All users were logged out of Bugzilla on October 13th, 2018

CSPRep.fromString creates a channel out of thin air

RESOLVED FIXED in Firefox 18

Status

()

RESOLVED FIXED
6 years ago
5 years ago

People

(Reporter: jdm, Assigned: jdm)

Tracking

(Blocks: 1 bug)

Trunk
mozilla18
x86_64
Linux
Points:
---
Dependency tree / graph
Bug Flags:
in-testsuite ?

Firefox Tracking Flags

(firefox18+ fixed)

Details

Attachments

(1 attachment)

(Assignee)

Description

6 years ago
http://mxr.mozilla.org/mozilla-central/source/content/base/src/CSPUtils.jsm#401

This looks like it should be assigned the same loadgroup as the originating document to prevent information leakage in private browsing.
It used to be a chrome XHR, but that got changed in bug 558431.  But yeah, it should probably be in the same loadgroup as the document for purposes of private browsing.
Blocks: 493857
Component: DOM → DOM: Core & HTML

Updated

6 years ago
Assignee: nobody → josh
tracking-firefox18: --- → +
(Assignee)

Comment 2

6 years ago
Created attachment 663260 [details] [diff] [review]
Make CSP report channel respect the privacy status of the original request.

Sid, I would love to write a test for this but I couldn't find any examples of tests that do things with valid async policy-uri directives. If you can give me some pointers, the code to check whether the request is cached correctly is simple.
Attachment #663260 - Flags: review?(sstamm)
Comment on attachment 663260 [details] [diff] [review]
Make CSP report channel respect the privacy status of the original request.

Review of attachment 663260 [details] [diff] [review]:
-----------------------------------------------------------------

r=me

Note: your patch comment has r=sstam in it (should be r=sstamm or r=geekboy).

I think the patch in bug 558431 has xpcshell async policy-uri tests -- see the patch to test_csputils.js and test_bug558431.js.  I'd love to have tests for this if you can.
Attachment #663260 - Flags: review?(sstamm) → review+
(Assignee)

Comment 4

6 years ago
It doesn't look like it's going to be a simple task to write a test for this - in xpcshell we can run a server on the policy port, but then we don't have a document and loadgroup and so forth. We can't easily run a server in something like mochitest-browser-chrome, as far as I know, so I think I'm going to have to punt on automatic tests.
https://hg.mozilla.org/mozilla-central/rev/b8e4333af38a

Should this have a test?
Status: NEW → RESOLVED
Last Resolved: 6 years ago
status-firefox18: --- → fixed
Flags: in-testsuite?
Resolution: --- → FIXED
Target Milestone: --- → mozilla18
Can someone provide some STR so I can verify this fix please?
You need to log in before you can comment on or make changes to this bug.