From b967444f196a4c90c35f22dabb5131d0f384bb06 Mon Sep 17 00:00:00 2001 From: Christoph Kerschbaumer Date: Sat, 14 Nov 2015 19:28:23 -0800 Subject: [PATCH] Bug 663570 - MetaCSP Part 2: Principal changes (r=bz) --- caps/BasePrincipal.cpp | 22 +++++++++++++++++++--- caps/BasePrincipal.h | 3 +++ caps/nsIPrincipal.idl | 22 +++++++++++++++++++++- caps/nsSystemPrincipal.cpp | 16 +++++++++++++++- caps/nsSystemPrincipal.h | 2 ++ 5 files changed, 60 insertions(+), 5 deletions(-) diff --git a/caps/BasePrincipal.cpp b/caps/BasePrincipal.cpp index 006bb320f56e..f75959a50fc0 100644 --- a/caps/BasePrincipal.cpp +++ b/caps/BasePrincipal.cpp @@ -317,15 +317,31 @@ BasePrincipal::GetCsp(nsIContentSecurityPolicy** aCsp) NS_IMETHODIMP BasePrincipal::SetCsp(nsIContentSecurityPolicy* aCsp) { - // If CSP was already set, it should not be destroyed! Instead, it should - // get set anew when a new principal is created. - if (mCSP) + if (mCSP) { return NS_ERROR_ALREADY_INITIALIZED; + } mCSP = aCsp; return NS_OK; } +NS_IMETHODIMP +BasePrincipal::GetPreloadCsp(nsIContentSecurityPolicy** aPreloadCSP) +{ + NS_IF_ADDREF(*aPreloadCSP = mPreloadCSP); + return NS_OK; +} + +NS_IMETHODIMP +BasePrincipal::SetPreloadCsp(nsIContentSecurityPolicy* aPreloadCSP) +{ + if (mPreloadCSP) { + return NS_ERROR_ALREADY_INITIALIZED; + } + mPreloadCSP = aPreloadCSP; + return NS_OK; +} + NS_IMETHODIMP BasePrincipal::GetCspJSON(nsAString& outCSPinJSON) { diff --git a/caps/BasePrincipal.h b/caps/BasePrincipal.h index 97ef77b0d2ff..2f3107af1022 100644 --- a/caps/BasePrincipal.h +++ b/caps/BasePrincipal.h @@ -146,6 +146,8 @@ public: NS_IMETHOD CheckMayLoad(nsIURI* uri, bool report, bool allowIfInheritsPrincipal) final; NS_IMETHOD GetCsp(nsIContentSecurityPolicy** aCsp) override; NS_IMETHOD SetCsp(nsIContentSecurityPolicy* aCsp) override; + NS_IMETHOD GetPreloadCsp(nsIContentSecurityPolicy** aPreloadCSP) override; + NS_IMETHOD SetPreloadCsp(nsIContentSecurityPolicy* aPreloadCSP) override; NS_IMETHOD GetCspJSON(nsAString& outCSPinJSON) override; NS_IMETHOD GetIsNullPrincipal(bool* aResult) override; NS_IMETHOD GetIsCodebasePrincipal(bool* aResult) override; @@ -200,6 +202,7 @@ protected: bool AddonAllowsLoad(nsIURI* aURI); nsCOMPtr mCSP; + nsCOMPtr mPreloadCSP; OriginAttributes mOriginAttributes; }; diff --git a/caps/nsIPrincipal.idl b/caps/nsIPrincipal.idl index 187ebe2c7e0c..982cb6496c6f 100644 --- a/caps/nsIPrincipal.idl +++ b/caps/nsIPrincipal.idl @@ -20,7 +20,7 @@ interface nsIContentSecurityPolicy; [ptr] native JSPrincipals(JSPrincipals); [ptr] native PrincipalArray(nsTArray >); -[scriptable, builtinclass, uuid(86e5fd29-dccb-4547-8918-f224005479a0)] +[scriptable, builtinclass, uuid(188fc4a2-3157-4956-a7a2-d674991770da)] interface nsIPrincipal : nsISerializable { /** @@ -132,9 +132,29 @@ interface nsIPrincipal : nsISerializable /** * A Content Security Policy associated with this principal. + * + * Please note that if a csp was already set on the + * principal, then it should not be destroyed! Instead, the + * current csp should be quried and extended by + * calling AppendPolicy() on it. */ [noscript] attribute nsIContentSecurityPolicy csp; + /** + * A speculative Content Security Policy associated with this + * principal. Set during speculative loading (preloading) and + * used *only* for preloads. + * + * If you want to query the CSP associated with that principal, + * then this is *not* what you want. Instead query 'csp'. + * + * Please note that if a preloadCSP was already set on the + * principal, then it should not be destroyed! Instead, the + * current preloadCSP should be quried and extended by + * calling AppendPolicy() on it. + */ + [noscript] attribute nsIContentSecurityPolicy preloadCsp; + /** * The CSP of the principal in JSON notation. * Note, that the CSP itself is not exposed to JS, but script diff --git a/caps/nsSystemPrincipal.cpp b/caps/nsSystemPrincipal.cpp index e785b7ae3048..e8f52f1869d8 100644 --- a/caps/nsSystemPrincipal.cpp +++ b/caps/nsSystemPrincipal.cpp @@ -72,7 +72,21 @@ nsSystemPrincipal::GetCsp(nsIContentSecurityPolicy** aCsp) NS_IMETHODIMP nsSystemPrincipal::SetCsp(nsIContentSecurityPolicy* aCsp) { - // CSP on a null principal makes no sense + // CSP on a system principal makes no sense + return NS_OK; +} + +NS_IMETHODIMP +nsSystemPrincipal::GetPreloadCsp(nsIContentSecurityPolicy** aPreloadCSP) +{ + *aPreloadCSP = nullptr; + return NS_OK; +} + +NS_IMETHODIMP +nsSystemPrincipal::SetPreloadCsp(nsIContentSecurityPolicy* aPreloadCSP) +{ + // CSP on a system principal makes no sense return NS_OK; } diff --git a/caps/nsSystemPrincipal.h b/caps/nsSystemPrincipal.h index 5542d09898bf..03e9175f1a48 100644 --- a/caps/nsSystemPrincipal.h +++ b/caps/nsSystemPrincipal.h @@ -31,6 +31,8 @@ public: NS_IMETHOD SetDomain(nsIURI* aDomain) override; NS_IMETHOD GetCsp(nsIContentSecurityPolicy** aCsp) override; NS_IMETHOD SetCsp(nsIContentSecurityPolicy* aCsp) override; + NS_IMETHOD GetPreloadCsp(nsIContentSecurityPolicy** aPreloadCSP) override; + NS_IMETHOD SetPreloadCsp(nsIContentSecurityPolicy* aPreloadCSP) override; NS_IMETHOD GetBaseDomain(nsACString& aBaseDomain) override; nsresult GetOriginInternal(nsACString& aOrigin) override;