Backed out changeset d12f758f5f36 (bug 1223647) for android csp test failures
authorWes Kocher <wkocher@mozilla.com>
Wed, 11 Nov 2015 14:27:52 -0800
changeset 272152 51dbf899ae40b9fdc9f8e5ba7712c3694656be60
parent 272151 d864b4e62bb02a042a8e0ab90376eda87e21da52
child 272153 64a9ebe5f2b9f0b5971e958121db07735f14fe41
push id67891
push userkwierso@gmail.com
push dateWed, 11 Nov 2015 22:27:56 +0000
treeherdermozilla-inbound@51dbf899ae40 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
bugs1223647
milestone45.0a1
backs outd12f758f5f362ffed1aa195d266289e1ed2a1123
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Backed out changeset d12f758f5f36 (bug 1223647) for android csp test failures
dom/base/nsXMLHttpRequest.cpp
dom/security/test/csp/file_main.html^headers^
dom/security/test/csp/file_main.js
dom/security/test/csp/file_main_worker.js
dom/security/test/csp/file_redirects_main.html
dom/security/test/csp/file_redirects_page.sjs
dom/security/test/csp/file_redirects_resource.sjs
dom/security/test/csp/file_worker_redirect.html
dom/security/test/csp/file_worker_redirect.sjs
dom/security/test/csp/mochitest.ini
dom/security/test/csp/test_CSP.html
dom/security/test/csp/test_redirects.html
dom/security/test/csp/test_worker_redirect.html
dom/workers/ScriptLoader.cpp
--- a/dom/base/nsXMLHttpRequest.cpp
+++ b/dom/base/nsXMLHttpRequest.cpp
@@ -1685,20 +1685,18 @@ nsXMLHttpRequest::Open(const nsACString&
   }
   else {
     // Otherwise use CORS. Again, make sure that potential result documents
     // use the same principal as the loader.
     secFlags = nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS |
                nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
   }
 
-  // If we have the document, use it. Unfortunately, for dedicated workers
-  // 'doc' ends up being the parent document, which is not the document
-  // that we want to use. So make sure to avoid using 'doc' in that situation.
-  if (doc && doc->NodePrincipal() == mPrincipal) {
+  // If we have the document, use it
+  if (doc) {
     rv = NS_NewChannel(getter_AddRefs(mChannel),
                        uri,
                        doc,
                        secFlags,
                        nsIContentPolicy::TYPE_INTERNAL_XMLHTTPREQUEST,
                        loadGroup,
                        nullptr,   // aCallbacks
                        loadFlags);
--- a/dom/security/test/csp/file_main.html^headers^
+++ b/dom/security/test/csp/file_main.html^headers^
@@ -1,1 +1,1 @@
-Content-Security-Policy: default-src 'self' blob: ; style-src 'unsafe-inline' 'self'
+Content-Security-Policy: default-src 'self' ; style-src 'unsafe-inline' 'self'
--- a/dom/security/test/csp/file_main.js
+++ b/dom/security/test/csp/file_main.js
@@ -1,28 +1,16 @@
-function doXHR(uri) {
-  try {
-    var xhr = new XMLHttpRequest();
-    xhr.open("GET", uri);
-    xhr.send();
-  } catch(ex) {}
-}
+// some javascript for the CSP XHR tests
+//
 
-doXHR("http://mochi.test:8888/tests/dom/security/test/csp/file_CSP.sjs?testid=xhr_good");
-doXHR("http://example.com/tests/dom/security/test/csp/file_CSP.sjs?testid=xhr_bad");
-fetch("http://mochi.test:8888/tests/dom/security/test/csp/file_CSP.sjs?testid=fetch_good");
-fetch("http://example.com/tests/dom/security/test/csp/file_CSP.sjs?testid=fetch_bad");
-navigator.sendBeacon("http://mochi.test:8888/tests/dom/security/test/csp/file_CSP.sjs?testid=beacon_good");
 try {
-  navigator.sendBeacon("http://example.com/tests/dom/security/test/csp/file_CSP.sjs?testid=beacon_bad");
-} catch(ex) {}
-
-
-new Worker("file_main_worker.js").postMessage({inherited : false});
-
+  var xhr_good = new XMLHttpRequest();
+  var xhr_good_uri ="http://mochi.test:8888/tests/dom/security/test/csp/file_CSP.sjs?testid=xhr_good";
+  xhr_good.open("GET", xhr_good_uri, true);
+  xhr_good.send(null);
+} catch(e) {}
 
-var blobxhr = new XMLHttpRequest();
-blobxhr.open("GET", "file_main_worker.js")
-blobxhr.responseType = "blob";
-blobxhr.send();
-blobxhr.onload = () => {
-  new Worker(URL.createObjectURL(blobxhr.response)).postMessage({inherited : true});
-}
+try {
+  var xhr_bad = new XMLHttpRequest();
+  var xhr_bad_uri ="http://example.com/tests/dom/security/test/csp/file_CSP.sjs?testid=xhr_bad";
+  xhr_bad.open("GET", xhr_bad_uri, true);
+  xhr_bad.send(null);
+} catch(e) {}
deleted file mode 100644
--- a/dom/security/test/csp/file_main_worker.js
+++ /dev/null
@@ -1,28 +0,0 @@
-function doXHR(uri) {
-  try {
-    var xhr = new XMLHttpRequest();
-    xhr.open("GET", uri);
-    xhr.send();
-  } catch(ex) {}
-}
-
-var sameBase = "http://mochi.test:8888/tests/dom/security/test/csp/file_CSP.sjs?testid=";
-var crossBase = "http://example.com/tests/dom/security/test/csp/file_CSP.sjs?testid=";
-
-onmessage = (e) => {
-  for (base of [sameBase, crossBase]) {
-    var prefix;
-    var suffix;
-    if (e.data.inherited) {
-      prefix = base + "worker_inherited_"
-      suffix = base == sameBase ? "_good" : "_bad";
-    }
-    else {
-      prefix = base + "worker_"
-      suffix = base == sameBase ? "_same_good" : "_cross_good";
-    }
-    doXHR(prefix + "xhr" + suffix);
-    fetch(prefix + "fetch" + suffix);
-    try { importScripts(prefix + "script" + suffix); } catch(ex) {}
-  }
-}
--- a/dom/security/test/csp/file_redirects_main.html
+++ b/dom/security/test/csp/file_redirects_main.html
@@ -6,28 +6,27 @@
 <div id="container"></div>
 </body>
 
 <script>
 var thisSite = "http://mochi.test:8888";
 var otherSite = "http://example.com";
 var page = "/tests/dom/security/test/csp/file_redirects_page.sjs";
 
-var tests = { "font-src": thisSite+page+"?testid=font-src",
-              "frame-src": thisSite+page+"?testid=frame-src",
-              "img-src":  thisSite+page+"?testid=img-src",
-              "media-src":  thisSite+page+"?testid=media-src",
-              "object-src":  thisSite+page+"?testid=object-src",
-              "script-src":  thisSite+page+"?testid=script-src",
-              "style-src":  thisSite+page+"?testid=style-src",
-              "worker":  thisSite+page+"?testid=worker",
-              "xhr-src":  thisSite+page+"?testid=xhr-src",
-              "from-worker": thisSite+page+"?testid=from-worker",
-              "from-blob-worker": thisSite+page+"?testid=from-blob-worker",
-              "img-src-from-css":  thisSite+page+"?testid=img-src-from-css",
+var tests = { "font-src": thisSite+page+"?testid=font-src&csp=1",
+              "frame-src": thisSite+page+"?testid=frame-src&csp=1",
+              "img-src":  thisSite+page+"?testid=img-src&csp=1",
+              "media-src":  thisSite+page+"?testid=media-src&csp=1",
+              "object-src":  thisSite+page+"?testid=object-src&csp=1",
+              "script-src":  thisSite+page+"?testid=script-src&csp=1",
+              "style-src":  thisSite+page+"?testid=style-src&csp=1",
+              "worker":  thisSite+page+"?testid=worker&csp=1",
+              "xhr-src":  thisSite+page+"?testid=xhr-src&csp=1",
+              "script-src-from-worker": thisSite+page+"?testid=script-src-from-worker&csp=1",
+              "img-src-from-css":  thisSite+page+"?testid=img-src-from-css&csp=1",
             };
 
 var container = document.getElementById("container");
 
 // load each test in its own iframe
 for (tid in tests) {
   var i = document.createElement("iframe");
   i.id = tid;
--- a/dom/security/test/csp/file_redirects_page.sjs
+++ b/dom/security/test/csp/file_redirects_page.sjs
@@ -9,23 +9,25 @@ function handleRequest(request, response
   });
 
   response.setHeader("Cache-Control", "no-cache", false);
   response.setHeader("Content-Type", "text/html", false);
 
   var resource = "/tests/dom/security/test/csp/file_redirects_resource.sjs";
 
   // CSP header value
-  var additional = ""
-  if (query['testid'] == "worker") {
-    additional = "; script-src 'self' 'unsafe-inline'";
+  if (query["csp"] == 1) {
+    var additional = ""
+    if (query['testid'] == "worker") {
+      additional = "; script-src 'self' 'unsafe-inline'";
+    }
+    response.setHeader("Content-Security-Policy",
+        "default-src 'self' ; style-src 'self' 'unsafe-inline'" + additional,
+        false);
   }
-  response.setHeader("Content-Security-Policy",
-      "default-src 'self' blob: ; style-src 'self' 'unsafe-inline'" + additional,
-      false);
 
   // downloadable font that redirects to another site
   if (query["testid"] == "font-src") {
     var resp = '<style type="text/css"> @font-face { font-family:' +
                '"Redirecting Font"; src: url("' + resource +
                '?res=font&redir=other&id=font-src-redir")} #test{font-family:' +
                '"Redirecting Font"}</style></head><body>' +
                '<div id="test">test</div></body>';
@@ -83,32 +85,18 @@ function handleRequest(request, response
 
   // for bug949706
   if (query["testid"] == "img-src-from-css") {
     // loads a stylesheet, which in turn loads an image that redirects.
     response.write('<link rel="stylesheet" type="text/css" href="'+resource+'?res=cssLoader&id=img-src-redir-from-css">');
     return;
   }
 
-  if (query["testid"] == "from-worker") {
+  if (query["testid"] == "script-src-from-worker") {
     // loads a script; launches a worker; that worker uses importscript; which then gets redirected
     // So it's:
-    // <script src="res=loadWorkerThatMakesRequests">
-    //   .. loads Worker("res=makeRequestsWorker")
+    // <script "res=loadWorkerThatImports">
+    //   .. loads Worker("res=importScriptWorker")
     //         .. calls importScript("res=script")
-    //         .. calls xhr("res=xhr-resp")
-    //         .. calls fetch("res=xhr-resp")
-    response.write('<script src="'+resource+'?res=loadWorkerThatMakesRequests&id=from-worker"></script>');
-    return;
-  }
-
-  if (query["testid"] == "from-blob-worker") {
-    // loads a script; launches a worker; that worker uses importscript; which then gets redirected
-    // So it's:
-    // <script src="res=loadBlobWorkerThatMakesRequests">
-    //   .. loads Worker("res=makeRequestsWorker")
-    //         .. calls importScript("res=script")
-    //         .. calls xhr("res=xhr-resp")
-    //         .. calls fetch("res=xhr-resp")
-    response.write('<script src="'+resource+'?res=loadBlobWorkerThatMakesRequests&id=from-blob-worker"></script>');
+    response.write('<script src="'+resource+'?res=loadWorkerThatImports&id=script-src-redir-from-worker"></script>');
     return;
   }
 }
--- a/dom/security/test/csp/file_redirects_resource.sjs
+++ b/dom/security/test/csp/file_redirects_resource.sjs
@@ -97,55 +97,39 @@ function handleRequest(request, response
     let bgURL = thisSite + resource + '?redir=other&res=image&id=' + query["id"];
     response.setHeader("Content-Type", "text/css", false);
     response.write("body { background:url('" + bgURL + "'); }");
     return;
   }
 
   // script that loads an internal worker that uses importScripts on a redirect
   // to an external script.
-  if (query["res"] == "loadWorkerThatMakesRequests") {
+  if (query["res"] == "loadWorkerThatImports") {
     // this creates a worker (same origin) that imports a redirecting script.
-    let workerURL = thisSite + resource + '?res=makeRequestsWorker&id=' + query["id"];
+    let workerURL = thisSite + resource + '?res=importScriptWorker&id=' + query["id"];
     response.setHeader("Content-Type", "application/javascript", false);
-    response.write("new Worker('" + workerURL + "');");
-    return;
-  }
-
-  // script that loads an internal worker that uses importScripts on a redirect
-  // to an external script.
-  if (query["res"] == "loadBlobWorkerThatMakesRequests") {
-    // this creates a worker (same origin) that imports a redirecting script.
-    let workerURL = thisSite + resource + '?res=makeRequestsWorker&id=' + query["id"];
-    response.setHeader("Content-Type", "application/javascript", false);
-    response.write("var x = new XMLHttpRequest(); x.open('GET', '" + workerURL + "'); ");
-    response.write("x.responseType = 'blob'; x.send(); ");
-    response.write("x.onload = () => { new Worker(URL.createObjectURL(x.response)); };");
+    response.write("var w=new Worker('" + workerURL + "'); w.onmessage=function(event){ alert(event.data); }");
     return;
   }
 
   // source for a worker that simply calls importScripts on a script that
   // redirects.
-  if (query["res"] == "makeRequestsWorker") {
+  if (query["res"] == "importScriptWorker") {
     // this is code for a worker that imports a redirected script.
-    let scriptURL = thisSite + resource + "?redir=other&res=script&id=script-src-redir-" + query["id"];
-    let xhrURL = thisSite + resource + "?redir=other&res=xhr-resp&id=xhr-src-redir-" + query["id"];
-    let fetchURL = thisSite + resource + "?redir=other&res=xhr-resp&id=fetch-src-redir-" + query["id"];
+    let scriptURL = thisSite + resource + "?redir=other&res=script&id=" + query["id"];
     response.setHeader("Content-Type", "application/javascript", false);
-    response.write("try { importScripts('" + scriptURL + "'); } catch(ex) {} ");
-    response.write("var x = new XMLHttpRequest(); x.open('GET', '" + xhrURL + "'); x.send();");
-    response.write("fetch('" + fetchURL + "');");
+    response.write("importScripts('" + scriptURL + "');");
     return;
   }
 
   // script that invokes XHR
   if (query["res"] == "xhr") {
     response.setHeader("Content-Type", "application/javascript", false);
-    var resp = 'var x = new XMLHttpRequest();x.open("GET", "' + thisSite +
-               resource+'?redir=other&res=xhr-resp&id=xhr-src-redir", false);\n' +
+    var resp = 'var x = new XMLHttpRequest();x.open("GET", "' + otherSite +
+               resource+'?res=xhr-resp&testid=xhr-src-redir", false);\n' +
                'x.send(null);';
     response.write(resp);
     return;
   }
 
   // response to XHR
   if (query["res"] == "xhr-resp") {
     response.setHeader("Access-Control-Allow-Origin", "*", false);
new file mode 100644
--- /dev/null
+++ b/dom/security/test/csp/file_worker_redirect.html
@@ -0,0 +1,9 @@
+<!DOCTYPE HTML>
+<html>
+  <head>
+    <title>Bug 949706 - CSP: Correct handling of web workers importing scripts that get redirected</title>
+  </head>
+  <body>
+  <script src="file_worker_redirect.sjs?stage_0_script_loads_worker"></script>
+</body>
+</html>
new file mode 100644
--- /dev/null
+++ b/dom/security/test/csp/file_worker_redirect.sjs
@@ -0,0 +1,37 @@
+// testserver customized for the needs of:
+// Bug 949706 - CSP: Correct handling of web workers importing scripts that get redirected
+
+function handleRequest(request, response)
+{
+  response.setHeader("Cache-Control", "no-cache", false);
+  response.setHeader("Content-Type", "text/html", false);
+
+  var query = request.queryString;
+
+  if (query === "stage_0_script_loads_worker") {
+    var newWorker =
+      "var myWorker = new Worker(\"file_worker_redirect.sjs?stage_1_worker_import_scripts\");" +
+      "myWorker.onmessage = function (event) { parent.checkResult(\"allowed\"); };" +
+      "myWorker.onerror = function (event) { parent.checkResult(\"blocked\"); };";
+    response.write(newWorker);
+    return;
+  }
+
+  if (query === "stage_1_worker_import_scripts") {
+    response.write("importScripts(\"file_worker_redirect.sjs?stage_2_redirect_imported_script\");");
+    return;
+  }
+
+  if (query === "stage_2_redirect_imported_script") {
+    var newLocation =
+      "http://test1.example.com/tests/dom/security/test/csp/file_worker_redirect.sjs?stage_3_target_script";
+    response.setStatusLine("1.1", 302, "Found");
+    response.setHeader("Location", newLocation, false);
+    return;
+  }
+
+  if (query === "stage_3_target_script") {
+    response.write("postMessage(\"imported script loaded\");");
+    return;
+  }
+}
--- a/dom/security/test/csp/mochitest.ini
+++ b/dom/security/test/csp/mochitest.ini
@@ -35,17 +35,16 @@ support-files =
   file_inlinestyle_main.html
   file_inlinestyle_main.html^headers^
   file_inlinestyle_main_allowed.html
   file_inlinestyle_main_allowed.html^headers^
   file_invalid_source_expression.html
   file_main.html
   file_main.html^headers^
   file_main.js
-  file_main_worker.js
   file_web_manifest.html
   file_web_manifest_remote.html
   file_web_manifest_https.html
   file_web_manifest.json
   file_web_manifest.json^headers^
   file_web_manifest_https.json
   file_web_manifest_mixed_content.html
   file_bug836922_npolicies.html
@@ -111,16 +110,18 @@ support-files =
   file_subframe_run_js_if_allowed.html^headers^
   file_leading_wildcard.html
   file_multi_policy_injection_bypass.html
   file_multi_policy_injection_bypass.html^headers^
   file_multi_policy_injection_bypass_2.html
   file_multi_policy_injection_bypass_2.html^headers^
   file_null_baseuri.html
   file_form-action.html
+  file_worker_redirect.html
+  file_worker_redirect.sjs
   file_referrerdirective.html
   referrerdirective.sjs
   file_upgrade_insecure.html
   file_upgrade_insecure_server.sjs
   file_upgrade_insecure_wsh.py
   file_upgrade_insecure_reporting.html
   file_upgrade_insecure_reporting_server.sjs
   file_upgrade_insecure_referrer.html
@@ -193,16 +194,17 @@ skip-if = buildapp == 'b2g' # intermitte
 skip-if = buildapp == 'b2g' # intermittent orange (bug 1028490)
 [test_subframe_run_js_if_allowed.html]
 [test_leading_wildcard.html]
 [test_multi_policy_injection_bypass.html]
 [test_null_baseuri.html]
 [test_referrerdirective.html]
 skip-if = buildapp == 'b2g' #no ssl support
 [test_dual_header.html]
+[test_worker_redirect.html]
 [test_upgrade_insecure.html]
 # no ssl support as well as websocket tests do not work (see test_websocket.html)
 skip-if = buildapp == 'b2g' || buildapp == 'mulet' || toolkit == 'gonk' || toolkit == 'android'
 [test_upgrade_insecure_reporting.html]
 skip-if = buildapp == 'b2g' || toolkit == 'gonk' || toolkit == 'android'
 [test_upgrade_insecure_referrer.html]
 skip-if = buildapp == 'b2g' || toolkit == 'gonk' || toolkit == 'android'
 [test_upgrade_insecure_cors.html]
--- a/dom/security/test/csp/test_CSP.html
+++ b/dom/security/test/csp/test_CSP.html
@@ -20,32 +20,16 @@ window.tests = {
   style_good: -1,
   style_bad: -1,
   frame_good: -1,
   frame_bad: -1,
   script_good: -1,
   script_bad: -1,
   xhr_good: -1,
   xhr_bad: -1,
-  fetch_good: -1,
-  fetch_bad: -1,
-  beacon_good: -1,
-  beacon_bad: -1,
-  worker_xhr_same_good: -1,
-  worker_xhr_cross_good: -1,
-  worker_fetch_same_good: -1,
-  worker_fetch_cross_good: -1,
-  worker_script_same_good: -1,
-  worker_script_cross_good: -1,
-  worker_inherited_xhr_good: -1,
-  worker_inherited_xhr_bad: -1,
-  worker_inherited_fetch_good: -1,
-  worker_inherited_fetch_bad: -1,
-  worker_inherited_script_good: -1,
-  worker_inherited_script_bad: -1,
   media_good: -1,
   media_bad: -1,
   font_good: -1,
   font_bad: -1,
   object_good: -1,
   object_bad: -1,
 };
 
@@ -92,21 +76,20 @@ examiner.prototype  = {
     SpecialPowers.removeObserver(this, "csp-on-violate-policy");
     SpecialPowers.removeObserver(this, "specialpowers-http-notify-request");
   }
 }
 
 window.examiner = new examiner();
 
 window.testResult = function(testname, result, msg) {
-  // test already complete.... forget it... remember the first result.
+  //test already complete.... forget it... remember the first result.
   if (window.tests[testname] != -1)
     return;
 
-  ok(testname in window.tests, "It's a real test");
   window.tests[testname] = result;
   is(result, true, testname + ' test: ' + msg);
 
   // if any test is incomplete, keep waiting
   for (var v in window.tests)
     if(tests[v] == -1)
       return;
 
--- a/dom/security/test/csp/test_redirects.html
+++ b/dom/security/test/csp/test_redirects.html
@@ -81,26 +81,20 @@ var testExpectedResults = { "font-src": 
                             "script-src": true,
                             "script-src-redir": false,
                             "style-src": true,
                             "style-src-redir": false,
                             "worker": true,
                             "worker-redir": false,
                             "xhr-src": true,
                             "xhr-src-redir": false,
-                            "from-worker": true,
-                            "script-src-redir-from-worker": true, /* redir is allowed since policy isn't inherited */
-                            "xhr-src-redir-from-worker": true, /* redir is allowed since policy isn't inherited */
-                            "fetch-src-redir-from-worker": true, /* redir is allowed since policy isn't inherited */
-                            "from-blob-worker": true,
-                            "script-src-redir-from-blob-worker": false,
-                            "xhr-src-redir-from-blob-worker": false,
-                            "fetch-src-redir-from-blob-worker": false,
-                            "img-src-from-css": true,
-                            "img-src-redir-from-css": false,
+                            "script-src-from-worker": true, /* test runs */
+                            "script-src-redir-from-worker": false, /* redir is blocked */
+                            "img-src-from-css": true, /* test runs */
+                            "img-src-redir-from-css": false, /* redir is blocked */
                           };
 
 // takes the name of the test, the URL that was tested, and whether the
 // load occurred
 var testResult = function(testName, url, result) {
   log("  testName: "+testName+", result: "+result+", expected: "+testExpectedResults[testName]+"\n");
   is(result, testExpectedResults[testName], testName+" test: "+url);
 
new file mode 100644
--- /dev/null
+++ b/dom/security/test/csp/test_worker_redirect.html
@@ -0,0 +1,76 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <title>Bug 949706 - CSP: Correct handling of web workers importing scripts that get redirected</title>
+  <!-- Including SimpleTest.js so we can use waitForExplicitFinish !-->
+  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+  <div id="content" style="visibility: hidden">
+    <iframe style="width:100%;" id="testframe"></iframe>
+  </div>
+
+<script class="testbody" type="text/javascript">
+
+/* Description of the test:
+ * We load a page that loads a script which then instantiates a web worker,
+ * where that web worker then imports a script which gets redirected.
+ * We verify that the CSP applies correctly after the imported script of
+ * the worker gets redirected. More specifically, the test works as follows:
+ *
+ * test_worker_redirect.html
+ * -> loads file_worker_redirect.html file into iframe
+ * -> loads worker file_worker_redirect.sjs?stage_0_script_loads_worker
+ * -> creates script file_worker_redirect.sjs?stage_1_worker_import_scripts
+ * -> redirects script file_worker_redirect.sjs?stage_2_redirect_imported_script
+ * -> loads target script file_worker_redirect.sjs?stage_3_target_script
+ *
+ * Please note that we have to use 'unsafe-eval' in the policy
+ * so that workers are actually permitted by the CSP.
+ *
+ * The main test is loaded using:
+ *   http://mochi.test:8888
+ * where the imported script gets redirected to:
+ *   http://test1.example.com
+ */
+
+var tests = [
+  {
+    policy: "default-src 'self'; script-src 'self' 'unsafe-eval'; child-src 'self' http://test1.example.com;",
+    expected: "allowed"
+  },
+  {
+    policy: "default-src 'self'; script-src 'self' 'unsafe-eval'; child-src 'self';",
+    expected: "blocked",
+  },
+];
+
+var counter = 0;
+var curTest;
+
+function checkResult(aResult) {
+  is(aResult, curTest.expected, "Should be (" + curTest.expected + ") in Test " + counter + "!");
+  loadNextTest();
+}
+
+function loadNextTest() {
+  if (counter == tests.length) {
+    SimpleTest.finish();
+    return;
+  }
+  curTest = tests[counter++];
+  var src = "file_testserver.sjs";
+  // append the file that should be served
+  src += "?file=" + escape("tests/dom/security/test/csp/file_worker_redirect.html");
+  // append the CSP that should be used to serve the file
+  src += "&csp=" + escape(curTest.policy);
+  document.getElementById("testframe").src = src;
+}
+
+SimpleTest.waitForExplicitFinish();
+loadNextTest();
+
+</script>
+</body>
+</html>
--- a/dom/workers/ScriptLoader.cpp
+++ b/dom/workers/ScriptLoader.cpp
@@ -117,24 +117,16 @@ ChannelFromScriptURL(nsIPrincipal* princ
   nsCOMPtr<nsIURI> uri;
   rv = nsContentUtils::NewURIWithDocumentCharset(getter_AddRefs(uri),
                                                  aScriptURL, parentDoc,
                                                  baseURI);
   if (NS_FAILED(rv)) {
     return NS_ERROR_DOM_SYNTAX_ERR;
   }
 
-  // If we have the document, use it. Unfortunately, for dedicated workers
-  // 'parentDoc' ends up being the parent document, which is not the document
-  // that we want to use. So make sure to avoid using 'parentDoc' in that
-  // situation.
-  if (parentDoc && parentDoc->NodePrincipal() != principal) {
-    parentDoc = nullptr;
-  }
-
   int16_t shouldLoad = nsIContentPolicy::ACCEPT;
   rv = NS_CheckContentLoadPolicy(aContentPolicyType, uri,
                                  principal, parentDoc,
                                  NS_LITERAL_CSTRING("text/javascript"),
                                  nullptr, &shouldLoad,
                                  nsContentUtils::GetContentPolicy(),
                                  secMan);
   if (NS_FAILED(rv) || NS_CP_REJECTED(shouldLoad)) {
@@ -167,21 +159,18 @@ ChannelFromScriptURL(nsIPrincipal* princ
   else {
     rv = secMan->CheckLoadURIWithPrincipal(principal, uri, 0);
     NS_ENSURE_SUCCESS(rv, NS_ERROR_DOM_SECURITY_ERR);
   }
 
   aLoadFlags |= nsIChannel::LOAD_CLASSIFY_URI;
 
   nsCOMPtr<nsIChannel> channel;
-  // If we have the document, use it. Unfortunately, for dedicated workers
-  // 'parentDoc' ends up being the parent document, which is not the document
-  // that we want to use. So make sure to avoid using 'parentDoc' in that
-  // situation.
-  if (parentDoc && parentDoc->NodePrincipal() == principal) {
+  // If we have the document, use it
+  if (parentDoc) {
     rv = NS_NewChannel(getter_AddRefs(channel),
                        uri,
                        parentDoc,
                        nsILoadInfo::SEC_NORMAL,
                        aContentPolicyType,
                        loadGroup,
                        nullptr, // aCallbacks
                        aLoadFlags,