diff options
Diffstat (limited to 'dom/security/nsContentSecurityUtils.cpp')
| -rw-r--r-- | dom/security/nsContentSecurityUtils.cpp | 51 |
1 files changed, 32 insertions, 19 deletions
diff --git a/dom/security/nsContentSecurityUtils.cpp b/dom/security/nsContentSecurityUtils.cpp index 01e9c6d5db..7bcbbdd002 100644 --- a/dom/security/nsContentSecurityUtils.cpp +++ b/dom/security/nsContentSecurityUtils.cpp @@ -1065,7 +1065,7 @@ nsresult CheckCSPFrameAncestorPolicy(nsIChannel* aChannel, csp->SuppressParserLogMessages(); nsCOMPtr<nsIURI> selfURI; - nsAutoString referrerSpec; + nsAutoCString referrerSpec; if (httpChannel) { aChannel->GetURI(getter_AddRefs(selfURI)); nsCOMPtr<nsIReferrerInfo> referrerInfo = httpChannel->GetReferrerInfo(); @@ -1367,6 +1367,7 @@ void nsContentSecurityUtils::AssertAboutPageHasCSP(Document* aDocument) { StringBeginsWith(aboutSpec, "about:preferences"_ns) || StringBeginsWith(aboutSpec, "about:settings"_ns) || StringBeginsWith(aboutSpec, "about:downloads"_ns) || + StringBeginsWith(aboutSpec, "about:fingerprinting"_ns) || StringBeginsWith(aboutSpec, "about:asrouter"_ns) || StringBeginsWith(aboutSpec, "about:newtab"_ns) || StringBeginsWith(aboutSpec, "about:logins"_ns) || @@ -1670,25 +1671,37 @@ long nsContentSecurityUtils::ClassifyDownload( nsCOMPtr<nsIURI> contentLocation; aChannel->GetURI(getter_AddRefs(contentLocation)); - if (StaticPrefs::dom_block_download_insecure()) { - // If we are not dealing with a potentially trustworthy origin, or a URI - // that is safe to be loaded like e.g. data:, then we block the load. - bool isInsecureDownload = - !nsMixedContentBlocker::IsPotentiallyTrustworthyOrigin( - contentLocation) && - !nsMixedContentBlocker::URISafeToBeLoadedInSecureContext( - contentLocation); - - Telemetry::Accumulate(mozilla::Telemetry::INSECURE_DOWNLOADS, - isInsecureDownload); - - if (isInsecureDownload) { - nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel); - if (httpChannel) { - LogMessageToConsole(httpChannel, "BlockedInsecureDownload"); - } - return nsITransfer::DOWNLOAD_POTENTIALLY_UNSAFE; + nsCOMPtr<nsIPrincipal> loadingPrincipal = loadInfo->GetLoadingPrincipal(); + if (!loadingPrincipal) { + loadingPrincipal = loadInfo->TriggeringPrincipal(); + } + // Creating a fake Loadinfo that is just used for the MCB check. + nsCOMPtr<nsILoadInfo> secCheckLoadInfo = new mozilla::net::LoadInfo( + loadingPrincipal, loadInfo->TriggeringPrincipal(), nullptr, + nsILoadInfo::SEC_ONLY_FOR_EXPLICIT_CONTENTSEC_CHECK, + nsIContentPolicy::TYPE_FETCH); + // Disable HTTPS-Only checks for that loadinfo. This is required because + // otherwise nsMixedContentBlocker::ShouldLoad would assume that the request + // is safe, because HTTPS-Only is handling it. + secCheckLoadInfo->SetHttpsOnlyStatus(nsILoadInfo::HTTPS_ONLY_EXEMPT); + + int16_t decission = nsIContentPolicy::ACCEPT; + nsMixedContentBlocker::ShouldLoad(false, // aHadInsecureImageRedirect + contentLocation, // aContentLocation, + secCheckLoadInfo, // aLoadinfo + false, // aReportError + &decission // aDecision + ); + Telemetry::Accumulate(mozilla::Telemetry::MIXED_CONTENT_DOWNLOADS, + decission != nsIContentPolicy::ACCEPT); + + if (StaticPrefs::dom_block_download_insecure() && + decission != nsIContentPolicy::ACCEPT) { + nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel); + if (httpChannel) { + LogMessageToConsole(httpChannel, "MixedContentBlockedDownload"); } + return nsITransfer::DOWNLOAD_POTENTIALLY_UNSAFE; } if (loadInfo->TriggeringPrincipal()->IsSystemPrincipal()) { |