Bug 1626555 - Add dom/security to the list of non-unified-build-com…

…patible directories. r=sg

Differential Revision: https://phabricator.services.mozilla.com/D96427

build/non-unified-compat

@@ -51,4 +51,5 @@ dom/quota/
 dom/reporting/
 dom/res/
 dom/script/
+dom/security/
 dom/simpledb/

dom/security/DOMSecurityMonitor.cpp

@@ -11,6 +11,7 @@
 #include "nsILoadInfo.h"
 #include "nsIPrincipal.h"
 #include "nsIURI.h"
+#include "nsJSUtils.h"
 
 #include "mozilla/StaticPrefs_dom.h"
 
@@ -41,7 +42,7 @@ void DOMSecurityMonitor::AuditParsingOfHTMLXMLFragments(
 
   // check if we should skip assertion. Please only ever set this pref to
   // true if really needed for testing purposes.
-  if (StaticPrefs::dom_security_skip_html_fragment_assertion()) {
+  if (mozilla::StaticPrefs::dom_security_skip_html_fragment_assertion()) {
     return;
   }
 

dom/security/DOMSecurityMonitor.h

@@ -7,6 +7,8 @@
 #ifndef mozilla_dom_DOMSecurityMonitor_h
 #define mozilla_dom_DOMSecurityMonitor_h
 
+#include "nsStringFwd.h"
+
 class nsIChannel;
 class nsIPrincipal;
 

dom/security/FramingChecker.cpp

@@ -10,6 +10,8 @@
 #include "nsCSPUtils.h"
 #include "nsDocShell.h"
 #include "nsHttpChannel.h"
+#include "nsContentSecurityUtils.h"
+#include "nsGlobalWindowOuter.h"
 #include "nsIChannel.h"
 #include "nsIConsoleReportCollector.h"
 #include "nsIContentSecurityPolicy.h"
@@ -27,6 +29,7 @@
 #include "nsIObserverService.h"
 
 using namespace mozilla;
+using namespace mozilla::dom;
 
 /* static */
 void FramingChecker::ReportError(const char* aMessageTag,

dom/security/PolicyTokenizer.cpp

@@ -6,8 +6,8 @@
 
 #include "PolicyTokenizer.h"
 
-static LogModule* GetPolicyTokenizerLog() {
-  static LazyLogModule gPolicyTokenizerPRLog("PolicyTokenizer");
+static mozilla::LogModule* GetPolicyTokenizerLog() {
+  static mozilla::LazyLogModule gPolicyTokenizerPRLog("PolicyTokenizer");
   return gPolicyTokenizerPRLog;
 }
 

dom/security/ReferrerInfo.cpp

@@ -26,6 +26,7 @@
 #include "mozilla/dom/Element.h"
 #include "mozilla/StaticPrefs_network.h"
 #include "mozilla/StyleSheet.h"
+#include "nsIWebProgressListener.h"
 
 static mozilla::LazyLogModule gReferrerInfoLog("ReferrerInfo");
 #define LOG(msg) MOZ_LOG(gReferrerInfoLog, mozilla::LogLevel::Debug, msg)

dom/security/SRICheck.h

@@ -7,6 +7,8 @@
 #ifndef mozilla_dom_SRICheck_h
 #define mozilla_dom_SRICheck_h
 
+#include "nsTString.h"
+#include "nsStringFwd.h"
 #include "nsCOMPtr.h"
 #include "nsICryptoHash.h"
 

dom/security/SecFetch.cpp

@@ -11,6 +11,7 @@
 #include "mozIThirdPartyUtil.h"
 #include "nsMixedContentBlocker.h"
 #include "nsNetUtil.h"
+#include "mozilla/StaticPrefs_dom.h"
 
 // Helper function which maps an internal content policy type
 // to the corresponding destination for the context of SecFetch.
@@ -121,7 +122,7 @@ bool IsSameOrigin(nsIHttpChannel* aHTTPChannel) {
   bool isSameOrigin = false;
   nsresult rv = loadInfo->TriggeringPrincipal()->IsSameOrigin(
       channelURI, isPrivateWin, &isSameOrigin);
-  Unused << NS_WARN_IF(NS_FAILED(rv));
+  mozilla::Unused << NS_WARN_IF(NS_FAILED(rv));
 
   // if the initial request is not same-origin, we can return here
   // because we already know it's not a same-origin request
@@ -137,7 +138,7 @@ bool IsSameOrigin(nsIHttpChannel* aHTTPChannel) {
     if (redirectPrincipal) {
       rv = redirectPrincipal->IsSameOrigin(channelURI, isPrivateWin,
                                            &isSameOrigin);
-      Unused << NS_WARN_IF(NS_FAILED(rv));
+      mozilla::Unused << NS_WARN_IF(NS_FAILED(rv));
       if (!isSameOrigin) {
         return false;
       }
@@ -160,13 +161,13 @@ bool IsSameSite(nsIChannel* aHTTPChannel) {
   nsAutoCString hostDomain;
   nsCOMPtr<nsILoadInfo> loadInfo = aHTTPChannel->LoadInfo();
   nsresult rv = loadInfo->TriggeringPrincipal()->GetBaseDomain(hostDomain);
-  Unused << NS_WARN_IF(NS_FAILED(rv));
+  mozilla::Unused << NS_WARN_IF(NS_FAILED(rv));
 
   nsAutoCString channelDomain;
   nsCOMPtr<nsIURI> channelURI;
   NS_GetFinalChannelURI(aHTTPChannel, getter_AddRefs(channelURI));
   rv = thirdPartyUtil->GetBaseDomain(channelURI, channelDomain);
-  Unused << NS_WARN_IF(NS_FAILED(rv));
+  mozilla::Unused << NS_WARN_IF(NS_FAILED(rv));
 
   // if the initial request is not same-site, or not https, we can
   // return here because we already know it's not a same-site request
@@ -222,17 +223,17 @@ bool IsUserTriggeredForSecFetchSite(nsIHttpChannel* aHTTPChannel) {
   return true;
 }
 
-void SecFetch::AddSecFetchDest(nsIHttpChannel* aHTTPChannel) {
+void mozilla::dom::SecFetch::AddSecFetchDest(nsIHttpChannel* aHTTPChannel) {
   nsCOMPtr<nsILoadInfo> loadInfo = aHTTPChannel->LoadInfo();
   nsContentPolicyType contentType = loadInfo->InternalContentPolicyType();
   nsCString dest = MapInternalContentPolicyTypeToDest(contentType);
 
   nsresult rv =
       aHTTPChannel->SetRequestHeader("Sec-Fetch-Dest"_ns, dest, false);
-  Unused << NS_WARN_IF(NS_FAILED(rv));
+  mozilla::Unused << NS_WARN_IF(NS_FAILED(rv));
 }
 
-void SecFetch::AddSecFetchMode(nsIHttpChannel* aHTTPChannel) {
+void mozilla::dom::SecFetch::AddSecFetchMode(nsIHttpChannel* aHTTPChannel) {
   nsAutoCString mode("no-cors");
 
   nsCOMPtr<nsILoadInfo> loadInfo = aHTTPChannel->LoadInfo();
@@ -268,10 +269,10 @@ void SecFetch::AddSecFetchMode(nsIHttpChannel* aHTTPChannel) {
 
   nsresult rv =
       aHTTPChannel->SetRequestHeader("Sec-Fetch-Mode"_ns, mode, false);
-  Unused << NS_WARN_IF(NS_FAILED(rv));
+  mozilla::Unused << NS_WARN_IF(NS_FAILED(rv));
 }
 
-void SecFetch::AddSecFetchSite(nsIHttpChannel* aHTTPChannel) {
+void mozilla::dom::SecFetch::AddSecFetchSite(nsIHttpChannel* aHTTPChannel) {
   nsAutoCString site("same-origin");
 
   bool isSameOrigin = IsSameOrigin(aHTTPChannel);
@@ -290,10 +291,10 @@ void SecFetch::AddSecFetchSite(nsIHttpChannel* aHTTPChannel) {
 
   nsresult rv =
       aHTTPChannel->SetRequestHeader("Sec-Fetch-Site"_ns, site, false);
-  Unused << NS_WARN_IF(NS_FAILED(rv));
+  mozilla::Unused << NS_WARN_IF(NS_FAILED(rv));
 }
 
-void SecFetch::AddSecFetchUser(nsIHttpChannel* aHTTPChannel) {
+void mozilla::dom::SecFetch::AddSecFetchUser(nsIHttpChannel* aHTTPChannel) {
   nsCOMPtr<nsILoadInfo> loadInfo = aHTTPChannel->LoadInfo();
   nsContentPolicyType externalType = loadInfo->GetExternalContentPolicyType();
 
@@ -311,10 +312,10 @@ void SecFetch::AddSecFetchUser(nsIHttpChannel* aHTTPChannel) {
   nsAutoCString user("?1");
   nsresult rv =
       aHTTPChannel->SetRequestHeader("Sec-Fetch-User"_ns, user, false);
-  Unused << NS_WARN_IF(NS_FAILED(rv));
+  mozilla::Unused << NS_WARN_IF(NS_FAILED(rv));
 }
 
-void SecFetch::AddSecFetchHeader(nsIHttpChannel* aHTTPChannel) {
+void mozilla::dom::SecFetch::AddSecFetchHeader(nsIHttpChannel* aHTTPChannel) {
   // if sec-fetch-* is prefed off, then there is nothing to do
   if (!StaticPrefs::dom_security_secFetch_enabled()) {
     return;

dom/security/featurepolicy/FeaturePolicy.cpp

@@ -5,6 +5,7 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "FeaturePolicy.h"
+#include "mozilla/dom/Feature.h"
 #include "mozilla/dom/FeaturePolicyBinding.h"
 #include "mozilla/dom/FeaturePolicyParser.h"
 #include "mozilla/dom/FeaturePolicyUtils.h"

dom/security/featurepolicy/FeaturePolicyUtils.cpp

@@ -13,6 +13,7 @@
 #include "mozilla/dom/ReportingUtils.h"
 #include "mozilla/StaticPrefs_dom.h"
 #include "mozilla/dom/Document.h"
+#include "nsContentUtils.h"
 #include "nsJSUtils.h"
 
 namespace mozilla {

dom/security/nsCSPContext.cpp

@@ -13,6 +13,7 @@
 #include "nsCSPContext.h"
 #include "nsCSPParser.h"
 #include "nsCSPService.h"
+#include "nsGlobalWindowOuter.h"
 #include "nsError.h"
 #include "nsIAsyncVerifyRedirectCallback.h"
 #include "nsIClassInfoImpl.h"

dom/security/nsCSPParser.cpp

@@ -5,6 +5,7 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "mozilla/ArrayUtils.h"
+#include "mozilla/dom/Document.h"
 #include "mozilla/Preferences.h"
 #include "mozilla/StaticPrefs_security.h"
 #include "nsCOMPtr.h"
@@ -18,6 +19,7 @@
 #include "nsUnicharUtils.h"
 
 using namespace mozilla;
+using namespace mozilla::dom;
 
 static LogModule* GetCspParserLog() {
   static LazyLogModule gCspParserPRLog("CSPParser");
@@ -29,29 +31,6 @@ static LogModule* GetCspParserLog() {
 #define CSPPARSERLOGENABLED() \
   MOZ_LOG_TEST(GetCspParserLog(), mozilla::LogLevel::Debug)
 
-// clang-format off
-static const char16_t COLON        = ':';
-static const char16_t SEMICOLON    = ';';
-static const char16_t SLASH        = '/';
-static const char16_t PLUS         = '+';
-static const char16_t DASH         = '-';
-static const char16_t DOT          = '.';
-static const char16_t UNDERLINE    = '_';
-static const char16_t TILDE        = '~';
-static const char16_t WILDCARD     = '*';
-static const char16_t SINGLEQUOTE  = '\'';
-static const char16_t NUMBER_SIGN  = '#';
-static const char16_t QUESTIONMARK = '?';
-static const char16_t PERCENT_SIGN = '%';
-static const char16_t EXCLAMATION  = '!';
-static const char16_t DOLLAR       = '$';
-static const char16_t AMPERSAND    = '&';
-static const char16_t OPENBRACE    = '(';
-static const char16_t CLOSINGBRACE = ')';
-static const char16_t EQUALS       = '=';
-static const char16_t ATSYMBOL     = '@';
-// clang-format on
-
 static const uint32_t kSubHostPathCharacterCutoff = 512;
 
 static const char* const kHashSourceValidFns[] = {"sha256", "sha384", "sha512"};
@@ -86,11 +65,7 @@ static bool isCharacterToken(char16_t aSymbol) {
          (aSymbol >= 'A' && aSymbol <= 'Z');
 }
 
-static bool isNumberToken(char16_t aSymbol) {
-  return (aSymbol >= '0' && aSymbol <= '9');
-}
-
-static bool isValidHexDig(char16_t aHexDig) {
+bool isValidHexDig(char16_t aHexDig) {
   return (isNumberToken(aHexDig) || (aHexDig >= 'A' && aHexDig <= 'F') ||
           (aHexDig >= 'a' && aHexDig <= 'f'));
 }

dom/security/nsCSPParser.h

@@ -8,9 +8,36 @@
 #define nsCSPParser_h___
 
 #include "nsCSPUtils.h"
+#include "nsCSPContext.h"
 #include "nsIURI.h"
 #include "PolicyTokenizer.h"
 
+bool isNumberToken(char16_t aSymbol);
+bool isValidHexDig(char16_t aHexDig);
+
+// clang-format off
+const char16_t COLON        = ':';
+const char16_t SEMICOLON    = ';';
+const char16_t SLASH        = '/';
+const char16_t PLUS         = '+';
+const char16_t DASH         = '-';
+const char16_t DOT          = '.';
+const char16_t UNDERLINE    = '_';
+const char16_t TILDE        = '~';
+const char16_t WILDCARD     = '*';
+const char16_t SINGLEQUOTE  = '\'';
+const char16_t NUMBER_SIGN  = '#';
+const char16_t QUESTIONMARK = '?';
+const char16_t PERCENT_SIGN = '%';
+const char16_t EXCLAMATION  = '!';
+const char16_t DOLLAR       = '$';
+const char16_t AMPERSAND    = '&';
+const char16_t OPENBRACE    = '(';
+const char16_t CLOSINGBRACE = ')';
+const char16_t EQUALS       = '=';
+const char16_t ATSYMBOL     = '@';
+// clang-format on
+
 class nsCSPParser {
  public:
   /**

dom/security/nsCSPService.cpp

@@ -19,6 +19,8 @@
 #include "nsContentUtils.h"
 #include "nsContentPolicyUtils.h"
 #include "nsNetUtil.h"
+#include "nsIProtocolHandler.h"
+#include "nsQueryObject.h"
 #include "mozilla/net/DocumentLoadListener.h"
 #include "mozilla/net/DocumentChannel.h"
 

dom/security/nsCSPService.h

@@ -40,7 +40,7 @@ class CSPService : public nsIContentPolicy, public nsIChannelEventSink {
   // an nsresult to Cancel the old channel with.
   static nsresult ConsultCSPForRedirect(nsIURI* aOriginalURI, nsIURI* aNewURI,
                                         nsILoadInfo* aLoadInfo,
-                                        Maybe<nsresult>& aCancelCode);
+                                        mozilla::Maybe<nsresult>& aCancelCode);
 
  protected:
   virtual ~CSPService();

dom/security/nsCSPUtils.cpp

@@ -9,6 +9,7 @@
 #include "nsContentUtils.h"
 #include "nsCSPUtils.h"
 #include "nsDebug.h"
+#include "nsCSPParser.h"
 #include "nsIConsoleService.h"
 #include "nsIChannel.h"
 #include "nsICryptoHash.h"
@@ -18,6 +19,7 @@
 #include "nsReadableUtils.h"
 #include "nsSandboxFlags.h"
 
+#include "mozilla/dom/CSPDictionariesBinding.h"
 #include "mozilla/dom/Document.h"
 #include "mozilla/StaticPrefs_security.h"
 
@@ -117,7 +119,7 @@ bool CSP_ShouldResponseInheritCSP(nsIChannel* aChannel) {
 
 void CSP_ApplyMetaCSPToDoc(mozilla::dom::Document& aDoc,
                            const nsAString& aPolicyStr) {
-  if (!StaticPrefs::security_csp_enable() || aDoc.IsLoadedAsData()) {
+  if (!mozilla::StaticPrefs::security_csp_enable() || aDoc.IsLoadedAsData()) {
     return;
   }
 

dom/security/nsContentSecurityManager.cpp

@@ -18,6 +18,7 @@
 #include "nsIOService.h"
 #include "nsContentUtils.h"
 #include "nsCORSListenerProxy.h"
+#include "nsIParentChannel.h"
 #include "nsIStreamListener.h"
 #include "nsIRedirectHistoryEntry.h"
 #include "nsReadableUtils.h"
@@ -31,6 +32,7 @@
 #include "mozilla/dom/BrowserChild.h"
 #include "mozilla/dom/ContentChild.h"
 #include "mozilla/dom/ContentParent.h"
+#include "mozilla/dom/Document.h"
 #include "mozilla/Components.h"
 #include "mozilla/Logging.h"
 #include "mozilla/StaticPrefs_dom.h"
@@ -43,14 +45,16 @@
 #include "jsapi.h"
 #include "js/RegExp.h"
 
+using namespace mozilla;
+using namespace mozilla::dom;
 using namespace mozilla::Telemetry;
 
 NS_IMPL_ISUPPORTS(nsContentSecurityManager, nsIContentSecurityManager,
                   nsIChannelEventSink)
 
-static mozilla::LazyLogModule sCSMLog("CSMLog");
+mozilla::LazyLogModule sCSMLog("CSMLog");
 
-static Atomic<bool, mozilla::Relaxed> sTelemetryEventEnabled(false);
+Atomic<bool, mozilla::Relaxed> sTelemetryEventEnabled(false);
 
 /* static */
 bool nsContentSecurityManager::AllowTopLevelNavigationToDataURI(