Bug 1303685: Add telemetry for CSP referrer directive. r=ckerschb,francois
authorTuhina <tuhinatwyla@gmail.com>
Fri, 04 Nov 2016 21:36:25 +0530
changeset 374154 dfb7a1208ee70da69d0b2c566b2b245243e88649
parent 374153 5805d416680a3fcdb9b50d9d0b2760167e09c5cb
child 374155 8fe52da5cb90209689b41879843ba93f6acda884
push id6996
push userjlorenzo@mozilla.com
push dateMon, 06 Mar 2017 20:48:21 +0000
treeherdermozilla-beta@d89512dab048 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersckerschb, francois
bugs1303685
milestone53.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1303685: Add telemetry for CSP referrer directive. r=ckerschb,francois
dom/base/nsDocument.cpp
dom/base/nsIDocument.h
dom/security/nsCSPParser.cpp
toolkit/components/telemetry/Histograms.json
--- a/dom/base/nsDocument.cpp
+++ b/dom/base/nsDocument.cpp
@@ -1425,16 +1425,17 @@ nsDocument::~nsDocument()
       } else {
         /* no mixed object subrequests loaded on page*/
         Accumulate(Telemetry::MIXED_CONTENT_OBJECT_SUBREQUEST, 0);
       }
 
       // record CSP telemetry on this document
       if (mHasCSP) {
         Accumulate(Telemetry::CSP_DOCUMENTS_COUNT, 1);
+        Accumulate(Telemetry::CSP_REFERRER_DIRECTIVE, mHasReferrerPolicyCSP);
       }
       if (mHasUnsafeInlineCSP) {
         Accumulate(Telemetry::CSP_UNSAFE_INLINE_DOCUMENTS_COUNT, 1);
       }
       if (mHasUnsafeEvalCSP) {
         Accumulate(Telemetry::CSP_UNSAFE_EVAL_DOCUMENTS_COUNT, 1);
       }
     }
--- a/dom/base/nsIDocument.h
+++ b/dom/base/nsIDocument.h
@@ -703,16 +703,24 @@ public:
    * Get mixed display content blocked flag for this document.
    */
   bool GetHasMixedDisplayContentBlocked()
   {
     return mHasMixedDisplayContentBlocked;
   }
 
   /**
+  * Set referrer policy CSP flag for this document.
+  */
+  void SetHasReferrerPolicyCSP(bool aHasReferrerPolicyCSP)
+  {
+    mHasReferrerPolicyCSP = aHasReferrerPolicyCSP;
+  }
+
+  /**
    * Set the mixed display content blocked flag for this document.
    */
   void SetHasMixedDisplayContentBlocked(bool aHasMixedDisplayContentBlocked)
   {
     mHasMixedDisplayContentBlocked = aHasMixedDisplayContentBlocked;
   }
 
   /**
@@ -3075,16 +3083,19 @@ protected:
   // true otherwise.
   bool mIsShowing : 1;
 
   // State for IsVisible(). mVisible starts off true. It becomes false when
   // OnPageHide happens, and becomes true again when OnPageShow happens.  So
   // it's false only when we're in bfcache or unloaded.
   bool mVisible : 1;
 
+  // True if a document load has a CSP with referrer attached.
+  bool mHasReferrerPolicyCSP : 1;
+
   // True if our content viewer has been removed from the docshell
   // (it may still be displayed, but in zombie state). Form control data
   // has been saved.
   bool mRemovedFromDocShell : 1;
 
   // True iff DNS prefetch is allowed for this document.  Note that if the
   // document has no window, DNS prefetch won't be performed no matter what.
   bool mAllowDNSPrefetch : 1;
--- a/dom/security/nsCSPParser.cpp
+++ b/dom/security/nsCSPParser.cpp
@@ -919,16 +919,21 @@ nsCSPParser::referrerDirectiveValue(nsCS
   }
 
   //referrer-directive deprecation warning
   const char16_t* params[] = { mCurDir[1].get() };
   logWarningErrorToConsole(nsIScriptError::warningFlag, "deprecatedReferrerDirective",
                              params, ArrayLength(params));
 
   // the referrer policy is valid, so go ahead and use it.
+  nsWeakPtr ctx = mCSPContext->GetLoadingContext();
+  nsCOMPtr<nsIDocument> doc = do_QueryReferent(ctx);
+  if (doc) {
+    doc->SetHasReferrerPolicyCSP(true);
+  }
   mPolicy->setReferrerPolicy(&mCurDir[1]);
   mPolicy->addDirective(aDir);
 }
 
 void
 nsCSPParser::requireSRIForDirectiveValue(nsRequireSRIForDirective* aDir)
 {
   CSPPARSERLOG(("nsCSPParser::requireSRIForDirectiveValue"));
--- a/toolkit/components/telemetry/Histograms.json
+++ b/toolkit/components/telemetry/Histograms.json
@@ -4231,16 +4231,23 @@
   },
   "CSP_UNSAFE_EVAL_DOCUMENTS_COUNT": {
     "alert_emails": ["seceng@mozilla.com"],
     "bug_numbers": [1252829],
     "expires_in_version": "55",
     "kind": "count",
     "description": "Number of unique pages that contain an unsafe-eval CSP directive"
   },
+  "CSP_REFERRER_DIRECTIVE": {
+    "alert_emails": ["seceng-telemetry@mozilla.com"],
+    "bug_numbers": [1303685],
+    "expires_in_version": "56",
+    "kind": "boolean",
+    "description": "Whether a document with a CSP policy (report-only or enforcing) contains a referrer directive ('true') or not ('false')."
+  },
   "PLACES_PAGES_COUNT": {
     "expires_in_version": "never",
     "kind": "exponential",
     "low": 1000,
     "high": 150000,
     "n_buckets": 20,
     "releaseChannelCollection": "opt-out",
     "description": "PLACES: Number of unique pages"