Bug 1625366 - Remove support for custom violation callbacks on nsCSPContext... (b186aff5) · Commits · The Tor Project / Applications / Mullvad Browser

dom/security/nsCSPContext.cpp

+61 −85

Original line number	Diff line number	Diff line
		@@ -121,18 +121,6 @@ nsCSPContext::ShouldLoad(nsContentPolicyType aContentType,
		nsIURI* aOriginalURIIfRedirect,
		bool aSendViolationReports, const nsAString& aNonce,
		bool aParserCreated, int16_t* outDecision) {
		return ShouldLoad(AsyncReportViolationCallback(AsyncReportViolation),
		aContentType, aCSPEventListener, aContentLocation,
		aMimeTypeGuess, aOriginalURIIfRedirect,
		aSendViolationReports, aNonce, aParserCreated, outDecision);
		}

		nsresult nsCSPContext::ShouldLoad(
		const AsyncReportViolationCallback& aCallback,
		nsContentPolicyType aContentType, nsICSPEventListener* aCSPEventListener,
		nsIURI* aContentLocation, const nsACString& aMimeTypeGuess,
		nsIURI* aOriginalURIIfRedirect, bool aSendViolationReports,
		const nsAString& aNonce, bool aParserCreated, int16_t* outDecision) {
		if (CSPCONTEXTLOGENABLED()) {
		CSPCONTEXTLOG(("nsCSPContext::ShouldLoad, aContentLocation: %s",
		aContentLocation->GetSpecOrDefault().get()));
		@@ -167,7 +155,7 @@ nsresult nsCSPContext::ShouldLoad(
		}

		bool permitted =
		permitsInternal(aCallback, dir,
		permitsInternal(dir,
		nullptr, // aTriggeringElement
		aCSPEventListener, aContentLocation,
		aOriginalURIIfRedirect, aNonce, isPreload,
		@@ -190,12 +178,11 @@ nsresult nsCSPContext::ShouldLoad(
		}

		bool nsCSPContext::permitsInternal(
		const AsyncReportViolationCallback& aCallback, CSPDirective aDir,
		Element* aTriggeringElement, nsICSPEventListener* aCSPEventListener,
		nsIURI* aContentLocation, nsIURI* aOriginalURIIfRedirect,
		const nsAString& aNonce, bool aIsPreload, bool aSpecific,
		bool aSendViolationReports, bool aSendContentLocationInViolationReports,
		bool aParserCreated) {
		CSPDirective aDir, Element* aTriggeringElement,
		nsICSPEventListener* aCSPEventListener, nsIURI* aContentLocation,
		nsIURI* aOriginalURIIfRedirect, const nsAString& aNonce, bool aIsPreload,
		bool aSpecific, bool aSendViolationReports,
		bool aSendContentLocationInViolationReports, bool aParserCreated) {
		EnsureIPCPoliciesRead();
		bool permits = true;

		@@ -224,12 +211,13 @@ bool nsCSPContext::permitsInternal(
		// If GetCallingLocation fails linenumber & columnNumber are set to 0
		// anyway so we can skip checking if that is the case.
		}
		aCallback(this, aTriggeringElement, aCSPEventListener,
		AsyncReportViolation(
		aTriggeringElement, aCSPEventListener,
		(aSendContentLocationInViolationReports ? aContentLocation
		: nullptr),
		BlockedContentSource::eUnknown, /* a BlockedContentSource */
		aOriginalURIIfRedirect, /* in case of redirect originalURI is
		not null */
		aOriginalURIIfRedirect, /* in case of redirect originalURI is not
		null */
		violatedDirective, p, /* policy index */
		EmptyString(), /* no observer subject */
		spec, /* source file */
		@@ -513,7 +501,7 @@ void nsCSPContext::reportInlineViolation(
		columnNumber = aColumnNumber;
		}

		AsyncReportViolation(this, aTriggeringElement, aCSPEventListener,
		AsyncReportViolation(aTriggeringElement, aCSPEventListener,
		nullptr, // aBlockedURI
		BlockedContentSource::eInline, // aBlockedSource
		mSelfURI, // aOriginalURI
		@@ -607,15 +595,6 @@ NS_IMETHODIMP
		nsCSPContext::GetAllowsNavigateTo(nsIURI* aURI, bool aIsFormSubmission,
		bool aWasRedirected, bool aEnforceWhitelist,
		bool* outAllowsNavigateTo) {
		return GetAllowsNavigateTo(AsyncReportViolationCallback(AsyncReportViolation),
		aURI, aIsFormSubmission, aWasRedirected,
		aEnforceWhitelist, outAllowsNavigateTo);
		}

		nsresult nsCSPContext::GetAllowsNavigateTo(
		const AsyncReportViolationCallback& aCallback, nsIURI* aURI,
		bool aIsFormSubmission, bool aWasRedirected, bool aEnforceWhitelist,
		bool* outAllowsNavigateTo) {
		/*
		* The matrix below shows the different values of (aWasRedirect,
		* aEnforceWhitelist) for the three different checks we do.
		@@ -676,8 +655,7 @@ nsresult nsCSPContext::GetAllowsNavigateTo(
		}

		// Report the violation
		nsresult rv = aCallback(
		this,
		nsresult rv = AsyncReportViolation(
		nullptr, // aTriggeringElement
		nullptr, // aCSPEventListener
		blockedURIForReporting, // aBlockedURI
		@@ -739,11 +717,11 @@ nsresult nsCSPContext::GetAllowsNavigateTo(
		mPolicies[p]->getDirectiveStringAndReportSampleForContentType( \
		nsIContentPolicy::TYPE_##contentPolicyType, violatedDirective, \
		&reportSample); \
		AsyncReportViolation( \
		this, aTriggeringElement, aCSPEventListener, nullptr, \
		blockedContentSource, nullptr, violatedDirective, p, \
		NS_LITERAL_STRING(observerTopic), aSourceFile, \
		reportSample ? aScriptSample : EmptyString(), aLineNum, aColumnNum); \
		AsyncReportViolation(aTriggeringElement, aCSPEventListener, nullptr, \
		blockedContentSource, nullptr, violatedDirective, \
		p, NS_LITERAL_STRING(observerTopic), aSourceFile, \
		reportSample ? aScriptSample : EmptyString(), \
		aLineNum, aColumnNum); \
		} \
		PR_END_MACRO; \
		break
		@@ -1520,25 +1498,24 @@ class CSPReportSenderRunnable final : public Runnable {
		* source column number of the violation (if available)
		*/
		nsresult nsCSPContext::AsyncReportViolation(
		nsCSPContext* aContext, Element* aTriggeringElement,
		nsICSPEventListener* aCSPEventListener, nsIURI* aBlockedURI,
		BlockedContentSource aBlockedContentSource, nsIURI* aOriginalURI,
		const nsAString& aViolatedDirective, uint32_t aViolatedPolicyIndex,
		const nsAString& aObserverSubject, const nsAString& aSourceFile,
		const nsAString& aScriptSample, uint32_t aLineNum, uint32_t aColumnNum) {
		aContext->EnsureIPCPoliciesRead();
		NS_ENSURE_ARG_MAX(aViolatedPolicyIndex, aContext->mPolicies.Length() - 1);
		Element* aTriggeringElement, nsICSPEventListener* aCSPEventListener,
		nsIURI* aBlockedURI, BlockedContentSource aBlockedContentSource,
		nsIURI* aOriginalURI, const nsAString& aViolatedDirective,
		uint32_t aViolatedPolicyIndex, const nsAString& aObserverSubject,
		const nsAString& aSourceFile, const nsAString& aScriptSample,
		uint32_t aLineNum, uint32_t aColumnNum) {
		EnsureIPCPoliciesRead();
		NS_ENSURE_ARG_MAX(aViolatedPolicyIndex, mPolicies.Length() - 1);

		nsCOMPtr<nsIRunnable> task = new CSPReportSenderRunnable(
		aTriggeringElement, aCSPEventListener, aBlockedURI, aBlockedContentSource,
		aOriginalURI, aViolatedPolicyIndex,
		aContext->mPolicies[aViolatedPolicyIndex]->getReportOnlyFlag(),
		aViolatedDirective, aObserverSubject, aSourceFile, aScriptSample,
		aLineNum, aColumnNum, aContext);
		mPolicies[aViolatedPolicyIndex]->getReportOnlyFlag(), aViolatedDirective,
		aObserverSubject, aSourceFile, aScriptSample, aLineNum, aColumnNum, this);

		if (XRE_IsContentProcess()) {
		if (aContext->mEventTarget) {
		aContext->mEventTarget->Dispatch(task.forget(), NS_DISPATCH_NORMAL);
		if (mEventTarget) {
		mEventTarget->Dispatch(task.forget(), NS_DISPATCH_NORMAL);
		return NS_OK;
		}
		}
		@@ -1621,8 +1598,7 @@ nsCSPContext::PermitsAncestry(nsILoadInfo* aLoadInfo,
		NS_SecurityCompareURIs(ancestorsArray[a], mSelfURI, true);

		bool permits =
		permitsInternal(AsyncReportViolation, // violation callback
		nsIContentSecurityPolicy::FRAME_ANCESTORS_DIRECTIVE,
		permitsInternal(nsIContentSecurityPolicy::FRAME_ANCESTORS_DIRECTIVE,
		nullptr, // triggering element
		nullptr, // nsICSPEventListener
		ancestorsArray[a],
		@@ -1649,8 +1625,8 @@ nsCSPContext::Permits(Element* aTriggeringElement,
		return NS_ERROR_FAILURE;
		}

		*outPermits = permitsInternal(AsyncReportViolation, aDir, aTriggeringElement,
		aCSPEventListener, aURI,
		*outPermits =
		permitsInternal(aDir, aTriggeringElement, aCSPEventListener, aURI,
		nullptr, // no original (pre-redirect) URI
		EmptyString(), // no nonce
		false, // not a preload.

dom/security/nsCSPContext.h

+3 −26

Original line number	Diff line number	Diff line
		@@ -119,16 +119,8 @@ class nsCSPContext : public nsIContentSecurityPolicy {
		eSelf,
		};

		using AsyncReportViolationCallback = std::function<nsresult(
		nsCSPContext* aContext, mozilla::dom::Element* aTriggeringElement,
		nsICSPEventListener* aCSPEventListener, nsIURI* aBlockedURI,
		BlockedContentSource aBlockedContentSource, nsIURI* aOriginalURI,
		const nsAString& aViolatedDirective, uint32_t aViolatedPolicyIndex,
		const nsAString& aObserverSubject, const nsAString& aSourceFile,
		const nsAString& aScriptSample, uint32_t aLineNum, uint32_t aColumnNum)>;

		static nsresult AsyncReportViolation(
		nsCSPContext* aContext, mozilla::dom::Element* aTriggeringElement,
		nsresult AsyncReportViolation(
		mozilla::dom::Element* aTriggeringElement,
		nsICSPEventListener* aCSPEventListener, nsIURI* aBlockedURI,
		BlockedContentSource aBlockedContentSource, nsIURI* aOriginalURI,
		const nsAString& aViolatedDirective, uint32_t aViolatedPolicyIndex,
		@@ -148,20 +140,6 @@ class nsCSPContext : public nsIContentSecurityPolicy {
		0);
		}

		nsresult GetAllowsNavigateTo(const AsyncReportViolationCallback& aCallback,
		nsIURI* aURI, bool aIsFormSubmission,
		bool aWasRedirected, bool aEnforceWhitelist,
		bool* outAllowsNavigateTo);

		nsresult ShouldLoad(const AsyncReportViolationCallback& aCallback,
		nsContentPolicyType aContentType,
		nsICSPEventListener* aCSPEventListener,
		nsIURI* aContentLocation,
		const nsACString& aMimeTypeGuess,
		nsIURI* aOriginalURIIfRedirect,
		bool aSendViolationReports, const nsAString& aNonce,
		bool aParserCreated, int16_t* outDecision);

		void AddIPCPolicy(const mozilla::ipc::ContentSecurityPolicy& aPolicy);
		void SerializePolicies(
		nsTArray<mozilla::ipc::ContentSecurityPolicy>& aPolicies);
		@@ -169,8 +147,7 @@ class nsCSPContext : public nsIContentSecurityPolicy {
		private:
		void EnsureIPCPoliciesRead();

		bool permitsInternal(const AsyncReportViolationCallback& aCallback,
		CSPDirective aDir,
		bool permitsInternal(CSPDirective aDir,
		mozilla::dom::Element* aTriggeringElement,
		nsICSPEventListener* aCSPEventListener,
		nsIURI* aContentLocation, nsIURI* aOriginalURIIfRedirect,

dom/security/nsCSPService.cpp

+19 −33

Original line number	Diff line number	Diff line
		@@ -275,15 +275,6 @@ nsresult CSPService::ConsultCSPForRedirect(nsIURI* aOriginalURI,
		nsIURI* aNewURI,
		nsILoadInfo* aLoadInfo,
		Maybe<nsresult>& aCancelCode) {
		return ConsultCSPForRedirect(nsCSPContext::AsyncReportViolationCallback(
		nsCSPContext::AsyncReportViolation),
		aOriginalURI, aNewURI, aLoadInfo, aCancelCode);
		}

		nsresult CSPService::ConsultCSPForRedirect(
		const nsCSPContext::AsyncReportViolationCallback& aCallback,
		nsIURI* aOriginalURI, nsIURI* aNewURI, nsILoadInfo* aLoadInfo,
		Maybe<nsresult>& aCancelCode) {
		// Check CSP navigate-to
		// We need to enforce the CSP of the document that initiated the load,
		// which is the CSP to inherit.
		@@ -291,10 +282,8 @@ nsresult CSPService::ConsultCSPForRedirect(
		aLoadInfo->GetCspToInherit();
		if (cspToInherit) {
		bool allowsNavigateTo = false;
		nsresult rv = static_cast<nsCSPContext*>(cspToInherit.get())
		->GetAllowsNavigateTo(aCallback, aNewURI,
		aLoadInfo->GetIsFormSubmission(),
		true, /* aWasRedirected */
		nsresult rv = cspToInherit->GetAllowsNavigateTo(
		aNewURI, aLoadInfo->GetIsFormSubmission(), true, /* aWasRedirected */
		false, /* aEnforceWhitelist */
		&allowsNavigateTo);
		NS_ENSURE_SUCCESS(rv, rv);
		@@ -342,8 +331,7 @@ nsresult CSPService::ConsultCSPForRedirect(
		nsCOMPtr<nsIContentSecurityPolicy> preloadCsp = aLoadInfo->GetPreloadCsp();
		if (preloadCsp) {
		// Pass originalURI to indicate the redirect
		static_cast<nsCSPContext*>(preloadCsp.get())
		->ShouldLoad(aCallback,
		preloadCsp->ShouldLoad(
		policyType, // load type per nsIContentPolicy (uint32_t)
		cspEventListener,
		aNewURI, // nsIURI
		@@ -366,9 +354,7 @@ nsresult CSPService::ConsultCSPForRedirect(
		nsCOMPtr<nsIContentSecurityPolicy> csp = aLoadInfo->GetCsp();
		if (csp) {
		// Pass originalURI to indicate the redirect
		static_cast<nsCSPContext*>(csp.get())->ShouldLoad(
		aCallback,
		policyType, // load type per nsIContentPolicy (uint32_t)
		csp->ShouldLoad(policyType, // load type per nsIContentPolicy (uint32_t)
		cspEventListener,
		aNewURI, // nsIURI
		EmptyCString(), // ACString - MIME guess

dom/security/nsCSPService.h

+0 −6

Original line number	Diff line number	Diff line
		@@ -12,7 +12,6 @@
		#include "nsIChannel.h"
		#include "nsIChannelEventSink.h"
		#include "nsDataHashtable.h"
		#include "nsCSPContext.h"

		#define CSPSERVICE_CONTRACTID "@mozilla.org/cspservice;1"
		#define CSPSERVICE_CID \
		@@ -43,11 +42,6 @@ class CSPService : public nsIContentPolicy, public nsIChannelEventSink {
		nsILoadInfo* aLoadInfo,
		Maybe<nsresult>& aCancelCode);

		static nsresult ConsultCSPForRedirect(
		const nsCSPContext::AsyncReportViolationCallback& aCallback,
		nsIURI* aOriginalURI, nsIURI* aNewURI, nsILoadInfo* aLoadInfo,
		Maybe<nsresult>& aCancelCode);

		protected:
		virtual ~CSPService();
		};