Bug 1337543 P3 Factor out code to set WorkerPrivate CSP from headers. r=baku
authorBen Kelly <ben@wanderview.com>
Tue, 14 Feb 2017 10:06:38 -0500
changeset 342806 09ed4ec4508ce262da717b48967ae7e83ba2adac
parent 342805 c33d6a0b13dc68131e85772e874f24b0b1cd6266
child 342807 5ecd462326b01168a5d8c3ae25909e3b0a6fb738
push id31363
push userkwierso@gmail.com
push dateTue, 14 Feb 2017 21:12:30 +0000
treeherdermozilla-central@1060668405a9 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbaku
bugs1337543
milestone54.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1337543 P3 Factor out code to set WorkerPrivate CSP from headers. r=baku
dom/workers/ScriptLoader.cpp
dom/workers/WorkerPrivate.cpp
dom/workers/WorkerPrivate.h
--- a/dom/workers/ScriptLoader.cpp
+++ b/dom/workers/ScriptLoader.cpp
@@ -1129,58 +1129,19 @@ private:
       // Store the channel info if needed.
       mWorkerPrivate->InitChannelInfo(channel);
 
       MOZ_DIAGNOSTIC_ASSERT(mWorkerPrivate->FinalChannelPrincipalIsValid(channel));
 
       // We did inherit CSP in bug 1223647. If we do not already have a CSP, we
       // should get it from the HTTP headers on the worker script.
       if (!mWorkerPrivate->GetCSP() && CSPService::sCSPEnabled) {
-        NS_ConvertASCIItoUTF16 cspHeaderValue(tCspHeaderValue);
-        NS_ConvertASCIItoUTF16 cspROHeaderValue(tCspROHeaderValue);
-
-        nsIPrincipal* principal = mWorkerPrivate->GetPrincipal();
-        MOZ_ASSERT(principal, "Should not be null");
-
-        nsCOMPtr<nsIContentSecurityPolicy> csp;
-        rv = principal->EnsureCSP(nullptr, getter_AddRefs(csp));
-
-        if (csp) {
-          // If there's a CSP header, apply it.
-          if (!cspHeaderValue.IsEmpty()) {
-            rv = CSP_AppendCSPFromHeader(csp, cspHeaderValue, false);
-            NS_ENSURE_SUCCESS(rv, rv);
-          }
-          // If there's a report-only CSP header, apply it.
-          if (!cspROHeaderValue.IsEmpty()) {
-            rv = CSP_AppendCSPFromHeader(csp, cspROHeaderValue, true);
-            NS_ENSURE_SUCCESS(rv, rv);
-          }
-
-          // Set evalAllowed, default value is set in GetAllowsEval
-          bool evalAllowed = false;
-          bool reportEvalViolations = false;
-          rv = csp->GetAllowsEval(&reportEvalViolations, &evalAllowed);
-          NS_ENSURE_SUCCESS(rv, rv);
-
-          mWorkerPrivate->SetCSP(csp);
-          mWorkerPrivate->SetEvalAllowed(evalAllowed);
-          mWorkerPrivate->SetReportCSPViolations(reportEvalViolations);
-
-          // Set ReferrerPolicy, default value is set in GetReferrerPolicy
-          bool hasReferrerPolicy = false;
-          uint32_t rp = mozilla::net::RP_Unset;
-          rv = csp->GetReferrerPolicy(&rp, &hasReferrerPolicy);
-          NS_ENSURE_SUCCESS(rv, rv);
-
-
-          if (hasReferrerPolicy) { //FIXME bug 1307366: move RP out of CSP code
-            mWorkerPrivate->SetReferrerPolicy(static_cast<net::ReferrerPolicy>(rp));
-          }
-        }
+        rv = mWorkerPrivate->SetCSPFromHeaderValues(tCspHeaderValue,
+                                                    tCspROHeaderValue);
+        NS_ENSURE_SUCCESS(rv, rv);
       }
       WorkerPrivate* parent = mWorkerPrivate->GetParent();
       if (parent) {
         // XHR Params Allowed
         mWorkerPrivate->SetXHRParamsAllowed(parent->XHRParamsAllowed());
       }
     }
 
--- a/dom/workers/WorkerPrivate.cpp
+++ b/dom/workers/WorkerPrivate.cpp
@@ -53,16 +53,17 @@
 #include "mozilla/dom/Exceptions.h"
 #include "mozilla/dom/ExtendableMessageEventBinding.h"
 #include "mozilla/dom/FunctionBinding.h"
 #include "mozilla/dom/IndexedDatabaseManager.h"
 #include "mozilla/dom/MessageEvent.h"
 #include "mozilla/dom/MessageEventBinding.h"
 #include "mozilla/dom/MessagePort.h"
 #include "mozilla/dom/MessagePortBinding.h"
+#include "mozilla/dom/nsCSPUtils.h"
 #include "mozilla/dom/Performance.h"
 #include "mozilla/dom/PMessagePort.h"
 #include "mozilla/dom/Promise.h"
 #include "mozilla/dom/PromiseDebugging.h"
 #include "mozilla/dom/PromiseNativeHandler.h"
 #include "mozilla/dom/SimpleGlobalObject.h"
 #include "mozilla/dom/ScriptSettings.h"
 #include "mozilla/dom/StructuredCloneHolder.h"
@@ -2591,16 +2592,67 @@ WorkerPrivateParent<Derived>::GetDocumen
       return parent->mLoadInfo.mWindow->GetExtantDoc();
     }
     parent = parent->GetParent();
   }
   // couldn't query a document, give up and return nullptr
   return nullptr;
 }
 
+template <class Derived>
+nsresult
+WorkerPrivateParent<Derived>::SetCSPFromHeaderValues(const nsACString& aCSPHeaderValue,
+                                                     const nsACString& aCSPReportOnlyHeaderValue)
+{
+  AssertIsOnMainThread();
+  MOZ_DIAGNOSTIC_ASSERT(!mLoadInfo.mCSP);
+
+  NS_ConvertASCIItoUTF16 cspHeaderValue(aCSPHeaderValue);
+  NS_ConvertASCIItoUTF16 cspROHeaderValue(aCSPReportOnlyHeaderValue);
+
+  nsCOMPtr<nsIContentSecurityPolicy> csp;
+  nsresult rv = mLoadInfo.mPrincipal->EnsureCSP(nullptr, getter_AddRefs(csp));
+  if (!csp) {
+    return NS_OK;
+  }
+
+  // If there's a CSP header, apply it.
+  if (!cspHeaderValue.IsEmpty()) {
+    rv = CSP_AppendCSPFromHeader(csp, cspHeaderValue, false);
+    NS_ENSURE_SUCCESS(rv, rv);
+  }
+  // If there's a report-only CSP header, apply it.
+  if (!cspROHeaderValue.IsEmpty()) {
+    rv = CSP_AppendCSPFromHeader(csp, cspROHeaderValue, true);
+    NS_ENSURE_SUCCESS(rv, rv);
+  }
+
+  // Set evalAllowed, default value is set in GetAllowsEval
+  bool evalAllowed = false;
+  bool reportEvalViolations = false;
+  rv = csp->GetAllowsEval(&reportEvalViolations, &evalAllowed);
+  NS_ENSURE_SUCCESS(rv, rv);
+
+  // Set ReferrerPolicy, default value is set in GetReferrerPolicy
+  bool hasReferrerPolicy = false;
+  uint32_t rp = mozilla::net::RP_Unset;
+  rv = csp->GetReferrerPolicy(&rp, &hasReferrerPolicy);
+  NS_ENSURE_SUCCESS(rv, rv);
+
+  mLoadInfo.mCSP = csp;
+  mLoadInfo.mEvalAllowed = evalAllowed;
+  mLoadInfo.mReportCSPViolations = reportEvalViolations;
+
+  if (hasReferrerPolicy) {
+    mLoadInfo.mReferrerPolicy = static_cast<net::ReferrerPolicy>(rp);
+  }
+
+  return NS_OK;
+}
+
 
 // Can't use NS_IMPL_CYCLE_COLLECTION_CLASS(WorkerPrivateParent) because of the
 // templates.
 template <class Derived>
 typename WorkerPrivateParent<Derived>::cycleCollection
   WorkerPrivateParent<Derived>::_cycleCollectorGlobal =
     WorkerPrivateParent<Derived>::cycleCollection();
 
--- a/dom/workers/WorkerPrivate.h
+++ b/dom/workers/WorkerPrivate.h
@@ -660,16 +660,20 @@ public:
 
   void
   SetCSP(nsIContentSecurityPolicy* aCSP)
   {
     AssertIsOnMainThread();
     mLoadInfo.mCSP = aCSP;
   }
 
+  nsresult
+  SetCSPFromHeaderValues(const nsACString& aCSPHeaderValue,
+                         const nsACString& aCSPReportOnlyHeaderValue);
+
   net::ReferrerPolicy
   GetReferrerPolicy() const
   {
     return mLoadInfo.mReferrerPolicy;
   }
 
   void
   SetReferrerPolicy(net::ReferrerPolicy aReferrerPolicy)