Implement CSP 'navigate-to' directive
Categories
(Core :: DOM: Security, enhancement, P3)
Tracking
()
Tracking | Status | |
---|---|---|
firefox71 | --- | fixed |
People
(Reporter: dveditz, Assigned: beriksson)
References
(Depends on 2 open bugs, Blocks 2 open bugs)
Details
(Keywords: dev-doc-needed, Whiteboard: [domsecurity-active])
Attachments
(1 file)
We need to implement the CSP3 'navigate-to' directive, which limits the targets of any navigation (<a>, <form>, window.open(), window.location, etc. (Note that if there is also a 'form-action' directive then that regulates <form>)
Updated•6 years ago
|
Reporter | ||
Updated•6 years ago
|
Updated•5 years ago
|
Assignee | ||
Comment 1•5 years ago
|
||
Implementation of the navigate-to CSP directive as defined in CSP Level 3, https://www.w3.org/TR/CSP3/#directive-navigate-to
Updated•5 years ago
|
Assignee | ||
Updated•5 years ago
|
Pushed by apavel@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/d0aae34d9b95
navigate-to r=ckerschb,mccr8
Comment 3•5 years ago
|
||
Backed out for android wpt failures at form-redirected-blocked.sub.htm
Failure log: https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=260207847&repo=autoland&lineNumber=1755
Backout: https://hg.mozilla.org/integration/autoland/rev/b1aef4fe06b176c13035904604273426d352b61d
Comment 4•5 years ago
|
||
Hey snorp, is Android doing anything special for form-submissions? I mean other than desktop firefox? Within this patch we are setting a new flag on the loadinfo in case it's a form submission so we can discard the navigate-to directive in that case within CSP.
Any pointers for us would be helpful - we can't reason why that test would be failing on Android.
(In reply to Christoph Kerschbaumer [:ckerschb] from comment #4)
Hey snorp, is Android doing anything special for form-submissions? I mean other than desktop firefox? Within this patch we are setting a new flag on the loadinfo in case it's a form submission so we can discard the navigate-to directive in that case within CSP.
Any pointers for us would be helpful - we can't reason why that test would be failing on Android.
AFAIK we don't do anything special for form submission.
Assignee | ||
Updated•5 years ago
|
Updated•5 years ago
|
Pushed by ncsoregi@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/99b313550fb8
Implementation of the navigate-to CSP directive as defined in CSP Level 3. r=ckerschb,mccr8
Comment 7•5 years ago
|
||
Backed out for eslint failure on test_navigate_to.html
backout: https://hg.mozilla.org/integration/autoland/rev/79806b618b39671202fac8c9f9817f2aa4252034
failure log: https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=264985352&repo=autoland&lineNumber=224
[task 2019-09-04T17:55:24.451Z] copying build/lib.linux-x86_64-2.7/psutil/_psutil_posix.so -> psutil
[task 2019-09-04T17:55:24.451Z]
[task 2019-09-04T17:55:24.451Z] Error processing command. Ignoring because optional. (optional:packages.txt:comm/build/virtualenv_packages.txt)
[task 2019-09-04T18:08:03.320Z] TEST-UNEXPECTED-ERROR | /builds/worker/checkouts/gecko/dom/security/test/csp/test_navigate_to.html:125:3 | Expected method shorthand. (object-shorthand)
[task 2019-09-04T18:08:03.320Z] TEST-UNEXPECTED-ERROR | /builds/worker/checkouts/gecko/dom/security/test/csp/test_navigate_to.html:134:3 | Expected method shorthand. (object-shorthand)
[taskcluster 2019-09-04 18:08:03.633Z] === Task Finished ===
[taskcluster 2019-09-04 18:08:04.845Z] Unsuccessful task run with exit code: 1 completed in 1002.744 seconds
failure log bustage: https://treeherder.mozilla.org/logviewer.html#/jobs?job_id=264988158&repo=autoland&lineNumber=69985
[task 2019-09-04T18:15:16.396Z] 18:15:16 INFO - In file included from /builds/worker/workspace/build/src/obj-firefox/docshell/base/Unified_cpp_docshell_base0.cpp:83:
[task 2019-09-04T18:15:16.396Z] 18:15:16 ERROR - /builds/worker/workspace/build/src/docshell/base/nsDocShell.cpp:9873:5: error: use of undeclared identifier 'rv'
[task 2019-09-04T18:15:16.396Z] 18:15:16 INFO - rv = csp->GetAllowsNavigateTo(aLoadState->URI(), loadInfo,
[task 2019-09-04T18:15:16.396Z] 18:15:16 INFO - ^
[task 2019-09-04T18:15:16.396Z] 18:15:16 ERROR - /builds/worker/workspace/build/src/docshell/base/nsDocShell.cpp:9873:54: error: use of undeclared identifier 'loadInfo'; did you mean 'aLoadInfo'?
[task 2019-09-04T18:15:16.396Z] 18:15:16 INFO - rv = csp->GetAllowsNavigateTo(aLoadState->URI(), loadInfo,
[task 2019-09-04T18:15:16.396Z] 18:15:16 INFO - ^~~~~~~~
[task 2019-09-04T18:15:16.396Z] 18:15:16 INFO - aLoadInfo
[task 2019-09-04T18:15:16.396Z] 18:15:16 INFO - /builds/worker/workspace/build/src/docshell/base/nsDocShell.cpp:9792:48: note: 'aLoadInfo' declared here
[task 2019-09-04T18:15:16.396Z] 18:15:16 INFO - nsDocShellLoadState* aLoadState, LoadInfo* aLoadInfo,
[task 2019-09-04T18:15:16.396Z] 18:15:16 INFO - ^
[task 2019-09-04T18:15:16.396Z] 18:15:16 ERROR - /builds/worker/workspace/build/src/docshell/base/nsDocShell.cpp:9877:23: error: use of undeclared identifier 'rv'
[task 2019-09-04T18:15:16.397Z] 18:15:16 INFO - NS_ENSURE_SUCCESS(rv, rv);
[task 2019-09-04T18:15:16.397Z] 18:15:16 INFO - ^
[task 2019-09-04T18:15:16.397Z] 18:15:16 ERROR - /builds/worker/workspace/build/src/docshell/base/nsDocShell.cpp:9877:27: error: use of undeclared identifier 'rv'
[task 2019-09-04T18:15:16.397Z] 18:15:16 INFO - NS_ENSURE_SUCCESS(rv, rv);
[task 2019-09-04T18:15:16.397Z] 18:15:16 INFO - ^
[task 2019-09-04T18:15:16.397Z] 18:15:16 ERROR - /builds/worker/workspace/build/src/docshell/base/nsDocShell.cpp:9880:14: error: cannot initialize return object of type 'bool' with an lvalue of type 'const nsresult'
[task 2019-09-04T18:15:16.397Z] 18:15:16 INFO - return NS_ERROR_CSP_NAVIGATE_TO_VIOLATION;
[task 2019-09-04T18:15:16.397Z] 18:15:16 INFO - ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[task 2019-09-04T18:15:16.397Z] 18:15:16 INFO - 5 errors generated.
Assignee | ||
Updated•5 years ago
|
Pushed by ncsoregi@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/890bcaee9b7d
Implementation of the navigate-to CSP directive as defined in CSP Level 3. r=ckerschb,mccr8
Comment 9•5 years ago
|
||
bugherder |
Comment 10•5 years ago
•
|
||
Backed out changeset 890bcaee9b7d (bug 1529068) for causing tier2 failures on multiple platforms on central in dom/security/test/csp/test_navigate_to.html. CLOSED TREE
Push with failures:
https://treeherder.mozilla.org/#/jobs?repo=autoland&revision=890bcaee9b7db0922f4bdf55e39646da0dafdc1a
Backout:
https://hg.mozilla.org/integration/autoland/rev/d1181cbf7840362b625c2f26203a1e52d761f41b
Updated•5 years ago
|
Comment 11•5 years ago
|
||
Backout merged: https://hg.mozilla.org/mozilla-central/rev/d1181cbf7840
Updated•5 years ago
|
Assignee | ||
Comment 12•5 years ago
|
||
Navigate-to is defined in the Content Security Policy Level 3 draft, https://w3c.github.io/webappsec-csp/#directive-navigate-to
The patch is behind pref since the specification is still not finalized.
Assignee | ||
Comment 13•5 years ago
|
||
Treeherder passing previously failed test: https://treeherder.mozilla.org/#/jobs?repo=try&revision=26e55acb07b5961b63bfd1a98d77ad0a14937738
Assignee | ||
Updated•5 years ago
|
Comment 14•5 years ago
|
||
Pushed by csabou@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/90b53eda6606
Implementation of the navigate-to CSP directive as defined in CSP Level 3. r=ckerschb,mccr8
Comment 15•5 years ago
|
||
Comment 16•5 years ago
|
||
Comment 17•5 years ago
|
||
bugherder |
Comment 18•5 years ago
|
||
For the docs, it looks like this is implemented behind the "security.csp.enableNavigateTo" preference.
i.e. not shipping in Firefox 71. Is that correct, :ckerschb?
Page to update would be https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/navigate-to
Comment 19•5 years ago
|
||
(In reply to Florian Scholz [:fscholz] (MDN) from comment #18)
For the docs, it looks like this is implemented behind the "security.csp.enableNavigateTo" preference.
i.e. not shipping in Firefox 71. Is that correct, :ckerschb?
Correct, we are not shipping in 71 and as of now don't have a date/Firefox version when we will pref that security mechanism on.
Thanks for adding/updating the docs.
Comment 20•3 years ago
|
||
Any updates on navigate-to being enabled by default?
Updated•3 years ago
|
Reporter | ||
Updated•3 years ago
|
Comment 21•3 years ago
|
||
(In reply to Eli Grey (:sephr) from comment #20)
Any updates on navigate-to being enabled by default?
The navigate-to
is still experimental. As of now, we don't have any concrete plans to ship it.
Description
•