corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Backed out 2 changesets (bug 1529337) for awaiting decision on implementing other CSP 3 features

Browse Source 
Backed out changeset 12cd014c46e8 (bug 1529337)
Backed out changeset f1489d7cf1a1 (bug 1529337)
This commit is contained in:
smolnar
2022-07-18 11:09:25 +03:00
parent 83b8eb98b7
commit ea9ba4e659
60 changed files with 284 additions and 182 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
dom/script/ScriptLoader.cpp
View File

@@ -788,6 +788,8 @@ bool ScriptLoader::PreloadURIComparator::Equals(const PreloadInfo& aPi,
static bool CSPAllowsInlineScript(nsIScriptElement* aElement,
Document* aDocument) {
nsCOMPtr<nsIContentSecurityPolicy> csp = aDocument->GetCsp();
nsresult rv = NS_OK;
if (!csp) {
// no CSP --> allow
return true;
@@ -808,8 +810,8 @@ static bool CSPAllowsInlineScript(nsIScriptElement* aElement,
aElement->GetParserCreated() != mozilla::dom::NOT_FROM_PARSER;
bool allowInlineScript = false;
nsresult rv = csp->GetAllowsInline(
nsIContentSecurityPolicy::SCRIPT_SRC_ELEM_DIRECTIVE, nonce, parserCreated,
rv = csp->GetAllowsInline(
nsIContentSecurityPolicy::SCRIPT_SRC_DIRECTIVE, nonce, parserCreated,
scriptContent, nullptr /* nsICSPEventListener */, u""_ns,
aElement->GetScriptLineNumber(), aElement->GetScriptColumnNumber(),
&allowInlineScript);