From 321d8637a6a03bd75c3b7f99bd6fd6892ba0890d Mon Sep 17 00:00:00 2001
From: Ryan VanderMeulen <ryanvm@gmail.com>
Date: Mon, 23 Mar 2015 14:22:23 -0400
Subject: [PATCH] Backed out changesets 772945b1130d, cb83b6efa9ea, and
 5f23080673ee (bug 1086999) for Gaia context_menu_test.js failures. CLOSED
 TREE

---
 dom/base/test/csp/file_blob_data_schemes.html | 49 ----------
 dom/base/test/csp/mochitest.ini               |  2 -
 dom/base/test/csp/test_blob_data_schemes.html | 89 -------------------
 dom/security/nsCSPUtils.cpp                   | 15 ----
 .../script-src/script-src-1_9.html.ini        |  3 +
 .../script-src/buildInlineWorker.js           | 14 +--
 6 files changed, 10 insertions(+), 162 deletions(-)
 delete mode 100644 dom/base/test/csp/file_blob_data_schemes.html
 delete mode 100644 dom/base/test/csp/test_blob_data_schemes.html

diff --git a/dom/base/test/csp/file_blob_data_schemes.html b/dom/base/test/csp/file_blob_data_schemes.html
deleted file mode 100644
index 0a4a4916068..00000000000
--- a/dom/base/test/csp/file_blob_data_schemes.html
+++ /dev/null
@@ -1,49 +0,0 @@
-<!DOCTYPE HTML>
-<html>
-<head>
-  <title>Bug 1086999 - Wildcard should not match blob:, data:</title>
-</head>
-<body>
-<script type="text/javascript">
-
-var base64data =
-"iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12" +
-"P4//8/w38GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg==";
-
-
-// construct an image element using *data:*
-var data_src = "data:image/png;base64," + base64data;
-var data_img = document.createElement('img');
-data_img.onload = function() {
-  window.parent.postMessage({scheme: "data", result: "allowed"}, "*");
-}
-data_img.onerror = function() {
-  window.parent.postMessage({scheme: "data", result: "blocked"}, "*");
-}
-data_img.src = data_src;
-document.body.appendChild(data_img);
-
-
-// construct an image element using *blob:*
-var byteCharacters = atob(base64data);
-var byteNumbers = new Array(byteCharacters.length);
-for (var i = 0; i < byteCharacters.length; i++) {
-  byteNumbers[i] = byteCharacters.charCodeAt(i);
-}
-var byteArray = new Uint8Array(byteNumbers);
-var blob = new Blob([byteArray], {type: "image/png"});
-var imageUrl = URL.createObjectURL( blob );
-
-var blob_img = document.createElement('img');
-blob_img.onload = function() {
-  window.parent.postMessage({scheme: "blob", result: "allowed"}, "*");
-}
-blob_img.onerror = function() {
-  window.parent.postMessage({scheme: "blob", result: "blocked"}, "*");
-}
-blob_img.src = imageUrl;
-document.body.appendChild(blob_img);
-
-</script>
-</body>
-</html>
diff --git a/dom/base/test/csp/mochitest.ini b/dom/base/test/csp/mochitest.ini
index 4d0083b7ba7..59faebee079 100644
--- a/dom/base/test/csp/mochitest.ini
+++ b/dom/base/test/csp/mochitest.ini
@@ -1,7 +1,6 @@
 [DEFAULT]
 support-files =
   file_base-uri.html
-  file_blob_data_schemes.html
   file_connect-src.html
   file_connect-src-fetch.html
   file_CSP.css
@@ -111,7 +110,6 @@ support-files =
   referrerdirective.sjs
 
 [test_base-uri.html]
-[test_blob_data_schemes.html]
 [test_connect-src.html]
 [test_CSP.html]
 [test_csp_allow_https_schemes.html]
diff --git a/dom/base/test/csp/test_blob_data_schemes.html b/dom/base/test/csp/test_blob_data_schemes.html
deleted file mode 100644
index a7820d1c6f3..00000000000
--- a/dom/base/test/csp/test_blob_data_schemes.html
+++ /dev/null
@@ -1,89 +0,0 @@
-<!DOCTYPE HTML>
-<html>
-<head>
-  <title>Bug 1086999 - Wildcard should not match blob:, data:</title>
-  <!-- Including SimpleTest.js so we can use waitForExplicitFinish !-->
-  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
-  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
-</head>
-<body>
-  <iframe style="width:100%;" id="testframe"></iframe>
-
-<script class="testbody" type="text/javascript">
-
-/* Description of the test:
- * We load an image using a data: and a blob: scheme and make
- * sure a CSP containing a single ASTERISK (*) does not whitelist
- * those loads. The single ASTERISK character should not match a
- * URI's scheme of a type designating globally unique identifier
- * (such as blob:, data:, or filesystem:)
- */
-
-var tests = [
-  {
-    policy : "default-src 'unsafe-inline' blob: data:",
-    expected : "allowed",
-  },
-  {
-    policy : "default-src 'unsafe-inline' *",
-    expected : "blocked"
-  }
-];
-
-var testIndex = 0;
-var messageCounter = 0;
-var curTest;
-
-// onError handler is over-reporting, hence we make sure that
-// we get an error for both testcases: data and blob before we
-// move on to the next test.
-var dataRan = false;
-var blobRan = false;
-
-// a postMessage handler to communicate the results back to the parent.
-window.addEventListener("message", receiveMessage, false);
-
-function receiveMessage(event)
-{
-  is(event.data.result, curTest.expected, event.data.scheme + " should be " + curTest.expected);
-
-  if (event.data.scheme === "data") {
-    dataRan = true;
-  }
-  if (event.data.scheme === "blob") {
-    blobRan = true;
-  }
-  if (dataRan && blobRan) {
-    loadNextTest();
-  }
-}
-
-function loadNextTest() {
-  if (testIndex === tests.length) {
-    window.removeEventListener("message", receiveMessage, false);
-    SimpleTest.finish();
-    return;
-  }
-
-  dataRan = false;
-  blobRan = false;
-
-  curTest = tests[testIndex++];
-  // reset the messageCounter to make sure we receive all the postMessages from the iframe
-  messageCounter = 0;
-
-  var src = "file_csp_testserver.sjs";
-  // append the file that should be served
-  src += "?file=" + escape("tests/dom/base/test/csp/file_blob_data_schemes.html");
-  // append the CSP that should be used to serve the file
-  src += "&csp=" + escape(curTest.policy);
-
-  document.getElementById("testframe").src = src;
-}
-
-SimpleTest.waitForExplicitFinish();
-loadNextTest();
-
-</script>
-</body>
-</html>
diff --git a/dom/security/nsCSPUtils.cpp b/dom/security/nsCSPUtils.cpp
index 0180a7f9c35..3727f582b2d 100644
--- a/dom/security/nsCSPUtils.cpp
+++ b/dom/security/nsCSPUtils.cpp
@@ -378,21 +378,6 @@ nsCSPHostSrc::permits(nsIURI* aUri, const nsAString& aNonce, bool aWasRedirected
 
   // 2) host matching: Enforce a single *
   if (mHost.EqualsASCII("*")) {
-    // The single ASTERISK character (*) does not match a URI's scheme of a type
-    // designating a globally unique identifier (such as blob:, data:, or filesystem:)
-    // At the moment firefox does not support filesystem; but for future compatibility
-    // we support it in CSP according to the spec, see: 4.2.2 Matching Source Expressions
-    // Note, that whitelisting any of these schemes would call nsCSPSchemeSrc::permits().
-    bool isBlobScheme =
-      (NS_SUCCEEDED(aUri->SchemeIs("blob", &isBlobScheme)) && isBlobScheme);
-    bool isDataScheme =
-      (NS_SUCCEEDED(aUri->SchemeIs("data", &isDataScheme)) && isDataScheme);
-    bool isFileScheme =
-      (NS_SUCCEEDED(aUri->SchemeIs("filesystem", &isFileScheme)) && isFileScheme);
-
-    if (isBlobScheme || isDataScheme || isFileScheme) {
-      return false;
-    }
     return true;
   }
 
diff --git a/testing/web-platform/meta/content-security-policy/script-src/script-src-1_9.html.ini b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_9.html.ini
index 8caa1de4e23..0c8e9361c5b 100644
--- a/testing/web-platform/meta/content-security-policy/script-src/script-src-1_9.html.ini
+++ b/testing/web-platform/meta/content-security-policy/script-src/script-src-1_9.html.ini
@@ -1,5 +1,8 @@
 [script-src-1_9.html]
   type: testharness
+  [test inline worker]
+    expected: FAIL
+
   [Violation report status OK.]
     expected: FAIL
 
diff --git a/testing/web-platform/tests/content-security-policy/script-src/buildInlineWorker.js b/testing/web-platform/tests/content-security-policy/script-src/buildInlineWorker.js
index 8cd092147cb..4fc3bb71c1e 100644
--- a/testing/web-platform/tests/content-security-policy/script-src/buildInlineWorker.js
+++ b/testing/web-platform/tests/content-security-policy/script-src/buildInlineWorker.js
@@ -1,20 +1,20 @@
 (function ()
 {
+ var test = new async_test("test inline worker");
  var workerSource = document.getElementById('inlineWorker');
+
  var blob = new Blob([workerSource.textContent]);
 
  // can I create a new script tag like this? ack...
  var url = window.URL.createObjectURL(blob);
 
- try {
-   var worker = new Worker(url);
- }
- catch (e) {
-   done();
- }
+ var worker = new Worker(url);
 
  worker.addEventListener('message', function(e) {
-   assert_unreached("script ran");
+    test.step(function () {
+        assert_not_equals(e.data, 'fail', 'inline script ran');
+        test.done();
+    })
  }, false);
 
  worker.postMessage('');