bool nsCSPHashSrc::allows(enum CSPKeyword aKeyword, const nsAString& aHashOrNonce) const { CSPUTILSLOG(("nsCSPHashSrc::allows, aKeyWord: %s, a HashOrNonce: %s", CSP_EnumToKeyword(aKeyword), NS_ConvertUTF16toUTF8(aHashOrNonce).get())); if (aKeyword != CSP_HASH) { return false; } // Convert aHashOrNonce to UTF-8 NS_ConvertUTF16toUTF8 utf8_hash(aHashOrNonce); nsresult rv; nsCOMPtr<nsICryptoHash> hasher; hasher = do_CreateInstance("@mozilla.org/security/hash;1", &rv); NS_ENSURE_SUCCESS(rv, false); rv = hasher->InitWithString(NS_ConvertUTF16toUTF8(mAlgorithm)); NS_ENSURE_SUCCESS(rv, false); rv = hasher->Update((uint8_t *)utf8_hash.get(), utf8_hash.Length()); NS_ENSURE_SUCCESS(rv, false); nsAutoCString hash; rv = hasher->Finish(true, hash); NS_ENSURE_SUCCESS(rv, false); // The NSS Base64 encoder automatically adds linebreaks "\r\n" every 64 // characters. We need to remove these so we can properly validate longer // (SHA-512) base64-encoded hashes hash.StripChars("\r\n"); return NS_ConvertUTF16toUTF8(mHash).Equals(hash); }
bool nsCSPKeywordSrc::allows(enum CSPKeyword aKeyword, const nsAString& aHashOrNonce) const { CSPUTILSLOG(("nsCSPKeywordSrc::allows, aKeyWord: %s, a HashOrNonce: %s", CSP_EnumToKeyword(aKeyword), NS_ConvertUTF16toUTF8(aHashOrNonce).get())); return mKeyword == aKeyword; }
void nsCSPNonceSrc::toString(nsAString& outStr) const { outStr.AppendASCII(CSP_EnumToKeyword(CSP_NONCE)); outStr.Append(mNonce); outStr.AppendASCII("'"); }
// ::allows is only called for inlined loads, therefore: // nsCSPSchemeSrc, nsCSPHostSrc fall back // to this base class implementation which will never allow the load. bool nsCSPBaseSrc::allows(enum CSPKeyword aKeyword, const nsAString& aHashOrNonce) const { CSPUTILSLOG(("nsCSPBaseSrc::allows, aKeyWord: %s, a HashOrNonce: %s", aKeyword == CSP_HASH ? "hash" : CSP_EnumToKeyword(aKeyword), NS_ConvertUTF16toUTF8(aHashOrNonce).get())); return false; }
void nsCSPKeywordSrc::toString(nsAString& outStr) const { if (mInvalidated) { MOZ_ASSERT(mKeyword == CSP_UNSAFE_INLINE, "can only ignore 'unsafe-inline' within toString()"); return; } outStr.AppendASCII(CSP_EnumToKeyword(mKeyword)); }
bool nsCSPNonceSrc::allows(enum CSPKeyword aKeyword, const nsAString& aHashOrNonce) const { CSPUTILSLOG(("nsCSPNonceSrc::allows, aKeyWord: %s, a HashOrNonce: %s", CSP_EnumToKeyword(aKeyword), NS_ConvertUTF16toUTF8(aHashOrNonce).get())); if (aKeyword != CSP_NONCE) { return false; } return mNonce.Equals(aHashOrNonce); }
bool nsCSPDirective::allows(enum CSPKeyword aKeyword, const nsAString& aHashOrNonce) const { CSPUTILSLOG(("nsCSPDirective::allows, aKeyWord: %s, a HashOrNonce: %s", CSP_EnumToKeyword(aKeyword), NS_ConvertUTF16toUTF8(aHashOrNonce).get())); for (uint32_t i = 0; i < mSrcs.Length(); i++) { if (mSrcs[i]->allows(aKeyword, aHashOrNonce)) { return true; } } return false; }
bool nsCSPKeywordSrc::allows(enum CSPKeyword aKeyword, const nsAString& aHashOrNonce) const { CSPUTILSLOG(("nsCSPKeywordSrc::allows, aKeyWord: %s, aHashOrNonce: %s, mInvalidated: %s", CSP_EnumToKeyword(aKeyword), NS_ConvertUTF16toUTF8(aHashOrNonce).get(), mInvalidated ? "yes" : "false")); // if unsafe-inline should be ignored, then bail early if (mInvalidated) { NS_ASSERTION(mKeyword == CSP_UNSAFE_INLINE, "should only invalidate unsafe-inline within script-src"); return false; } return mKeyword == aKeyword; }
bool nsCSPPolicy::allows(nsContentPolicyType aContentType, enum CSPKeyword aKeyword, const nsAString& aHashOrNonce) const { CSPUTILSLOG(("nsCSPPolicy::allows, aKeyWord: %s, a HashOrNonce: %s", CSP_EnumToKeyword(aKeyword), NS_ConvertUTF16toUTF8(aHashOrNonce).get())); nsCSPDirective* defaultDir = nullptr; // Try to find a matching directive for (uint32_t i = 0; i < mDirectives.Length(); i++) { if (mDirectives[i]->restrictsContentType(aContentType)) { if (mDirectives[i]->allows(aKeyword, aHashOrNonce)) { return true; } return false; } if (mDirectives[i]->isDefaultDirective()) { defaultDir = mDirectives[i]; } } // {nonce,hash}-source should not consult default-src: // * return false if default-src is specified // * but allow the load if default-src is *not* specified (Bug 1198422) if (aKeyword == CSP_NONCE || aKeyword == CSP_HASH) { if (!defaultDir) { return true; } return false; } // If the above loop runs through, we haven't found a matching directive. // Avoid relooping, just store the result of default-src while looping. if (defaultDir) { return defaultDir->allows(aKeyword, aHashOrNonce); } // Allowing the load; see Bug 885433 // a) inline scripts (also unsafe eval) should only be blocked // if there is a [script-src] or [default-src] // b) inline styles should only be blocked // if there is a [style-src] or [default-src] return true; }
void nsCSPKeywordSrc::toString(nsAString& outStr) const { outStr.AppendASCII(CSP_EnumToKeyword(mKeyword)); }
bool CSP_IsKeyword(const nsAString& aValue, enum CSPKeyword aKey) { return aValue.LowerCaseEqualsASCII(CSP_EnumToKeyword(aKey)); }