#633: M1683627 M786797 and disable CSP reporting due to M1542194 and others
This commit is contained in:
parent
ef55596e77
commit
0897c8df93
|
@ -8807,10 +8807,6 @@ ShouldEscape(nsIContent* aParent)
|
||||||
nsGkAtoms::style, nsGkAtoms::script, nsGkAtoms::xmp,
|
nsGkAtoms::style, nsGkAtoms::script, nsGkAtoms::xmp,
|
||||||
nsGkAtoms::iframe, nsGkAtoms::noembed, nsGkAtoms::noframes,
|
nsGkAtoms::iframe, nsGkAtoms::noembed, nsGkAtoms::noframes,
|
||||||
nsGkAtoms::plaintext,
|
nsGkAtoms::plaintext,
|
||||||
// Per the current spec noscript should be escaped in case
|
|
||||||
// scripts are disabled or if document doesn't have
|
|
||||||
// browsing context. However the latter seems to be a spec bug
|
|
||||||
// and Gecko hasn't traditionally done the former.
|
|
||||||
nsGkAtoms::noscript
|
nsGkAtoms::noscript
|
||||||
};
|
};
|
||||||
static mozilla::BloomFilter<12, nsIAtom> sFilter;
|
static mozilla::BloomFilter<12, nsIAtom> sFilter;
|
||||||
|
@ -8826,6 +8822,10 @@ ShouldEscape(nsIContent* aParent)
|
||||||
if (sFilter.mightContain(tag)) {
|
if (sFilter.mightContain(tag)) {
|
||||||
for (uint32_t i = 0; i < ArrayLength(nonEscapingElements); ++i) {
|
for (uint32_t i = 0; i < ArrayLength(nonEscapingElements); ++i) {
|
||||||
if (tag == nonEscapingElements[i]) {
|
if (tag == nonEscapingElements[i]) {
|
||||||
|
if (MOZ_UNLIKELY(tag == nsGkAtoms::noscript) &&
|
||||||
|
MOZ_UNLIKELY(!aParent->OwnerDoc()->IsScriptEnabled())) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -740,6 +740,11 @@ nsCSPContext::SendReports(nsISupports* aBlockedContentSource,
|
||||||
nsAString& aScriptSample,
|
nsAString& aScriptSample,
|
||||||
uint32_t aLineNum)
|
uint32_t aLineNum)
|
||||||
{
|
{
|
||||||
|
/* Due to unclear vulnerabilities in bug 1542194 and others, just don't.
|
||||||
|
We probably don't do it right anymore anyway. -- Cameron */
|
||||||
|
if (!Preferences::GetBool("security.csp.sendreports", false))
|
||||||
|
return NS_OK;
|
||||||
|
|
||||||
NS_ENSURE_ARG_MAX(aViolatedPolicyIndex, mPolicies.Length() - 1);
|
NS_ENSURE_ARG_MAX(aViolatedPolicyIndex, mPolicies.Length() - 1);
|
||||||
|
|
||||||
#ifdef MOZ_B2G
|
#ifdef MOZ_B2G
|
||||||
|
|
|
@ -1978,6 +1978,8 @@ pref("security.notification_enable_delay", 500);
|
||||||
pref("security.csp.enable", true);
|
pref("security.csp.enable", true);
|
||||||
pref("security.csp.debug", false);
|
pref("security.csp.debug", false);
|
||||||
pref("security.csp.experimentalEnabled", false);
|
pref("security.csp.experimentalEnabled", false);
|
||||||
|
// see bug 1542194, etc.
|
||||||
|
pref("security.csp.sendreports", false);
|
||||||
|
|
||||||
// Default Content Security Policy to apply to privileged apps.
|
// Default Content Security Policy to apply to privileged apps.
|
||||||
pref("security.apps.privileged.CSP.default", "default-src * data: blob:; script-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'");
|
pref("security.apps.privileged.CSP.default", "default-src * data: blob:; script-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'");
|
||||||
|
|
|
@ -740,7 +740,8 @@ void
|
||||||
nsHtml5MetaScanner::addToBuffer(int32_t c)
|
nsHtml5MetaScanner::addToBuffer(int32_t c)
|
||||||
{
|
{
|
||||||
if (strBufLen == strBuf.length) {
|
if (strBufLen == strBuf.length) {
|
||||||
jArray<char16_t,int32_t> newBuf = jArray<char16_t,int32_t>::newJArray(strBuf.length + (strBuf.length << 1));
|
jArray<char16_t,int32_t> newBuf = jArray<char16_t,int32_t>::newJArray(
|
||||||
|
nsHtml5Portability::checkedAdd(strBuf.length, (strBuf.length << 1)));
|
||||||
nsHtml5ArrayCopy::arraycopy(strBuf, newBuf, strBuf.length);
|
nsHtml5ArrayCopy::arraycopy(strBuf, newBuf, strBuf.length);
|
||||||
strBuf = newBuf;
|
strBuf = newBuf;
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,6 +7,16 @@
|
||||||
#include "jArray.h"
|
#include "jArray.h"
|
||||||
#include "nsHtml5Portability.h"
|
#include "nsHtml5Portability.h"
|
||||||
#include "nsHtml5TreeBuilder.h"
|
#include "nsHtml5TreeBuilder.h"
|
||||||
|
#include "mozilla/CheckedInt.h"
|
||||||
|
|
||||||
|
int32_t
|
||||||
|
nsHtml5Portability::checkedAdd(int32_t a, int32_t b) {
|
||||||
|
mozilla::CheckedInt<int32_t> sum(a);
|
||||||
|
sum += b;
|
||||||
|
MOZ_RELEASE_ASSERT(sum.isValid(),
|
||||||
|
"HTML input too large for signed 32-bit integer.");
|
||||||
|
return sum.value();
|
||||||
|
}
|
||||||
|
|
||||||
nsIAtom*
|
nsIAtom*
|
||||||
nsHtml5Portability::newLocalNameFromBuffer(char16_t* buf, int32_t offset, int32_t length, nsHtml5AtomTable* interner)
|
nsHtml5Portability::newLocalNameFromBuffer(char16_t* buf, int32_t offset, int32_t length, nsHtml5AtomTable* interner)
|
||||||
|
|
|
@ -58,6 +58,7 @@ class nsHtml5StateSnapshot;
|
||||||
class nsHtml5Portability
|
class nsHtml5Portability
|
||||||
{
|
{
|
||||||
public:
|
public:
|
||||||
|
static int32_t checkedAdd(int32_t a, int32_t b);
|
||||||
static nsIAtom* newLocalNameFromBuffer(char16_t* buf, int32_t offset, int32_t length, nsHtml5AtomTable* interner);
|
static nsIAtom* newLocalNameFromBuffer(char16_t* buf, int32_t offset, int32_t length, nsHtml5AtomTable* interner);
|
||||||
static nsHtml5String newStringFromBuffer(char16_t* buf,
|
static nsHtml5String newStringFromBuffer(char16_t* buf,
|
||||||
int32_t offset,
|
int32_t offset,
|
||||||
|
|
|
@ -240,7 +240,7 @@ nsHtml5Tokenizer::emitStrBuf()
|
||||||
void
|
void
|
||||||
nsHtml5Tokenizer::appendStrBuf(char16_t* buffer, int32_t offset, int32_t length)
|
nsHtml5Tokenizer::appendStrBuf(char16_t* buffer, int32_t offset, int32_t length)
|
||||||
{
|
{
|
||||||
int32_t newLen = strBufLen + length;
|
int32_t newLen = nsHtml5Portability::checkedAdd(strBufLen, length);
|
||||||
MOZ_ASSERT(newLen <= strBuf.length, "Previous buffer length insufficient.");
|
MOZ_ASSERT(newLen <= strBuf.length, "Previous buffer length insufficient.");
|
||||||
if (MOZ_UNLIKELY(strBuf.length < newLen)) {
|
if (MOZ_UNLIKELY(strBuf.length < newLen)) {
|
||||||
if (MOZ_UNLIKELY(!EnsureBufferSpace(length))) {
|
if (MOZ_UNLIKELY(!EnsureBufferSpace(length))) {
|
||||||
|
|
Loading…
Reference in New Issue