mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1614462: Part 3c - Remove dead TabContext IsMozBrowserElement fields. r=nika 

Differential Revision: https://phabricator.services.mozilla.com/D70750
This commit is contained in:
Kris Maglione 2020-04-20 22:15:21 +00:00
Родитель 1525db9c6d
Коммит 1c70232c81
9 изменённых файлов: 23 добавлений и 137 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

6
dom/base/nsFrameLoader.cpp
Просмотреть файл

@ -3321,9 +3321,9 @@ nsresult nsFrameLoader::GetNewTabContext(MutableTabContext* aTabContext,
uint32_t maxTouchPoints = BrowserParent::GetMaxTouchPoints(mOwnerContent);
bool tabContextUpdated = aTabContext->SetTabContext(
OwnerIsMozBrowserFrame(), chromeOuterWindowID, showFocusRings, attrs,
presentationURLStr, maxTouchPoints);
bool tabContextUpdated =
aTabContext->SetTabContext(chromeOuterWindowID, showFocusRings, attrs,
presentationURLStr, maxTouchPoints);
NS_ENSURE_STATE(tabContextUpdated);
return NS_OK;

29
dom/base/test/chrome/window_swapFrameLoaders.xhtml
Просмотреть файл

@ -220,35 +220,6 @@ Test swapFrameLoaders with different frame types and remoteness
is(pongB, "A", "Frame B message manager acquired after swap gets reply A after swap");
}
// Verify browser API frame scripts destroyed if swapped out of browser frame
if (frameA.hasAttribute("mozbrowser") != frameB.hasAttribute("mozbrowser")) {
let mmA = frameA.frameLoader.messageManager;
let mmB = frameB.frameLoader.messageManager;
let inflightA = once(mmA, "check-browser-api");
let inflightB = once(mmB, "check-browser-api");
info("Check browser API for frame A");
mmA.sendAsyncMessage("check-browser-api");
let [ { data: apiA } ] = await inflightA;
if (frameA.hasAttribute("mozbrowser")) {
ok(apiA.exists && apiA.running, "Frame A browser API exists and is running");
} else {
ok(apiA.exists && !apiA.running, "Frame A browser API did exist but is now destroyed");
}
info("Check browser API for frame B");
mmB.sendAsyncMessage("check-browser-api");
let [ { data: apiB } ] = await inflightB;
if (frameB.hasAttribute("mozbrowser")) {
ok(apiB.exists && apiB.running, "Frame B browser API exists and is running");
} else {
ok(apiB.exists && !apiB.running, "Frame B browser API did exist but is now destroyed");
}
} else {
info("Frames have matching mozbrowser state, skipping browser API destruction check");
}
frameA.remove();
frameB.remove();
}

2
dom/ipc/BrowserBridgeParent.cpp
Просмотреть файл

@ -49,7 +49,7 @@ nsresult BrowserBridgeParent::InitWithProcess(
true, principal->OriginAttributesRef().mFirstPartyDomain);
}
tabContext.SetTabContext(false, Manager()->ChromeOuterWindowID(),
tabContext.SetTabContext(Manager()->ChromeOuterWindowID(),
Manager()->ShowFocusRings(), attrs, aPresentationURL,
Manager()->GetMaxTouchPoints());

12
dom/ipc/BrowserChild.cpp
Просмотреть файл

@ -143,9 +143,6 @@
# include "nsIWebBrowserPrint.h"
#endif
#define BROWSER_ELEMENT_CHILD_SCRIPT \
NS_LITERAL_STRING("chrome://global/content/BrowserElementChild.js")
static mozilla::LazyLogModule sApzChildLog("apz.child");
using namespace mozilla;
@ -2254,10 +2251,6 @@ mozilla::ipc::IPCResult BrowserChild::RecvSwappedWithOtherRemoteLoader(
// Ignore previous value of mTriedBrowserInit since owner content has changed.
mTriedBrowserInit = true;
// Initialize the child side of the browser element machinery, if appropriate.
if (IsMozBrowserElement()) {
RecvLoadRemoteScript(BROWSER_ELEMENT_CHILD_SCRIPT, true);
}
nsContentUtils::FirePageShowEventForFrameLoaderSwap(
ourDocShell, ourEventTarget, true, true);
@ -2604,11 +2597,6 @@ bool BrowserChild::InitBrowserChildMessageManager() {
if (!mTriedBrowserInit) {
mTriedBrowserInit = true;
// Initialize the child side of the browser element machinery,
// if appropriate.
if (IsMozBrowserElement()) {
RecvLoadRemoteScript(BROWSER_ELEMENT_CHILD_SCRIPT, true);
}
}
return true;

8
dom/ipc/ContentChild.cpp
Просмотреть файл

@ -955,7 +955,6 @@ nsresult ContentChild::ProvideWindowCommon(
PopupIPCTabContext context;
openerTabId = aTabOpener->GetTabId();
context.opener() = openerTabId;
context.isMozBrowserElement() = aTabOpener->IsMozBrowserElement();
ipcContext = MakeUnique<IPCTabContext>(context);
} else {
// It's possible to not have a BrowserChild opener in the case
@ -993,12 +992,11 @@ nsresult ContentChild::ProvideWindowCommon(
MutableTabContext newTabContext;
if (aTabOpener) {
newTabContext.SetTabContext(
aTabOpener->IsMozBrowserElement(), aTabOpener->ChromeOuterWindowID(),
aTabOpener->ShowFocusRings(), browsingContext->OriginAttributesRef(),
aTabOpener->PresentationURL(), aTabOpener->MaxTouchPoints());
aTabOpener->ChromeOuterWindowID(), aTabOpener->ShowFocusRings(),
browsingContext->OriginAttributesRef(), aTabOpener->PresentationURL(),
aTabOpener->MaxTouchPoints());
} else {
newTabContext.SetTabContext(
/* isMozBrowserElement */ false,
/* chromeOuterWindowID */ 0,
/* showFocusRings */ UIStateChangeType_NoChange,
browsingContext->OriginAttributesRef(),

15
dom/ipc/ContentParent.cpp
Просмотреть файл

@ -3200,17 +3200,6 @@ bool ContentParent::CanOpenBrowser(const IPCTabContext& aContext) {
"Got null opener from child; aborting AllocPBrowserParent.");
return false;
}
// Popup windows of isMozBrowserElement frames must be isMozBrowserElement
// if the parent isMozBrowserElement. Allocating a !isMozBrowserElement
// frame with same app ID would allow the content to access data it's not
// supposed to.
if (!popupContext.isMozBrowserElement() && opener->IsMozBrowserElement()) {
ASSERT_UNLESS_FUZZING(
"Child trying to escalate privileges! Aborting "
"AllocPBrowserParent.");
return false;
}
}
MaybeInvalidTabContext tc(aContext);
@ -4675,10 +4664,6 @@ mozilla::ipc::IPCResult ContentParent::CommonCreateWindow(
nsCOMPtr<nsIContent> frame;
if (topParent) {
frame = topParent->GetOwnerElement();
if (NS_WARN_IF(topParent->IsMozBrowserElement())) {
return IPC_FAIL(this, "aThisTab is not a MozBrowser");
}
}
nsCOMPtr<nsPIDOMWindowOuter> outerWin;

13
dom/ipc/PTabContext.ipdlh
Просмотреть файл

@ -17,18 +17,9 @@ namespace dom {
// An IPCTabContext which corresponds to a PBrowser opened by a child when it
// receives window.open().
//
// If isMozBrowserElement is false, this PopupIPCTabContext is either a
// <xul:browser> or an app frame. The frame's app-id and app-frame-owner-app-id
// will be equal to the opener's values.
//
// It's an error to set isMozBrowserElement == false if opener is a mozbrowser
// element. Such a PopupIPCTabContext should be rejected by code which receives
// it.
struct PopupIPCTabContext
{
PBrowserOrId opener;
bool isMozBrowserElement;
uint64_t chromeOuterWindowID;
};
@ -38,10 +29,6 @@ struct FrameIPCTabContext
// The originAttributes dictionary.
OriginAttributes originAttributes;
// Whether this is a mozbrowser frame. <iframe mozbrowser mozapp> and
// <xul:browser> are not considered to be mozbrowser frames.
bool isMozBrowserElement;
uint64_t chromeOuterWindowID;
// The requested presentation URL.

46
dom/ipc/TabContext.cpp
Просмотреть файл

@ -19,14 +19,11 @@ namespace dom {
TabContext::TabContext()
: mInitialized(false),
mIsMozBrowserElement(false),
mChromeOuterWindowID(0),
mJSPluginID(-1),
mShowFocusRings(UIStateChangeType_NoChange),
mMaxTouchPoints(0) {}
bool TabContext::IsMozBrowserElement() const { return mIsMozBrowserElement; }
bool TabContext::IsJSPlugin() const { return mJSPluginID >= 0; }
int32_t TabContext::JSPluginId() const { return mJSPluginID; }
@ -57,15 +54,13 @@ bool TabContext::UpdateTabContextAfterSwap(const TabContext& aContext) {
// This is only used after already initialized.
MOZ_ASSERT(mInitialized);
// The only permissable changes are to `mIsMozBrowserElement` and
// mChromeOuterWindowID. All other fields must match for the change
// to be accepted.
// The only permissable changes are to mChromeOuterWindowID. All other fields
// must match for the change to be accepted.
if (aContext.mOriginAttributes != mOriginAttributes) {
return false;
}
mChromeOuterWindowID = aContext.mChromeOuterWindowID;
mIsMozBrowserElement = aContext.mIsMozBrowserElement;
return true;
}
@ -79,8 +74,7 @@ const nsAString& TabContext::PresentationURL() const {
UIStateChangeType TabContext::ShowFocusRings() const { return mShowFocusRings; }
bool TabContext::SetTabContext(bool aIsMozBrowserElement,
uint64_t aChromeOuterWindowID,
bool TabContext::SetTabContext(uint64_t aChromeOuterWindowID,
UIStateChangeType aShowFocusRings,
const OriginAttributes& aOriginAttributes,
const nsAString& aPresentationURL,
@ -88,7 +82,6 @@ bool TabContext::SetTabContext(bool aIsMozBrowserElement,
NS_ENSURE_FALSE(mInitialized, false);
mInitialized = true;
mIsMozBrowserElement = aIsMozBrowserElement;
mChromeOuterWindowID = aChromeOuterWindowID;
mOriginAttributes = aOriginAttributes;
mPresentationURL = aPresentationURL;
@ -110,14 +103,13 @@ IPCTabContext TabContext::AsIPCTabContext() const {
return IPCTabContext(JSPluginFrameIPCTabContext(mJSPluginID));
}
return IPCTabContext(FrameIPCTabContext(
mOriginAttributes, mIsMozBrowserElement, mChromeOuterWindowID,
mPresentationURL, mShowFocusRings, mMaxTouchPoints));
return IPCTabContext(
FrameIPCTabContext(mOriginAttributes, mChromeOuterWindowID,
mPresentationURL, mShowFocusRings, mMaxTouchPoints));
}
MaybeInvalidTabContext::MaybeInvalidTabContext(const IPCTabContext& aParams)
: mInvalidReason(nullptr) {
bool isMozBrowserElement = false;
uint64_t chromeOuterWindowID = 0;
int32_t jsPluginId = -1;
OriginAttributes originAttributes;
@ -139,17 +131,6 @@ MaybeInvalidTabContext::MaybeInvalidTabContext(const IPCTabContext& aParams)
"open a null tab.";
return;
}
if (context->IsMozBrowserElement() &&
!ipcContext.isMozBrowserElement()) {
// If the BrowserParent corresponds to a browser element, then it can
// only open other browser elements, for security reasons. We should
// have checked this before calling the TabContext constructor, so
// this is a fatal error.
mInvalidReason =
"Child is-browser process tried to "
"open a non-browser tab.";
return;
}
} else if (ipcContext.opener().type() == PBrowserOrId::TPBrowserChild) {
context =
static_cast<BrowserChild*>(ipcContext.opener().get_PBrowserChild());
@ -167,14 +148,6 @@ MaybeInvalidTabContext::MaybeInvalidTabContext(const IPCTabContext& aParams)
return;
}
// Browser elements can't nest other browser elements. So if
// our opener is browser element, we must be a new DOM window
// opened by it. In that case we inherit our containing app ID
// (if any).
//
// Otherwise, we're a new app window and we inherit from our
// opener app.
isMozBrowserElement = ipcContext.isMozBrowserElement();
originAttributes = context->mOriginAttributes;
chromeOuterWindowID = ipcContext.chromeOuterWindowID();
break;
@ -189,7 +162,6 @@ MaybeInvalidTabContext::MaybeInvalidTabContext(const IPCTabContext& aParams)
case IPCTabContext::TFrameIPCTabContext: {
const FrameIPCTabContext& ipcContext = aParams.get_FrameIPCTabContext();
isMozBrowserElement = ipcContext.isMozBrowserElement();
chromeOuterWindowID = ipcContext.chromeOuterWindowID();
presentationURL = ipcContext.presentationURL();
showFocusRings = ipcContext.showFocusRings();
@ -218,9 +190,9 @@ MaybeInvalidTabContext::MaybeInvalidTabContext(const IPCTabContext& aParams)
if (jsPluginId >= 0) {
rv = mTabContext.SetTabContextForJSPluginFrame(jsPluginId);
} else {
rv = mTabContext.SetTabContext(isMozBrowserElement, chromeOuterWindowID,
showFocusRings, originAttributes,
presentationURL, maxTouchPoints);
rv = mTabContext.SetTabContext(chromeOuterWindowID, showFocusRings,
originAttributes, presentationURL,
maxTouchPoints);
}
if (!rv) {
mInvalidReason = "Couldn't initialize TabContext.";

29
dom/ipc/TabContext.h
Просмотреть файл

@ -18,7 +18,7 @@ namespace dom {
class IPCTabContext;
/**
* TabContext encapsulates information about an iframe that may be a mozbrowser.
* TabContext encapsulates information about an iframe.
*
* BrowserParent and BrowserChild both inherit from TabContext, and you can also
* have standalone TabContext objects.
@ -39,13 +39,6 @@ class TabContext {
*/
IPCTabContext AsIPCTabContext() const;
/**
* Does this TabContext correspond to a mozbrowser?
*
* <iframe mozbrowser> is a mozbrowser element, but <xul:browser> is not.
*/
bool IsMozBrowserElement() const;
bool IsJSPlugin() const;
int32_t JSPluginId() const;
@ -95,7 +88,7 @@ class TabContext {
*/
void SetFirstPartyDomainAttributes(const nsAString& aFirstPartyDomain);
bool SetTabContext(bool aIsMozBrowserElement, uint64_t aChromeOuterWindowID,
bool SetTabContext(uint64_t aChromeOuterWindowID,
UIStateChangeType aShowFocusRings,
const OriginAttributes& aOriginAttributes,
const nsAString& aPresentationURL,
@ -106,7 +99,7 @@ class TabContext {
* case triggered by nsFrameLoader::SwapWithOtherRemoteLoader which may have
* caused the owner content to change.
*
* This special case only allows the field `mIsMozBrowserElement` to be
* This special case only allows the field `mChromeOuterWindowID` to be
* changed. If any other fields have changed, the update is ignored and
* returns false.
*/
@ -132,14 +125,6 @@ class TabContext {
*/
bool mInitialized;
/**
* Whether this TabContext corresponds to a mozbrowser.
*
* <iframe mozbrowser> and <xul:browser> are not considered to be
* mozbrowser elements.
*/
bool mIsMozBrowserElement;
/**
* The outerWindowID of the window hosting the remote frameloader.
*/
@ -179,14 +164,14 @@ class MutableTabContext : public TabContext {
return TabContext::SetTabContext(aContext);
}
bool SetTabContext(bool aIsMozBrowserElement, uint64_t aChromeOuterWindowID,
bool SetTabContext(uint64_t aChromeOuterWindowID,
UIStateChangeType aShowFocusRings,
const OriginAttributes& aOriginAttributes,
const nsAString& aPresentationURL,
uint32_t aMaxTouchPoints) {
return TabContext::SetTabContext(aIsMozBrowserElement, aChromeOuterWindowID,
aShowFocusRings, aOriginAttributes,
aPresentationURL, aMaxTouchPoints);
return TabContext::SetTabContext(aChromeOuterWindowID, aShowFocusRings,
aOriginAttributes, aPresentationURL,
aMaxTouchPoints);
}
bool SetTabContextForJSPluginFrame(uint32_t aJSPluginID) {