summaryrefslogtreecommitdiffstats
path: root/caps
diff options
context:
space:
mode:
Diffstat (limited to 'caps')
-rw-r--r--caps/OriginAttributes.cpp124
-rw-r--r--caps/OriginAttributes.h29
-rw-r--r--caps/nsIDomainPolicy.idl4
-rw-r--r--caps/nsIPrincipal.idl8
-rw-r--r--caps/nsIScriptSecurityManager.idl4
-rw-r--r--caps/nsScriptSecurityManager.cpp12
-rw-r--r--caps/nsScriptSecurityManager.h1
-rw-r--r--caps/tests/gtest/TestScriptSecurityManager.cpp50
-rw-r--r--caps/tests/gtest/moz.build1
-rw-r--r--caps/tests/mochitest/test_addonMayLoad.html2
-rw-r--r--caps/tests/mochitest/test_bug995943.xhtml2
11 files changed, 170 insertions, 67 deletions
diff --git a/caps/OriginAttributes.cpp b/caps/OriginAttributes.cpp
index 211d6b00e7..45bf991416 100644
--- a/caps/OriginAttributes.cpp
+++ b/caps/OriginAttributes.cpp
@@ -22,8 +22,8 @@ static const char kSanitizedChar = '+';
namespace mozilla {
static void MakeTopLevelInfo(const nsACString& aScheme, const nsACString& aHost,
- int32_t aPort, bool aUseSite,
- nsAString& aTopLevelInfo) {
+ int32_t aPort, bool aForeignByAncestorContext,
+ bool aUseSite, nsAString& aTopLevelInfo) {
if (!aUseSite) {
aTopLevelInfo.Assign(NS_ConvertUTF8toUTF16(aHost));
return;
@@ -41,19 +41,26 @@ static void MakeTopLevelInfo(const nsACString& aScheme, const nsACString& aHost,
site.Append(",");
site.AppendInt(aPort);
}
+ if (aForeignByAncestorContext) {
+ site.Append(",f");
+ }
site.AppendLiteral(")");
aTopLevelInfo.Assign(NS_ConvertUTF8toUTF16(site));
}
static void MakeTopLevelInfo(const nsACString& aScheme, const nsACString& aHost,
- bool aUseSite, nsAString& aTopLevelInfo) {
- MakeTopLevelInfo(aScheme, aHost, -1, aUseSite, aTopLevelInfo);
+ bool aForeignByAncestorContext, bool aUseSite,
+ nsAString& aTopLevelInfo) {
+ MakeTopLevelInfo(aScheme, aHost, -1, aForeignByAncestorContext, aUseSite,
+ aTopLevelInfo);
}
static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument,
- nsIURI* aURI, bool aIsFirstPartyEnabled,
- bool aForced, bool aUseSite,
+ nsIURI* aURI,
+ bool aForeignByAncestorContext,
+ bool aIsFirstPartyEnabled, bool aForced,
+ bool aUseSite,
nsString OriginAttributes::*aTarget,
OriginAttributes& aOriginAttributes) {
nsresult rv;
@@ -86,7 +93,7 @@ static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument,
if (scheme.EqualsLiteral("about")) {
MakeTopLevelInfo(scheme, nsLiteralCString(ABOUT_URI_FIRST_PARTY_DOMAIN),
- aUseSite, topLevelInfo);
+ aForeignByAncestorContext, aUseSite, topLevelInfo);
return;
}
@@ -128,7 +135,8 @@ static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument,
nsAutoCString baseDomain;
rv = tldService->GetBaseDomain(uri, 0, baseDomain);
if (NS_SUCCEEDED(rv)) {
- MakeTopLevelInfo(scheme, baseDomain, aUseSite, topLevelInfo);
+ MakeTopLevelInfo(scheme, baseDomain, aForeignByAncestorContext, aUseSite,
+ topLevelInfo);
return;
}
@@ -160,12 +168,14 @@ static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument,
ipAddr = host;
}
- MakeTopLevelInfo(scheme, ipAddr, port, aUseSite, topLevelInfo);
+ MakeTopLevelInfo(scheme, ipAddr, port, aForeignByAncestorContext, aUseSite,
+ topLevelInfo);
return;
}
if (aUseSite) {
- MakeTopLevelInfo(scheme, host, port, aUseSite, topLevelInfo);
+ MakeTopLevelInfo(scheme, host, port, aForeignByAncestorContext, aUseSite,
+ topLevelInfo);
return;
}
@@ -173,7 +183,8 @@ static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument,
nsAutoCString publicSuffix;
rv = tldService->GetPublicSuffix(uri, publicSuffix);
if (NS_SUCCEEDED(rv)) {
- MakeTopLevelInfo(scheme, publicSuffix, port, aUseSite, topLevelInfo);
+ MakeTopLevelInfo(scheme, publicSuffix, port, aForeignByAncestorContext,
+ aUseSite, topLevelInfo);
return;
}
}
@@ -182,7 +193,7 @@ static void PopulateTopLevelInfoFromURI(const bool aIsTopLevelDocument,
void OriginAttributes::SetFirstPartyDomain(const bool aIsTopLevelDocument,
nsIURI* aURI, bool aForced) {
PopulateTopLevelInfoFromURI(
- aIsTopLevelDocument, aURI, IsFirstPartyEnabled(), aForced,
+ aIsTopLevelDocument, aURI, false, IsFirstPartyEnabled(), aForced,
StaticPrefs::privacy_firstparty_isolate_use_site(),
&OriginAttributes::mFirstPartyDomain, *this);
}
@@ -203,24 +214,26 @@ void OriginAttributes::SetFirstPartyDomain(const bool aIsTopLevelDocument,
mFirstPartyDomain = aDomain;
}
-void OriginAttributes::SetPartitionKey(nsIURI* aURI) {
+void OriginAttributes::SetPartitionKey(nsIURI* aURI,
+ bool aForeignByAncestorContext) {
PopulateTopLevelInfoFromURI(
- false /* aIsTopLevelDocument */, aURI, IsFirstPartyEnabled(),
- true /* aForced */, StaticPrefs::privacy_dynamic_firstparty_use_site(),
+ false /* aIsTopLevelDocument */, aURI, aForeignByAncestorContext,
+ IsFirstPartyEnabled(), true /* aForced */,
+ StaticPrefs::privacy_dynamic_firstparty_use_site(),
&OriginAttributes::mPartitionKey, *this);
}
-void OriginAttributes::SetPartitionKey(const nsACString& aDomain) {
- SetPartitionKey(NS_ConvertUTF8toUTF16(aDomain));
+void OriginAttributes::SetPartitionKey(const nsACString& aOther) {
+ SetPartitionKey(NS_ConvertUTF8toUTF16(aOther));
}
-void OriginAttributes::SetPartitionKey(const nsAString& aDomain) {
- mPartitionKey = aDomain;
+void OriginAttributes::SetPartitionKey(const nsAString& aOther) {
+ mPartitionKey = aOther;
}
void OriginAttributes::CreateSuffix(nsACString& aStr) const {
URLParams params;
- nsAutoString value;
+ nsAutoCString value;
//
// Important: While serializing any string-valued attributes, perform a
@@ -232,35 +245,34 @@ void OriginAttributes::CreateSuffix(nsACString& aStr) const {
if (mUserContextId != nsIScriptSecurityManager::DEFAULT_USER_CONTEXT_ID) {
value.Truncate();
value.AppendInt(mUserContextId);
- params.Set(u"userContextId"_ns, value);
+ params.Set("userContextId"_ns, value);
}
if (mPrivateBrowsingId) {
value.Truncate();
value.AppendInt(mPrivateBrowsingId);
- params.Set(u"privateBrowsingId"_ns, value);
+ params.Set("privateBrowsingId"_ns, value);
}
if (!mFirstPartyDomain.IsEmpty()) {
nsAutoString sanitizedFirstPartyDomain(mFirstPartyDomain);
sanitizedFirstPartyDomain.ReplaceChar(kSourceChar, kSanitizedChar);
-
- params.Set(u"firstPartyDomain"_ns, sanitizedFirstPartyDomain);
+ params.Set("firstPartyDomain"_ns,
+ NS_ConvertUTF16toUTF8(sanitizedFirstPartyDomain));
}
if (!mGeckoViewSessionContextId.IsEmpty()) {
nsAutoString sanitizedGeckoViewUserContextId(mGeckoViewSessionContextId);
sanitizedGeckoViewUserContextId.ReplaceChar(
dom::quota::QuotaManager::kReplaceChars16, kSanitizedChar);
-
- params.Set(u"geckoViewUserContextId"_ns, sanitizedGeckoViewUserContextId);
+ params.Set("geckoViewUserContextId"_ns,
+ NS_ConvertUTF16toUTF8(sanitizedGeckoViewUserContextId));
}
if (!mPartitionKey.IsEmpty()) {
nsAutoString sanitizedPartitionKey(mPartitionKey);
sanitizedPartitionKey.ReplaceChar(kSourceChar, kSanitizedChar);
-
- params.Set(u"partitionKey"_ns, sanitizedPartitionKey);
+ params.Set("partitionKey"_ns, NS_ConvertUTF16toUTF8(sanitizedPartitionKey));
}
aStr.Truncate();
@@ -268,7 +280,7 @@ void OriginAttributes::CreateSuffix(nsACString& aStr) const {
params.Serialize(value, true);
if (!value.IsEmpty()) {
aStr.AppendLiteral("^");
- aStr.Append(NS_ConvertUTF16toUTF8(value));
+ aStr.Append(value);
}
// In debug builds, check the whole string for illegal characters too (just in
@@ -325,7 +337,7 @@ bool OriginAttributes::PopulateFromSuffix(const nsACString& aStr) {
return URLParams::Parse(
Substring(aStr, 1, aStr.Length() - 1), true,
- [this](const nsAString& aName, const nsAString& aValue) {
+ [this](const nsACString& aName, const nsACString& aValue) {
if (aName.EqualsLiteral("inBrowser")) {
if (!aValue.EqualsLiteral("1")) {
return false;
@@ -361,21 +373,21 @@ bool OriginAttributes::PopulateFromSuffix(const nsACString& aStr) {
}
if (aName.EqualsLiteral("firstPartyDomain")) {
- nsAutoString firstPartyDomain(aValue);
+ nsAutoCString firstPartyDomain(aValue);
firstPartyDomain.ReplaceChar(kSanitizedChar, kSourceChar);
- mFirstPartyDomain.Assign(firstPartyDomain);
+ mFirstPartyDomain.Assign(NS_ConvertUTF8toUTF16(firstPartyDomain));
return true;
}
if (aName.EqualsLiteral("geckoViewUserContextId")) {
- mGeckoViewSessionContextId.Assign(aValue);
+ mGeckoViewSessionContextId.Assign(NS_ConvertUTF8toUTF16(aValue));
return true;
}
if (aName.EqualsLiteral("partitionKey")) {
- nsAutoString partitionKey(aValue);
+ nsAutoCString partitionKey(aValue);
partitionKey.ReplaceChar(kSanitizedChar, kSourceChar);
- mPartitionKey.Assign(partitionKey);
+ mPartitionKey.Assign(NS_ConvertUTF8toUTF16(partitionKey));
return true;
}
@@ -419,17 +431,20 @@ bool OriginAttributes::IsPrivateBrowsing(const nsACString& aOrigin) {
bool OriginAttributes::ParsePartitionKey(const nsAString& aPartitionKey,
nsAString& outScheme,
nsAString& outBaseDomain,
- int32_t& outPort) {
+ int32_t& outPort,
+ bool& outForeignByAncestorContext) {
outScheme.Truncate();
outBaseDomain.Truncate();
outPort = -1;
+ outForeignByAncestorContext = false;
- // Partition keys have the format "(<scheme>,<baseDomain>,[port])". The port
- // is optional. For example: "(https,example.com,8443)" or
- // "(http,example.org)".
- // When privacy.dynamic_firstparty.use_site = false, the partitionKey contains
- // only the host, e.g. "example.com".
- // See MakeTopLevelInfo for the partitionKey serialization code.
+ // Partition keys have the format
+ // "(<scheme>,<baseDomain>[,port][,foreignancestorbit])". The port and
+ // ancestor bits are optional. For example: "(https,example.com,8443)" or
+ // "(http,example.org)", or "(http,example.info,f)", or
+ // "(http,example.biz,8443,f)". When privacy.dynamic_firstparty.use_site =
+ // false, the partitionKey contains only the host, e.g. "example.com". See
+ // MakeTopLevelInfo for the partitionKey serialization code.
if (aPartitionKey.IsEmpty()) {
return true;
@@ -466,14 +481,27 @@ bool OriginAttributes::ParsePartitionKey(const nsAString& aPartitionKey,
} else if (fieldIndex == 1) {
outBaseDomain.Assign(field);
} else if (fieldIndex == 2) {
- // Parse the port which is represented in the partitionKey string as a
- // decimal (base 10) number.
- long port = strtol(NS_ConvertUTF16toUTF8(field).get(), nullptr, 10);
- // Invalid port.
- if (NS_WARN_IF(port == 0)) {
+ // The first optional argument is either "f" or a port number
+ if (field.EqualsLiteral("f")) {
+ outForeignByAncestorContext = true;
+ } else {
+ // Parse the port which is represented in the partitionKey string as a
+ // decimal (base 10) number.
+ long port = strtol(NS_ConvertUTF16toUTF8(field).get(), nullptr, 10);
+ // Invalid port.
+ if (NS_WARN_IF(port == 0)) {
+ return false;
+ }
+ outPort = static_cast<int32_t>(port);
+ }
+ } else if (fieldIndex == 3) {
+ // The second optional argument, if it exists, is "f" and the first
+ // optional argument was a port
+ if (!field.EqualsLiteral("f") || outPort != -1) {
+ NS_WARNING("Invalid partitionKey. Invalid token.");
return false;
}
- outPort = static_cast<int32_t>(port);
+ outForeignByAncestorContext = true;
} else {
NS_WARNING("Invalid partitionKey. Too many tokens");
return false;
diff --git a/caps/OriginAttributes.h b/caps/OriginAttributes.h
index faf9d80050..52f7afa942 100644
--- a/caps/OriginAttributes.h
+++ b/caps/OriginAttributes.h
@@ -27,9 +27,9 @@ class OriginAttributes : public dom::OriginAttributesDictionary {
void SetFirstPartyDomain(const bool aIsTopLevelDocument,
const nsAString& aDomain, bool aForced = false);
- void SetPartitionKey(nsIURI* aURI);
- void SetPartitionKey(const nsACString& aDomain);
- void SetPartitionKey(const nsAString& aDomain);
+ void SetPartitionKey(nsIURI* aURI, bool aForeignByAncestorContext);
+ void SetPartitionKey(const nsACString& aOther);
+ void SetPartitionKey(const nsAString& aOther);
enum {
STRIP_FIRST_PARTY_DOMAIN = 0x01,
@@ -129,13 +129,13 @@ class OriginAttributes : public dom::OriginAttributesDictionary {
// different than 0.
static bool IsPrivateBrowsing(const nsACString& aOrigin);
- // Parse a partitionKey of the format "(<scheme>,<baseDomain>,[port])" into
- // its components.
- // Returns false if the partitionKey cannot be parsed because the format is
- // invalid.
+ // Parse a partitionKey of the format
+ // "(<scheme>,<baseDomain>,[port],[ancestorbit])" into its components. Returns
+ // false if the partitionKey cannot be parsed because the format is invalid.
static bool ParsePartitionKey(const nsAString& aPartitionKey,
nsAString& outScheme, nsAString& outBaseDomain,
- int32_t& outPort);
+ int32_t& outPort,
+ bool& outForeignByAncestorContext);
};
class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary {
@@ -193,8 +193,9 @@ class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary {
nsString scheme;
nsString baseDomain;
int32_t port;
+ bool ancestor;
bool success = OriginAttributes::ParsePartitionKey(
- aAttrs.mPartitionKey, scheme, baseDomain, port);
+ aAttrs.mPartitionKey, scheme, baseDomain, port, ancestor);
if (!success) {
return false;
}
@@ -210,6 +211,10 @@ class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary {
if (pkPattern.mPort.WasPassed() && pkPattern.mPort.Value() != port) {
return false;
}
+ if (pkPattern.mForeignByAncestorContext.WasPassed() &&
+ pkPattern.mForeignByAncestorContext.Value() != ancestor) {
+ return false;
+ }
}
}
@@ -262,6 +267,12 @@ class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary {
self.mPort.Value() != other.mPort.Value()) {
return false;
}
+ if (self.mForeignByAncestorContext.WasPassed() &&
+ other.mForeignByAncestorContext.WasPassed() &&
+ self.mForeignByAncestorContext.Value() !=
+ other.mForeignByAncestorContext.Value()) {
+ return false;
+ }
}
return true;
diff --git a/caps/nsIDomainPolicy.idl b/caps/nsIDomainPolicy.idl
index 74d7f3b656..d7cc1ac26f 100644
--- a/caps/nsIDomainPolicy.idl
+++ b/caps/nsIDomainPolicy.idl
@@ -66,11 +66,11 @@ interface nsIDomainSet : nsISupports
/*
* Returns true if a given domain is in the set.
*/
- bool contains(in nsIURI aDomain);
+ boolean contains(in nsIURI aDomain);
/*
* Returns true if a given domain is a subdomain of one of the entries in
* the set.
*/
- bool containsSuperDomain(in nsIURI aDomain);
+ boolean containsSuperDomain(in nsIURI aDomain);
};
diff --git a/caps/nsIPrincipal.idl b/caps/nsIPrincipal.idl
index a3849dd723..cf6ccd4dea 100644
--- a/caps/nsIPrincipal.idl
+++ b/caps/nsIPrincipal.idl
@@ -72,7 +72,7 @@ interface nsIPrincipal : nsISupports
* May be called from any thread.
*/
- boolean equalsForPermission(in nsIPrincipal other, in bool aExactHost);
+ boolean equalsForPermission(in nsIPrincipal other, in boolean aExactHost);
/**
* Like equals, but takes document.domain changes into account.
@@ -424,7 +424,7 @@ interface nsIPrincipal : nsISupports
*
* May be called from any thread.
*/
- bool allowsRelaxStrictFileOriginPolicy(in nsIURI aURI);
+ boolean allowsRelaxStrictFileOriginPolicy(in nsIURI aURI);
/*
@@ -433,7 +433,7 @@ interface nsIPrincipal : nsISupports
* May be called from any thread.
*/
[noscript]
- ACString getPrefLightCacheKey(in nsIURI aURI ,in bool aWithCredentials,
+ ACString getPrefLightCacheKey(in nsIURI aURI ,in boolean aWithCredentials,
in const_OriginAttributes aOriginAttributes);
@@ -444,7 +444,7 @@ interface nsIPrincipal : nsISupports
*
* NOTE: Main-Thread Only.
*/
- bool hasFirstpartyStorageAccess(in mozIDOMWindow aWindow, out uint32_t rejectedReason);
+ boolean hasFirstpartyStorageAccess(in mozIDOMWindow aWindow, out uint32_t rejectedReason);
/*
diff --git a/caps/nsIScriptSecurityManager.idl b/caps/nsIScriptSecurityManager.idl
index 924c223a3d..d4941f3de3 100644
--- a/caps/nsIScriptSecurityManager.idl
+++ b/caps/nsIScriptSecurityManager.idl
@@ -157,7 +157,7 @@ interface nsIScriptSecurityManager : nsISupports
* prefs to be allowed to use file:// URIs.
* @param aUri the URI to be tested
*/
- bool inFileURIAllowlist(in nsIURI aUri);
+ boolean inFileURIAllowlist(in nsIURI aUri);
///////////////// Principals ///////////////////////
@@ -331,7 +331,7 @@ interface nsIScriptSecurityManager : nsISupports
* of javascript.enabled. Otherwise, it returns the same value, but taking
* the various blocklist/allowlist exceptions into account.
*/
- bool policyAllowsScript(in nsIURI aDomain);
+ boolean policyAllowsScript(in nsIURI aDomain);
};
%{C++
diff --git a/caps/nsScriptSecurityManager.cpp b/caps/nsScriptSecurityManager.cpp
index 842b41811e..7f3bdff8f9 100644
--- a/caps/nsScriptSecurityManager.cpp
+++ b/caps/nsScriptSecurityManager.cpp
@@ -225,6 +225,18 @@ uint32_t nsScriptSecurityManager::SecurityHashURI(nsIURI* aURI) {
return NS_SecurityHashURI(aURI);
}
+bool nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin(nsIURI* aUriA,
+ nsIURI* aUriB) {
+ if (!aUriA || (!net::SchemeIsHTTP(aUriA) && !net::SchemeIsHTTPS(aUriA)) ||
+ !aUriB || (!net::SchemeIsHTTP(aUriB) && !net::SchemeIsHTTPS(aUriB))) {
+ return false;
+ }
+ if (!SecurityCompareURIs(aUriA, aUriB)) {
+ return true;
+ }
+ return false;
+}
+
/*
* GetChannelResultPrincipal will return the principal that the resource
* returned by this channel will use. For example, if the resource is in
diff --git a/caps/nsScriptSecurityManager.h b/caps/nsScriptSecurityManager.h
index bc55a70ad6..f97170b145 100644
--- a/caps/nsScriptSecurityManager.h
+++ b/caps/nsScriptSecurityManager.h
@@ -70,6 +70,7 @@ class nsScriptSecurityManager final : public nsIScriptSecurityManager {
*/
static bool SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI);
static uint32_t SecurityHashURI(nsIURI* aURI);
+ static bool IsHttpOrHttpsAndCrossOrigin(nsIURI* aUriA, nsIURI* aUriB);
static nsresult ReportError(const char* aMessageTag, nsIURI* aSource,
nsIURI* aTarget, bool aFromPrivateWindow,
diff --git a/caps/tests/gtest/TestScriptSecurityManager.cpp b/caps/tests/gtest/TestScriptSecurityManager.cpp
new file mode 100644
index 0000000000..b2af5c3023
--- /dev/null
+++ b/caps/tests/gtest/TestScriptSecurityManager.cpp
@@ -0,0 +1,50 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "gtest/gtest.h"
+
+#include "nsCOMPtr.h"
+#include "nsIURI.h"
+#include "nsNetUtil.h"
+#include "nsScriptSecurityManager.h"
+
+namespace mozilla {
+
+TEST(ScriptSecurityManager, IsHttpOrHttpsAndCrossOrigin)
+{
+ nsCOMPtr<nsIURI> uriA;
+ NS_NewURI(getter_AddRefs(uriA), "https://apple.com");
+ nsCOMPtr<nsIURI> uriB;
+ NS_NewURI(getter_AddRefs(uriB), "https://google.com");
+ nsCOMPtr<nsIURI> uriB_http;
+ NS_NewURI(getter_AddRefs(uriB_http), "http://google.com");
+ nsCOMPtr<nsIURI> aboutBlank;
+ NS_NewURI(getter_AddRefs(aboutBlank), "about:blank");
+ nsCOMPtr<nsIURI> aboutConfig;
+ NS_NewURI(getter_AddRefs(aboutConfig), "about:config");
+ nsCOMPtr<nsIURI> example_com;
+ NS_NewURI(getter_AddRefs(example_com), "https://example.com");
+ nsCOMPtr<nsIURI> example_com_with_path;
+ NS_NewURI(getter_AddRefs(example_com_with_path),
+ "https://example.com/test/1/2/3");
+ nsCOMPtr<nsIURI> nullURI = nullptr;
+
+ ASSERT_TRUE(nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin(uriA, uriB));
+ ASSERT_TRUE(
+ nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin(uriB, uriB_http));
+
+ ASSERT_FALSE(nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin(
+ aboutBlank, aboutConfig));
+ ASSERT_FALSE(nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin(
+ aboutBlank, aboutBlank));
+ ASSERT_FALSE(
+ nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin(uriB, aboutConfig));
+ ASSERT_FALSE(nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin(
+ example_com, example_com_with_path));
+ ASSERT_FALSE(
+ nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin(uriB_http, nullURI));
+ ASSERT_FALSE(
+ nsScriptSecurityManager::IsHttpOrHttpsAndCrossOrigin(nullURI, uriB_http));
+}
+
+} // namespace mozilla
diff --git a/caps/tests/gtest/moz.build b/caps/tests/gtest/moz.build
index 10b1a66f3b..c0e2087fc2 100644
--- a/caps/tests/gtest/moz.build
+++ b/caps/tests/gtest/moz.build
@@ -11,6 +11,7 @@ UNIFIED_SOURCES += [
"TestPrincipalAttributes.cpp",
"TestPrincipalSerialization.cpp",
"TestRedirectChainURITruncation.cpp",
+ "TestScriptSecurityManager.cpp",
]
include("/ipc/chromium/chromium-config.mozbuild")
diff --git a/caps/tests/mochitest/test_addonMayLoad.html b/caps/tests/mochitest/test_addonMayLoad.html
index 2d5e5e59f1..74dc8134b4 100644
--- a/caps/tests/mochitest/test_addonMayLoad.html
+++ b/caps/tests/mochitest/test_addonMayLoad.html
@@ -23,7 +23,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1180921
baseURL: `file:///{id}`,
allowedOrigins: new MatchPatternSet([`*://${subdomain}.example.org/*`]),
- localizeCallback(string) {},
+ localizeCallback() {},
});
}
diff --git a/caps/tests/mochitest/test_bug995943.xhtml b/caps/tests/mochitest/test_bug995943.xhtml
index 0ba95f548d..fc7c0b022f 100644
--- a/caps/tests/mochitest/test_bug995943.xhtml
+++ b/caps/tests/mochitest/test_bug995943.xhtml
@@ -33,7 +33,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=995943
function checkLoadFileURI(domain, shouldLoad) {
debug("Invoking checkLoadFileURI with domain: " + domain + ", shouldLoad: " + shouldLoad);
- return new Promise(function(resolve, reject) {
+ return new Promise(function(resolve) {
$('ifr').addEventListener('load', function l1() {
debug("Invoked l1 for " + domain);
$('ifr').removeEventListener('load', l1);