Bug 1517434 part 2. Convert existing callers of GetIsSystemPrincipal() to IsSystemPrincipal(). r=mccr8

Differential Revision: https://phabricator.services.mozilla.com/D15673 --HG-- extra : moz-landing-system : lando
2019-01-03 20:55:38 +00:00 · 2019-01-03 20:55:38 +00:00 · 058f83508f
--- a/caps/nsIPrincipal.idl
+++ b/caps/nsIPrincipal.idl
@ -331,9 +331,10 @@ interface nsIPrincipal : nsISerializable
    [infallible] readonly attribute boolean isExpandedPrincipal;

    /**
-     * Returns true iff this is the system principal.
+     * Returns true iff this is the system principal.  C++ callers should use
+     * IsSystemPrincipal() instead of this scriptable accessor.
     */
-    [infallible] readonly attribute boolean isSystemPrincipal;
+    readonly attribute boolean isSystemPrincipal;

    /**
     * Faster and nicer version callable from C++.  Callers must include
--- a/caps/nsIScriptSecurityManager.idl
+++ b/caps/nsIScriptSecurityManager.idl
@ -224,6 +224,10 @@ interface nsIScriptSecurityManager : nsISupports
     * Check whether a given principal is a system principal.  This allows us
     * to avoid handing back the system principal to script while allowing
     * script to check whether a given principal is system.
+     *
+     * @deprecated use nsIPrincipal's accessors for this boolean.
+     * https://bugzilla.mozilla.org/show_bug.cgi?id=1517483 tracks removing
+     * this.
     */
    boolean isSystemPrincipal(in nsIPrincipal aPrincipal);
 %{C++
--- a/dom/base/nsContentPolicyUtils.h
+++ b/dom/base/nsContentPolicyUtils.h
@ -14,6 +14,8 @@
 #ifndef __nsContentPolicyUtils_h__
 #define __nsContentPolicyUtils_h__

+#include "mozilla/BasePrincipal.h"
+
 #include "nsContentUtils.h"
 #include "nsIContentPolicy.h"
 #include "nsIContent.h"
@ -26,8 +28,6 @@
 #include "nsIDocument.h"
 #include "nsPIDOMWindow.h"

-class nsIPrincipal;
-
 #define NS_CONTENTPOLICY_CONTRACTID "@mozilla.org/layout/content-policy;1"
 #define NS_CONTENTPOLICY_CATEGORY "content-policy"
 #define NS_CONTENTPOLICY_CID                         \
@ -172,7 +172,7 @@ inline const char *NS_CP_ContentTypeName(uint32_t contentType) {
     * from content policy checks, mostly as an optimization. Which means      \
     * that we need to apply this check to the loading principal, not the      \
     * principal that triggered the load. */                                   \
-    bool isSystem = loadingPrincipal->GetIsSystemPrincipal();                  \
+    bool isSystem = loadingPrincipal->IsSystemPrincipal();                     \
    if (isSystem && contentType != nsIContentPolicy::TYPE_DOCUMENT) {          \
      *decision = nsIContentPolicy::ACCEPT;                                    \
      nsCOMPtr<nsINode> n = do_QueryInterface(context);                        \
--- a/dom/base/nsContentUtils.cpp
+++ b/dom/base/nsContentUtils.cpp
@ -38,6 +38,7 @@
 #include "mozilla/AutoTimelineMarker.h"
 #include "mozilla/BackgroundHangMonitor.h"
 #include "mozilla/Base64.h"
+#include "mozilla/BasePrincipal.h"
 #include "mozilla/CheckedInt.h"
 #include "mozilla/DebugOnly.h"
 #include "mozilla/LoadInfo.h"
@ -5023,8 +5024,9 @@ void nsContentUtils::NotifyInstalledMenuKeyboardListener(bool aInstalling) {
 }

 bool nsContentUtils::IsSystemPrincipal(nsIPrincipal* aPrincipal) {
-  MOZ_ASSERT(IsInitialized());
-  return aPrincipal == sSystemPrincipal;
+  // Some consumers call us with a null aPrincipal and expect a false return
+  // value...
+  return aPrincipal && aPrincipal->IsSystemPrincipal();
 }

 bool nsContentUtils::IsExpandedPrincipal(nsIPrincipal* aPrincipal) {
@ -6365,7 +6367,7 @@ bool nsContentUtils::AllowXULXBLForPrincipal(nsIPrincipal* aPrincipal) {
    return false;
  }

-  if (IsSystemPrincipal(aPrincipal)) {
+  if (aPrincipal->IsSystemPrincipal()) {
    return true;
  }

@ -6556,7 +6558,7 @@ bool nsContentUtils::ChannelShouldInheritPrincipal(
         NS_SUCCEEDED(aLoadingPrincipal->CheckMayLoad(aURI, false, false)) &&
         // One more check here.  CheckMayLoad will always return true for the
         // system principal, but we do NOT want to inherit in that case.
-         !IsSystemPrincipal(aLoadingPrincipal));
+         !aLoadingPrincipal->IsSystemPrincipal());
  }
  return inherit;
 }
@ -7960,7 +7962,7 @@ nsresult nsContentUtils::SetFetchReferrerURIWithPolicy(

  nsCOMPtr<nsIURI> principalURI;

-  if (IsSystemPrincipal(aPrincipal)) {
+  if (aPrincipal->IsSystemPrincipal()) {
    return NS_OK;
  }

@ -9233,7 +9235,7 @@ bool nsContentUtils::IsSpecificAboutPage(JSObject* aGlobal, const char* aUri) {

  nsCOMPtr<nsIPrincipal> principal = aDocument->NodePrincipal();

-  if (principal->GetIsSystemPrincipal()) {
+  if (principal->IsSystemPrincipal()) {
    return true;
  }

@ -9250,7 +9252,7 @@ bool nsContentUtils::IsSpecificAboutPage(JSObject* aGlobal, const char* aUri) {
      if (NS_FAILED(rv)) {
        return false;
      }
-      if (principal->GetIsSystemPrincipal()) {
+      if (principal->IsSystemPrincipal()) {
        // If a document with the system principal is sandboxing a subdocument
        // that would normally inherit the embedding element's principal (e.g.
        // a srcdoc document) then the embedding document does not trust the
@ -9851,7 +9853,7 @@ static void AppendNativeAnonymousChildrenFromFrame(nsIFrame* aFrame,
  }

  // If aLoadingNode is content, bail out early.
-  if (!aLoadingNode->NodePrincipal()->GetIsSystemPrincipal()) {
+  if (!aLoadingNode->NodePrincipal()->IsSystemPrincipal()) {
    loadingPrincipal.forget(aTriggeringPrincipal);
    return result;
  }
--- a/dom/base/nsContentUtils.h
+++ b/dom/base/nsContentUtils.h
@ -1798,6 +1798,9 @@ class nsContentUtils {

  /**
   * Returns true if aPrincipal is the system principal.
+   *
+   * @deprecated Use nsIPrincipal::IsSystemPrincipal instead!
+   * https://bugzilla.mozilla.org/show_bug.cgi?id=1517588 tracks removing this.
   */
  static bool IsSystemPrincipal(nsIPrincipal* aPrincipal);

--- a/dom/base/nsGlobalWindowOuter.cpp
+++ b/dom/base/nsGlobalWindowOuter.cpp
@ -5522,7 +5522,7 @@ bool nsGlobalWindowOuter::GetPrincipalForPostMessage(
  // "*" indicates no specific origin is required.
  else if (!aTargetOrigin.EqualsASCII("*")) {
    OriginAttributes attrs = aSubjectPrincipal.OriginAttributesRef();
-    if (aSubjectPrincipal.GetIsSystemPrincipal()) {
+    if (aSubjectPrincipal.IsSystemPrincipal()) {
      auto principal = BasePrincipal::Cast(GetPrincipal());

      if (attrs != principal->OriginAttributesRef()) {
@ -5574,13 +5574,13 @@ bool nsGlobalWindowOuter::GetPrincipalForPostMessage(
    // ContentTask.spawn() will be executed under the system principal and the
    // OA of the system principal mismatches with the OA of a private browsing
    // window.
-    MOZ_DIAGNOSTIC_ASSERT(aSubjectPrincipal.GetIsSystemPrincipal() ||
+    MOZ_DIAGNOSTIC_ASSERT(aSubjectPrincipal.IsSystemPrincipal() ||
                          sourceAttrs.EqualsIgnoringFPD(targetAttrs));

    // If 'privacy.firstparty.isolate.block_post_message' is true, we will block
    // postMessage across different first party domains.
    if (OriginAttributes::IsBlockPostMessageForFPI() &&
-        !aSubjectPrincipal.GetIsSystemPrincipal() &&
+        !aSubjectPrincipal.IsSystemPrincipal() &&
        sourceAttrs.mFirstPartyDomain != targetAttrs.mFirstPartyDomain) {
      return false;
    }
--- a/dom/events/Clipboard.cpp
+++ b/dom/events/Clipboard.cpp
@ -5,6 +5,7 @@
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

 #include "mozilla/AbstractThread.h"
+#include "mozilla/BasePrincipal.h"
 #include "mozilla/dom/Clipboard.h"
 #include "mozilla/dom/ClipboardBinding.h"
 #include "mozilla/dom/Promise.h"
@ -183,7 +184,7 @@ JSObject* Clipboard::WrapObject(JSContext* aCx,
                                             JSObject* aGlobal) {
  nsIPrincipal* prin = nsContentUtils::SubjectPrincipal(aCx);
  return IsTestingPrefEnabled() || prin->GetIsAddonOrExpandedAddonPrincipal() ||
-         prin->GetIsSystemPrincipal();
+         prin->IsSystemPrincipal();
 }

 /* static */ bool Clipboard::IsTestingPrefEnabled() {
--- a/dom/media/DOMMediaStream.cpp
+++ b/dom/media/DOMMediaStream.cpp
@ -13,6 +13,7 @@
 #include "MediaStreamGraphImpl.h"
 #include "MediaStreamListener.h"
 #include "VideoStreamTrack.h"
+#include "mozilla/BasePrincipal.h"
 #include "mozilla/dom/AudioNode.h"
 #include "mozilla/dom/AudioTrack.h"
 #include "mozilla/dom/AudioTrackList.h"
@ -732,7 +733,7 @@ void DOMMediaStream::NotifyPrincipalChanged() {
                         this, mPrincipal->GetIsNullPrincipal(),
                         mPrincipal->GetIsCodebasePrincipal(),
                         mPrincipal->GetIsExpandedPrincipal(),
-                         mPrincipal->GetIsSystemPrincipal()));
+                         mPrincipal->IsSystemPrincipal()));
  }

  for (uint32_t i = 0; i < mPrincipalChangeObservers.Length(); ++i) {
--- a/dom/media/MediaStreamTrack.cpp
+++ b/dom/media/MediaStreamTrack.cpp
@ -9,6 +9,7 @@
 #include "MediaStreamError.h"
 #include "MediaStreamGraph.h"
 #include "MediaStreamListener.h"
+#include "mozilla/BasePrincipal.h"
 #include "mozilla/dom/Promise.h"
 #include "nsContentUtils.h"
 #include "nsIUUIDGenerator.h"
@ -397,12 +398,12 @@ void MediaStreamTrack::SetPrincipal(nsIPrincipal* aPrincipal) {
  }
  mPrincipal = aPrincipal;

-  LOG(LogLevel::Info, ("MediaStreamTrack %p principal changed to %p. Now: "
-                       "null=%d, codebase=%d, expanded=%d, system=%d",
-                       this, mPrincipal.get(), mPrincipal->GetIsNullPrincipal(),
-                       mPrincipal->GetIsCodebasePrincipal(),
-                       mPrincipal->GetIsExpandedPrincipal(),
-                       mPrincipal->GetIsSystemPrincipal()));
+  LOG(LogLevel::Info,
+      ("MediaStreamTrack %p principal changed to %p. Now: "
+       "null=%d, codebase=%d, expanded=%d, system=%d",
+       this, mPrincipal.get(), mPrincipal->GetIsNullPrincipal(),
+       mPrincipal->GetIsCodebasePrincipal(),
+       mPrincipal->GetIsExpandedPrincipal(), mPrincipal->IsSystemPrincipal()));
  for (PrincipalChangeObserver<MediaStreamTrack>* observer :
       mPrincipalChangeObservers) {
    observer->PrincipalChanged(this);
--- a/dom/security/nsContentSecurityManager.cpp
+++ b/dom/security/nsContentSecurityManager.cpp
@ -21,6 +21,7 @@
 #include "nsIImageLoadingContent.h"
 #include "nsIRedirectHistoryEntry.h"

+#include "mozilla/BasePrincipal.h"
 #include "mozilla/dom/Element.h"
 #include "mozilla/dom/nsMixedContentBlocker.h"
 #include "mozilla/dom/TabChild.h"
@ -1003,7 +1004,7 @@ nsContentSecurityManager::IsOriginPotentiallyTrustworthy(
  NS_ENSURE_ARG_POINTER(aPrincipal);
  NS_ENSURE_ARG_POINTER(aIsTrustWorthy);

-  if (aPrincipal->GetIsSystemPrincipal()) {
+  if (aPrincipal->IsSystemPrincipal()) {
    *aIsTrustWorthy = true;
    return NS_OK;
  }
--- a/dom/workers/WorkerLoadInfo.cpp
+++ b/dom/workers/WorkerLoadInfo.cpp
@ -7,6 +7,7 @@
 #include "WorkerLoadInfo.h"
 #include "WorkerPrivate.h"

+#include "mozilla/BasePrincipal.h"
 #include "mozilla/dom/TabChild.h"
 #include "mozilla/ipc/BackgroundUtils.h"
 #include "mozilla/ipc/PBackgroundSharedTypes.h"
@ -253,7 +254,7 @@ bool WorkerLoadInfo::PrincipalURIMatchesScriptURL() {
  NS_ENSURE_SUCCESS(rv, false);

  // A system principal must either be a blob URL or a resource JSM.
-  if (mPrincipal->GetIsSystemPrincipal()) {
+  if (mPrincipal->IsSystemPrincipal()) {
    if (scheme == NS_LITERAL_CSTRING("blob")) {
      return true;
    }
--- a/js/xpconnect/loader/mozJSLoaderUtils.cpp
+++ b/js/xpconnect/loader/mozJSLoaderUtils.cpp
@ -9,7 +9,7 @@
 #include "jsapi.h"
 #include "jsfriendapi.h"

-#include "nsJSPrincipals.h"
+#include "mozilla/BasePrincipal.h"

 using namespace JS;
 using namespace mozilla::scache;
@ -45,8 +45,8 @@ nsresult ReadCachedScript(StartupCache* cache, nsACString& uri, JSContext* cx,

 nsresult WriteCachedScript(StartupCache* cache, nsACString& uri, JSContext* cx,
                           HandleScript script) {
-  MOZ_ASSERT(nsJSPrincipals::get(JS_GetScriptPrincipals(script))
-                 ->GetIsSystemPrincipal());
+  MOZ_ASSERT(
+      nsJSPrincipals::get(JS_GetScriptPrincipals(script))->IsSystemPrincipal());

  JS::TranscodeBuffer buffer;
  JS::TranscodeResult code = JS::EncodeScript(cx, buffer, script);
--- a/netwerk/base/nsNetUtil.cpp
+++ b/netwerk/base/nsNetUtil.cpp
@ -264,7 +264,7 @@ void AssertLoadingPrincipalAndClientInfoMatch(
  //     Equals().

  // Allow worker debugger to load with a system principal.
-  if (aLoadingPrincipal->GetIsSystemPrincipal() &&
+  if (aLoadingPrincipal->IsSystemPrincipal() &&
      (aType == nsIContentPolicy::TYPE_INTERNAL_WORKER ||
       aType == nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER ||
       aType == nsIContentPolicy::TYPE_INTERNAL_SERVICE_WORKER ||
--- a/toolkit/mozapps/extensions/AddonManagerWebAPI.cpp
+++ b/toolkit/mozapps/extensions/AddonManagerWebAPI.cpp
@ -6,6 +6,7 @@

 #include "AddonManagerWebAPI.h"

+#include "mozilla/BasePrincipal.h"
 #include "mozilla/dom/Navigator.h"
 #include "mozilla/dom/NavigatorBinding.h"

@ -120,7 +121,7 @@ bool AddonManagerWebAPI::IsAPIEnabled(JSContext* aCx, JSObject* aGlobal) {

    // Reaching a window with a system principal means we have reached
    // privileged UI of some kind so stop at this point and allow access.
-    if (principal->GetIsSystemPrincipal()) {
+    if (principal->IsSystemPrincipal()) {
      return true;
    }