From 02cef3103a5d0908faa709f0796c470beae3181b Mon Sep 17 00:00:00 2001 From: Jonathan Kingston Date: Tue, 20 Nov 2018 18:08:03 +0000 Subject: [PATCH] Bug 1508609 - Add strict checking of principals into DocShell LoadURI. r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D12425 --HG-- extra : moz-landing-system : lando --- docshell/base/nsDocShell.cpp | 5 +++++ docshell/shistory/nsSHistory.cpp | 3 +++ 2 files changed, 8 insertions(+) diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index fdafb5f2ffc8..961be12c2c61 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -679,6 +679,11 @@ nsDocShell::LoadURI(nsDocShellLoadState* aLoadState) "Should not have these flags set"); MOZ_ASSERT(aLoadState->URI(), "Should have a valid URI to load"); + if (mUseStrictSecurityChecks && !aLoadState->TriggeringPrincipal()) { + MOZ_ASSERT(false, "LoadURI must have a triggering principal"); + return NS_ERROR_FAILURE; + } + // Note: we allow loads to get through here even if mFiredUnloadEvent is // true; that case will get handled in LoadInternal or LoadHistoryEntry, // so we pass false as the second parameter to IsNavigationAllowed. diff --git a/docshell/shistory/nsSHistory.cpp b/docshell/shistory/nsSHistory.cpp index e489e75d5b32..57ded04d072e 100644 --- a/docshell/shistory/nsSHistory.cpp +++ b/docshell/shistory/nsSHistory.cpp @@ -8,6 +8,7 @@ #include +#include "nsContentUtils.h" #include "nsCOMArray.h" #include "nsComponentManagerUtils.h" #include "nsDocShell.h" @@ -1594,6 +1595,8 @@ nsSHistory::InitiateLoad(nsISHEntry* aFrameEntry, nsIDocShell* aFrameDS, nsCOMPtr newURI = aFrameEntry->GetURI(); loadState->SetURI(newURI); loadState->SetLoadFlags(nsIWebNavigation::LOAD_FLAGS_NONE); + // TODO fix principal here in Bug 1508642 + loadState->SetTriggeringPrincipal(nsContentUtils::GetSystemPrincipal()); loadState->SetFirstParty(false); // Time to initiate a document load