Backed out changeset f4f59e7c1be7 (
bug 1337543) for crashing in various mochitest and web-platform-tests, e.g. dom/security/test/csp/test_child-src_worker.html. r=backout on a CLOSED TREE
draft
Backed out changeset f4f59e7c1be7 (
bug 1337543) for crashing in various mochitest and web-platform-tests, e.g. dom/security/test/csp/test_child-src_worker.html. r=backout on a CLOSED TREE
--- a/dom/workers/ServiceWorkerPrivate.cpp
+++ b/dom/workers/ServiceWorkerPrivate.cpp
@@ -1738,33 +1738,33 @@ ServiceWorkerPrivate::SpawnWorkerIfNeede
info.mPrincipal = mInfo->GetPrincipal();
nsContentUtils::StorageAccess access =
nsContentUtils::StorageAllowedForPrincipal(info.mPrincipal);
info.mStorageAllowed = access > nsContentUtils::StorageAccess::ePrivateBrowsing;
info.mOriginAttributes = mInfo->GetOriginAttributes();
- // The ServiceWorkerRegistration principal should never have any CSP
- // set. The CSP from the page that registered the SW should not be
- // inherited. Verify this is the case in non-release builds
-#if defined(DEBUG) || !defined(RELEASE_OR_BETA)
nsCOMPtr<nsIContentSecurityPolicy> csp;
rv = info.mPrincipal->GetCsp(getter_AddRefs(csp));
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}
- MOZ_DIAGNOSTIC_ASSERT(!csp);
-#endif
-
- // Default CSP permissions for now. These will be overrided if necessary
- // based on the script CSP headers during load in ScriptLoader.
- info.mEvalAllowed = true;
- info.mReportCSPViolations = false;
+ info.mCSP = csp;
+ if (info.mCSP) {
+ rv = info.mCSP->GetAllowsEval(&info.mReportCSPViolations,
+ &info.mEvalAllowed);
+ if (NS_WARN_IF(NS_FAILED(rv))) {
+ return rv;
+ }
+ } else {
+ info.mEvalAllowed = true;
+ info.mReportCSPViolations = false;
+ }
WorkerPrivate::OverrideLoadInfoLoadGroup(info);
AutoJSAPI jsapi;
jsapi.Init();
ErrorResult error;
NS_ConvertUTF8toUTF16 scriptSpec(mInfo->ScriptSpec());