nagai/fune
3
0
Fork 0
forked from mirrors/gecko-dev
Code Pull requests Activity

Bug 1697163 - restrict systemprincipal telemetry to scripts and styles r=ckerschb

Browse source 
Differential Revision: https://phabricator.services.mozilla.com/D107643
This commit is contained in:
Frederik Braun 2021-03-11 09:43:54 +00:00
parent b24e5f0f51
commit 2100e901b0
2 changed files with 14 additions and 8 deletions
repo.diff.show_diff_stats Download patch file Download diff file Expand all files Collapse all files

6
dom/security/nsContentSecurityManager.cpp
View file

@ -797,6 +797,12 @@ void nsContentSecurityManager::MeasureUnexpectedPrivilegedLoads(
if (!StaticPrefs::dom_security_unexpected_system_load_telemetry_enabled()) { if (!StaticPrefs::dom_security_unexpected_system_load_telemetry_enabled()) {
return; return;
} }
// restricting reported types to script and styles
// to be continued in follow-ups of bug 1697163.
if (aContentPolicyType != ExtContentPolicyType::TYPE_SCRIPT &&
aContentPolicyType != ExtContentPolicyType::TYPE_STYLESHEET) {
return;
}
nsAutoCString uriString; nsAutoCString uriString;
if (aFinalURI) { if (aFinalURI) {
aFinalURI->GetAsciiSpec(uriString); aFinalURI->GetAsciiSpec(uriString);

16
dom/security/test/gtest/TestUnexpectedPrivilegedLoads.cpp
View file

@ -72,15 +72,15 @@ TEST_F(TelemetryTestFixture, UnexpectedPrivilegedLoadsTelemetryTest) {
{// test for cases where finalURI is null, due to a broken nested URI {// test for cases where finalURI is null, due to a broken nested URI
// .. like malformed moz-icon URLs // .. like malformed moz-icon URLs
"moz-icon:blahblah"_ns, "moz-icon:blahblah"_ns,
ExtContentPolicy::TYPE_IMAGE, ExtContentPolicy::TYPE_STYLESHEET,
"web"_ns, "web"_ns,
{"other"_ns, "TYPE_IMAGE"_ns, "web"_ns, "unknown"_ns}}, {"other"_ns, "TYPE_STYLESHEET"_ns, "web"_ns, "unknown"_ns}},
{// we dont report data urls {// we dont report data urls
// ..and test that we strip of URLs from remoteTypes // ..and test that we strip of URLs from remoteTypes
"data://blahblahblah"_ns, "data://blahblahblah"_ns,
ExtContentPolicy::TYPE_DOCUMENT, ExtContentPolicy::TYPE_SCRIPT,
"webCOOP+COEP=https://data.example"_ns, "webCOOP+COEP=https://data.example"_ns,
{"dataurl"_ns, "TYPE_DOCUMENT"_ns, "webCOOP+COEP"_ns, "unknown"_ns}}, {"dataurl"_ns, "TYPE_SCRIPT"_ns, "webCOOP+COEP"_ns, "unknown"_ns}},
{// we only report file URLs on windows, where we can easily sanitize {// we only report file URLs on windows, where we can easily sanitize
"file://c/users/tom/file.txt"_ns, "file://c/users/tom/file.txt"_ns,
ExtContentPolicy::TYPE_SCRIPT, ExtContentPolicy::TYPE_SCRIPT,
@ -96,15 +96,15 @@ TEST_F(TelemetryTestFixture, UnexpectedPrivilegedLoadsTelemetryTest) {
}}, }},
{// test for cases where finalURI is empty {// test for cases where finalURI is empty
""_ns, ""_ns,
ExtContentPolicy::TYPE_IMAGE, ExtContentPolicy::TYPE_STYLESHEET,
"web"_ns, "web"_ns,
{"other"_ns, "TYPE_IMAGE"_ns, "web"_ns, "unknown"_ns}}, {"other"_ns, "TYPE_STYLESHEET"_ns, "web"_ns, "unknown"_ns}},
{// test for cases where finalURI is null, due to the struct layout, we'll {// test for cases where finalURI is null, due to the struct layout, we'll
// override the URL with nullptr in loop below. // override the URL with nullptr in loop below.
"URLWillResultInNullPtr"_ns, "URLWillResultInNullPtr"_ns,
ExtContentPolicy::TYPE_FONT, ExtContentPolicy::TYPE_SCRIPT,
"web"_ns, "web"_ns,
{"other"_ns, "TYPE_FONT"_ns, "web"_ns, "unknown"_ns}}, {"other"_ns, "TYPE_SCRIPT"_ns, "web"_ns, "unknown"_ns}},
}; };
int i = 0; int i = 0;