Backed out changeset f443b21ba9de (bug 1307321) for unexpected passing of scripthash-unicode-normalization.sub.html. r=backout
authorSebastian Hengst <archaeopteryx@coole-files.de>
Fri, 14 Oct 2016 17:51:22 +0200
changeset 318096 7107572c7119631ab31161b3d5e7a88f804723d2
parent 318095 63d0a40426ecc68cb9bbf93179e769ab06c7afa0
child 318097 af1735c43825bbab57abcfbb5d06e4a09ed92907
push id33211
push usercbook@mozilla.com
push dateMon, 17 Oct 2016 09:38:38 +0000
treeherderautoland@e4ef6fa03aa8 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbackout
bugs1307321
milestone52.0a1
backs outf443b21ba9de2a2acf18b1b07083dfa6fda4fd26
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Backed out changeset f443b21ba9de (bug 1307321) for unexpected passing of scripthash-unicode-normalization.sub.html. r=backout
dom/security/nsCSPContext.cpp
dom/security/test/unit/test_csp_reports.js
--- a/dom/security/nsCSPContext.cpp
+++ b/dom/security/nsCSPContext.cpp
@@ -960,18 +960,17 @@ nsCSPContext::SendReports(nsISupports* a
     // there's no loadgroup, AsyncOpen will fail on process-split necko (since
     // the channel cannot query the iTabChild).
     rv = reportChannel->SetLoadGroup(mCallingChannelLoadGroup);
     NS_ENSURE_SUCCESS(rv, rv);
 
     // wire in the string input stream to send the report
     nsCOMPtr<nsIStringInputStream> sis(do_CreateInstance(NS_STRINGINPUTSTREAM_CONTRACTID));
     NS_ASSERTION(sis, "nsIStringInputStream is needed but not available to send CSP violation reports");
-    nsAutoCString utf8CSPReport = NS_ConvertUTF16toUTF8(csp_report);
-    rv = sis->SetData(utf8CSPReport.get(), utf8CSPReport.Length());
+    rv = sis->SetData(NS_ConvertUTF16toUTF8(csp_report).get(), csp_report.Length());
     NS_ENSURE_SUCCESS(rv, rv);
 
     nsCOMPtr<nsIUploadChannel> uploadChannel(do_QueryInterface(reportChannel));
     if (!uploadChannel) {
       // It's possible the URI provided can't be uploaded to, in which case
       // we skip this one. We'll already have warned about a non-HTTP URI earlier.
       continue;
     }
--- a/dom/security/test/unit/test_csp_reports.js
+++ b/dom/security/test/unit/test_csp_reports.js
@@ -116,36 +116,31 @@ function run_test() {
                                        "", // aContent
                                        0); // aLineNumber
 
         // this is not a report only policy, so it better block inline scripts
         do_check_false(inlineOK);
       });
 
   // test that eval violations cause a report.
-  makeTest(1, {"blocked-uri": "self",
-               // JSON script-sample is UTF8 encoded
-               "script-sample" : "\xc2\xa3\xc2\xa5\xc2\xb5\xe5\x8c\x97\xf0\xa0\x9d\xb9"}, false,
+  makeTest(1, {"blocked-uri": "self"}, false,
       function(csp) {
         let evalOK = true, oReportViolation = {'value': false};
         evalOK = csp.getAllowsEval(oReportViolation);
 
         // this is not a report only policy, so it better block eval
         do_check_false(evalOK);
         // ... and cause reports to go out
         do_check_true(oReportViolation.value);
 
         if (oReportViolation.value) {
           // force the logging, since the getter doesn't.
           csp.logViolationDetails(Ci.nsIContentSecurityPolicy.VIOLATION_TYPE_EVAL,
                                   selfuri.asciiSpec,
-                                  // sending UTF-16 script sample to make sure
-                                  // csp report in JSON is not cut-off, please
-                                  // note that JSON is UTF8 encoded.
-                                  "\u00a3\u00a5\u00b5\u5317\ud841\udf79",
+                                  "script sample",
                                   1);
         }
       });
 
   makeTest(2, {"blocked-uri": "http://blocked.test"}, false,
       function(csp) {
         // shouldLoad creates and sends out the report here.
         csp.shouldLoad(Ci.nsIContentPolicy.TYPE_SCRIPT,