Closed Bug 1566453 Opened 5 years ago Closed 5 years ago

Teach loadinfo if navigation was form-submission

Categories

(Core :: DOM: Security, task)

Product:
Core
Component:
DOM: Security
Type:
task
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla70
Tracking Flags:
Tracking Status
firefox70 --- fixed

People

(Reporter: ckerschb, Assigned: beriksson)

References

Details

(Whiteboard: [domsecurity-active])

Attachments

(1 file)

Bug 1566453: Added flag to detect if a load was initiated by a form submission
47 bytes, text/x-phabricator-request
Details | Review

The code within HTMLFormSubmission [1] needs to pass the CSP so navigate-to can query it within the docshell.

[1] https://searchfox.org/mozilla-central/source/dom/html/HTMLFormElement.cpp#703

Hey Nika, when implementing CSP 'navigate-to', we need to discard the 'navigate-to' directive in case 'form-action' is set. To do that we would need to know whether a docshell load originated from a form submission. I looked through docshell code and couldn't find anything. I would suggest we extend OnLinkClickSync() [1] by an additional boolean argument indicating the load originated from a form submission here [2].

Would you agree to that or is there a better alternative already available within docshell which allows us to query whether a load originated from a form submission?

[1] https://searchfox.org/mozilla-central/source/docshell/base/nsDocShell.h#264
[2] https://searchfox.org/mozilla-central/source/dom/html/HTMLFormElement.cpp#703

Flags: needinfo?(nika)

That sounds plausible, but I'm going to 302 :bz this one.

Flags: needinfo?(nika) → needinfo?(bzbarsky)

OnLinkClickSync can just examine aContent->IsHTMLElement(nsGkAtoms::form) to determine whether we're doing a form submission, right?

You presumably need to add the "is a form submission state" to LoadInfo so you can implement https://w3c.github.io/webappsec-csp/#navigate-to-navigation-response correctly, so will need to add it to nsDocShellLoadState or something. But you don't need a new argument on OnLinkClickSync, afaict.

Flags: needinfo?(bzbarsky)

Bugbug thinks this bug is a task, but please change it back in case of error.

Type: defect → task
Summary: HTMLFormSubmission needs to pass CSP to OnLinkClickSync → Teach loadinfo if navigation was form-submission

The flag in loadinfo can be used to detect if a load was initiated by a form submission. This is crucial for implmenting the CSP directive navigate-to. https://www.w3.org/TR/CSP3/#navigate-to-pre-navigate

Keywords: checkin-needed

Pushed by ccoroiu@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/dec63fb72f14
Added flag to detect if a load was initiated by a form submission r=ckerschb

Keywords: checkin-needed

https://hg.mozilla.org/mozilla-central/rev/dec63fb72f14

Status: ASSIGNED → RESOLVED
Closed: 5 years ago
status-firefox70: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla70
Regressions: 1569889
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: