Bug 1490977: Assert content privileged about page has CSP. r=smaug
☠☠ backed out by d48fc7e23aa7 ☠ ☠
authorChristoph Kerschbaumer <ckerschb@christophkerschbaumer.com>
Tue, 18 Sep 2018 15:27:32 +0200
changeset 492830 b4ac15e185381a8e410b9c9515d15a26a4719520
parent 492829 65cb9952c79d99ea2f9843a9278fca82947bd431
child 492831 ec879fbc19cf26ab1f0e04818935cf834bc917f2
push id9984
push userffxbld-merge
push dateMon, 15 Oct 2018 21:07:35 +0000
treeherdermozilla-beta@183d27ea8570 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerssmaug
bugs1490977
milestone64.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1490977: Assert content privileged about page has CSP. r=smaug
dom/base/nsDocument.cpp
dom/security/test/general/mochitest.ini
dom/security/test/general/test_assert_about_page_no_csp.html
modules/libpref/init/all.js
--- a/dom/base/nsDocument.cpp
+++ b/dom/base/nsDocument.cpp
@@ -5290,17 +5290,18 @@ AssertContentPrivilegedAboutPageHasCSP(n
   NS_ENSURE_SUCCESS_VOID(rv);
 
   if (!(aboutModuleFlags & nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT)) {
     return;
   }
 
   // Potentially init the legacy whitelist of about URIs without a CSP.
   static StaticAutoPtr<nsTArray<nsCString>> sLegacyAboutPagesWithNoCSP;
-  if (!sLegacyAboutPagesWithNoCSP) {
+  if (!sLegacyAboutPagesWithNoCSP ||
+      Preferences::GetBool("csp.overrule_content_privileged_about_uris_without_csp_whitelist")) {
     sLegacyAboutPagesWithNoCSP = new nsTArray<nsCString>();
     nsAutoCString legacyAboutPages;
     Preferences::GetCString("csp.content_privileged_about_uris_without_csp",
       legacyAboutPages);
     for (const nsACString& hostString : legacyAboutPages.Split(',')) {
       // please note that for the actual whitelist we only store the path of
       // about: URI. Let's reassemble the full about URI here so we don't
       // have to remove query arguments later.
@@ -5329,16 +5330,20 @@ AssertContentPrivilegedAboutPageHasCSP(n
   nsAutoString parsedPolicyStr;
   if (csp) {
     uint32_t policyCount = 0;
      csp->GetPolicyCount(&policyCount);
      if (policyCount > 0) {
        csp->GetPolicyString(0, parsedPolicyStr);
      }
   }
+  if (Preferences::GetBool("csp.overrule_content_privileged_about_uris_without_csp_whitelist")) {
+    NS_ASSERTION(parsedPolicyStr.Find("default-src") >= 0, "about: page must have a CSP");
+    return;
+  }
   MOZ_ASSERT(parsedPolicyStr.Find("default-src") >= 0,
     "about: page must contain a CSP including default-src");
 }
 #endif
 
 void
 nsDocument::EndLoad()
 {
--- a/dom/security/test/general/mochitest.ini
+++ b/dom/security/test/general/mochitest.ini
@@ -37,8 +37,10 @@ skip-if = toolkit == 'android'
 [test_same_site_cookies_subrequest.html]
 [test_same_site_cookies_toplevel_nav.html]
 [test_same_site_cookies_cross_origin_context.html]
 [test_same_site_cookies_from_script.html]
 [test_same_site_cookies_redirect.html]
 [test_same_site_cookies_toplevel_set_cookie.html]
 [test_same_site_cookies_iframe.html]
 [test_same_site_cookies_about.html]
+[test_assert_about_page_no_csp.html]
+skip-if = !debug || toolkit == 'android'
new file mode 100644
--- /dev/null
+++ b/dom/security/test/general/test_assert_about_page_no_csp.html
@@ -0,0 +1,34 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <title>Bug 1490977: Test Assertion if content privileged about: page has no CSP</title>
+  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<iframe id="testframe"></iframe>
+<script class="testbody" type="text/javascript">
+
+  SimpleTest.waitForExplicitFinish();
+
+  SimpleTest.expectAssertions(0, 1);
+  // overruling the whitelist of about: pages that are allowed to load
+  // without a CSP and making sure to hit the assertion within
+  // AssertContentPrivilegedAboutPageHasCSP()
+
+  SpecialPowers.pushPrefEnv({set: [
+    ["csp.content_privileged_about_uris_without_csp", ""],
+    ["csp.overrule_content_privileged_about_uris_without_csp_whitelist", true]]
+  },
+  function() {
+    ok(true, "sanity: prefs flipped and test runs");
+    
+    let myFrame = document.getElementById("testframe");
+    myFrame.src = "about:blank";
+    // booom :-)
+    SimpleTest.finish();
+  });
+</script>
+</pre>
+</body>
+</html>
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -2578,16 +2578,18 @@ pref("font.blacklist.underline_offset", 
 pref("security.directory",              "");
 
 // security-sensitive dialogs should delay button enabling. In milliseconds.
 pref("security.dialog_enable_delay", 1000);
 pref("security.notification_enable_delay", 500);
 
 #if defined(DEBUG) && !defined(ANDROID)
 pref("csp.content_privileged_about_uris_without_csp", "blank,printpreview,srcdoc");
+// the following pref is for testing purposes only.
+pref("csp.overrule_content_privileged_about_uris_without_csp_whitelist", false);
 #endif
 
 // Default Content Security Policy to apply to signed contents.
 pref("security.signed_content.CSP.default", "script-src 'self'; style-src 'self'");
 
 // Mixed content blocking
 pref("security.mixed_content.block_active_content", false);
 pref("security.mixed_content.block_display_content", false);