corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1570738 - Record Telemetry if eval() is used in the Parent Process r=ckerschb

Browse Source 
Differential Revision: https://phabricator.services.mozilla.com/D40332
This commit is contained in:
Tom Ritter
2019-08-06 19:56:23 +00:00
parent 4670d7216d
commit bd67c7de9b
7 changed files with 98 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
caps/nsScriptSecurityManager.cpp
View File

@@ -424,11 +424,12 @@ bool nsScriptSecurityManager::ContentSecurityPolicyPermitsJSAction(
nsresult rv = csp->GetAllowsEval(&reportViolation, &evalOK);
// A little convoluted. We want the scriptSample for a) reporting a violation
// or b) passing it to AssertEvalNotUsingSystemPrincipal. So do the work to
// get it if either of those cases is true.
// or b) passing it to AssertEvalNotUsingSystemPrincipal or c) we're in the
// parent process. So do the work to get it if either of those cases is true.
nsAutoJSString scriptSample;
nsCOMPtr<nsIPrincipal> subjectPrincipal = nsContentUtils::SubjectPrincipal();
if (reportViolation || subjectPrincipal->IsSystemPrincipal()) {
if (reportViolation || subjectPrincipal->IsSystemPrincipal() ||
XRE_IsE10sParentProcess()) {
JS::Rooted<JSString*> jsString(cx, JS::ToString(cx, aValue));
if (NS_WARN_IF(!jsString)) {
JS_ClearPendingException(cx);
@@ -442,8 +443,8 @@ bool nsScriptSecurityManager::ContentSecurityPolicyPermitsJSAction(
}
#if !defined(ANDROID) && (defined(NIGHTLY_BUILD) || defined(DEBUG))
nsContentSecurityManager::AssertEvalNotUsingSystemPrincipal(
cx, subjectPrincipal, scriptSample);
nsContentSecurityManager::AssertEvalNotRestricted(cx, subjectPrincipal,
scriptSample);
#endif
if (NS_FAILED(rv)) {