Closed Bug 1331838 Opened 8 years ago Closed 8 years ago

Remove support for app URIs in CSP directives

Categories

(Core :: DOM: Security, defect)

Product:
Core
Component:
DOM: Security
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla53
Tracking Flags:
Tracking Status
firefox53 --- fixed

People

(Reporter: ehsan.akhgari, Assigned: ehsan.akhgari)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

Remove support for app URIs in CSP directives
(deleted), patch
ckerschb
: review+
Details | Diff | Splinter Review
No description provided.
Attachment #8827719 - Flags: review?(ckerschb)
Assignee: nobody → ehsan
Blocks: nukeb2g
Comment on attachment 8827719 [details] [diff] [review] Remove support for app URIs in CSP directives Review of attachment 8827719 [details] [diff] [review]: ----------------------------------------------------------------- I thought I had already written a patch like this a while ago but now I can't find it anymore. Either way, this code should go away - thanks for fixing Ehsan. r=me
Attachment #8827719 - Flags: review?(ckerschb) → review+
Pushed by eakhgari@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/8acb67f2e136 Remove support for app URIs in CSP directives; r=ckerschb
Backed out for failing GTest CSPParser.SimplePolicies: https://hg.mozilla.org/integration/mozilla-inbound/rev/7715d62057e50fdafddeca167ecf2d1dbd79b35b Push with failures: https://treeherder.mozilla.org/#/jobs?repo=mozilla-inbound&revision=2f86db66e8e44f993004c4f4853d0f51a94a381b Failure log: https://treeherder.mozilla.org/logviewer.html#?job_id=69955534&repo=mozilla-inbound [task 2017-01-18T14:55:39.728954Z] 14:55:39 INFO - TEST-START | CSPParser.SimplePolicies [task 2017-01-18T14:55:39.729272Z] 14:55:39 WARNING - TEST-UNEXPECTED-FAIL | CSPParser.SimplePolicies | Value of: false [task 2017-01-18T14:55:39.729761Z] 14:55:39 INFO - Actual: false [task 2017-01-18T14:55:39.730064Z] 14:55:39 INFO - Expected: true [task 2017-01-18T14:55:39.730424Z] 14:55:39 INFO - Actual policy does not match expected policy (default-src 'none' != default-src app://{app-host-is-uid}) @ /home/worker/workspace/build/src/dom/security/test/gtest/TestCSPParser.cpp:160 [task 2017-01-18T14:55:39.730752Z] 14:55:39 WARNING - TEST-UNEXPECTED-FAIL | CSPParser.SimplePolicies | Value of: NS_SUCCEEDED(runTestSuite(policies, policyCount, 1)) [task 2017-01-18T14:55:39.731128Z] 14:55:39 INFO - Actual: false [task 2017-01-18T14:55:39.731456Z] 14:55:39 INFO - Expected: true @ /home/worker/workspace/build/src/dom/security/test/gtest/TestCSPParser.cpp:494 [task 2017-01-18T14:55:39.731821Z] 14:55:39 WARNING - TEST-UNEXPECTED-FAIL | CSPParser.SimplePolicies | test completed (time: 1ms) [task 2017-01-18T14:55:39.732227Z] 14:55:39 INFO - TEST-START | CSPParser.PoliciesWithInvalidSrc [task 2017-01-18T14:55:39.732534Z] 14:55:39 INFO - TEST-PASS | CSPParser.PoliciesWithInvalidSrc | test completed (time: 1ms) [task 2017-01-18T14:55:39.732867Z] 14:55:39 INFO - TEST-START | CSPParser.BadPolicies [task 2017-01-18T14:55:39.733199Z] 14:55:39 INFO - TEST-PASS | CSPParser.BadPolicies | test completed (time: 0ms) [task 2017-01-18T14:55:39.733534Z] 14:55:39 INFO - TEST-START | CSPParser.GoodGeneratedPolicies [task 2017-01-18T14:55:39.733849Z] 14:55:39 WARNING - TEST-UNEXPECTED-FAIL | CSPParser.GoodGeneratedPolicies | Value of: false [task 2017-01-18T14:55:39.734273Z] 14:55:39 INFO - Actual: false [task 2017-01-18T14:55:39.734571Z] 14:55:39 INFO - Expected: true [task 2017-01-18T14:55:39.735001Z] 14:55:39 INFO - Actual policy does not match expected policy (default-src 'none' != default-src http://{app-url-is-uid}) @ /home/worker/workspace/build/src/dom/security/test/gtest/TestCSPParser.cpp:160 [task 2017-01-18T14:55:39.735355Z] 14:55:39 WARNING - TEST-UNEXPECTED-FAIL | CSPParser.GoodGeneratedPolicies | Value of: NS_SUCCEEDED(runTestSuite(policies, policyCount, 1)) [task 2017-01-18T14:55:39.735725Z] 14:55:39 INFO - Actual: false [task 2017-01-18T14:55:39.736062Z] 14:55:39 INFO - Expected: true @ /home/worker/workspace/build/src/dom/security/test/gtest/TestCSPParser.cpp:847 [task 2017-01-18T14:55:39.736388Z] 14:55:39 WARNING - TEST-UNEXPECTED-FAIL | CSPParser.GoodGeneratedPolicies | test completed (time: 1ms)
Flags: needinfo?(ehsan)
Right... I also need to remove the corresponding tests.
Flags: needinfo?(ehsan)
(In reply to :Ehsan Akhgari from comment #5) > Right... I also need to remove the corresponding tests. Yeah, there are a few |{app-...| tests within TestCSPParser. I am still around for review.
Pushed by eakhgari@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/7040329487e9 Remove support for app URIs in CSP directives; r=ckerschb
Pushed by eakhgari@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/1f5a359e77c4 Backout changeset 7040329487e9 because it was the wrong patch https://hg.mozilla.org/integration/mozilla-inbound/rev/fe7a8f94d0ad Remove support for app URIs in CSP directives; r=ckerschb
https://hg.mozilla.org/mozilla-central/rev/fe7a8f94d0ad
Status: NEW → RESOLVED
Closed: 8 years ago
status-firefox53: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla53
No longer blocks: 1369194
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: