diff options
| author | wolfbeast <mcwerewolf@gmail.com> | 2017-08-15 21:10:10 +0200 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@gmail.com> | 2018-02-06 09:03:16 +0100 |
| commit | 13e9a0c06d35bb02d211df873c105a350aeab8eb (patch) | |
| tree | 7a02bdb0992080b231c190c383bc12fac1607cd4 /dom/security/nsCSPParser.cpp | |
| parent | a9b44dbcb33cd98b163f8a21223643f2cf3829cd (diff) | |
| download | UXP-13e9a0c06d35bb02d211df873c105a350aeab8eb.tar UXP-13e9a0c06d35bb02d211df873c105a350aeab8eb.tar.gz UXP-13e9a0c06d35bb02d211df873c105a350aeab8eb.tar.lz UXP-13e9a0c06d35bb02d211df873c105a350aeab8eb.tar.xz UXP-13e9a0c06d35bb02d211df873c105a350aeab8eb.zip | |
CSP should only check host (not including path) when performing frame ancestors checks.
This has been explicitly stated in the CSP-3 spec.
Diffstat (limited to 'dom/security/nsCSPParser.cpp')
| -rw-r--r-- | dom/security/nsCSPParser.cpp | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/dom/security/nsCSPParser.cpp b/dom/security/nsCSPParser.cpp index a662c9cd1..f1b5d8ba7 100644 --- a/dom/security/nsCSPParser.cpp +++ b/dom/security/nsCSPParser.cpp @@ -136,6 +136,7 @@ nsCSPParser::nsCSPParser(cspTokens& aTokens, , mUnsafeInlineKeywordSrc(nullptr) , mChildSrc(nullptr) , mFrameSrc(nullptr) + , mParsingFrameAncestorsDir(false) , mTokens(aTokens) , mSelfURI(aSelfURI) , mPolicy(nullptr) @@ -807,6 +808,7 @@ nsCSPParser::sourceExpression() if (nsCSPHostSrc *cspHost = hostSource()) { // Do not forget to set the parsed scheme. cspHost->setScheme(parsedScheme); + cspHost->setWithinFrameAncestorsDir(mParsingFrameAncestorsDir); return cspHost; } // Error was reported in hostSource() @@ -1209,6 +1211,9 @@ nsCSPParser::directive() mStrictDynamic = false; mUnsafeInlineKeywordSrc = nullptr; + mParsingFrameAncestorsDir = + CSP_IsDirective(mCurDir[0], nsIContentSecurityPolicy::FRAME_ANCESTORS_DIRECTIVE); + // Try to parse all the srcs by handing the array off to directiveValue nsTArray<nsCSPBaseSrc*> srcs; directiveValue(srcs); |