Bug 1337543 P4 Apply CSP headers to ServiceWorker when loading offlined script. r=baku
☠☠ backed out by 34a69397de64 ☠ ☠
authorBen Kelly <ben@wanderview.com>
Mon, 13 Feb 2017 12:15:59 -0500
changeset 342523 9e09a36b7c0c3a8e9983c01d6cb88d3219811ca3
parent 342522 c0157164852c907e71c2d2e096a3b6eb6a23dba1
child 342524 a8b7ae2ed5775e61ea5a3c23088a6da415da0cb4
push id86894
push userbkelly@mozilla.com
push dateMon, 13 Feb 2017 17:16:04 +0000
treeherdermozilla-inbound@7508565a3a0d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbaku
bugs1337543
milestone54.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1337543 P4 Apply CSP headers to ServiceWorker when loading offlined script. r=baku
dom/workers/ScriptLoader.cpp
--- a/dom/workers/ScriptLoader.cpp
+++ b/dom/workers/ScriptLoader.cpp
@@ -465,16 +465,18 @@ private:
   uint32_t mIndex;
   RefPtr<ScriptLoaderRunnable> mRunnable;
   bool mIsWorkerScript;
   bool mFailed;
   nsCOMPtr<nsIInputStreamPump> mPump;
   nsCOMPtr<nsIURI> mBaseURI;
   mozilla::dom::ChannelInfo mChannelInfo;
   UniquePtr<PrincipalInfo> mPrincipalInfo;
+  nsCString mCSPHeaderValue;
+  nsCString mCSPReportOnlyHeaderValue;
 };
 
 NS_IMPL_ISUPPORTS(CacheScriptLoader, nsIStreamLoaderObserver)
 
 class CachePromiseHandler final : public PromiseNativeHandler
 {
 public:
   NS_DECL_ISUPPORTS
@@ -1157,17 +1159,19 @@ private:
 
     return NS_OK;
   }
 
   void
   DataReceivedFromCache(uint32_t aIndex, const uint8_t* aString,
                         uint32_t aStringLen,
                         const mozilla::dom::ChannelInfo& aChannelInfo,
-                        UniquePtr<PrincipalInfo> aPrincipalInfo)
+                        UniquePtr<PrincipalInfo> aPrincipalInfo,
+                        const nsACString& aCSPHeaderValue,
+                        const nsACString& aCSPReportOnlyHeaderValue)
   {
     AssertIsOnMainThread();
     MOZ_ASSERT(aIndex < mLoadInfos.Length());
     ScriptLoadInfo& loadInfo = mLoadInfos[aIndex];
     MOZ_ASSERT(loadInfo.mCacheStatus == ScriptLoadInfo::Cached);
 
     nsCOMPtr<nsIPrincipal> responsePrincipal =
       PrincipalInfoToPrincipal(*aPrincipalInfo);
@@ -1213,16 +1217,20 @@ private:
       nsCOMPtr<nsIContentSecurityPolicy> csp;
       MOZ_ALWAYS_SUCCEEDS(responsePrincipal->GetCsp(getter_AddRefs(csp)));
       MOZ_DIAGNOSTIC_ASSERT(!csp);
 #endif
 
       mWorkerPrivate->InitChannelInfo(aChannelInfo);
       rv = mWorkerPrivate->SetPrincipalOnMainThread(responsePrincipal, loadGroup);
       MOZ_DIAGNOSTIC_ASSERT(NS_SUCCEEDED(rv));
+
+      rv = mWorkerPrivate->SetCSPFromHeaderValues(aCSPHeaderValue,
+                                                  aCSPReportOnlyHeaderValue);
+      MOZ_DIAGNOSTIC_ASSERT(NS_SUCCEEDED(rv));
     }
 
     if (NS_SUCCEEDED(rv)) {
       DataReceived();
     }
 
     LoadingFinished(aIndex, rv);
   }
@@ -1621,28 +1629,37 @@ CacheScriptLoader::ResolvedCallback(JSCo
   JS::Rooted<JSObject*> obj(aCx, &aValue.toObject());
   mozilla::dom::Response* response = nullptr;
   rv = UNWRAP_OBJECT(Response, obj, response);
   if (NS_WARN_IF(NS_FAILED(rv))) {
     Fail(rv);
     return;
   }
 
+  InternalHeaders* headers = response->GetInternalHeaders();
+
+  IgnoredErrorResult ignored;
+  headers->Get(NS_LITERAL_CSTRING("content-security-policy"),
+               mCSPHeaderValue, ignored);
+  headers->Get(NS_LITERAL_CSTRING("content-security-policy-report-only"),
+               mCSPReportOnlyHeaderValue, ignored);
+
   nsCOMPtr<nsIInputStream> inputStream;
   response->GetBody(getter_AddRefs(inputStream));
   mChannelInfo = response->GetChannelInfo();
   const UniquePtr<PrincipalInfo>& pInfo = response->GetPrincipalInfo();
   if (pInfo) {
     mPrincipalInfo = mozilla::MakeUnique<PrincipalInfo>(*pInfo);
   }
 
   if (!inputStream) {
     mLoadInfo.mCacheStatus = ScriptLoadInfo::Cached;
     mRunnable->DataReceivedFromCache(mIndex, (uint8_t*)"", 0, mChannelInfo,
-                                     Move(mPrincipalInfo));
+                                     Move(mPrincipalInfo), mCSPHeaderValue,
+                                     mCSPReportOnlyHeaderValue);
     return;
   }
 
   MOZ_ASSERT(!mPump);
   rv = NS_NewInputStreamPump(getter_AddRefs(mPump), inputStream);
   if (NS_WARN_IF(NS_FAILED(rv))) {
     Fail(rv);
     return;
@@ -1692,17 +1709,18 @@ CacheScriptLoader::OnStreamComplete(nsIS
     return NS_OK;
   }
 
   MOZ_ASSERT(mLoadInfo.mCacheStatus == ScriptLoadInfo::ReadingFromCache);
   mLoadInfo.mCacheStatus = ScriptLoadInfo::Cached;
 
   MOZ_ASSERT(mPrincipalInfo);
   mRunnable->DataReceivedFromCache(mIndex, aString, aStringLen, mChannelInfo,
-                                   Move(mPrincipalInfo));
+                                   Move(mPrincipalInfo), mCSPHeaderValue,
+                                   mCSPReportOnlyHeaderValue);
   return NS_OK;
 }
 
 class ChannelGetterRunnable final : public WorkerMainThreadRunnable
 {
   const nsAString& mScriptURL;
   WorkerLoadInfo& mLoadInfo;
   nsresult mResult;