Bug 1021972 - csp attribute in manifest doesnt actually apply a CSP. r=ochameau, a=bajaj
authorFabrice Desré <fabrice@mozilla.com>
Wed, 10 Sep 2014 23:24:29 -0700
changeset 224893 c7477d4b33e7d2f9c73acd9384476ff1d7da91b1
parent 224892 f10762a502501e4d9703acfec7504eb3613569f5
child 224894 66038a4dab32b65f8b72171134f2d3f1f67a8999
push id3979
push userraliiev@mozilla.com
push dateMon, 13 Oct 2014 16:35:44 +0000
treeherdermozilla-beta@30f2cc610691 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersochameau, bajaj
bugs1021972
milestone34.0a2
Bug 1021972 - csp attribute in manifest doesnt actually apply a CSP. r=ochameau, a=bajaj
toolkit/devtools/apps/tests/data/app.zip
toolkit/devtools/apps/tests/unit/data/app.zip
toolkit/devtools/apps/tests/unit/test_webappsActor.js
toolkit/devtools/server/actors/webapps.js
index 511025975f9e0a5e759090086991504e9b9d9b83..9eaff3bc4c130fed28121f3f96163efdf0d1c352
GIT binary patch
literal 505
zc$^FHW@Zs#U|`^2IFdTgi7D`)iaU@O3&dOuG7On{DXA5D86~+np&^_M%pVri2ZC^E
z1vdjD%L`@(1~9QX(C4JT-bx*h&=VRb&u)CYsWEV6r)HU%>P%J3m1SnX45V~UrB0qQ
zKPdC~(ghD@#7v4`5-=$$X3>O*fCa}>7xPbK)MA;<#1H^?%E3NOSMyU(Ph<gkT|mqa
zbV_bwUS?Wqafx1eYEoiB0oXlS3;9Dp7|lJVJ&s&VhCB@KYh7PNZvVb7`F+sli(=b6
zGnBbD)yI2(v@$+(ow34iY7NW&AajpZ|BPO^$wmiiAF7Z1!I{77|0F(6-&;E0za*V8
z_nqc0$(8>la?{n?sy9|Y?!;Cf=D6vT%)vjAb!k=k4&eZAMkYCCT;V6d00N9ayrmJu
sLJmz<NNA$D9N9d~KtMLH8%SaV2`eN>Fbrj718HOe!lgjk4rBrY07=}KG5`Po
index fedb08504084514ce38582b2adec6f455e54ac7c..4f838a2a13d79d9ff62de801353d19834b38d7f0
GIT binary patch
literal 1139
zc$^FHW@Zs#U|`^2IFdTgi7D`)iaU@O3&dOuG7On{DXA5D86~+np&^_M%pVri2ZC^E
z1vdjD%L`@(1~9QX(C4JT-bx*h&=VRb&u)CYsWEV6r)HU%>P%J3m1SnX45V~UrB0qQ
zKPdC~(ghD@#7v4`5-=$$X3>O*fCa}>7xPbK)MA;<#1H^?N`Akl>x7-bm!|=FZ-JN}
z=#<>Vyv(%J;u5{`)TG3M0<e1u7x9OHFq(UO&pC268wj*M+`C+2(>kxCULR%dPB&Sm
zwqWu>pG?O+)#`0Y)ARSqPuj{5up)hRRe-s)q{&39rLPkfN7`)U|KZ%Pyyva+B#v7J
z5k;0S#ih#C&+1Lxdi-FW*746%?#^xqOqr^<IlEZ(`lf8{LxtyE&Yk_LAo>4V%&x;J
zZ`8KD^`GJ4`MLk}ju~<?#$QYS@+>q;3_BWD!-(+S?MZ)~SRX{_H~@LBK+FRQ>E!%8
zT|*-ay@I@Su;1=Z`xe+Z{Tq5%zvlT+{QT*pM@b0@559gW;AFbgqj2URi;DUb_WR61
zHuLoQ6lJbYuAgIn;J|@1Cr&67ZZBsJm~-&*)$^%ygPnwt0$FhKUnjp~7ervL;D))v
z%mnTT$LSO}f;UL#hNMKWq~x6Gkrm8GC2eB=#$2;hHDLrhf{OtJ_<=zop%@*+0d^8n
zP#Bq-!CetI^;;kaqqzd8qymV!0=yZS<d|_KVhON4j6l4l5yV1H(yWjqjb<*gd6+2?
z*}QHbiIFZ@A?Xs2p_uUxF%$&8HD&?LMokT@kko+3M9jEEHt_?@L|DwSLSh!Hfw<xY
f+25s13}~^$3W+5Q6It0nx>$j57EtS9CJ+w*BMnmz
--- a/toolkit/devtools/apps/tests/unit/test_webappsActor.js
+++ b/toolkit/devtools/apps/tests/unit/test_webappsActor.js
@@ -45,16 +45,17 @@ add_test(function testGetAll() {
       let app = apps[i];
       if (app.id == gAppId) {
         do_check_eq(app.name, "Test app");
         do_check_eq(app.manifest.description, "Testing webapps actor");
         do_check_eq(app.manifest.launch_path, "/index.html");
         do_check_eq(app.origin, APP_ORIGIN);
         do_check_eq(app.installOrigin, app.origin);
         do_check_eq(app.manifestURL, app.origin + "/manifest.webapp");
+        do_check_eq(app.csp, "script-src: http://foo.com");
         run_next_test();
         return;
       }
     }
     do_throw("Unable to find the test app by its id");
   });
 });
 
@@ -233,17 +234,18 @@ add_test(function testBulkUploadInstall(
 add_test(function testInstallHosted() {
   gAppId = "hosted-app";
   let metadata = {
     origin: "http://foo.com",
     installOrigin: "http://metadata.foo.com",
     manifestURL: "http://foo.com/metadata/manifest.webapp"
   };
   let manifest = {
-    name: "My hosted app"
+    name: "My hosted app",
+    csp: "script-src: http://foo.com"
   };
   installHosted(gClient, gActor, gAppId, metadata, manifest).then(
     function ({ appId }) {
       do_check_eq(appId, gAppId);
       run_next_test();
     },
     function (e) {
       do_throw("Failed installing hosted app: " + e.error + ": " + e.message);
@@ -259,16 +261,17 @@ add_test(function testCheckHostedApp() {
     do_check_true(apps.length > 0);
     for (let i = 0; i < apps.length; i++) {
       let app = apps[i];
       if (app.id == gAppId) {
         do_check_eq(app.name, "My hosted app");
         do_check_eq(app.origin, "http://foo.com");
         do_check_eq(app.installOrigin, "http://metadata.foo.com");
         do_check_eq(app.manifestURL, "http://foo.com/metadata/manifest.webapp");
+        do_check_eq(app.csp, "script-src: http://foo.com");
         run_next_test();
         return;
       }
     }
     do_throw("Unable to find the test app by its id");
   });
 });
 
--- a/toolkit/devtools/server/actors/webapps.js
+++ b/toolkit/devtools/server/actors/webapps.js
@@ -246,16 +246,18 @@ WebappsActor.prototype = {
                                         : reg._nextLocalId();
 
     reg.webapps[aId] = aApp;
     reg.updatePermissionsForApp(aId);
 
     reg._readManifests([{ id: aId }]).then((aResult) => {
       let manifest = aResult[0].manifest;
       aApp.name = manifest.name;
+      aApp.csp = manifest.csp || "";
+      aApp.role = manifest.role || "";
       reg.updateAppHandlers(null, manifest, aApp);
 
       reg._saveApps().then(() => {
         aApp.manifest = manifest;
 
         // We need the manifest to set the app kind for hosted apps,
         // because of appcache.
         if (aApp.kind == undefined) {