Bug 1140638 - Disable CSP referrer directive. r=ckerschb, a=lmandel
authorSid Stamm <sstamm@mozilla.com>
Mon, 09 Mar 2015 11:04:00 -0400
changeset 250315 a982b8eabc42
parent 250314 173e1bbcd0b6
child 250316 8628f482efe0
push id4544
push userryanvm@gmail.com
push date2015-03-09 19:49 +0000
treeherdermozilla-beta@d59086707825 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersckerschb, lmandel
bugs1140638
milestone37.0
Bug 1140638 - Disable CSP referrer directive. r=ckerschb, a=lmandel
dom/base/test/csp/mochitest.ini
dom/security/nsCSPParser.cpp
dom/security/nsCSPUtils.h
--- a/dom/base/test/csp/mochitest.ini
+++ b/dom/base/test/csp/mochitest.ini
@@ -147,10 +147,10 @@ skip-if = buildapp == 'b2g' # intermitte
 [test_303_redirect.html]
 skip-if = buildapp == 'b2g' # intermittent orange (bug 1028490)
 [test_307_redirect.html]
 skip-if = buildapp == 'b2g' # intermittent orange (bug 1028490)
 [test_subframe_run_js_if_allowed.html]
 [test_leading_wildcard.html]
 [test_multi_policy_injection_bypass.html]
 [test_CSP_referrerdirective.html]
-skip-if = buildapp == 'b2g' #no ssl support
+skip-if = true # (disabled by bug 1140638) # buildapp == 'b2g' #no ssl support
 [test_worker_redirect.html]
--- a/dom/security/nsCSPParser.cpp
+++ b/dom/security/nsCSPParser.cpp
@@ -856,16 +856,19 @@ nsCSPParser::sourceList(nsTArray<nsCSPBa
                                params, ArrayLength(params));
     }
   }
 }
 
 void
 nsCSPParser::referrerDirectiveValue()
 {
+  // Disabled for now
+  return;
+
   // directive-value   = "none" / "none-when-downgrade" / "origin" / "origin-when-cross-origin" / "unsafe-url"
   // directive name is token 0, we need to examine the remaining tokens (and
   // there should only be one token in the value).
   CSPPARSERLOG(("nsCSPParser::referrerDirectiveValue"));
 
   if (mCurDir.Length() > 2) {
     CSPPARSERLOG(("Too many tokens in referrer directive, got %d expected 1",
                  mCurDir.Length() - 1));
--- a/dom/security/nsCSPUtils.h
+++ b/dom/security/nsCSPUtils.h
@@ -68,23 +68,25 @@ static const char* CSPStrDirectives[] = 
   "media-src",       // MEDIA_SRC_DIRECTIVE
   "frame-src",       // FRAME_SRC_DIRECTIVE
   "font-src",        // FONT_SRC_DIRECTIVE
   "connect-src",     // CONNECT_SRC_DIRECTIVE
   "report-uri",      // REPORT_URI_DIRECTIVE
   "frame-ancestors", // FRAME_ANCESTORS_DIRECTIVE
   "reflected-xss",   // REFLECTED_XSS_DIRECTIVE
   "base-uri",        // BASE_URI_DIRECTIVE
-  "form-action",     // FORM_ACTION_DIRECTIVE
-  "referrer"         // REFERRER_DIRECTIVE
+  "form-action"     // FORM_ACTION_DIRECTIVE
 };
+// referrer is disabled for now.
+// see https://bugzilla.mozilla.org/show_bug.cgi?id=1140638
 
 inline const char* CSP_CSPDirectiveToString(CSPDirective aDir)
 {
-  return CSPStrDirectives[static_cast<uint32_t>(aDir)];
+  uint32_t numDirs = (sizeof(CSPStrDirectives) / sizeof(CSPStrDirectives[0]));
+  return CSPStrDirectives[numDirs > aDir ? static_cast<uint32_t>(aDir) : 0];
 }
 
 inline CSPDirective CSP_StringToCSPDirective(const nsAString& aDir)
 {
   nsString lowerDir = PromiseFlatString(aDir);
   ToLowerCase(lowerDir);
 
   uint32_t numDirs = (sizeof(CSPStrDirectives) / sizeof(CSPStrDirectives[0]));