diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-15 03:34:42 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-15 03:34:42 +0000 |
commit | da4c7e7ed675c3bf405668739c3012d140856109 (patch) | |
tree | cdd868dba063fecba609a1d819de271f0d51b23e /caps | |
parent | Adding upstream version 125.0.3. (diff) | |
download | firefox-da4c7e7ed675c3bf405668739c3012d140856109.tar.xz firefox-da4c7e7ed675c3bf405668739c3012d140856109.zip |
Adding upstream version 126.0.upstream/126.0
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'caps')
-rw-r--r-- | caps/OriginAttributes.cpp | 124 | ||||
-rw-r--r-- | caps/OriginAttributes.h | 29 | ||||
-rw-r--r-- | caps/nsIDomainPolicy.idl | 4 | ||||
-rw-r--r-- | caps/nsIPrincipal.idl | 8 | ||||
-rw-r--r-- | caps/nsIScriptSecurityManager.idl | 4 | ||||
-rw-r--r-- | caps/nsScriptSecurityManager.cpp | 12 | ||||
-rw-r--r-- | caps/nsScriptSecurityManager.h | 1 | ||||
-rw-r--r-- | caps/tests/gtest/TestScriptSecurityManager.cpp | 50 | ||||
-rw-r--r-- | caps/tests/gtest/moz.build | 1 | ||||
-rw-r--r-- | caps/tests/mochitest/test_addonMayLoad.html | 2 | ||||
-rw-r--r-- | caps/tests/mochitest/test_bug995943.xhtml | 2 |
11 files changed, 170 insertions, 67 deletions
diff --git a/caps/OriginAttributes.cpp b/caps/OriginAttributes.cpp index 211d6b00e7..45bf991416 100644 --- a/caps/OriginAttributes.cpp +++ b/caps/OriginAttributes.cpp @@ -22,8 +22,8 @@ static const char kSanitizedChar = '+'; namespace mozilla { static void MakeTopLevelInfo(const nsACString& aScheme, const nsACString& aHost, - int32_t aPort, bool aUseSite, - nsAString& aTopLevelInfo) { + int32_t aPort, bool aForeignByAncestorContext, + bool aUseSite, nsAString& aTopLevelInfo) { if (!aUseSite) { aTopLevelInfo.Assign(NS_ConvertUTF8toUTF16(aHost)); return; @@ -41,19 +41,26 @@ static void MakeTopLevelInfo(const nsACString& aScheme, const nsACString& aHost, site.Append(","); site.AppendInt(aPort); } + if (aForeignByAncestorContext) { + site.Append(",f"); + } site.AppendLiteral(")"); aTopLevelInfo.Assign(NS_ConvertUTF8toUTF16(site)); } static void MakeTopLevelInfo(const nsACString& aScheme, const nsACString& aHost, - bool aUseSite, nsAString& aTopLevelInfo) { - MakeTopLevelInfo(aScheme, aHost, -1, aUseSite, aTopLevelInfo); + bool aForeignByAncestorContext, bool aUseSite, + nsAString& aTopLevelInfo) { + MakeTopLevelInfo(aScheme, aHost, -1, aForeignByAncestorContext, aUseSite, + aTopLevelInfo); } static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument, - nsIURI* aURI, bool aIsFirstPartyEnabled, - bool aForced, bool aUseSite, + nsIURI* aURI, + bool aForeignByAncestorContext, + bool aIsFirstPartyEnabled, bool aForced, + bool aUseSite, nsString OriginAttributes::*aTarget, OriginAttributes& aOriginAttributes) { nsresult rv; @@ -86,7 +93,7 @@ static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument, if (scheme.EqualsLiteral("about")) { MakeTopLevelInfo(scheme, nsLiteralCString(ABOUT_URI_FIRST_PARTY_DOMAIN), - aUseSite, topLevelInfo); + aForeignByAncestorContext, aUseSite, topLevelInfo); return; } @@ -128,7 +135,8 @@ static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument, nsAutoCString baseDomain; rv = tldService->GetBaseDomain(uri, 0, baseDomain); if (NS_SUCCEEDED(rv)) { - MakeTopLevelInfo(scheme, baseDomain, aUseSite, topLevelInfo); + MakeTopLevelInfo(scheme, baseDomain, aForeignByAncestorContext, aUseSite, + topLevelInfo); return; } @@ -160,12 +168,14 @@ static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument, ipAddr = host; } - MakeTopLevelInfo(scheme, ipAddr, port, aUseSite, topLevelInfo); + MakeTopLevelInfo(scheme, ipAddr, port, aForeignByAncestorContext, aUseSite, + topLevelInfo); return; } if (aUseSite) { - MakeTopLevelInfo(scheme, host, port, aUseSite, topLevelInfo); + MakeTopLevelInfo(scheme, host, port, aForeignByAncestorContext, aUseSite, + topLevelInfo); return; } @@ -173,7 +183,8 @@ static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument, nsAutoCString publicSuffix; rv = tldService->GetPublicSuffix(uri, publicSuffix); if (NS_SUCCEEDED(rv)) { - MakeTopLevelInfo(scheme, publicSuffix, port, aUseSite, topLevelInfo); + MakeTopLevelInfo(scheme, publicSuffix, port, aForeignByAncestorContext, + aUseSite, topLevelInfo); return; } } @@ -182,7 +193,7 @@ static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument, void OriginAttributes::SetFirstPartyDomain(const bool aIsTopLevelDocument, nsIURI* aURI, bool aForced) { PopulateTopLevelInfoFromURI( - aIsTopLevelDocument, aURI, IsFirstPartyEnabled(), aForced, + aIsTopLevelDocument, aURI, false, IsFirstPartyEnabled(), aForced, StaticPrefs::privacy_firstparty_isolate_use_site(), &OriginAttributes::mFirstPartyDomain, *this); } @@ -203,24 +214,26 @@ void OriginAttributes::SetFirstPartyDomain(const bool aIsTopLevelDocument, mFirstPartyDomain = aDomain; } -void OriginAttributes::SetPartitionKey(nsIURI* aURI) { +void OriginAttributes::SetPartitionKey(nsIURI* aURI, + bool aForeignByAncestorContext) { PopulateTopLevelInfoFromURI( - false /* aIsTopLevelDocument */, aURI, IsFirstPartyEnabled(), - true /* aForced */, StaticPrefs::privacy_dynamic_firstparty_use_site(), + false /* aIsTopLevelDocument */, aURI, aForeignByAncestorContext, + IsFirstPartyEnabled(), true /* aForced */, + StaticPrefs::privacy_dynamic_firstparty_use_site(), &OriginAttributes::mPartitionKey, *this); } -void OriginAttributes::SetPartitionKey(const nsACString& aDomain) { - SetPartitionKey(NS_ConvertUTF8toUTF16(aDomain)); +void OriginAttributes::SetPartitionKey(const nsACString& aOther) { + SetPartitionKey(NS_ConvertUTF8toUTF16(aOther)); } -void OriginAttributes::SetPartitionKey(const nsAString& aDomain) { - mPartitionKey = aDomain; +void OriginAttributes::SetPartitionKey(const nsAString& aOther) { + mPartitionKey = aOther; } void OriginAttributes::CreateSuffix(nsACString& aStr) const { URLParams params; - nsAutoString value; + nsAutoCString value; // // Important: While serializing any string-valued attributes, perform a @@ -232,35 +245,34 @@ void OriginAttributes::CreateSuffix(nsACString& aStr) const { if (mUserContextId != nsIScriptSecurityManager::DEFAULT_USER_CONTEXT_ID) { value.Truncate(); value.AppendInt(mUserContextId); - params.Set(u"userContextId"_ns, value); + params.Set("userContextId"_ns, value); } if (mPrivateBrowsingId) { value.Truncate(); value.AppendInt(mPrivateBrowsingId); - params.Set(u"privateBrowsingId"_ns, value); + params.Set("privateBrowsingId"_ns, value); } if (!mFirstPartyDomain.IsEmpty()) { nsAutoString sanitizedFirstPartyDomain(mFirstPartyDomain); sanitizedFirstPartyDomain.ReplaceChar(kSourceChar, kSanitizedChar); - - params.Set(u"firstPartyDomain"_ns, sanitizedFirstPartyDomain); + params.Set("firstPartyDomain"_ns, + NS_ConvertUTF16toUTF8(sanitizedFirstPartyDomain)); } if (!mGeckoViewSessionContextId.IsEmpty()) { nsAutoString sanitizedGeckoViewUserContextId(mGeckoViewSessionContextId); sanitizedGeckoViewUserContextId.ReplaceChar( dom::quota::QuotaManager::kReplaceChars16, kSanitizedChar); - - params.Set(u"geckoViewUserContextId"_ns, sanitizedGeckoViewUserContextId); + params.Set("geckoViewUserContextId"_ns, + NS_ConvertUTF16toUTF8(sanitizedGeckoViewUserContextId)); } if (!mPartitionKey.IsEmpty()) { nsAutoString sanitizedPartitionKey(mPartitionKey); sanitizedPartitionKey.ReplaceChar(kSourceChar, kSanitizedChar); - - params.Set(u"partitionKey"_ns, sanitizedPartitionKey); + params.Set("partitionKey"_ns, NS_ConvertUTF16toUTF8(sanitizedPartitionKey)); } aStr.Truncate(); @@ -268,7 +280,7 @@ void OriginAttributes::CreateSuffix(nsACString& aStr) const { params.Serialize(value, true); if (!value.IsEmpty()) { aStr.AppendLiteral("^"); - aStr.Append(NS_ConvertUTF16toUTF8(value)); + aStr.Append(value); } // In debug builds, check the whole string for illegal characters too (just in @@ -325,7 +337,7 @@ bool OriginAttributes::PopulateFromSuffix(const nsACString& aStr) { return URLParams::Parse( Substring(aStr, 1, aStr.Length() - 1), true, - [this](const nsAString& aName, const nsAString& aValue) { + [this](const nsACString& aName, const nsACString& aValue) { if (aName.EqualsLiteral("inBrowser")) { if (!aValue.EqualsLiteral("1")) { return false; @@ -361,21 +373,21 @@ bool OriginAttributes::PopulateFromSuffix(const nsACString& aStr) { } if (aName.EqualsLiteral("firstPartyDomain")) { - nsAutoString firstPartyDomain(aValue); + nsAutoCString firstPartyDomain(aValue); firstPartyDomain.ReplaceChar(kSanitizedChar, kSourceChar); - mFirstPartyDomain.Assign(firstPartyDomain); + mFirstPartyDomain.Assign(NS_ConvertUTF8toUTF16(firstPartyDomain)); return true; } if (aName.EqualsLiteral("geckoViewUserContextId")) { - mGeckoViewSessionContextId.Assign(aValue); + mGeckoViewSessionContextId.Assign(NS_ConvertUTF8toUTF16(aValue)); return true; } if (aName.EqualsLiteral("partitionKey")) { - nsAutoString partitionKey(aValue); + nsAutoCString partitionKey(aValue); partitionKey.ReplaceChar(kSanitizedChar, kSourceChar); - mPartitionKey.Assign(partitionKey); + mPartitionKey.Assign(NS_ConvertUTF8toUTF16(partitionKey)); return true; } @@ -419,17 +431,20 @@ bool OriginAttributes::IsPrivateBrowsing(const nsACString& aOrigin) { bool OriginAttributes::ParsePartitionKey(const nsAString& aPartitionKey, nsAString& outScheme, nsAString& outBaseDomain, - int32_t& outPort) { + int32_t& outPort, + bool& outForeignByAncestorContext) { outScheme.Truncate(); outBaseDomain.Truncate(); outPort = -1; + outForeignByAncestorContext = false; - // Partition keys have the format "(<scheme>,<baseDomain>,[port])". The port - // is optional. For example: "(https,example.com,8443)" or - // "(http,example.org)". - // When privacy.dynamic_firstparty.use_site = false, the partitionKey contains - // only the host, e.g. "example.com". - // See MakeTopLevelInfo for the partitionKey serialization code. + // Partition keys have the format + // "(<scheme>,<baseDomain>[,port][,foreignancestorbit])". The port and + // ancestor bits are optional. For example: "(https,example.com,8443)" or + // "(http,example.org)", or "(http,example.info,f)", or + // "(http,example.biz,8443,f)". When privacy.dynamic_firstparty.use_site = + // false, the partitionKey contains only the host, e.g. "example.com". See + // MakeTopLevelInfo for the partitionKey serialization code. if (aPartitionKey.IsEmpty()) { return true; @@ -466,14 +481,27 @@ bool OriginAttributes::ParsePartitionKey(const nsAString& aPartitionKey, } else if (fieldIndex == 1) { outBaseDomain.Assign(field); } else if (fieldIndex == 2) { - // Parse the port which is represented in the partitionKey string as a - // decimal (base 10) number. - long port = strtol(NS_ConvertUTF16toUTF8(field).get(), nullptr, 10); - // Invalid port. - if (NS_WARN_IF(port == 0)) { + // The first optional argument is either "f" or a port number + if (field.EqualsLiteral("f")) { + outForeignByAncestorContext = true; + } else { + // Parse the port which is represented in the partitionKey string as a + // decimal (base 10) number. + long port = strtol(NS_ConvertUTF16toUTF8(field).get(), nullptr, 10); + // Invalid port. + if (NS_WARN_IF(port == 0)) { + return false; + } + outPort = static_cast<int32_t>(port); + } + } else if (fieldIndex == 3) { + // The second optional argument, if it exists, is "f" and the first + // optional argument was a port + if (!field.EqualsLiteral("f") || outPort != -1) { + NS_WARNING("Invalid partitionKey. Invalid token."); return false; } - outPort = static_cast<int32_t>(port); + outForeignByAncestorContext = true; } else { NS_WARNING("Invalid partitionKey. Too many tokens"); return false; diff --git a/caps/OriginAttributes.h b/caps/OriginAttributes.h index faf9d80050..52f7afa942 100644 --- a/caps/OriginAttributes.h +++ b/caps/OriginAttributes.h @@ -27,9 +27,9 @@ class OriginAttributes : public dom::OriginAttributesDictionary { void SetFirstPartyDomain(const bool aIsTopLevelDocument, const nsAString& aDomain, bool aForced = false); - void SetPartitionKey(nsIURI* aURI); - void SetPartitionKey(const nsACString& aDomain); - void SetPartitionKey(const nsAString& aDomain); + void SetPartitionKey(nsIURI* aURI, bool aForeignByAncestorContext); + void SetPartitionKey(const nsACString& aOther); + void SetPartitionKey(const nsAString& aOther); enum { STRIP_FIRST_PARTY_DOMAIN = 0x01, @@ -129,13 +129,13 @@ class OriginAttributes : public dom::OriginAttributesDictionary { // different than 0. static bool IsPrivateBrowsing(const nsACString& aOrigin); - // Parse a partitionKey of the format "(<scheme>,<baseDomain>,[port])" into - // its components. - // Returns false if the partitionKey cannot be parsed because the format is - // invalid. + // Parse a partitionKey of the format + // "(<scheme>,<baseDomain>,[port],[ancestorbit])" into its components. Returns + // false if the partitionKey cannot be parsed because the format is invalid. static bool ParsePartitionKey(const nsAString& aPartitionKey, nsAString& outScheme, nsAString& outBaseDomain, - int32_t& outPort); + int32_t& outPort, + bool& outForeignByAncestorContext); }; class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary { @@ -193,8 +193,9 @@ class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary { nsString scheme; nsString baseDomain; int32_t port; + bool ancestor; bool success = OriginAttributes::ParsePartitionKey( - aAttrs.mPartitionKey, scheme, baseDomain, port); + aAttrs.mPartitionKey, scheme, baseDomain, port, ancestor); if (!success) { return false; } @@ -210,6 +211,10 @@ class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary { if (pkPattern.mPort.WasPassed() && pkPattern.mPort.Value() != port) { return false; } + if (pkPattern.mForeignByAncestorContext.WasPassed() && + pkPattern.mForeignByAncestorContext.Value() != ancestor) { + return false; + } } } @@ -262,6 +267,12 @@ class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary { self.mPort.Value() != other.mPort.Value()) { return false; } + if (self.mForeignByAncestorContext.WasPassed() && + other.mForeignByAncestorContext.WasPassed() && + self.mForeignByAncestorContext.Value() != + other.mForeignByAncestorContext.Value()) { + return false; + } } return true; diff --git a/caps/nsIDomainPolicy.idl b/caps/nsIDomainPolicy.idl index 74d7f3b656..d7cc1ac26f 100644 --- a/caps/nsIDomainPolicy.idl +++ b/caps/nsIDomainPolicy.idl @@ -66,11 +66,11 @@ interface nsIDomainSet : nsISupports /* * Returns true if a given domain is in the set. */ - bool contains(in nsIURI aDomain); + boolean contains(in nsIURI aDomain); /* * Returns true if a given domain is a subdomain of one of the entries in * the set. */ - bool containsSuperDomain(in nsIURI aDomain); + boolean containsSuperDomain(in nsIURI aDomain); }; diff --git a/caps/nsIPrincipal.idl b/caps/nsIPrincipal.idl index a3849dd723..cf6ccd4dea 100644 --- a/caps/nsIPrincipal.idl +++ b/caps/nsIPrincipal.idl @@ -72,7 +72,7 @@ interface nsIPrincipal : nsISupports * May be called from any thread. */ - boolean equalsForPermission(in nsIPrincipal other, in bool aExactHost); + boolean equalsForPermission(in nsIPrincipal other, in boolean aExactHost); /** * Like equals, but takes document.domain changes into account. @@ -424,7 +424,7 @@ interface nsIPrincipal : nsISupports * * May be called from any thread. */ - bool allowsRelaxStrictFileOriginPolicy(in nsIURI aURI); + boolean allowsRelaxStrictFileOriginPolicy(in nsIURI aURI); /* @@ -433,7 +433,7 @@ interface nsIPrincipal : nsISupports * May be called from any thread. */ [noscript] - ACString getPrefLightCacheKey(in nsIURI aURI ,in bool aWithCredentials, + ACString getPrefLightCacheKey(in nsIURI aURI ,in boolean aWithCredentials, in const_OriginAttributes aOriginAttributes); @@ -444,7 +444,7 @@ interface nsIPrincipal : nsISupports * * NOTE: Main-Thread Only. */ - bool hasFirstpartyStorageAccess(in mozIDOMWindow aWindow, out uint32_t rejectedReason); + boolean hasFirstpartyStorageAccess(in mozIDOMWindow aWindow, out uint32_t rejectedReason); /* diff --git a/caps/nsIScriptSecurityManager.idl b/caps/nsIScriptSecurityManager.idl index 924c223a3d..d4941f3de3 100644 --- a/caps/nsIScriptSecurityManager.idl +++ b/caps/nsIScriptSecurityManager.idl @@ -157,7 +157,7 @@ interface nsIScriptSecurityManager : nsISupports * prefs to be allowed to use file:// URIs. * @param aUri the URI to be tested */ - bool inFileURIAllowlist(in nsIURI aUri); + boolean inFileURIAllowlist(in nsIURI aUri); ///////////////// Principals /////////////////////// @@ -331,7 +331,7 @@ interface nsIScriptSecurityManager : nsISupports * of javascript.enabled. Otherwise, it returns the same value, but taking * the various blocklist/allowlist exceptions into account. */ - bool policyAllowsScript(in nsIURI aDomain); + boolean policyAllowsScript(in nsIURI aDomain); }; %{C++ diff --git a/caps/nsScriptSecurityManager.cpp b/caps/nsScriptSecurityManager.cpp index 842b41811e..7f3bdff8f9 100644 --- a/caps/nsScriptSecurityManager.cpp +++ b/caps/nsScriptSecurityManager.cpp @@ -225,6 +225,18 @@ uint32_t nsScriptSecurityManager::SecurityHashURI(nsIURI* aURI) { return NS_SecurityHashURI(aURI); } +bool nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin(nsIURI* aUriA, + nsIURI* aUriB) { + if (!aUriA || (!net::SchemeIsHTTP(aUriA) && !net::SchemeIsHTTPS(aUriA)) || + !aUriB || (!net::SchemeIsHTTP(aUriB) && !net::SchemeIsHTTPS(aUriB))) { + return false; + } + if (!SecurityCompareURIs(aUriA, aUriB)) { + return true; + } + return false; +} + /* * GetChannelResultPrincipal will return the principal that the resource * returned by this channel will use. For example, if the resource is in diff --git a/caps/nsScriptSecurityManager.h b/caps/nsScriptSecurityManager.h index bc55a70ad6..f97170b145 100644 --- a/caps/nsScriptSecurityManager.h +++ b/caps/nsScriptSecurityManager.h @@ -70,6 +70,7 @@ class nsScriptSecurityManager final : public nsIScriptSecurityManager { */ static bool SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI); static uint32_t SecurityHashURI(nsIURI* aURI); + static bool IsHttpOrHttpsAndCrossOrigin(nsIURI* aUriA, nsIURI* aUriB); static nsresult ReportError(const char* aMessageTag, nsIURI* aSource, nsIURI* aTarget, bool aFromPrivateWindow, diff --git a/caps/tests/gtest/TestScriptSecurityManager.cpp b/caps/tests/gtest/TestScriptSecurityManager.cpp new file mode 100644 index 0000000000..b2af5c3023 --- /dev/null +++ b/caps/tests/gtest/TestScriptSecurityManager.cpp @@ -0,0 +1,50 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +#include "gtest/gtest.h" + +#include "nsCOMPtr.h" +#include "nsIURI.h" +#include "nsNetUtil.h" +#include "nsScriptSecurityManager.h" + +namespace mozilla { + +TEST(ScriptSecurityManager, IsHttpOrHttpsAndCrossOrigin) +{ + nsCOMPtr<nsIURI> uriA; + NS_NewURI(getter_AddRefs(uriA), "https://apple.com"); + nsCOMPtr<nsIURI> uriB; + NS_NewURI(getter_AddRefs(uriB), "https://google.com"); + nsCOMPtr<nsIURI> uriB_http; + NS_NewURI(getter_AddRefs(uriB_http), "http://google.com"); + nsCOMPtr<nsIURI> aboutBlank; + NS_NewURI(getter_AddRefs(aboutBlank), "about:blank"); + nsCOMPtr<nsIURI> aboutConfig; + NS_NewURI(getter_AddRefs(aboutConfig), "about:config"); + nsCOMPtr<nsIURI> example_com; + NS_NewURI(getter_AddRefs(example_com), "https://example.com"); + nsCOMPtr<nsIURI> example_com_with_path; + NS_NewURI(getter_AddRefs(example_com_with_path), + "https://example.com/test/1/2/3"); + nsCOMPtr<nsIURI> nullURI = nullptr; + + ASSERT_TRUE(nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin(uriA, uriB)); + ASSERT_TRUE( + nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin(uriB, uriB_http)); + + ASSERT_FALSE(nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin( + aboutBlank, aboutConfig)); + ASSERT_FALSE(nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin( + aboutBlank, aboutBlank)); + ASSERT_FALSE( + nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin(uriB, aboutConfig)); + ASSERT_FALSE(nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin( + example_com, example_com_with_path)); + ASSERT_FALSE( + nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin(uriB_http, nullURI)); + ASSERT_FALSE( + nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin(nullURI, uriB_http)); +} + +} // namespace mozilla diff --git a/caps/tests/gtest/moz.build b/caps/tests/gtest/moz.build index 10b1a66f3b..c0e2087fc2 100644 --- a/caps/tests/gtest/moz.build +++ b/caps/tests/gtest/moz.build @@ -11,6 +11,7 @@ UNIFIED_SOURCES += [ "TestPrincipalAttributes.cpp", "TestPrincipalSerialization.cpp", "TestRedirectChainURITruncation.cpp", + "TestScriptSecurityManager.cpp", ] include("/ipc/chromium/chromium-config.mozbuild") diff --git a/caps/tests/mochitest/test_addonMayLoad.html b/caps/tests/mochitest/test_addonMayLoad.html index 2d5e5e59f1..74dc8134b4 100644 --- a/caps/tests/mochitest/test_addonMayLoad.html +++ b/caps/tests/mochitest/test_addonMayLoad.html @@ -23,7 +23,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1180921 baseURL: `file:///{id}`, allowedOrigins: new MatchPatternSet([`*://${subdomain}.example.org/*`]), - localizeCallback(string) {}, + localizeCallback() {}, }); } diff --git a/caps/tests/mochitest/test_bug995943.xhtml b/caps/tests/mochitest/test_bug995943.xhtml index 0ba95f548d..fc7c0b022f 100644 --- a/caps/tests/mochitest/test_bug995943.xhtml +++ b/caps/tests/mochitest/test_bug995943.xhtml @@ -33,7 +33,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=995943 function checkLoadFileURI(domain, shouldLoad) { debug("Invoking checkLoadFileURI with domain: " + domain + ", shouldLoad: " + shouldLoad); - return new Promise(function(resolve, reject) { + return new Promise(function(resolve) { $('ifr').addEventListener('load', function l1() { debug("Invoked l1 for " + domain); $('ifr').removeEventListener('load', l1); |