Bug 1569122 - Use StaticPrefs for our MIME type script blocking prefs. r=ckerschb

Differential Revision: https://phabricator.services.mozilla.com/D39634 --HG-- extra : moz-landing-system : lando
2019-07-29 07:25:05 +00:00 · 2019-07-29 07:25:05 +00:00 · bc9bb616f7
--- a/modules/libpref/init/StaticPrefList.yaml
+++ b/modules/libpref/init/StaticPrefList.yaml
@ -5594,6 +5594,24 @@
 #endif
  mirror: always

+# Block scripts with _some_ wrong MIME types such as image/, video/ or text/csv
+- name: security.block_script_with_wrong_mime
+  type: bool
+  value: true
+  mirror: always
+
+# Block scripts with wrong MIME type when loading via importScripts().
+- name: security.block_importScripts_with_wrong_mime
+  type: bool
+  value: true
+  mirror: always
+
+# Block Worker/SharedWorker scripts with wrong MIME type.
+- name: security.block_Worker_with_wrong_mime
+  type: bool
+  value: true
+  mirror: always
+
 #---------------------------------------------------------------------------
 # Prefs starting with "slider."
 #---------------------------------------------------------------------------
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@ -2473,15 +2473,6 @@ pref("security.mixed_content.block_object_subrequest", false);
 // Sub-resource integrity
 pref("security.sri.enable", true);

-// Block scripts with wrong MIME type such as image/ or video/.
-pref("security.block_script_with_wrong_mime", true);
-
-// Block scripts with wrong MIME type when loading via importScripts() in workers.
-pref("security.block_importScripts_with_wrong_mime", true);
-
-// Block Worker scripts with wrong MIME type.
-pref("security.block_Worker_with_wrong_mime", true);
-
 // OCSP must-staple
 pref("security.ssl.enable_ocsp_must_staple", true);

--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@ -64,6 +64,7 @@
 #include "mozilla/StaticPrefs_browser.h"
 #include "mozilla/StaticPrefs_network.h"
 #include "mozilla/StaticPrefs_privacy.h"
+#include "mozilla/StaticPrefs_security.h"
 #include "nsISSLSocketControl.h"
 #include "sslt.h"
 #include "nsContentUtils.h"
@ -1572,19 +1573,8 @@ nsresult EnsureMIMEOfScript(nsHttpChannel* aChannel, nsIURI* aURI,
  }

  if (block) {
-    // Instead of consulting Preferences::GetBool() all the time we
-    // can cache the result to speed things up.
-    static bool sCachedBlockScriptWithWrongMime = false;
-    static bool sIsInited = false;
-    if (!sIsInited) {
-      sIsInited = true;
-      Preferences::AddBoolVarCache(&sCachedBlockScriptWithWrongMime,
-                                   "security.block_script_with_wrong_mime",
-                                   true);
-    }
-
    // Do not block the load if the feature is not enabled.
-    if (!sCachedBlockScriptWithWrongMime) {
+    if (!StaticPrefs::security_block_script_with_wrong_mime()) {
      return NS_OK;
    }

@ -1637,19 +1627,8 @@ nsresult EnsureMIMEOfScript(nsHttpChannel* aChannel, nsIURI* aURI,
  // We restrict importScripts() in worker code to JavaScript MIME types.
  nsContentPolicyType internalType = aLoadInfo->InternalContentPolicyType();
  if (internalType == nsIContentPolicy::TYPE_INTERNAL_WORKER_IMPORT_SCRIPTS) {
-    // Instead of consulting Preferences::GetBool() all the time we
-    // can cache the result to speed things up.
-    static bool sCachedBlockImportScriptsWithWrongMime = false;
-    static bool sIsInited = false;
-    if (!sIsInited) {
-      sIsInited = true;
-      Preferences::AddBoolVarCache(
-          &sCachedBlockImportScriptsWithWrongMime,
-          "security.block_importScripts_with_wrong_mime", true);
-    }
-
    // Do not block the load if the feature is not enabled.
-    if (!sCachedBlockImportScriptsWithWrongMime) {
+    if (!StaticPrefs::security_block_importScripts_with_wrong_mime()) {
      return NS_OK;
    }

@ -1660,19 +1639,8 @@ nsresult EnsureMIMEOfScript(nsHttpChannel* aChannel, nsIURI* aURI,

  if (internalType == nsIContentPolicy::TYPE_INTERNAL_WORKER ||
      internalType == nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER) {
-    // Instead of consulting Preferences::GetBool() all the time we
-    // can cache the result to speed things up.
-    static bool sCachedBlockWorkerWithWrongMime = false;
-    static bool sIsInited = false;
-    if (!sIsInited) {
-      sIsInited = true;
-      Preferences::AddBoolVarCache(&sCachedBlockWorkerWithWrongMime,
-                                   "security.block_Worker_with_wrong_mime",
-                                   true);
-    }
-
    // Do not block the load if the feature is not enabled.
-    if (!sCachedBlockWorkerWithWrongMime) {
+    if (!StaticPrefs::security_block_Worker_with_wrong_mime()) {
      return NS_OK;
    }