlyDirective"),
params, ArrayLength(params),
EmptyString(),
EmptyString(),
0, 0,
nsIScriptError::warningFlag,
"CSP", mInnerWindowID);
}
}
return NS_OK;
}
/* ========== CSPViolationReportListener implementation ========== */
NS_IMPL_ISUPPORTS(CSPViolationReportListener, nsIStreamListener, nsIRequestObserver, nsISupports);

41
dom/security/nsCSPParser.cpp
Просмотреть файл

@ -15,7 +15,6 @@
#include "nsServiceManagerUtils.h"
#include "nsUnicharUtils.h"
#include "mozilla/net/ReferrerPolicy.h"
#include "nsContentUtils.h"
using namespace mozilla;
@ -913,39 +912,6 @@ nsCSPParser::reportURIList(nsTArray<nsCSPBaseSrc*>& outSrcs)
}
}
/* Helper function for parsing sandbox flags. This function solely
* concatenates all the source list tokens (the sandbox flags) so the
* attribute parser (nsContentUtils::ParseSandboxAttributeToFlags) can
* use them.
*/
void
nsCSPParser::sandboxFlagList(nsTArray<nsCSPBaseSrc*>& outSrcs)
{
nsAutoString flags;
// remember, srcs start at index 1
for (uint32_t i = 1; i < mCurDir.Length(); i++) {
mCurToken = mCurDir[i];
CSPPARSERLOG(("nsCSPParser::sandboxFlagList, mCurToken: %s, mCurValue: %s",
NS_ConvertUTF16toUTF8(mCurToken).get(),
NS_ConvertUTF16toUTF8(mCurValue).get()));
if (!nsContentUtils::IsValidSandboxFlag(mCurToken)) {
const char16_t* params[] = { mCurToken.get() };
logWarningErrorToConsole(nsIScriptError::warningFlag, "couldntParseInvalidSandboxFlag",
params, ArrayLength(params));
continue;
}
flags.Append(mCurToken);
if (i != mCurDir.Length() - 1) {
flags.AppendASCII(" ");
}
}
nsCSPSandboxFlags* sandboxFlags = new nsCSPSandboxFlags(flags);
outSrcs.AppendElement(sandboxFlags);
}
// directive-value = *( WSP / <VCHAR except ";" and ","> )
void
nsCSPParser::directiveValue(nsTArray<nsCSPBaseSrc*>& outSrcs)
@ -967,13 +933,6 @@ nsCSPParser::directiveValue(nsTArray<nsCSPBaseSrc*>& outSrcs)
return;
}
// For the sandbox flag the source list is a list of flags, so we're
// special casing this directive
if (CSP_IsDirective(mCurDir[0], nsIContentSecurityPolicy::SANDBOX_DIRECTIVE)) {
sandboxFlagList(outSrcs);
return;
}
// Otherwise just forward to sourceList
sourceList(outSrcs);
}

15
dom/security/nsCSPParser.h
Просмотреть файл

@ -128,15 +128,14 @@ class nsCSPParser {
bool port();
bool path(nsCSPHostSrc* aCspHost);
bool subHost(); // helper function to parse subDomains
bool atValidUnreservedChar(); // helper function to parse unreserved
bool atValidSubDelimChar(); // helper function to parse sub-delims
bool atValidPctEncodedChar(); // helper function to parse pct-encoded
bool subPath(nsCSPHostSrc* aCspHost); // helper function to parse paths
void reportURIList(nsTArray<nsCSPBaseSrc*>& outSrcs); // helper function to parse report-uris
void percentDecodeStr(const nsAString& aEncStr, // helper function to percent-decode
bool subHost(); // helper function to parse subDomains
bool atValidUnreservedChar(); // helper function to parse unreserved
bool atValidSubDelimChar(); // helper function to parse sub-delims
bool atValidPctEncodedChar(); // helper function to parse pct-encoded
bool subPath(nsCSPHostSrc* aCspHost); // helper function to parse paths
void reportURIList(nsTArray<nsCSPBaseSrc*>& outSrcs); // helper function to parse report-uris
void percentDecodeStr(const nsAString& aEncStr, // helper function to percent-decode
nsAString& outDecStr);
void sandboxFlagList(nsTArray<nsCSPBaseSrc*>& outSrcs); // helper function to parse sandbox flags
inline bool atEnd()
{

43
dom/security/nsCSPUtils.cpp
Просмотреть файл

@ -12,9 +12,6 @@
#include "nsIStringBundle.h"
#include "nsNetUtil.h"
#include "nsReadableUtils.h"
#include "nsContentUtils.h"
#include "nsAttrValue.h"
#include "nsSandboxFlags.h"
#if defined(PR_LOGGING)
static PRLogModuleInfo*
@ -675,23 +672,6 @@ nsCSPReportURI::toString(nsAString& outStr) const
outStr.AppendASCII(spec.get());
}
/* ===== nsCSPSandboxFlags ===================== */
nsCSPSandboxFlags::nsCSPSandboxFlags(const nsAString& aFlags)
: mFlags(aFlags)
{
}
nsCSPSandboxFlags::~nsCSPSandboxFlags()
{
}
void
nsCSPSandboxFlags::toString(nsAString& outStr) const
{
outStr.Append(mFlags);
}
/* ===== nsCSPDirective ====================== */
nsCSPDirective::nsCSPDirective(CSPDirective aDirective)
@ -994,26 +974,3 @@ nsCSPPolicy::getReportURIs(nsTArray<nsString>& outReportURIs) const
}
}
}
/*
* Helper function that returns the underlying bit representation of
* sandbox flags. The function returns SANDBOXED_NONE if there is no
* sandbox directives.
*/
uint32_t
nsCSPPolicy::getSandboxFlags() const
{
nsAutoString flags;
for (uint32_t i = 0; i < mDirectives.Length(); i++) {
if (mDirectives[i]->equals(nsIContentSecurityPolicy::SANDBOX_DIRECTIVE)) {
flags.Truncate();
mDirectives[i]->toString(flags);
nsAttrValue attr;
attr.ParseAtomArray(flags);
return nsContentUtils::ParseSandboxAttributeToFlags(&attr);
}
}
return SANDBOXED_NONE;
}

18
dom/security/nsCSPUtils.h
Просмотреть файл

@ -74,8 +74,7 @@ static const char* CSPStrDirectives[] = {
"reflected-xss", // REFLECTED_XSS_DIRECTIVE
"base-uri", // BASE_URI_DIRECTIVE
"form-action", // FORM_ACTION_DIRECTIVE
"referrer", // REFERRER_DIRECTIVE
"sandbox", // SANDBOX_DIRECTIVE
"referrer" // REFERRER_DIRECTIVE
};
inline const char* CSP_CSPDirectiveToString(CSPDirective aDir)
@ -269,19 +268,6 @@ class nsCSPReportURI : public nsCSPBaseSrc {
nsCOMPtr<nsIURI> mReportURI;
};
/* =============== nsCSPSandboxFlag ============ */
class nsCSPSandboxFlags : public nsCSPBaseSrc {
public:
explicit nsCSPSandboxFlags(const nsAString& aFlags);
virtual ~nsCSPSandboxFlags();
void toString(nsAString& outStr) const;
private:
nsString mFlags;
};
/* =============== nsCSPDirective ============= */
class nsCSPDirective {
@ -363,8 +349,6 @@ class nsCSPPolicy {
inline uint32_t getNumDirectives() const
{ return mDirectives.Length(); }
uint32_t getSandboxFlags() const;
private:
nsTArray<nsCSPDirective*> mDirectives;
bool mReportOnly;

6
dom/webidl/Document.webidl
Просмотреть файл

@ -354,12 +354,6 @@ partial interface Document {
partial interface Document {
[ChromeOnly] readonly attribute boolean isSrcdocDocument;
};
// Extension to give chrome JS the ability to get the underlying
// sandbox flag attribute
partial interface Document {
[ChromeOnly] readonly attribute DOMString? sandboxFlagsAsString;
};
/**
* Chrome document anonymous content management.