fixing bug 146458 - Liveconnect calls fail if applet's codebase is in different domain.

Use the domain of the page, like we do for script.
r=jst, sr=brendan, a=dbaron

js/src/liveconnect/nsCLiveconnect.cpp

@@ -81,46 +81,6 @@ PR_END_EXTERN_C
 #include "nsISecurityContext.h"
 #include "prmem.h"
 
-static nsresult
-CreatePrincipal(nsISupports* aSecuritySupports,
-                nsIScriptSecurityManager* aSecMan,
-                nsIPrincipal ** aOutPrincipal)
-{
-    nsresult rv;
-    nsCOMPtr<nsISecurityContext> securityContext(
-        do_QueryInterface(aSecuritySupports, &rv));
-    if (NS_FAILED(rv)) return rv;
-
-    char originBuf1[512];
-    char* origin = originBuf1;
-    size_t originSize = sizeof(originBuf1);
-    rv = securityContext->GetOrigin(origin, originSize);
-    while (NS_FAILED(rv) && originSize < 65536U)
-    {  // Try allocating a larger buffer on the heap
-        if (origin != originBuf1)
-        PR_Free(origin);
-        originSize *= 2;
-        origin = (char*)PR_Malloc(originSize);
-        if (!origin)
-            return NS_ERROR_OUT_OF_MEMORY;
-        rv = securityContext->GetOrigin(origin, originSize);
-    }
-    if (NS_FAILED(rv))
-    {
-        if (origin != originBuf1)
-            PR_Free(origin);
-        return rv;
-    }
-
-    nsCOMPtr<nsIURI> originURI;
-    rv = NS_NewURI(getter_AddRefs(originURI), origin);
-    if (origin != originBuf1)
-        PR_Free(origin);
-    if (NS_FAILED(rv)) return rv;
-
-    return aSecMan->GetCodebasePrincipal(originURI, aOutPrincipal);
-}
-
 /***************************************************************************/
 // A class to put on the stack to manage JS contexts when we are entering JS.
 // This pushes and pops the given context
@@ -176,10 +136,7 @@ AutoPushJSContext::AutoPushJSContext(nsISupports* aSecuritySupports,
         return;
 
     nsCOMPtr<nsIPrincipal> principal;
-    if (aSecuritySupports)
-        mPushResult = CreatePrincipal(aSecuritySupports, secMan, getter_AddRefs(principal));
-    else
-        mPushResult = secMan->GetPrincipalFromContext(cx, getter_AddRefs(principal));
+    mPushResult = secMan->GetPrincipalFromContext(cx, getter_AddRefs(principal));
 
     if (NS_FAILED(mPushResult))
     {
@@ -187,7 +144,7 @@ AutoPushJSContext::AutoPushJSContext(nsISupports* aSecuritySupports,
         return;
     }
 
-    // See if Javascript is enabled for the current window
+    // See if JavaScript is enabled for the current window
     PRBool jsEnabled = PR_FALSE;
     mPushResult = secMan->CanExecuteScripts(cx, principal, &jsEnabled);
     if (!jsEnabled)

modules/oji/src/lcglue.cpp

@@ -249,37 +249,21 @@ map_java_object_to_js_object_impl(JNIEnv *env, void *pluginInstancePtr, char* *e
 JS_STATIC_DLL_CALLBACK(JSPrincipals*)
 get_JSPrincipals_from_java_caller_impl(JNIEnv *pJNIEnv, JSContext *pJSContext, void  **ppNSIPrincipalArrayIN, int numPrincipals, void *pNSISecurityContext)
 {
-    nsISupports* credentials = NS_REINTERPRET_CAST(nsISupports*, pNSISecurityContext);
-    nsCOMPtr<nsISecurityContext> securityContext = do_QueryInterface(credentials);
-    if (securityContext) {
-        nsresult rv;
-        nsCOMPtr<nsIScriptSecurityManager> ssm = do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
-        if (NS_SUCCEEDED(rv)) {
-            char codebase[512];
-            rv = securityContext->GetOrigin(codebase, sizeof(codebase) - 1);
-            if (NS_SUCCEEDED(rv)) {
-                nsCOMPtr<nsIURI> codebaseURI;
-                rv = NS_NewURI(getter_AddRefs(codebaseURI), nsDependentCString(codebase));
-                if (NS_SUCCEEDED(rv)) {
-                    nsCOMPtr<nsIPrincipal> principal;
-                    rv = ssm->GetCodebasePrincipal(codebaseURI, getter_AddRefs(principal));
-                    if (NS_SUCCEEDED(rv)) {
-                        JSPrincipals* jsprincipals;
-                        principal->GetJSPrincipals(pJSContext, &jsprincipals);
-                        return jsprincipals;
-                    }
-                }
-            }
-        }
-    } else {
-        nsCOMPtr<nsIPrincipal> principal = do_QueryInterface(credentials);
-        if (principal) {
-            JSPrincipals* jsprincipals;
-            principal->GetJSPrincipals(pJSContext, &jsprincipals);
-            return jsprincipals;
-        }
-    }
-    return NULL;
+    nsresult rv;
+    nsCOMPtr<nsIScriptSecurityManager> secMan = 
+        do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
+    if (NS_FAILED(rv))
+        return NULL;
+
+    nsCOMPtr<nsIPrincipal> principal;
+    rv = secMan->GetPrincipalFromContext(pJSContext,
+                                         getter_AddRefs(principal));
+    if (NS_FAILED(rv))
+        return NULL;
+
+    JSPrincipals* jsprincipals = NULL;
+    principal->GetJSPrincipals(pJSContext, &jsprincipals);
+    return jsprincipals;
 }
 
 JS_STATIC_DLL_CALLBACK(jobject)
@@ -330,72 +314,6 @@ enter_js_from_java_impl(JNIEnv *jEnv, char **errp,
                         void *pNSISecurityContext,
                         void *java_applet_obj)
 {
-    JSContext *pJSCX    = map_jsj_thread_to_js_context_impl(nsnull,java_applet_obj,jEnv,errp);
-    nsCOMPtr<nsIPrincipal> principal;
-
-    nsISupports* credentials = NS_REINTERPRET_CAST(nsISupports*, pNSISecurityContext);
-    nsCOMPtr<nsISecurityContext> javaSecurityContext = do_QueryInterface(credentials);
-    if (javaSecurityContext) {
-        if (pJSCX) {
-            nsIScriptContext *scriptContext =
-                GetScriptContextFromJSContext(pJSCX);
-
-            if (scriptContext) {
-                nsIScriptGlobalObject *global =
-                    scriptContext->GetGlobalObject();
-                NS_ASSERTION(global, "script context has no global object");
-
-                nsCOMPtr<nsIScriptObjectPrincipal> globalData =
-                    do_QueryInterface(global);
-                if (globalData) {
-                    if (NS_FAILED(globalData->GetPrincipal(getter_AddRefs(principal))))
-                        return NS_ERROR_FAILURE;
-                }
-            }
-        }
-
-        // What if !pJSCX? 
-
-        nsCOMPtr<nsISecurityContext> jsSecurityContext = new nsCSecurityContext(principal);
-        if (!jsSecurityContext)
-            return PR_FALSE;
-
-        // Check that the origin + certificate are the same.
-        // If not, then return false.
-
-        const int buflen = 512;
-        char jsorigin[buflen];
-        char jvorigin[buflen];
-        *jsorigin = nsnull;
-        *jvorigin = nsnull;
-        
-        jsSecurityContext->GetOrigin(jsorigin,buflen);
-        javaSecurityContext->GetOrigin(jvorigin,buflen);
-
-        if (nsCRT::strcasecmp(jsorigin,jvorigin)) {
-            return PR_FALSE;
-        }
-
-#if 0
-      // ISSUE: Needs security review. We don't compare certificates. 
-      // because currently there is no basis for making a postive comparison.
-      // If one or the other context is signed, the comparison will fail.
-
-        char jscertid[buflen];
-        char jvcertid[buflen];
-        *jscertid = nsnull;
-        *jvcertid = nsnull;
-
-        jsSecurityContext->GetCertificateID(jscertid,buflen);
-        javaSecurityContext->GetCertificateID(jvcertid,buflen);
-
-        if (nsCRT::strcasecmp(jscertid,jvcertid)) {
-            return PR_FALSE;
-        }
-#endif
-
-    }
-
 	return PR_TRUE;
 }
 

modules/oji/src/nsCSecurityContext.cpp

@@ -54,9 +54,7 @@
 // For GetOrigin()
 
 #include "nsIScriptSecurityManager.h"
-#include "nsIScriptGlobalObject.h"
 #include "nsIServiceManager.h"
-#include "nsIScriptObjectPrincipal.h"
 #include "nsCRT.h"
 
 #include "nsTraceRefcnt.h"
@@ -66,31 +64,12 @@ static NS_DEFINE_IID(kISupportsIID, NS_ISUPPORTS_IID);
 
 
 ////////////////////////////////////////////////////////////////////////////
-// from nsISupports 
+// nsISupports 
 
-// Thes macro expands to the aggregated query interface scheme.
-
-NS_IMPL_ADDREF(nsCSecurityContext)
-NS_IMPL_RELEASE(nsCSecurityContext)
-
-NS_METHOD
-nsCSecurityContext::QueryInterface(const nsIID& aIID, void** aInstancePtr)
-{
-    if (NULL == aInstancePtr) {                                            
-        return NS_ERROR_NULL_POINTER;                                        
-    }   
-    *aInstancePtr = NULL;
-    if (aIID.Equals(kISecurityContextIID) ||
-        aIID.Equals(kISupportsIID)) {
-        *aInstancePtr = (nsISecurityContext*) this;
-        AddRef();
-        return NS_OK;
-    }
-    return NS_NOINTERFACE; 
-}
+NS_IMPL_ISUPPORTS1(nsCSecurityContext, nsISecurityContext)
 
 ////////////////////////////////////////////////////////////////////////////
-// from nsISecurityContext:
+// nsISecurityContext
 
 NS_METHOD 
 nsCSecurityContext::Implies(const char* target, const char* action, PRBool *bAllowedAccess)
@@ -100,14 +79,21 @@ nsCSecurityContext::Implies(const char* target, const char* action, PRBool *bAll
     }
   
     if(!nsCRT::strcmp(target,"UniversalBrowserRead")) {
-        *bAllowedAccess = m_HasUniversalBrowserReadCapability;
-        return NS_OK;
+        // XXX we lie to the applet and say we have UniversalBrowserRead
+        // even if we don't so that we can bypass the Java plugin's broken
+        // origin checks.  Note that this only affects the plugin's perception
+        // of our script's capabilities, and has no bearing on the script's
+        // real capabilities. This code should be changed to assign
+        // |m_HasUniversalBrowserReadCapability| into the out parameter
+        // once Java's origin checking code is fixed.
+        // See bug 146458 for details.
+        *bAllowedAccess = PR_TRUE;
     } else if(!nsCRT::strcmp(target,"UniversalJavaPermission")) {
         *bAllowedAccess = m_HasUniversalJavaCapability;
-        return NS_OK;
     } else {
         *bAllowedAccess = PR_FALSE;
     }
+
     return NS_OK;
 }