Bug 1287827 - Part 4. Remove the special-case Loop CSP setting. r=mrbkap,a=sledru
--- a/dom/base/nsDocument.cpp
+++ b/dom/base/nsDocument.cpp
@@ -2666,43 +2666,16 @@ AppendCSPFromHeader(nsIContentSecurityPo
MOZ_LOG(gCspPRLog, LogLevel::Debug,
("CSP refined with policy: \"%s\"",
NS_ConvertUTF16toUTF8(policy).get()));
}
}
return NS_OK;
}
-bool
-nsDocument::IsLoopDocument(nsIChannel *aChannel)
-{
- nsCOMPtr<nsIURI> chanURI;
- nsresult rv = aChannel->GetOriginalURI(getter_AddRefs(chanURI));
- NS_ENSURE_SUCCESS(rv, false);
-
- bool isAbout = false;
- bool isLoop = false;
- rv = chanURI->SchemeIs("about", &isAbout);
- NS_ENSURE_SUCCESS(rv, false);
- if (isAbout) {
- nsCOMPtr<nsIURI> loopURI;
- rv = NS_NewURI(getter_AddRefs(loopURI), "about:loopconversation");
- NS_ENSURE_SUCCESS(rv, false);
- rv = chanURI->EqualsExceptRef(loopURI, &isLoop);
- NS_ENSURE_SUCCESS(rv, false);
- if (!isLoop) {
- rv = NS_NewURI(getter_AddRefs(loopURI), "about:looppanel");
- NS_ENSURE_SUCCESS(rv, false);
- rv = chanURI->EqualsExceptRef(loopURI, &isLoop);
- NS_ENSURE_SUCCESS(rv, false);
- }
- }
- return isLoop;
-}
-
void
nsDocument::ApplySettingsFromCSP(bool aSpeculative)
{
nsresult rv = NS_OK;
if (!aSpeculative) {
// 1) apply settings from regular CSP
nsCOMPtr<nsIContentSecurityPolicy> csp;
rv = NodePrincipal()->GetCsp(getter_AddRefs(csp));
@@ -2815,31 +2788,27 @@ nsDocument::InitCSP(nsIChannel* aChannel
}
}
// Check if this is a document from a WebExtension.
nsString addonId;
principal->GetAddonId(addonId);
bool applyAddonCSP = !addonId.IsEmpty();
- // Check if this is part of the Loop/Hello service
- bool applyLoopCSP = IsLoopDocument(aChannel);
-
// Check if this is a signed content to apply default CSP.
bool applySignedContentCSP = false;
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->GetLoadInfo();
if (loadInfo && loadInfo->GetVerifySignedContent()) {
applySignedContentCSP = true;
}
// If there's no CSP to apply, go ahead and return early
if (!applyAppDefaultCSP &&
!applyAppManifestCSP &&
!applyAddonCSP &&
- !applyLoopCSP &&
!applySignedContentCSP &&
cspHeaderValue.IsEmpty() &&
cspROHeaderValue.IsEmpty()) {
if (MOZ_LOG_TEST(gCspPRLog, LogLevel::Debug)) {
nsCOMPtr<nsIURI> chanURI;
aChannel->GetURI(getter_AddRefs(chanURI));
nsAutoCString aspec;
chanURI->GetAsciiSpec(aspec);
@@ -2913,27 +2882,16 @@ nsDocument::InitCSP(nsIChannel* aChannel
// Note that when the content signing becomes a standard, we might have
// to restrict this enforcement to "remote content" only.
if (applySignedContentCSP) {
nsAdoptingString signedContentCSP =
Preferences::GetString("security.signed_content.CSP.default");
csp->AppendPolicy(signedContentCSP, false, false);
}
- // ----- if the doc is part of Loop, apply the loop CSP
- if (applyLoopCSP) {
- nsAdoptingString loopCSP;
- loopCSP = Preferences::GetString("loop.CSP");
- NS_ASSERTION(loopCSP, "Missing loop.CSP preference");
- // If the pref has been removed, we continue without setting a CSP
- if (loopCSP) {
- csp->AppendPolicy(loopCSP, false, false);
- }
- }
-
// ----- if there's a full-strength CSP header, apply it.
if (!cspHeaderValue.IsEmpty()) {
rv = AppendCSPFromHeader(csp, cspHeaderValue, false);
NS_ENSURE_SUCCESS(rv, rv);
}
// ----- if there's a report-only CSP header, apply it.
if (!cspROHeaderValue.IsEmpty()) {
--- a/dom/base/nsDocument.h
+++ b/dom/base/nsDocument.h
@@ -1719,17 +1719,16 @@ private:
mozilla::dom::VisibilityState GetVisibilityState() const;
void NotifyStyleSheetAdded(mozilla::StyleSheetHandle aSheet, bool aDocumentSheet);
void NotifyStyleSheetRemoved(mozilla::StyleSheetHandle aSheet, bool aDocumentSheet);
void PostUnblockOnloadEvent();
void DoUnblockOnload();
nsresult CheckFrameOptions();
- bool IsLoopDocument(nsIChannel* aChannel);
nsresult InitCSP(nsIChannel* aChannel);
/**
* Find the (non-anonymous) content in this document for aFrame. It will
* be aFrame's content node if that content is in this document and not
* anonymous. Otherwise, when aFrame is in a subdocument, we use the frame
* element containing the subdocument containing aFrame, and/or find the
* nearest non-anonymous ancestor in this document.