summaryrefslogtreecommitdiffstats
path: root/dom/security/nsContentSecurityUtils.cpp
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 01:13:33 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 01:13:33 +0000
commit086c044dc34dfc0f74fbe41f4ecb402b2cd34884 (patch)
treea4f824bd33cb075dd5aa3eb5a0a94af221bbe83a /dom/security/nsContentSecurityUtils.cpp
parentAdding debian version 124.0.1-1. (diff)
downloadfirefox-086c044dc34dfc0f74fbe41f4ecb402b2cd34884.tar.xz
firefox-086c044dc34dfc0f74fbe41f4ecb402b2cd34884.zip
Merging upstream version 125.0.1.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'dom/security/nsContentSecurityUtils.cpp')
-rw-r--r--dom/security/nsContentSecurityUtils.cpp53
1 files changed, 22 insertions, 31 deletions
diff --git a/dom/security/nsContentSecurityUtils.cpp b/dom/security/nsContentSecurityUtils.cpp
index a483522499..01e9c6d5db 100644
--- a/dom/security/nsContentSecurityUtils.cpp
+++ b/dom/security/nsContentSecurityUtils.cpp
@@ -1365,6 +1365,7 @@ void nsContentSecurityUtils::AssertAboutPageHasCSP(Document* aDocument) {
// preferences and downloads allow legacy inline scripts through hash src.
MOZ_ASSERT(!foundScriptSrc ||
StringBeginsWith(aboutSpec, "about:preferences"_ns) ||
+ StringBeginsWith(aboutSpec, "about:settings"_ns) ||
StringBeginsWith(aboutSpec, "about:downloads"_ns) ||
StringBeginsWith(aboutSpec, "about:asrouter"_ns) ||
StringBeginsWith(aboutSpec, "about:newtab"_ns) ||
@@ -1383,6 +1384,7 @@ void nsContentSecurityUtils::AssertAboutPageHasCSP(Document* aDocument) {
// remote web resources
MOZ_ASSERT(!foundWebScheme ||
StringBeginsWith(aboutSpec, "about:preferences"_ns) ||
+ StringBeginsWith(aboutSpec, "about:settings"_ns) ||
StringBeginsWith(aboutSpec, "about:addons"_ns) ||
StringBeginsWith(aboutSpec, "about:newtab"_ns) ||
StringBeginsWith(aboutSpec, "about:debugging"_ns) ||
@@ -1411,6 +1413,7 @@ void nsContentSecurityUtils::AssertAboutPageHasCSP(Document* aDocument) {
// Bug 1579160: Remove 'unsafe-inline' from style-src within
// about:preferences
"about:preferences"_ns,
+ "about:settings"_ns,
// Bug 1571346: Remove 'unsafe-inline' from style-src within about:addons
"about:addons"_ns,
// Bug 1584485: Remove 'unsafe-inline' from style-src within:
@@ -1553,7 +1556,7 @@ bool nsContentSecurityUtils::ValidateScriptFilename(JSContext* cx,
// and this is the most reasonable. See 1727770
u"about:downloads"_ns,
// We think this is the same problem as about:downloads
- u"about:preferences"_ns,
+ u"about:preferences"_ns, u"about:settings"_ns,
// Browser console will give a filename of 'debugger' See 1763943
// Sometimes it's 'debugger eager eval code', other times just 'debugger
// eval code'
@@ -1667,37 +1670,25 @@ long nsContentSecurityUtils::ClassifyDownload(
nsCOMPtr<nsIURI> contentLocation;
aChannel->GetURI(getter_AddRefs(contentLocation));
- nsCOMPtr<nsIPrincipal> loadingPrincipal = loadInfo->GetLoadingPrincipal();
- if (!loadingPrincipal) {
- loadingPrincipal = loadInfo->TriggeringPrincipal();
- }
- // Creating a fake Loadinfo that is just used for the MCB check.
- nsCOMPtr<nsILoadInfo> secCheckLoadInfo = new mozilla::net::LoadInfo(
- loadingPrincipal, loadInfo->TriggeringPrincipal(), nullptr,
- nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK,
- nsIContentPolicy::TYPE_FETCH);
- // Disable HTTPS-Only checks for that loadinfo. This is required because
- // otherwise nsMixedContentBlocker::ShouldLoad would assume that the request
- // is safe, because HTTPS-Only is handling it.
- secCheckLoadInfo->SetHttpsOnlyStatus(nsILoadInfo::HTTPS_ONLY_EXEMPT);
-
- int16_t decission = nsIContentPolicy::ACCEPT;
- nsMixedContentBlocker::ShouldLoad(false, // aHadInsecureImageRedirect
- contentLocation, // aContentLocation,
- secCheckLoadInfo, // aLoadinfo
- false, // aReportError
- &decission // aDecision
- );
- Telemetry::Accumulate(mozilla::Telemetry::MIXED_CONTENT_DOWNLOADS,
- decission != nsIContentPolicy::ACCEPT);
-
- if (StaticPrefs::dom_block_download_insecure() &&
- decission != nsIContentPolicy::ACCEPT) {
- nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel);
- if (httpChannel) {
- LogMessageToConsole(httpChannel, "MixedContentBlockedDownload");
+ if (StaticPrefs::dom_block_download_insecure()) {
+ // If we are not dealing with a potentially trustworthy origin, or a URI
+ // that is safe to be loaded like e.g. data:, then we block the load.
+ bool isInsecureDownload =
+ !nsMixedContentBlocker::IsPotentiallyTrustworthyOrigin(
+ contentLocation) &&
+ !nsMixedContentBlocker::URISafeToBeLoadedInSecureContext(
+ contentLocation);
+
+ Telemetry::Accumulate(mozilla::Telemetry::INSECURE_DOWNLOADS,
+ isInsecureDownload);
+
+ if (isInsecureDownload) {
+ nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel);
+ if (httpChannel) {
+ LogMessageToConsole(httpChannel, "BlockedInsecureDownload");
+ }
+ return nsITransfer::DOWNLOAD_POTENTIALLY_UNSAFE;
}
- return nsITransfer::DOWNLOAD_POTENTIALLY_UNSAFE;
}
if (loadInfo->TriggeringPrincipal()->IsSystemPrincipal()) {