Bug 1048048 - add preload content policy types (r=ehsan)

--HG--
extra : source : 740ab1ecd0794b5a304b93ef528c8aa4c68ca417
This commit is contained in:
Christoph Kerschbaumer 2015-09-20 14:55:44 -07:00
Родитель 9f1e9e2eaa
Коммит f69e2b393b
9 изменённых файлов: 143 добавлений и 43 удалений

Просмотреть файл

@ -13,6 +13,7 @@
#include "nsISupports.h" #include "nsISupports.h"
#include "nsXPCOM.h" #include "nsXPCOM.h"
#include "nsContentPolicyUtils.h" #include "nsContentPolicyUtils.h"
#include "mozilla/dom/nsCSPService.h"
#include "nsContentPolicy.h" #include "nsContentPolicy.h"
#include "nsIURI.h" #include "nsIURI.h"
#include "nsIDocShell.h" #include "nsIDocShell.h"
@ -123,9 +124,15 @@ nsContentPolicy::CheckPolicy(CPMethod policyMethod,
nsContentPolicyType externalTypeOrScript = nsContentPolicyType externalTypeOrScript =
nsContentUtils::InternalContentPolicyTypeToExternalOrScript(contentType); nsContentUtils::InternalContentPolicyTypeToExternalOrScript(contentType);
nsContentPolicyType externalTypeOrPreload =
nsContentUtils::InternalContentPolicyTypeToExternalOrPreload(contentType);
nsCOMPtr<nsIContentPolicy> mixedContentBlocker = nsCOMPtr<nsIContentPolicy> mixedContentBlocker =
do_GetService(NS_MIXEDCONTENTBLOCKER_CONTRACTID); do_GetService(NS_MIXEDCONTENTBLOCKER_CONTRACTID);
nsCOMPtr<nsIContentPolicy> cspService =
do_GetService(CSPSERVICE_CONTRACTID);
/* /*
* Enumerate mPolicies and ask each of them, taking the logical AND of * Enumerate mPolicies and ask each of them, taking the logical AND of
* their permissions. * their permissions.
@ -144,6 +151,15 @@ nsContentPolicy::CheckPolicy(CPMethod policyMethod,
if (isMixedContentBlocker) { if (isMixedContentBlocker) {
type = externalTypeOrScript; type = externalTypeOrScript;
} }
// Send the internal content policy type for CSP which needs to
// know about preloads, in particular:
// * TYPE_INTERNAL_SCRIPT_PRELOAD
// * TYPE_INTERNAL_IMAGE_PRELOAD
// * TYPE_INTERNAL_STYLESHEET_PRELOAD
bool isCSP = cspService == entries[i];
if (isCSP) {
type = externalTypeOrPreload;
}
rv = (entries[i]->*policyMethod)(type, contentLocation, rv = (entries[i]->*policyMethod)(type, contentLocation,
requestingLocation, requestingContext, requestingLocation, requestingContext,
mimeType, extra, requestPrincipal, mimeType, extra, requestPrincipal,

Просмотреть файл

@ -92,41 +92,46 @@ inline const char *
NS_CP_ContentTypeName(uint32_t contentType) NS_CP_ContentTypeName(uint32_t contentType)
{ {
switch (contentType) { switch (contentType) {
CASE_RETURN( TYPE_OTHER ); CASE_RETURN( TYPE_OTHER );
CASE_RETURN( TYPE_SCRIPT ); CASE_RETURN( TYPE_SCRIPT );
CASE_RETURN( TYPE_IMAGE ); CASE_RETURN( TYPE_IMAGE );
CASE_RETURN( TYPE_STYLESHEET ); CASE_RETURN( TYPE_STYLESHEET );
CASE_RETURN( TYPE_OBJECT ); CASE_RETURN( TYPE_OBJECT );
CASE_RETURN( TYPE_DOCUMENT ); CASE_RETURN( TYPE_DOCUMENT );
CASE_RETURN( TYPE_SUBDOCUMENT ); CASE_RETURN( TYPE_SUBDOCUMENT );
CASE_RETURN( TYPE_REFRESH ); CASE_RETURN( TYPE_REFRESH );
CASE_RETURN( TYPE_XBL ); CASE_RETURN( TYPE_XBL );
CASE_RETURN( TYPE_PING ); CASE_RETURN( TYPE_PING );
CASE_RETURN( TYPE_XMLHTTPREQUEST ); CASE_RETURN( TYPE_XMLHTTPREQUEST );
CASE_RETURN( TYPE_OBJECT_SUBREQUEST ); CASE_RETURN( TYPE_OBJECT_SUBREQUEST );
CASE_RETURN( TYPE_DTD ); CASE_RETURN( TYPE_DTD );
CASE_RETURN( TYPE_FONT ); CASE_RETURN( TYPE_FONT );
CASE_RETURN( TYPE_MEDIA ); CASE_RETURN( TYPE_MEDIA );
CASE_RETURN( TYPE_WEBSOCKET ); CASE_RETURN( TYPE_WEBSOCKET );
CASE_RETURN( TYPE_CSP_REPORT ); CASE_RETURN( TYPE_CSP_REPORT );
CASE_RETURN( TYPE_XSLT ); CASE_RETURN( TYPE_XSLT );
CASE_RETURN( TYPE_BEACON ); CASE_RETURN( TYPE_BEACON );
CASE_RETURN( TYPE_FETCH ); CASE_RETURN( TYPE_FETCH );
CASE_RETURN( TYPE_IMAGESET ); CASE_RETURN( TYPE_IMAGESET );
CASE_RETURN( TYPE_WEB_MANIFEST ); CASE_RETURN( TYPE_WEB_MANIFEST );
CASE_RETURN( TYPE_INTERNAL_SCRIPT ); CASE_RETURN( TYPE_INTERNAL_SCRIPT );
CASE_RETURN( TYPE_INTERNAL_WORKER ); CASE_RETURN( TYPE_INTERNAL_WORKER );
CASE_RETURN( TYPE_INTERNAL_SHARED_WORKER ); CASE_RETURN( TYPE_INTERNAL_SHARED_WORKER );
CASE_RETURN( TYPE_INTERNAL_EMBED ); CASE_RETURN( TYPE_INTERNAL_EMBED );
CASE_RETURN( TYPE_INTERNAL_OBJECT ); CASE_RETURN( TYPE_INTERNAL_OBJECT );
CASE_RETURN( TYPE_INTERNAL_FRAME ); CASE_RETURN( TYPE_INTERNAL_FRAME );
CASE_RETURN( TYPE_INTERNAL_IFRAME ); CASE_RETURN( TYPE_INTERNAL_IFRAME );
CASE_RETURN( TYPE_INTERNAL_AUDIO ); CASE_RETURN( TYPE_INTERNAL_AUDIO );
CASE_RETURN( TYPE_INTERNAL_VIDEO ); CASE_RETURN( TYPE_INTERNAL_VIDEO );
CASE_RETURN( TYPE_INTERNAL_TRACK ); CASE_RETURN( TYPE_INTERNAL_TRACK );
CASE_RETURN( TYPE_INTERNAL_XMLHTTPREQUEST ); CASE_RETURN( TYPE_INTERNAL_XMLHTTPREQUEST );
CASE_RETURN( TYPE_INTERNAL_EVENTSOURCE ); CASE_RETURN( TYPE_INTERNAL_EVENTSOURCE );
CASE_RETURN( TYPE_INTERNAL_SERVICE_WORKER ); CASE_RETURN( TYPE_INTERNAL_SERVICE_WORKER );
CASE_RETURN( TYPE_INTERNAL_SCRIPT_PRELOAD );
CASE_RETURN( TYPE_INTERNAL_IMAGE );
CASE_RETURN( TYPE_INTERNAL_IMAGE_PRELOAD );
CASE_RETURN( TYPE_INTERNAL_STYLESHEET );
CASE_RETURN( TYPE_INTERNAL_STYLESHEET_PRELOAD );
default: default:
return "<Unknown Type>"; return "<Unknown Type>";
} }

Просмотреть файл

@ -7959,6 +7959,7 @@ nsContentUtils::InternalContentPolicyTypeToExternal(nsContentPolicyType aType)
{ {
switch (aType) { switch (aType) {
case nsIContentPolicy::TYPE_INTERNAL_SCRIPT: case nsIContentPolicy::TYPE_INTERNAL_SCRIPT:
case nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD:
case nsIContentPolicy::TYPE_INTERNAL_WORKER: case nsIContentPolicy::TYPE_INTERNAL_WORKER:
case nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER: case nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER:
case nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER: case nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER:
@ -7981,6 +7982,14 @@ nsContentUtils::InternalContentPolicyTypeToExternal(nsContentPolicyType aType)
case nsIContentPolicy::TYPE_INTERNAL_EVENTSOURCE: case nsIContentPolicy::TYPE_INTERNAL_EVENTSOURCE:
return nsIContentPolicy::TYPE_XMLHTTPREQUEST; return nsIContentPolicy::TYPE_XMLHTTPREQUEST;
case nsIContentPolicy::TYPE_INTERNAL_IMAGE:
case nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD:
return nsIContentPolicy::TYPE_IMAGE;
case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET:
case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD:
return nsIContentPolicy::TYPE_STYLESHEET;
default: default:
return aType; return aType;
} }
@ -8002,6 +8011,17 @@ nsContentUtils::InternalContentPolicyTypeToExternalOrScript(nsContentPolicyType
} }
} }
/* static */
nsContentPolicyType
nsContentUtils::InternalContentPolicyTypeToExternalOrPreload(nsContentPolicyType aType)
{
if (aType == nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD ||
aType == nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD ||
aType == nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD) {
return aType;
}
return InternalContentPolicyTypeToExternal(aType);
}
nsresult nsresult
nsContentUtils::SetFetchReferrerURIWithPolicy(nsIPrincipal* aPrincipal, nsContentUtils::SetFetchReferrerURIWithPolicy(nsIPrincipal* aPrincipal,

Просмотреть файл

@ -965,6 +965,16 @@ public:
*/ */
static nsContentPolicyType InternalContentPolicyTypeToExternalOrScript(nsContentPolicyType aType); static nsContentPolicyType InternalContentPolicyTypeToExternalOrScript(nsContentPolicyType aType);
/**
* Map internal content policy types to external ones or preload types:
* * TYPE_INTERNAL_SCRIPT_PRELOAD
* * TYPE_INTERNAL_IMAGE_PRELOAD
* * TYPE_INTERNAL_STYLESHEET_PRELOAD
*
* Note: DO NOT call this function unless you know what you're doing!
*/
static nsContentPolicyType InternalContentPolicyTypeToExternalOrPreload(nsContentPolicyType aType);
/** /**
* Quick helper to determine whether there are any mutation listeners * Quick helper to determine whether there are any mutation listeners
* of a given type that apply to this content or any of its ancestors. * of a given type that apply to this content or any of its ancestors.

Просмотреть файл

@ -20,7 +20,7 @@ interface nsIPrincipal;
* by launching a dialog to prompt the user for something). * by launching a dialog to prompt the user for something).
*/ */
[scriptable,uuid(ce321216-c404-40a7-a711-d80454ec6b76)] [scriptable,uuid(caad4f1f-d047-46ac-ae9d-dc598e4fb91b)]
interface nsIContentPolicy : nsIContentPolicyBase interface nsIContentPolicy : nsIContentPolicyBase
{ {
/** /**

Просмотреть файл

@ -24,7 +24,7 @@ typedef unsigned long nsContentPolicyType;
* by launching a dialog to prompt the user for something). * by launching a dialog to prompt the user for something).
*/ */
[scriptable,uuid(8527ae0d-0c43-4413-bc46-85c0bcb66876)] [scriptable,uuid(17418187-d86f-48dd-92d1-238838df0a4e)]
interface nsIContentPolicyBase : nsISupports interface nsIContentPolicyBase : nsISupports
{ {
/** /**
@ -280,6 +280,47 @@ interface nsIContentPolicyBase : nsISupports
*/ */
const nsContentPolicyType TYPE_INTERNAL_SERVICE_WORKER = 35; const nsContentPolicyType TYPE_INTERNAL_SERVICE_WORKER = 35;
/**
* Indicates an internal constant for *preloaded* scripts
* loaded through script elements.
*
* This will be mapped to TYPE_SCRIPT before being passed
* to content policy implementations.
*/
const nsContentPolicyType TYPE_INTERNAL_SCRIPT_PRELOAD = 36;
/**
* Indicates an internal constant for normal images.
*
* This will be mapped to TYPE_IMAGE before being passed
* to content policy implementations.
*/
const nsContentPolicyType TYPE_INTERNAL_IMAGE = 37;
/**
* Indicates an internal constant for *preloaded* images.
*
* This will be mapped to TYPE_IMAGE before being passed
* to content policy implementations.
*/
const nsContentPolicyType TYPE_INTERNAL_IMAGE_PRELOAD = 38;
/**
* Indicates an internal constant for normal stylesheets.
*
* This will be mapped to TYPE_STYLESHEET before being passed
* to content policy implementations.
*/
const nsContentPolicyType TYPE_INTERNAL_STYLESHEET = 39;
/**
* Indicates an internal constant for *preloaded* stylesheets.
*
* This will be mapped to TYPE_STYLESHEET before being passed
* to content policy implementations.
*/
const nsContentPolicyType TYPE_INTERNAL_STYLESHEET_PRELOAD = 40;
/* When adding new content types, please update nsContentBlocker, /* When adding new content types, please update nsContentBlocker,
* NS_CP_ContentTypeName, nsCSPContext, all nsIContentPolicy * NS_CP_ContentTypeName, nsCSPContext, all nsIContentPolicy
* implementations, the static_assert in dom/cache/DBSchema.cpp, * implementations, the static_assert in dom/cache/DBSchema.cpp,

7
dom/cache/DBSchema.cpp поставляемый
Просмотреть файл

@ -275,7 +275,12 @@ static_assert(nsIContentPolicy::TYPE_INVALID == 0 &&
nsIContentPolicy::TYPE_INTERNAL_TRACK == 32 && nsIContentPolicy::TYPE_INTERNAL_TRACK == 32 &&
nsIContentPolicy::TYPE_INTERNAL_XMLHTTPREQUEST == 33 && nsIContentPolicy::TYPE_INTERNAL_XMLHTTPREQUEST == 33 &&
nsIContentPolicy::TYPE_INTERNAL_EVENTSOURCE == 34 && nsIContentPolicy::TYPE_INTERNAL_EVENTSOURCE == 34 &&
nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER == 35, nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER == 35 &&
nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD == 36 &&
nsIContentPolicy::TYPE_INTERNAL_IMAGE == 37 &&
nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD == 38 &&
nsIContentPolicy::TYPE_INTERNAL_STYLESHEET == 39 &&
nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD == 40,
"nsContentPolicyType values are as expected"); "nsContentPolicyType values are as expected");
namespace { namespace {

Просмотреть файл

@ -116,6 +116,7 @@ InternalRequest::MapContentPolicyTypeToRequestContext(nsContentPolicyType aConte
context = RequestContext::Internal; context = RequestContext::Internal;
break; break;
case nsIContentPolicy::TYPE_INTERNAL_SCRIPT: case nsIContentPolicy::TYPE_INTERNAL_SCRIPT:
case nsIContentPolicy::TYPE_INTERNAL_SCRIPT_PRELOAD:
case nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER: case nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER:
context = RequestContext::Script; context = RequestContext::Script;
break; break;
@ -125,10 +126,12 @@ InternalRequest::MapContentPolicyTypeToRequestContext(nsContentPolicyType aConte
case nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER: case nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER:
context = RequestContext::Sharedworker; context = RequestContext::Sharedworker;
break; break;
case nsIContentPolicy::TYPE_IMAGE: case nsIContentPolicy::TYPE_INTERNAL_IMAGE:
case nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD:
context = RequestContext::Image; context = RequestContext::Image;
break; break;
case nsIContentPolicy::TYPE_STYLESHEET: case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET:
case nsIContentPolicy::TYPE_INTERNAL_STYLESHEET_PRELOAD:
context = RequestContext::Style; context = RequestContext::Style;
break; break;
case nsIContentPolicy::TYPE_INTERNAL_OBJECT: case nsIContentPolicy::TYPE_INTERNAL_OBJECT:

Просмотреть файл

@ -43,7 +43,7 @@ namespace dom {
* frame | TYPE_INTERNAL_FRAME * frame | TYPE_INTERNAL_FRAME
* hyperlink | * hyperlink |
* iframe | TYPE_INTERNAL_IFRAME * iframe | TYPE_INTERNAL_IFRAME
* image | TYPE_IMAGE * image | TYPE_INTERNAL_IMAGE, TYPE_INTERNAL_IMAGE_PRELOAD
* imageset | TYPE_IMAGESET * imageset | TYPE_IMAGESET
* import | Not supported by Gecko * import | Not supported by Gecko
* internal | TYPE_DOCUMENT, TYPE_XBL, TYPE_OTHER * internal | TYPE_DOCUMENT, TYPE_XBL, TYPE_OTHER
@ -53,10 +53,10 @@ namespace dom {
* ping | TYPE_PING * ping | TYPE_PING
* plugin | TYPE_OBJECT_SUBREQUEST * plugin | TYPE_OBJECT_SUBREQUEST
* prefetch | * prefetch |
* script | TYPE_INTERNAL_SCRIPT * script | TYPE_INTERNAL_SCRIPT, TYPE_INTERNAL_SCRIPT_PRELOAD
* sharedworker | TYPE_INTERNAL_SHARED_WORKER * sharedworker | TYPE_INTERNAL_SHARED_WORKER
* subresource | Not supported by Gecko * subresource | Not supported by Gecko
* style | TYPE_STYLESHEET * style | TYPE_INTERNAL_STYLESHEET, TYPE_INTERNAL_STYLESHEET_PRELOAD
* track | TYPE_INTERNAL_TRACK * track | TYPE_INTERNAL_TRACK
* video | TYPE_INTERNAL_VIDEO * video | TYPE_INTERNAL_VIDEO
* worker | TYPE_INTERNAL_WORKER * worker | TYPE_INTERNAL_WORKER