Bug 1364262 - Convert SRI metadata to ASCII before parsing it. r?ckerschb
MozReview-Commit-ID: Ekw8lNzDvou
--- a/dom/security/SRICheck.cpp
+++ b/dom/security/SRICheck.cpp
@@ -103,20 +103,21 @@ SRICheck::IntegrityMetadata(const nsAStr
MOZ_ASSERT(outMetadata->IsEmpty()); // caller must pass empty metadata
if (!Preferences::GetBool("security.sri.enable", false)) {
SRILOG(("SRICheck::IntegrityMetadata, sri is disabled (pref)"));
return NS_ERROR_SRI_DISABLED;
}
// put a reasonable bound on the length of the metadata
- NS_ConvertUTF16toUTF8 metadataList(aMetadataList);
+ NS_LossyConvertUTF16toASCII metadataList(aMetadataList);
if (metadataList.Length() > SRICheck::MAX_METADATA_LENGTH) {
metadataList.Truncate(SRICheck::MAX_METADATA_LENGTH);
}
+ SRILOG(("SRICheck::IntegrityMetadata, metadataList=%s", metadataList.get()));
MOZ_ASSERT(metadataList.Length() <= aMetadataList.Length());
// the integrity attribute is a list of whitespace-separated hashes
// and options so we need to look at them one by one and pick the
// strongest (valid) one
nsCWhitespaceTokenizer tokenizer(metadataList);
nsAutoCString token;
for (uint32_t i=0; tokenizer.hasMoreTokens() &&
--- a/dom/security/test/sri/mochitest.ini
+++ b/dom/security/test/sri/mochitest.ini
@@ -50,8 +50,9 @@ support-files =
[test_script_crossdomain.html]
[test_sri_disabled.html]
[test_style_crossdomain.html]
[test_style_sameorigin.html]
[test_require-sri-for_csp_directive.html]
[test_require-sri-for_csp_directive_disabled.html]
[test_bug_1271796.html]
[test_csp_directive_style_imports.html]
+[test_bug_1364262.html]
new file mode 100644
--- /dev/null
+++ b/dom/security/test/sri/test_bug_1364262.html
@@ -0,0 +1,34 @@
+<!DOCTYPE HTML>
+<!-- Any copyright is dedicated to the Public Domain.
+ http://creativecommons.org/publicdomain/zero/1.0/ -->
+<html>
+<head>
+ <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+ <script type="application/javascript">
+ SimpleTest.waitForExplicitFinish();
+ SimpleTest.setExpected(["pass", 1]);
+
+ function good_correctlyBlockedStylesheet() {
+ ok(true, "Non-base64 hash blocked the load.")
+ };
+ function bad_shouldNotLoadStylesheet() {
+ ok(false, "Non-base64 hashes should not load!")
+ }
+ window.onload = function() {
+ SimpleTest.finish();
+ }
+
+ link = document.createElement('link');
+ document.head.appendChild(link);
+ link.setAttribute('rel', 'stylesheet');
+ link.onerror = good_correctlyBlockedStylesheet;
+ link.onload = bad_shouldNotLoadStylesheet;
+ link.integrity = 'sha512-\uD89D\uDF05\uD89D\uDEE6';
+ link.setAttribute('href', 'data:text/css;small[contenteditable^="false"], summary { }');
+ </script>
+</head>
+<body>
+ <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=1364262">Bug 1364262</a>
+</body>
+</html>