| CSPEvalChecker.cpp |
static |
5376 |
83 % |
| CSPEvalChecker.h |
|
1021 |
- |
| CSPViolationData.cpp |
static |
3268 |
100 % |
| CSPViolationData.h |
|
2349 |
- |
| DomSecurityIPCUtils.h |
|
1665 |
- |
| DOMSecurityMonitor.cpp |
static |
5195 |
0 % |
| DOMSecurityMonitor.h |
The fragment parser is triggered anytime JS calls innerHTML or similar
JS functions which can generate HTML fragments. This generation of
HTML might be dangerous, hence we should ensure that no new instances
of innerHTML and similar functions are introduced in system privileged
contexts, or also about: pages, in our codebase.
If the auditor detects a new instance of innerHTML or similar
function it will CRASH using a strong assertion.
|
1597 |
- |
| featurepolicy |
|
|
79 % |
| FramingChecker.cpp |
static |
8376 |
92 % |
| FramingChecker.h |
Logs to the window about a X-Frame-Options error.
@param aMessageTag the error message identifier to log
@param aChannel the HTTP Channel
@param aURI the URI of the frame attempting to load
@param aPolicy the header value string from the frame to the console.
|
1576 |
100 % |
| fuzztest |
|
|
- |
| IntegrityPolicy.cpp |
static |
16415 |
72 % |
| IntegrityPolicy.h |
IntegrityPolicy_h_ |
3863 |
100 % |
| IntegrityPolicyService.cpp |
nsIContentPolicy implementation |
13913 |
88 % |
| IntegrityPolicyService.h |
IntegrityPolicyService_h_ |
1527 |
100 % |
| IntegrityPolicyWAICT.cpp |
static |
16477 |
1 % |
| IntegrityPolicyWAICT.h |
IsExclusive |
3178 |
0 % |
| metrics.yaml |
|
27390 |
- |
| moz.build |
|
2477 |
- |
| nsContentSecurityManager.cpp |
static |
68919 |
74 % |
| nsContentSecurityManager.h |
nsContentSecurityManager_h_ |
4211 |
100 % |
| nsContentSecurityUtils.cpp |
A namespace class for static content security utilities. |
81846 |
67 % |
| nsContentSecurityUtils.h |
A namespace class for static content security utilities. |
4471 |
- |
| nsCSPContext.cpp |
This function is only used for verification purposes within
GatherSecurityPolicyViolationEventData.
|
86817 |
92 % |
| nsCSPContext.h |
SetRequestContextWithDocument() needs to be called before the
innerWindowID is initialized on the document. Use this function
to call back to flush queued up console messages and initialize
the innerWindowID. Node, If SetRequestContextWithPrincipal() was
called then we do not have a innerWindowID anyway and hence
we can not flush messages to the correct console.
|
10998 |
91 % |
| nsCSPParser.cpp |
===== nsCSPParser ==================== |
54070 |
90 % |
| nsCSPParser.h |
The CSP parser only has one main publicly accessible function, which is
parseContentSecurityPolicy. Internally the input string is separated into
string tokens and policy() is called, which starts parsing the policy. The
parser calls one function after the other according the the source-list
from http://www.w3.org/TR/CSP11/#source-list. E.g., the parser can only
call port() after the parser has already processed any possible host in
host(), similar to a finite state machine.
|
8411 |
96 % |
| nsCSPService.cpp |
static |
14871 |
92 % |
| nsCSPService.h |
nsCSPService_h_ |
1594 |
100 % |
| nsCSPUtils.cpp |
|
68312 |
89 % |
| nsCSPUtils.h |
=============== Logging =================== |
26981 |
84 % |
| nsHTTPSOnlyStreamListener.cpp |
|
9352 |
84 % |
| nsHTTPSOnlyStreamListener.h |
This event listener gets registered for requests that have been upgraded
using the HTTPS-only mode to log failed upgrades to the console.
|
1527 |
100 % |
| nsHTTPSOnlyUtils.cpp |
static |
45659 |
96 % |
| nsHTTPSOnlyUtils.h |
Returns the upgrade mode which should be used for a given load, based on
the prefs currently set.
@param aFromPrivateWindow Whether the load in question is from a private
window.
@param aSchemelessInputType Information about the load possibly originating
from a schemeful or schemeless address bar
input.
@return Upgrade mode as an enum.
|
13722 |
100 % |
| nsIHttpsOnlyModePermission.idl |
HTTPS-Only/First permission types
|
1218 |
- |
| nsMixedContentBlocker.cpp |
nsIChannelEventSink implementation
This code is called when a request is redirected.
We check the channel associated with the new uri is allowed to load
in the current context
|
40130 |
84 % |
| nsMixedContentBlocker.h |
daf1461b-bf29-4f88-8d0e-4bcdf332c862 |
3424 |
100 % |
| OffThreadCSPContext.cpp |
static |
3052 |
93 % |
| OffThreadCSPContext.h |
|
1651 |
100 % |
| pings.yaml |
|
759 |
- |
| PolicyContainer.cpp |
|
7120 |
82 % |
| PolicyContainer.h |
Implementation of
https://html.spec.whatwg.org/multipage/browsers.html#policy-containers. Copied
around the browser in the same way as CSP is copied, in fact, it replaces all
the CSP inheritance code.
|
2981 |
100 % |
| PolicyTokenizer.cpp |
|
2289 |
100 % |
| PolicyTokenizer.h |
How does the parsing work?
We generate tokens by splitting the policy-string by whitespace and
semicolon. Interally the tokens are represented as an array of string-arrays:
[
[ name, src, src, src, ... ],
[ name, src, src, src, ... ],
[ name, src, src, src, ... ]
]
for example:
[
[ img-src, http://www.example.com, http:www.test.com ],
[ default-src, 'self'],
[ script-src, 'unsafe-eval', 'unsafe-inline' ],
]
|
2089 |
100 % |
| ReferrerInfo.cpp |
Default referrer policy to use
|
54464 |
89 % |
| ReferrerInfo.h |
The ReferrerInfo class holds the raw referrer and potentially a referrer
policy which allows to query the computed referrer which should be applied to
a channel as the actual referrer value.
The ReferrerInfo class solely contains readonly fields and represents a 1:1
sync to the referrer header of the corresponding channel. In turn that means
the class is immutable - so any modifications require to clone the current
ReferrerInfo.
For example if a request undergoes a redirect, the new channel
will need a new ReferrerInfo clone with members being updated accordingly.
|
16503 |
100 % |
| ResourceHasher.cpp |
aASCII = |
2163 |
0 % |
| ResourceHasher.h |
|
1009 |
0 % |
| sanitizer |
|
|
98 % |
| SecFetch.cpp |
|
14942 |
95 % |
| SecFetch.h |
|
857 |
- |
| SRICheck.cpp |
Returns whether or not the sub-resource about to be loaded is eligible
for integrity checks. If it's not, the checks will be skipped and the
sub-resource will be loaded.
|
18125 |
91 % |
| SRICheck.h |
Parse the multiple hashes specified in the integrity attribute and
return the strongest supported hash.
|
4235 |
100 % |
| SRILogHelper.h |
|
665 |
100 % |
| SRIMetadata.cpp |
|
7146 |
85 % |
| SRIMetadata.h |
Create an empty metadata object.
|
2885 |
100 % |
| test |
|
|
0 % |
| trusted-types |
|
|
96 % |
| WAICTUtils.cpp |
|
2546 |
0 % |
| WAICTUtils.h |
|
734 |
- |