Skip to content
This repository was archived by the owner on Jul 9, 2025. It is now read-only.

Commit 29c34b4

Browse files
committed
Bug 1583076 - Make nsCSPService::ConsultCSPForRedirect return both the AsyncOnChannelRedirect result, as well as an optional result to cancel the old channel with. r=ckerschb
Depends on D46739 Differential Revision: https://phabricator.services.mozilla.com/D46740 --HG-- extra : moz-landing-system : lando
1 parent f6f534c commit 29c34b4

5 files changed

Lines changed: 34 additions & 30 deletions

File tree

dom/security/nsCSPService.cpp

Lines changed: 19 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -296,12 +296,13 @@ CSPService::AsyncOnChannelRedirect(nsIChannel* oldChannel,
296296
return rv;
297297
}
298298

299-
int16_t decision = nsIContentPolicy::ACCEPT;
300-
rv = ConsultCSPForRedirect(originalUri, newUri, loadInfo, &decision);
301-
if (NS_CP_REJECTED(decision)) {
299+
Maybe<nsresult> cancelCode;
300+
rv = ConsultCSPForRedirect(originalUri, newUri, loadInfo, cancelCode);
301+
if (cancelCode) {
302+
oldChannel->Cancel(*cancelCode);
303+
}
304+
if (NS_FAILED(rv)) {
302305
autoCallback.DontCallback();
303-
oldChannel->Cancel(NS_ERROR_DOM_BAD_URI);
304-
return NS_BINDING_FAILED;
305306
}
306307

307308
return rv;
@@ -310,15 +311,15 @@ CSPService::AsyncOnChannelRedirect(nsIChannel* oldChannel,
310311
nsresult CSPService::ConsultCSPForRedirect(nsIURI* aOriginalURI,
311312
nsIURI* aNewURI,
312313
nsILoadInfo* aLoadInfo,
313-
int16_t* aDecision) {
314+
Maybe<nsresult>& aCancelCode) {
314315
nsCOMPtr<nsICSPEventListener> cspEventListener;
315316
nsresult rv =
316317
aLoadInfo->GetCspEventListener(getter_AddRefs(cspEventListener));
317-
NS_ENSURE_SUCCESS(rv, rv);
318+
MOZ_ASSERT(NS_SUCCEEDED(rv));
318319

319320
nsAutoString cspNonce;
320321
rv = aLoadInfo->GetCspNonce(cspNonce);
321-
NS_ENSURE_SUCCESS(rv, rv);
322+
MOZ_ASSERT(NS_SUCCEEDED(rv));
322323

323324
nsContentPolicyType policyType = aLoadInfo->InternalContentPolicyType();
324325
bool isPreload = nsContentUtils::IsPreloadType(policyType);
@@ -330,6 +331,7 @@ nsresult CSPService::ConsultCSPForRedirect(nsIURI* aOriginalURI,
330331
policyType =
331332
nsContentUtils::InternalContentPolicyTypeToExternalOrWorker(policyType);
332333

334+
int16_t decision = nsIContentPolicy::ACCEPT;
333335
nsCOMPtr<nsISupports> requestContext = aLoadInfo->GetLoadingContext();
334336
// 1) Apply speculative CSP for preloads
335337
if (isPreload) {
@@ -346,12 +348,13 @@ nsresult CSPService::ConsultCSPForRedirect(nsIURI* aOriginalURI,
346348
aOriginalURI, // Original nsIURI
347349
true, // aSendViolationReports
348350
cspNonce, // nonce
349-
aDecision);
351+
&decision);
350352

351353
// if the preload policy already denied the load, then there
352354
// is no point in checking the real policy
353-
if (NS_CP_REJECTED(*aDecision)) {
354-
return NS_OK;
355+
if (NS_CP_REJECTED(decision)) {
356+
aCancelCode = Some(NS_ERROR_DOM_BAD_URI);
357+
return NS_BINDING_FAILED;
355358
}
356359
}
357360
}
@@ -369,7 +372,11 @@ nsresult CSPService::ConsultCSPForRedirect(nsIURI* aOriginalURI,
369372
aOriginalURI, // Original nsIURI
370373
true, // aSendViolationReports
371374
cspNonce, // nonce
372-
aDecision);
375+
&decision);
376+
if (NS_CP_REJECTED(decision)) {
377+
aCancelCode = Some(NS_ERROR_DOM_BAD_URI);
378+
return NS_BINDING_FAILED;
379+
}
373380
}
374381

375382
return NS_OK;

dom/security/nsCSPService.h

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,9 +34,13 @@ class CSPService : public nsIContentPolicy, public nsIChannelEventSink {
3434
const nsACString& aMimeTypeGuess,
3535
int16_t* aDecision);
3636

37+
// Static helper to check CSP when doing a channel redirect.
38+
// Returns the results to returns from
39+
// AsyncOnChannelRedirect/nsIAsyncVerifyRedirectCallback. Optionally returns
40+
// an nsresult to Cancel the old channel with.
3741
static nsresult ConsultCSPForRedirect(nsIURI* aOriginalURI, nsIURI* aNewURI,
3842
nsILoadInfo* aLoadInfo,
39-
int16_t* aDecision);
43+
Maybe<nsresult>& aCancelCode);
4044

4145
protected:
4246
virtual ~CSPService();

netwerk/ipc/DocumentChannelChild.cpp

Lines changed: 5 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -412,22 +412,15 @@ IPCResult DocumentChannelChild::RecvConfirmRedirect(
412412
nsCOMPtr<nsIURI> originalUri;
413413
nsresult rv = GetOriginalURI(getter_AddRefs(originalUri));
414414
if (NS_FAILED(rv)) {
415-
aResolve(rv);
415+
aResolve(Tuple<const nsresult&, const Maybe<nsresult>&>(NS_BINDING_FAILED,
416+
Some(rv)));
416417
return IPC_OK();
417418
}
418419

419-
int16_t decision = nsIContentPolicy::ACCEPT;
420+
Maybe<nsresult> cancelCode;
420421
rv = CSPService::ConsultCSPForRedirect(originalUri, aNewUri, mLoadInfo,
421-
&decision);
422-
if (NS_FAILED(rv)) {
423-
aResolve(rv);
424-
return IPC_OK();
425-
}
426-
if (NS_CP_REJECTED(decision)) {
427-
aResolve(NS_BINDING_FAILED);
428-
} else {
429-
aResolve(NS_OK);
430-
}
422+
cancelCode);
423+
aResolve(Tuple<const nsresult&, const Maybe<nsresult>&>(rv, cancelCode));
431424
return IPC_OK();
432425
}
433426

netwerk/ipc/DocumentChannelParent.cpp

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -809,11 +809,11 @@ DocumentChannelParent::AsyncOnChannelRedirect(
809809
nsCOMPtr<nsIChannel> oldChannel(aOldChannel);
810810
SendConfirmRedirect(newUri)->Then(
811811
GetCurrentThreadSerialEventTarget(), __func__,
812-
[callback, oldChannel](nsresult aRv) {
813-
if (NS_FAILED(aRv)) {
814-
oldChannel->Cancel(NS_ERROR_DOM_BAD_URI);
812+
[callback, oldChannel](const Tuple<nsresult, Maybe<nsresult>>& aResult) {
813+
if (Get<1>(aResult)) {
814+
oldChannel->Cancel(*Get<1>(aResult));
815815
}
816-
callback->OnRedirectVerifyCallback(aRv);
816+
callback->OnRedirectVerifyCallback(Get<0>(aResult));
817817
},
818818
[callback, oldChannel](const mozilla::ipc::ResponseRejectReason) {
819819
oldChannel->Cancel(NS_ERROR_DOM_BAD_URI);

netwerk/ipc/PDocumentChannel.ipdl

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@ child:
7575
uint32_t? aContentDisposition,
7676
nsString? aContentDispositionFilename) returns(nsresult rv);
7777

78-
async ConfirmRedirect(nsIURI aNewURI) returns(nsresult rv);
78+
async ConfirmRedirect(nsIURI aNewURI) returns(nsresult rv, nsresult? cancelCode);
7979

8080
// Tell child to delete channel (all IPDL deletes must be done from child to
8181
// avoid races: see bug 591708).

0 commit comments

Comments
 (0)