Skip to content
This repository was archived by the owner on Jul 9, 2025. It is now read-only.

Commit f1b65b2

Browse files
committed
Backed out 5 changesets (bug 1583076) for href-location-redirected-blocked.sub.html failures CLOSED TREE
Backed out changeset dd4117098844 (bug 1583076) Backed out changeset 97bc75b1cfe1 (bug 1583076) Backed out changeset 084b244a33c0 (bug 1583076) Backed out changeset 1baaf14e2451 (bug 1583076) Backed out changeset 56c3918b5c21 (bug 1583076)
1 parent 266236e commit f1b65b2

7 files changed

Lines changed: 65 additions & 82 deletions

File tree

dom/security/nsCSPService.cpp

Lines changed: 30 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -252,6 +252,24 @@ CSPService::AsyncOnChannelRedirect(nsIChannel* oldChannel,
252252

253253
nsCOMPtr<nsILoadInfo> loadInfo = oldChannel->LoadInfo();
254254

255+
// Check CSP navigate-to
256+
// We need to enforce the CSP of the document that initiated the load,
257+
// which is the CSP to inherit.
258+
nsCOMPtr<nsIContentSecurityPolicy> cspToInherit = loadInfo->GetCspToInherit();
259+
if (cspToInherit) {
260+
bool allowsNavigateTo = false;
261+
rv = cspToInherit->GetAllowsNavigateTo(newUri, loadInfo,
262+
true, /* aWasRedirected */
263+
false, /* aEnforceWhitelist */
264+
&allowsNavigateTo);
265+
NS_ENSURE_SUCCESS(rv, rv);
266+
267+
if (!allowsNavigateTo) {
268+
oldChannel->Cancel(NS_ERROR_CSP_NAVIGATE_TO_VIOLATION);
269+
return NS_OK;
270+
}
271+
}
272+
255273
// No need to continue processing if CSP is disabled or if the protocol
256274
// is *not* subject to CSP.
257275
// Please note, the correct way to opt-out of CSP using a custom
@@ -278,13 +296,12 @@ CSPService::AsyncOnChannelRedirect(nsIChannel* oldChannel,
278296
return rv;
279297
}
280298

281-
Maybe<nsresult> cancelCode;
282-
rv = ConsultCSPForRedirect(originalUri, newUri, loadInfo, cancelCode);
283-
if (cancelCode) {
284-
oldChannel->Cancel(*cancelCode);
285-
}
286-
if (NS_FAILED(rv)) {
299+
int16_t decision = nsIContentPolicy::ACCEPT;
300+
rv = ConsultCSPForRedirect(originalUri, newUri, loadInfo, &decision);
301+
if (NS_CP_REJECTED(decision)) {
287302
autoCallback.DontCallback();
303+
oldChannel->Cancel(NS_ERROR_DOM_BAD_URI);
304+
return NS_BINDING_FAILED;
288305
}
289306

290307
return rv;
@@ -293,34 +310,15 @@ CSPService::AsyncOnChannelRedirect(nsIChannel* oldChannel,
293310
nsresult CSPService::ConsultCSPForRedirect(nsIURI* aOriginalURI,
294311
nsIURI* aNewURI,
295312
nsILoadInfo* aLoadInfo,
296-
Maybe<nsresult>& aCancelCode) {
297-
// Check CSP navigate-to
298-
// We need to enforce the CSP of the document that initiated the load,
299-
// which is the CSP to inherit.
300-
nsCOMPtr<nsIContentSecurityPolicy> cspToInherit =
301-
aLoadInfo->GetCspToInherit();
302-
if (cspToInherit) {
303-
bool allowsNavigateTo = false;
304-
nsresult rv = cspToInherit->GetAllowsNavigateTo(
305-
aNewURI, aLoadInfo, true, /* aWasRedirected */
306-
false, /* aEnforceWhitelist */
307-
&allowsNavigateTo);
308-
NS_ENSURE_SUCCESS(rv, rv);
309-
310-
if (!allowsNavigateTo) {
311-
aCancelCode = Some(NS_ERROR_CSP_NAVIGATE_TO_VIOLATION);
312-
return NS_OK;
313-
}
314-
}
315-
313+
int16_t* aDecision) {
316314
nsCOMPtr<nsICSPEventListener> cspEventListener;
317315
nsresult rv =
318316
aLoadInfo->GetCspEventListener(getter_AddRefs(cspEventListener));
319-
MOZ_ALWAYS_SUCCEEDS(rv);
317+
NS_ENSURE_SUCCESS(rv, rv);
320318

321319
nsAutoString cspNonce;
322320
rv = aLoadInfo->GetCspNonce(cspNonce);
323-
MOZ_ALWAYS_SUCCEEDS(rv);
321+
NS_ENSURE_SUCCESS(rv, rv);
324322

325323
nsContentPolicyType policyType = aLoadInfo->InternalContentPolicyType();
326324
bool isPreload = nsContentUtils::IsPreloadType(policyType);
@@ -332,7 +330,6 @@ nsresult CSPService::ConsultCSPForRedirect(nsIURI* aOriginalURI,
332330
policyType =
333331
nsContentUtils::InternalContentPolicyTypeToExternalOrWorker(policyType);
334332

335-
int16_t decision = nsIContentPolicy::ACCEPT;
336333
nsCOMPtr<nsISupports> requestContext = aLoadInfo->GetLoadingContext();
337334
// 1) Apply speculative CSP for preloads
338335
if (isPreload) {
@@ -349,13 +346,12 @@ nsresult CSPService::ConsultCSPForRedirect(nsIURI* aOriginalURI,
349346
aOriginalURI, // Original nsIURI
350347
true, // aSendViolationReports
351348
cspNonce, // nonce
352-
&decision);
349+
aDecision);
353350

354351
// if the preload policy already denied the load, then there
355352
// is no point in checking the real policy
356-
if (NS_CP_REJECTED(decision)) {
357-
aCancelCode = Some(NS_ERROR_DOM_BAD_URI);
358-
return NS_BINDING_FAILED;
353+
if (NS_CP_REJECTED(*aDecision)) {
354+
return NS_OK;
359355
}
360356
}
361357
}
@@ -373,11 +369,7 @@ nsresult CSPService::ConsultCSPForRedirect(nsIURI* aOriginalURI,
373369
aOriginalURI, // Original nsIURI
374370
true, // aSendViolationReports
375371
cspNonce, // nonce
376-
&decision);
377-
if (NS_CP_REJECTED(decision)) {
378-
aCancelCode = Some(NS_ERROR_DOM_BAD_URI);
379-
return NS_BINDING_FAILED;
380-
}
372+
aDecision);
381373
}
382374

383375
return NS_OK;

dom/security/nsCSPService.h

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -34,13 +34,9 @@ class CSPService : public nsIContentPolicy, public nsIChannelEventSink {
3434
const nsACString& aMimeTypeGuess,
3535
int16_t* aDecision);
3636

37-
// Static helper to check CSP when doing a channel redirect.
38-
// Returns the results to returns from
39-
// AsyncOnChannelRedirect/nsIAsyncVerifyRedirectCallback. Optionally returns
40-
// an nsresult to Cancel the old channel with.
4137
static nsresult ConsultCSPForRedirect(nsIURI* aOriginalURI, nsIURI* aNewURI,
4238
nsILoadInfo* aLoadInfo,
43-
Maybe<nsresult>& aCancelCode);
39+
int16_t* aDecision);
4440

4541
protected:
4642
virtual ~CSPService();

ipc/glue/BackgroundUtils.cpp

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -738,8 +738,7 @@ nsresult LoadInfoArgsToLoadInfo(
738738
Maybe<mozilla::ipc::CSPInfo> cspToInheritInfo =
739739
loadInfoArgs.cspToInheritInfo();
740740
if (cspToInheritInfo.isSome()) {
741-
nsCOMPtr<Document> doc = do_QueryInterface(aLoadingContext);
742-
cspToInherit = CSPInfoToCSP(cspToInheritInfo.ref(), doc);
741+
cspToInherit = CSPInfoToCSP(cspToInheritInfo.ref(), nullptr);
743742
}
744743

745744
RefPtr<mozilla::LoadInfo> loadInfo = new mozilla::LoadInfo(

netwerk/ipc/DocumentChannelChild.cpp

Lines changed: 19 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -255,8 +255,12 @@ IPCResult DocumentChannelChild::RecvRedirectToRealChannel(
255255
const uint32_t& aRedirectFlags, const Maybe<uint32_t>& aContentDisposition,
256256
const Maybe<nsString>& aContentDispositionFilename,
257257
RedirectToRealChannelResolver&& aResolve) {
258+
nsCOMPtr<nsILoadInfo> originalLoadInfo;
258259
RefPtr<dom::Document> loadingDocument;
259-
mLoadInfo->GetLoadingDocument(getter_AddRefs(loadingDocument));
260+
GetLoadInfo(getter_AddRefs(originalLoadInfo));
261+
if (originalLoadInfo) {
262+
originalLoadInfo->GetLoadingDocument(getter_AddRefs(loadingDocument));
263+
}
260264

261265
nsCOMPtr<nsILoadInfo> loadInfo;
262266
nsresult rv = LoadInfoArgsToLoadInfo(aLoadInfo, loadingDocument,
@@ -400,30 +404,30 @@ DocumentChannelChild::OnRedirectVerifyCallback(nsresult aStatusCode) {
400404
}
401405

402406
IPCResult DocumentChannelChild::RecvConfirmRedirect(
403-
const LoadInfoArgs& aLoadInfo, nsIURI* aNewUri,
404-
ConfirmRedirectResolver&& aResolve) {
407+
nsIURI* aNewUri, ConfirmRedirectResolver&& aResolve) {
405408
// This is effectively the same as AsyncOnChannelRedirect, except since we're
406409
// not propagating the redirect into this process, we don't have an nsIChannel
407410
// for the redirection and we have to do the checks manually.
408411
// This just checks CSP thus far, hopefully there's not much else needed.
409-
RefPtr<dom::Document> loadingDocument;
410-
mLoadInfo->GetLoadingDocument(getter_AddRefs(loadingDocument));
411-
nsCOMPtr<nsILoadInfo> loadInfo;
412-
MOZ_ALWAYS_SUCCEEDS(LoadInfoArgsToLoadInfo(Some(aLoadInfo), loadingDocument,
413-
getter_AddRefs(loadInfo)));
414-
415412
nsCOMPtr<nsIURI> originalUri;
416413
nsresult rv = GetOriginalURI(getter_AddRefs(originalUri));
417414
if (NS_FAILED(rv)) {
418-
aResolve(Tuple<const nsresult&, const Maybe<nsresult>&>(NS_BINDING_FAILED,
419-
Some(rv)));
415+
aResolve(rv);
420416
return IPC_OK();
421417
}
422418

423-
Maybe<nsresult> cancelCode;
424-
rv = CSPService::ConsultCSPForRedirect(originalUri, aNewUri, loadInfo,
425-
cancelCode);
426-
aResolve(Tuple<const nsresult&, const Maybe<nsresult>&>(rv, cancelCode));
419+
int16_t decision = nsIContentPolicy::ACCEPT;
420+
rv = CSPService::ConsultCSPForRedirect(originalUri, aNewUri, mLoadInfo,
421+
&decision);
422+
if (NS_FAILED(rv)) {
423+
aResolve(rv);
424+
return IPC_OK();
425+
}
426+
if (NS_CP_REJECTED(decision)) {
427+
aResolve(NS_BINDING_FAILED);
428+
} else {
429+
aResolve(NS_OK);
430+
}
427431
return IPC_OK();
428432
}
429433

netwerk/ipc/DocumentChannelChild.h

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -82,8 +82,7 @@ class DocumentChannelChild final : public PDocumentChannelChild,
8282
const nsCString& aLists, const nsCString& aFullHash);
8383

8484
mozilla::ipc::IPCResult RecvConfirmRedirect(
85-
const LoadInfoArgs& aLoadInfo, nsIURI* aNewUri,
86-
ConfirmRedirectResolver&& aResolve);
85+
nsIURI* aNewUri, ConfirmRedirectResolver&& aResolve);
8786

8887
void DoFailedAsyncOpen(const nsresult& aStatusCode);
8988

netwerk/ipc/DocumentChannelParent.cpp

Lines changed: 12 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -801,31 +801,24 @@ DocumentChannelParent::AsyncOnChannelRedirect(
801801
// process so that it can send events. Send a message to
802802
// our content process to ask CSP if we should allow this
803803
// redirect, and wait for confirmation.
804-
nsCOMPtr<nsILoadInfo> loadInfo = aOldChannel->LoadInfo();
805-
Maybe<LoadInfoArgs> loadInfoArgs;
806-
MOZ_ALWAYS_SUCCEEDS(ipc::LoadInfoToLoadInfoArgs(loadInfo, &loadInfoArgs));
807-
MOZ_ASSERT(loadInfoArgs.isSome());
808-
809804
nsCOMPtr<nsIURI> newUri;
810805
nsresult rv = aNewChannel->GetURI(getter_AddRefs(newUri));
811806
NS_ENSURE_SUCCESS(rv, rv);
812807

813808
nsCOMPtr<nsIAsyncVerifyRedirectCallback> callback(aCallback);
814809
nsCOMPtr<nsIChannel> oldChannel(aOldChannel);
815-
SendConfirmRedirect(*loadInfoArgs, newUri)
816-
->Then(
817-
GetCurrentThreadSerialEventTarget(), __func__,
818-
[callback,
819-
oldChannel](const Tuple<nsresult, Maybe<nsresult>>& aResult) {
820-
if (Get<1>(aResult)) {
821-
oldChannel->Cancel(*Get<1>(aResult));
822-
}
823-
callback->OnRedirectVerifyCallback(Get<0>(aResult));
824-
},
825-
[callback, oldChannel](const mozilla::ipc::ResponseRejectReason) {
826-
oldChannel->Cancel(NS_ERROR_DOM_BAD_URI);
827-
callback->OnRedirectVerifyCallback(NS_BINDING_ABORTED);
828-
});
810+
SendConfirmRedirect(newUri)->Then(
811+
GetCurrentThreadSerialEventTarget(), __func__,
812+
[callback, oldChannel](nsresult aRv) {
813+
if (NS_FAILED(aRv)) {
814+
oldChannel->Cancel(NS_ERROR_DOM_BAD_URI);
815+
}
816+
callback->OnRedirectVerifyCallback(aRv);
817+
},
818+
[callback, oldChannel](const mozilla::ipc::ResponseRejectReason) {
819+
oldChannel->Cancel(NS_ERROR_DOM_BAD_URI);
820+
callback->OnRedirectVerifyCallback(NS_BINDING_ABORTED);
821+
});
829822

830823
// Clear out our nsIParentChannel functions, since a normal parent
831824
// channel would actually redirect and not have those values on the new one.

netwerk/ipc/PDocumentChannel.ipdl

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@ child:
7575
uint32_t? aContentDisposition,
7676
nsString? aContentDispositionFilename) returns(nsresult rv);
7777

78-
async ConfirmRedirect(LoadInfoArgs aLoadInfo, nsIURI aNewURI) returns(nsresult rv, nsresult? cancelCode);
78+
async ConfirmRedirect(nsIURI aNewURI) returns(nsresult rv);
7979

8080
// Tell child to delete channel (all IPDL deletes must be done from child to
8181
// avoid races: see bug 591708).

0 commit comments

Comments
 (0)