mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 863878 - The CSP logging from bug 821877 should go to the new Security Pane in the Web Console. r=bzbarsky r=ddahl
This commit is contained in:
parent
986ed711e2
commit
02b569fd5b
@ -12,14 +12,17 @@ function test()
|
||||
browser.addEventListener("load", function onLoad(aEvent) {
|
||||
browser.removeEventListener(aEvent.type, onLoad, true);
|
||||
openConsole(null, function testCSPErrorLogged (hud) {
|
||||
waitForSuccess({
|
||||
name: "CSP error displayed successfully",
|
||||
validatorFn: function () {
|
||||
return hud.outputNode.textContent.indexOf(CSP_DEPRECATED_HEADER_MSG) > -1;
|
||||
},
|
||||
successFn: finishTest,
|
||||
failureFn: finishTest,
|
||||
});
|
||||
waitForMessages({
|
||||
webconsole: hud,
|
||||
messages: [
|
||||
{
|
||||
name: "Deprecated CSP header error displayed successfully",
|
||||
text: CSP_DEPRECATED_HEADER_MSG,
|
||||
category: CATEGORY_SECURITY,
|
||||
severity: SEVERITY_WARNING
|
||||
},
|
||||
],
|
||||
}).then(finishTest);
|
||||
});
|
||||
}, true);
|
||||
}
|
||||
|
@ -4278,6 +4278,7 @@ var Utils = {
|
||||
return CATEGORY_CSS;
|
||||
|
||||
case "Mixed Content Blocker":
|
||||
case "CSP":
|
||||
return CATEGORY_SECURITY;
|
||||
|
||||
default:
|
||||
|
@ -2373,7 +2373,7 @@ CSPErrorQueue::Flush(nsIDocument* aDocument)
|
||||
for (uint32_t i = 0; i < mErrors.Length(); i++) {
|
||||
nsContentUtils::ReportToConsole(nsIScriptError::warningFlag,
|
||||
"CSP", aDocument,
|
||||
nsContentUtils::eDOM_PROPERTIES,
|
||||
nsContentUtils::eSECURITY_PROPERTIES,
|
||||
mErrors[i]);
|
||||
}
|
||||
mErrors.Clear();
|
||||
@ -2530,22 +2530,11 @@ nsDocument::InitCSP(nsIChannel* aChannel)
|
||||
|
||||
// If the old header is present, warn that it will be deprecated.
|
||||
if (!cspOldHeaderValue.IsEmpty() || !cspOldROHeaderValue.IsEmpty()) {
|
||||
nsContentUtils::ReportToConsole(nsIScriptError::warningFlag,
|
||||
"CSP", this,
|
||||
nsContentUtils::eDOM_PROPERTIES,
|
||||
"OldCSPHeaderDeprecated");
|
||||
|
||||
// Additionally log deprecated warning to Web Console.
|
||||
mCSPWebConsoleErrorQueue.Add("OldCSPHeaderDeprecated");
|
||||
|
||||
// Also, if the new headers AND the old headers were present, warn
|
||||
// that the old headers will be ignored.
|
||||
if (cspSpecCompliant) {
|
||||
nsContentUtils::ReportToConsole(nsIScriptError::warningFlag,
|
||||
"CSP", this,
|
||||
nsContentUtils::eDOM_PROPERTIES,
|
||||
"BothCSPHeadersPresent");
|
||||
// Additionally log to Web Console.
|
||||
mCSPWebConsoleErrorQueue.Add("BothCSPHeadersPresent");
|
||||
}
|
||||
}
|
||||
@ -2582,11 +2571,6 @@ nsDocument::InitCSP(nsIChannel* aChannel)
|
||||
// CSP policies are present since CSP only allows one policy and it can't
|
||||
// be partially report-only.
|
||||
if (applyAppDefaultCSP || applyCSPFromHeader) {
|
||||
nsContentUtils::ReportToConsole(nsIScriptError::warningFlag,
|
||||
"CSP", this,
|
||||
nsContentUtils::eDOM_PROPERTIES,
|
||||
"ReportOnlyCSPIgnored");
|
||||
// Additionally log to Web Console.
|
||||
mCSPWebConsoleErrorQueue.Add("ReportOnlyCSPIgnored");
|
||||
#ifdef PR_LOGGING
|
||||
PR_LOG(gCspPRLog, PR_LOG_DEBUG,
|
||||
|
@ -83,7 +83,6 @@ RemovedFullScreenElement=Exited full-screen because full-screen element was remo
|
||||
FocusedWindowedPluginWhileFullScreen=Exited full-screen because windowed plugin was focused.
|
||||
HTMLSyncXHRWarning=HTML parsing in XMLHttpRequest is not supported in the synchronous mode.
|
||||
InvalidRedirectChannelWarning=Unable to redirect to %S because the channel doesn't implement nsIWritablePropertyBag2.
|
||||
ReportOnlyCSPIgnored=Report-only CSP policy will be ignored because there are other non-report-only CSP policies applied.
|
||||
ResponseTypeSyncXHRWarning=Use of XMLHttpRequest's responseType attribute is no longer supported in the synchronous mode in window context.
|
||||
WithCredentialsSyncXHRWarning=Use of XMLHttpRequest's withCredentials attribute is no longer supported in the synchronous mode in window context.
|
||||
TimeoutSyncXHRWarning=Use of XMLHttpRequest's timeout attribute is not supported in the synchronous mode in window context.
|
||||
@ -128,10 +127,6 @@ PluginHangUIWaitButton=Continue
|
||||
PluginHangUIStopButton=Stop plugin
|
||||
# LOCALIZATION NOTE: Do not translate "mozHidden", "mozVisibilityState", "hidden", or "visibilityState"
|
||||
PrefixedVisibilityApiWarning='mozHidden' and 'mozVisibilityState' are deprecated. Please use the unprefixed 'hidden' and 'visibilityState' instead.
|
||||
# LOCALIZATION NOTE: Do not translate "X-Content-Security-Policy", "X-Content-Security-Policy-Report-Only", "Content-Security-Policy" or "Content-Security-Policy-Report-Only"
|
||||
OldCSPHeaderDeprecated=The X-Content-Security-Policy and X-Content-Security-Report-Only headers will be deprecated in the future. Please use the Content-Security-Policy and Content-Security-Report-Only headers with CSP spec compliant syntax instead.
|
||||
# LOCALIZATION NOTE: Do not translate "X-Content-Security-Policy/Report-Only" or "Content-Security-Policy/Report-Only"
|
||||
BothCSPHeadersPresent=This site specified both an X-Content-Security-Policy/Report-Only header and a Content-Security-Policy/Report-Only header. The X-Content-Security-Policy/Report-Only header(s) will be ignored.
|
||||
# LOCALIZATION NOTE: Do not translate "NodeIterator" or "detach()".
|
||||
NodeIteratorDetachWarning=Calling detach() on a NodeIterator no longer has an effect.
|
||||
# LOCALIZATION NOTE: Do not translate "Mozilla Audio Data API" and "Web Audio API".
|
||||
|
@ -1,2 +1,10 @@
|
||||
# Mixed Content Blocker
|
||||
BlockMixedDisplayContent = Blocked loading mixed display content "%1$S"
|
||||
BlockMixedActiveContent = Blocked loading mixed active content "%1$S"
|
||||
|
||||
# CSP
|
||||
ReportOnlyCSPIgnored=Report-only CSP policy will be ignored because there are other non-report-only CSP policies applied.
|
||||
# LOCALIZATION NOTE: Do not translate "X-Content-Security-Policy", "X-Content-Security-Policy-Report-Only", "Content-Security-Policy" or "Content-Security-Policy-Report-Only"
|
||||
OldCSPHeaderDeprecated=The X-Content-Security-Policy and X-Content-Security-Report-Only headers will be deprecated in the future. Please use the Content-Security-Policy and Content-Security-Report-Only headers with CSP spec compliant syntax instead.
|
||||
# LOCALIZATION NOTE: Do not translate "X-Content-Security-Policy/Report-Only" or "Content-Security-Policy/Report-Only"
|
||||
BothCSPHeadersPresent=This site specified both an X-Content-Security-Policy/Report-Only header and a Content-Security-Policy/Report-Only header. The X-Content-Security-Policy/Report-Only header(s) will be ignored.
|
||||
|
Loading…
Reference in New Issue
Block a user