Bug 1570658 - Add a Flag for Navigation-Nosniff r=ckerschb
authorSebastian Streich <sstreich@mozilla.com>
Wed, 14 Aug 2019 07:07:33 +0000
changeset 487890 c49cb61113067622d0a7117443f00bd78439b65d
parent 487889 9ea2d91e7e915dd8eea3094378620d238874dbc3
child 487891 cd37bc4841c455b5c5a228e3930bf0f9f6f5cb3a
push id36433
push userbtara@mozilla.com
push dateWed, 14 Aug 2019 21:57:52 +0000
treeherdermozilla-central@7d9a2196d313 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersckerschb
bugs1570658
milestone70.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1570658 - Add a Flag for Navigation-Nosniff r=ckerschb *** Revert Changes to Test Differential Revision: https://phabricator.services.mozilla.com/D40618
dom/security/test/general/mochitest.ini
modules/libpref/init/StaticPrefList.yaml
netwerk/protocol/http/nsHttpChannel.cpp
netwerk/protocol/http/nsHttpHandler.cpp
netwerk/protocol/http/nsHttpHandler.h
--- a/dom/security/test/general/mochitest.ini
+++ b/dom/security/test/general/mochitest.ini
@@ -20,16 +20,17 @@ support-files =
   file_same_site_cookies_blob_iframe_navigation.html
   file_same_site_cookies_blob_iframe_inclusion.html
   file_same_site_cookies_iframe.html
   file_same_site_cookies_iframe.sjs
   file_same_site_cookies_about_navigation.html
   file_same_site_cookies_about_inclusion.html
   file_same_site_cookies_about.sjs
 
+
 [test_contentpolicytype_targeted_link_iframe.html]
 [test_nosniff.html]
 [test_nosniff_navigation.html]
 [test_block_script_wrong_mime.html]
 [test_block_toplevel_data_navigation.html]
 skip-if = toolkit == 'android' # intermittent failure
 [test_block_toplevel_data_img_navigation.html]
 skip-if = toolkit == 'android' # intermittent failure
--- a/modules/libpref/init/StaticPrefList.yaml
+++ b/modules/libpref/init/StaticPrefList.yaml
@@ -1959,16 +1959,21 @@
   mirror: always
 
 # This pref enables the featurePolicy header support.
 - name: dom.security.featurePolicy.header.enabled
   type: bool
   value: @IS_NIGHTLY_BUILD@
   mirror: always
 
+- name: dom.security.respect_document_nosniff
+  type: RelaxedAtomicBool
+  value: true
+  mirror: always
+
 # Expose the 'policy' attribute in document and HTMLIFrameElement
 - name: dom.security.featurePolicy.webidl.enabled
   type: bool
   value: @IS_NIGHTLY_BUILD@
   mirror: always
 
 # Is support for selection event APIs enabled?
 - name: dom.select_events.enabled
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -1436,19 +1436,21 @@ nsresult ProcessXCTO(nsHttpChannel* aCha
     if (nsContentUtils::IsJavascriptMIMEType(
             NS_ConvertUTF8toUTF16(contentType))) {
       return NS_OK;
     }
     ReportMimeTypeMismatch(aChannel, "MimeTypeMismatch2", aURI, contentType,
                            Report::Error);
     return NS_ERROR_CORRUPTED_CONTENT;
   }
+
   auto policyType = aLoadInfo->GetExternalContentPolicyType();
-  if (policyType == nsIContentPolicy::TYPE_DOCUMENT ||
-      policyType == nsIContentPolicy::TYPE_SUBDOCUMENT) {
+  if ((policyType == nsIContentPolicy::TYPE_DOCUMENT ||
+       policyType == nsIContentPolicy::TYPE_SUBDOCUMENT) &&
+      gHttpHandler->IsDocumentNosniffEnabled()) {
     // If the header XCTO nosniff is set for any browsing context, then
     // we set the skipContentSniffing flag on the Loadinfo. Within
     // NS_SniffContent we then bail early and do not do any sniffing.
     aLoadInfo->SetSkipContentSniffing(true);
     return NS_OK;
   }
 
   return NS_OK;
--- a/netwerk/protocol/http/nsHttpHandler.cpp
+++ b/netwerk/protocol/http/nsHttpHandler.cpp
@@ -104,17 +104,17 @@
 #endif
 
 #define HTTP_PREF_PREFIX "network.http."
 #define INTL_ACCEPT_LANGUAGES "intl.accept_languages"
 #define BROWSER_PREF_PREFIX "browser.cache."
 #define H2MANDATORY_SUITE "security.ssl3.ecdhe_rsa_aes_128_gcm_sha256"
 #define SAFE_HINT_HEADER_VALUE "safeHint.enabled"
 #define SECURITY_PREFIX "security."
-
+#define DOM_SECURITY_PREFIX "dom.security"
 #define TCP_FAST_OPEN_ENABLE "network.tcp.tcp_fastopen_enable"
 #define TCP_FAST_OPEN_FAILURE_LIMIT \
   "network.tcp.tcp_fastopen_consecutive_failure_limit"
 #define TCP_FAST_OPEN_STALLS_LIMIT "network.tcp.tcp_fastopen_http_stalls_limit"
 #define TCP_FAST_OPEN_STALLS_IDLE \
   "network.tcp.tcp_fastopen_http_check_for_stalls_only_if_idle_for"
 #define TCP_FAST_OPEN_STALLS_TIMEOUT \
   "network.tcp.tcp_fastopen_http_stalls_timeout"
@@ -264,16 +264,17 @@ nsHttpHandler::nsHttpHandler()
       mConnectTimeout(90000),
       mTLSHandshakeTimeout(30000),
       mParallelSpeculativeConnectLimit(6),
       mRequestTokenBucketEnabled(true),
       mRequestTokenBucketMinParallelism(6),
       mRequestTokenBucketHz(100),
       mRequestTokenBucketBurst(32),
       mCriticalRequestPrioritization(true),
+      mRespectDocumentNoSniff(true),
       mTCPKeepaliveShortLivedEnabled(false),
       mTCPKeepaliveShortLivedTimeS(60),
       mTCPKeepaliveShortLivedIdleTimeS(10),
       mTCPKeepaliveLongLivedEnabled(false),
       mTCPKeepaliveLongLivedIdleTimeS(600),
       mEnforceH1Framing(FRAMECHECK_BARELY),
       mDefaultHpackBuffer(4096),
       mBug1563538(true),
@@ -426,16 +427,17 @@ static const char* gCallbackPrefs[] = {
     UA_PREF_PREFIX,
     INTL_ACCEPT_LANGUAGES,
     BROWSER_PREF("disk_cache_ssl"),
     H2MANDATORY_SUITE,
     HTTP_PREF("tcp_keepalive.short_lived_connections"),
     HTTP_PREF("tcp_keepalive.long_lived_connections"),
     SAFE_HINT_HEADER_VALUE,
     SECURITY_PREFIX,
+    DOM_SECURITY_PREFIX,
     TCP_FAST_OPEN_ENABLE,
     TCP_FAST_OPEN_FAILURE_LIMIT,
     TCP_FAST_OPEN_STALLS_LIMIT,
     TCP_FAST_OPEN_STALLS_IDLE,
     TCP_FAST_OPEN_STALLS_TIMEOUT,
     nullptr,
 };
 
@@ -1554,16 +1556,24 @@ void nsHttpHandler::PrefsChanged(const c
   // Whether or not to block requests for non head js/css items (e.g. media)
   // while those elements load.
   if (PREF_CHANGED(HTTP_PREF("rendering-critical-requests-prioritization"))) {
     rv = Preferences::GetBool(
         HTTP_PREF("rendering-critical-requests-prioritization"), &cVar);
     if (NS_SUCCEEDED(rv)) mCriticalRequestPrioritization = cVar;
   }
 
+  // Whether to respect X-Content-Type nosniff on Page loads
+  if (PREF_CHANGED("dom.security.respect_document_nosniff")) {
+    rv = Preferences::GetBool("dom.security.respect_document_nosniff", &cVar);
+    if (NS_SUCCEEDED(rv)) {
+      mRespectDocumentNoSniff = cVar;
+    }
+  }
+
   // on transition of network.http.diagnostics to true print
   // a bunch of information to the console
   if (pref && PREF_CHANGED(HTTP_PREF("diagnostics"))) {
     rv = Preferences::GetBool(HTTP_PREF("diagnostics"), &cVar);
     if (NS_SUCCEEDED(rv) && cVar) {
       if (mConnMgr) mConnMgr->PrintDiagnostics();
     }
   }
--- a/netwerk/protocol/http/nsHttpHandler.h
+++ b/netwerk/protocol/http/nsHttpHandler.h
@@ -152,16 +152,18 @@ class nsHttpHandler final : public nsIHt
   uint32_t ConnectTimeout() { return mConnectTimeout; }
   uint32_t TLSHandshakeTimeout() { return mTLSHandshakeTimeout; }
   uint32_t ParallelSpeculativeConnectLimit() {
     return mParallelSpeculativeConnectLimit;
   }
   bool CriticalRequestPrioritization() {
     return mCriticalRequestPrioritization;
   }
+
+  bool IsDocumentNosniffEnabled() { return mRespectDocumentNoSniff; }
   bool UseH2Deps() { return mUseH2Deps; }
   bool IsH2WebsocketsEnabled() { return mEnableH2Websockets; }
 
   uint32_t MaxConnectionsPerOrigin() {
     return mMaxPersistentConnectionsPerServer;
   }
   bool UseRequestTokenBucket() { return mRequestTokenBucketEnabled; }
   uint16_t RequestTokenBucketMinParallelism() {
@@ -648,16 +650,19 @@ class nsHttpHandler final : public nsIHt
   uint16_t mRequestTokenBucketMinParallelism;
   uint32_t mRequestTokenBucketHz;     // EventTokenBucket HZ
   uint32_t mRequestTokenBucketBurst;  // EventTokenBucket Burst
 
   // Whether or not to block requests for non head js/css items (e.g. media)
   // while those elements load.
   bool mCriticalRequestPrioritization;
 
+  // Whether to respect X-Content-Type nosniff on Page loads
+  bool mRespectDocumentNoSniff;
+
   // TCP Keepalive configuration values.
 
   // True if TCP keepalive is enabled for short-lived conns.
   bool mTCPKeepaliveShortLivedEnabled;
   // Time (secs) indicating how long a conn is considered short-lived.
   int32_t mTCPKeepaliveShortLivedTimeS;
   // Time (secs) before first keepalive probe; between successful probes.
   int32_t mTCPKeepaliveShortLivedIdleTimeS;