corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1970490: Use loading principal (rather than triggering principal) for CORS checks, by default. a=RyanVM

Browse Source 
This is essentially a backout of bug 1496505, putting its change behind a new
off-by-default about:config pref[1] for now, in case there are use cases that
require it.

[1] content.cors.use_triggering_principal

Original Revision: https://phabricator.services.mozilla.com/D252611

Differential Revision: https://phabricator.services.mozilla.com/D263611
This commit is contained in:
Daniel Holbert
2025-08-13 19:19:30 +00:00
committed by rvandermeulen@mozilla.com
parent cd516e806e
commit b75ffdc7ab
3 changed files with 21 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
dom/security/nsContentSecurityManager.cpp
View File

@@ -46,6 +46,7 @@
#include "mozilla/Logging.h" #include "mozilla/Logging.h"
#include "mozilla/Maybe.h" #include "mozilla/Maybe.h"
#include "mozilla/Preferences.h" #include "mozilla/Preferences.h"
#include "mozilla/StaticPrefs_content.h"
#include "mozilla/StaticPrefs_dom.h" #include "mozilla/StaticPrefs_dom.h"
#include "mozilla/StaticPrefs_security.h" #include "mozilla/StaticPrefs_security.h"
#include "xpcpublic.h" #include "xpcpublic.h"
@@ -357,10 +358,17 @@ static nsresult DoCORSChecks(nsIChannel* aChannel, nsILoadInfo* aLoadInfo,
return NS_OK; return NS_OK;
} }
// We use the triggering principal here, rather than the loading principal nsIPrincipal* principal = aLoadInfo->GetLoadingPrincipal();
// to ensure that anonymous CORS content in the browser resources and in if (StaticPrefs::content_cors_use_triggering_principal()) {
// WebExtensions is allowed to load. // We use the triggering principal here, rather than the loading principal,
nsIPrincipal* principal = aLoadInfo->TriggeringPrincipal(); // to ensure that WebExtensions can reuse their own resources from content
// that they inject into a page.
//
// TODO(dholbert): Is there actually a legitimate reason that WebExtensions
// might need this (as opposed to exposing their resources for use in
// web-content via the 'web_accessible_resources' manifest field)?
principal = aLoadInfo->TriggeringPrincipal();
}
RefPtr<nsCORSListenerProxy> corsListener = new nsCORSListenerProxy( RefPtr<nsCORSListenerProxy> corsListener = new nsCORSListenerProxy(
aInAndOutListener, principal, aInAndOutListener, principal,
aLoadInfo->GetCookiePolicy() == nsILoadInfo::SEC_COOKIES_INCLUDE); aLoadInfo->GetCookiePolicy() == nsILoadInfo::SEC_COOKIES_INCLUDE);

8
modules/libpref/init/StaticPrefList.yaml
View File

@@ -2188,6 +2188,14 @@
value: false value: false
mirror: always mirror: always
# If true, we'll use the triggering principal rather than the loading principal
# when doing CORS checks. This might be needed for WebExtensions to load their
# own resources from content that they inject into sites.
- name: content.cors.use_triggering_principal
type: bool
value: false
mirror: always
# Back off timer notification after count. # Back off timer notification after count.
# -1 means never. # -1 means never.
- name: content.notify.backoffcount - name: content.notify.backoffcount

1
netwerk/test/unit/xpcshell.toml
View File

@@ -543,6 +543,7 @@ skip-if = ["os == 'android' && android_version == '24' && processor == 'x86_64'
["test_cors_preflight_dns_cache.js"] ["test_cors_preflight_dns_cache.js"]
run-sequentially = "node server exceptions dont replay well" run-sequentially = "node server exceptions dont replay well"
run-if = ["!socketprocess_networking"] # can't read DNS cache syncly from socket process run-if = ["!socketprocess_networking"] # can't read DNS cache syncly from socket process
prefs = ["content.cors.use_triggering_principal=true"] # See bug 1982916.
["test_data_protocol.js"] ["test_data_protocol.js"]