From a90a5cba08fdf6c0ceb95101c275108a152a3aed Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Wed, 12 Jun 2024 07:35:37 +0200
Subject: Merging upstream version 127.0.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 dom/security/nsCSPUtils.cpp | 85 ++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 76 insertions(+), 9 deletions(-)

(limited to 'dom/security/nsCSPUtils.cpp')

diff --git a/dom/security/nsCSPUtils.cpp b/dom/security/nsCSPUtils.cpp
index 11d09909f7..f4aecfaf44 100644
--- a/dom/security/nsCSPUtils.cpp
+++ b/dom/security/nsCSPUtils.cpp
@@ -23,6 +23,7 @@
 #include "nsServiceManagerUtils.h"
 #include "nsWhitespaceTokenizer.h"
 
+#include "mozilla/Assertions.h"
 #include "mozilla/Components.h"
 #include "mozilla/dom/CSPDictionariesBinding.h"
 #include "mozilla/dom/Document.h"
@@ -243,6 +244,20 @@ void CSP_LogMessage(const nsAString& aMessage, const nsAString& aSourceName,
   console->LogMessage(error);
 }
 
+CSPDirective CSP_StringToCSPDirective(const nsAString& aDir) {
+  nsString lowerDir = PromiseFlatString(aDir);
+  ToLowerCase(lowerDir);
+
+  uint32_t numDirs = (sizeof(CSPStrDirectives) / sizeof(CSPStrDirectives[0]));
+
+  for (uint32_t i = 1; i < numDirs; i++) {
+    if (lowerDir.EqualsASCII(CSPStrDirectives[i])) {
+      return static_cast<CSPDirective>(i);
+    }
+  }
+  return nsIContentSecurityPolicy::NO_DIRECTIVE;
+}
+
 /**
  * Combines CSP_LogMessage and CSP_GetLocalizedStr into one call.
  */
@@ -997,6 +1012,41 @@ void nsCSPSandboxFlags::toString(nsAString& outStr) const {
   outStr.Append(mFlags);
 }
 
+/* ===== nsCSPRequireTrustedTypesForDirectiveValue ===================== */
+
+nsCSPRequireTrustedTypesForDirectiveValue::
+    nsCSPRequireTrustedTypesForDirectiveValue(const nsAString& aValue)
+    : mValue{aValue} {}
+
+bool nsCSPRequireTrustedTypesForDirectiveValue::visit(
+    nsCSPSrcVisitor* aVisitor) const {
+  MOZ_ASSERT_UNREACHABLE(
+      "This method should only be called for other overloads of this method.");
+  return false;
+}
+
+void nsCSPRequireTrustedTypesForDirectiveValue::toString(
+    nsAString& aOutStr) const {
+  aOutStr.Append(mValue);
+}
+
+/* =============== nsCSPTrustedTypesDirectivePolicyName =============== */
+
+nsCSPTrustedTypesDirectivePolicyName::nsCSPTrustedTypesDirectivePolicyName(
+    const nsAString& aName)
+    : mName{aName} {}
+
+bool nsCSPTrustedTypesDirectivePolicyName::visit(
+    nsCSPSrcVisitor* aVisitor) const {
+  MOZ_ASSERT_UNREACHABLE(
+      "Should only be called for other overloads of this method.");
+  return false;
+}
+
+void nsCSPTrustedTypesDirectivePolicyName::toString(nsAString& aOutStr) const {
+  aOutStr.Append(mName);
+}
+
 /* ===== nsCSPDirective ====================== */
 
 nsCSPDirective::nsCSPDirective(CSPDirective aDirective) {
@@ -1279,6 +1329,9 @@ bool nsCSPDirective::allowsAllInlineBehavior(CSPDirective aDir) const {
 void nsCSPDirective::toString(nsAString& outStr) const {
   // Append directive name
   outStr.AppendASCII(CSP_CSPDirectiveToString(mDirective));
+
+  MOZ_ASSERT(!mSrcs.IsEmpty());
+
   outStr.AppendLiteral(" ");
 
   // Append srcs
@@ -1414,6 +1467,21 @@ void nsCSPDirective::toDomCSPStruct(mozilla::dom::CSP& outCSP) const {
       outCSP.mScript_src_attr.Value() = std::move(srcs);
       return;
 
+    case nsIContentSecurityPolicy::REQUIRE_TRUSTED_TYPES_FOR_DIRECTIVE:
+      outCSP.mRequire_trusted_types_for.Construct();
+
+      // Here, the srcs represent the sink group
+      // (https://w3c.github.io/trusted-types/dist/spec/#integration-with-content-security-policy).
+      outCSP.mRequire_trusted_types_for.Value() = std::move(srcs);
+      return;
+
+    case nsIContentSecurityPolicy::TRUSTED_TYPES_DIRECTIVE:
+      outCSP.mTrusted_types.Construct();
+      // Here, "srcs" represents tt-expressions
+      // (https://w3c.github.io/trusted-types/dist/spec/#trusted-types-csp-directive).
+      outCSP.mTrusted_types.Value() = std::move(srcs);
+      return;
+
     default:
       NS_ASSERTION(false, "cannot find directive to convert CSP to JSON");
   }
@@ -1693,24 +1761,23 @@ bool nsCSPPolicy::allowsAllInlineBehavior(CSPDirective aDir) const {
 /*
  * Use this function only after ::allows() returned 'false'. Most and
  * foremost it's used to get the violated directive before sending reports.
- * The parameter outDirective is the equivalent of 'outViolatedDirective'
+ * The parameter aDirectiveName is the equivalent of 'outViolatedDirective'
  * for the ::permits() function family.
  */
-void nsCSPPolicy::getViolatedDirectiveInformation(CSPDirective aDirective,
-                                                  nsAString& outDirective,
-                                                  nsAString& outDirectiveString,
-                                                  bool* aReportSample) const {
+void nsCSPPolicy::getViolatedDirectiveInformation(
+    CSPDirective aDirective, nsAString& aDirectiveName,
+    nsAString& aDirectiveNameAndValue, bool* aReportSample) const {
   *aReportSample = false;
   nsCSPDirective* directive = matchingOrDefaultDirective(aDirective);
   if (!directive) {
     MOZ_ASSERT_UNREACHABLE("Can not query violated directive");
-    outDirective.AppendLiteral("couldNotQueryViolatedDirective");
-    outDirective.Truncate();
+    aDirectiveName.Truncate();
+    aDirectiveNameAndValue.Truncate();
     return;
   }
 
-  directive->getDirName(outDirective);
-  directive->toString(outDirectiveString);
+  directive->getDirName(aDirectiveName);
+  directive->toString(aDirectiveNameAndValue);
   *aReportSample = directive->hasReportSampleKeyword();
 }
 
-- 
cgit v1.2.3