diff options
author | wolfbeast <mcwerewolf@gmail.com> | 2018-03-03 11:21:43 +0100 |
---|---|---|
committer | wolfbeast <mcwerewolf@gmail.com> | 2018-03-03 11:22:15 +0100 |
commit | c3039dadd95f5487e84311a9719604fa901aacd7 (patch) | |
tree | 3168b0b2d41184b89f894821e25ca258d88d6af4 /dom/security/nsCSPUtils.cpp | |
parent | 8891f99913d9054c363c0266cf4ee9718cbf474e (diff) | |
download | UXP-c3039dadd95f5487e84311a9719604fa901aacd7.tar UXP-c3039dadd95f5487e84311a9719604fa901aacd7.tar.gz UXP-c3039dadd95f5487e84311a9719604fa901aacd7.tar.lz UXP-c3039dadd95f5487e84311a9719604fa901aacd7.tar.xz UXP-c3039dadd95f5487e84311a9719604fa901aacd7.zip |
Add support for CSP v3 "worker-src" directive
Diffstat (limited to 'dom/security/nsCSPUtils.cpp')
-rw-r--r-- | dom/security/nsCSPUtils.cpp | 64 |
1 files changed, 49 insertions, 15 deletions
diff --git a/dom/security/nsCSPUtils.cpp b/dom/security/nsCSPUtils.cpp index a5f683b01..49832f8f4 100644 --- a/dom/security/nsCSPUtils.cpp +++ b/dom/security/nsCSPUtils.cpp @@ -230,7 +230,7 @@ CSP_ContentTypeToDirective(nsContentPolicyType aType) case nsIContentPolicy::TYPE_INTERNAL_WORKER: case nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER: case nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER: - return nsIContentSecurityPolicy::CHILD_SRC_DIRECTIVE; + return nsIContentSecurityPolicy::WORKER_SRC_DIRECTIVE; case nsIContentPolicy::TYPE_SUBDOCUMENT: return nsIContentSecurityPolicy::FRAME_SRC_DIRECTIVE; @@ -1184,6 +1184,11 @@ nsCSPDirective::toDomCSPStruct(mozilla::dom::CSP& outCSP) const outCSP.mSandbox.Value() = mozilla::Move(srcs); return; + case nsIContentSecurityPolicy::WORKER_SRC_DIRECTIVE: + outCSP.mWorker_src.Construct(); + outCSP.mWorker_src.Value() = mozilla::Move(srcs); + return; + // REFERRER_DIRECTIVE and REQUIRE_SRI_FOR are handled in nsCSPPolicy::toDomCSPStruct() default: @@ -1236,7 +1241,8 @@ bool nsCSPDirective::equals(CSPDirective aDirective) const nsCSPChildSrcDirective::nsCSPChildSrcDirective(CSPDirective aDirective) : nsCSPDirective(aDirective) - , mHandleFrameSrc(false) + , mRestrictFrames(false) + , mRestrictWorkers(false) { } @@ -1244,30 +1250,58 @@ nsCSPChildSrcDirective::~nsCSPChildSrcDirective() { } -void nsCSPChildSrcDirective::setHandleFrameSrc() -{ - mHandleFrameSrc = true; -} - bool nsCSPChildSrcDirective::restrictsContentType(nsContentPolicyType aContentType) const { if (aContentType == nsIContentPolicy::TYPE_SUBDOCUMENT) { - return mHandleFrameSrc; + return mRestrictFrames; } - - return (aContentType == nsIContentPolicy::TYPE_INTERNAL_WORKER - || aContentType == nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER - || aContentType == nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER - ); + if (aContentType == nsIContentPolicy::TYPE_INTERNAL_WORKER || + aContentType == nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER || + aContentType == nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER) { + return mRestrictWorkers; + } + return false; } bool nsCSPChildSrcDirective::equals(CSPDirective aDirective) const { if (aDirective == nsIContentSecurityPolicy::FRAME_SRC_DIRECTIVE) { - return mHandleFrameSrc; + return mRestrictFrames; + } + if (aDirective == nsIContentSecurityPolicy::WORKER_SRC_DIRECTIVE) { + return mRestrictWorkers; } + return (mDirective == aDirective); +} - return (aDirective == nsIContentSecurityPolicy::CHILD_SRC_DIRECTIVE); +/* =============== nsCSPScriptSrcDirective ============= */ + +nsCSPScriptSrcDirective::nsCSPScriptSrcDirective(CSPDirective aDirective) + : nsCSPDirective(aDirective) + , mRestrictWorkers(false) +{ +} + +nsCSPScriptSrcDirective::~nsCSPScriptSrcDirective() +{ +} + +bool nsCSPScriptSrcDirective::restrictsContentType(nsContentPolicyType aContentType) const +{ + if (aContentType == nsIContentPolicy::TYPE_INTERNAL_WORKER || + aContentType == nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER || + aContentType == nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER) { + return mRestrictWorkers; + } + return mDirective == CSP_ContentTypeToDirective(aContentType); +} + +bool nsCSPScriptSrcDirective::equals(CSPDirective aDirective) const +{ + if (aDirective == nsIContentSecurityPolicy::WORKER_SRC_DIRECTIVE) { + return mRestrictWorkers; + } + return (mDirective == aDirective); } /* =============== nsBlockAllMixedContentDirective ============= */ |