Backed out changeset 2d2d603dbdaf (bug 1337056)

dom/ipc/ContentChild.cpp

@@ -3222,16 +3222,5 @@ ContentChild::RecvParentActivated(PBrowserChild* aTab, const bool& aActivated)
   return tab->RecvParentActivated(aActivated);
 }
 
-mozilla::ipc::IPCResult
-ContentChild::RecvSetPermissionsWithKey(const nsCString& aPermissionKey,
-                                        nsTArray<IPC::Permission>&& aPerms)
-{
-  nsCOMPtr<nsIPermissionManager> permissionManager =
-    services::GetPermissionManager();
-  permissionManager->SetPermissionsWithKey(aPermissionKey, aPerms);
-
-  return IPC_OK();
-}
-
 } // namespace dom
 } // namespace mozilla

dom/ipc/ContentChild.h

@@ -586,11 +586,6 @@ public:
                                 const StructuredCloneData& aInitialData,
                                 nsTArray<LookAndFeelInt>&& aLookAndFeelIntCache) override;
 
-  mozilla::ipc::IPCResult
-  RecvSetPermissionsWithKey(const nsCString& aPermissionKey,
-                            nsTArray<IPC::Permission>&& aPerms) override;
-
-
 #if defined(XP_WIN) && defined(ACCESSIBILITY)
   bool
   SendGetA11yContentId();

dom/ipc/ContentParent.cpp

@@ -2453,6 +2453,57 @@ ContentParent::RecvReadFontList(InfallibleTArray<FontListEntry>* retValue)
   return IPC_OK();
 }
 
+mozilla::ipc::IPCResult
+ContentParent::RecvReadPermissions(InfallibleTArray<IPC::Permission>* aPermissions)
+{
+#ifdef MOZ_PERMISSIONS
+  nsCOMPtr<nsIPermissionManager> permissionManagerIface =
+    services::GetPermissionManager();
+  nsPermissionManager* permissionManager =
+    static_cast<nsPermissionManager*>(permissionManagerIface.get());
+  MOZ_ASSERT(permissionManager,
+             "We have no permissionManager in the Chrome process !");
+
+  nsCOMPtr<nsISimpleEnumerator> enumerator;
+  DebugOnly<nsresult> rv = permissionManager->GetEnumerator(getter_AddRefs(enumerator));
+  MOZ_ASSERT(NS_SUCCEEDED(rv), "Could not get enumerator!");
+  while(1) {
+    bool hasMore;
+    enumerator->HasMoreElements(&hasMore);
+    if (!hasMore)
+      break;
+
+    nsCOMPtr<nsISupports> supp;
+    enumerator->GetNext(getter_AddRefs(supp));
+    nsCOMPtr<nsIPermission> perm = do_QueryInterface(supp);
+
+    nsCOMPtr<nsIPrincipal> principal;
+    perm->GetPrincipal(getter_AddRefs(principal));
+    nsCString origin;
+    if (principal) {
+      principal->GetOrigin(origin);
+    }
+    nsCString type;
+    perm->GetType(type);
+    uint32_t capability;
+    perm->GetCapability(&capability);
+    uint32_t expireType;
+    perm->GetExpireType(&expireType);
+    int64_t expireTime;
+    perm->GetExpireTime(&expireTime);
+
+    aPermissions->AppendElement(IPC::Permission(origin, type,
+                                                capability, expireType,
+                                                expireTime));
+  }
+
+  // Ask for future changes
+  mSendPermissionUpdates = true;
+#endif
+
+  return IPC_OK();
+}
+
 mozilla::ipc::IPCResult
 ContentParent::RecvSetClipboard(const IPCDataTransfer& aDataTransfer,
                                 const bool& aIsPrivateData,

dom/ipc/ContentParent.h

@@ -909,6 +909,8 @@ private:
 
   virtual mozilla::ipc::IPCResult RecvReadFontList(InfallibleTArray<FontListEntry>* retValue) override;
 
+  virtual mozilla::ipc::IPCResult RecvReadPermissions(InfallibleTArray<IPC::Permission>* aPermissions) override;
+
   virtual mozilla::ipc::IPCResult RecvSetClipboard(const IPCDataTransfer& aDataTransfer,
                                                    const bool& aIsPrivateData,
                                                    const IPC::Principal& aRequestingPrincipal,

dom/ipc/PContent.ipdl

@@ -591,8 +591,6 @@ child:
 
     async PParentToChildStream();
 
-    async SetPermissionsWithKey(nsCString aPermissionKey, Permission[] aPermissions);
-
 parent:
     async InitBackground(Endpoint<PBackgroundParent> aEndpoint);
 
@@ -785,6 +783,9 @@ parent:
                       uint32_t lineNumber, uint32_t colNumber, uint32_t flags,
                       nsCString category);
 
+    // nsIPermissionManager messages
+    sync ReadPermissions() returns (Permission[] permissions);
+
     // Places the items within dataTransfer on the clipboard.
     async SetClipboard(IPCDataTransfer aDataTransfer,
                        bool aIsPrivateData,

extensions/cookie/nsPermissionManager.cpp

@@ -43,6 +43,7 @@
 static nsPermissionManager *gPermissionManager = nullptr;
 
 using mozilla::dom::ContentParent;
+using mozilla::dom::ContentChild;
 using mozilla::Unused; // ha!
 
 static bool
@@ -51,6 +52,23 @@ IsChildProcess()
   return XRE_IsContentProcess();
 }
 
+/**
+ * @returns The child process object, or if we are not in the child
+ *          process, nullptr.
+ */
+static ContentChild*
+ChildProcess()
+{
+  if (IsChildProcess()) {
+    ContentChild* cpc = ContentChild::GetSingleton();
+    if (!cpc)
+      MOZ_CRASH("Content Process is nullptr!");
+    return cpc;
+  }
+
+  return nullptr;
+}
+
 static void
 LogToConsole(const nsAString& aMsg)
 {
@@ -780,9 +798,8 @@ nsPermissionManager::Init()
   mMemoryOnlyDB = mozilla::Preferences::GetBool("permissions.memory_only", false);
 
   if (IsChildProcess()) {
-    // Stop here; we don't need the DB in the child process. Instead we will be
-    // sent permissions as we need them by our parent process.
-    return NS_OK;
+    // Stop here; we don't need the DB in the child process
+    return FetchPermissions();
   }
 
   nsCOMPtr<nsIObserverService> observerService =
@@ -2892,87 +2909,19 @@ nsPermissionManager::UpdateExpireTime(nsIPrincipal* aPrincipal,
   return NS_OK;
 }
 
-NS_IMETHODIMP
-nsPermissionManager::GetPermissionsWithKey(const nsACString& aPermissionKey,
-                                           nsTArray<IPC::Permission>& aPerms)
-{
-  aPerms.Clear();
-  if (NS_WARN_IF(XRE_IsContentProcess())) {
-    return NS_ERROR_NOT_AVAILABLE;
-  }
+nsresult
+nsPermissionManager::FetchPermissions() {
+  MOZ_ASSERT(IsChildProcess(), "FetchPermissions can only be invoked in child process");
+  // Get the permissions from the parent process
+  InfallibleTArray<IPC::Permission> perms;
+  ChildProcess()->SendReadPermissions(&perms);
 
-  for (auto iter = mPermissionTable.Iter(); !iter.Done(); iter.Next()) {
-    PermissionHashKey* entry = iter.Get();
+  for (uint32_t i = 0; i < perms.Length(); i++) {
+    const IPC::Permission &perm = perms[i];
 
-    // XXX: Is it worthwhile to have a shortcut Origin->Key implementation? as
-    // we could implement this without creating a codebase principal.
-
-    // Fetch the principal for the given origin.
-    nsCOMPtr<nsIPrincipal> principal;
-    nsresult rv = GetPrincipalFromOrigin(entry->GetKey()->mOrigin,
-                                         getter_AddRefs(principal));
-    if (NS_WARN_IF(NS_FAILED(rv))) {
-      continue;
-    }
-
-    // Get the permission key and make sure that it matches the aPermissionKey
-    // passed in.
-    nsAutoCString permissionKey;
-    GetKeyForPrincipal(principal, permissionKey);
-
-    if (permissionKey != aPermissionKey) {
-      continue;
-    }
-
-    for (const auto& permEntry : entry->GetPermissions()) {
-      // Given how "default" permissions work and the possibility of them being
-      // overridden with UNKNOWN_ACTION, we might see this value here - but we
-      // do not want to send it to the content process.
-      if (permEntry.mPermission == nsIPermissionManager::UNKNOWN_ACTION) {
-        continue;
-      }
-
-      aPerms.AppendElement(IPC::Permission(entry->GetKey()->mOrigin,
-                                           mTypeArray.ElementAt(permEntry.mType),
-                                           permEntry.mPermission,
-                                           permEntry.mExpireType,
-                                           permEntry.mExpireTime));
-    }
-  }
-
-  return NS_OK;
-}
-
-NS_IMETHODIMP
-nsPermissionManager::SetPermissionsWithKey(const nsACString& aPermissionKey,
-                                           nsTArray<IPC::Permission>& aPerms)
-{
-  if (NS_WARN_IF(XRE_IsParentProcess())) {
-    return NS_ERROR_NOT_AVAILABLE;
-  }
-
-  // Record that we have seen the permissions with the given permission key.
-  if (NS_WARN_IF(mAvailablePermissionKeys.Contains(aPermissionKey))) {
-    // NOTE: We shouldn't be sent two InitializePermissionsWithKey for the same
-    // key, but it's possible.
-    return NS_OK;
-  }
-  mAvailablePermissionKeys.PutEntry(aPermissionKey);
-
-  // Add the permissions locally to our process
-  for (IPC::Permission& perm : aPerms) {
     nsCOMPtr<nsIPrincipal> principal;
     nsresult rv = GetPrincipalFromOrigin(perm.origin, getter_AddRefs(principal));
-    if (NS_WARN_IF(NS_FAILED(rv))) {
-      continue;
-    }
-
-#ifdef DEBUG
-    nsAutoCString permissionKey;
-    GetKeyForPrincipal(principal, permissionKey);
-    MOZ_ASSERT(permissionKey == aPermissionKey,
-               "The permission keys which were sent over should match!");
-#endif
+    NS_ENSURE_SUCCESS(rv, rv);
 
     // The child process doesn't care about modification times - it neither
     // reads nor writes, nor removes them based on the date - so 0 (which

extensions/cookie/nsPermissionManager.h

@@ -276,6 +276,12 @@ private:
   nsresult
   RemoveAllModifiedSince(int64_t aModificationTime);
 
+  /**
+   * Retrieve permissions from chrome process.
+   */
+  nsresult
+  FetchPermissions();
+
   nsCOMPtr<mozIStorageConnection> mDBConn;
   nsCOMPtr<mozIStorageAsyncStatement> mStmtInsert;
   nsCOMPtr<mozIStorageAsyncStatement> mStmtDelete;
@@ -290,9 +296,6 @@ private:
   // An array to store the strings identifying the different types.
   nsTArray<nsCString>          mTypeArray;
 
-  // The base domains which have their permissions loaded in the current process.
-  nsTHashtable<nsCStringHashKey> mAvailablePermissionKeys;
-
   // Initially, |false|. Set to |true| once shutdown has started, to avoid
   // reopening the database.
   bool mIsShuttingDown;

netwerk/base/nsIPermissionManager.idl

@@ -37,15 +37,7 @@ interface mozIDOMWindow;
 interface nsIPermission;
 interface nsISimpleEnumerator;
 
-%{ C++
-namespace IPC {
-struct Permission;
-}
-#include "nsTArrayForwardDeclare.h"
-%}
-[ref] native IPCPermissionArrayRef(nsTArray<IPC::Permission>);
-
-[scriptable, builtinclass, uuid(4dcb3851-eba2-4e42-b236-82d2596fca22)]
+[scriptable, uuid(4dcb3851-eba2-4e42-b236-82d2596fca22)]
 interface nsIPermissionManager : nsISupports
 {
   /**
@@ -281,40 +273,6 @@ interface nsIPermissionManager : nsISupports
                         in boolean exactHost,
                         in uint64_t sessionExpireTime,
                         in uint64_t persistentExpireTime);
-
-  /**
-   * The content process doesn't have access to every permission. Instead, when
-   * LOAD_DOCUMENT_URI channels for http://, https://, and ftp:// URIs are
-   * opened, the permissions for those channels are sent down to the content
-   * process before the OnStartRequest message. Permissions for principals with
-   * other schemes are sent down at process startup.
-   *
-   * Permissions are keyed and grouped by "Permission Key"s.
-   * `nsPermissionManager::GetKeyForPrincipal` provides the mechanism for
-   * determining the permission key for a given principal.
-   *
-   * This method may only be called in the parent process. It fills the nsTArray
-   * argument with the IPC::Permission objects which have a matching permission
-   * key.
-   *
-   * @param permissionKey  The key to use to find the permissions of interest.
-   * @param perms  An array which will be filled with the permissions which
-   *               match the given permission key.
-   */
-  void getPermissionsWithKey(in ACString permissionKey, out IPCPermissionArrayRef perms);
-
-  /**
-   * See `nsIPermissionManager::GetPermissionsWithKey` for more info on
-   * Permission keys.
-   *
-   * `SetPermissionsWithKey` may only be called in the Child process, and
-   * initializes the permission manager with the permissions for a given
-   * Permission key. marking permissions with that key as avaliable.
-   *
-   * @param permissionKey  The key for the permissions which have been sent over.
-   * @param perms  An array with the permissions which match the given key.
-   */
-  void setPermissionsWithKey(in ACString permissionKey, in IPCPermissionArrayRef perms);
 };
 
 %{ C++