Closed Bug 1182087 Opened 9 years ago Closed 9 years ago

Test CSP violation report scenarios with fetch interception

Categories

(Core :: DOM: Service Workers, defect)

Product:
Core
Component:
DOM: Service Workers
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID
Milestone:
FxOS-S3 (24Jul)
Tracking Flags:
Tracking Status
firefox42 --- affected

People

(Reporter: noemi, Assigned: amac)

References

Details

      No description provided.
Target Milestone: --- → FxOS-S3 (24Jul)
I've been writing some test pages for this, and... I can't see how this might be exploitable. The CSP report is intercepted (there's already a test for that), but the response is never exposed to content as far as I can see on the code the result of the report is not exposed anywhere (/dom/security/nsCSPContext.cpp just seem to read the response and then throw it away happily). So I can't write a mochitest or a platform test for this because... from the content there's nothing to be seen.

The only thing that might be a problem here is that CSP reports don't follow redirects, but the service worker could do something like

e.respondWith(fetch(e.request)) and... I think that if a redirect is returned that *would* follow the redirect (correctly too since it's a new fetch and not the original one) and wouldn't give a warning.

So... not much to do here I believe. WDYT, Ehsan?
Flags: needinfo?(ehsan)
You're right!
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Flags: needinfo?(ehsan)
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.