From 2bb95c6160a0643285c6d168bbe5079b846cd3a4 Mon Sep 17 00:00:00 2001
From: Alexandre Poirot <poirot.alex@gmail.com>
Date: Tue, 21 Jan 2014 11:28:58 -0500
Subject: [PATCH] Bug 949549 - Ensure that CSP warnings reach webconsole for
 document hosted on app:// protocol. r=sstamm

---
 .../base/public/nsIContentSecurityPolicy.idl  |  6 +-
 content/base/src/contentSecurityPolicy.js     |  2 +-
 content/base/src/nsDocument.cpp               |  2 +-
 content/base/test/csp/mochitest.ini           |  1 +
 content/base/test/csp/test_bug949549.html     | 68 +++++++++++++++++++
 5 files changed, 74 insertions(+), 5 deletions(-)
 create mode 100644 content/base/test/csp/test_bug949549.html

diff --git a/content/base/public/nsIContentSecurityPolicy.idl b/content/base/public/nsIContentSecurityPolicy.idl
index 470f58030bb..5e56e35ed52 100644
--- a/content/base/public/nsIContentSecurityPolicy.idl
+++ b/content/base/public/nsIContentSecurityPolicy.idl
@@ -5,7 +5,7 @@
 #include "nsISupports.idl"
 
 interface nsIURI;
-interface nsIHttpChannel;
+interface nsIChannel;
 interface nsIDocShell;
 
 /**
@@ -15,7 +15,7 @@ interface nsIDocShell;
  * one of these per document/principal.
  */
 
-[scriptable, uuid(ff46c14e-5b2d-4aca-8961-d0b0d987cb81)]
+[scriptable, uuid(2e7875a3-8cb5-4ebb-905b-af0a90dae594)]
 interface nsIContentSecurityPolicy : nsISupports
 {
 
@@ -183,7 +183,7 @@ interface nsIContentSecurityPolicy : nsISupports
    * Called after the CSP object is created to fill in the appropriate request
    * and request header information needed in case a report needs to be sent.
    */
-  void scanRequestData(in nsIHttpChannel aChannel);
+  void scanRequestData(in nsIChannel aChannel);
 
   /**
    * Verifies ancestry as permitted by the policy.
diff --git a/content/base/src/contentSecurityPolicy.js b/content/base/src/contentSecurityPolicy.js
index 6a02fbc35ad..adcfb94be2a 100644
--- a/content/base/src/contentSecurityPolicy.js
+++ b/content/base/src/contentSecurityPolicy.js
@@ -364,7 +364,7 @@ ContentSecurityPolicy.prototype = {
                                                        .getService(Ci.nsIScriptSecurityManager)
                                                        .getChannelPrincipal(aChannel));
 
-    if (aChannel.referrer) {
+    if (aChannel instanceof Ci.nsIHttpChannel && aChannel.referrer) {
       let referrer = aChannel.referrer.cloneIgnoringRef();
       try { // GetUserPass throws for some protocols without userPass
         referrer.userPass = '';
diff --git a/content/base/src/nsDocument.cpp b/content/base/src/nsDocument.cpp
index 71bdb617f26..49004fd51b8 100644
--- a/content/base/src/nsDocument.cpp
+++ b/content/base/src/nsDocument.cpp
@@ -2691,7 +2691,7 @@ nsDocument::InitCSP(nsIChannel* aChannel)
   aChannel->GetURI(getter_AddRefs(selfURI));
 
   // Store the request context for violation reports
-  csp->ScanRequestData(httpChannel);
+  csp->ScanRequestData(aChannel);
 
   // ----- if the doc is an app and we want a default CSP, apply it.
   if (applyAppDefaultCSP) {
diff --git a/content/base/test/csp/mochitest.ini b/content/base/test/csp/mochitest.ini
index 979ab04e7a3..01e07a663fd 100644
--- a/content/base/test/csp/mochitest.ini
+++ b/content/base/test/csp/mochitest.ini
@@ -132,3 +132,4 @@ support-files =
 [test_hash_source.html]
 [test_dual_headers_warning.html]
 [test_self_none_as_hostname_confusion.html]
+[test_bug949549.html]
diff --git a/content/base/test/csp/test_bug949549.html b/content/base/test/csp/test_bug949549.html
new file mode 100644
index 00000000000..8d4e71c8ca8
--- /dev/null
+++ b/content/base/test/csp/test_bug949549.html
@@ -0,0 +1,68 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <title>Test for Bug 949549</title>
+  <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+</head>
+<body>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=949549">Mozilla Bug 949549</a>
+<div id="content" style="display: none"></div>
+<pre id="test">
+<script type="application/javascript;version=1.8">
+  "use strict";
+
+  // Ensure that `scanRequestData` doesn't throw with app:// URLs
+
+  const csp = SpecialPowers.Cc["@mozilla.org/contentsecuritypolicy;1"]
+              .createInstance(SpecialPowers.Ci.nsIContentSecurityPolicy);
+
+  const gManifestURL = "http://www.example.com/chrome/dom/tests/mochitest/webapps/apps/basic.webapp";
+
+  SimpleTest.waitForExplicitFinish();
+  var launchableValue, app;
+
+  function setupTest() {
+    // We have to install an app in order for the app URL to be valid
+    // (otherwise we get a "DummyChannel" that throws NS_NOT_IMPLEMENTED)
+    launchableValue = SpecialPowers.setAllAppsLaunchable(true);
+    SpecialPowers.addPermission("webapps-manage", true, document);
+    SpecialPowers.autoConfirmAppInstall(function () {
+      let req = navigator.mozApps.install(gManifestURL);
+      req.onsuccess = function () {
+        app = this.result;
+        runTest();
+      }
+    });
+  }
+
+  function runTest() {
+    // We have to use a mochitest to test app:// urls,
+    // as app channels can't be instanciated in xpcshell.
+    // Because app protocol depends on webapps.jsm,
+    // which doesn't instanciate properly on xpcshell without many hacks
+    let appchan = SpecialPowers.Services.io.newChannel(gManifestURL, null, null);
+
+    try {
+      csp.scanRequestData(appchan);
+      ok(true, "scanRequestData hasn't thown");
+    } catch(e) {
+      ok(false, "scanRequestData throws");
+    }
+
+    cleanup()
+  }
+
+  function cleanup() {
+    SpecialPowers.setAllAppsLaunchable(launchableValue);
+    let req = navigator.mozApps.mgmt.uninstall(app);
+    req.onsuccess = function () {
+      SimpleTest.finish();
+    };
+  }
+
+  setupTest();
+</script>
+</pre>
+</body>
+</html>