mirror of
https://github.com/servo/servo.git
synced 2025-08-06 14:10:11 +01:00
Support CSP report-only header (#36623)
This turned out to be a full rabbit hole. The new header is parsed in the new `parse_csp_list_from_metadata` which sets `disposition` to `report. I was testing this with `script-src-report-only-policy-works-with-external-hash-policy.html` which was blocking the script incorrectly. Turns out that there were multiple bugs in the CSP library, as well as a missing check in `fetch` to report violations. Additionally, in several locations we were manually reporting csp violations, instead of the new `global.report_csp_violations`. As a result of that, they would double report, since the report-only header would be appended as a policy and now would report twice. Now, all callsides use `global.report_csp_violations`. As a nice side-effect, I added the code to set source file information, since that was already present for the `eval` check, but nowhere else. Part of #36437 Requires servo/rust-content-security-policy#5 --------- Signed-off-by: Tim van der Lippe <tvanderlippe@gmail.com> Signed-off-by: Tim van der Lippe <TimvdLippe@users.noreply.github.com>
This commit is contained in:
parent
4ff45f86b9
commit
baa18e18af
23 changed files with 113 additions and 208 deletions
|
@ -2,8 +2,11 @@
|
|||
[multiple matching integrity]
|
||||
expected: FAIL
|
||||
|
||||
[partially matching integrity]
|
||||
[matching integrity]
|
||||
expected: FAIL
|
||||
|
||||
[External script in a script tag with matching SRI hash should run.]
|
||||
[matching integrity (case-insensitive algorithm)]
|
||||
expected: FAIL
|
||||
|
||||
[matching plus unsupported integrity]
|
||||
expected: FAIL
|
||||
|
|
|
@ -1,6 +0,0 @@
|
|||
[304-response-should-update-csp.sub.html]
|
||||
[Test that the first frame does not use nonce def]
|
||||
expected: FAIL
|
||||
|
||||
[Test that the second frame does not use nonce abc]
|
||||
expected: FAIL
|
|
@ -1,4 +0,0 @@
|
|||
[img-src-self-unique-origin.html]
|
||||
expected: TIMEOUT
|
||||
[Image's url must not match with 'self'. Image must be blocked.]
|
||||
expected: TIMEOUT
|
|
@ -1,19 +1,19 @@
|
|||
[prefetch-generate-directives.html]
|
||||
expected: TIMEOUT
|
||||
[Test that script-src enabled with everything else disabled allows prefetching]
|
||||
expected: FAIL
|
||||
expected: TIMEOUT
|
||||
|
||||
[Test that script-src enabled with default-src disabled allows prefetching]
|
||||
expected: FAIL
|
||||
expected: NOTRUN
|
||||
|
||||
[Test that img-src enabled with everything else disabled allows prefetching]
|
||||
expected: FAIL
|
||||
expected: NOTRUN
|
||||
|
||||
[Test that img-src enabled with default-src disabled allows prefetching]
|
||||
expected: FAIL
|
||||
expected: NOTRUN
|
||||
|
||||
[Test that connect-src enabled with everything else disabled allows prefetching]
|
||||
expected: TIMEOUT
|
||||
expected: NOTRUN
|
||||
|
||||
[Test that connect-src enabled with default-src disabled allows prefetching]
|
||||
expected: NOTRUN
|
||||
|
|
|
@ -1,6 +0,0 @@
|
|||
[script-src-report-only-policy-works-with-external-hash-policy.html]
|
||||
[Should fire securitypolicyviolation event]
|
||||
expected: FAIL
|
||||
|
||||
[External script in a script tag with matching SRI hash should run.]
|
||||
expected: FAIL
|
|
@ -2,8 +2,11 @@
|
|||
[multiple matching integrity]
|
||||
expected: FAIL
|
||||
|
||||
[partially matching integrity]
|
||||
[matching integrity]
|
||||
expected: FAIL
|
||||
|
||||
[External script in a script tag with matching SRI hash should run.]
|
||||
[matching integrity (case-insensitive algorithm)]
|
||||
expected: FAIL
|
||||
|
||||
[matching plus unsupported integrity]
|
||||
expected: FAIL
|
||||
|
|
|
@ -1,3 +0,0 @@
|
|||
[script-src-strict_dynamic_discard_source_expressions.html]
|
||||
[Allowed scripts without a correct nonce are not permitted with `strict-dynamic`.]
|
||||
expected: FAIL
|
|
@ -1,3 +0,0 @@
|
|||
[script-src-strict_dynamic_double_policy_honor_source_expressions.sub.html]
|
||||
[Non-allowed script injected via `appendChild` is not permitted with `strict-dynamic` + a nonce+allowed double policy.]
|
||||
expected: FAIL
|
|
@ -1,29 +1,5 @@
|
|||
[script-src-strict_dynamic_parser_inserted.html]
|
||||
expected: TIMEOUT
|
||||
[Parser-inserted script via `document.write` without a correct nonce is not allowed with `strict-dynamic`.]
|
||||
expected: FAIL
|
||||
|
||||
[Parser-inserted script via `document.writeln` without a correct nonce is not allowed with `strict-dynamic`.]
|
||||
expected: FAIL
|
||||
|
||||
[Parser-inserted deferred script via `document.write` without a correct nonce is not allowed with `strict-dynamic`.]
|
||||
expected: FAIL
|
||||
|
||||
[Parser-inserted deferred script via `document.writeln` without a correct nonce is not allowed with `strict-dynamic`.]
|
||||
expected: FAIL
|
||||
|
||||
[Parser-inserted async script via `document.write` without a correct nonce is not allowed with `strict-dynamic`.]
|
||||
expected: FAIL
|
||||
|
||||
[Parser-inserted async script via `document.writeln` without a correct nonce is not allowed with `strict-dynamic`.]
|
||||
expected: FAIL
|
||||
|
||||
[Parser-inserted deferred async script via `document.write` without a correct nonce is not allowed with `strict-dynamic`.]
|
||||
expected: FAIL
|
||||
|
||||
[Parser-inserted deferred async script via `document.writeln` without a correct nonce is not allowed with `strict-dynamic`.]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Script injected via `innerHTML` is not allowed with `strict-dynamic`.]
|
||||
expected: TIMEOUT
|
||||
|
||||
|
|
|
@ -1,8 +1,5 @@
|
|||
[upgrade-insecure-requests-reporting.https.html]
|
||||
expected: TIMEOUT
|
||||
[Upgraded image is reported]
|
||||
expected: TIMEOUT
|
||||
|
||||
[Upgraded iframe is reported]
|
||||
expected: TIMEOUT
|
||||
|
||||
|
|
|
@ -1,30 +0,0 @@
|
|||
[should-trusted-type-policy-creation-be-blocked-by-csp-001.html]
|
||||
[single report-only policy with directive "trusted-type tt-policy-name"]
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type *"]
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type 'none'"]
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type 'allow-duplicates'"]
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type tt-policy-name 'allow-duplicates'"]
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type 'none' 'allow-duplicates'"]
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type 'none' tt-policy-name"]
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type 'none' *"]
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type tt-policy-name *"]
|
||||
expected: FAIL
|
||||
|
||||
[single report-only policy with directive "trusted-type tt-policy-name1 tt-policy-name2 tt-policy-name3"]
|
||||
expected: FAIL
|
|
@ -1,8 +1,5 @@
|
|||
[should-trusted-type-policy-creation-be-blocked-by-csp-002.html]
|
||||
expected: TIMEOUT
|
||||
[invalid tt-policy-name name "policy name"]
|
||||
expected: FAIL
|
||||
|
||||
[invalid tt-policy-name name "policy*name"]
|
||||
expected: FAIL
|
||||
|
||||
|
|
|
@ -1,15 +0,0 @@
|
|||
[should-trusted-type-policy-creation-be-blocked-by-csp-003.html]
|
||||
[Multiple report-only trusted-types directives.]
|
||||
expected: FAIL
|
||||
|
||||
[One violated report-only trusted-types directive followed by multiple enforce directives.]
|
||||
expected: FAIL
|
||||
|
||||
[One violated enforce trusted-types directive followed by multiple report-only directives.]
|
||||
expected: FAIL
|
||||
|
||||
[Mixing enforce and report-only policies with trusted-types directives]
|
||||
expected: FAIL
|
||||
|
||||
[Mixing enforce and report-only policies with trusted-types directives (duplicate policy)]
|
||||
expected: FAIL
|
|
@ -1,6 +0,0 @@
|
|||
[should-trusted-type-policy-creation-be-blocked-by-csp-004-worker.html]
|
||||
[Exception and violations for CSP with multiple enforce and report-only policies.]
|
||||
expected: FAIL
|
||||
|
||||
[Location of trusted-types violations.]
|
||||
expected: FAIL
|
|
@ -1,3 +0,0 @@
|
|||
[should-trusted-type-policy-creation-be-blocked-by-csp-005.html]
|
||||
[Location of trusted-types violations.]
|
||||
expected: FAIL
|
|
@ -4,6 +4,3 @@
|
|||
|
||||
[Trusted Type violation report: evaluating a Trusted Script violates script-src.]
|
||||
expected: FAIL
|
||||
|
||||
[Trusted Type violation report: script-src restrictions apply after the default policy runs.]
|
||||
expected: FAIL
|
||||
|
|
|
@ -1,7 +1,4 @@
|
|||
[trusted-types-reporting.html]
|
||||
[Trusted Type violation report: creating a forbidden policy.]
|
||||
expected: FAIL
|
||||
|
||||
[Trusted Type violation report: creating a report-only-forbidden policy.]
|
||||
expected: FAIL
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue