Closed
Bug 916881
Opened 10 years ago
Closed 10 years ago
remove stray refinePolicy call in CSPUtils.jsm (does not exist after fixing bug 836922)
Categories
(Core :: DOM: Core & HTML, defect)
Core
DOM: Core & HTML
Tracking
()
RESOLVED
FIXED
mozilla27
People
(Reporter: geekboy, Assigned: geekboy)
References
Details
Attachments
(1 file)
|
1.51 KB,
patch
|
grobinson
:
review+
|
Details | Diff | Splinter Review |
Bug 836922 removed refinePolicy, but it's still in the code. Need to remove it before it causes a bug in policy-uri fetching. 155 // problem fetching policy so fail closed 156 this._csp.refinePolicy("default-src 'none'", this._docURI, 157 this._csp._specCompliant);
|
Assignee | |
Comment 1•10 years ago
|
||
Changes refinePolicy to appendPolicy and adds a warning message in the console (for the failed attempt at fetching the policy).
Attachment #807354 -
Flags: review?(grobinson)
|
||
Updated•10 years ago
|
Attachment #807354 -
Flags: review?(grobinson) → review+
|
|
Assignee | |
Comment 2•10 years ago
|
||
Inbound: https://hg.mozilla.org/integration/mozilla-inbound/rev/1b86035e7da0
Target Milestone: --- → mozilla27
Backed out in http://hg.mozilla.org/integration/mozilla-inbound/rev/1ac76a8ec55a for multiple CSP-related test failures: https://tbpl.mozilla.org/php/getParsedLog.php?id=28478714&tree=Mozilla-Inbound https://tbpl.mozilla.org/php/getParsedLog.php?id=28478058&tree=Mozilla-Inbound https://tbpl.mozilla.org/php/getParsedLog.php?id=28478488&tree=Mozilla-Inbound
|
||
Comment 4•10 years ago
|
||
The broke B2G tests too. https://tbpl.mozilla.org/php/getParsedLog.php?id=28480963&tree=Mozilla-Inbound
1.1 --- a/content/base/src/CSPUtils.jsm
1.2 +++ b/content/base/src/CSPUtils.jsm
1.3 @@ -147,19 +147,23 @@ CSPPolicyURIListener.prototype = {
1.4 function(request, context, status) {
1.5 if (Components.isSuccessCode(status)) {
1.6 // send the policy we received back to the parent document's CSP
1.7 // for parsing
1.8 this._csp.appendPolicy(this._policy, this._docURI,
1.9 this._reportOnly, this._csp._specCompliant);
1.10 }
1.11 else {
1.12 - // problem fetching policy so fail closed
1.13 - this._csp.refinePolicy("default-src 'none'", this._docURI,
1.14 - this._csp._specCompliant);
1.15 + // problem fetching policy so fail closed by appending a "block it all"
1.16 + // policy. Also toss an error into the console so developers can see why
1.17 + // this policy is used.
1.18 + this._csp.log(WARN_FLAG, CSPLocalizer.getFormatStr("errorFetchingPolicy",
1.19 + [status]);
1.20 + this._csp.appendPolicy("default-src 'none'", this._docURI,
1.21 + this._reportOnly, this._csp._specCompliant);
1.22 }
1.23 // resume the parent document request
1.24 this._docRequest.resume();
1.25 }
1.26 };
1.27
1.28 //:::::::::::::::::::::::: CLASSES :::::::::::::::::::::::::://
Line 1.14 is missing a closing parenthesis, right?(In reply to Wes Kocher (:KWierso) from comment #5) > Line 1.14 is missing a closing parenthesis, right? Er, 1.19*
|
|
Assignee | |
Comment 7•10 years ago
|
||
Yep, sorry. I'll actually run this through try before re-landing.
|
|
Assignee | |
Comment 8•10 years ago
|
||
https://tbpl.mozilla.org/?tree=Try&rev=9209597b2694
|
|
Assignee | |
Comment 9•10 years ago
|
||
Try is green this time (fixed the missing paren). Inbound: https://hg.mozilla.org/integration/mozilla-inbound/rev/33be4ad3a720
|
||
Comment 10•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/33be4ad3a720
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
|
||
Updated•4 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•