Bug 1349517 - Don't set CSP on NullPrincipal if it already has one. r…

…=ckerschb MozReview-Commit-ID: EKqDr7RxjWE
Brli · Mar 23, 2017 · e0bc8df · e0bc8df
1 parent 6523992
commit e0bc8df
Showing 1 changed file with 17 additions and 7 deletions.
diff --git a/caps/nsScriptSecurityManager.cpp b/caps/nsScriptSecurityManager.cpp
@@ -307,13 +307,23 @@ nsScriptSecurityManager::GetChannelResultPrincipal(nsIChannel* aChannel,
                 if (!principalToInherit) {
                   principalToInherit = loadInfo->TriggeringPrincipal();
                 }
-                nsCOMPtr<nsIContentSecurityPolicy> originalCsp;
-                principalToInherit->GetCsp(getter_AddRefs(originalCsp));
-                // if the principalToInherit had a CSP,
-                // add it to the newly created NullPrincipal.
-                if (originalCsp) {
-                  nsresult rv = (*aPrincipal)->SetCsp(originalCsp);
-                  NS_ENSURE_SUCCESS(rv, rv);
+                nsCOMPtr<nsIContentSecurityPolicy> originalCSP;
+                principalToInherit->GetCsp(getter_AddRefs(originalCSP));
+                if (originalCSP) {
+                  // if the principalToInherit had a CSP,
+                  // add it to the newly created NullPrincipal
+                  // (unless it already has one)
+                  nsCOMPtr<nsIContentSecurityPolicy> nullPrincipalCSP;
+                  (*aPrincipal)->GetCsp(getter_AddRefs(nullPrincipalCSP));
+                  if (nullPrincipalCSP) {
+                    MOZ_ASSERT(nullPrincipalCSP == originalCSP,
+                              "There should be no other CSP here.");
+                    // CSPs are equal, no need to set it again.
+                    return NS_OK;
+                  } else {
+                    nsresult rv = (*aPrincipal)->SetCsp(originalCSP);
+                    NS_ENSURE_SUCCESS(rv, rv);
+                  }
                 }
               }
             }