From 0c3706888ce66da502ba53e4b2cbdc52025e71e2 Mon Sep 17 00:00:00 2001 From: "bzbarsky%mit.edu" Date: Thu, 27 Apr 2006 18:21:11 +0000 Subject: [PATCH] Rename GetNodePrincipal to NodePrincipal. Bug 327246, r+sr=sicking --- content/base/public/nsINode.h | 15 +++--- content/base/public/nsINodeInfo.h | 11 ++--- content/base/src/nsContentAreaDragDrop.cpp | 33 ++++++------- content/base/src/nsContentSink.cpp | 7 +-- content/base/src/nsContentUtils.cpp | 27 +++------- content/base/src/nsDOMSerializer.cpp | 49 +++++++++---------- content/base/src/nsDocument.cpp | 18 ++----- content/base/src/nsFrameLoader.cpp | 8 +-- content/base/src/nsGenericElement.cpp | 10 ++-- content/base/src/nsNodeInfo.h | 5 -- content/base/src/nsNodeInfoManager.cpp | 3 ++ content/base/src/nsNodeInfoManager.h | 5 +- content/base/src/nsObjectLoadingContent.cpp | 3 +- content/base/src/nsScriptLoader.cpp | 28 +++-------- content/base/src/nsXMLHttpRequest.cpp | 2 +- .../canvas/src/nsCanvasRenderingContext2D.cpp | 7 ++- .../html/content/src/nsHTMLFormElement.cpp | 2 +- .../html/document/src/nsHTMLContentSink.cpp | 9 ++-- content/html/document/src/nsHTMLDocument.cpp | 35 +++---------- .../src/nsHTMLFragmentContentSink.cpp | 4 +- content/xbl/src/nsXBLBinding.cpp | 8 +-- content/xbl/src/nsXBLContentSink.cpp | 25 +++++----- content/xbl/src/nsXBLDocumentInfo.cpp | 2 +- content/xbl/src/nsXBLService.cpp | 6 +-- content/xml/document/src/nsXMLContentSink.cpp | 4 +- content/xml/document/src/nsXMLDocument.cpp | 4 +- content/xslt/src/base/txURIUtils.cpp | 5 +- content/xslt/src/xslt/txMozillaTextOutput.cpp | 5 +- content/xul/content/src/nsXULElement.cpp | 11 ++--- .../xul/content/src/nsXULPopupListener.cpp | 10 ++-- content/xul/document/src/nsXULContentSink.cpp | 2 +- .../templates/src/nsXULTemplateBuilder.cpp | 6 +-- .../xul/templates/src/nsXULTreeBuilder.cpp | 8 +-- docshell/base/nsDocShell.cpp | 8 ++- dom/src/base/nsGlobalWindow.cpp | 25 +++------- .../components/find/src/nsWebBrowserFind.cpp | 6 +-- extensions/xforms/nsXFormsUtils.cpp | 38 +++++++------- extensions/xmlterm/base/mozLineTerm.cpp | 4 +- extensions/xmlterm/base/mozXMLTermUtils.cpp | 4 +- layout/generic/nsImageFrame.cpp | 7 +-- modules/plugin/base/src/nsPluginHostImpl.cpp | 6 +-- .../boot/src/nsSecureBrowserUIImpl.cpp | 2 +- 42 files changed, 170 insertions(+), 307 deletions(-) diff --git a/content/base/public/nsINode.h b/content/base/public/nsINode.h index 65a5efe763e3..049e3aa277c8 100644 --- a/content/base/public/nsINode.h +++ b/content/base/public/nsINode.h @@ -57,10 +57,10 @@ class nsIEventListenerManager; class nsIPrincipal; // IID for the nsINode interface -// ec67d9d2-be1e-41d8-b7d0-92f72a2667db +// f96eef82-43fc-4eee-9784-4259415e98a9 #define NS_INODE_IID \ -{ 0x2ad78957, 0x52e8, 0x493a, \ - { 0x8b, 0x5a, 0xe6, 0x91, 0xdc, 0xe3, 0x36, 0xe7 } } +{ 0xf96eef82, 0x43fc, 0x4eee, \ + { 0x97, 0x84, 0x42, 0x59, 0x41, 0x5e, 0x98, 0xa9 } } // hack to make egcs / gcc 2.95.2 happy class nsINode_base : public nsIDOMGCParticipant { @@ -238,12 +238,11 @@ public: nsresult *aStatus = nsnull); /** - * Return the principal of this node. This may return null; in that case the - * caller should assume that all same-origin checks against this node fail - * and that this node has no permissions to do anything. + * Return the principal of this node. This is guaranteed to never be a null + * pointer. */ - nsIPrincipal* GetNodePrincipal() const { - return mNodeInfo->NodeInfoManager()->GetDocumentPrincipal(); + nsIPrincipal* NodePrincipal() const { + return mNodeInfo->NodeInfoManager()->DocumentPrincipal(); } /** diff --git a/content/base/public/nsINodeInfo.h b/content/base/public/nsINodeInfo.h index 29b14ca51a75..8e20a7bc83ec 100644 --- a/content/base/public/nsINodeInfo.h +++ b/content/base/public/nsINodeInfo.h @@ -68,10 +68,10 @@ class nsIURI; class nsIPrincipal; // IID for the nsINodeInfo interface -// 37840f19-f65f-4185-baff-c475d9e2b3f2 +// 35e53115-b884-4cfc-aa95-bdf0aa5152cf #define NS_INODEINFO_IID \ -{ 0x37840f19, 0xf65f, 0x4185, \ - { 0xba, 0xff, 0xc4, 0x75, 0xd9, 0xe2, 0xb3, 0xf2 } } +{ 0x35e53115, 0xb884, 0x4cfc, \ + { 0xaa, 0x95, 0xbd, 0xf0, 0xaa, 0x51, 0x52, 0xcf } } class nsINodeInfo : public nsISupports { @@ -286,11 +286,6 @@ public: return mOwnerManager->GetDocument(); } - /* - * Retrieve a pointer to the principal for the document of this node info. - */ - virtual nsIPrincipal *GetDocumentPrincipal() const = 0; - protected: virtual PRBool QualifiedNameEqualsInternal(const nsACString& aQualifiedName) const = 0; diff --git a/content/base/src/nsContentAreaDragDrop.cpp b/content/base/src/nsContentAreaDragDrop.cpp index dad177781247..f1f464b27932 100644 --- a/content/base/src/nsContentAreaDragDrop.cpp +++ b/content/base/src/nsContentAreaDragDrop.cpp @@ -560,29 +560,28 @@ nsContentAreaDragDrop::DragDrop(nsIDOMEvent* inMouseEvent) if (url.IsEmpty() || url.FindChar(' ') >= 0) return NS_OK; + nsCOMPtr uri; + NS_NewURI(getter_AddRefs(uri), url); + if (!uri) { + // Not actually a URI + return NS_OK; + } + nsCOMPtr sourceDocument; session->GetSourceDocument(getter_AddRefs(sourceDocument)); nsCOMPtr sourceDoc(do_QueryInterface(sourceDocument)); - if (sourceDoc && sourceDoc->GetNodePrincipal()) { - nsCOMPtr sourceUri; - sourceDoc->GetNodePrincipal()->GetURI(getter_AddRefs(sourceUri)); + if (sourceDoc) { + rv = nsContentUtils::GetSecurityManager()-> + CheckLoadURIWithPrincipal(sourceDoc->NodePrincipal(), uri, + nsIScriptSecurityManager::STANDARD); - if (sourceUri) { - nsCAutoString sourceUriStr; - sourceUri->GetSpec(sourceUriStr); + if (NS_FAILED(rv)) { + // Security check failed, stop event propagation right here + // and return the error. + inMouseEvent->StopPropagation(); - rv = nsContentUtils::GetSecurityManager()-> - CheckLoadURIStr(sourceUriStr, NS_ConvertUTF16toUTF8(url), - nsIScriptSecurityManager::STANDARD); - - if (NS_FAILED(rv)) { - // Security check failed, stop even propagation right here - // and return the error. - inMouseEvent->StopPropagation(); - - return rv; - } + return rv; } } diff --git a/content/base/src/nsContentSink.cpp b/content/base/src/nsContentSink.cpp index 4e5c75b94d0e..868a423e8245 100644 --- a/content/base/src/nsContentSink.cpp +++ b/content/base/src/nsContentSink.cpp @@ -332,15 +332,10 @@ nsContentSink::ProcessHeaderData(nsIAtom* aHeader, const nsAString& aValue, // We use the original codebase in case the codebase was changed // by SetDomain - nsIPrincipal *docPrincipal = mDocument->GetNodePrincipal(); - if (!docPrincipal) { - return NS_ERROR_FAILURE; - } - // Note that a non-codebase principal (eg the system principal) will return // a null URI. nsCOMPtr codebaseURI; - rv = docPrincipal->GetURI(getter_AddRefs(codebaseURI)); + rv = mDocument->NodePrincipal()->GetURI(getter_AddRefs(codebaseURI)); NS_ENSURE_TRUE(codebaseURI, rv); nsCOMPtr prompt; diff --git a/content/base/src/nsContentUtils.cpp b/content/base/src/nsContentUtils.cpp index cd7f81dbbe12..36fc62f1d31c 100644 --- a/content/base/src/nsContentUtils.cpp +++ b/content/base/src/nsContentUtils.cpp @@ -705,11 +705,8 @@ nsContentUtils::CheckSameOrigin(nsIDOMNode *aTrustedNode, // Make sure these are both real nodes NS_ENSURE_TRUE(trustedNode && unTrustedNode, NS_ERROR_UNEXPECTED); - nsIPrincipal* trustedPrincipal = trustedNode->GetNodePrincipal(); - nsIPrincipal* unTrustedPrincipal = unTrustedNode->GetNodePrincipal(); - - // Make sure we have both principals - NS_ENSURE_TRUE(trustedPrincipal && unTrustedPrincipal, NS_ERROR_UNEXPECTED); + nsIPrincipal* trustedPrincipal = trustedNode->NodePrincipal(); + nsIPrincipal* unTrustedPrincipal = unTrustedNode->NodePrincipal(); if (trustedPrincipal == unTrustedPrincipal) { return NS_OK; @@ -747,15 +744,8 @@ nsContentUtils::CanCallerAccess(nsIDOMNode *aNode) nsCOMPtr node = do_QueryInterface(aNode); NS_ENSURE_TRUE(node, PR_FALSE); - nsIPrincipal* principal = node->GetNodePrincipal(); - - if (!principal) { - // We can't get hold of the principal for this node. No access allowed. - return PR_FALSE; - } - - nsresult rv = sSecurityManager->CheckSameOriginPrincipal(subjectPrincipal, - principal); + nsresult rv = sSecurityManager-> + CheckSameOriginPrincipal(subjectPrincipal, node->NodePrincipal()); if (NS_SUCCEEDED(rv)) { return PR_TRUE; } @@ -2004,7 +1994,7 @@ nsContentUtils::CanLoadImage(nsIURI* aURI, nsISupports* aContext, // Editor apps get special treatment here, editors can load images // from anywhere. rv = sSecurityManager-> - CheckLoadURIWithPrincipal(aLoadingDocument->GetNodePrincipal(), aURI, + CheckLoadURIWithPrincipal(aLoadingDocument->NodePrincipal(), aURI, nsIScriptSecurityManager::ALLOW_CHROME); if (NS_FAILED(rv)) { if (aImageBlockingStatus) { @@ -2532,15 +2522,14 @@ nsContentUtils::GetFormControlElements(nsIDocument *aDocument) PRBool nsContentUtils::IsChromeDoc(nsIDocument *aDocument) { - nsIPrincipal *principal; - if (!aDocument || !(principal = aDocument->GetNodePrincipal())) { + if (!aDocument) { return PR_FALSE; } - + nsCOMPtr systemPrincipal; sSecurityManager->GetSystemPrincipal(getter_AddRefs(systemPrincipal)); - return principal == systemPrincipal; + return aDocument->NodePrincipal() == systemPrincipal; } void diff --git a/content/base/src/nsDOMSerializer.cpp b/content/base/src/nsDOMSerializer.cpp index 7e1efbad7cf3..37a09e1207ef 100644 --- a/content/base/src/nsDOMSerializer.cpp +++ b/content/base/src/nsDOMSerializer.cpp @@ -142,37 +142,32 @@ CheckSameOrigin(nsIDOMNode *aRoot) return NS_ERROR_INVALID_POINTER; } - - nsIPrincipal *principal = node->GetNodePrincipal(); + nsresult rv; + nsCOMPtr secMan = + do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); + NS_ENSURE_SUCCESS(rv, rv); - if (principal) { - nsresult rv; - nsCOMPtr secMan = - do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); - NS_ENSURE_SUCCESS(rv, rv); + PRBool ubrEnabled = PR_FALSE; + rv = secMan->IsCapabilityEnabled("UniversalBrowserRead", &ubrEnabled); + NS_ENSURE_SUCCESS(rv, rv); - PRBool ubrEnabled = PR_FALSE; - rv = secMan->IsCapabilityEnabled("UniversalBrowserRead", &ubrEnabled); - NS_ENSURE_SUCCESS(rv, rv); + if (ubrEnabled) { + // UniversalBrowserRead is enabled (or we're not called from + // script), permit access. + return NS_OK; + } - if (ubrEnabled) { - // UniversalBrowserRead is enabled (or we're not called from - // script), permit access. - return NS_OK; - } + nsCOMPtr subject; + rv = secMan->GetSubjectPrincipal(getter_AddRefs(subject)); + NS_ENSURE_SUCCESS(rv, rv); - nsCOMPtr subject; - rv = secMan->GetSubjectPrincipal(getter_AddRefs(subject)); - NS_ENSURE_SUCCESS(rv, rv); - - // XXXbz can we happen to not have a subject principal here? - // nsScriptSecurityManager::IsCapabilityEnabled doesn't actually use - // GetSubjectPrincipal, so not sure... - // In any case, no subject principal means access is allowed. - if (subject) { - // Check if the caller is from the same origin that the root is from. - return secMan->CheckSameOriginPrincipal(subject, principal); - } + // XXXbz can we happen to not have a subject principal here? + // nsScriptSecurityManager::IsCapabilityEnabled doesn't actually use + // GetSubjectPrincipal, so not sure... + // In any case, no subject principal means access is allowed. + if (subject) { + // Check if the caller is from the same origin that the root is from. + return secMan->CheckSameOriginPrincipal(subject, node->NodePrincipal()); } return NS_OK; diff --git a/content/base/src/nsDocument.cpp b/content/base/src/nsDocument.cpp index d488690ac71d..8826d28463d5 100644 --- a/content/base/src/nsDocument.cpp +++ b/content/base/src/nsDocument.cpp @@ -1246,7 +1246,7 @@ nsDocument::GetLastModified(nsAString& aLastModified) nsIPrincipal* nsDocument::GetPrincipal() { - return GetNodePrincipal(); + return NodePrincipal(); } void @@ -1286,13 +1286,8 @@ nsDocument::SetBaseURI(nsIURI* aURI) nsresult rv = NS_OK; if (aURI) { - nsIPrincipal* principal = GetNodePrincipal(); - NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE); - - nsIScriptSecurityManager* securityManager = - nsContentUtils::GetSecurityManager(); - rv = securityManager-> - CheckLoadURIWithPrincipal(principal, aURI, + rv = nsContentUtils::GetSecurityManager()-> + CheckLoadURIWithPrincipal(NodePrincipal(), aURI, nsIScriptSecurityManager::STANDARD); if (NS_SUCCEEDED(rv)) { mDocumentBaseURI = aURI; @@ -2498,7 +2493,7 @@ nsDocument::GetImplementation(nsIDOMDOMImplementation** aImplementation) NS_NewURI(getter_AddRefs(uri), "about:blank"); NS_ENSURE_TRUE(uri, NS_ERROR_OUT_OF_MEMORY); - *aImplementation = new nsDOMImplementation(uri, uri, GetNodePrincipal()); + *aImplementation = new nsDOMImplementation(uri, uri, NodePrincipal()); if (!*aImplementation) { return NS_ERROR_OUT_OF_MEMORY; } @@ -4462,9 +4457,6 @@ nsDocument::IsScriptEnabled() nsCOMPtr sm(do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID)); NS_ENSURE_TRUE(sm, PR_TRUE); - nsIPrincipal* principal = GetNodePrincipal(); - NS_ENSURE_TRUE(principal, PR_TRUE); - nsIScriptGlobalObject* globalObject = GetScriptGlobalObject(); NS_ENSURE_TRUE(globalObject, PR_TRUE); @@ -4475,7 +4467,7 @@ nsDocument::IsScriptEnabled() NS_ENSURE_TRUE(cx, PR_TRUE); PRBool enabled; - nsresult rv = sm->CanExecuteScripts(cx, principal, &enabled); + nsresult rv = sm->CanExecuteScripts(cx, NodePrincipal(), &enabled); NS_ENSURE_SUCCESS(rv, PR_TRUE); return enabled; } diff --git a/content/base/src/nsFrameLoader.cpp b/content/base/src/nsFrameLoader.cpp index 4f550661f24b..6bab16b97779 100644 --- a/content/base/src/nsFrameLoader.cpp +++ b/content/base/src/nsFrameLoader.cpp @@ -164,14 +164,10 @@ nsFrameLoader::LoadURI(nsIURI* aURI) nsIScriptSecurityManager *secMan = nsContentUtils::GetSecurityManager(); // Get our principal - nsIPrincipal* principal = mOwnerContent->GetNodePrincipal(); - NS_ASSERTION(principal == doc->GetNodePrincipal(), + nsIPrincipal* principal = mOwnerContent->NodePrincipal(); + NS_ASSERTION(principal == doc->NodePrincipal(), "Principal mismatch. Should not happen"); - if (!principal) { - return NS_ERROR_FAILURE; - } - // Check if we are allowed to load absURL rv = secMan->CheckLoadURIWithPrincipal(principal, aURI, nsIScriptSecurityManager::STANDARD); diff --git a/content/base/src/nsGenericElement.cpp b/content/base/src/nsGenericElement.cpp index 93e46d72e290..23e6317cb735 100644 --- a/content/base/src/nsGenericElement.cpp +++ b/content/base/src/nsGenericElement.cpp @@ -2115,7 +2115,7 @@ nsGenericElement::GetBaseURI() const if (NS_SUCCEEDED(rv)) { // do a security check, almost the same as nsDocument::SetBaseURL() rv = nsContentUtils::GetSecurityManager()-> - CheckLoadURIWithPrincipal(GetNodePrincipal(), ourBase, + CheckLoadURIWithPrincipal(NodePrincipal(), ourBase, nsIScriptSecurityManager::STANDARD); } @@ -3168,11 +3168,6 @@ nsGenericElement::TriggerLink(nsPresContext* aPresContext, nsILinkHandler *handler = aPresContext->GetLinkHandler(); if (!handler) return NS_OK; - nsIPrincipal* principal = GetNodePrincipal(); - if (!principal) { - return NS_OK; - } - if (aClick) { nsresult proceed = NS_OK; // Check that this page is allowed to load this URI. @@ -3183,7 +3178,8 @@ nsGenericElement::TriggerLink(nsPresContext* aPresContext, (PRUint32) nsIScriptSecurityManager::STANDARD : (PRUint32) nsIScriptSecurityManager::DISALLOW_FROM_MAIL; proceed = - securityManager->CheckLoadURIWithPrincipal(principal, aLinkURI, flag); + securityManager->CheckLoadURIWithPrincipal(NodePrincipal(), aLinkURI, + flag); } // Only pass off the click event if the script security manager diff --git a/content/base/src/nsNodeInfo.h b/content/base/src/nsNodeInfo.h index b4cad1765220..23fc81872c7f 100644 --- a/content/base/src/nsNodeInfo.h +++ b/content/base/src/nsNodeInfo.h @@ -69,11 +69,6 @@ public: virtual PRBool QualifiedNameEqualsInternal(const nsACString& aQualifiedName) const; - nsIPrincipal *GetDocumentPrincipal() const - { - return mOwnerManager->GetDocumentPrincipal(); - } - // nsNodeInfo // Create objects with Create public: diff --git a/content/base/src/nsNodeInfoManager.cpp b/content/base/src/nsNodeInfoManager.cpp index b9275e16fb20..987601e00a50 100644 --- a/content/base/src/nsNodeInfoManager.cpp +++ b/content/base/src/nsNodeInfoManager.cpp @@ -313,6 +313,9 @@ nsNodeInfoManager::SetDocumentPrincipal(nsIPrincipal *aPrincipal) if (!aPrincipal) { aPrincipal = mDefaultPrincipal; } + + NS_ASSERTION(aPrincipal, "Must have principal by this point!"); + NS_ADDREF(mPrincipal = aPrincipal); } diff --git a/content/base/src/nsNodeInfoManager.h b/content/base/src/nsNodeInfoManager.h index b1160e268a2e..64c464a38065 100644 --- a/content/base/src/nsNodeInfoManager.h +++ b/content/base/src/nsNodeInfoManager.h @@ -116,7 +116,8 @@ public: /** * Gets the principal of the document this nodeinfo manager belongs to. */ - nsIPrincipal *GetDocumentPrincipal() const { + nsIPrincipal *DocumentPrincipal() const { + NS_ASSERTION(mPrincipal, "How'd that happen?"); return mPrincipal; } @@ -151,7 +152,7 @@ private: PLHashTable *mNodeInfoHash; nsIDocument *mDocument; // WEAK nsIPrincipal *mPrincipal; // STRONG, but not nsCOMPtr to avoid include hell - // while inlining of GetPrincipal(). Never null + // while inlining DocumentPrincipal(). Never null // after Init() succeeds. nsCOMPtr mDefaultPrincipal; // Never null after Init() succeeds nsINodeInfo *mTextNodeInfo; // WEAK to avoid circular ownership diff --git a/content/base/src/nsObjectLoadingContent.cpp b/content/base/src/nsObjectLoadingContent.cpp index 666862ef32e0..a2b0b718f6d7 100644 --- a/content/base/src/nsObjectLoadingContent.cpp +++ b/content/base/src/nsObjectLoadingContent.cpp @@ -825,8 +825,7 @@ nsObjectLoadingContent::LoadObject(nsIURI* aURI, nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); NS_ASSERTION(secMan, "No security manager!?"); nsresult rv = - secMan->CheckLoadURIWithPrincipal(thisContent->GetNodePrincipal(), - aURI, 0); + secMan->CheckLoadURIWithPrincipal(thisContent->NodePrincipal(), aURI, 0); if (NS_FAILED(rv)) { Fallback(PR_FALSE); return NS_OK; diff --git a/content/base/src/nsScriptLoader.cpp b/content/base/src/nsScriptLoader.cpp index 24c1ed514dcf..4d50da0fdb63 100644 --- a/content/base/src/nsScriptLoader.cpp +++ b/content/base/src/nsScriptLoader.cpp @@ -512,10 +512,8 @@ nsScriptLoader::DoProcessScriptElement(nsIScriptElement *aElement, nsCOMPtr scriptURI = aElement->GetScriptURI(); if (scriptURI) { // Check that the containing page is allowed to load this URI. - nsIPrincipal *docPrincipal = mDocument->GetNodePrincipal(); - NS_ENSURE_TRUE(docPrincipal, NS_ERROR_UNEXPECTED); rv = nsContentUtils::GetSecurityManager()-> - CheckLoadURIWithPrincipal(docPrincipal, scriptURI, + CheckLoadURIWithPrincipal(mDocument->NodePrincipal(), scriptURI, nsIScriptSecurityManager::ALLOW_CHROME); NS_ENSURE_SUCCESS(rv, rv); @@ -727,11 +725,6 @@ nsScriptLoader::EvaluateScript(nsScriptLoadRequest* aRequest, return NS_ERROR_FAILURE; } - nsIPrincipal *principal = mDocument->GetNodePrincipal(); - // We can survive without a principal, but we really should - // have one. - NS_ASSERTION(principal, "principal required for document"); - nsCAutoString url; if (aRequest->mURI) { @@ -760,8 +753,9 @@ nsScriptLoader::EvaluateScript(nsScriptLoadRequest* aRequest, PRBool isUndefined; context->EvaluateString(aScript, globalObject->GetGlobalJSObject(), - principal, url.get(), aRequest->mLineNo, - aRequest->mJSVersion, nsnull, &isUndefined); + mDocument->NodePrincipal(), url.get(), + aRequest->mLineNo, aRequest->mJSVersion, nsnull, + &isUndefined); // Put the old script back in case it wants to do anything else. mCurrentScript = oldCurrent; @@ -1000,18 +994,10 @@ nsScriptLoader::OnStreamComplete(nsIStreamLoader* aLoader, nsCOMPtr principal = do_QueryInterface(owner); if (principal) { - nsIPrincipal *docPrincipal = mDocument->GetNodePrincipal(); - if (docPrincipal) { - nsCOMPtr newPrincipal = - MaybeDowngradeToCodebase(docPrincipal, principal); + nsCOMPtr newPrincipal = + MaybeDowngradeToCodebase(mDocument->NodePrincipal(), principal); - mDocument->SetPrincipal(newPrincipal); - } else { - mPendingRequests.RemoveObject(request); - FireScriptAvailable(rv, request, EmptyString()); - ProcessPendingReqests(); - return NS_OK; - } + mDocument->SetPrincipal(newPrincipal); } } } diff --git a/content/base/src/nsXMLHttpRequest.cpp b/content/base/src/nsXMLHttpRequest.cpp index 7c14f96d5c3c..c44db7b4fd19 100644 --- a/content/base/src/nsXMLHttpRequest.cpp +++ b/content/base/src/nsXMLHttpRequest.cpp @@ -1244,7 +1244,7 @@ nsXMLHttpRequest::OnStartRequest(nsIRequest *request, nsISupports *ctxt) nsIURI* uri = GetBaseURI(); nsIPrincipal* principal = nsnull; if (doc) { - principal = doc->GetNodePrincipal(); + principal = doc->NodePrincipal(); } privImpl->Init(uri, uri, principal); } diff --git a/content/canvas/src/nsCanvasRenderingContext2D.cpp b/content/canvas/src/nsCanvasRenderingContext2D.cpp index 94ec712b46d6..e261ad8f0993 100644 --- a/content/canvas/src/nsCanvasRenderingContext2D.cpp +++ b/content/canvas/src/nsCanvasRenderingContext2D.cpp @@ -581,12 +581,11 @@ nsCanvasRenderingContext2D::DoDrawImageSecurityCheck(nsIURI* aURI, PRBool forceW nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager(); nsCOMPtr elem = do_QueryInterface(mCanvasElement); if (elem && ssm) { - nsIPrincipal* elemPrincipal = elem->GetNodePrincipal(); nsCOMPtr uriPrincipal; ssm->GetCodebasePrincipal(aURI, getter_AddRefs(uriPrincipal)); - if (uriPrincipal && elemPrincipal) { - nsresult rv = - ssm->CheckSameOriginPrincipal(elemPrincipal, uriPrincipal); + if (uriPrincipal) { + nsresult rv = ssm->CheckSameOriginPrincipal(elem->NodePrincipal(), + uriPrincipal); if (NS_SUCCEEDED(rv)) { // Same origin return; diff --git a/content/html/content/src/nsHTMLFormElement.cpp b/content/html/content/src/nsHTMLFormElement.cpp index 657c98f03cb1..c5a7c173fd82 100644 --- a/content/html/content/src/nsHTMLFormElement.cpp +++ b/content/html/content/src/nsHTMLFormElement.cpp @@ -1400,7 +1400,7 @@ nsHTMLFormElement::GetActionURL(nsIURI** aActionURL) nsIScriptSecurityManager *securityManager = nsContentUtils::GetSecurityManager(); rv = securityManager-> - CheckLoadURIWithPrincipal(GetNodePrincipal(), actionURL, + CheckLoadURIWithPrincipal(NodePrincipal(), actionURL, nsIScriptSecurityManager::STANDARD); NS_ENSURE_SUCCESS(rv, rv); diff --git a/content/html/document/src/nsHTMLContentSink.cpp b/content/html/document/src/nsHTMLContentSink.cpp index e047d330e82c..5050157bd210 100644 --- a/content/html/document/src/nsHTMLContentSink.cpp +++ b/content/html/document/src/nsHTMLContentSink.cpp @@ -1996,9 +1996,6 @@ IsScriptEnabled(nsIDocument *aDoc, nsIDocShell *aContainer) { NS_ENSURE_TRUE(aDoc && aContainer, PR_TRUE); - nsIPrincipal *principal = aDoc->GetNodePrincipal(); - NS_ENSURE_TRUE(principal, PR_TRUE); - nsCOMPtr globalObject = aDoc->GetScriptGlobalObject(); // Getting context is tricky if the document hasn't had it's @@ -2018,8 +2015,8 @@ IsScriptEnabled(nsIDocument *aDoc, nsIDocShell *aContainer) NS_ENSURE_TRUE(cx, PR_TRUE); PRBool enabled = PR_TRUE; - nsContentUtils::GetSecurityManager()->CanExecuteScripts(cx, principal, - &enabled); + nsContentUtils::GetSecurityManager()-> + CanExecuteScripts(cx, aDoc->NodePrincipal(), &enabled); return enabled; } @@ -3612,7 +3609,7 @@ HTMLContentSink::ProcessBASEElement(nsGenericHTMLElement* aElement) nsContentUtils::GetSecurityManager(); rv = securityManager-> - CheckLoadURIWithPrincipal(mDocument->GetNodePrincipal(), baseHrefURI, + CheckLoadURIWithPrincipal(mDocument->NodePrincipal(), baseHrefURI, nsIScriptSecurityManager::STANDARD); if (NS_SUCCEEDED(rv)) { mBaseHref = baseHrefURI; diff --git a/content/html/document/src/nsHTMLDocument.cpp b/content/html/document/src/nsHTMLDocument.cpp index ca7dca46d4ef..2bc76a41d476 100644 --- a/content/html/document/src/nsHTMLDocument.cpp +++ b/content/html/document/src/nsHTMLDocument.cpp @@ -1547,11 +1547,7 @@ nsHTMLDocument::GetReferrer(nsAString& aReferrer) void nsHTMLDocument::GetDomainURI(nsIURI **aURI) { - *aURI = nsnull; - - nsIPrincipal *principal = GetNodePrincipal(); - if (!principal) - return; + nsIPrincipal *principal = NodePrincipal(); principal->GetDomain(aURI); if (!*aURI) { @@ -1632,15 +1628,11 @@ nsHTMLDocument::SetDomain(const nsAString& aDomain) if (NS_FAILED(NS_NewURI(getter_AddRefs(newURI), newURIString))) return NS_ERROR_FAILURE; - nsresult rv = NS_ERROR_NOT_AVAILABLE; - nsIPrincipal* principal = GetNodePrincipal(); - if (principal) { - rv = principal->SetDomain(newURI); + nsresult rv = NodePrincipal()->SetDomain(newURI); - // Bug 13871: Frameset spoofing - note that document.domain was set - if (NS_SUCCEEDED(rv)) { - mDomainWasSet = PR_TRUE; - } + // Bug 13871: Frameset spoofing - note that document.domain was set + if (NS_SUCCEEDED(rv)) { + mDomainWasSet = PR_TRUE; } return rv; @@ -1862,10 +1854,7 @@ nsHTMLDocument::GetCookie(nsAString& aCookie) // Get a URI from the document principal. We use the original // codebase in case the codebase was changed by SetDomain nsCOMPtr codebaseURI; - nsIPrincipal* principal = GetNodePrincipal(); - if (principal) { - principal->GetURI(getter_AddRefs(codebaseURI)); - } + NodePrincipal()->GetURI(getter_AddRefs(codebaseURI)); if (!codebaseURI) { // Document's principal is not a codebase (may be system), so @@ -1895,10 +1884,7 @@ nsHTMLDocument::SetCookie(const nsAString& aCookie) } nsCOMPtr codebaseURI; - nsIPrincipal* principal = GetNodePrincipal(); - if (principal) { - principal->GetURI(getter_AddRefs(codebaseURI)); - } + NodePrincipal()->GetURI(getter_AddRefs(codebaseURI)); if (!codebaseURI) { // Document's principal is not a codebase (may be system), so @@ -3660,17 +3646,12 @@ nsHTMLDocument::SetDesignMode(const nsAString & aDesignMode) return NS_ERROR_FAILURE; nsresult rv = NS_OK; - // test if the above works if document.domain is set for Midas document - // (www.netscape.com --> netscape.com) - nsIPrincipal *principal = GetNodePrincipal(); - if (!principal) - return NS_ERROR_FAILURE; nsCOMPtr subject; nsIScriptSecurityManager *secMan = nsContentUtils::GetSecurityManager(); rv = secMan->GetSubjectPrincipal(getter_AddRefs(subject)); NS_ENSURE_SUCCESS(rv, rv); if (subject) { - rv = secMan->CheckSameOriginPrincipal(subject, principal); + rv = secMan->CheckSameOriginPrincipal(subject, NodePrincipal()); NS_ENSURE_SUCCESS(rv, rv); } diff --git a/content/html/document/src/nsHTMLFragmentContentSink.cpp b/content/html/document/src/nsHTMLFragmentContentSink.cpp index e79cfbea1746..99dec369345c 100644 --- a/content/html/document/src/nsHTMLFragmentContentSink.cpp +++ b/content/html/document/src/nsHTMLFragmentContentSink.cpp @@ -312,11 +312,11 @@ nsHTMLFragmentContentSink::ProcessBaseTag(nsIContent* aContent) nsIScriptSecurityManager *securityManager = nsContentUtils::GetSecurityManager(); - NS_ASSERTION(aContent->GetNodePrincipal() == mTargetDocument->GetNodePrincipal(), + NS_ASSERTION(aContent->NodePrincipal() == mTargetDocument->NodePrincipal(), "How'd that happpen?"); rv = securityManager-> - CheckLoadURIWithPrincipal(mTargetDocument->GetNodePrincipal(), baseHrefURI, + CheckLoadURIWithPrincipal(mTargetDocument->NodePrincipal(), baseHrefURI, nsIScriptSecurityManager::STANDARD); if (NS_SUCCEEDED(rv)) { mBaseHref = baseHrefURI; diff --git a/content/xbl/src/nsXBLBinding.cpp b/content/xbl/src/nsXBLBinding.cpp index f5763b5e84fb..e6a0657c0f01 100644 --- a/content/xbl/src/nsXBLBinding.cpp +++ b/content/xbl/src/nsXBLBinding.cpp @@ -1220,13 +1220,9 @@ nsXBLBinding::AllowScripts() nsCOMPtr ourDocument; mPrototypeBinding->XBLDocumentInfo()->GetDocument(getter_AddRefs(ourDocument)); - nsIPrincipal* principal = ourDocument->GetNodePrincipal(); - if (!principal) { - return PR_FALSE; - } - PRBool canExecute; - nsresult rv = mgr->CanExecuteScripts(cx, principal, &canExecute); + nsresult rv = + mgr->CanExecuteScripts(cx, ourDocument->NodePrincipal(), &canExecute); return NS_SUCCEEDED(rv) && canExecute; } diff --git a/content/xbl/src/nsXBLContentSink.cpp b/content/xbl/src/nsXBLContentSink.cpp index dbcdf722dd2d..937ab0096173 100644 --- a/content/xbl/src/nsXBLContentSink.cpp +++ b/content/xbl/src/nsXBLContentSink.cpp @@ -725,20 +725,17 @@ nsXBLContentSink::ConstructImplementation(const PRUnichar **aAtts) // our XBL document has UniversalXPConnect privileges. No principal // means no privs! - nsIPrincipal* principal = mDocument->GetNodePrincipal(); - if (principal) { - // XXX this api is so badly tied to JS it's not even funny. We don't - // have a concept of enabling capabilities on a per-principal basis, - // but only on a per-principal-and-JS-stackframe basis! So for now - // this is basically equivalent to testing that we have the system - // principal, since there is no JS stackframe in sight here... - PRBool hasUniversalXPConnect; - nsresult rv = principal->IsCapabilityEnabled("UniversalXPConnect", - nsnull, - &hasUniversalXPConnect); - if (NS_SUCCEEDED(rv) && hasUniversalXPConnect) { - mBinding->ConstructInterfaceTable(nsDependentString(aAtts[1])); - } + // XXX this api is so badly tied to JS it's not even funny. We don't + // have a concept of enabling capabilities on a per-principal basis, + // but only on a per-principal-and-JS-stackframe basis! So for now + // this is basically equivalent to testing that we have the system + // principal, since there is no JS stackframe in sight here... + PRBool hasUniversalXPConnect; + nsresult rv = mDocument->NodePrincipal()-> + IsCapabilityEnabled("UniversalXPConnect", nsnull, + &hasUniversalXPConnect); + if (NS_SUCCEEDED(rv) && hasUniversalXPConnect) { + mBinding->ConstructInterfaceTable(nsDependentString(aAtts[1])); } } } diff --git a/content/xbl/src/nsXBLDocumentInfo.cpp b/content/xbl/src/nsXBLDocumentInfo.cpp index e68890583439..616aa3ccb99f 100644 --- a/content/xbl/src/nsXBLDocumentInfo.cpp +++ b/content/xbl/src/nsXBLDocumentInfo.cpp @@ -343,7 +343,7 @@ nsXBLDocGlobalObject::GetPrincipal() rv = docInfo->GetDocument(getter_AddRefs(document)); NS_ENSURE_SUCCESS(rv, nsnull); - return document->GetNodePrincipal(); + return document->NodePrincipal(); } static PRBool IsChromeURI(nsIURI* aURI) diff --git a/content/xbl/src/nsXBLService.cpp b/content/xbl/src/nsXBLService.cpp index 64ea37bd6c06..a0ed54bbba1b 100644 --- a/content/xbl/src/nsXBLService.cpp +++ b/content/xbl/src/nsXBLService.cpp @@ -543,10 +543,8 @@ nsXBLService::LoadBindings(nsIContent* aContent, nsIURI* aURL, PRBool aAugmentFl // Not everything with a chrome URI has a system principal. See bug 160042. if (NS_FAILED(rv) || !isChrome) { - nsIScriptSecurityManager *secMan = nsContentUtils::GetSecurityManager(); - - rv = secMan-> - CheckLoadURIWithPrincipal(document->GetNodePrincipal(), aURL, + rv = nsContentUtils::GetSecurityManager()-> + CheckLoadURIWithPrincipal(document->NodePrincipal(), aURL, nsIScriptSecurityManager::ALLOW_CHROME); if (NS_FAILED(rv)) return rv; diff --git a/content/xml/document/src/nsXMLContentSink.cpp b/content/xml/document/src/nsXMLContentSink.cpp index 2fbfef91af84..c077f5e4be5a 100644 --- a/content/xml/document/src/nsXMLContentSink.cpp +++ b/content/xml/document/src/nsXMLContentSink.cpp @@ -600,7 +600,7 @@ nsXMLContentSink::LoadXSLStyleSheet(nsIURI* aUrl) } return mXSLTProcessor->LoadStyleSheet(aUrl, loadGroup, - mDocument->GetNodePrincipal()); + mDocument->NodePrincipal()); } nsresult @@ -639,7 +639,7 @@ nsXMLContentSink::ProcessStyleLink(nsIContent* aElement, // Do security check nsIScriptSecurityManager *secMan = nsContentUtils::GetSecurityManager(); rv = secMan-> - CheckLoadURIWithPrincipal(mDocument->GetNodePrincipal(), url, + CheckLoadURIWithPrincipal(mDocument->NodePrincipal(), url, nsIScriptSecurityManager::ALLOW_CHROME); NS_ENSURE_SUCCESS(rv, NS_OK); diff --git a/content/xml/document/src/nsXMLDocument.cpp b/content/xml/document/src/nsXMLDocument.cpp index 6bb4ed9f7977..832a1b46bc59 100644 --- a/content/xml/document/src/nsXMLDocument.cpp +++ b/content/xml/document/src/nsXMLDocument.cpp @@ -427,7 +427,7 @@ nsXMLDocument::Load(const nsAString& aUrl, PRBool *aReturn) // remain. This should be done before the security check is done to // ensure that the document is reset even if the new document can't // be loaded. - nsCOMPtr principal = GetNodePrincipal(); + nsCOMPtr principal = NodePrincipal(); nsCOMPtr elm(mListenerManager); ResetToURI(uri, nsnull); @@ -706,7 +706,7 @@ nsXMLDocument::CloneNode(PRBool aDeep, nsIDOMNode** aReturn) // Create an empty document rv = NS_NewDOMDocument(getter_AddRefs(newDoc), EmptyString(), EmptyString(), newDocType, nsIDocument::GetDocumentURI(), - nsIDocument::GetBaseURI(), GetNodePrincipal()); + nsIDocument::GetBaseURI(), NodePrincipal()); if (NS_FAILED(rv)) return rv; if (aDeep) { diff --git a/content/xslt/src/base/txURIUtils.cpp b/content/xslt/src/base/txURIUtils.cpp index d0171ae2beca..afd84a9ff280 100644 --- a/content/xslt/src/base/txURIUtils.cpp +++ b/content/xslt/src/base/txURIUtils.cpp @@ -221,10 +221,7 @@ URIUtils::ResetWithSource(nsIDocument *aNewDoc, nsIDOMNode *aSourceNode) return; } - nsIPrincipal* sourcePrincipal = sourceDoc->GetNodePrincipal(); - if (!sourcePrincipal) { - return; - } + nsIPrincipal* sourcePrincipal = sourceDoc->NodePrincipal(); // Copy the channel and loadgroup from the source document. nsCOMPtr loadGroup = sourceDoc->GetDocumentLoadGroup(); diff --git a/content/xslt/src/xslt/txMozillaTextOutput.cpp b/content/xslt/src/xslt/txMozillaTextOutput.cpp index d636cdac33c7..bd30c32f910e 100644 --- a/content/xslt/src/xslt/txMozillaTextOutput.cpp +++ b/content/xslt/src/xslt/txMozillaTextOutput.cpp @@ -174,10 +174,7 @@ void txMozillaTextOutput::createResultDocument(nsIDOMDocument* aSourceDocument, // Reset and set up document nsCOMPtr sourceDoc = do_QueryInterface(aSourceDocument); - nsIPrincipal* sourcePrincipal = sourceDoc->GetNodePrincipal(); - if (!sourcePrincipal) { - return; - } + nsIPrincipal* sourcePrincipal = sourceDoc->NodePrincipal(); nsCOMPtr loadGroup = sourceDoc->GetDocumentLoadGroup(); nsCOMPtr channel = sourceDoc->GetChannel(); diff --git a/content/xul/content/src/nsXULElement.cpp b/content/xul/content/src/nsXULElement.cpp index a2d57a727a2b..ce228c0bdf91 100644 --- a/content/xul/content/src/nsXULElement.cpp +++ b/content/xul/content/src/nsXULElement.cpp @@ -3080,12 +3080,6 @@ nsXULPrototypeScript::Compile(const PRUnichar* aText, return NS_ERROR_UNEXPECTED; } - // Use the enclosing document's principal - // XXX is this right? or should we use the protodoc's? - nsIPrincipal *principal = aDocument->GetNodePrincipal(); - if (!principal) - return NS_ERROR_FAILURE; - nsCAutoString urlspec; aURI->GetSpec(urlspec); @@ -3110,7 +3104,10 @@ nsXULPrototypeScript::Compile(const PRUnichar* aText, rv = context->CompileScript(aText, aTextLength, nsnull, - principal, + // Use the enclosing document's principal + // XXX is this right? or should we use the + // protodoc's? + aDocument->NodePrincipal(), urlspec.get(), aLineNo, mLangVersion, diff --git a/content/xul/content/src/nsXULPopupListener.cpp b/content/xul/content/src/nsXULPopupListener.cpp index 09390d80e5af..6f7b2d1b194e 100644 --- a/content/xul/content/src/nsXULPopupListener.cpp +++ b/content/xul/content/src/nsXULPopupListener.cpp @@ -240,14 +240,10 @@ XULPopupListenerImpl::PreLaunchPopup(nsIDOMEvent* aMouseEvent) // contextmenus. nsCOMPtr node = do_QueryInterface(targetNode); if (node) { - nsIPrincipal* prin = node->GetNodePrincipal(); - - nsIScriptSecurityManager *securityManager = - nsContentUtils::GetSecurityManager(); - nsCOMPtr system; - securityManager->GetSystemPrincipal(getter_AddRefs(system)); - if (prin != system) { + nsContentUtils::GetSecurityManager()-> + GetSystemPrincipal(getter_AddRefs(system)); + if (node->NodePrincipal() != system) { // This isn't chrome. Cancel the preventDefault() and // let the event go forth. preventDefault = PR_FALSE; diff --git a/content/xul/document/src/nsXULContentSink.cpp b/content/xul/document/src/nsXULContentSink.cpp index e9ee684b53b0..8e3f0c17fc59 100644 --- a/content/xul/document/src/nsXULContentSink.cpp +++ b/content/xul/document/src/nsXULContentSink.cpp @@ -1259,7 +1259,7 @@ XULContentSinkImpl::OpenScript(const PRUnichar** aAttributes, if (NS_SUCCEEDED(rv)) { rv = mSecMan-> - CheckLoadURIWithPrincipal(doc->GetNodePrincipal(), + CheckLoadURIWithPrincipal(doc->NodePrincipal(), script->mSrcURI, nsIScriptSecurityManager::ALLOW_CHROME); } diff --git a/content/xul/templates/src/nsXULTemplateBuilder.cpp b/content/xul/templates/src/nsXULTemplateBuilder.cpp index 1c9b7db2434f..e118a9f883e7 100644 --- a/content/xul/templates/src/nsXULTemplateBuilder.cpp +++ b/content/xul/templates/src/nsXULTemplateBuilder.cpp @@ -972,11 +972,9 @@ nsXULTemplateBuilder::LoadDataSources(nsIDocument* doc) mCompDB->SetAllowNegativeAssertions(PR_FALSE); // Grab the doc's principal... - nsIPrincipal *docPrincipal = doc->GetNodePrincipal(); - if (!docPrincipal) - return NS_ERROR_FAILURE; + nsIPrincipal *docPrincipal = doc->NodePrincipal(); - NS_ASSERTION(docPrincipal == mRoot->GetNodePrincipal(), + NS_ASSERTION(docPrincipal == mRoot->NodePrincipal(), "Principal mismatch? Which one to use?"); PRBool isTrusted = PR_FALSE; diff --git a/content/xul/templates/src/nsXULTreeBuilder.cpp b/content/xul/templates/src/nsXULTreeBuilder.cpp index 1c69a15fa66e..6300572ab91b 100644 --- a/content/xul/templates/src/nsXULTreeBuilder.cpp +++ b/content/xul/templates/src/nsXULTreeBuilder.cpp @@ -808,13 +808,9 @@ nsXULTreeBuilder::SetTree(nsITreeBoxObject* aTree) if (! mBoxObject) return NS_OK; - // Get our root's principal - nsIPrincipal* rootPrincipal = mRoot->GetNodePrincipal(); - if (!rootPrincipal) - return NS_ERROR_FAILURE; - + // Is our root's principal trusted? PRBool isTrusted = PR_FALSE; - nsresult rv = IsSystemPrincipal(rootPrincipal, &isTrusted); + nsresult rv = IsSystemPrincipal(mRoot->NodePrincipal(), &isTrusted); if (NS_SUCCEEDED(rv) && isTrusted) { // Get the datasource we intend to use to remember open state. nsAutoString datasourceStr; diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 93053b889d98..ce87388cb674 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -1087,11 +1087,9 @@ nsDocShell::ValidateOrigin(nsIDocShellTreeItem* aOriginTreeItem, nsCOMPtr targetDocument(do_QueryInterface(targetDOMDocument)); NS_ENSURE_TRUE(targetDocument, PR_TRUE); - nsIPrincipal *targetPrincipal = targetDocument->GetNodePrincipal(); - NS_ENSURE_TRUE(targetPrincipal, PR_TRUE); - nsCOMPtr targetPrincipalURI; - rv = targetPrincipal->GetURI(getter_AddRefs(targetPrincipalURI)); + rv = targetDocument-> + NodePrincipal()->GetURI(getter_AddRefs(targetPrincipalURI)); NS_ENSURE_TRUE(NS_SUCCEEDED(rv) && targetPrincipalURI, PR_TRUE); // Find out if document.domain was set for HTML documents @@ -6648,7 +6646,7 @@ nsDocShell::GetCurrentDocumentOwner(nsISupports ** aOwner) //-- Get the document's principal if (document) { - *aOwner = document->GetNodePrincipal(); + *aOwner = document->NodePrincipal(); } NS_IF_ADDREF(*aOwner); diff --git a/dom/src/base/nsGlobalWindow.cpp b/dom/src/base/nsGlobalWindow.cpp index 9feea7a33077..ba3158a9d641 100644 --- a/dom/src/base/nsGlobalWindow.cpp +++ b/dom/src/base/nsGlobalWindow.cpp @@ -487,7 +487,7 @@ nsGlobalWindow::FreeInnerObjects(JSContext *cx) NS_ASSERTION(mDoc, "Why is mDoc null?"); // Remember the document's principal. - mDocumentPrincipal = mDoc->GetNodePrincipal(); + mDocumentPrincipal = mDoc->NodePrincipal(); } // Remove our reference to the document and the document principal. @@ -602,12 +602,6 @@ nsGlobalWindow::WouldReuseInnerWindow(nsIDocument *aNewDocument) return PR_FALSE; } - nsIPrincipal* newPrincipal = aNewDocument->GetNodePrincipal(); - if (!newPrincipal) { - // This really should not be happening.... play it safe. - return PR_FALSE; - } - PRBool isAbout; if (NS_FAILED(curURI->SchemeIs("about", &isAbout)) || !isAbout) { return PR_FALSE; @@ -629,7 +623,7 @@ nsGlobalWindow::WouldReuseInnerWindow(nsIDocument *aNewDocument) if (mOpenerScriptPrincipal && nsContentUtils::GetSecurityManager() && NS_SUCCEEDED(nsContentUtils::GetSecurityManager()-> CheckSameOriginPrincipal(mOpenerScriptPrincipal, - newPrincipal))) { + aNewDocument->NodePrincipal()))) { // The origin is the same. return PR_TRUE; } @@ -940,20 +934,15 @@ nsGlobalWindow::SetNewDocument(nsIDocument* aDocument, nsIPrincipal *oldPrincipal = nsnull; if (oldDoc) { - oldPrincipal = oldDoc->GetNodePrincipal(); + oldPrincipal = oldDoc->NodePrincipal(); } // Drop our reference to the navigator object unless we're reusing // the existing inner window or the new document is from the same // origin as the old document. if (!reUseInnerWindow && mNavigator && oldPrincipal) { - nsIPrincipal *newPrincipal = aDocument->GetNodePrincipal(); - rv = NS_ERROR_FAILURE; - - if (newPrincipal) { - rv = nsContentUtils::GetSecurityManager()-> - CheckSameOriginPrincipal(oldPrincipal, newPrincipal); - } + rv = nsContentUtils::GetSecurityManager()-> + CheckSameOriginPrincipal(oldPrincipal, aDocument->NodePrincipal()); if (NS_FAILED(rv)) { // Different origins. Release the navigator object so it gets @@ -1333,7 +1322,7 @@ nsGlobalWindow::SetDocShell(nsIDocShell* aDocShell) NS_ASSERTION(mDoc, "Must have doc!"); // Remember the document's principal. - mDocumentPrincipal = mDoc->GetNodePrincipal(); + mDocumentPrincipal = mDoc->NodePrincipal(); // Release our document reference mDocument = nsnull; @@ -1685,7 +1674,7 @@ nsGlobalWindow::GetPrincipal() { if (mDoc) { // If we have a document, get the principal from the document - return mDoc->GetNodePrincipal(); + return mDoc->NodePrincipal(); } if (mDocumentPrincipal) { diff --git a/embedding/components/find/src/nsWebBrowserFind.cpp b/embedding/components/find/src/nsWebBrowserFind.cpp index a1e2f721b4d6..58ae2d4602ea 100644 --- a/embedding/components/find/src/nsWebBrowserFind.cpp +++ b/embedding/components/find/src/nsWebBrowserFind.cpp @@ -742,14 +742,12 @@ nsresult nsWebBrowserFind::SearchInFrame(nsIDOMWindow* aWindow, secMan->IsCapabilityEnabled("UniversalXPConnect", &hasCap); if (!hasCap) { - nsIPrincipal *principal = theDoc->GetNodePrincipal(); - if (!principal) - return NS_ERROR_FAILURE; nsCOMPtr subject; rv = secMan->GetSubjectPrincipal(getter_AddRefs(subject)); NS_ENSURE_SUCCESS(rv, rv); if (subject) { - rv = secMan->CheckSameOriginPrincipal(subject, principal); + rv = secMan->CheckSameOriginPrincipal(subject, + theDoc->NodePrincipal()); NS_ENSURE_SUCCESS(rv, rv); } } diff --git a/extensions/xforms/nsXFormsUtils.cpp b/extensions/xforms/nsXFormsUtils.cpp index 59e3d0ab7929..dd2c3f261f0d 100644 --- a/extensions/xforms/nsXFormsUtils.cpp +++ b/extensions/xforms/nsXFormsUtils.cpp @@ -1179,29 +1179,27 @@ nsXFormsUtils::CheckSameOrigin(nsIDocument *aBaseDocument, nsIURI *aTestURI) nsresult rv; // get the base document's principal - nsIPrincipal *basePrincipal = aBaseDocument->GetNodePrincipal(); + nsIPrincipal *basePrincipal = aBaseDocument->NodePrincipal(); - if (basePrincipal) { - // check for the UniversalBrowserRead capability. - PRBool crossSiteAccessEnabled; - rv = basePrincipal->IsCapabilityEnabled("UniversalBrowserRead", nsnull, - &crossSiteAccessEnabled); - if (NS_SUCCEEDED(rv) && crossSiteAccessEnabled) - return PR_TRUE; + // check for the UniversalBrowserRead capability. + PRBool crossSiteAccessEnabled; + rv = basePrincipal->IsCapabilityEnabled("UniversalBrowserRead", nsnull, + &crossSiteAccessEnabled); + if (NS_SUCCEEDED(rv) && crossSiteAccessEnabled) + return PR_TRUE; - // check the security manager and do a same original check on the principal - nsCOMPtr secMan = - do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID); - if (secMan) { - // get a principal for the uri we are testing - nsCOMPtr testPrincipal; - rv = secMan->GetCodebasePrincipal(aTestURI, getter_AddRefs(testPrincipal)); + // check the security manager and do a same original check on the principal + nsCOMPtr secMan = + do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID); + if (secMan) { + // get a principal for the uri we are testing + nsCOMPtr testPrincipal; + rv = secMan->GetCodebasePrincipal(aTestURI, getter_AddRefs(testPrincipal)); - if (NS_SUCCEEDED(rv)) { - rv = secMan->CheckSameOriginPrincipal(basePrincipal, testPrincipal); - if (NS_SUCCEEDED(rv)) - return PR_TRUE; - } + if (NS_SUCCEEDED(rv)) { + rv = secMan->CheckSameOriginPrincipal(basePrincipal, testPrincipal); + if (NS_SUCCEEDED(rv)) + return PR_TRUE; } } diff --git a/extensions/xmlterm/base/mozLineTerm.cpp b/extensions/xmlterm/base/mozLineTerm.cpp index c68fe7cd0fea..f8bd5351eb25 100644 --- a/extensions/xmlterm/base/mozLineTerm.cpp +++ b/extensions/xmlterm/base/mozLineTerm.cpp @@ -224,9 +224,7 @@ NS_IMETHODIMP mozLineTerm::GetSecurePrincipal(nsIDOMDocument *domDoc, if (!doc) return NS_ERROR_FAILURE; - nsIPrincipal *principal = doc->GetNodePrincipal(); - if (!principal) - return NS_ERROR_FAILURE; + nsIPrincipal *principal = doc->NodePrincipal(); #if 0 // Temporarily commented out, because |ToString()| is not implemented. if (NS_FAILED(principal->ToString(aPrincipalStr)) || !*aPrincipalStr) diff --git a/extensions/xmlterm/base/mozXMLTermUtils.cpp b/extensions/xmlterm/base/mozXMLTermUtils.cpp index 42dfb1f6984d..76b074025087 100644 --- a/extensions/xmlterm/base/mozXMLTermUtils.cpp +++ b/extensions/xmlterm/base/mozXMLTermUtils.cpp @@ -257,9 +257,7 @@ mozXMLTermUtils::ExecuteScript(nsIDOMDocument* aDOMDocument, if (!doc) return NS_ERROR_FAILURE; - nsIPrincipal *docPrincipal = doc->GetNodePrincipal(); - if (!docPrincipal) - return NS_ERROR_FAILURE; + nsIPrincipal *docPrincipal = doc->NodePrincipal(); // Get document script context nsCOMPtr scriptContext; diff --git a/layout/generic/nsImageFrame.cpp b/layout/generic/nsImageFrame.cpp index 93ede17cfad6..2d1a917cf55d 100644 --- a/layout/generic/nsImageFrame.cpp +++ b/layout/generic/nsImageFrame.cpp @@ -1530,13 +1530,8 @@ nsImageFrame::TriggerLink(nsPresContext* aPresContext, if (NS_FAILED(rv)) return; - nsIPrincipal* principal = aTriggerNode->GetNodePrincipal(); - if (!principal) { - return; - } - rv = securityManager-> - CheckLoadURIWithPrincipal(principal, aURI, + CheckLoadURIWithPrincipal(aTriggerNode->NodePrincipal(), aURI, nsIScriptSecurityManager::STANDARD); // Only pass off the click event if the script security manager diff --git a/modules/plugin/base/src/nsPluginHostImpl.cpp b/modules/plugin/base/src/nsPluginHostImpl.cpp index b1dce0a8dedf..13cd562d7107 100644 --- a/modules/plugin/base/src/nsPluginHostImpl.cpp +++ b/modules/plugin/base/src/nsPluginHostImpl.cpp @@ -3385,7 +3385,7 @@ NS_IMETHODIMP nsPluginHostImpl::InstantiateEmbeddedPlugin(const char *aMimeType, if (!doc) return NS_ERROR_NULL_POINTER; - rv = secMan->CheckLoadURIWithPrincipal(doc->GetNodePrincipal(), aURL, 0); + rv = secMan->CheckLoadURIWithPrincipal(doc->NodePrincipal(), aURL, 0); if (NS_FAILED(rv)) return rv; @@ -5758,7 +5758,7 @@ NS_IMETHODIMP nsPluginHostImpl::NewPluginURLStream(const nsString& aURL, if (doc) { // Set the owner of channel to the document principal... - channel->SetOwner(doc->GetNodePrincipal()); + channel->SetOwner(doc->NodePrincipal()); } // deal with headers and post data @@ -5840,7 +5840,7 @@ nsPluginHostImpl::DoURLLoadSecurityCheck(nsIPluginInstance *aInstance, if (NS_FAILED(rv)) return rv; - return secMan->CheckLoadURIWithPrincipal(doc->GetNodePrincipal(), targetURL, + return secMan->CheckLoadURIWithPrincipal(doc->NodePrincipal(), targetURL, nsIScriptSecurityManager::STANDARD); } diff --git a/security/manager/boot/src/nsSecureBrowserUIImpl.cpp b/security/manager/boot/src/nsSecureBrowserUIImpl.cpp index 7bb95d9796d8..8cd8c52f3acc 100644 --- a/security/manager/boot/src/nsSecureBrowserUIImpl.cpp +++ b/security/manager/boot/src/nsSecureBrowserUIImpl.cpp @@ -359,7 +359,7 @@ nsSecureBrowserUIImpl::Notify(nsIContent* formNode, nsCOMPtr document = formNode->GetDocument(); if (!document) return NS_OK; - nsIPrincipal *principal = formNode->GetNodePrincipal(); + nsIPrincipal *principal = formNode->NodePrincipal(); if (!principal) {