mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1313937 - CSP: Remove aParserCreated. r=freddyb 

Differential Revision: https://phabricator.services.mozilla.com/D182564
This commit is contained in:
Tom Schuster 2023-07-21 17:28:03 +00:00
Родитель beb24e7eca
Коммит d2122ebadc
3 изменённых файлов: 50 добавлений и 67 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

21
dom/security/nsCSPContext.cpp
Просмотреть файл

@ -481,8 +481,7 @@ nsCSPContext::GetAllowsEval(bool* outShouldReportViolation,
*outAllowsEval = true;
for (uint32_t i = 0; i < mPolicies.Length(); i++) {
if (!mPolicies[i]->allows(SCRIPT_SRC_DIRECTIVE, CSP_UNSAFE_EVAL, u""_ns,
false)) {
if (!mPolicies[i]->allows(SCRIPT_SRC_DIRECTIVE, CSP_UNSAFE_EVAL, u""_ns)) {
// policy is violated: must report the violation and allow the inline
// script if the policy is report-only.
*outShouldReportViolation = true;
@ -509,9 +508,8 @@ nsCSPContext::GetAllowsWasmEval(bool* outShouldReportViolation,
for (uint32_t i = 0; i < mPolicies.Length(); i++) {
// Either 'unsafe-eval' or 'wasm-unsafe-eval' can allow this
if (!mPolicies[i]->allows(SCRIPT_SRC_DIRECTIVE, CSP_WASM_UNSAFE_EVAL,
u""_ns, false) &&
!mPolicies[i]->allows(SCRIPT_SRC_DIRECTIVE, CSP_UNSAFE_EVAL, u""_ns,
false)) {
u""_ns) &&
!mPolicies[i]->allows(SCRIPT_SRC_DIRECTIVE, CSP_UNSAFE_EVAL, u""_ns)) {
// policy is violated: must report the violation and allow the inline
// script if the policy is report-only.
*outShouldReportViolation = true;
@ -618,7 +616,7 @@ nsCSPContext::GetAllowsInline(CSPDirective aDirective, bool aHasUnsafeHash,
// Step 2. If type is "script" or "style", and §6.7.3.1 Is element
// nonceable? returns "Nonceable" when executed upon element: [...]
// TODO(Bug 1397308) Implement "is element nonceable?" CSP checks
if (mPolicies[i]->allows(aDirective, CSP_NONCE, aNonce, aParserCreated)) {
if (mPolicies[i]->allows(aDirective, CSP_NONCE, aNonce)) {
continue;
}
@ -638,15 +636,15 @@ nsCSPContext::GetAllowsInline(CSPDirective aDirective, bool aHasUnsafeHash,
// Step 3. Let unsafe-hashes flag be false.
// Step 4. For each expression of list: [...]
bool unsafeHashesFlag = mPolicies[i]->allows(aDirective, CSP_UNSAFE_HASHES,
u""_ns, aParserCreated);
bool unsafeHashesFlag =
mPolicies[i]->allows(aDirective, CSP_UNSAFE_HASHES, u""_ns);
// Step 5. If type is "script" or "style", or unsafe-hashes flag is true:
//
// aHasUnsafeHash is true for event handlers (type "script attribute"),
// style= attributes (type "style attribute") and the javascript: protocol.
if (!aHasUnsafeHash || unsafeHashesFlag) {
if (mPolicies[i]->allows(aDirective, CSP_HASH, content, aParserCreated)) {
if (mPolicies[i]->allows(aDirective, CSP_HASH, content)) {
continue;
}
}
@ -656,8 +654,7 @@ nsCSPContext::GetAllowsInline(CSPDirective aDirective, bool aHasUnsafeHash,
bool allowed = false;
if ((aDirective == SCRIPT_SRC_ELEM_DIRECTIVE ||
aDirective == SCRIPT_SRC_ATTR_DIRECTIVE) &&
mPolicies[i]->allows(aDirective, CSP_STRICT_DYNAMIC, u""_ns,
aParserCreated)) {
mPolicies[i]->allows(aDirective, CSP_STRICT_DYNAMIC, u""_ns)) {
allowed = !aParserCreated;
}
@ -825,7 +822,7 @@ nsCSPContext::LogViolationDetails(
for (uint32_t p = 0; p < mPolicies.Length(); p++) {
NS_ASSERTION(mPolicies[p], "null pointer in nsTArray<nsCSPPolicy>");
if (mPolicies[p]->allows(SCRIPT_SRC_DIRECTIVE, keyword, u""_ns, false)) {
if (mPolicies[p]->allows(SCRIPT_SRC_DIRECTIVE, keyword, u""_ns)) {
continue;
}

50
dom/security/nsCSPUtils.cpp
Просмотреть файл

@ -533,7 +533,7 @@ nsCSPBaseSrc::~nsCSPBaseSrc() = default;
// nsCSPKeywordSrc and nsCSPHashSource fall back to this base class
// implementation which will never allow the load.
bool nsCSPBaseSrc::permits(nsIURI* aUri, bool aWasRedirected, bool aReportOnly,
bool aUpgradeInsecure, bool aParserCreated) const {
bool aUpgradeInsecure) const {
if (CSPUTILSLOGENABLED()) {
CSPUTILSLOG(
("nsCSPBaseSrc::permits, aUri: %s", aUri->GetSpecOrDefault().get()));
@ -545,8 +545,7 @@ bool nsCSPBaseSrc::permits(nsIURI* aUri, bool aWasRedirected, bool aReportOnly,
// nsCSPSchemeSrc, nsCSPHostSrc fall back
// to this base class implementation which will never allow the load.
bool nsCSPBaseSrc::allows(enum CSPKeyword aKeyword,
const nsAString& aHashOrNonce,
bool aParserCreated) const {
const nsAString& aHashOrNonce) const {
CSPUTILSLOG(("nsCSPBaseSrc::allows, aKeyWord: %s, a HashOrNonce: %s",
aKeyword == CSP_HASH ? "hash" : CSP_EnumToUTF8Keyword(aKeyword),
NS_ConvertUTF16toUTF8(aHashOrNonce).get()));
@ -562,8 +561,7 @@ nsCSPSchemeSrc::nsCSPSchemeSrc(const nsAString& aScheme) : mScheme(aScheme) {
nsCSPSchemeSrc::~nsCSPSchemeSrc() = default;
bool nsCSPSchemeSrc::permits(nsIURI* aUri, bool aWasRedirected,
bool aReportOnly, bool aUpgradeInsecure,
bool aParserCreated) const {
bool aReportOnly, bool aUpgradeInsecure) const {
if (CSPUTILSLOGENABLED()) {
CSPUTILSLOG(
("nsCSPSchemeSrc::permits, aUri: %s", aUri->GetSpecOrDefault().get()));
@ -687,7 +685,7 @@ bool permitsPort(const nsAString& aEnforcementScheme,
}
bool nsCSPHostSrc::permits(nsIURI* aUri, bool aWasRedirected, bool aReportOnly,
bool aUpgradeInsecure, bool aParserCreated) const {
bool aUpgradeInsecure) const {
if (CSPUTILSLOGENABLED()) {
CSPUTILSLOG(
("nsCSPHostSrc::permits, aUri: %s", aUri->GetSpecOrDefault().get()));
@ -860,8 +858,7 @@ nsCSPKeywordSrc::nsCSPKeywordSrc(enum CSPKeyword aKeyword)
nsCSPKeywordSrc::~nsCSPKeywordSrc() = default;
bool nsCSPKeywordSrc::allows(enum CSPKeyword aKeyword,
const nsAString& aHashOrNonce,
bool aParserCreated) const {
const nsAString& aHashOrNonce) const {
CSPUTILSLOG(("nsCSPKeywordSrc::allows, aKeyWord: %s, aHashOrNonce: %s",
CSP_EnumToUTF8Keyword(aKeyword),
NS_ConvertUTF16toUTF8(aHashOrNonce).get()));
@ -883,8 +880,7 @@ nsCSPNonceSrc::nsCSPNonceSrc(const nsAString& aNonce) : mNonce(aNonce) {}
nsCSPNonceSrc::~nsCSPNonceSrc() = default;
bool nsCSPNonceSrc::allows(enum CSPKeyword aKeyword,
const nsAString& aHashOrNonce,
bool aParserCreated) const {
const nsAString& aHashOrNonce) const {
CSPUTILSLOG(("nsCSPNonceSrc::allows, aKeyWord: %s, a HashOrNonce: %s",
CSP_EnumToUTF8Keyword(aKeyword),
NS_ConvertUTF16toUTF8(aHashOrNonce).get()));
@ -930,8 +926,7 @@ nsCSPHashSrc::nsCSPHashSrc(const nsAString& aAlgo, const nsAString& aHash)
nsCSPHashSrc::~nsCSPHashSrc() = default;
bool nsCSPHashSrc::allows(enum CSPKeyword aKeyword,
const nsAString& aHashOrNonce,
bool aParserCreated) const {
const nsAString& aHashOrNonce) const {
CSPUTILSLOG(("nsCSPHashSrc::allows, aKeyWord: %s, a HashOrNonce: %s",
CSP_EnumToUTF8Keyword(aKeyword),
NS_ConvertUTF16toUTF8(aHashOrNonce).get()));
@ -1087,8 +1082,7 @@ static nsTArray<SRIMetadata> ParseSRIMetadata(const nsAString& aMetadata) {
bool nsCSPDirective::permits(CSPDirective aDirective, nsILoadInfo* aLoadInfo,
nsIURI* aUri, bool aWasRedirected,
bool aReportOnly, bool aUpgradeInsecure,
bool aParserCreated) const {
bool aReportOnly, bool aUpgradeInsecure) const {
MOZ_ASSERT(equals(aDirective) || isDefaultDirective());
if (CSPUTILSLOGENABLED()) {
@ -1215,8 +1209,8 @@ bool nsCSPDirective::permits(CSPDirective aDirective, nsILoadInfo* aLoadInfo,
}
for (uint32_t i = 0; i < mSrcs.Length(); i++) {
if (mSrcs[i]->permits(aUri, aWasRedirected, aReportOnly, aUpgradeInsecure,
aParserCreated)) {
if (mSrcs[i]->permits(aUri, aWasRedirected, aReportOnly,
aUpgradeInsecure)) {
return true;
}
}
@ -1224,14 +1218,13 @@ bool nsCSPDirective::permits(CSPDirective aDirective, nsILoadInfo* aLoadInfo,
}
bool nsCSPDirective::allows(enum CSPKeyword aKeyword,
const nsAString& aHashOrNonce,
bool aParserCreated) const {
const nsAString& aHashOrNonce) const {
CSPUTILSLOG(("nsCSPDirective::allows, aKeyWord: %s, a HashOrNonce: %s",
CSP_EnumToUTF8Keyword(aKeyword),
NS_ConvertUTF16toUTF8(aHashOrNonce).get()));
for (uint32_t i = 0; i < mSrcs.Length(); i++) {
if (mSrcs[i]->allows(aKeyword, aHashOrNonce, aParserCreated)) {
if (mSrcs[i]->allows(aKeyword, aHashOrNonce)) {
return true;
}
}
@ -1575,11 +1568,6 @@ bool nsCSPPolicy::permits(CSPDirective aDir, nsILoadInfo* aLoadInfo,
NS_ASSERTION(aUri, "permits needs an uri to perform the check!");
outViolatedDirective.Truncate();
bool parserCreated = false;
if (aLoadInfo) {
parserCreated = aLoadInfo->GetParserCreatedScript();
}
nsCSPDirective* defaultDir = nullptr;
// Try to find a relevant directive
@ -1588,8 +1576,7 @@ bool nsCSPPolicy::permits(CSPDirective aDir, nsILoadInfo* aLoadInfo,
for (uint32_t i = 0; i < mDirectives.Length(); i++) {
if (mDirectives[i]->equals(aDir)) {
if (!mDirectives[i]->permits(aDir, aLoadInfo, aUri, aWasRedirected,
mReportOnly, mUpgradeInsecDir,
parserCreated)) {
mReportOnly, mUpgradeInsecDir)) {
mDirectives[i]->getDirName(outViolatedDirective);
return false;
}
@ -1604,7 +1591,7 @@ bool nsCSPPolicy::permits(CSPDirective aDir, nsILoadInfo* aLoadInfo,
// Avoid relooping, just store the result of default-src while looping.
if (!aSpecific && defaultDir) {
if (!defaultDir->permits(aDir, aLoadInfo, aUri, aWasRedirected, mReportOnly,
mUpgradeInsecDir, parserCreated)) {
mUpgradeInsecDir)) {
defaultDir->getDirName(outViolatedDirective);
return false;
}
@ -1617,14 +1604,13 @@ bool nsCSPPolicy::permits(CSPDirective aDir, nsILoadInfo* aLoadInfo,
}
bool nsCSPPolicy::allows(CSPDirective aDirective, enum CSPKeyword aKeyword,
const nsAString& aHashOrNonce,
bool aParserCreated) const {
const nsAString& aHashOrNonce) const {
CSPUTILSLOG(("nsCSPPolicy::allows, aKeyWord: %s, a HashOrNonce: %s",
CSP_EnumToUTF8Keyword(aKeyword),
NS_ConvertUTF16toUTF8(aHashOrNonce).get()));
if (nsCSPDirective* directive = matchingOrDefaultDirective(aDirective)) {
return directive->allows(aKeyword, aHashOrNonce, aParserCreated);
return directive->allows(aKeyword, aHashOrNonce);
}
// No matching directive or default directive as fallback found, thus
@ -1688,13 +1674,13 @@ bool nsCSPPolicy::allowsNavigateTo(nsIURI* aURI, bool aWasRedirected,
// Early return if we can skip the allowlist AND 'unsafe-allow-redirects'
// is present.
if (!aEnforceAllowlist &&
mDirectives[i]->allows(CSP_UNSAFE_ALLOW_REDIRECTS, u""_ns, false)) {
mDirectives[i]->allows(CSP_UNSAFE_ALLOW_REDIRECTS, u""_ns)) {
return true;
}
// Otherwise, check against the allowlist.
if (!mDirectives[i]->permits(
nsIContentSecurityPolicy::NAVIGATE_TO_DIRECTIVE, nullptr, aURI,
aWasRedirected, false, false, false)) {
aWasRedirected, false, false)) {
allowsNavigateTo = false;
}
}

46
dom/security/nsCSPUtils.h
Просмотреть файл

@ -226,9 +226,9 @@ class nsCSPBaseSrc {
virtual ~nsCSPBaseSrc();
virtual bool permits(nsIURI* aUri, bool aWasRedirected, bool aReportOnly,
bool aUpgradeInsecure, bool aParserCreated) const;
virtual bool allows(enum CSPKeyword aKeyword, const nsAString& aHashOrNonce,
bool aParserCreated) const;
bool aUpgradeInsecure) const;
virtual bool allows(enum CSPKeyword aKeyword,
const nsAString& aHashOrNonce) const;
virtual bool visit(nsCSPSrcVisitor* aVisitor) const = 0;
virtual void toString(nsAString& outStr) const = 0;
@ -247,7 +247,7 @@ class nsCSPSchemeSrc : public nsCSPBaseSrc {
virtual ~nsCSPSchemeSrc();
bool permits(nsIURI* aUri, bool aWasRedirected, bool aReportOnly,
bool aUpgradeInsecure, bool aParserCreated) const override;
bool aUpgradeInsecure) const override;
bool visit(nsCSPSrcVisitor* aVisitor) const override;
void toString(nsAString& outStr) const override;
@ -265,7 +265,7 @@ class nsCSPHostSrc : public nsCSPBaseSrc {
virtual ~nsCSPHostSrc();
bool permits(nsIURI* aUri, bool aWasRedirected, bool aReportOnly,
bool aUpgradeInsecure, bool aParserCreated) const override;
bool aUpgradeInsecure) const override;
bool visit(nsCSPSrcVisitor* aVisitor) const override;
void toString(nsAString& outStr) const override;
@ -308,8 +308,8 @@ class nsCSPKeywordSrc : public nsCSPBaseSrc {
explicit nsCSPKeywordSrc(CSPKeyword aKeyword);
virtual ~nsCSPKeywordSrc();
bool allows(enum CSPKeyword aKeyword, const nsAString& aHashOrNonce,
bool aParserCreated) const override;
bool allows(enum CSPKeyword aKeyword,
const nsAString& aHashOrNonce) const override;
bool visit(nsCSPSrcVisitor* aVisitor) const override;
void toString(nsAString& outStr) const override;
@ -332,8 +332,8 @@ class nsCSPNonceSrc : public nsCSPBaseSrc {
explicit nsCSPNonceSrc(const nsAString& aNonce);
virtual ~nsCSPNonceSrc();
bool allows(enum CSPKeyword aKeyword, const nsAString& aHashOrNonce,
bool aParserCreated) const override;
bool allows(enum CSPKeyword aKeyword,
const nsAString& aHashOrNonce) const override;
bool visit(nsCSPSrcVisitor* aVisitor) const override;
void toString(nsAString& outStr) const override;
@ -352,8 +352,8 @@ class nsCSPHashSrc : public nsCSPBaseSrc {
nsCSPHashSrc(const nsAString& algo, const nsAString& hash);
virtual ~nsCSPHashSrc();
bool allows(enum CSPKeyword aKeyword, const nsAString& aHashOrNonce,
bool aParserCreated) const override;
bool allows(enum CSPKeyword aKeyword,
const nsAString& aHashOrNonce) const override;
void toString(nsAString& outStr) const override;
bool visit(nsCSPSrcVisitor* aVisitor) const override;
@ -426,9 +426,9 @@ class nsCSPDirective {
virtual bool permits(CSPDirective aDirective, nsILoadInfo* aLoadInfo,
nsIURI* aUri, bool aWasRedirected, bool aReportOnly,
bool aUpgradeInsecure, bool aParserCreated) const;
virtual bool allows(enum CSPKeyword aKeyword, const nsAString& aHashOrNonce,
bool aParserCreated) const;
bool aUpgradeInsecure) const;
virtual bool allows(enum CSPKeyword aKeyword,
const nsAString& aHashOrNonce) const;
bool allowsAllInlineBehavior(CSPDirective aDir) const;
virtual void toString(nsAString& outStr) const;
void toDomCSPStruct(mozilla::dom::CSP& outCSP) const;
@ -533,15 +533,15 @@ class nsBlockAllMixedContentDirective : public nsCSPDirective {
~nsBlockAllMixedContentDirective();
bool permits(CSPDirective aDirective, nsILoadInfo* aLoadInfo, nsIURI* aUri,
bool aWasRedirected, bool aReportOnly, bool aUpgradeInsecure,
bool aParserCreated) const override {
bool aWasRedirected, bool aReportOnly,
bool aUpgradeInsecure) const override {
return false;
}
bool permits(nsIURI* aUri) const { return false; }
bool allows(enum CSPKeyword aKeyword, const nsAString& aHashOrNonce,
bool aParserCreated) const override {
bool allows(enum CSPKeyword aKeyword,
const nsAString& aHashOrNonce) const override {
return false;
}
@ -591,15 +591,15 @@ class nsUpgradeInsecureDirective : public nsCSPDirective {
~nsUpgradeInsecureDirective();
bool permits(CSPDirective aDirective, nsILoadInfo* aLoadInfo, nsIURI* aUri,
bool aWasRedirected, bool aReportOnly, bool aUpgradeInsecure,
bool aParserCreated) const override {
bool aWasRedirected, bool aReportOnly,
bool aUpgradeInsecure) const override {
return false;
}
bool permits(nsIURI* aUri) const { return false; }
bool allows(enum CSPKeyword aKeyword, const nsAString& aHashOrNonce,
bool aParserCreated) const override {
bool allows(enum CSPKeyword aKeyword,
const nsAString& aHashOrNonce) const override {
return false;
}
@ -623,7 +623,7 @@ class nsCSPPolicy {
bool aWasRedirected, bool aSpecific,
nsAString& outViolatedDirective) const;
bool allows(CSPDirective aDirective, enum CSPKeyword aKeyword,
const nsAString& aHashOrNonce, bool aParserCreated) const;
const nsAString& aHashOrNonce) const;
void toString(nsAString& outStr) const;
void toDomCSPStruct(mozilla::dom::CSP& outCSP) const;