From fbaf0bb26397aa498eb9156f06d5a6fe34dd7dd8 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 03:14:29 +0200 Subject: Merging upstream version 125.0.1. Signed-off-by: Daniel Baumann --- dom/security/nsCSPUtils.cpp | 51 +++++++++++++++------------------------------ 1 file changed, 17 insertions(+), 34 deletions(-) (limited to 'dom/security/nsCSPUtils.cpp') diff --git a/dom/security/nsCSPUtils.cpp b/dom/security/nsCSPUtils.cpp index 50730b691b..11d09909f7 100644 --- a/dom/security/nsCSPUtils.cpp +++ b/dom/security/nsCSPUtils.cpp @@ -1569,7 +1569,8 @@ nsCSPPolicy::~nsCSPPolicy() { bool nsCSPPolicy::permits(CSPDirective aDir, nsILoadInfo* aLoadInfo, nsIURI* aUri, bool aWasRedirected, bool aSpecific, - nsAString& outViolatedDirective) const { + nsAString& outViolatedDirective, + nsAString& outViolatedDirectiveString) const { if (CSPUTILSLOGENABLED()) { CSPUTILSLOG(("nsCSPPolicy::permits, aUri: %s, aDir: %s, aSpecific: %s", aUri->GetSpecOrDefault().get(), CSP_CSPDirectiveToString(aDir), @@ -1578,6 +1579,7 @@ bool nsCSPPolicy::permits(CSPDirective aDir, nsILoadInfo* aLoadInfo, NS_ASSERTION(aUri, "permits needs an uri to perform the check!"); outViolatedDirective.Truncate(); + outViolatedDirectiveString.Truncate(); nsCSPDirective* defaultDir = nullptr; @@ -1589,6 +1591,7 @@ bool nsCSPPolicy::permits(CSPDirective aDir, nsILoadInfo* aLoadInfo, if (!mDirectives[i]->permits(aDir, aLoadInfo, aUri, aWasRedirected, mReportOnly, mUpgradeInsecDir)) { mDirectives[i]->getDirName(outViolatedDirective); + mDirectives[i]->toString(outViolatedDirectiveString); return false; } return true; @@ -1604,6 +1607,7 @@ bool nsCSPPolicy::permits(CSPDirective aDir, nsILoadInfo* aLoadInfo, if (!defaultDir->permits(aDir, aLoadInfo, aUri, aWasRedirected, mReportOnly, mUpgradeInsecDir)) { defaultDir->getDirName(outViolatedDirective); + defaultDir->toString(outViolatedDirectiveString); return false; } return true; @@ -1692,43 +1696,22 @@ bool nsCSPPolicy::allowsAllInlineBehavior(CSPDirective aDir) const { * The parameter outDirective is the equivalent of 'outViolatedDirective' * for the ::permits() function family. */ -void nsCSPPolicy::getDirectiveStringAndReportSampleForContentType( - CSPDirective aDirective, nsAString& outDirective, - bool* aReportSample) const { - MOZ_ASSERT(aReportSample); +void nsCSPPolicy::getViolatedDirectiveInformation(CSPDirective aDirective, + nsAString& outDirective, + nsAString& outDirectiveString, + bool* aReportSample) const { *aReportSample = false; - - nsCSPDirective* defaultDir = nullptr; - for (uint32_t i = 0; i < mDirectives.Length(); i++) { - if (mDirectives[i]->isDefaultDirective()) { - defaultDir = mDirectives[i]; - continue; - } - if (mDirectives[i]->equals(aDirective)) { - mDirectives[i]->getDirName(outDirective); - *aReportSample = mDirectives[i]->hasReportSampleKeyword(); - return; - } - } - // if we haven't found a matching directive yet, - // the contentType must be restricted by the default directive - if (defaultDir) { - defaultDir->getDirName(outDirective); - *aReportSample = defaultDir->hasReportSampleKeyword(); + nsCSPDirective* directive = matchingOrDefaultDirective(aDirective); + if (!directive) { + MOZ_ASSERT_UNREACHABLE("Can not query violated directive"); + outDirective.AppendLiteral("couldNotQueryViolatedDirective"); + outDirective.Truncate(); return; } - NS_ASSERTION(false, "Can not query directive string for contentType!"); - outDirective.AppendLiteral("couldNotQueryViolatedDirective"); -} -void nsCSPPolicy::getDirectiveAsString(CSPDirective aDir, - nsAString& outDirective) const { - for (uint32_t i = 0; i < mDirectives.Length(); i++) { - if (mDirectives[i]->equals(aDir)) { - mDirectives[i]->toString(outDirective); - return; - } - } + directive->getDirName(outDirective); + directive->toString(outDirectiveString); + *aReportSample = directive->hasReportSampleKeyword(); } /* -- cgit v1.2.3