Backed out 3 changesets (bug 1073952) for test_iframe_srcdoc.html failures a=backout
authorWes Kocher <wkocher@mozilla.com>
Fri, 27 Jan 2017 10:37:05 -0800
changeset 380496 cabc87c3fa0a22f3650bde884e884ee4ea91046b
parent 380495 740e1005d4b617941987880128c62ba1dbbee1c7
child 380497 c8c13fab0df25addc1cab0ab28b345b496f5d24d
push id1468
push userasasaki@mozilla.com
push dateMon, 05 Jun 2017 19:31:07 +0000
treeherdermozilla-release@0641fc6ee9d1 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbackout
bugs1073952
milestone54.0a1
backs oute63233859ee1d5d28280598dfc97b0ba94535782
5534087efac3af79ced4efff4c81444e326009f6
1e631015acc8513043c0a3ad1c4a31b50679f7b5
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Backed out 3 changesets (bug 1073952) for test_iframe_srcdoc.html failures a=backout Backed out changeset e63233859ee1 (bug 1073952) Backed out changeset 5534087efac3 (bug 1073952) Backed out changeset 1e631015acc8 (bug 1073952) MozReview-Commit-ID: Fmrv8mz4HYI
caps/BasePrincipal.cpp
caps/BasePrincipal.h
caps/nsIPrincipal.idl
caps/nsNullPrincipal.cpp
caps/nsNullPrincipal.h
caps/nsScriptSecurityManager.cpp
caps/nsSystemPrincipal.cpp
caps/nsSystemPrincipal.h
dom/security/test/csp/file_iframe_sandbox_srcdoc.html
dom/security/test/csp/file_iframe_sandbox_srcdoc.html^headers^
dom/security/test/csp/file_iframe_srcdoc.sjs
dom/security/test/csp/mochitest.ini
dom/security/test/csp/test_iframe_sandbox_srcdoc.html
dom/security/test/csp/test_iframe_srcdoc.html
--- a/caps/BasePrincipal.cpp
+++ b/caps/BasePrincipal.cpp
@@ -429,31 +429,16 @@ BasePrincipal::CheckMayLoad(nsIURI* aURI
 NS_IMETHODIMP
 BasePrincipal::GetCsp(nsIContentSecurityPolicy** aCsp)
 {
   NS_IF_ADDREF(*aCsp = mCSP);
   return NS_OK;
 }
 
 NS_IMETHODIMP
-BasePrincipal::SetCsp(nsIContentSecurityPolicy* aCsp)
-{
-  // Never destroy an existing CSP on the principal.
-  // This method should only be called in rare cases.
-
-  MOZ_ASSERT(!mCSP, "do not destroy an existing CSP");
-  if (mCSP) {
-    return NS_ERROR_ALREADY_INITIALIZED;
-  }
-
-  mCSP = aCsp;
-  return NS_OK;
-}
-
-NS_IMETHODIMP
 BasePrincipal::EnsureCSP(nsIDOMDocument* aDocument,
                          nsIContentSecurityPolicy** aCSP)
 {
   if (mCSP) {
     // if there is a CSP already associated with this principal
     // then just return that - do not overwrite it!!!
     NS_IF_ADDREF(*aCSP = mCSP);
     return NS_OK;
--- a/caps/BasePrincipal.h
+++ b/caps/BasePrincipal.h
@@ -207,17 +207,16 @@ public:
   NS_IMETHOD GetOrigin(nsACString& aOrigin) final;
   NS_IMETHOD GetOriginNoSuffix(nsACString& aOrigin) final;
   NS_IMETHOD Equals(nsIPrincipal* other, bool* _retval) final;
   NS_IMETHOD EqualsConsideringDomain(nsIPrincipal* other, bool* _retval) final;
   NS_IMETHOD Subsumes(nsIPrincipal* other, bool* _retval) final;
   NS_IMETHOD SubsumesConsideringDomain(nsIPrincipal* other, bool* _retval) final;
   NS_IMETHOD CheckMayLoad(nsIURI* uri, bool report, bool allowIfInheritsPrincipal) final;
   NS_IMETHOD GetCsp(nsIContentSecurityPolicy** aCsp) override;
-  NS_IMETHOD SetCsp(nsIContentSecurityPolicy* aCsp) override;
   NS_IMETHOD EnsureCSP(nsIDOMDocument* aDocument, nsIContentSecurityPolicy** aCSP) override;
   NS_IMETHOD GetPreloadCsp(nsIContentSecurityPolicy** aPreloadCSP) override;
   NS_IMETHOD EnsurePreloadCSP(nsIDOMDocument* aDocument, nsIContentSecurityPolicy** aCSP) override;
   NS_IMETHOD GetCspJSON(nsAString& outCSPinJSON) override;
   NS_IMETHOD GetIsNullPrincipal(bool* aResult) override;
   NS_IMETHOD GetIsCodebasePrincipal(bool* aResult) override;
   NS_IMETHOD GetIsExpandedPrincipal(bool* aResult) override;
   NS_IMETHOD GetIsSystemPrincipal(bool* aResult) override;
--- a/caps/nsIPrincipal.idl
+++ b/caps/nsIPrincipal.idl
@@ -132,21 +132,20 @@ interface nsIPrincipal : nsISerializable
      *                                   loader.
      * @throws NS_ERROR_DOM_BAD_URI if the load is not allowed.
      */
     void checkMayLoad(in nsIURI uri, in boolean report,
                       in boolean allowIfInheritsPrincipal);
 
     /**
      * A Content Security Policy associated with this principal.
+     *
      * Use this function to query the associated CSP with this principal.
-     * Please *only* use this function to *set* a CSP when you know exactly what you are doing.
-     * Most likely you want to call ensureCSP instead of setCSP.
      */
-    [noscript] attribute nsIContentSecurityPolicy csp;
+    [noscript] readonly attribute nsIContentSecurityPolicy csp;
 
     /*
      * Use this function to query a CSP associated with this principal.
      * If no CSP is associated with this principal then one is created
      * internally and setRequestContext is called on the CSP using aDocument.
      *
      * Please note if aDocument is null, then setRequestContext on the
      * CSP object is called using the current principal.
--- a/caps/nsNullPrincipal.cpp
+++ b/caps/nsNullPrincipal.cpp
@@ -102,30 +102,16 @@ nsNullPrincipal::GetScriptLocation(nsACS
 NS_IMETHODIMP
 nsNullPrincipal::GetHashValue(uint32_t *aResult)
 {
   *aResult = (NS_PTR_TO_INT32(this) >> 2);
   return NS_OK;
 }
 
 NS_IMETHODIMP
-nsNullPrincipal::SetCsp(nsIContentSecurityPolicy* aCsp) {
-  // Never destroy an existing CSP on the principal.
-  // This method should only be called in rare cases.
-
-  MOZ_ASSERT(!mCSP, "do not destroy an existing CSP");
-  if (mCSP) {
-    return NS_ERROR_ALREADY_INITIALIZED;
-  }
-
-  mCSP = aCsp;
-  return NS_OK;
-}
-
-NS_IMETHODIMP
 nsNullPrincipal::GetURI(nsIURI** aURI)
 {
   return NS_EnsureSafeToReturn(mURI, aURI);
 }
 
 NS_IMETHODIMP
 nsNullPrincipal::GetDomain(nsIURI** aDomain)
 {
@@ -196,8 +182,9 @@ nsNullPrincipal::Write(nsIObjectOutputSt
   nsAutoCString suffix;
   OriginAttributesRef().CreateSuffix(suffix);
 
   nsresult rv = aStream->WriteStringZ(suffix.get());
   NS_ENSURE_SUCCESS(rv, rv);
 
   return NS_OK;
 }
+
--- a/caps/nsNullPrincipal.h
+++ b/caps/nsNullPrincipal.h
@@ -37,17 +37,16 @@ public:
   // Other consumers should use the Create and CreateWithInheritedAttributes
   // methods.
   nsNullPrincipal() {}
 
   NS_DECL_NSISERIALIZABLE
 
   NS_IMETHOD QueryInterface(REFNSIID aIID, void** aInstancePtr) override;
   NS_IMETHOD GetHashValue(uint32_t* aHashValue) override;
-  NS_IMETHOD SetCsp(nsIContentSecurityPolicy* aCsp) override;
   NS_IMETHOD GetURI(nsIURI** aURI) override;
   NS_IMETHOD GetDomain(nsIURI** aDomain) override;
   NS_IMETHOD SetDomain(nsIURI* aDomain) override;
   NS_IMETHOD GetBaseDomain(nsACString& aBaseDomain) override;
   nsresult GetOriginInternal(nsACString& aOrigin) override;
 
   static already_AddRefed<nsNullPrincipal> CreateWithInheritedAttributes(nsIPrincipal* aInheritFrom);
 
--- a/caps/nsScriptSecurityManager.cpp
+++ b/caps/nsScriptSecurityManager.cpp
@@ -265,122 +265,98 @@ nsScriptSecurityManager::GetChannelResul
                                    /*aIgnoreSandboxing*/ true);
 }
 
 nsresult
 nsScriptSecurityManager::GetChannelResultPrincipal(nsIChannel* aChannel,
                                                    nsIPrincipal** aPrincipal,
                                                    bool aIgnoreSandboxing)
 {
-  NS_PRECONDITION(aChannel, "Must have channel!");
-  // Check whether we have an nsILoadInfo that says what we should do.
-  nsCOMPtr<nsILoadInfo> loadInfo = aChannel->GetLoadInfo();
-  if (loadInfo && loadInfo->GetForceInheritPrincipalOverruleOwner()) {
-    nsCOMPtr<nsIPrincipal> principalToInherit = loadInfo->PrincipalToInherit();
-    if (!principalToInherit) {
-      principalToInherit = loadInfo->TriggeringPrincipal();
-    }
-    principalToInherit.forget(aPrincipal);
-    return NS_OK;
-  }
-
-  nsCOMPtr<nsISupports> owner;
-  aChannel->GetOwner(getter_AddRefs(owner));
-  if (owner) {
-    CallQueryInterface(owner, aPrincipal);
-    if (*aPrincipal) {
+    NS_PRECONDITION(aChannel, "Must have channel!");
+    // Check whether we have an nsILoadInfo that says what we should do.
+    nsCOMPtr<nsILoadInfo> loadInfo = aChannel->GetLoadInfo();
+    if (loadInfo && loadInfo->GetForceInheritPrincipalOverruleOwner()) {
+      nsCOMPtr<nsIPrincipal> principalToInherit = loadInfo->PrincipalToInherit();
+      if (!principalToInherit) {
+        principalToInherit = loadInfo->TriggeringPrincipal();
+      }
+      principalToInherit.forget(aPrincipal);
       return NS_OK;
     }
-  }
 
-  if (loadInfo) {
+    nsCOMPtr<nsISupports> owner;
+    aChannel->GetOwner(getter_AddRefs(owner));
+    if (owner) {
+        CallQueryInterface(owner, aPrincipal);
+        if (*aPrincipal) {
+            return NS_OK;
+        }
+    }
+
+    if (loadInfo) {
         if (!aIgnoreSandboxing && loadInfo->GetLoadingSandboxed()) {
             RefPtr<nsNullPrincipal> prin;
             if (loadInfo->LoadingPrincipal()) {
               prin =
                 nsNullPrincipal::CreateWithInheritedAttributes(loadInfo->LoadingPrincipal());
             } else {
               OriginAttributes attrs;
               loadInfo->GetOriginAttributes(&attrs);
               attrs.StripAttributes(OriginAttributes::STRIP_ADDON_ID);
               prin = nsNullPrincipal::Create(attrs);
             }
-            // if the new NullPrincipal (above) loads an iframe[srcdoc], we
-            // need to inherit an existing CSP to avoid bypasses (bug 1073952).
-            // We continue inheriting for nested frames with e.g., data: URLs.
-            if (loadInfo->GetExternalContentPolicyType() == nsIContentPolicy::TYPE_SUBDOCUMENT) {
-              nsCOMPtr<nsIURI> uri;
-              aChannel->GetURI(getter_AddRefs(uri));
-              nsAutoCString URISpec;
-              uri->GetSpec(URISpec);
-              bool isData = (NS_SUCCEEDED(uri->SchemeIs("data", &isData)) && isData);
-              if (URISpec.EqualsLiteral("about:srcdoc") || isData) {
-                nsCOMPtr<nsIPrincipal> principalToInherit = loadInfo->PrincipalToInherit();
-                if (!principalToInherit) {
-                  principalToInherit = loadInfo->TriggeringPrincipal();
-                }
-                nsCOMPtr<nsIContentSecurityPolicy> originalCsp;
-                principalToInherit->GetCsp(getter_AddRefs(originalCsp));
-                // if the principalToInherit had a CSP,
-                // add it to the newly created NullPrincipal.
-                if (originalCsp) {
-                  nsresult rv = prin->SetCsp(originalCsp);
-                  NS_ENSURE_SUCCESS(rv, rv);
-                }
-              }
-            }
             prin.forget(aPrincipal);
             return NS_OK;
         }
 
-    bool forceInherit = loadInfo->GetForceInheritPrincipal();
-    if (aIgnoreSandboxing && !forceInherit) {
-      // Check if SEC_FORCE_INHERIT_PRINCIPAL was dropped because of
-      // sandboxing:
-      if (loadInfo->GetLoadingSandboxed() &&
-        loadInfo->GetForceInheritPrincipalDropped()) {
-        forceInherit = true;
-      }
-    }
-    if (forceInherit) {
-      nsCOMPtr<nsIPrincipal> principalToInherit = loadInfo->PrincipalToInherit();
-      if (!principalToInherit) {
-        principalToInherit = loadInfo->TriggeringPrincipal();
-      }
-      principalToInherit.forget(aPrincipal);
-      return NS_OK;
-    }
+        bool forceInherit = loadInfo->GetForceInheritPrincipal();
+        if (aIgnoreSandboxing && !forceInherit) {
+          // Check if SEC_FORCE_INHERIT_PRINCIPAL was dropped because of
+          // sandboxing:
+          if (loadInfo->GetLoadingSandboxed() &&
+              loadInfo->GetForceInheritPrincipalDropped()) {
+            forceInherit = true;
+          }
+        }
+        if (forceInherit) {
+            nsCOMPtr<nsIPrincipal> principalToInherit = loadInfo->PrincipalToInherit();
+            if (!principalToInherit) {
+              principalToInherit = loadInfo->TriggeringPrincipal();
+            }
+            principalToInherit.forget(aPrincipal);
+            return NS_OK;
+        }
 
-    nsSecurityFlags securityFlags = loadInfo->GetSecurityMode();
-    // The data: inheritance flags should only apply to the initial load,
-    // not to loads that it might have redirected to.
-    if (loadInfo->RedirectChain().IsEmpty() &&
-        (securityFlags == nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS ||
-         securityFlags == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS ||
-         securityFlags == nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS)) {
+        nsSecurityFlags securityFlags = loadInfo->GetSecurityMode();
+        // The data: inheritance flags should only apply to the initial load,
+        // not to loads that it might have redirected to.
+        if (loadInfo->RedirectChain().IsEmpty() &&
+            (securityFlags == nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS ||
+             securityFlags == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS ||
+             securityFlags == nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS)) {
 
-      nsCOMPtr<nsIURI> uri;
-      nsresult rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(uri));
-      NS_ENSURE_SUCCESS(rv, rv);
-      nsCOMPtr<nsIPrincipal> principalToInherit = loadInfo->PrincipalToInherit();
-      if (!principalToInherit) {
-        principalToInherit = loadInfo->TriggeringPrincipal();
-      }
-      bool inheritForAboutBlank = loadInfo->GetAboutBlankInherits();
+            nsCOMPtr<nsIURI> uri;
+            nsresult rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(uri));
+            NS_ENSURE_SUCCESS(rv, rv); 
+            nsCOMPtr<nsIPrincipal> principalToInherit = loadInfo->PrincipalToInherit();
+            if (!principalToInherit) {
+              principalToInherit = loadInfo->TriggeringPrincipal();
+            }
+            bool inheritForAboutBlank = loadInfo->GetAboutBlankInherits();
 
-      if (nsContentUtils::ChannelShouldInheritPrincipal(principalToInherit,
-                                                        uri,
-                                                        inheritForAboutBlank,
-                                                        false)) {
-        principalToInherit.forget(aPrincipal);
-        return NS_OK;
-      }
+            if (nsContentUtils::ChannelShouldInheritPrincipal(principalToInherit,
+                                                              uri,
+                                                              inheritForAboutBlank,
+                                                              false)) {
+                principalToInherit.forget(aPrincipal);
+                return NS_OK;
+            }
+        }
     }
-  }
-  return GetChannelURIPrincipal(aChannel, aPrincipal);
+    return GetChannelURIPrincipal(aChannel, aPrincipal);
 }
 
 nsresult
 nsScriptSecurityManager::MaybeSetAddonIdFromURI(OriginAttributes& aAttrs, nsIURI* aURI)
 {
   nsAutoCString scheme;
   nsresult rv = aURI->GetScheme(scheme);
   NS_ENSURE_SUCCESS(rv, rv);
--- a/caps/nsSystemPrincipal.cpp
+++ b/caps/nsSystemPrincipal.cpp
@@ -44,17 +44,17 @@ nsSystemPrincipal::GetScriptLocation(nsA
 
 NS_IMETHODIMP
 nsSystemPrincipal::GetHashValue(uint32_t *result)
 {
     *result = NS_PTR_TO_INT32(this);
     return NS_OK;
 }
 
-NS_IMETHODIMP
+NS_IMETHODIMP 
 nsSystemPrincipal::GetURI(nsIURI** aURI)
 {
     *aURI = nullptr;
     return NS_OK;
 }
 
 nsresult
 nsSystemPrincipal::GetOriginInternal(nsACString& aOrigin)
@@ -66,25 +66,16 @@ nsSystemPrincipal::GetOriginInternal(nsA
 NS_IMETHODIMP
 nsSystemPrincipal::GetCsp(nsIContentSecurityPolicy** aCsp)
 {
   *aCsp = nullptr;
   return NS_OK;
 }
 
 NS_IMETHODIMP
-nsSystemPrincipal::SetCsp(nsIContentSecurityPolicy* aCsp)
-{
-  // Never destroy an existing CSP on the principal.
-  // This method should only be called in rare cases.
-
-  return NS_ERROR_FAILURE;
-}
-
-NS_IMETHODIMP
 nsSystemPrincipal::EnsureCSP(nsIDOMDocument* aDocument,
                              nsIContentSecurityPolicy** aCSP)
 {
   // CSP on a system principal makes no sense
   return NS_ERROR_FAILURE;
 }
 
 NS_IMETHODIMP
--- a/caps/nsSystemPrincipal.h
+++ b/caps/nsSystemPrincipal.h
@@ -25,17 +25,16 @@ class nsSystemPrincipal final : public m
 public:
   NS_DECL_NSISERIALIZABLE
   NS_IMETHOD QueryInterface(REFNSIID aIID, void** aInstancePtr) override;
   NS_IMETHOD GetHashValue(uint32_t* aHashValue) override;
   NS_IMETHOD GetURI(nsIURI** aURI) override;
   NS_IMETHOD GetDomain(nsIURI** aDomain) override;
   NS_IMETHOD SetDomain(nsIURI* aDomain) override;
   NS_IMETHOD GetCsp(nsIContentSecurityPolicy** aCsp) override;
-  NS_IMETHOD SetCsp(nsIContentSecurityPolicy* aCsp) override;
   NS_IMETHOD EnsureCSP(nsIDOMDocument* aDocument, nsIContentSecurityPolicy** aCSP) override;
   NS_IMETHOD GetPreloadCsp(nsIContentSecurityPolicy** aPreloadCSP) override;
   NS_IMETHOD EnsurePreloadCSP(nsIDOMDocument* aDocument, nsIContentSecurityPolicy** aCSP) override;
   NS_IMETHOD GetBaseDomain(nsACString& aBaseDomain) override;
   nsresult GetOriginInternal(nsACString& aOrigin) override;
 
   nsSystemPrincipal() {}
 
deleted file mode 100644
--- a/dom/security/test/csp/file_iframe_sandbox_srcdoc.html
+++ /dev/null
@@ -1,11 +0,0 @@
-<!DOCTYPE HTML>
-<html>
-<head>
-  <meta charset="utf-8">
-  <title>Bug 1073952 - CSP should restrict scripts in srcdoc iframe even if sandboxed</title>
-</head>
-<body>
-<iframe srcdoc="<img src=x onerror='parent.postMessage({result: `unexpected-csp-violation`}, `*`);'>"
-        sandbox="allow-scripts"></iframe>
-</body>
-</html>
deleted file mode 100644
--- a/dom/security/test/csp/file_iframe_sandbox_srcdoc.html^headers^
+++ /dev/null
@@ -1,1 +0,0 @@
-content-security-policy: default-src *;
deleted file mode 100644
--- a/dom/security/test/csp/file_iframe_srcdoc.sjs
+++ /dev/null
@@ -1,79 +0,0 @@
-// Custom *.sjs file specifically for the needs of
-// https://bugzilla.mozilla.org/show_bug.cgi?id=1073952
-
-"use strict";
-Components.utils.importGlobalProperties(["URLSearchParams"]);
-
-const SCRIPT = `
-  <script>
-    parent.parent.postMessage({result: &quot;allowed&quot;}, &quot;*&quot;);
-  </script>`;
-
-const SIMPLE_IFRAME_SRCDOC = `
-  <!DOCTYPE html>
-  <html>
-  <head><meta charset="utf-8"></head>
-  <body>
-    <iframe sandbox="allow-scripts" srcdoc="` + SCRIPT + `"></iframe>
-  </body>
-  </html>`;
-
-const INNER_SRCDOC_IFRAME = `
-  <iframe sandbox='allow-scripts' srcdoc='<script>
-      parent.parent.parent.postMessage({result: &quot;allowed&quot;}, &quot;*&quot;);
-    </script>'>
-  </iframe>`;
-
-const NESTED_IFRAME_SRCDOC = `
-  <!DOCTYPE html>
-  <html>
-  <head><meta charset="utf-8"></head>
-  <body>
-    <iframe sandbox="allow-scripts" srcdoc="` + INNER_SRCDOC_IFRAME + `"></iframe>
-  </body>
-  </html>`;
-
-
-const INNER_DATAURI_IFRAME = `
-  <iframe sandbox='allow-scripts' src='data:text/html,<script>
-      parent.parent.parent.postMessage({result: &quot;allowed&quot;}, &quot;*&quot;);
-    </script>'>
-  </iframe>`;
-
-const NESTED_IFRAME_SRCDOC_DATAURI = `
-  <!DOCTYPE html>
-  <html>
-  <head><meta charset="utf-8"></head>
-  <body>
-    <iframe sandbox="allow-scripts" srcdoc="` + INNER_DATAURI_IFRAME + `"></iframe>
-  </body>
-  </html>`;
-
-function handleRequest(request, response) {
-  const query = new URLSearchParams(request.queryString);
-
-  response.setHeader("Cache-Control", "no-cache", false);
-  if (typeof query.get("csp") === "string") {
-    response.setHeader("Content-Security-Policy", query.get("csp"), false);
-  }
-  response.setHeader("Content-Type", "text/html", false);
-
-  if (query.get("action") === "simple_iframe_srcdoc") {
-    response.write(SIMPLE_IFRAME_SRCDOC);
-    return;
-  }
-
-  if (query.get("action") === "nested_iframe_srcdoc") {
-    response.write(NESTED_IFRAME_SRCDOC);
-    return;
-  }
-
-  if (query.get("action") === "nested_iframe_srcdoc_datauri") {
-    response.write(NESTED_IFRAME_SRCDOC_DATAURI);
-    return;
-  }
-
-  // we should never get here, but just in case
-  // return something unexpected
-  response.write("do'h");
-}
--- a/dom/security/test/csp/mochitest.ini
+++ b/dom/security/test/csp/mochitest.ini
@@ -198,19 +198,16 @@ support-files =
   file_strict_dynamic_parser_inserted_doc_write.html
   file_strict_dynamic_parser_inserted_doc_write_correct_nonce.html
   file_strict_dynamic_non_parser_inserted.html
   file_strict_dynamic_non_parser_inserted_inline.html
   file_strict_dynamic_unsafe_eval.html
   file_strict_dynamic_default_src.html
   file_strict_dynamic_default_src.js
   file_upgrade_insecure_navigation.sjs
-  file_iframe_srcdoc.sjs
-  file_iframe_sandbox_srcdoc.html
-  file_iframe_sandbox_srcdoc.html^headers^
 
 [test_base-uri.html]
 [test_blob_data_schemes.html]
 [test_connect-src.html]
 [test_CSP.html]
 [test_allow_https_schemes.html]
 [test_bug663567.html]
 [test_bug802872.html]
@@ -288,10 +285,8 @@ tags = mcb
 [test_sendbeacon.html]
 [test_upgrade_insecure_docwrite_iframe.html]
 [test_bug1242019.html]
 [test_bug1312272.html]
 [test_strict_dynamic.html]
 [test_strict_dynamic_parser_inserted.html]
 [test_strict_dynamic_default_src.html]
 [test_upgrade_insecure_navigation.html]
-[test_iframe_sandbox_srcdoc.html]
-[test_iframe_srcdoc.html]
deleted file mode 100644
--- a/dom/security/test/csp/test_iframe_sandbox_srcdoc.html
+++ /dev/null
@@ -1,62 +0,0 @@
-<!DOCTYPE HTML>
-<html>
-<head>
-  <meta charset="utf-8">
-  <title>Bug 1073952 - CSP should restrict scripts in srcdoc iframe even if sandboxed</title>
-  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
-  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
-</head>
-<body>
-<p id="display">Bug 1073952</p>
-<iframe style="width:200px;height:200px;" id='cspframe'></iframe>
-<script class="testbody" type="text/javascript">
-
-// This is used to watch the blocked data bounce off CSP and allowed data
-// get sent out to the wire.
-function examiner() {
-  SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
-}
-
-examiner.prototype  = {
-  observe: function(subject, topic, data) {
-
-    if(topic === "csp-on-violate-policy") {
-      var violationString = SpecialPowers.getPrivilegedProps(SpecialPowers.
-                             do_QueryInterface(subject, "nsISupportsCString"), "data");
-      // the violation subject for inline script violations is unfortunately vague,
-      // all we can do is match the string.
-      if (!violationString.includes("Inline Script")) {
-        return
-      }
-      ok(true, "CSP inherited into sandboxed srcdoc iframe, script blocked.");
-      window.finish();
-    }
-  },
-
-  // must eventually call this to remove the listener,
-  // or mochitests might get borked.
-  remove: function() {
-    SpecialPowers.removeObserver(this, "csp-on-violate-policy");
-  }
-}
-
-window.examiner = new examiner();
-
-function finish() {
-  window.examiner.remove();
-  SimpleTest.finish();
-}
-
-addEventListener("message", function(e) {
-  ok(false, "We should not execute JS in srcdoc iframe.");
-  window.finish();
-})
-SimpleTest.waitForExplicitFinish();
-
-// save this for last so that our listeners are registered.
-// ... this loads the testbed of good and bad requests.
-document.getElementById('cspframe').src = 'file_iframe_sandbox_srcdoc.html';
-
-</script>
-</body>
-</html>
deleted file mode 100644
--- a/dom/security/test/csp/test_iframe_srcdoc.html
+++ /dev/null
@@ -1,123 +0,0 @@
-<!DOCTYPE HTML>
-<html>
-<head>
-  <title>Bug 1073952 - Test CSP enforcement within iframe srcdoc</title>
-  <!-- Including SimpleTest.js so we can use waitForExplicitFinish !-->
-  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
-  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
-</head>
-<body>
-<iframe style="width:100%;" id="testframe"></iframe>
-
-<script class="testbody" type="text/javascript">
-
-/*
- * Description of the test:
- * (1) We serve a site which makes use of script-allowed sandboxed iframe srcdoc
- *     and make sure that CSP applies to the nested browsing context
- *     within the iframe.
- *     [PAGE WITH CSP [IFRAME SANDBOX SRCDOC [SCRIPT]]]
- *
- * (2) We serve a site which nests script within an script-allowed sandboxed
- *     iframe srcdoc within another script-allowed sandboxed iframe srcdoc and
- *     make sure that CSP applies to the nested browsing context
- *     within the iframe*s*.
- *     [PAGE WITH CSP [IFRAME SANDBOX SRCDOC [IFRAME SANDBOX SRCDOC [SCRIPT]]]]
- *
- * Please note that the test relies on the "csp-on-violate-policy" observer.
- * Whenever the script within the iframe is blocked observers are notified.
- * In turn, this renders the 'result' within tests[] unused. In case the script
- * would execute however, the postMessageHandler would bubble up 'allowed' and
- * the test would fail.
- */
-
-SimpleTest.waitForExplicitFinish();
-
-var tests = [
-  // [PAGE *WITHOUT* CSP [IFRAME SRCDOC [SCRIPT]]]
-  { csp: "",
-    result: "allowed",
-    query: "simple_iframe_srcdoc",
-    desc: "No CSP should run script within script-allowed sandboxed iframe srcdoc"
-  },
-  { csp: "script-src https://test1.com",
-    result: "blocked",
-    query: "simple_iframe_srcdoc",
-    desc: "CSP should block script within script-allowed sandboxediframe srcdoc"
-  },
-  // [PAGE *WITHOUT* CSP [IFRAME SRCDOC [IFRAME SRCDOC [SCRIPT]]]]
-  { csp: "",
-    result: "allowed",
-    query: "nested_iframe_srcdoc",
-    desc: "No CSP should run script within script-allowed sandboxed iframe srcdoc nested within another script-allowed sandboxed iframe srcdoc"
-  },
-  // [PAGE WITH CSP [IFRAME SRCDOC ]]
-  { csp: "script-src https://test2.com",
-    result: "blocked",
-    query: "nested_iframe_srcdoc",
-    desc: "CSP should block script within script-allowed sandboxed iframe srcdoc nested within another script-allowed sandboxed iframe srcdoc"
-  },
-  { csp: "",
-    result: "allowed",
-    query: "nested_iframe_srcdoc_datauri",
-    desc: "No CSP, should run script within script-allowed sandboxed iframe src with data URL nested within another script-allowed sandboxed iframe srcdoc"
-  },
-  { csp: "script-src https://test3.com",
-    result: "blocked",
-    query: "nested_iframe_srcdoc_datauri",
-    desc: "CSP should block script within script-allowed sandboxed iframe src with data URL nested within another script-allowed sandboxed iframe srcdoc"
-  },
-
-];
-
-// initializing to -1 so we start at index 0 when we start the test
-var counter = -1;
-
-function finishTest() {
-  window.removeEventListener("message", receiveMessage, false);
-  window.examiner.remove();
-  SimpleTest.finish();
-}
-
-window.addEventListener("message", receiveMessage, false);
-function receiveMessage(event) {
-  var result = event.data.result;
-  is(result, tests[counter].result, tests[counter].desc);
-  loadNextTest();
-}
-
-function examiner() {
-  SpecialPowers.addObserver(this, "csp-on-violate-policy", false);
-}
-
-examiner.prototype  = {
-  observe: function(subject, topic, data) {
-    if (topic === "csp-on-violate-policy") {
-      is("blocked", tests[counter].result, tests[counter].desc);
-      loadNextTest();
-    }
-  },
-  remove: function() {
-    SpecialPowers.removeObserver(this, "csp-on-violate-policy");
-  }
-}
-
-function loadNextTest() {
-  counter++;
-  if (counter == tests.length) {
-    finishTest();
-    return;
-  }
-  var src = "file_iframe_srcdoc.sjs";
-  src += "?csp=" + escape(tests[counter].csp);
-  src += "&action=" + escape(tests[counter].query);
-  document.getElementById("testframe").src = src;
-}
-
-// start running the tests
-window.examiner = new examiner();
-loadNextTest();
-
-</script>
-</body>
-</html>