From 62d535967977ea64884e4418d78f1dc245e682e1 Mon Sep 17 00:00:00 2001
From: janekptacijarabaci <janekptacijarabaci@seznam.cz>
Date: Fri, 25 Aug 2017 09:18:29 +0200
Subject: CSP 2 - ignore (x-)frame-options if CSP with frame-ancestors
 directive exists

---
 dom/base/nsDocument.cpp | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'dom/base/nsDocument.cpp')

diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp
index 8e6920a0e..4926b6c0a 100644
--- a/dom/base/nsDocument.cpp
+++ b/dom/base/nsDocument.cpp
@@ -61,6 +61,7 @@
 #include "nsGenericHTMLElement.h"
 #include "mozilla/dom/CDATASection.h"
 #include "mozilla/dom/ProcessingInstruction.h"
+#include "nsDSURIContentListener.h"
 #include "nsDOMString.h"
 #include "nsNodeUtils.h"
 #include "nsLayoutUtils.h" // for GetFrameForPoint
@@ -2456,6 +2457,15 @@ nsDocument::StartDocumentLoad(const char* aCommand, nsIChannel* aChannel,
     NS_ENSURE_SUCCESS(rv, rv);
   }
 
+  // XFO needs to be checked after CSP because it is ignored if
+  // the CSP defines frame-ancestors.
+  if (!nsDSURIContentListener::CheckFrameOptions(aChannel, docShell, NodePrincipal())) {
+    MOZ_LOG(gCspPRLog, LogLevel::Debug,
+            ("XFO doesn't like frame's ancestry, not loading."));
+    // stop!  ERROR page!
+    aChannel->Cancel(NS_ERROR_CSP_FRAME_ANCESTOR_VIOLATION);
+  }
+
   return NS_OK;
 }
 
-- 
cgit v1.2.3


From 55d03738f9f79e30bab6294b023176d1a65ab5c3 Mon Sep 17 00:00:00 2001
From: wolfbeast <mcwerewolf@gmail.com>
Date: Wed, 13 Dec 2017 00:26:07 +0100
Subject: Don't include MediaKeySystemAccess without EME.

This also removes checks for EME content in documents.
This removes practical use of EME by no longer having a keying system. (no-op)
tag #26
---
 dom/base/nsDocument.cpp | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'dom/base/nsDocument.cpp')

diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp
index 4926b6c0a..eaea49b02 100644
--- a/dom/base/nsDocument.cpp
+++ b/dom/base/nsDocument.cpp
@@ -4340,6 +4340,7 @@ nsDocument::SetScopeObject(nsIGlobalObject* aGlobal)
   }
 }
 
+#ifdef MOZ_EME
 static void
 CheckIfContainsEMEContent(nsISupports* aSupports, void* aContainsEME)
 {
@@ -4363,6 +4364,7 @@ nsDocument::ContainsEMEContent()
                              static_cast<void*>(&containsEME));
   return containsEME;
 }
+#endif // MOZ_EME
 
 static void
 CheckIfContainsMSEContent(nsISupports* aSupports, void* aContainsMSE)
@@ -8390,11 +8392,13 @@ nsDocument::CanSavePresentation(nsIRequest *aNewRequest)
   }
 #endif // MOZ_WEBRTC
 
+#ifdef MOZ_EME
   // Don't save presentations for documents containing EME content, so that
   // CDMs reliably shutdown upon user navigation.
   if (ContainsEMEContent()) {
     return false;
   }
+#endif
 
   // Don't save presentations for documents containing MSE content, to
   // reduce memory usage.
-- 
cgit v1.2.3