Bug 1599438 - Store sandbox flags on the LoadInfo when creating a channel for a docshell, so that we don't read a stale value from the BrowsingContext later. r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D59263
This commit is contained in:
Matt Woodrow
@@ -7736,7 +7736,8 @@ nsresult nsDocShell::CreateContentViewer(const nsACString& aContentType,
|
||||
// Mark the channel as being a document URI...
|
||||
aOpenedChannel->GetLoadFlags(&loadFlags);
|
||||
loadFlags |= nsIChannel::LOAD_DOCUMENT_URI;
|
||||
if (SandboxFlagsImplyCookies(mBrowsingContext->GetSandboxFlags())) {
|
||||
nsCOMPtr<nsILoadInfo> loadInfo = aOpenedChannel->LoadInfo();
|
||||
if (SandboxFlagsImplyCookies(loadInfo->GetSandboxFlags())) {
|
||||
loadFlags |= nsIRequest::LOAD_DOCUMENT_NEEDS_COOKIE;
|
||||
}
|
||||
|
||||
@@ -8282,7 +8283,7 @@ nsresult nsDocShell::PerformRetargeting(nsDocShellLoadState* aLoadState,
|
||||
// should match this one when both are applicable.
|
||||
nsCOMPtr<nsILoadInfo> secCheckLoadInfo = new LoadInfo(
|
||||
mScriptGlobal, aLoadState->TriggeringPrincipal(), requestingContext,
|
||||
nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK);
|
||||
nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK, 0);
|
||||
|
||||
// Since Content Policy checks are performed within docShell as well as
|
||||
// the ContentSecurityManager we need a reliable way to let certain
|
||||
@@ -9830,8 +9831,6 @@ nsresult nsDocShell::DoURILoad(nsDocShellLoadState* aLoadState,
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
bool isSandBoxed = mBrowsingContext->GetSandboxFlags() & SANDBOXED_ORIGIN;
|
||||
|
||||
// We want to inherit aLoadState->PrincipalToInherit() when:
|
||||
// 1. ChannelShouldInheritPrincipal returns true.
|
||||
// 2. aLoadState->URI() is not data: URI, or data: URI is not
|
||||
@@ -9853,6 +9852,7 @@ nsresult nsDocShell::DoURILoad(nsDocShellLoadState* aLoadState,
|
||||
nsLoadFlags loadFlags = mDefaultLoadFlags;
|
||||
nsSecurityFlags securityFlags =
|
||||
nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL;
|
||||
uint32_t sandboxFlags = mBrowsingContext->GetSandboxFlags();
|
||||
|
||||
if (aLoadState->FirstParty()) {
|
||||
// tag first party URL loads
|
||||
@@ -9868,16 +9868,16 @@ nsresult nsDocShell::DoURILoad(nsDocShellLoadState* aLoadState,
|
||||
if (inheritPrincipal) {
|
||||
securityFlags |= nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
|
||||
}
|
||||
if (isSandBoxed) {
|
||||
securityFlags |= nsILoadInfo::SEC_SANDBOXED;
|
||||
}
|
||||
|
||||
RefPtr<LoadInfo> loadInfo =
|
||||
(contentPolicyType == nsIContentPolicy::TYPE_DOCUMENT)
|
||||
? new LoadInfo(loadingWindow, aLoadState->TriggeringPrincipal(),
|
||||
topLevelLoadingContext, securityFlags)
|
||||
topLevelLoadingContext, securityFlags, sandboxFlags)
|
||||
: new LoadInfo(loadingPrincipal, aLoadState->TriggeringPrincipal(),
|
||||
loadingNode, securityFlags, contentPolicyType);
|
||||
loadingNode, securityFlags, contentPolicyType,
|
||||
Maybe<mozilla::dom::ClientInfo>(),
|
||||
Maybe<mozilla::dom::ServiceWorkerDescriptor>(),
|
||||
sandboxFlags);
|
||||
|
||||
if (aLoadState->PrincipalToInherit()) {
|
||||
loadInfo->SetPrincipalToInherit(aLoadState->PrincipalToInherit());
|
||||
@@ -9957,14 +9957,14 @@ nsresult nsDocShell::DoURILoad(nsDocShellLoadState* aLoadState,
|
||||
// same process), which breaks if we serialize to the parent process.
|
||||
bool canUseDocumentChannel =
|
||||
aLoadState->HasLoadFlags(INTERNAL_LOAD_FLAGS_IS_SRCDOC)
|
||||
? isSandBoxed
|
||||
? (sandboxFlags & SANDBOXED_ORIGIN)
|
||||
: SchemeUsesDocChannel(aLoadState->URI());
|
||||
|
||||
if (StaticPrefs::browser_tabs_documentchannel() && XRE_IsContentProcess() &&
|
||||
canUseDocumentChannel) {
|
||||
channel = new DocumentChannelChild(
|
||||
aLoadState, loadInfo, initiatorType, loadFlags, mLoadType, cacheKey,
|
||||
isActive, isTopLevelDoc, mBrowsingContext->GetSandboxFlags());
|
||||
channel = new DocumentChannelChild(aLoadState, loadInfo, initiatorType,
|
||||
loadFlags, mLoadType, cacheKey, isActive,
|
||||
isTopLevelDoc, sandboxFlags);
|
||||
channel->SetNotificationCallbacks(this);
|
||||
} else if (!CreateAndConfigureRealChannelForLoadState(
|
||||
aLoadState, loadInfo, this, this, initiatorType, loadFlags,
|
||||
|
||||
@@ -2105,9 +2105,15 @@ NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN_INTERNAL(Document)
|
||||
uint32_t nsid = tmp->GetDefaultNamespaceID();
|
||||
nsAutoCString uri;
|
||||
if (tmp->mDocumentURI) uri = tmp->mDocumentURI->GetSpecOrDefault();
|
||||
const char* nsuri = nsNameSpaceManager::GetNameSpaceDisplayName(nsid);
|
||||
SprintfLiteral(name, "Document %s %s %s", loadedAsData.get(), nsuri,
|
||||
uri.get());
|
||||
static const char* kNSURIs[] = {"([none])", "(xmlns)", "(xml)",
|
||||
"(xhtml)", "(XLink)", "(XSLT)",
|
||||
"(MathML)", "(RDF)", "(XUL)"};
|
||||
if (nsid < ArrayLength(kNSURIs)) {
|
||||
SprintfLiteral(name, "Document %s %s %s", loadedAsData.get(),
|
||||
kNSURIs[nsid], uri.get());
|
||||
} else {
|
||||
SprintfLiteral(name, "Document %s %s", loadedAsData.get(), uri.get());
|
||||
}
|
||||
cb.DescribeRefCountedNode(tmp->mRefCnt.get(), name);
|
||||
} else {
|
||||
NS_IMPL_CYCLE_COLLECTION_DESCRIBE(Document, tmp->mRefCnt.get())
|
||||
@@ -3122,10 +3128,10 @@ nsresult Document::StartDocumentLoad(const char* aCommand, nsIChannel* aChannel,
|
||||
// immutable after being set here.
|
||||
nsCOMPtr<nsIDocShell> docShell = do_QueryInterface(aContainer);
|
||||
|
||||
// If this is an error page, don't inherit sandbox flags from docshell
|
||||
// If this is an error page, don't inherit sandbox flags
|
||||
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
|
||||
if (docShell && !loadInfo->GetLoadErrorPage()) {
|
||||
mSandboxFlags = docShell->GetBrowsingContext()->GetSandboxFlags();
|
||||
mSandboxFlags = loadInfo->GetSandboxFlags();
|
||||
WarnIfSandboxIneffective(docShell, mSandboxFlags, GetChannel());
|
||||
}
|
||||
|
||||
|
||||
@@ -2271,7 +2271,6 @@ nsresult nsObjectLoadingContent::OpenChannel() {
|
||||
RefPtr<ObjectInterfaceRequestorShim> shim =
|
||||
new ObjectInterfaceRequestorShim(this);
|
||||
|
||||
bool isSandBoxed = doc->GetSandboxFlags() & SANDBOXED_ORIGIN;
|
||||
bool inherit = nsContentUtils::ChannelShouldInheritPrincipal(
|
||||
thisContent->NodePrincipal(), mURI,
|
||||
true, // aInheritForAboutBlank
|
||||
@@ -2285,9 +2284,6 @@ nsresult nsObjectLoadingContent::OpenChannel() {
|
||||
if (inherit && !isURIUniqueOrigin) {
|
||||
securityFlags |= nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
|
||||
}
|
||||
if (isSandBoxed) {
|
||||
securityFlags |= nsILoadInfo::SEC_SANDBOXED;
|
||||
}
|
||||
|
||||
nsContentPolicyType contentPolicyType = GetContentPolicyType();
|
||||
|
||||
@@ -2298,7 +2294,9 @@ nsresult nsObjectLoadingContent::OpenChannel() {
|
||||
shim, // aCallbacks
|
||||
nsIChannel::LOAD_CALL_CONTENT_SNIFFERS |
|
||||
nsIChannel::LOAD_BYPASS_SERVICE_WORKER |
|
||||
nsIRequest::LOAD_HTML_OBJECT_DATA);
|
||||
nsIRequest::LOAD_HTML_OBJECT_DATA,
|
||||
nullptr, // aIoService
|
||||
doc->GetSandboxFlags());
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
if (inherit) {
|
||||
nsCOMPtr<nsILoadInfo> loadinfo = chan->LoadInfo();
|
||||
|
||||
@@ -666,7 +666,6 @@ static void LogSecurityFlags(nsSecurityFlags securityFlags) {
|
||||
{nsILoadInfo::SEC_COOKIES_SAME_ORIGIN, "SEC_COOKIES_SAME_ORIGIN"},
|
||||
{nsILoadInfo::SEC_COOKIES_OMIT, "SEC_COOKIES_OMIT"},
|
||||
{nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL, "SEC_FORCE_INHERIT_PRINCIPAL"},
|
||||
{nsILoadInfo::SEC_SANDBOXED, "SEC_SANDBOXED"},
|
||||
{nsILoadInfo::SEC_ABOUT_BLANK_INHERITS, "SEC_ABOUT_BLANK_INHERITS"},
|
||||
{nsILoadInfo::SEC_ALLOW_CHROME, "SEC_ALLOW_CHROME"},
|
||||
{nsILoadInfo::SEC_DISALLOW_SCRIPT, "SEC_DISALLOW_SCRIPT"},
|
||||
|
||||
@@ -1742,7 +1742,7 @@ nsresult WebSocketImpl::InitializeConnection(
|
||||
rv = wsChannel->InitLoadInfoNative(
|
||||
doc, doc ? doc->NodePrincipal() : aPrincipal, aPrincipal, aCookieSettings,
|
||||
nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL,
|
||||
nsIContentPolicy::TYPE_WEBSOCKET);
|
||||
nsIContentPolicy::TYPE_WEBSOCKET, 0);
|
||||
MOZ_ASSERT(NS_SUCCEEDED(rv));
|
||||
|
||||
if (!mRequestedProtocolList.IsEmpty()) {
|
||||
|
||||
@@ -43,6 +43,7 @@
|
||||
#include "nsIJARURI.h"
|
||||
#include "nsLayoutCID.h"
|
||||
#include "nsReadableUtils.h"
|
||||
#include "nsSandboxFlags.h"
|
||||
|
||||
#include "nsIURI.h"
|
||||
#include "nsIURIMutator.h"
|
||||
@@ -2376,11 +2377,12 @@ nsresult XMLHttpRequestMainThread::CreateChannel() {
|
||||
|
||||
nsSecurityFlags secFlags;
|
||||
nsLoadFlags loadFlags = nsIRequest::LOAD_BACKGROUND;
|
||||
uint32_t sandboxFlags = 0;
|
||||
if (mPrincipal->IsSystemPrincipal()) {
|
||||
// When chrome is loading we want to make sure to sandbox any potential
|
||||
// result document. We also want to allow cross-origin loads.
|
||||
secFlags = nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL |
|
||||
nsILoadInfo::SEC_SANDBOXED;
|
||||
secFlags = nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL;
|
||||
sandboxFlags = SANDBOXED_ORIGIN;
|
||||
} else if (IsSystemXHR()) {
|
||||
// For pages that have appropriate permissions, we want to still allow
|
||||
// cross-origin loads, but make sure that the any potential result
|
||||
@@ -2411,7 +2413,7 @@ nsresult XMLHttpRequestMainThread::CreateChannel() {
|
||||
nullptr, // aPerformanceStorage
|
||||
loadGroup,
|
||||
nullptr, // aCallbacks
|
||||
loadFlags);
|
||||
loadFlags, nullptr, sandboxFlags);
|
||||
} else if (mClientInfo.isSome()) {
|
||||
rv = NS_NewChannel(getter_AddRefs(mChannel), mRequestURL, mPrincipal,
|
||||
mClientInfo.ref(), mController, secFlags,
|
||||
@@ -2420,7 +2422,7 @@ nsresult XMLHttpRequestMainThread::CreateChannel() {
|
||||
mPerformanceStorage, // aPerformanceStorage
|
||||
loadGroup,
|
||||
nullptr, // aCallbacks
|
||||
loadFlags);
|
||||
loadFlags, nullptr, sandboxFlags);
|
||||
} else {
|
||||
// Otherwise use the principal.
|
||||
rv = NS_NewChannel(getter_AddRefs(mChannel), mRequestURL, mPrincipal,
|
||||
@@ -2429,7 +2431,7 @@ nsresult XMLHttpRequestMainThread::CreateChannel() {
|
||||
mPerformanceStorage, // aPerformanceStorage
|
||||
loadGroup,
|
||||
nullptr, // aCallbacks
|
||||
loadFlags);
|
||||
loadFlags, nullptr, sandboxFlags);
|
||||
}
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
|
||||
@@ -571,7 +571,8 @@ nsresult LoadInfoToLoadInfoArgs(nsILoadInfo* aLoadInfo,
|
||||
loadingPrincipalInfo, triggeringPrincipalInfo, principalToInheritInfo,
|
||||
sandboxedLoadingPrincipalInfo, topLevelPrincipalInfo,
|
||||
topLevelStorageAreaPrincipalInfo, optionalResultPrincipalURI,
|
||||
aLoadInfo->GetSecurityFlags(), aLoadInfo->InternalContentPolicyType(),
|
||||
aLoadInfo->GetSecurityFlags(), aLoadInfo->GetSandboxFlags(),
|
||||
aLoadInfo->InternalContentPolicyType(),
|
||||
static_cast<uint32_t>(aLoadInfo->GetTainting()),
|
||||
aLoadInfo->GetBlockAllMixedContent(),
|
||||
aLoadInfo->GetUpgradeInsecureRequests(),
|
||||
@@ -760,7 +761,7 @@ nsresult LoadInfoArgsToLoadInfo(
|
||||
sandboxedLoadingPrincipal, topLevelPrincipal,
|
||||
topLevelStorageAreaPrincipal, resultPrincipalURI, cookieSettings,
|
||||
cspToInherit, clientInfo, reservedClientInfo, initialClientInfo,
|
||||
controller, loadInfoArgs.securityFlags(),
|
||||
controller, loadInfoArgs.securityFlags(), loadInfoArgs.sandboxFlags(),
|
||||
loadInfoArgs.contentPolicyType(),
|
||||
static_cast<LoadTainting>(loadInfoArgs.tainting()),
|
||||
loadInfoArgs.blockAllMixedContent(),
|
||||
|
||||
@@ -56,7 +56,8 @@ LoadInfo::LoadInfo(
|
||||
nsINode* aLoadingContext, nsSecurityFlags aSecurityFlags,
|
||||
nsContentPolicyType aContentPolicyType,
|
||||
const Maybe<mozilla::dom::ClientInfo>& aLoadingClientInfo,
|
||||
const Maybe<mozilla::dom::ServiceWorkerDescriptor>& aController)
|
||||
const Maybe<mozilla::dom::ServiceWorkerDescriptor>& aController,
|
||||
uint32_t aSandboxFlags)
|
||||
: mLoadingPrincipal(aLoadingContext ? aLoadingContext->NodePrincipal()
|
||||
: aLoadingPrincipal),
|
||||
mTriggeringPrincipal(aTriggeringPrincipal ? aTriggeringPrincipal
|
||||
@@ -67,6 +68,7 @@ LoadInfo::LoadInfo(
|
||||
mLoadingContext(do_GetWeakReference(aLoadingContext)),
|
||||
mContextForTopLevelLoad(nullptr),
|
||||
mSecurityFlags(aSecurityFlags),
|
||||
mSandboxFlags(aSandboxFlags),
|
||||
mInternalContentPolicyType(aContentPolicyType),
|
||||
mTainting(LoadTainting::Basic),
|
||||
mBlockAllMixedContent(false),
|
||||
@@ -134,7 +136,7 @@ LoadInfo::LoadInfo(
|
||||
aLoadingContext->NodePrincipal() == aLoadingPrincipal);
|
||||
|
||||
// if the load is sandboxed, we can not also inherit the principal
|
||||
if (mSecurityFlags & nsILoadInfo::SEC_SANDBOXED) {
|
||||
if (mSandboxFlags & SANDBOXED_ORIGIN) {
|
||||
mForceInheritPrincipalDropped =
|
||||
(mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
|
||||
mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
|
||||
@@ -322,12 +324,13 @@ LoadInfo::LoadInfo(
|
||||
LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow,
|
||||
nsIPrincipal* aTriggeringPrincipal,
|
||||
nsISupports* aContextForTopLevelLoad,
|
||||
nsSecurityFlags aSecurityFlags)
|
||||
nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags)
|
||||
: mLoadingPrincipal(nullptr),
|
||||
mTriggeringPrincipal(aTriggeringPrincipal),
|
||||
mPrincipalToInherit(nullptr),
|
||||
mContextForTopLevelLoad(do_GetWeakReference(aContextForTopLevelLoad)),
|
||||
mSecurityFlags(aSecurityFlags),
|
||||
mSandboxFlags(aSandboxFlags),
|
||||
mInternalContentPolicyType(nsIContentPolicy::TYPE_DOCUMENT),
|
||||
mTainting(LoadTainting::Basic),
|
||||
mBlockAllMixedContent(false),
|
||||
@@ -367,7 +370,7 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow,
|
||||
MOZ_ASSERT(mTriggeringPrincipal);
|
||||
|
||||
// if the load is sandboxed, we can not also inherit the principal
|
||||
if (mSecurityFlags & nsILoadInfo::SEC_SANDBOXED) {
|
||||
if (mSandboxFlags & SANDBOXED_ORIGIN) {
|
||||
mForceInheritPrincipalDropped =
|
||||
(mSecurityFlags & nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);
|
||||
mSecurityFlags &= ~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
|
||||
@@ -435,6 +438,7 @@ LoadInfo::LoadInfo(const LoadInfo& rhs)
|
||||
mLoadingContext(rhs.mLoadingContext),
|
||||
mContextForTopLevelLoad(rhs.mContextForTopLevelLoad),
|
||||
mSecurityFlags(rhs.mSecurityFlags),
|
||||
mSandboxFlags(rhs.mSandboxFlags),
|
||||
mInternalContentPolicyType(rhs.mInternalContentPolicyType),
|
||||
mTainting(rhs.mTainting),
|
||||
mBlockAllMixedContent(rhs.mBlockAllMixedContent),
|
||||
@@ -491,9 +495,10 @@ LoadInfo::LoadInfo(
|
||||
const Maybe<ClientInfo>& aReservedClientInfo,
|
||||
const Maybe<ClientInfo>& aInitialClientInfo,
|
||||
const Maybe<ServiceWorkerDescriptor>& aController,
|
||||
nsSecurityFlags aSecurityFlags, nsContentPolicyType aContentPolicyType,
|
||||
LoadTainting aTainting, bool aBlockAllMixedContent,
|
||||
bool aUpgradeInsecureRequests, bool aBrowserUpgradeInsecureRequests,
|
||||
nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags,
|
||||
nsContentPolicyType aContentPolicyType, LoadTainting aTainting,
|
||||
bool aBlockAllMixedContent, bool aUpgradeInsecureRequests,
|
||||
bool aBrowserUpgradeInsecureRequests,
|
||||
bool aBrowserWouldUpgradeInsecureRequests, bool aForceAllowDataURI,
|
||||
bool aAllowInsecureRedirectToDataURI, bool aBypassCORSChecks,
|
||||
bool aSkipContentPolicyCheckForWebRequest,
|
||||
@@ -528,6 +533,7 @@ LoadInfo::LoadInfo(
|
||||
mController(aController),
|
||||
mLoadingContext(do_GetWeakReference(aLoadingContext)),
|
||||
mSecurityFlags(aSecurityFlags),
|
||||
mSandboxFlags(aSandboxFlags),
|
||||
mInternalContentPolicyType(aContentPolicyType),
|
||||
mTainting(aTainting),
|
||||
mBlockAllMixedContent(aBlockAllMixedContent),
|
||||
@@ -666,7 +672,7 @@ nsIPrincipal* LoadInfo::FindPrincipalToInherit(nsIChannel* aChannel) {
|
||||
}
|
||||
|
||||
nsIPrincipal* LoadInfo::GetSandboxedLoadingPrincipal() {
|
||||
if (!(mSecurityFlags & nsILoadInfo::SEC_SANDBOXED)) {
|
||||
if (!(mSandboxFlags & SANDBOXED_ORIGIN)) {
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
@@ -736,6 +742,12 @@ LoadInfo::GetSecurityFlags(nsSecurityFlags* aResult) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
LoadInfo::GetSandboxFlags(uint32_t* aResult) {
|
||||
*aResult = mSandboxFlags;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
LoadInfo::GetSecurityMode(uint32_t* aFlags) {
|
||||
*aFlags =
|
||||
@@ -834,7 +846,7 @@ LoadInfo::GetForceInheritPrincipalOverruleOwner(bool* aInheritPrincipal) {
|
||||
|
||||
NS_IMETHODIMP
|
||||
LoadInfo::GetLoadingSandboxed(bool* aLoadingSandboxed) {
|
||||
*aLoadingSandboxed = (mSecurityFlags & nsILoadInfo::SEC_SANDBOXED);
|
||||
*aLoadingSandboxed = (mSandboxFlags & SANDBOXED_ORIGIN);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
||||
@@ -63,14 +63,15 @@ class LoadInfo final : public nsILoadInfo {
|
||||
const Maybe<mozilla::dom::ClientInfo>& aLoadingClientInfo =
|
||||
Maybe<mozilla::dom::ClientInfo>(),
|
||||
const Maybe<mozilla::dom::ServiceWorkerDescriptor>& aController =
|
||||
Maybe<mozilla::dom::ServiceWorkerDescriptor>());
|
||||
Maybe<mozilla::dom::ServiceWorkerDescriptor>(),
|
||||
uint32_t aSandboxFlags = 0);
|
||||
|
||||
// Constructor used for TYPE_DOCUMENT loads which have a different
|
||||
// loadingContext than other loads. This ContextForTopLevelLoad is
|
||||
// only used for content policy checks.
|
||||
LoadInfo(nsPIDOMWindowOuter* aOuterWindow, nsIPrincipal* aTriggeringPrincipal,
|
||||
nsISupports* aContextForTopLevelLoad,
|
||||
nsSecurityFlags aSecurityFlags);
|
||||
nsISupports* aContextForTopLevelLoad, nsSecurityFlags aSecurityFlags,
|
||||
uint32_t aSandboxFlags);
|
||||
|
||||
// create an exact copy of the loadinfo
|
||||
already_AddRefed<nsILoadInfo> Clone() const;
|
||||
@@ -133,7 +134,7 @@ class LoadInfo final : public nsILoadInfo {
|
||||
const Maybe<mozilla::dom::ClientInfo>& aReservedClientInfo,
|
||||
const Maybe<mozilla::dom::ClientInfo>& aInitialClientInfo,
|
||||
const Maybe<mozilla::dom::ServiceWorkerDescriptor>& aController,
|
||||
nsSecurityFlags aSecurityFlags,
|
||||
nsSecurityFlags aSecurityFlags, uint32_t aSandboxFlags,
|
||||
nsContentPolicyType aContentPolicyType, LoadTainting aTainting,
|
||||
bool aBlockAllMixedContent, bool aUpgradeInsecureRequests,
|
||||
bool aBrowserUpgradeInsecureRequests,
|
||||
@@ -213,6 +214,7 @@ class LoadInfo final : public nsILoadInfo {
|
||||
nsWeakPtr mLoadingContext;
|
||||
nsWeakPtr mContextForTopLevelLoad;
|
||||
nsSecurityFlags mSecurityFlags;
|
||||
uint32_t mSandboxFlags;
|
||||
nsContentPolicyType mInternalContentPolicyType;
|
||||
LoadTainting mTainting;
|
||||
bool mBlockAllMixedContent;
|
||||
|
||||
@@ -117,6 +117,7 @@ interface nsIIOService : nsISupports
|
||||
in const_MaybeServiceWorkerDescriptorRef aController,
|
||||
in unsigned long aSecurityFlags,
|
||||
in unsigned long aContentPolicyType,
|
||||
in unsigned long aSandboxFlags,
|
||||
out nsIChannel aResult);
|
||||
|
||||
/**
|
||||
|
||||
@@ -164,25 +164,13 @@ interface nsILoadInfo : nsISupports
|
||||
* is loading the URI "http://b.com/whatever", GetChannelResultPrincipal
|
||||
* will return a principal from "http://a.com/".
|
||||
*
|
||||
* This flag can not be used together with SEC_SANDBOXED. If both are passed
|
||||
* to the LoadInfo constructor then this flag will be dropped. If you need
|
||||
* to know whether this flag would have been present but was dropped due to
|
||||
* sandboxing, check for the forceInheritPrincipalDropped flag.
|
||||
* This flag can not be used together with SANDBOXED_ORIGIN sandbox flag. If
|
||||
* both are passed to the LoadInfo constructor then this flag will be dropped.
|
||||
* If you need to know whether this flag would have been present but was dropped
|
||||
* due to sandboxing, check for the forceInheritPrincipalDropped flag.
|
||||
*/
|
||||
const unsigned long SEC_FORCE_INHERIT_PRINCIPAL = (1<<7);
|
||||
|
||||
/**
|
||||
* Sandbox the load. The resulting resource will use a freshly created
|
||||
* null principal. So GetChannelResultPrincipal will always return a
|
||||
* null principal whenever this flag is set.
|
||||
*
|
||||
* This will happen independently of the scheme of the URI that the
|
||||
* channel is loading.
|
||||
*
|
||||
* This flag can not be used together with SEC_FORCE_INHERIT_PRINCIPAL.
|
||||
*/
|
||||
const unsigned long SEC_SANDBOXED = (1<<8);
|
||||
|
||||
/**
|
||||
* Inherit the Principal for about:blank.
|
||||
*/
|
||||
@@ -409,6 +397,11 @@ interface nsILoadInfo : nsISupports
|
||||
}
|
||||
%}
|
||||
|
||||
/**
|
||||
* The sandboxFlags of that channel.
|
||||
*/
|
||||
[infallible] readonly attribute unsigned long sandboxFlags;
|
||||
|
||||
/**
|
||||
* Allows to query only the security mode bits from above.
|
||||
*/
|
||||
@@ -634,9 +627,9 @@ interface nsILoadInfo : nsISupports
|
||||
|
||||
/**
|
||||
* The SEC_FORCE_INHERIT_PRINCIPAL flag may be dropped when a load info
|
||||
* object is created. Specifically, it will be dropped if the SEC_SANDBOXED
|
||||
* flag is also present. This flag is set if SEC_FORCE_INHERIT_PRINCIPAL was
|
||||
* dropped.
|
||||
* object is created. Specifically, it will be dropped if the SANDBOXED_ORIGIN
|
||||
* sandbox flag is also present. This flag is set if SEC_FORCE_INHERIT_PRINCIPAL
|
||||
* was dropped.
|
||||
*/
|
||||
[infallible] readonly attribute boolean forceInheritPrincipalDropped;
|
||||
|
||||
@@ -916,7 +909,7 @@ interface nsILoadInfo : nsISupports
|
||||
attribute nsIURI resultPrincipalURI;
|
||||
|
||||
/**
|
||||
* Returns the null principal of the resulting resource if the SEC_SANDBOXED
|
||||
* Returns the null principal of the resulting resource if the SANDBOXED_ORIGIN
|
||||
* flag is set. Otherwise returns null. This is used by
|
||||
* GetChannelResultPrincipal() to ensure that the same null principal object
|
||||
* is returned every time.
|
||||
|
||||
@@ -904,13 +904,13 @@ nsresult nsIOService::NewChannelFromURIWithClientAndController(
|
||||
nsIPrincipal* aTriggeringPrincipal,
|
||||
const Maybe<ClientInfo>& aLoadingClientInfo,
|
||||
const Maybe<ServiceWorkerDescriptor>& aController, uint32_t aSecurityFlags,
|
||||
uint32_t aContentPolicyType, nsIChannel** aResult) {
|
||||
uint32_t aContentPolicyType, uint32_t aSandboxFlags, nsIChannel** aResult) {
|
||||
return NewChannelFromURIWithProxyFlagsInternal(
|
||||
aURI,
|
||||
nullptr, // aProxyURI
|
||||
0, // aProxyFlags
|
||||
aLoadingNode, aLoadingPrincipal, aTriggeringPrincipal, aLoadingClientInfo,
|
||||
aController, aSecurityFlags, aContentPolicyType, aResult);
|
||||
aController, aSecurityFlags, aContentPolicyType, aSandboxFlags, aResult);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
@@ -928,7 +928,7 @@ nsresult nsIOService::NewChannelFromURIWithProxyFlagsInternal(
|
||||
nsIPrincipal* aTriggeringPrincipal,
|
||||
const Maybe<ClientInfo>& aLoadingClientInfo,
|
||||
const Maybe<ServiceWorkerDescriptor>& aController, uint32_t aSecurityFlags,
|
||||
uint32_t aContentPolicyType, nsIChannel** result) {
|
||||
uint32_t aContentPolicyType, uint32_t aSandboxFlags, nsIChannel** result) {
|
||||
// Ideally all callers of NewChannelFromURIWithProxyFlagsInternal provide
|
||||
// the necessary arguments to create a loadinfo.
|
||||
//
|
||||
@@ -946,7 +946,7 @@ nsresult nsIOService::NewChannelFromURIWithProxyFlagsInternal(
|
||||
aContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT) {
|
||||
loadInfo = new LoadInfo(aLoadingPrincipal, aTriggeringPrincipal,
|
||||
aLoadingNode, aSecurityFlags, aContentPolicyType,
|
||||
aLoadingClientInfo, aController);
|
||||
aLoadingClientInfo, aController, aSandboxFlags);
|
||||
}
|
||||
if (!loadInfo) {
|
||||
JSContext* cx = nsContentUtils::GetCurrentJSContext();
|
||||
@@ -1050,7 +1050,7 @@ nsIOService::NewChannelFromURIWithProxyFlags(
|
||||
return NewChannelFromURIWithProxyFlagsInternal(
|
||||
aURI, aProxyURI, aProxyFlags, aLoadingNode, aLoadingPrincipal,
|
||||
aTriggeringPrincipal, Maybe<ClientInfo>(),
|
||||
Maybe<ServiceWorkerDescriptor>(), aSecurityFlags, aContentPolicyType,
|
||||
Maybe<ServiceWorkerDescriptor>(), aSecurityFlags, aContentPolicyType, 0,
|
||||
result);
|
||||
}
|
||||
|
||||
|
||||
@@ -172,7 +172,7 @@ class nsIOService final : public nsIIOService,
|
||||
const mozilla::Maybe<mozilla::dom::ClientInfo>& aLoadingClientInfo,
|
||||
const mozilla::Maybe<mozilla::dom::ServiceWorkerDescriptor>& aController,
|
||||
uint32_t aSecurityFlags, uint32_t aContentPolicyType,
|
||||
nsIChannel** result);
|
||||
uint32_t aSandboxFlags, nsIChannel** result);
|
||||
|
||||
nsresult NewChannelFromURIWithProxyFlagsInternal(nsIURI* aURI,
|
||||
nsIURI* aProxyURI,
|
||||
|
||||
@@ -313,7 +313,8 @@ nsresult NS_NewChannel(nsIChannel** outChannel, nsIURI* aUri,
|
||||
nsILoadGroup* aLoadGroup /* = nullptr */,
|
||||
nsIInterfaceRequestor* aCallbacks /* = nullptr */,
|
||||
nsLoadFlags aLoadFlags /* = nsIRequest::LOAD_NORMAL */,
|
||||
nsIIOService* aIoService /* = nullptr */) {
|
||||
nsIIOService* aIoService /* = nullptr */,
|
||||
uint32_t aSandboxFlags /* = 0 */) {
|
||||
return NS_NewChannelInternal(
|
||||
outChannel, aUri,
|
||||
nullptr, // aLoadingNode,
|
||||
@@ -321,7 +322,7 @@ nsresult NS_NewChannel(nsIChannel** outChannel, nsIURI* aUri,
|
||||
nullptr, // aTriggeringPrincipal
|
||||
Maybe<ClientInfo>(), Maybe<ServiceWorkerDescriptor>(), aSecurityFlags,
|
||||
aContentPolicyType, aCookieSettings, aPerformanceStorage, aLoadGroup,
|
||||
aCallbacks, aLoadFlags, aIoService);
|
||||
aCallbacks, aLoadFlags, aIoService, aSandboxFlags);
|
||||
}
|
||||
|
||||
nsresult NS_NewChannel(nsIChannel** outChannel, nsIURI* aUri,
|
||||
@@ -335,7 +336,8 @@ nsresult NS_NewChannel(nsIChannel** outChannel, nsIURI* aUri,
|
||||
nsILoadGroup* aLoadGroup /* = nullptr */,
|
||||
nsIInterfaceRequestor* aCallbacks /* = nullptr */,
|
||||
nsLoadFlags aLoadFlags /* = nsIRequest::LOAD_NORMAL */,
|
||||
nsIIOService* aIoService /* = nullptr */) {
|
||||
nsIIOService* aIoService /* = nullptr */,
|
||||
uint32_t aSandboxFlags /* = 0 */) {
|
||||
AssertLoadingPrincipalAndClientInfoMatch(
|
||||
aLoadingPrincipal, aLoadingClientInfo, aContentPolicyType);
|
||||
|
||||
@@ -349,7 +351,7 @@ nsresult NS_NewChannel(nsIChannel** outChannel, nsIURI* aUri,
|
||||
loadingClientInfo, aController, aSecurityFlags,
|
||||
aContentPolicyType, aCookieSettings,
|
||||
aPerformanceStorage, aLoadGroup, aCallbacks,
|
||||
aLoadFlags, aIoService);
|
||||
aLoadFlags, aIoService, aSandboxFlags);
|
||||
}
|
||||
|
||||
nsresult NS_NewChannelInternal(
|
||||
@@ -363,7 +365,8 @@ nsresult NS_NewChannelInternal(
|
||||
nsILoadGroup* aLoadGroup /* = nullptr */,
|
||||
nsIInterfaceRequestor* aCallbacks /* = nullptr */,
|
||||
nsLoadFlags aLoadFlags /* = nsIRequest::LOAD_NORMAL */,
|
||||
nsIIOService* aIoService /* = nullptr */) {
|
||||
nsIIOService* aIoService /* = nullptr */,
|
||||
uint32_t aSandboxFlags /* = 0 */) {
|
||||
NS_ENSURE_ARG_POINTER(outChannel);
|
||||
|
||||
nsCOMPtr<nsIIOService> grip;
|
||||
@@ -374,7 +377,7 @@ nsresult NS_NewChannelInternal(
|
||||
rv = aIoService->NewChannelFromURIWithClientAndController(
|
||||
aUri, aLoadingNode, aLoadingPrincipal, aTriggeringPrincipal,
|
||||
aLoadingClientInfo, aController, aSecurityFlags, aContentPolicyType,
|
||||
getter_AddRefs(channel));
|
||||
aSandboxFlags, getter_AddRefs(channel));
|
||||
if (NS_FAILED(rv)) {
|
||||
return rv;
|
||||
}
|
||||
@@ -495,14 +498,16 @@ nsresult NS_NewChannel(nsIChannel** outChannel, nsIURI* aUri,
|
||||
nsILoadGroup* aLoadGroup /* = nullptr */,
|
||||
nsIInterfaceRequestor* aCallbacks /* = nullptr */,
|
||||
nsLoadFlags aLoadFlags /* = nsIRequest::LOAD_NORMAL */,
|
||||
nsIIOService* aIoService /* = nullptr */) {
|
||||
nsIIOService* aIoService /* = nullptr */,
|
||||
uint32_t aSandboxFlags /* = 0 */) {
|
||||
NS_ASSERTION(aLoadingNode, "Can not create channel without a loading Node!");
|
||||
return NS_NewChannelInternal(
|
||||
outChannel, aUri, aLoadingNode, aLoadingNode->NodePrincipal(),
|
||||
nullptr, // aTriggeringPrincipal
|
||||
Maybe<ClientInfo>(), Maybe<ServiceWorkerDescriptor>(), aSecurityFlags,
|
||||
aContentPolicyType, aLoadingNode->OwnerDoc()->CookieSettings(),
|
||||
aPerformanceStorage, aLoadGroup, aCallbacks, aLoadFlags, aIoService);
|
||||
aPerformanceStorage, aLoadGroup, aCallbacks, aLoadFlags, aIoService,
|
||||
aSandboxFlags);
|
||||
}
|
||||
|
||||
nsresult NS_GetIsDocumentChannel(nsIChannel* aChannel, bool* aIsDocument) {
|
||||
|
||||
@@ -164,7 +164,7 @@ nsresult NS_NewChannelInternal(
|
||||
nsILoadGroup* aLoadGroup = nullptr,
|
||||
nsIInterfaceRequestor* aCallbacks = nullptr,
|
||||
nsLoadFlags aLoadFlags = nsIRequest::LOAD_NORMAL,
|
||||
nsIIOService* aIoService = nullptr);
|
||||
nsIIOService* aIoService = nullptr, uint32_t aSandboxFlags = 0);
|
||||
|
||||
// See NS_NewChannelInternal for usage and argument description
|
||||
nsresult NS_NewChannelInternal(
|
||||
@@ -221,7 +221,7 @@ nsresult NS_NewChannel(
|
||||
nsILoadGroup* aLoadGroup = nullptr,
|
||||
nsIInterfaceRequestor* aCallbacks = nullptr,
|
||||
nsLoadFlags aLoadFlags = nsIRequest::LOAD_NORMAL,
|
||||
nsIIOService* aIoService = nullptr);
|
||||
nsIIOService* aIoService = nullptr, uint32_t aSandboxFlags = 0);
|
||||
|
||||
// See NS_NewChannelInternal for usage and argument description
|
||||
nsresult NS_NewChannel(
|
||||
@@ -232,7 +232,7 @@ nsresult NS_NewChannel(
|
||||
nsILoadGroup* aLoadGroup = nullptr,
|
||||
nsIInterfaceRequestor* aCallbacks = nullptr,
|
||||
nsLoadFlags aLoadFlags = nsIRequest::LOAD_NORMAL,
|
||||
nsIIOService* aIoService = nullptr);
|
||||
nsIIOService* aIoService = nullptr, uint32_t aSandboxFlags = 0);
|
||||
|
||||
// See NS_NewChannelInternal for usage and argument description
|
||||
nsresult NS_NewChannel(
|
||||
@@ -245,7 +245,7 @@ nsresult NS_NewChannel(
|
||||
nsILoadGroup* aLoadGroup = nullptr,
|
||||
nsIInterfaceRequestor* aCallbacks = nullptr,
|
||||
nsLoadFlags aLoadFlags = nsIRequest::LOAD_NORMAL,
|
||||
nsIIOService* aIoService = nullptr);
|
||||
nsIIOService* aIoService = nullptr, uint32_t aSandboxFlags = 0);
|
||||
|
||||
nsresult NS_GetIsDocumentChannel(nsIChannel* aChannel, bool* aIsDocument);
|
||||
|
||||
|
||||
@@ -77,6 +77,7 @@ struct LoadInfoArgs
|
||||
PrincipalInfo? topLevelStorageAreaPrincipalInfo;
|
||||
URIParams? resultPrincipalURI;
|
||||
uint32_t securityFlags;
|
||||
uint32_t sandboxFlags;
|
||||
uint32_t contentPolicyType;
|
||||
uint32_t tainting;
|
||||
bool blockAllMixedContent;
|
||||
|
||||
@@ -206,9 +206,12 @@ BaseWebSocketChannel::InitLoadInfoNative(nsINode* aLoadingNode,
|
||||
nsIPrincipal* aTriggeringPrincipal,
|
||||
nsICookieSettings* aCookieSettings,
|
||||
uint32_t aSecurityFlags,
|
||||
uint32_t aContentPolicyType) {
|
||||
mLoadInfo = new LoadInfo(aLoadingPrincipal, aTriggeringPrincipal,
|
||||
aLoadingNode, aSecurityFlags, aContentPolicyType);
|
||||
uint32_t aContentPolicyType,
|
||||
uint32_t aSandboxFlags) {
|
||||
mLoadInfo = new LoadInfo(
|
||||
aLoadingPrincipal, aTriggeringPrincipal, aLoadingNode, aSecurityFlags,
|
||||
aContentPolicyType, Maybe<mozilla::dom::ClientInfo>(),
|
||||
Maybe<mozilla::dom::ServiceWorkerDescriptor>(), aSandboxFlags);
|
||||
if (aCookieSettings) {
|
||||
mLoadInfo->SetCookieSettings(aCookieSettings);
|
||||
}
|
||||
@@ -223,7 +226,7 @@ BaseWebSocketChannel::InitLoadInfo(nsINode* aLoadingNode,
|
||||
uint32_t aContentPolicyType) {
|
||||
return InitLoadInfoNative(aLoadingNode, aLoadingPrincipal,
|
||||
aTriggeringPrincipal, nullptr, aSecurityFlags,
|
||||
aContentPolicyType);
|
||||
aContentPolicyType, 0);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
|
||||
@@ -58,7 +58,8 @@ class BaseWebSocketChannel : public nsIWebSocketChannel,
|
||||
nsIPrincipal* aTriggeringPrincipal,
|
||||
nsICookieSettings* aCookieSettings,
|
||||
uint32_t aSecurityFlags,
|
||||
uint32_t aContentPolicyType) override;
|
||||
uint32_t aContentPolicyType,
|
||||
uint32_t aSandboxFlags) override;
|
||||
NS_IMETHOD InitLoadInfo(nsINode* aLoadingNode,
|
||||
nsIPrincipal* aLoadingPrincipal,
|
||||
nsIPrincipal* aTriggeringPrincipal,
|
||||
|
||||
@@ -102,7 +102,8 @@ interface nsIWebSocketChannel : nsISupports
|
||||
in nsIPrincipal aTriggeringPrincipal,
|
||||
in nsICookieSettings aCookieSettings,
|
||||
in unsigned long aSecurityFlags,
|
||||
in unsigned long aContentPolicyType);
|
||||
in unsigned long aContentPolicyType,
|
||||
in unsigned long aSandboxFlags);
|
||||
|
||||
/**
|
||||
* Similar to the previous one but without nsICookieSettings.
|
||||
|
||||
@@ -10,6 +10,7 @@
|
||||
#include "nsNetUtil.h"
|
||||
#include "NullPrincipal.h"
|
||||
#include "nsCycleCollector.h"
|
||||
#include "nsSandboxFlags.h"
|
||||
|
||||
#include "nsFtpProtocolHandler.h"
|
||||
|
||||
@@ -67,8 +68,8 @@ static int FuzzingRunNetworkFtp(const uint8_t* data, size_t size) {
|
||||
nsIRequest::LOAD_FRESH_CONNECTION |
|
||||
nsIChannel::LOAD_INITIAL_DOCUMENT_URI;
|
||||
nsSecurityFlags secFlags;
|
||||
secFlags = nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL |
|
||||
nsILoadInfo::SEC_SANDBOXED;
|
||||
secFlags = nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL;
|
||||
uint32_t sandboxFlags = SANDBOXED_ORIGIN;
|
||||
nsCOMPtr<nsIChannel> channel;
|
||||
rv = NS_NewChannel(getter_AddRefs(channel), url,
|
||||
nsContentUtils::GetSystemPrincipal(), secFlags,
|
||||
@@ -78,8 +79,8 @@ static int FuzzingRunNetworkFtp(const uint8_t* data, size_t size) {
|
||||
nullptr, // loadGroup
|
||||
nullptr, // aCallbacks
|
||||
loadFlags, // aLoadFlags
|
||||
nullptr // aIoService
|
||||
);
|
||||
nullptr, // aIoService
|
||||
sandboxFlags);
|
||||
|
||||
if (rv != NS_OK) {
|
||||
MOZ_CRASH("Call to NS_NewChannel failed.");
|
||||
|
||||
@@ -16,6 +16,7 @@
|
||||
#include "NullPrincipal.h"
|
||||
#include "nsCycleCollector.h"
|
||||
#include "RequestContextService.h"
|
||||
#include "nsSandboxFlags.h"
|
||||
|
||||
#include "FuzzingInterface.h"
|
||||
#include "FuzzingStreamListener.h"
|
||||
@@ -99,8 +100,8 @@ static int FuzzingRunNetworkHttp(const uint8_t* data, size_t size) {
|
||||
nsIRequest::LOAD_FRESH_CONNECTION |
|
||||
nsIChannel::LOAD_INITIAL_DOCUMENT_URI;
|
||||
nsSecurityFlags secFlags;
|
||||
secFlags = nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL |
|
||||
nsILoadInfo::SEC_SANDBOXED;
|
||||
secFlags = nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL;
|
||||
uint32_t sandboxFlags = SANDBOXED_ORIGIN;
|
||||
|
||||
nsCOMPtr<nsIChannel> channel;
|
||||
nsCOMPtr<nsILoadInfo> loadInfo;
|
||||
@@ -150,7 +151,8 @@ static int FuzzingRunNetworkHttp(const uint8_t* data, size_t size) {
|
||||
nsContentUtils::GetSystemPrincipal(), // loading principal
|
||||
nsContentUtils::GetSystemPrincipal(), // triggering principal
|
||||
nullptr, // Context
|
||||
secFlags, nsIContentPolicy::TYPE_INTERNAL_XMLHTTPREQUEST);
|
||||
secFlags, nsIContentPolicy::TYPE_INTERNAL_XMLHTTPREQUEST,
|
||||
sandboxFlags);
|
||||
|
||||
rv = pph->NewProxiedChannel(url, proxyInfo,
|
||||
0, // aProxyResolveFlags
|
||||
@@ -169,8 +171,8 @@ static int FuzzingRunNetworkHttp(const uint8_t* data, size_t size) {
|
||||
nullptr, // loadGroup
|
||||
nullptr, // aCallbacks
|
||||
loadFlags, // aLoadFlags
|
||||
nullptr // aIoService
|
||||
);
|
||||
nullptr, // aIoService
|
||||
sandboxFlags);
|
||||
|
||||
if (NS_FAILED(rv)) {
|
||||
MOZ_CRASH("Call to NS_NewChannel failed.");
|
||||
|
||||
@@ -15,6 +15,7 @@
|
||||
#include "nsScriptSecurityManager.h"
|
||||
#include "nsServiceManagerUtils.h"
|
||||
#include "NullPrincipal.h"
|
||||
#include "nsSandboxFlags.h"
|
||||
|
||||
namespace mozilla {
|
||||
namespace net {
|
||||
@@ -117,8 +118,8 @@ static int FuzzingRunNetworkWebsocket(const uint8_t* data, size_t size) {
|
||||
nsresult rv;
|
||||
|
||||
nsSecurityFlags secFlags;
|
||||
secFlags = nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL |
|
||||
nsILoadInfo::SEC_SANDBOXED;
|
||||
secFlags = nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL;
|
||||
uint32_t sandboxFlags = SANDBOXED_ORIGIN;
|
||||
|
||||
nsCOMPtr<nsIURI> url;
|
||||
nsAutoCString spec;
|
||||
@@ -146,9 +147,9 @@ static int FuzzingRunNetworkWebsocket(const uint8_t* data, size_t size) {
|
||||
nsCOMPtr<nsIPrincipal> nullPrincipal =
|
||||
NullPrincipal::CreateWithoutOriginAttributes();
|
||||
|
||||
rv = gWebSocketChannel->InitLoadInfo(
|
||||
nullptr, nullPrincipal, nsContentUtils::GetSystemPrincipal(), secFlags,
|
||||
nsIContentPolicy::TYPE_WEBSOCKET);
|
||||
rv = gWebSocketChannel->InitLoadInfoNative(
|
||||
nullptr, nullPrincipal, nsContentUtils::GetSystemPrincipal(), nullptr,
|
||||
secFlags, nsIContentPolicy::TYPE_WEBSOCKET, sandboxFlags);
|
||||
|
||||
if (rv != NS_OK) {
|
||||
MOZ_CRASH("Failed to call InitLoadInfo");
|
||||
|
||||
@@ -2,6 +2,3 @@
|
||||
[Accessing navigator.serviceWorker in sandboxed iframe should throw.]
|
||||
expected: FAIL
|
||||
|
||||
[Switching iframe sandbox attribute while loading the iframe]
|
||||
expected: FAIL
|
||||
|
||||
|
||||
Reference in New Issue
Block a user