Bug 1697163 - restrict systemprincipal telemetry to scripts and styles r=ckerschb

Differential Revision: https://phabricator.services.mozilla.com/D107643
2021-03-11 09:43:54 +00:00 · 2021-03-11 09:43:54 +00:00 · 2100e901b0
commit 2100e901b0
parent b24e5f0f51
2 changed files with 14 additions and 8 deletions
--- a/dom/security/nsContentSecurityManager.cpp
+++ b/dom/security/nsContentSecurityManager.cpp
@ -797,6 +797,12 @@ void nsContentSecurityManager::MeasureUnexpectedPrivilegedLoads(
  if (!StaticPrefs::dom_security_unexpected_system_load_telemetry_enabled()) {
    return;
  }
+  // restricting reported types to script and styles
+  // to be continued in follow-ups of bug 1697163.
+  if (aContentPolicyType != ExtContentPolicyType::TYPE_SCRIPT &&
+      aContentPolicyType != ExtContentPolicyType::TYPE_STYLESHEET) {
+    return;
+  }
  nsAutoCString uriString;
  if (aFinalURI) {
    aFinalURI->GetAsciiSpec(uriString);
--- a/dom/security/test/gtest/TestUnexpectedPrivilegedLoads.cpp
+++ b/dom/security/test/gtest/TestUnexpectedPrivilegedLoads.cpp
@ -72,15 +72,15 @@ TEST_F(TelemetryTestFixture, UnexpectedPrivilegedLoadsTelemetryTest) {
      {// test for cases where finalURI is null, due to a broken nested URI
       // .. like malformed moz-icon URLs
       "moz-icon:blahblah"_ns,
-       ExtContentPolicy::TYPE_IMAGE,
+       ExtContentPolicy::TYPE_STYLESHEET,
       "web"_ns,
-       {"other"_ns, "TYPE_IMAGE"_ns, "web"_ns, "unknown"_ns}},
+       {"other"_ns, "TYPE_STYLESHEET"_ns, "web"_ns, "unknown"_ns}},
      {// we dont report data urls
       // ..and test that we strip of URLs from remoteTypes
       "data://blahblahblah"_ns,
-       ExtContentPolicy::TYPE_DOCUMENT,
+       ExtContentPolicy::TYPE_SCRIPT,
       "webCOOP+COEP=https://data.example"_ns,
-       {"dataurl"_ns, "TYPE_DOCUMENT"_ns, "webCOOP+COEP"_ns, "unknown"_ns}},
+       {"dataurl"_ns, "TYPE_SCRIPT"_ns, "webCOOP+COEP"_ns, "unknown"_ns}},
      {// we only report file URLs on windows, where we can easily sanitize
       "file://c/users/tom/file.txt"_ns,
       ExtContentPolicy::TYPE_SCRIPT,
@ -96,15 +96,15 @@ TEST_F(TelemetryTestFixture, UnexpectedPrivilegedLoadsTelemetryTest) {
       }},
      {// test for cases where finalURI is empty
       ""_ns,
-       ExtContentPolicy::TYPE_IMAGE,
+       ExtContentPolicy::TYPE_STYLESHEET,
       "web"_ns,
-       {"other"_ns, "TYPE_IMAGE"_ns, "web"_ns, "unknown"_ns}},
+       {"other"_ns, "TYPE_STYLESHEET"_ns, "web"_ns, "unknown"_ns}},
      {// test for cases where finalURI is null, due to the struct layout, we'll
       // override the URL with nullptr in loop below.
       "URLWillResultInNullPtr"_ns,
-       ExtContentPolicy::TYPE_FONT,
+       ExtContentPolicy::TYPE_SCRIPT,
       "web"_ns,
-       {"other"_ns, "TYPE_FONT"_ns, "web"_ns, "unknown"_ns}},
+       {"other"_ns, "TYPE_SCRIPT"_ns, "web"_ns, "unknown"_ns}},
  };

  int i = 0;