Closed
Bug 1331838
Opened 8 years ago
Closed 8 years ago
Remove support for app URIs in CSP directives
Categories
(Core :: DOM: Security, defect)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
mozilla53
Tracking | Status | |
---|---|---|
firefox53 | --- | fixed |
People
(Reporter: ehsan.akhgari, Assigned: ehsan.akhgari)
References
(Blocks 1 open bug)
Details
Attachments
(1 file)
(deleted),
patch
|
ckerschb
:
review+
|
Details | Diff | Splinter Review |
No description provided.
Assignee | ||
Comment 1•8 years ago
|
||
Attachment #8827719 -
Flags: review?(ckerschb)
Comment 2•8 years ago
|
||
Comment on attachment 8827719 [details] [diff] [review]
Remove support for app URIs in CSP directives
Review of attachment 8827719 [details] [diff] [review]:
-----------------------------------------------------------------
I thought I had already written a patch like this a while ago but now I can't find it anymore. Either way, this code should go away - thanks for fixing Ehsan. r=me
Attachment #8827719 -
Flags: review?(ckerschb) → review+
Pushed by eakhgari@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/8acb67f2e136
Remove support for app URIs in CSP directives; r=ckerschb
Comment 4•8 years ago
|
||
Backed out for failing GTest CSPParser.SimplePolicies:
https://hg.mozilla.org/integration/mozilla-inbound/rev/7715d62057e50fdafddeca167ecf2d1dbd79b35b
Push with failures: https://treeherder.mozilla.org/#/jobs?repo=mozilla-inbound&revision=2f86db66e8e44f993004c4f4853d0f51a94a381b
Failure log: https://treeherder.mozilla.org/logviewer.html#?job_id=69955534&repo=mozilla-inbound
[task 2017-01-18T14:55:39.728954Z] 14:55:39 INFO - TEST-START | CSPParser.SimplePolicies
[task 2017-01-18T14:55:39.729272Z] 14:55:39 WARNING - TEST-UNEXPECTED-FAIL | CSPParser.SimplePolicies | Value of: false
[task 2017-01-18T14:55:39.729761Z] 14:55:39 INFO - Actual: false
[task 2017-01-18T14:55:39.730064Z] 14:55:39 INFO - Expected: true
[task 2017-01-18T14:55:39.730424Z] 14:55:39 INFO - Actual policy does not match expected policy (default-src 'none' != default-src app://{app-host-is-uid}) @ /home/worker/workspace/build/src/dom/security/test/gtest/TestCSPParser.cpp:160
[task 2017-01-18T14:55:39.730752Z] 14:55:39 WARNING - TEST-UNEXPECTED-FAIL | CSPParser.SimplePolicies | Value of: NS_SUCCEEDED(runTestSuite(policies, policyCount, 1))
[task 2017-01-18T14:55:39.731128Z] 14:55:39 INFO - Actual: false
[task 2017-01-18T14:55:39.731456Z] 14:55:39 INFO - Expected: true @ /home/worker/workspace/build/src/dom/security/test/gtest/TestCSPParser.cpp:494
[task 2017-01-18T14:55:39.731821Z] 14:55:39 WARNING - TEST-UNEXPECTED-FAIL | CSPParser.SimplePolicies | test completed (time: 1ms)
[task 2017-01-18T14:55:39.732227Z] 14:55:39 INFO - TEST-START | CSPParser.PoliciesWithInvalidSrc
[task 2017-01-18T14:55:39.732534Z] 14:55:39 INFO - TEST-PASS | CSPParser.PoliciesWithInvalidSrc | test completed (time: 1ms)
[task 2017-01-18T14:55:39.732867Z] 14:55:39 INFO - TEST-START | CSPParser.BadPolicies
[task 2017-01-18T14:55:39.733199Z] 14:55:39 INFO - TEST-PASS | CSPParser.BadPolicies | test completed (time: 0ms)
[task 2017-01-18T14:55:39.733534Z] 14:55:39 INFO - TEST-START | CSPParser.GoodGeneratedPolicies
[task 2017-01-18T14:55:39.733849Z] 14:55:39 WARNING - TEST-UNEXPECTED-FAIL | CSPParser.GoodGeneratedPolicies | Value of: false
[task 2017-01-18T14:55:39.734273Z] 14:55:39 INFO - Actual: false
[task 2017-01-18T14:55:39.734571Z] 14:55:39 INFO - Expected: true
[task 2017-01-18T14:55:39.735001Z] 14:55:39 INFO - Actual policy does not match expected policy (default-src 'none' != default-src http://{app-url-is-uid}) @ /home/worker/workspace/build/src/dom/security/test/gtest/TestCSPParser.cpp:160
[task 2017-01-18T14:55:39.735355Z] 14:55:39 WARNING - TEST-UNEXPECTED-FAIL | CSPParser.GoodGeneratedPolicies | Value of: NS_SUCCEEDED(runTestSuite(policies, policyCount, 1))
[task 2017-01-18T14:55:39.735725Z] 14:55:39 INFO - Actual: false
[task 2017-01-18T14:55:39.736062Z] 14:55:39 INFO - Expected: true @ /home/worker/workspace/build/src/dom/security/test/gtest/TestCSPParser.cpp:847
[task 2017-01-18T14:55:39.736388Z] 14:55:39 WARNING - TEST-UNEXPECTED-FAIL | CSPParser.GoodGeneratedPolicies | test completed (time: 1ms)
Flags: needinfo?(ehsan)
Assignee | ||
Comment 5•8 years ago
|
||
Right... I also need to remove the corresponding tests.
Flags: needinfo?(ehsan)
Comment 6•8 years ago
|
||
(In reply to :Ehsan Akhgari from comment #5)
> Right... I also need to remove the corresponding tests.
Yeah, there are a few |{app-...| tests within TestCSPParser. I am still around for review.
Pushed by eakhgari@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/7040329487e9
Remove support for app URIs in CSP directives; r=ckerschb
Pushed by eakhgari@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/1f5a359e77c4
Backout changeset 7040329487e9 because it was the wrong patch
https://hg.mozilla.org/integration/mozilla-inbound/rev/fe7a8f94d0ad
Remove support for app URIs in CSP directives; r=ckerschb
Comment 9•8 years ago
|
||
bugherder |
Status: NEW → RESOLVED
Closed: 8 years ago
status-firefox53:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla53
You need to log in
before you can comment on or make changes to this bug.
Description
•