From 13e9a0c06d35bb02d211df873c105a350aeab8eb Mon Sep 17 00:00:00 2001
From: wolfbeast <mcwerewolf@gmail.com>
Date: Tue, 15 Aug 2017 21:10:10 +0200
Subject: CSP should only check host (not including path) when performing frame
 ancestors checks.

This has been explicitly stated in the CSP-3 spec.
---
 dom/security/nsCSPParser.cpp | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'dom/security/nsCSPParser.cpp')

diff --git a/dom/security/nsCSPParser.cpp b/dom/security/nsCSPParser.cpp
index a662c9cd1..f1b5d8ba7 100644
--- a/dom/security/nsCSPParser.cpp
+++ b/dom/security/nsCSPParser.cpp
@@ -136,6 +136,7 @@ nsCSPParser::nsCSPParser(cspTokens& aTokens,
  , mUnsafeInlineKeywordSrc(nullptr)
  , mChildSrc(nullptr)
  , mFrameSrc(nullptr)
+ , mParsingFrameAncestorsDir(false)
  , mTokens(aTokens)
  , mSelfURI(aSelfURI)
  , mPolicy(nullptr)
@@ -807,6 +808,7 @@ nsCSPParser::sourceExpression()
   if (nsCSPHostSrc *cspHost = hostSource()) {
     // Do not forget to set the parsed scheme.
     cspHost->setScheme(parsedScheme);
+    cspHost->setWithinFrameAncestorsDir(mParsingFrameAncestorsDir);
     return cspHost;
   }
   // Error was reported in hostSource()
@@ -1209,6 +1211,9 @@ nsCSPParser::directive()
   mStrictDynamic = false;
   mUnsafeInlineKeywordSrc = nullptr;
 
+  mParsingFrameAncestorsDir =
+    CSP_IsDirective(mCurDir[0], nsIContentSecurityPolicy::FRAME_ANCESTORS_DIRECTIVE);
+
   // Try to parse all the srcs by handing the array off to directiveValue
   nsTArray<nsCSPBaseSrc*> srcs;
   directiveValue(srcs);
-- 
cgit v1.2.3