diff --git a/caps/nsIScriptSecurityManager.idl b/caps/nsIScriptSecurityManager.idl index 5b57756c2800..33503a33ef0c 100644 --- a/caps/nsIScriptSecurityManager.idl +++ b/caps/nsIScriptSecurityManager.idl @@ -19,7 +19,7 @@ interface nsILoadContext; [ptr] native JSContextPtr(JSContext); [ptr] native JSObjectPtr(JSObject); -[scriptable, uuid(3b021962-975e-43b5-8a93-9fc2d20346e9)] +[scriptable, uuid(f649959d-dae3-4027-83fd-5b7f8c8a8815)] interface nsIScriptSecurityManager : nsISupports { /** @@ -178,13 +178,6 @@ interface nsIScriptSecurityManager : nsISupports */ [deprecated] nsIPrincipal getCodebasePrincipal(in nsIURI uri); - /** - * Returns OK if aJSContext and target have the same "origin" - * (scheme, host, and port). - */ - [noscript] void checkSameOrigin(in JSContextPtr aJSContext, - in nsIURI aTargetURI); - /** * Returns OK if aSourceURI and target have the same "origin" * (scheme, host, and port). diff --git a/caps/nsScriptSecurityManager.cpp b/caps/nsScriptSecurityManager.cpp index 106f441732d0..21ab246b7d42 100644 --- a/caps/nsScriptSecurityManager.cpp +++ b/caps/nsScriptSecurityManager.cpp @@ -441,39 +441,6 @@ nsScriptSecurityManager::JSPrincipalsSubsume(JSPrincipals *first, return nsJSPrincipals::get(first)->Subsumes(nsJSPrincipals::get(second)); } -NS_IMETHODIMP -nsScriptSecurityManager::CheckSameOrigin(JSContext* cx, - nsIURI* aTargetURI) -{ - MOZ_ASSERT_IF(cx, cx == nsContentUtils::GetCurrentJSContext()); - - // Get a principal from the context - nsIPrincipal* sourcePrincipal = nsContentUtils::SubjectPrincipal(); - if (sourcePrincipal == mSystemPrincipal) - { - // This is a system (chrome) script, so allow access - return NS_OK; - } - - // Get the original URI from the source principal. - // This has the effect of ignoring any change to document.domain - // which must be done to avoid DNS spoofing (bug 154930) - nsCOMPtr sourceURI; - sourcePrincipal->GetDomain(getter_AddRefs(sourceURI)); - if (!sourceURI) { - sourcePrincipal->GetURI(getter_AddRefs(sourceURI)); - NS_ENSURE_TRUE(sourceURI, NS_ERROR_FAILURE); - } - - // Compare origins - if (!SecurityCompareURIs(sourceURI, aTargetURI)) - { - ReportError(cx, NS_LITERAL_STRING("CheckSameOriginError"), sourceURI, aTargetURI); - return NS_ERROR_DOM_BAD_URI; - } - return NS_OK; -} - NS_IMETHODIMP nsScriptSecurityManager::CheckSameOriginURI(nsIURI* aSourceURI, nsIURI* aTargetURI,