From 13e9a0c06d35bb02d211df873c105a350aeab8eb Mon Sep 17 00:00:00 2001
From: wolfbeast <mcwerewolf@gmail.com>
Date: Tue, 15 Aug 2017 21:10:10 +0200
Subject: CSP should only check host (not including path) when performing frame
 ancestors checks.

This has been explicitly stated in the CSP-3 spec.
---
 dom/security/nsCSPUtils.h | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'dom/security/nsCSPUtils.h')

diff --git a/dom/security/nsCSPUtils.h b/dom/security/nsCSPUtils.h
index b33c8932a..468c734a2 100644
--- a/dom/security/nsCSPUtils.h
+++ b/dom/security/nsCSPUtils.h
@@ -256,6 +256,9 @@ class nsCSPHostSrc : public nsCSPBaseSrc {
     void setPort(const nsAString& aPort);
     void appendPath(const nsAString &aPath);
 
+    inline void setWithinFrameAncestorsDir(bool aValue) const
+      { mWithinFrameAncstorsDir = aValue; }
+
     inline void getScheme(nsAString& outStr) const
       { outStr.Assign(mScheme); };
 
@@ -273,6 +276,7 @@ class nsCSPHostSrc : public nsCSPBaseSrc {
     nsString mHost;
     nsString mPort;
     nsString mPath;
+    mutable bool mWithinFrameAncstorsDir;
 };
 
 /* =============== nsCSPKeywordSrc ============ */
-- 
cgit v1.2.3