Bug 1868387 - Part 1: Make a pref, that enables origin security check for SetDocumentURI() method, r=smaug

Differential Revision: https://phabricator.services.mozilla.com/D195554
2023-12-13 15:14:35 +00:00 · 2023-12-13 15:14:35 +00:00 · 41283b7581
commit 41283b7581
parent b64693e408
3 changed files with 67 additions and 57 deletions
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@ -8752,6 +8752,7 @@ nsresult nsDocShell::HandleSameDocumentNavigation(
            ("Upgraded URI to %s", newURI->GetSpecOrDefault().get()));
  }

+  if (StaticPrefs::dom_security_setdocumenturi()) {
    // check if aLoadState->URI(), principalURI, mCurrentURI are same origin
    // skip handling otherwise
    nsCOMPtr<nsIPrincipal> origPrincipal = doc->NodePrincipal();
@ -8772,8 +8773,8 @@ nsresult nsDocShell::HandleSameDocumentNavigation(
      nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
      if (!NS_SUCCEEDED(
              ssm->CheckSameOriginURI(newURI, principalURI, false, false)) ||
-        !NS_SUCCEEDED(
-            ssm->CheckSameOriginURI(mCurrentURI, principalURI, false, false))) {
+          !NS_SUCCEEDED(ssm->CheckSameOriginURI(mCurrentURI, principalURI,
+                                                false, false))) {
        MOZ_LOG(gSHLog, LogLevel::Debug,
                ("nsDocShell[%p]: possible violation of the same origin policy "
                 "during same document navigation",
@ -8782,6 +8783,7 @@ nsresult nsDocShell::HandleSameDocumentNavigation(
        return NS_OK;
      }
    }
+  }

 #ifdef DEBUG
  if (aState.mSameExceptHashes) {
--- a/dom/ipc/WindowGlobalParent.cpp
+++ b/dom/ipc/WindowGlobalParent.cpp
@ -384,6 +384,7 @@ mozilla::ipc::IPCResult WindowGlobalParent::RecvInternalLoad(
 IPCResult WindowGlobalParent::RecvUpdateDocumentURI(nsIURI* aURI) {
  // XXX(nika): Assert that the URI change was one which makes sense (either
  // about:blank -> a real URI, or a legal push/popstate URI change):
+  if (StaticPrefs::dom_security_setdocumenturi()) {
    nsAutoCString scheme;
    if (NS_FAILED(aURI->GetScheme(scheme))) {
      return IPC_FAIL(this, "Setting DocumentURI without scheme.");
@ -420,6 +421,7 @@ IPCResult WindowGlobalParent::RecvUpdateDocumentURI(nsIURI* aURI) {
                        "principal URI");
      }
    }
+  }

  mDocumentURI = aURI;
  return IPC_OK();
--- a/modules/libpref/init/StaticPrefList.yaml
+++ b/modules/libpref/init/StaticPrefList.yaml
@ -3794,6 +3794,12 @@
  value: 120000
  mirror: always

+# SetDocumentURI security option, enforces origin check
+- name: dom.security.setdocumenturi
+  type: bool
+  value: true
+  mirror: always
+
 # Whether or not selection events on text controls are enabled.
 - name: dom.select_events.textcontrols.selectionchange.enabled
  type: bool