Bug 692067: Make WebSockets go through content policies. r=smaug

2024-09-13 09:24:08 -07:00 · 2011-10-31 09:29:20 -04:00 · 2011-10-31 09:29:20 -04:00 · 4b256c0dd6
commit 4b256c0dd6
parent 3b77e4c896
2 changed files with 24 additions and 3 deletions
--- a/content/base/public/nsIContentPolicy.idl
+++ b/content/base/public/nsIContentPolicy.idl
@ -112,7 +112,8 @@ interface nsIContentPolicy : nsISupports
  const unsigned long TYPE_PING        = 10;

  /**
-   * Indicates an XMLHttpRequest. Also used for document.load and for EventSource.
+   * Indicates an XMLHttpRequest. Also used for document.load, EventSource, and
+   * WebSockets.
   */
  const unsigned long TYPE_XMLHTTPREQUEST = 11;
  const unsigned long TYPE_DATAREQUEST    = 11; // alias
--- a/content/base/src/nsWebSocket.cpp
+++ b/content/base/src/nsWebSocket.cpp
@ -76,6 +76,8 @@
 #include "mozilla/Preferences.h"
 #include "nsDOMLists.h"
 #include "xpcpublic.h"
+#include "nsContentPolicyUtils.h"
+#include "nsContentErrors.h"

 using namespace mozilla;

@ -1275,6 +1277,9 @@ nsWebSocket::Init(nsIPrincipal* aPrincipal,
  rv = ParseURL(PromiseFlatString(aURL));
  NS_ENSURE_SUCCESS(rv, rv);

+  nsCOMPtr<nsIDocument> originDoc =
+    nsContentUtils::GetDocumentFromScriptContext(mScriptContext);
+
  // Don't allow https:// to open ws://
  if (!mSecure &&
      !Preferences::GetBool("network.websocket.allowInsecureFromHTTPS",
@ -1282,8 +1287,6 @@ nsWebSocket::Init(nsIPrincipal* aPrincipal,
    // Confirmed we are opening plain ws:// and want to prevent this from a
    // secure context (e.g. https). Check the security context of the document
    // associated with this script, which is the same as associated with mOwner.
-    nsCOMPtr<nsIDocument> originDoc =
-      nsContentUtils::GetDocumentFromScriptContext(mScriptContext);
    if (originDoc && originDoc->GetSecurityInfo())
      return NS_ERROR_DOM_SECURITY_ERR;
  }
@ -1301,6 +1304,23 @@ nsWebSocket::Init(nsIPrincipal* aPrincipal,
    AppendUTF16toUTF8(protocolArray[index], mRequestedProtocolList);
  }

+  // Check content policy.
+  PRInt16 shouldLoad = nsIContentPolicy::ACCEPT;
+  rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_DATAREQUEST,
+                                 mURI,
+                                 mPrincipal,
+                                 originDoc,
+                                 EmptyCString(),
+                                 nsnull,
+                                 &shouldLoad,
+                                 nsContentUtils::GetContentPolicy(),
+                                 nsContentUtils::GetSecurityManager());
+  NS_ENSURE_SUCCESS(rv, rv);
+  if (NS_CP_REJECTED(shouldLoad)) {
+    // Disallowed by content policy.
+    return NS_ERROR_CONTENT_BLOCKED;
+  }
+
  // the constructor should throw a SYNTAX_ERROR only if it fails to parse the
  // url parameter, so we don't care about the EstablishConnection result.
  EstablishConnection();