From fc1f4bb4ae3d61495ca499ee2ab5b8ef574ad5b5 Mon Sep 17 00:00:00 2001 From: Nicholas Nethercote Date: Thu, 19 Jul 2018 10:43:29 +1000 Subject: [PATCH] Bug 1476820 - Convert some VarCache prefs in dom/security/ to use StaticPrefs. r=ckerschb Specifically: - "security.csp.enable" - "security.csp.experimentalEnabled" - "security.csp.enableStrictDynamic" - "security.csp.reporting.script-sample.max-length" - "security.csp.enable_violation_events" MozReview-Commit-ID: G1ie4ut9QaK --HG-- extra : rebase_source : d6b5a0e79eb7046a13a8b4fe957c82c11831c86c --- dom/base/nsDocument.cpp | 2 +- dom/html/HTMLMetaElement.cpp | 3 +- dom/security/nsCSPContext.cpp | 15 +--------- dom/security/nsCSPContext.h | 9 +++--- dom/security/nsCSPParser.cpp | 13 ++------- dom/security/nsCSPParser.h | 3 -- dom/security/nsCSPService.cpp | 13 ++++----- dom/security/nsCSPService.h | 1 - dom/workers/ScriptLoader.cpp | 2 +- modules/libpref/init/StaticPrefList.h | 40 +++++++++++++++++++++++++++ modules/libpref/init/all.js | 10 ------- parser/html/nsHtml5TreeOpExecutor.cpp | 2 +- 12 files changed, 59 insertions(+), 54 deletions(-) diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp index 34b62f7d2069..d46e38500ad5 100644 --- a/dom/base/nsDocument.cpp +++ b/dom/base/nsDocument.cpp @@ -2843,7 +2843,7 @@ nsIDocument::InitCSP(nsIChannel* aChannel) { MOZ_ASSERT(!mScriptGlobalObject, "CSP must be initialized before mScriptGlobalObject is set!"); - if (!CSPService::sCSPEnabled) { + if (!StaticPrefs::security_csp_enable()) { MOZ_LOG(gCspPRLog, LogLevel::Debug, ("CSP is disabled, skipping CSP init for document %p", this)); return NS_OK; diff --git a/dom/html/HTMLMetaElement.cpp b/dom/html/HTMLMetaElement.cpp index f7871af045d8..5f52c6377f0d 100644 --- a/dom/html/HTMLMetaElement.cpp +++ b/dom/html/HTMLMetaElement.cpp @@ -94,7 +94,8 @@ HTMLMetaElement::BindToTree(nsIDocument* aDocument, nsIContent* aParent, nsContentUtils::ProcessViewportInfo(aDocument, content); } - if (CSPService::sCSPEnabled && aDocument && !aDocument->IsLoadedAsData() && + if (StaticPrefs::security_csp_enable() && aDocument && + !aDocument->IsLoadedAsData() && AttrValueIs(kNameSpaceID_None, nsGkAtoms::httpEquiv, nsGkAtoms::headerCSP, eIgnoreCase)) { // only accept if it appears diff --git a/dom/security/nsCSPContext.cpp b/dom/security/nsCSPContext.cpp index 54053ecf8849..9522c7d81864 100644 --- a/dom/security/nsCSPContext.cpp +++ b/dom/security/nsCSPContext.cpp @@ -320,25 +320,12 @@ NS_IMPL_ISUPPORTS_CI(nsCSPContext, nsIContentSecurityPolicy, nsISerializable) -int32_t nsCSPContext::sScriptSampleMaxLength; -bool nsCSPContext::sViolationEventsEnabled = false; - nsCSPContext::nsCSPContext() : mInnerWindowID(0) , mLoadingContext(nullptr) , mLoadingPrincipal(nullptr) , mQueueUpMessages(true) { - static bool sInitialized = false; - if (!sInitialized) { - Preferences::AddIntVarCache(&sScriptSampleMaxLength, - "security.csp.reporting.script-sample.max-length", - 40); - Preferences::AddBoolVarCache(&sViolationEventsEnabled, - "security.csp.enable_violation_events"); - sInitialized = true; - } - CSPCONTEXTLOG(("nsCSPContext::nsCSPContext")); } @@ -1201,7 +1188,7 @@ nsCSPContext::FireViolationEvent( Element* aTriggeringElement, const mozilla::dom::SecurityPolicyViolationEventInit& aViolationEventInit) { - if (!sViolationEventsEnabled) { + if (!StaticPrefs::security_csp_enable_violation_events()) { return NS_OK; } diff --git a/dom/security/nsCSPContext.h b/dom/security/nsCSPContext.h index 35787d1ce266..99f7adca6865 100644 --- a/dom/security/nsCSPContext.h +++ b/dom/security/nsCSPContext.h @@ -9,6 +9,7 @@ #include "mozilla/dom/nsCSPUtils.h" #include "mozilla/dom/SecurityPolicyViolationEvent.h" +#include "mozilla/StaticPrefs.h" #include "nsDataHashtable.h" #include "nsIChannel.h" #include "nsIChannelEventSink.h" @@ -140,7 +141,9 @@ class nsCSPContext : public nsIContentSecurityPolicy static uint32_t ScriptSampleMaxLength() { - return std::max(sScriptSampleMaxLength, 0); + return std::max( + mozilla::StaticPrefs::security_csp_reporting_script_sample_max_length(), + 0); } private: @@ -165,10 +168,6 @@ class nsCSPContext : public nsIContentSecurityPolicy uint32_t aLineNumber, uint32_t aColumnNumber); - static int32_t sScriptSampleMaxLength; - - static bool sViolationEventsEnabled; - nsString mReferrer; uint64_t mInnerWindowID; // used for web console logging nsTArray mPolicies; diff --git a/dom/security/nsCSPParser.cpp b/dom/security/nsCSPParser.cpp index 34784dcede2e..4647fe6b39cf 100644 --- a/dom/security/nsCSPParser.cpp +++ b/dom/security/nsCSPParser.cpp @@ -6,6 +6,7 @@ #include "mozilla/ArrayUtils.h" #include "mozilla/Preferences.h" +#include "mozilla/StaticPrefs.h" #include "nsCOMPtr.h" #include "nsContentUtils.h" #include "nsCSPParser.h" @@ -61,8 +62,6 @@ static const char* const kStyle = "style"; static const char* const kScript = "script"; /* ===== nsCSPParser ==================== */ -bool nsCSPParser::sCSPExperimentalEnabled = false; -bool nsCSPParser::sStrictDynamicEnabled = false; nsCSPParser::nsCSPParser(policyTokens& aTokens, nsIURI* aSelfURI, @@ -84,12 +83,6 @@ nsCSPParser::nsCSPParser(policyTokens& aTokens, , mCSPContext(aCSPContext) , mDeliveredViaMetaTag(aDeliveredViaMetaTag) { - static bool initialized = false; - if (!initialized) { - initialized = true; - Preferences::AddBoolVarCache(&sCSPExperimentalEnabled, "security.csp.experimentalEnabled"); - Preferences::AddBoolVarCache(&sStrictDynamicEnabled, "security.csp.enableStrictDynamic"); - } CSPPARSERLOG(("nsCSPParser::nsCSPParser")); } @@ -488,7 +481,7 @@ nsCSPParser::keywordSource() if (CSP_IsKeyword(mCurToken, CSP_STRICT_DYNAMIC)) { // make sure strict dynamic is enabled - if (!sStrictDynamicEnabled) { + if (!StaticPrefs::security_csp_enableStrictDynamic()) { return nullptr; } if (!CSP_IsDirective(mCurDir[0], nsIContentSecurityPolicy::SCRIPT_SRC_DIRECTIVE)) { @@ -968,7 +961,7 @@ nsCSPParser::directiveName() // Check if it is a valid directive if (!CSP_IsValidDirective(mCurToken) || - (!sCSPExperimentalEnabled && + (!StaticPrefs::security_csp_experimentalEnabled() && CSP_IsDirective(mCurToken, nsIContentSecurityPolicy::REQUIRE_SRI_FOR))) { const char16_t* params[] = { mCurToken.get() }; logWarningErrorToConsole(nsIScriptError::warningFlag, "couldNotProcessUnknownDirective", diff --git a/dom/security/nsCSPParser.h b/dom/security/nsCSPParser.h index 16ac032acdf5..03d6c075657d 100644 --- a/dom/security/nsCSPParser.h +++ b/dom/security/nsCSPParser.h @@ -33,9 +33,6 @@ class nsCSPParser { nsCSPContext* aCSPContext, bool aDeliveredViaMetaTag); - static bool sCSPExperimentalEnabled; - static bool sStrictDynamicEnabled; - ~nsCSPParser(); diff --git a/dom/security/nsCSPService.cpp b/dom/security/nsCSPService.cpp index 24f0b08dacab..1722e19df6af 100644 --- a/dom/security/nsCSPService.cpp +++ b/dom/security/nsCSPService.cpp @@ -5,6 +5,8 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "mozilla/Logging.h" +#include "mozilla/Preferences.h" +#include "mozilla/StaticPrefs.h" #include "nsString.h" #include "nsCOMPtr.h" #include "nsIURI.h" @@ -16,21 +18,16 @@ #include "nsError.h" #include "nsIAsyncVerifyRedirectCallback.h" #include "nsAsyncRedirectVerifyHelper.h" -#include "mozilla/Preferences.h" #include "nsIScriptError.h" #include "nsContentUtils.h" #include "nsContentPolicyUtils.h" using namespace mozilla; -/* Keeps track of whether or not CSP is enabled */ -bool CSPService::sCSPEnabled = true; - static LazyLogModule gCspPRLog("CSP"); CSPService::CSPService() { - Preferences::AddBoolVarCache(&sCSPEnabled, "security.csp.enable"); } CSPService::~CSPService() @@ -152,7 +149,8 @@ CSPService::ShouldLoad(nsIURI *aContentLocation, // Please note, the correct way to opt-out of CSP using a custom // protocolHandler is to set one of the nsIProtocolHandler flags // that are whitelistet in subjectToCSP() - if (!sCSPEnabled || !subjectToCSP(aContentLocation, contentType)) { + if (!StaticPrefs::security_csp_enable() || + !subjectToCSP(aContentLocation, contentType)) { return NS_OK; } @@ -282,7 +280,8 @@ CSPService::AsyncOnChannelRedirect(nsIChannel *oldChannel, // protocolHandler is to set one of the nsIProtocolHandler flags // that are whitelistet in subjectToCSP() nsContentPolicyType policyType = loadInfo->InternalContentPolicyType(); - if (!sCSPEnabled || !subjectToCSP(newUri, policyType)) { + if (!StaticPrefs::security_csp_enable() || + !subjectToCSP(newUri, policyType)) { return NS_OK; } diff --git a/dom/security/nsCSPService.h b/dom/security/nsCSPService.h index 0eb991233c75..08f2b6eddf16 100644 --- a/dom/security/nsCSPService.h +++ b/dom/security/nsCSPService.h @@ -26,7 +26,6 @@ public: NS_DECL_NSICHANNELEVENTSINK CSPService(); - static bool sCSPEnabled; protected: virtual ~CSPService(); diff --git a/dom/workers/ScriptLoader.cpp b/dom/workers/ScriptLoader.cpp index fbc25d782810..0a8b485beae0 100644 --- a/dom/workers/ScriptLoader.cpp +++ b/dom/workers/ScriptLoader.cpp @@ -1259,7 +1259,7 @@ private: nsCOMPtr csp = mWorkerPrivate->GetCSP(); // We did inherit CSP in bug 1223647. If we do not already have a CSP, we // should get it from the HTTP headers on the worker script. - if (CSPService::sCSPEnabled) { + if (StaticPrefs::security_csp_enable()) { if (!csp) { rv = mWorkerPrivate->SetCSPFromHeaderValues(tCspHeaderValue, tCspROHeaderValue); diff --git a/modules/libpref/init/StaticPrefList.h b/modules/libpref/init/StaticPrefList.h index 3b9154b9d203..2a05da0efb70 100644 --- a/modules/libpref/init/StaticPrefList.h +++ b/modules/libpref/init/StaticPrefList.h @@ -1163,6 +1163,46 @@ VARCACHE_PREF( uint32_t, 2592000 // 30 days (in seconds) ) +//--------------------------------------------------------------------------- +// Security prefs +//--------------------------------------------------------------------------- + +VARCACHE_PREF( + "security.csp.enable", + security_csp_enable, + bool, true +) + +VARCACHE_PREF( + "security.csp.experimentalEnabled", + security_csp_experimentalEnabled, + bool, false +) + +VARCACHE_PREF( + "security.csp.enableStrictDynamic", + security_csp_enableStrictDynamic, + bool, true +) + +#ifdef NIGHTLY_BUILD +# define PREF_VALUE true +#else +# define PREF_VALUE false +#endif +VARCACHE_PREF( + "security.csp.enable_violation_events", + security_csp_enable_violation_events, + bool, PREF_VALUE +) +#undef PREF_VALUE + +VARCACHE_PREF( + "security.csp.reporting.script-sample.max-length", + security_csp_reporting_script_sample_max_length, + int32_t, 40 +) + //--------------------------------------------------------------------------- // View source prefs //--------------------------------------------------------------------------- diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js index 91b95acb7038..85825efdf666 100644 --- a/modules/libpref/init/all.js +++ b/modules/libpref/init/all.js @@ -2518,21 +2518,11 @@ pref("security.directory", ""); pref("security.dialog_enable_delay", 1000); pref("security.notification_enable_delay", 500); -pref("security.csp.enable", true); -pref("security.csp.experimentalEnabled", false); -pref("security.csp.enableStrictDynamic", true); - #if defined(DEBUG) && !defined(ANDROID) // about:welcome has been added until Bug 1448359 is fixed at which time home, newtab, and welcome will all be removed. pref("csp.content_privileged_about_uris_without_csp", "blank,home,newtab,printpreview,srcdoc,welcome"); #endif -#ifdef NIGHTLY_BUILD -pref("security.csp.enable_violation_events", true); -#else -pref("security.csp.enable_violation_events", false); -#endif - // Default Content Security Policy to apply to signed contents. pref("security.signed_content.CSP.default", "script-src 'self'; style-src 'self'"); diff --git a/parser/html/nsHtml5TreeOpExecutor.cpp b/parser/html/nsHtml5TreeOpExecutor.cpp index 5e02755ef9ca..09418be30617 100644 --- a/parser/html/nsHtml5TreeOpExecutor.cpp +++ b/parser/html/nsHtml5TreeOpExecutor.cpp @@ -1135,7 +1135,7 @@ nsHtml5TreeOpExecutor::SetSpeculationReferrerPolicy( void nsHtml5TreeOpExecutor::AddSpeculationCSP(const nsAString& aCSP) { - if (!CSPService::sCSPEnabled) { + if (!StaticPrefs::security_csp_enable()) { return; }