Closed Bug 1743042 Opened 4 years ago Closed 29 days ago

Document::InitCSP checks whether NodePrincipal is an ExpandedPrincipal (which is never true)

Categories

(Core :: DOM: Security, task, P3)

Product:
Core
Component:
DOM: Security
Type:
task

Tracking

()

Status:
RESOLVED FIXED
Milestone:
140 Branch
Tracking Flags:
Tracking Status
firefox140 --- fixed

People

(Reporter: robwu, Assigned: tschuster)

References

(Blocks 1 open bug)

Details

(Whiteboard: [domsecurity-backlog1])

Attachments

(1 file)

Bug 1743042 - Document::InitCSP checks whether NodePrincipal is an ExpandedPrincipal (which is never true). r?smaug
48 bytes, text/x-phabricator-request
Details | Review

I came across the logic below in Document::InitCSP, which checks whether a node principal is an ExpandedPrincipal (and attaches a CSP to it when it is). A node principal can never be an expanded principal, so the branch is never reached. We should remove it (which would also simplify part of the work on bug 1548468).

https://searchfox.org/mozilla-central/rev/7fe9421af35256a95acc4620e9e0b76df7867287/dom/base/Document.cpp#3675-3682

nsresult Document::InitCSP(nsIChannel* aChannel) {
  ....

  nsCOMPtr<nsIPrincipal> principal = NodePrincipal();

  ...

    // Bug 1548468: Move CSP off ExpandedPrincipal
    // Currently the LoadInfo holds the source of truth for every resource load
    // because LoadInfo::GetCSP() queries the CSP from an ExpandedPrincipal
    // (and not from the Client) if the load was triggered by an extension.
    auto* basePrin = BasePrincipal::Cast(principal);
    if (basePrin->Is<ExpandedPrincipal>()) {
      basePrin->As<ExpandedPrincipal>()->SetCsp(mCSP);
    }

When working on Bug 1548468 we should also address this bug, putting in the backlog for now.

Priority: -- → P3
Whiteboard: [domsecurity-backlog1]
Assignee: nobody → tschuster
Status: NEW → ASSIGNED
Pushed by tschuster@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/43839ffc2ae0 Document::InitCSP checks whether NodePrincipal is an ExpandedPrincipal (which is never true). r=smaug

https://hg.mozilla.org/mozilla-central/rev/43839ffc2ae0

Status: ASSIGNED → RESOLVED
Closed: 29 days ago
status-firefox140: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 140 Branch
QA Whiteboard: [qa-triage-done-c141/b140]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: