From ed711958eae673d34efeb5c5642d2e475b29b15d Mon Sep 17 00:00:00 2001 From: Tom Schuster Date: Mon, 31 Jul 2023 14:49:57 +0000 Subject: [PATCH] Bug 1627263 - Propagate nonce attribute from Link header preloads to loaders. r=necko-reviewers,kershaw Differential Revision: https://phabricator.services.mozilla.com/D183968 --- dom/base/nsContentSink.cpp | 14 ++++++++------ dom/base/nsContentSink.h | 11 ++++++----- ipc/glue/IPCMessageUtilsSpecializations.h | 4 ++++ netwerk/base/nsNetUtil.cpp | 13 ++++++++++--- netwerk/base/nsNetUtil.h | 1 + .../preload/link-header-preload-nonce.html.ini | 5 ----- uriloader/preload/PreloadService.cpp | 8 ++++---- uriloader/preload/PreloadService.h | 6 +++--- 8 files changed, 36 insertions(+), 26 deletions(-) delete mode 100644 testing/web-platform/meta/preload/link-header-preload-nonce.html.ini diff --git a/dom/base/nsContentSink.cpp b/dom/base/nsContentSink.cpp index 8232045a2f10..a2a4173b013a 100644 --- a/dom/base/nsContentSink.cpp +++ b/dom/base/nsContentSink.cpp @@ -311,14 +311,14 @@ nsresult nsContentSink::ProcessLinkFromHeader(const net::LinkHeader& aHeader, if (linkTypes & LinkStyle::ePRELOAD) { PreloadHref(aHeader.mHref, aHeader.mAs, aHeader.mType, aHeader.mMedia, - aHeader.mIntegrity, aHeader.mSrcset, aHeader.mSizes, - aHeader.mCrossOrigin, aHeader.mReferrerPolicy, + aHeader.mNonce, aHeader.mIntegrity, aHeader.mSrcset, + aHeader.mSizes, aHeader.mCrossOrigin, aHeader.mReferrerPolicy, aEarlyHintPreloaderId); } if ((linkTypes & LinkStyle::eMODULE_PRELOAD) && mDocument->ScriptLoader()->GetModuleLoader()) { - PreloadModule(aHeader.mHref, aHeader.mAs, aHeader.mMedia, + PreloadModule(aHeader.mHref, aHeader.mAs, aHeader.mMedia, aHeader.mNonce, aHeader.mIntegrity, aHeader.mCrossOrigin, aHeader.mReferrerPolicy, aEarlyHintPreloaderId); } @@ -420,6 +420,7 @@ void nsContentSink::PrefetchHref(const nsAString& aHref, const nsAString& aAs, void nsContentSink::PreloadHref(const nsAString& aHref, const nsAString& aAs, const nsAString& aType, const nsAString& aMedia, + const nsAString& aNonce, const nsAString& aIntegrity, const nsAString& aSrcset, const nsAString& aSizes, const nsAString& aCORS, @@ -449,12 +450,13 @@ void nsContentSink::PreloadHref(const nsAString& aHref, const nsAString& aAs, } mDocument->Preloads().PreloadLinkHeader( - uri, aHref, policyType, aAs, aType, aIntegrity, aSrcset, aSizes, aCORS, - aReferrerPolicy, aEarlyHintPreloaderId); + uri, aHref, policyType, aAs, aType, aNonce, aIntegrity, aSrcset, aSizes, + aCORS, aReferrerPolicy, aEarlyHintPreloaderId); } void nsContentSink::PreloadModule(const nsAString& aHref, const nsAString& aAs, const nsAString& aMedia, + const nsAString& aNonce, const nsAString& aIntegrity, const nsAString& aCORS, const nsAString& aReferrerPolicy, @@ -493,7 +495,7 @@ void nsContentSink::PreloadModule(const nsAString& aHref, const nsAString& aAs, mDocument->Preloads().PreloadLinkHeader( uri, aHref, nsIContentPolicy::TYPE_SCRIPT, u"script"_ns, u"module"_ns, - aIntegrity, u""_ns, u""_ns, aCORS, aReferrerPolicy, + aNonce, aIntegrity, u""_ns, u""_ns, aCORS, aReferrerPolicy, aEarlyHintPreloaderId); } diff --git a/dom/base/nsContentSink.h b/dom/base/nsContentSink.h index c049ac11b432..11b471290752 100644 --- a/dom/base/nsContentSink.h +++ b/dom/base/nsContentSink.h @@ -137,14 +137,15 @@ class nsContentSink : public nsICSSLoaderObserver, const nsAString& aType, const nsAString& aMedia); void PreloadHref(const nsAString& aHref, const nsAString& aAs, const nsAString& aType, const nsAString& aMedia, - const nsAString& aIntegrity, const nsAString& aSrcset, - const nsAString& aSizes, const nsAString& aCORS, - const nsAString& aReferrerPolicy, + const nsAString& aNonce, const nsAString& aIntegrity, + const nsAString& aSrcset, const nsAString& aSizes, + const nsAString& aCORS, const nsAString& aReferrerPolicy, uint64_t aEarlyHintPreloaderId); void PreloadModule(const nsAString& aHref, const nsAString& aAs, - const nsAString& aMedia, const nsAString& aIntegrity, - const nsAString& aCORS, const nsAString& aReferrerPolicy, + const nsAString& aMedia, const nsAString& aNonce, + const nsAString& aIntegrity, const nsAString& aCORS, + const nsAString& aReferrerPolicy, uint64_t aEarlyHintPreloaderId); // For PrefetchDNS() aHref can either be the usual diff --git a/ipc/glue/IPCMessageUtilsSpecializations.h b/ipc/glue/IPCMessageUtilsSpecializations.h index dda93df7de12..a543aaffa514 100644 --- a/ipc/glue/IPCMessageUtilsSpecializations.h +++ b/ipc/glue/IPCMessageUtilsSpecializations.h @@ -759,6 +759,7 @@ struct ParamTraits { WriteParam(aWriter, aParam.mHref); WriteParam(aWriter, aParam.mRel); WriteParam(aWriter, aParam.mTitle); + WriteParam(aWriter, aParam.mNonce); WriteParam(aWriter, aParam.mIntegrity); WriteParam(aWriter, aParam.mSrcset); WriteParam(aWriter, aParam.mSizes); @@ -778,6 +779,9 @@ struct ParamTraits { if (!ReadParam(aReader, &aResult->mTitle)) { return false; } + if (!ReadParam(aReader, &aResult->mNonce)) { + return false; + } if (!ReadParam(aReader, &aResult->mIntegrity)) { return false; } diff --git a/netwerk/base/nsNetUtil.cpp b/netwerk/base/nsNetUtil.cpp index 0927bf977279..2244f90e9f41 100644 --- a/netwerk/base/nsNetUtil.cpp +++ b/netwerk/base/nsNetUtil.cpp @@ -3503,6 +3503,7 @@ void LinkHeader::Reset() { mHref.Truncate(); mRel.Truncate(); mTitle.Truncate(); + mNonce.Truncate(); mIntegrity.Truncate(); mSrcset.Truncate(); mSizes.Truncate(); @@ -3532,9 +3533,10 @@ nsresult LinkHeader::NewResolveHref(nsIURI** aOutURI, nsIURI* aBaseURI) const { bool LinkHeader::operator==(const LinkHeader& rhs) const { return mHref == rhs.mHref && mRel == rhs.mRel && mTitle == rhs.mTitle && - mIntegrity == rhs.mIntegrity && mSrcset == rhs.mSrcset && - mSizes == rhs.mSizes && mType == rhs.mType && mMedia == rhs.mMedia && - mAnchor == rhs.mAnchor && mCrossOrigin == rhs.mCrossOrigin && + mNonce == rhs.mNonce && mIntegrity == rhs.mIntegrity && + mSrcset == rhs.mSrcset && mSizes == rhs.mSizes && mType == rhs.mType && + mMedia == rhs.mMedia && mAnchor == rhs.mAnchor && + mCrossOrigin == rhs.mCrossOrigin && mReferrerPolicy == rhs.mReferrerPolicy && mAs == rhs.mAs; } @@ -3741,6 +3743,11 @@ nsTArray ParseLinkHeader(const nsAString& aLinkData) { if (header.mReferrerPolicy.IsEmpty()) { header.mReferrerPolicy = value; } + + } else if (attr.LowerCaseEqualsLiteral("nonce")) { + if (header.mNonce.IsEmpty()) { + header.mNonce = value; + } } else if (attr.LowerCaseEqualsLiteral("integrity")) { if (header.mIntegrity.IsEmpty()) { header.mIntegrity = value; diff --git a/netwerk/base/nsNetUtil.h b/netwerk/base/nsNetUtil.h index acb0ea30d26d..1c3f8ad0b742 100644 --- a/netwerk/base/nsNetUtil.h +++ b/netwerk/base/nsNetUtil.h @@ -1002,6 +1002,7 @@ struct LinkHeader { nsString mHref; nsString mRel; nsString mTitle; + nsString mNonce; nsString mIntegrity; nsString mSrcset; nsString mSizes; diff --git a/testing/web-platform/meta/preload/link-header-preload-nonce.html.ini b/testing/web-platform/meta/preload/link-header-preload-nonce.html.ini deleted file mode 100644 index fe9be209897f..000000000000 --- a/testing/web-platform/meta/preload/link-header-preload-nonce.html.ini +++ /dev/null @@ -1,5 +0,0 @@ -[link-header-preload-nonce.html] - expected: - if (os == "android") and fission: [OK, TIMEOUT] - [with nonce] - expected: FAIL diff --git a/uriloader/preload/PreloadService.cpp b/uriloader/preload/PreloadService.cpp index d0a8ed6ff1fb..240edd57340b 100644 --- a/uriloader/preload/PreloadService.cpp +++ b/uriloader/preload/PreloadService.cpp @@ -114,8 +114,9 @@ already_AddRefed PreloadService::PreloadLinkElement( void PreloadService::PreloadLinkHeader( nsIURI* aURI, const nsAString& aURL, nsContentPolicyType aPolicyType, - const nsAString& aAs, const nsAString& aType, const nsAString& aIntegrity, - const nsAString& aSrcset, const nsAString& aSizes, const nsAString& aCORS, + const nsAString& aAs, const nsAString& aType, const nsAString& aNonce, + const nsAString& aIntegrity, const nsAString& aSrcset, + const nsAString& aSizes, const nsAString& aCORS, const nsAString& aReferrerPolicy, uint64_t aEarlyHintPreloaderId) { if (aPolicyType == nsIContentPolicy::TYPE_INVALID) { MOZ_ASSERT_UNREACHABLE("Caller should check"); @@ -127,8 +128,7 @@ void PreloadService::PreloadLinkHeader( } PreloadOrCoalesce(aURI, aURL, aPolicyType, aAs, aType, u""_ns, aSrcset, - aSizes, /* aNonce = */ u""_ns, aIntegrity, aCORS, - aReferrerPolicy, + aSizes, aNonce, aIntegrity, aCORS, aReferrerPolicy, /* aFromHeader = */ true, aEarlyHintPreloaderId); } diff --git a/uriloader/preload/PreloadService.h b/uriloader/preload/PreloadService.h index c40f09e4c683..44f8f17205d9 100644 --- a/uriloader/preload/PreloadService.h +++ b/uriloader/preload/PreloadService.h @@ -72,9 +72,9 @@ class PreloadService { // AsyncOpen. void PreloadLinkHeader(nsIURI* aURI, const nsAString& aURL, nsContentPolicyType aPolicyType, const nsAString& aAs, - const nsAString& aType, const nsAString& aIntegrity, - const nsAString& aSrcset, const nsAString& aSizes, - const nsAString& aCORS, + const nsAString& aType, const nsAString& aNonce, + const nsAString& aIntegrity, const nsAString& aSrcset, + const nsAString& aSizes, const nsAString& aCORS, const nsAString& aReferrerPolicy, uint64_t aEarlyHintPreloaderId);