Mercurial > mozilla-central / changeset / 9ba869669bb94da27beeb2fa9fed7b9809f1a39b
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1031372 - CSP parser should accept 127.0.0.1:* (r=sstamm)
authorChristoph Kerschbaumer <mozilla@christophkerschbaumer.com>
Fri, 27 Jun 2014 09:51:57 -0700
changeset 191322 9ba869669bb94da27beeb2fa9fed7b9809f1a39b
parent 191321 3f4fe642a89367032843b2fc1527b1eb67d72f43
child 191323 5c66257995856dec441d51bf217d672532b3a7d4
push id27041
push userphilringnalda@gmail.com
push dateSun, 29 Jun 2014 00:39:21 +0000
treeherdermozilla-central@afa67a2f7905 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerssstamm
bugs1031372
milestone33.0a1
first release with
nightly linux32
afa67a2f7905 / 33.0a1 / 20140629030206 / files
nightly linux64
afa67a2f7905 / 33.0a1 / 20140629030206 / files
nightly mac
afa67a2f7905 / 33.0a1 / 20140629030206 / files
nightly win32
afa67a2f7905 / 33.0a1 / 20140629030206 / files
nightly win64
afa67a2f7905 / 33.0a1 / 20140629030206 / files
last release without
nightly linux32
be076357691c / 33.0a1 / 20140627030212 / files
nightly linux64
be076357691c / 33.0a1 / 20140627030212 / files
nightly mac
be076357691c / 33.0a1 / 20140627030212 / files
nightly win32
be076357691c / 33.0a1 / 20140627030212 / files
nightly win64
be076357691c / 33.0a1 / 20140627030212 / files
Bug 1031372 - CSP parser should accept 127.0.0.1:* (r=sstamm)
content/base/src/nsCSPParser.cpp file | annotate | diff | comparison | revisions
content/base/test/TestCSPParser.cpp file | annotate | diff | comparison | revisions 
--- a/content/base/src/nsCSPParser.cpp
+++ b/content/base/src/nsCSPParser.cpp
@@ -325,17 +325,17 @@ nsCSPParser::subHost()
   uint32_t charCounter = 0;
 
   while (!atEnd() && !peek(COLON) && !peek(SLASH)) {
     ++charCounter;
     while (hostChar()) {
       /* consume */
       ++charCounter;
     }
-    if (accept(DOT) && !accept(isCharacterToken)) {
+    if (accept(DOT) && !hostChar()) {
       return false;
     }
     if (charCounter > kSubHostPathCharacterCutoff) {
       return false;
     }
   }
   return true;
 }
@@ -361,18 +361,18 @@ nsCSPParser::host()
     if (!accept(DOT)) {
       const char16_t* params[] = { mCurToken.get() };
       logWarningErrorToConsole(nsIScriptError::warningFlag, "couldntParseInvalidHost",
                                params, ArrayLength(params));
       return nullptr;
     }
   }
 
-  // Expecting at least one Character
-  if (!accept(isCharacterToken)) {
+  // Expecting at least one host-char
+  if (!hostChar()) {
     const char16_t* params[] = { mCurToken.get() };
     logWarningErrorToConsole(nsIScriptError::warningFlag, "couldntParseInvalidHost",
                              params, ArrayLength(params));
     return nullptr;
   }
 
   // There might be several sub hosts defined.
   if (!subHost()) {
@@ -679,16 +679,17 @@ nsCSPParser::sourceList(nsTArray<nsCSPBa
 {
   bool isNone = false;
 
   // remember, srcs start at index 1
   for (uint32_t i = 1; i < mCurDir.Length(); i++) {
     // mCurToken is only set here and remains the current token
     // to be processed, which avoid passing arguments between functions.
     mCurToken = mCurDir[i];
+    resetCurValue();
 
     CSPPARSERLOG(("nsCSPParser::sourceList, mCurToken: %s, mCurValue: %s",
                  NS_ConvertUTF16toUTF8(mCurToken).get(),
                  NS_ConvertUTF16toUTF8(mCurValue).get()));
 
     // Special case handling for none:
     // Ignore 'none' if any other src is available.
     // (See http://www.w3.org/TR/CSP11/#parsing)
--- a/content/base/test/TestCSPParser.cpp
+++ b/content/base/test/TestCSPParser.cpp
@@ -390,16 +390,24 @@ nsresult TestSimplePolicies() {
     { " ; ; ; ;     default-src            abc    ; ; ; ;",
       "default-src http://abc" },
     { "script-src 'none' 'none' 'none';",
       "script-src 'none'" },
     { "script-src http://www.example.com/path-1//",
       "script-src http://www.example.com" },
     { "script-src http://www.example.com/path-1//path_2",
       "script-src http://www.example.com" },
+    { "default-src 127.0.0.1",
+      "default-src http://127.0.0.1" },
+    { "default-src 127.0.0.1:*",
+      "default-src http://127.0.0.1:*" },
+    { "default-src -; ",
+      "default-src http://-" },
+    { "script-src 1",
+      "script-src http://1" }
   };
 
   uint32_t policyCount = sizeof(policies) / sizeof(PolicyTest);
   return runTestSuite(policies, policyCount, 1);
 }
 
 // ============================= TestPoliciesThatLogWarning ========================
 
@@ -427,18 +435,16 @@ nsresult TestBadPolicies() {
     { "default-src 'self", "" },
     { "script-sr 'self", "" },
     { "default-src 'unsafe-inlin' ", "" },
     { "default-src */", "" },
     { "default-src", "" },
     { "", "" },
     { "; ; ; ; ; ; ;", "" },
     { "defaut-src asdf", "" },
-    { "default-src -; ", "" },
-    { "script-src 1", "" },
     { "default-src: aaa", "" },
     { "default-src 'unsafe-inlin' ", "" },
     { "default-src :88", "" },
     { "script-src abc::::::88", "" },
     { "asdf http://test.com", ""},
     { "script-src *.*:*", "" },
     { "img-src *::88", "" },
     { "object-src http://localhost:", "" },
mozilla-central
Deployed from 18d8b634a3eb at 2022-06-27T19:41:42Z.