commit bd21e15d9b165ac3931f4ddbf5e2485d84a82d61
parent e1f13ae91a088f522f8e2ea39bd75f98637d29d6
Author: Tom Schuster <tschuster@mozilla.com>
Date: Mon, 13 Oct 2025 16:11:18 +0000
Bug 1980376 - Restrict pageInfo.xhtml CSP. r=florian
Differential Revision: https://phabricator.services.mozilla.com/D259570
Diffstat:
2 files changed, 3 insertions(+), 22 deletions(-)
diff --git a/browser/base/content/pageinfo/pageInfo.xhtml b/browser/base/content/pageinfo/pageInfo.xhtml
@@ -2,7 +2,7 @@
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
-<?csp default-src chrome:; img-src data: *; media-src data: *; style-src chrome: 'unsafe-inline'; ?>
+<?csp default-src chrome:; style-src chrome: 'unsafe-inline'; ?>
<window id="main-window"
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"
diff --git a/dom/security/nsContentSecurityUtils.cpp b/dom/security/nsContentSecurityUtils.cpp
@@ -1343,7 +1343,6 @@ static nsLiteralCString sImgSrcDataBlobAllowList[] = {
"chrome://browser/content/aboutDialog.xhtml"_ns,
"chrome://browser/content/aboutlogins/aboutLogins.html"_ns,
"chrome://browser/content/genai/chat.html"_ns,
- "chrome://browser/content/pageinfo/pageInfo.xhtml"_ns,
"chrome://browser/content/places/bookmarksSidebar.xhtml"_ns,
"chrome://browser/content/places/places.xhtml"_ns,
"chrome://browser/content/preferences/dialogs/permissions.xhtml"_ns,
@@ -1404,7 +1403,7 @@ static nsLiteralCString sImgSrcAddonsAllowList[] = {
// img-src *
// UNSAFE! Allows loading everything.
static nsLiteralCString sImgSrcWildcardAllowList[] = {
- "about:reader"_ns, "chrome://browser/content/pageinfo/pageInfo.xhtml"_ns,
+ "about:reader"_ns,
"chrome://browser/content/syncedtabs/sidebar.xhtml"_ns,
// STOP! Do not add anything to this list.
};
@@ -1415,14 +1414,10 @@ static nsLiteralCString sImgSrcHttpsHostAllowList[] = {
"chrome://browser/content/aboutlogins/aboutLogins.html"_ns,
"chrome://browser/content/spotlight.html"_ns,
};
-// media-src data: blob:
-static nsLiteralCString sMediaSrcDataBlobAllowList[] = {
- "chrome://browser/content/pageinfo/pageInfo.xhtml"_ns,
-};
// media-src *
// UNSAFE! Allows loading everything.
static nsLiteralCString sMediaSrcWildcardAllowList[] = {
- "about:reader"_ns, "chrome://browser/content/pageinfo/pageInfo.xhtml"_ns,
+ "about:reader"_ns,
// STOP! Do not add anything to this list.
};
// media-src https://example.org
@@ -1643,20 +1638,6 @@ class MediaSrcVisitor : public AllowBuiltinSrcVisitor {
MOZ_ASSERT(aDirective == CSPDirective::MEDIA_SRC_DIRECTIVE);
}
- bool visitSchemeSrc(const nsCSPSchemeSrc& src) override {
- nsAutoString scheme;
- src.getScheme(scheme);
-
- // data: and blob: can be used to decode arbitrary media.
- if (scheme == u"data"_ns || scheme == u"blob") {
- if (CheckAllowList(sMediaSrcDataBlobAllowList)) {
- return true;
- }
- }
-
- return AllowBuiltinSrcVisitor::visitSchemeSrc(src);
- }
-
bool visitHostSrc(const nsCSPHostSrc& src) override {
return VisitHostSrcWithWildcardAndHttpsHostAllowLists(
src, sMediaSrcWildcardAllowList, sMediaSrcHttpsHostAllowList);
