Skip to content
Snippets Groups Projects
Commit b186aff5 authored by Matt Woodrow's avatar Matt Woodrow
Browse files

Bug 1625366 - Remove support for custom violation callbacks on nsCSPContext... 

Bug 1625366 - Remove support for custom violation callbacks on nsCSPContext since it should no longer be needed. r=ckerschb

Differential Revision: https://phabricator.services.mozilla.com/D69911

--HG--
extra : moz-landing-system : lando
parent 26bafdbf
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
dom/security/nsCSPContext.cpp
+ 61
85
View file @ b186aff5
......@@ -121,18 +121,6 @@ nsCSPContext::ShouldLoad(nsContentPolicyType aContentType,
nsIURI* aOriginalURIIfRedirect,
bool aSendViolationReports, const nsAString& aNonce,
bool aParserCreated, int16_t* outDecision) {
return ShouldLoad(AsyncReportViolationCallback(AsyncReportViolation),
aContentType, aCSPEventListener, aContentLocation,
aMimeTypeGuess, aOriginalURIIfRedirect,
aSendViolationReports, aNonce, aParserCreated, outDecision);
}
nsresult nsCSPContext::ShouldLoad(
const AsyncReportViolationCallback& aCallback,
nsContentPolicyType aContentType, nsICSPEventListener* aCSPEventListener,
nsIURI* aContentLocation, const nsACString& aMimeTypeGuess,
nsIURI* aOriginalURIIfRedirect, bool aSendViolationReports,
const nsAString& aNonce, bool aParserCreated, int16_t* outDecision) {
if (CSPCONTEXTLOGENABLED()) {
CSPCONTEXTLOG(("nsCSPContext::ShouldLoad, aContentLocation: %s",
aContentLocation->GetSpecOrDefault().get()));
......@@ -167,7 +155,7 @@ nsresult nsCSPContext::ShouldLoad(
}
bool permitted =
permitsInternal(aCallback, dir,
permitsInternal(dir,
nullptr, // aTriggeringElement
aCSPEventListener, aContentLocation,
aOriginalURIIfRedirect, aNonce, isPreload,
......@@ -190,12 +178,11 @@ nsresult nsCSPContext::ShouldLoad(
}
bool nsCSPContext::permitsInternal(
const AsyncReportViolationCallback& aCallback, CSPDirective aDir,
Element* aTriggeringElement, nsICSPEventListener* aCSPEventListener,
nsIURI* aContentLocation, nsIURI* aOriginalURIIfRedirect,
const nsAString& aNonce, bool aIsPreload, bool aSpecific,
bool aSendViolationReports, bool aSendContentLocationInViolationReports,
bool aParserCreated) {
CSPDirective aDir, Element* aTriggeringElement,
nsICSPEventListener* aCSPEventListener, nsIURI* aContentLocation,
nsIURI* aOriginalURIIfRedirect, const nsAString& aNonce, bool aIsPreload,
bool aSpecific, bool aSendViolationReports,
bool aSendContentLocationInViolationReports, bool aParserCreated) {
EnsureIPCPoliciesRead();
bool permits = true;
......@@ -224,18 +211,19 @@ bool nsCSPContext::permitsInternal(
// If GetCallingLocation fails linenumber & columnNumber are set to 0
// anyway so we can skip checking if that is the case.
}
aCallback(this, aTriggeringElement, aCSPEventListener,
(aSendContentLocationInViolationReports ? aContentLocation
: nullptr),
BlockedContentSource::eUnknown, /* a BlockedContentSource */
aOriginalURIIfRedirect, /* in case of redirect originalURI is
not null */
violatedDirective, p, /* policy index */
EmptyString(), /* no observer subject */
spec, /* source file */
EmptyString(), /* no script sample */
lineNumber, /* line number */
columnNumber); /* column number */
AsyncReportViolation(
aTriggeringElement, aCSPEventListener,
(aSendContentLocationInViolationReports ? aContentLocation
: nullptr),
BlockedContentSource::eUnknown, /* a BlockedContentSource */
aOriginalURIIfRedirect, /* in case of redirect originalURI is not
null */
violatedDirective, p, /* policy index */
EmptyString(), /* no observer subject */
spec, /* source file */
EmptyString(), /* no script sample */
lineNumber, /* line number */
columnNumber); /* column number */
}
}
}
......@@ -513,7 +501,7 @@ void nsCSPContext::reportInlineViolation(
columnNumber = aColumnNumber;
}
AsyncReportViolation(this, aTriggeringElement, aCSPEventListener,
AsyncReportViolation(aTriggeringElement, aCSPEventListener,
nullptr, // aBlockedURI
BlockedContentSource::eInline, // aBlockedSource
mSelfURI, // aOriginalURI
......@@ -607,15 +595,6 @@ NS_IMETHODIMP
nsCSPContext::GetAllowsNavigateTo(nsIURI* aURI, bool aIsFormSubmission,
bool aWasRedirected, bool aEnforceWhitelist,
bool* outAllowsNavigateTo) {
return GetAllowsNavigateTo(AsyncReportViolationCallback(AsyncReportViolation),
aURI, aIsFormSubmission, aWasRedirected,
aEnforceWhitelist, outAllowsNavigateTo);
}
nsresult nsCSPContext::GetAllowsNavigateTo(
const AsyncReportViolationCallback& aCallback, nsIURI* aURI,
bool aIsFormSubmission, bool aWasRedirected, bool aEnforceWhitelist,
bool* outAllowsNavigateTo) {
/*
* The matrix below shows the different values of (aWasRedirect,
* aEnforceWhitelist) for the three different checks we do.
......@@ -676,8 +655,7 @@ nsresult nsCSPContext::GetAllowsNavigateTo(
}
// Report the violation
nsresult rv = aCallback(
this,
nsresult rv = AsyncReportViolation(
nullptr, // aTriggeringElement
nullptr, // aCSPEventListener
blockedURIForReporting, // aBlockedURI
......@@ -728,24 +706,24 @@ nsresult nsCSPContext::GetAllowsNavigateTo(
* GetAllowsInline() and do not call this macro, hence we can pass 'false'
* as the argument _aParserCreated_ to allows().
*/
#define CASE_CHECK_AND_REPORT(violationType, contentPolicyType, nonceOrHash, \
keyword, observerTopic) \
case nsIContentSecurityPolicy::VIOLATION_TYPE_##violationType: \
PR_BEGIN_MACRO \
if (!mPolicies[p]->allows(nsIContentPolicy::TYPE_##contentPolicyType, \
keyword, nonceOrHash, false)) { \
nsAutoString violatedDirective; \
bool reportSample = false; \
mPolicies[p]->getDirectiveStringAndReportSampleForContentType( \
nsIContentPolicy::TYPE_##contentPolicyType, violatedDirective, \
&reportSample); \
AsyncReportViolation( \
this, aTriggeringElement, aCSPEventListener, nullptr, \
blockedContentSource, nullptr, violatedDirective, p, \
NS_LITERAL_STRING(observerTopic), aSourceFile, \
reportSample ? aScriptSample : EmptyString(), aLineNum, aColumnNum); \
} \
PR_END_MACRO; \
#define CASE_CHECK_AND_REPORT(violationType, contentPolicyType, nonceOrHash, \
keyword, observerTopic) \
case nsIContentSecurityPolicy::VIOLATION_TYPE_##violationType: \
PR_BEGIN_MACRO \
if (!mPolicies[p]->allows(nsIContentPolicy::TYPE_##contentPolicyType, \
keyword, nonceOrHash, false)) { \
nsAutoString violatedDirective; \
bool reportSample = false; \
mPolicies[p]->getDirectiveStringAndReportSampleForContentType( \
nsIContentPolicy::TYPE_##contentPolicyType, violatedDirective, \
&reportSample); \
AsyncReportViolation(aTriggeringElement, aCSPEventListener, nullptr, \
blockedContentSource, nullptr, violatedDirective, \
p, NS_LITERAL_STRING(observerTopic), aSourceFile, \
reportSample ? aScriptSample : EmptyString(), \
aLineNum, aColumnNum); \
} \
PR_END_MACRO; \
break
/**
......@@ -1520,25 +1498,24 @@ class CSPReportSenderRunnable final : public Runnable {
* source column number of the violation (if available)
*/
nsresult nsCSPContext::AsyncReportViolation(
nsCSPContext* aContext, Element* aTriggeringElement,
nsICSPEventListener* aCSPEventListener, nsIURI* aBlockedURI,
BlockedContentSource aBlockedContentSource, nsIURI* aOriginalURI,
const nsAString& aViolatedDirective, uint32_t aViolatedPolicyIndex,
const nsAString& aObserverSubject, const nsAString& aSourceFile,
const nsAString& aScriptSample, uint32_t aLineNum, uint32_t aColumnNum) {
aContext->EnsureIPCPoliciesRead();
NS_ENSURE_ARG_MAX(aViolatedPolicyIndex, aContext->mPolicies.Length() - 1);
Element* aTriggeringElement, nsICSPEventListener* aCSPEventListener,
nsIURI* aBlockedURI, BlockedContentSource aBlockedContentSource,
nsIURI* aOriginalURI, const nsAString& aViolatedDirective,
uint32_t aViolatedPolicyIndex, const nsAString& aObserverSubject,
const nsAString& aSourceFile, const nsAString& aScriptSample,
uint32_t aLineNum, uint32_t aColumnNum) {
EnsureIPCPoliciesRead();
NS_ENSURE_ARG_MAX(aViolatedPolicyIndex, mPolicies.Length() - 1);
nsCOMPtr<nsIRunnable> task = new CSPReportSenderRunnable(
aTriggeringElement, aCSPEventListener, aBlockedURI, aBlockedContentSource,
aOriginalURI, aViolatedPolicyIndex,
aContext->mPolicies[aViolatedPolicyIndex]->getReportOnlyFlag(),
aViolatedDirective, aObserverSubject, aSourceFile, aScriptSample,
aLineNum, aColumnNum, aContext);
mPolicies[aViolatedPolicyIndex]->getReportOnlyFlag(), aViolatedDirective,
aObserverSubject, aSourceFile, aScriptSample, aLineNum, aColumnNum, this);
if (XRE_IsContentProcess()) {
if (aContext->mEventTarget) {
aContext->mEventTarget->Dispatch(task.forget(), NS_DISPATCH_NORMAL);
if (mEventTarget) {
mEventTarget->Dispatch(task.forget(), NS_DISPATCH_NORMAL);
return NS_OK;
}
}
......@@ -1621,8 +1598,7 @@ nsCSPContext::PermitsAncestry(nsILoadInfo* aLoadInfo,
NS_SecurityCompareURIs(ancestorsArray[a], mSelfURI, true);
bool permits =
permitsInternal(AsyncReportViolation, // violation callback
nsIContentSecurityPolicy::FRAME_ANCESTORS_DIRECTIVE,
permitsInternal(nsIContentSecurityPolicy::FRAME_ANCESTORS_DIRECTIVE,
nullptr, // triggering element
nullptr, // nsICSPEventListener
ancestorsArray[a],
......@@ -1649,15 +1625,15 @@ nsCSPContext::Permits(Element* aTriggeringElement,
return NS_ERROR_FAILURE;
}
*outPermits = permitsInternal(AsyncReportViolation, aDir, aTriggeringElement,
aCSPEventListener, aURI,
nullptr, // no original (pre-redirect) URI
EmptyString(), // no nonce
false, // not a preload.
aSpecific,
true, // send violation reports
true, // send blocked URI in violation reports
false); // not parser created
*outPermits =
permitsInternal(aDir, aTriggeringElement, aCSPEventListener, aURI,
nullptr, // no original (pre-redirect) URI
EmptyString(), // no nonce
false, // not a preload.
aSpecific,
true, // send violation reports
true, // send blocked URI in violation reports
false); // not parser created
if (CSPCONTEXTLOGENABLED()) {
CSPCONTEXTLOG(("nsCSPContext::Permits, aUri: %s, aDir: %d, isAllowed: %s",
......
dom/security/nsCSPContext.h
+ 3
26
View file @ b186aff5
......@@ -119,16 +119,8 @@ class nsCSPContext : public nsIContentSecurityPolicy {
eSelf,
};
using AsyncReportViolationCallback = std::function<nsresult(
nsCSPContext* aContext, mozilla::dom::Element* aTriggeringElement,
nsICSPEventListener* aCSPEventListener, nsIURI* aBlockedURI,
BlockedContentSource aBlockedContentSource, nsIURI* aOriginalURI,
const nsAString& aViolatedDirective, uint32_t aViolatedPolicyIndex,
const nsAString& aObserverSubject, const nsAString& aSourceFile,
const nsAString& aScriptSample, uint32_t aLineNum, uint32_t aColumnNum)>;
static nsresult AsyncReportViolation(
nsCSPContext* aContext, mozilla::dom::Element* aTriggeringElement,
nsresult AsyncReportViolation(
mozilla::dom::Element* aTriggeringElement,
nsICSPEventListener* aCSPEventListener, nsIURI* aBlockedURI,
BlockedContentSource aBlockedContentSource, nsIURI* aOriginalURI,
const nsAString& aViolatedDirective, uint32_t aViolatedPolicyIndex,
......@@ -148,20 +140,6 @@ class nsCSPContext : public nsIContentSecurityPolicy {
0);
}
nsresult GetAllowsNavigateTo(const AsyncReportViolationCallback& aCallback,
nsIURI* aURI, bool aIsFormSubmission,
bool aWasRedirected, bool aEnforceWhitelist,
bool* outAllowsNavigateTo);
nsresult ShouldLoad(const AsyncReportViolationCallback& aCallback,
nsContentPolicyType aContentType,
nsICSPEventListener* aCSPEventListener,
nsIURI* aContentLocation,
const nsACString& aMimeTypeGuess,
nsIURI* aOriginalURIIfRedirect,
bool aSendViolationReports, const nsAString& aNonce,
bool aParserCreated, int16_t* outDecision);
void AddIPCPolicy(const mozilla::ipc::ContentSecurityPolicy& aPolicy);
void SerializePolicies(
nsTArray<mozilla::ipc::ContentSecurityPolicy>& aPolicies);
......@@ -169,8 +147,7 @@ class nsCSPContext : public nsIContentSecurityPolicy {
private:
void EnsureIPCPoliciesRead();
bool permitsInternal(const AsyncReportViolationCallback& aCallback,
CSPDirective aDir,
bool permitsInternal(CSPDirective aDir,
mozilla::dom::Element* aTriggeringElement,
nsICSPEventListener* aCSPEventListener,
nsIURI* aContentLocation, nsIURI* aOriginalURIIfRedirect,
......
dom/security/nsCSPService.cpp
+ 19
33
View file @ b186aff5
......@@ -275,15 +275,6 @@ nsresult CSPService::ConsultCSPForRedirect(nsIURI* aOriginalURI,
nsIURI* aNewURI,
nsILoadInfo* aLoadInfo,
Maybe<nsresult>& aCancelCode) {
return ConsultCSPForRedirect(nsCSPContext::AsyncReportViolationCallback(
nsCSPContext::AsyncReportViolation),
aOriginalURI, aNewURI, aLoadInfo, aCancelCode);
}
nsresult CSPService::ConsultCSPForRedirect(
const nsCSPContext::AsyncReportViolationCallback& aCallback,
nsIURI* aOriginalURI, nsIURI* aNewURI, nsILoadInfo* aLoadInfo,
Maybe<nsresult>& aCancelCode) {
// Check CSP navigate-to
// We need to enforce the CSP of the document that initiated the load,
// which is the CSP to inherit.
......@@ -291,12 +282,10 @@ nsresult CSPService::ConsultCSPForRedirect(
aLoadInfo->GetCspToInherit();
if (cspToInherit) {
bool allowsNavigateTo = false;
nsresult rv = static_cast<nsCSPContext*>(cspToInherit.get())
->GetAllowsNavigateTo(aCallback, aNewURI,
aLoadInfo->GetIsFormSubmission(),
true, /* aWasRedirected */
false, /* aEnforceWhitelist */
&allowsNavigateTo);
nsresult rv = cspToInherit->GetAllowsNavigateTo(
aNewURI, aLoadInfo->GetIsFormSubmission(), true, /* aWasRedirected */
false, /* aEnforceWhitelist */
&allowsNavigateTo);
NS_ENSURE_SUCCESS(rv, rv);
if (!allowsNavigateTo) {
......@@ -342,15 +331,14 @@ nsresult CSPService::ConsultCSPForRedirect(
nsCOMPtr<nsIContentSecurityPolicy> preloadCsp = aLoadInfo->GetPreloadCsp();
if (preloadCsp) {
// Pass originalURI to indicate the redirect
static_cast<nsCSPContext*>(preloadCsp.get())
->ShouldLoad(aCallback,
policyType, // load type per nsIContentPolicy (uint32_t)
cspEventListener,
aNewURI, // nsIURI
EmptyCString(), // ACString - MIME guess
aOriginalURI, // Original nsIURI
true, // aSendViolationReports
cspNonce, // nonce
preloadCsp->ShouldLoad(
policyType, // load type per nsIContentPolicy (uint32_t)
cspEventListener,
aNewURI, // nsIURI
EmptyCString(), // ACString - MIME guess
aOriginalURI, // Original nsIURI
true, // aSendViolationReports
cspNonce, // nonce
parserCreatedScript, &decision);
// if the preload policy already denied the load, then there
......@@ -366,15 +354,13 @@ nsresult CSPService::ConsultCSPForRedirect(
nsCOMPtr<nsIContentSecurityPolicy> csp = aLoadInfo->GetCsp();
if (csp) {
// Pass originalURI to indicate the redirect
static_cast<nsCSPContext*>(csp.get())->ShouldLoad(
aCallback,
policyType, // load type per nsIContentPolicy (uint32_t)
cspEventListener,
aNewURI, // nsIURI
EmptyCString(), // ACString - MIME guess
aOriginalURI, // Original nsIURI
true, // aSendViolationReports
cspNonce, // nonce
csp->ShouldLoad(policyType, // load type per nsIContentPolicy (uint32_t)
cspEventListener,
aNewURI, // nsIURI
EmptyCString(), // ACString - MIME guess
aOriginalURI, // Original nsIURI
true, // aSendViolationReports
cspNonce, // nonce
parserCreatedScript, &decision);
if (NS_CP_REJECTED(decision)) {
aCancelCode = Some(NS_ERROR_DOM_BAD_URI);
......
dom/security/nsCSPService.h
+ 0
6
View file @ b186aff5
......@@ -12,7 +12,6 @@
#include "nsIChannel.h"
#include "nsIChannelEventSink.h"
#include "nsDataHashtable.h"
#include "nsCSPContext.h"
#define CSPSERVICE_CONTRACTID "@mozilla.org/cspservice;1"
#define CSPSERVICE_CID \
......@@ -43,11 +42,6 @@ class CSPService : public nsIContentPolicy, public nsIChannelEventSink {
nsILoadInfo* aLoadInfo,
Maybe<nsresult>& aCancelCode);
static nsresult ConsultCSPForRedirect(
const nsCSPContext::AsyncReportViolationCallback& aCallback,
nsIURI* aOriginalURI, nsIURI* aNewURI, nsILoadInfo* aLoadInfo,
Maybe<nsresult>& aCancelCode);
protected:
virtual ~CSPService();
};
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment