diff options
Diffstat (limited to 'dom/security/nsCSPParser.cpp')
-rw-r--r-- | dom/security/nsCSPParser.cpp | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/dom/security/nsCSPParser.cpp b/dom/security/nsCSPParser.cpp index a662c9cd1..86aa4e001 100644 --- a/dom/security/nsCSPParser.cpp +++ b/dom/security/nsCSPParser.cpp @@ -136,6 +136,7 @@ nsCSPParser::nsCSPParser(cspTokens& aTokens, , mUnsafeInlineKeywordSrc(nullptr) , mChildSrc(nullptr) , mFrameSrc(nullptr) + , mParsingFrameAncestorsDir(false) , mTokens(aTokens) , mSelfURI(aSelfURI) , mPolicy(nullptr) @@ -531,7 +532,7 @@ nsCSPParser::keywordSource() // Special case handling for 'self' which is not stored internally as a keyword, // but rather creates a nsCSPHostSrc using the selfURI if (CSP_IsKeyword(mCurToken, CSP_SELF)) { - return CSP_CreateHostSrcFromURI(mSelfURI); + return CSP_CreateHostSrcFromSelfURI(mSelfURI); } if (CSP_IsKeyword(mCurToken, CSP_STRICT_DYNAMIC)) { @@ -807,6 +808,7 @@ nsCSPParser::sourceExpression() if (nsCSPHostSrc *cspHost = hostSource()) { // Do not forget to set the parsed scheme. cspHost->setScheme(parsedScheme); + cspHost->setWithinFrameAncestorsDir(mParsingFrameAncestorsDir); return cspHost; } // Error was reported in hostSource() @@ -1209,6 +1211,9 @@ nsCSPParser::directive() mStrictDynamic = false; mUnsafeInlineKeywordSrc = nullptr; + mParsingFrameAncestorsDir = + CSP_IsDirective(mCurDir[0], nsIContentSecurityPolicy::FRAME_ANCESTORS_DIRECTIVE); + // Try to parse all the srcs by handing the array off to directiveValue nsTArray<nsCSPBaseSrc*> srcs; directiveValue(srcs); |