summaryrefslogtreecommitdiff
path: root/parser/html/nsHtml5TreeOpExecutor.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'parser/html/nsHtml5TreeOpExecutor.cpp')
-rw-r--r--parser/html/nsHtml5TreeOpExecutor.cpp56
1 files changed, 55 insertions, 1 deletions
diff --git a/parser/html/nsHtml5TreeOpExecutor.cpp b/parser/html/nsHtml5TreeOpExecutor.cpp
index a7a8f28f9c..33fb3d0c7d 100644
--- a/parser/html/nsHtml5TreeOpExecutor.cpp
+++ b/parser/html/nsHtml5TreeOpExecutor.cpp
@@ -1018,9 +1018,63 @@ nsHtml5TreeOpExecutor::SetSpeculationBase(const nsAString& aURL)
return;
}
const nsCString& charset = mDocument->GetDocumentCharacterSet();
- DebugOnly<nsresult> rv = NS_NewURI(getter_AddRefs(mSpeculationBaseURI), aURL,
+ nsCOMPtr<nsIURI> newBaseURI;
+ nsresult rv = NS_NewURI(getter_AddRefs(newBaseURI), aURL,
charset.get(), mDocument->GetDocumentURI());
NS_WARNING_ASSERTION(NS_SUCCEEDED(rv), "Failed to create a URI");
+ if (!newBaseURI) {
+ return;
+ }
+
+ if (!CSPService::sCSPEnabled) {
+ // If CSP is not enabled, just pass back the URI
+ mSpeculationBaseURI = newBaseURI;
+ return;
+ }
+
+ NS_ASSERTION(NS_IsMainThread(), "Wrong thread!");
+
+ nsCOMPtr<nsIPrincipal> principal = mDocument->NodePrincipal();
+ nsCOMPtr<nsIDOMDocument> domDoc = do_QueryInterface(mDocument);
+
+ // Check the document's CSP usually delivered via the CSP header.
+ nsCOMPtr<nsIContentSecurityPolicy> documentCsp;
+ rv = principal->EnsureCSP(domDoc, getter_AddRefs(documentCsp));
+ NS_ENSURE_SUCCESS_VOID(rv);
+ if (documentCsp) {
+ // base-uri should not fallback to the default-src and preloads should not
+ // trigger violation reports.
+ bool cspPermitsBaseURI = true;
+ rv = documentCsp->Permits(
+ newBaseURI,
+ nsIContentSecurityPolicy::BASE_URI_DIRECTIVE,
+ true /* aSpecific */,
+ false /* aSendViolationReports */,
+ &cspPermitsBaseURI);
+ if (NS_FAILED(rv) || !cspPermitsBaseURI) {
+ return;
+ }
+ }
+
+ // Also check the CSP discovered from the <meta> tag during speculative
+ // parsing.
+ nsCOMPtr<nsIContentSecurityPolicy> preloadCsp;
+ rv = principal->EnsurePreloadCSP(domDoc, getter_AddRefs(preloadCsp));
+ NS_ENSURE_SUCCESS_VOID(rv);
+ if (preloadCsp) {
+ bool cspPermitsBaseURI = true;
+ rv = preloadCsp->Permits(
+ newBaseURI,
+ nsIContentSecurityPolicy::BASE_URI_DIRECTIVE,
+ true /* aSpecific */,
+ false /* aSendViolationReports */,
+ &cspPermitsBaseURI);
+ if (NS_FAILED(rv) || !cspPermitsBaseURI) {
+ return;
+ }
+ }
+
+ mSpeculationBaseURI = newBaseURI;
}
void
generated by cgit v1.2.3 (git 2.26.2) at 2024-09-19 16:42:37 +0000