summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMoonchild <moonchild@palemoon.org>2020-08-22 09:51:42 +0000
committerMoonchild <moonchild@palemoon.org>2020-08-30 09:39:13 +0000
commit798c2ed4f8d1685df5ef53ea2fef09669d30ed36 (patch)
treea5ad132b41b4c29d416a715eb0959d02c8d9c181
parent767b637c838731f880adc92fb1e4b92bb5b591fd (diff)
downloadUXP-798c2ed4f8d1685df5ef53ea2fef09669d30ed36.tar
UXP-798c2ed4f8d1685df5ef53ea2fef09669d30ed36.tar.gz
UXP-798c2ed4f8d1685df5ef53ea2fef09669d30ed36.tar.lz
UXP-798c2ed4f8d1685df5ef53ea2fef09669d30ed36.tar.xz
UXP-798c2ed4f8d1685df5ef53ea2fef09669d30ed36.zip
Issue #618 - Split SRI verification out from OnStreamComplete.
-rw-r--r--dom/script/ScriptLoader.cpp45
-rw-r--r--dom/script/ScriptLoader.h9
2 files changed, 35 insertions, 19 deletions
diff --git a/dom/script/ScriptLoader.cpp b/dom/script/ScriptLoader.cpp
index cd0db629f..c94966169 100644
--- a/dom/script/ScriptLoader.cpp
+++ b/dom/script/ScriptLoader.cpp
@@ -2241,19 +2241,41 @@ ScriptLoader::OnStreamComplete(nsIIncrementalStreamLoader* aLoader,
nsresult aChannelStatus,
nsresult aSRIStatus,
mozilla::Vector<char16_t> &aString,
- mozilla::dom::SRICheckDataVerifier* aSRIDataVerifier)
+ SRICheckDataVerifier* aSRIDataVerifier)
{
ScriptLoadRequest* request = static_cast<ScriptLoadRequest*>(aContext);
NS_ASSERTION(request, "null request in stream complete handler");
NS_ENSURE_TRUE(request, NS_ERROR_FAILURE);
+ nsresult rv = VerifySRI(request, aLoader, aSRIStatus, aSRIDataVerifier);
+
+ if (NS_SUCCEEDED(rv)) {
+ rv = PrepareLoadedRequest(request, aLoader, aChannelStatus, aString);
+ }
+
+ if (NS_FAILED(rv)) {
+ HandleLoadError(request, rv);
+ }
+
+ // Process our request and/or any pending ones
+ ProcessPendingRequests();
+
+ return NS_OK;
+}
+
+nsresult
+ScriptLoader::VerifySRI(ScriptLoadRequest* aRequest,
+ nsIIncrementalStreamLoader* aLoader,
+ nsresult aSRIStatus,
+ SRICheckDataVerifier* aSRIDataVerifier) const
+{
nsCOMPtr<nsIRequest> channelRequest;
aLoader->GetRequest(getter_AddRefs(channelRequest));
nsCOMPtr<nsIChannel> channel;
channel = do_QueryInterface(channelRequest);
nsresult rv = NS_OK;
- if (!request->mIntegrity.IsEmpty() &&
+ if (!aRequest->mIntegrity.IsEmpty() &&
NS_SUCCEEDED((rv = aSRIStatus))) {
MOZ_ASSERT(aSRIDataVerifier);
MOZ_ASSERT(mReporter);
@@ -2262,7 +2284,7 @@ ScriptLoader::OnStreamComplete(nsIIncrementalStreamLoader* aLoader,
if (mDocument && mDocument->GetDocumentURI()) {
mDocument->GetDocumentURI()->GetAsciiSpec(sourceUri);
}
- rv = aSRIDataVerifier->Verify(request->mIntegrity, channel, sourceUri,
+ rv = aSRIDataVerifier->Verify(aRequest->mIntegrity, channel, sourceUri,
mReporter);
mReporter->FlushConsoleReports(mDocument);
if (NS_FAILED(rv)) {
@@ -2278,7 +2300,7 @@ ScriptLoader::OnStreamComplete(nsIIncrementalStreamLoader* aLoader,
loadInfo->LoadingPrincipal()->GetCsp(getter_AddRefs(csp));
nsAutoCString violationURISpec;
mDocument->GetDocumentURI()->GetAsciiSpec(violationURISpec);
- uint32_t lineNo = request->mElement ? request->mElement->GetScriptLineNumber() : 0;
+ uint32_t lineNo = aRequest->mElement ? aRequest->mElement->GetScriptLineNumber() : 0;
csp->LogViolationDetails(
nsIContentSecurityPolicy::VIOLATION_TYPE_REQUIRE_SRI_FOR_SCRIPT,
NS_ConvertUTF8toUTF16(violationURISpec),
@@ -2286,19 +2308,8 @@ ScriptLoader::OnStreamComplete(nsIIncrementalStreamLoader* aLoader,
rv = NS_ERROR_SRI_CORRUPT;
}
}
-
- if (NS_SUCCEEDED(rv)) {
- rv = PrepareLoadedRequest(request, aLoader, aChannelStatus, aString);
- }
-
- if (NS_FAILED(rv)) {
- HandleLoadError(request, rv);
- }
-
- // Process our request and/or any pending ones
- ProcessPendingRequests();
-
- return NS_OK;
+
+ return rv;
}
void
diff --git a/dom/script/ScriptLoader.h b/dom/script/ScriptLoader.h
index ed57de7c8..46ed4e120 100644
--- a/dom/script/ScriptLoader.h
+++ b/dom/script/ScriptLoader.h
@@ -407,8 +407,6 @@ public:
mozilla::Vector<char16_t> &aString,
mozilla::dom::SRICheckDataVerifier* aSRIDataVerifier);
- void HandleLoadError(ScriptLoadRequest *aRequest, nsresult aResult);
-
/**
* Processes any pending requests that are ready for processing.
*/
@@ -510,6 +508,8 @@ private:
nsresult StartLoad(ScriptLoadRequest *aRequest, const nsAString &aType,
bool aScriptFromHead);
+ void HandleLoadError(ScriptLoadRequest *aRequest, nsresult aResult);
+
/**
* Process any pending requests asynchronously (i.e. off an event) if there
* are any. Note that this is a no-op if there aren't any currently pending
@@ -544,6 +544,11 @@ private:
return mEnabled && !mBlockerCount;
}
+ nsresult VerifySRI(ScriptLoadRequest *aRequest,
+ nsIIncrementalStreamLoader* aLoader,
+ nsresult aSRIStatus,
+ SRICheckDataVerifier* aSRIDataVerifier) const;
+
nsresult AttemptAsyncScriptCompile(ScriptLoadRequest* aRequest);
nsresult ProcessRequest(ScriptLoadRequest* aRequest);
nsresult CompileOffThreadOrProcessRequest(ScriptLoadRequest* aRequest);