diff options
author | Moonchild <moonchild@palemoon.org> | 2020-08-22 09:51:42 +0000 |
---|---|---|
committer | Moonchild <moonchild@palemoon.org> | 2020-08-30 09:39:13 +0000 |
commit | 798c2ed4f8d1685df5ef53ea2fef09669d30ed36 (patch) | |
tree | a5ad132b41b4c29d416a715eb0959d02c8d9c181 | |
parent | 767b637c838731f880adc92fb1e4b92bb5b591fd (diff) | |
download | UXP-798c2ed4f8d1685df5ef53ea2fef09669d30ed36.tar UXP-798c2ed4f8d1685df5ef53ea2fef09669d30ed36.tar.gz UXP-798c2ed4f8d1685df5ef53ea2fef09669d30ed36.tar.lz UXP-798c2ed4f8d1685df5ef53ea2fef09669d30ed36.tar.xz UXP-798c2ed4f8d1685df5ef53ea2fef09669d30ed36.zip |
Issue #618 - Split SRI verification out from OnStreamComplete.
-rw-r--r-- | dom/script/ScriptLoader.cpp | 45 | ||||
-rw-r--r-- | dom/script/ScriptLoader.h | 9 |
2 files changed, 35 insertions, 19 deletions
diff --git a/dom/script/ScriptLoader.cpp b/dom/script/ScriptLoader.cpp index cd0db629f..c94966169 100644 --- a/dom/script/ScriptLoader.cpp +++ b/dom/script/ScriptLoader.cpp @@ -2241,19 +2241,41 @@ ScriptLoader::OnStreamComplete(nsIIncrementalStreamLoader* aLoader, nsresult aChannelStatus, nsresult aSRIStatus, mozilla::Vector<char16_t> &aString, - mozilla::dom::SRICheckDataVerifier* aSRIDataVerifier) + SRICheckDataVerifier* aSRIDataVerifier) { ScriptLoadRequest* request = static_cast<ScriptLoadRequest*>(aContext); NS_ASSERTION(request, "null request in stream complete handler"); NS_ENSURE_TRUE(request, NS_ERROR_FAILURE); + nsresult rv = VerifySRI(request, aLoader, aSRIStatus, aSRIDataVerifier); + + if (NS_SUCCEEDED(rv)) { + rv = PrepareLoadedRequest(request, aLoader, aChannelStatus, aString); + } + + if (NS_FAILED(rv)) { + HandleLoadError(request, rv); + } + + // Process our request and/or any pending ones + ProcessPendingRequests(); + + return NS_OK; +} + +nsresult +ScriptLoader::VerifySRI(ScriptLoadRequest* aRequest, + nsIIncrementalStreamLoader* aLoader, + nsresult aSRIStatus, + SRICheckDataVerifier* aSRIDataVerifier) const +{ nsCOMPtr<nsIRequest> channelRequest; aLoader->GetRequest(getter_AddRefs(channelRequest)); nsCOMPtr<nsIChannel> channel; channel = do_QueryInterface(channelRequest); nsresult rv = NS_OK; - if (!request->mIntegrity.IsEmpty() && + if (!aRequest->mIntegrity.IsEmpty() && NS_SUCCEEDED((rv = aSRIStatus))) { MOZ_ASSERT(aSRIDataVerifier); MOZ_ASSERT(mReporter); @@ -2262,7 +2284,7 @@ ScriptLoader::OnStreamComplete(nsIIncrementalStreamLoader* aLoader, if (mDocument && mDocument->GetDocumentURI()) { mDocument->GetDocumentURI()->GetAsciiSpec(sourceUri); } - rv = aSRIDataVerifier->Verify(request->mIntegrity, channel, sourceUri, + rv = aSRIDataVerifier->Verify(aRequest->mIntegrity, channel, sourceUri, mReporter); mReporter->FlushConsoleReports(mDocument); if (NS_FAILED(rv)) { @@ -2278,7 +2300,7 @@ ScriptLoader::OnStreamComplete(nsIIncrementalStreamLoader* aLoader, loadInfo->LoadingPrincipal()->GetCsp(getter_AddRefs(csp)); nsAutoCString violationURISpec; mDocument->GetDocumentURI()->GetAsciiSpec(violationURISpec); - uint32_t lineNo = request->mElement ? request->mElement->GetScriptLineNumber() : 0; + uint32_t lineNo = aRequest->mElement ? aRequest->mElement->GetScriptLineNumber() : 0; csp->LogViolationDetails( nsIContentSecurityPolicy::VIOLATION_TYPE_REQUIRE_SRI_FOR_SCRIPT, NS_ConvertUTF8toUTF16(violationURISpec), @@ -2286,19 +2308,8 @@ ScriptLoader::OnStreamComplete(nsIIncrementalStreamLoader* aLoader, rv = NS_ERROR_SRI_CORRUPT; } } - - if (NS_SUCCEEDED(rv)) { - rv = PrepareLoadedRequest(request, aLoader, aChannelStatus, aString); - } - - if (NS_FAILED(rv)) { - HandleLoadError(request, rv); - } - - // Process our request and/or any pending ones - ProcessPendingRequests(); - - return NS_OK; + + return rv; } void diff --git a/dom/script/ScriptLoader.h b/dom/script/ScriptLoader.h index ed57de7c8..46ed4e120 100644 --- a/dom/script/ScriptLoader.h +++ b/dom/script/ScriptLoader.h @@ -407,8 +407,6 @@ public: mozilla::Vector<char16_t> &aString, mozilla::dom::SRICheckDataVerifier* aSRIDataVerifier); - void HandleLoadError(ScriptLoadRequest *aRequest, nsresult aResult); - /** * Processes any pending requests that are ready for processing. */ @@ -510,6 +508,8 @@ private: nsresult StartLoad(ScriptLoadRequest *aRequest, const nsAString &aType, bool aScriptFromHead); + void HandleLoadError(ScriptLoadRequest *aRequest, nsresult aResult); + /** * Process any pending requests asynchronously (i.e. off an event) if there * are any. Note that this is a no-op if there aren't any currently pending @@ -544,6 +544,11 @@ private: return mEnabled && !mBlockerCount; } + nsresult VerifySRI(ScriptLoadRequest *aRequest, + nsIIncrementalStreamLoader* aLoader, + nsresult aSRIStatus, + SRICheckDataVerifier* aSRIDataVerifier) const; + nsresult AttemptAsyncScriptCompile(ScriptLoadRequest* aRequest); nsresult ProcessRequest(ScriptLoadRequest* aRequest); nsresult CompileOffThreadOrProcessRequest(ScriptLoadRequest* aRequest); |