Merge pull request #540 from janekptacijarabaci/security_csp_script_redirect_1

Fix CSP: Scripts with valid nonce should not be blocked if URL redirects
author: Moonchild <mcwerewolf@gmail.com> 2018-06-24 14:11:54 +0200
committer: GitHub <noreply@github.com> 2018-06-24 14:11:54 +0200
commit: 364a399fc1157f73b8a29039a9e7f8d8b7028df5 (patch)
tree: 1ba580e017e0f428b6bb33a7872d520d6a9c8928 /dom/security/nsCSPService.cpp
parent: 574156323b4fb817c1eb62f442b4e3cbdec9067b (diff)
parent: 0097345ad9aa859dcf02cb0ba80685d51bc7ec16 (diff)
download: UXP-364a399fc1157f73b8a29039a9e7f8d8b7028df5.tar
UXP-364a399fc1157f73b8a29039a9e7f8d8b7028df5.tar.gz
UXP-364a399fc1157f73b8a29039a9e7f8d8b7028df5.tar.lz
UXP-364a399fc1157f73b8a29039a9e7f8d8b7028df5.tar.xz
UXP-364a399fc1157f73b8a29039a9e7f8d8b7028df5.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/dom/security/nsCSPService.cpp b/dom/security/nsCSPService.cpp
index 7344e19fa..4807c9aa4 100644
--- a/dom/security/nsCSPService.cpp
+++ b/dom/security/nsCSPService.cpp
@@ -288,6 +288,7 @@ CSPService::AsyncOnChannelRedirect(nsIChannel *oldChannel,
     nsContentUtils::InternalContentPolicyTypeToExternalOrWorker(policyType);
 
   int16_t aDecision = nsIContentPolicy::ACCEPT;
+  nsCOMPtr<nsISupports> requestContext = loadInfo->GetLoadingContext();
   // 1) Apply speculative CSP for preloads
   if (isPreload) {
     nsCOMPtr<nsIContentSecurityPolicy> preloadCsp;
@@ -298,7 +299,7 @@ CSPService::AsyncOnChannelRedirect(nsIChannel *oldChannel,
       preloadCsp->ShouldLoad(policyType,     // load type per nsIContentPolicy (uint32_t)
                              newUri,         // nsIURI
                              nullptr,        // nsIURI
-                             nullptr,        // nsISupports
+                             requestContext, // nsISupports
                              EmptyCString(), // ACString - MIME guess
                              originalUri,    // aExtra
                              &aDecision);
@@ -321,7 +322,7 @@ CSPService::AsyncOnChannelRedirect(nsIChannel *oldChannel,
     csp->ShouldLoad(policyType,     // load type per nsIContentPolicy (uint32_t)
                     newUri,         // nsIURI
                     nullptr,        // nsIURI
-                    nullptr,        // nsISupports
+                    requestContext, // nsISupports
                     EmptyCString(), // ACString - MIME guess
                     originalUri,    // aExtra
                     &aDecision);
author	Moonchild <mcwerewolf@gmail.com>	2018-06-24 14:11:54 +0200
committer	GitHub <noreply@github.com>	2018-06-24 14:11:54 +0200
commit	364a399fc1157f73b8a29039a9e7f8d8b7028df5 (patch)
tree	1ba580e017e0f428b6bb33a7872d520d6a9c8928 /dom/security/nsCSPService.cpp
parent	574156323b4fb817c1eb62f442b4e3cbdec9067b (diff)
parent	0097345ad9aa859dcf02cb0ba80685d51bc7ec16 (diff)
download	UXP-364a399fc1157f73b8a29039a9e7f8d8b7028df5.tar UXP-364a399fc1157f73b8a29039a9e7f8d8b7028df5.tar.gz UXP-364a399fc1157f73b8a29039a9e7f8d8b7028df5.tar.lz UXP-364a399fc1157f73b8a29039a9e7f8d8b7028df5.tar.xz UXP-364a399fc1157f73b8a29039a9e7f8d8b7028df5.zip