From 32b5faa0351c2521c7177d68e471e12a9ff3c6d9 Mon Sep 17 00:00:00 2001 From: Boris Zbarsky Date: Fri, 20 Apr 2018 23:04:45 -0400 Subject: [PATCH] Bug 1453869 part 12. Make the DOMParser constructor require a principal. r=mrbkap We always have one now. So we can remove all the codepaths that attempted to handle the !mPrincipal case. We can also remove the nsContentUtils::IsSystemPrincipal(mPrincipal) codepaths, because that can never happen: DOMParser::Constructor never creates a DOMParser with a system principal. MozReview-Commit-ID: EUrGoiI0o3u --- dom/base/DOMParser.cpp | 82 ++++++--------------- dom/base/DOMParser.h | 16 +--- dom/locales/en-US/chrome/dom/dom.properties | 1 - 3 files changed, 24 insertions(+), 75 deletions(-) diff --git a/dom/base/DOMParser.cpp b/dom/base/DOMParser.cpp index 38df24314e6e..670d8c4f45c0 100644 --- a/dom/base/DOMParser.cpp +++ b/dom/base/DOMParser.cpp @@ -28,6 +28,16 @@ using namespace mozilla; using namespace mozilla::dom; +DOMParser::DOMParser(nsISupports* aOwner, nsIPrincipal* aDocPrincipal) + : mOwner(aOwner) + , mPrincipal(aDocPrincipal) + , mAttemptedInit(false) + , mForceEnableXULXBL(false) +{ + MOZ_ASSERT(aOwner); + MOZ_ASSERT(aDocPrincipal); +} + DOMParser::~DOMParser() { } @@ -230,56 +240,21 @@ DOMParser::ParseFromStream(nsIInputStream* aStream, } nsresult -DOMParser::Init(nsIPrincipal* principal, nsIURI* documentURI, - nsIURI* baseURI, nsIGlobalObject* aScriptObject) +DOMParser::Init(nsIURI* documentURI, nsIURI* baseURI, + nsIGlobalObject* aScriptObject) { NS_ENSURE_STATE(!mAttemptedInit); mAttemptedInit = true; - NS_ENSURE_ARG(principal || documentURI); mDocumentURI = documentURI; if (!mDocumentURI) { - principal->GetURI(getter_AddRefs(mDocumentURI)); - // If we have the system principal, then we'll just use the null principals - // uri. - if (!mDocumentURI && !nsContentUtils::IsSystemPrincipal(principal)) { + mPrincipal->GetURI(getter_AddRefs(mDocumentURI)); + if (!mDocumentURI) { return NS_ERROR_INVALID_ARG; } } mScriptHandlingObject = do_GetWeakReference(aScriptObject); - mPrincipal = principal; - nsresult rv; - if (!mPrincipal) { - // BUG 1237080 -- in this case we're getting a chrome privilege scripted - // DOMParser object creation without an explicit principal set. This is - // now deprecated. - nsContentUtils::ReportToConsole(nsIScriptError::warningFlag, - NS_LITERAL_CSTRING("DOM"), - nullptr, - nsContentUtils::eDOM_PROPERTIES, - "ChromeScriptedDOMParserWithoutPrincipal", - nullptr, - 0, - documentURI); - - OriginAttributes attrs; - mPrincipal = BasePrincipal::CreateCodebasePrincipal(mDocumentURI, attrs); - NS_ENSURE_TRUE(mPrincipal, NS_ERROR_FAILURE); - } else { - if (nsContentUtils::IsSystemPrincipal(mPrincipal)) { - // Don't give DOMParsers the system principal. Use a null - // principal instead. - mForceEnableXULXBL = true; - mPrincipal = NullPrincipal::CreateWithoutOriginAttributes(); - - if (!mDocumentURI) { - rv = mPrincipal->GetURI(getter_AddRefs(mDocumentURI)); - NS_ENSURE_SUCCESS(rv, rv); - } - } - } - mBaseURI = baseURI; MOZ_ASSERT(mPrincipal, "Must have principal"); @@ -292,15 +267,12 @@ DOMParser::Constructor(const GlobalObject& aOwner, ErrorResult& rv) { MOZ_ASSERT(NS_IsMainThread()); - RefPtr domParser = new DOMParser(aOwner.GetAsSupports()); - nsCOMPtr docPrincipal = aOwner.GetSubjectPrincipal(); nsIURI* documentURI = nullptr; nsIURI* baseURI = nullptr; if (nsContentUtils::IsSystemPrincipal(docPrincipal)) { docPrincipal = NullPrincipal::CreateWithoutOriginAttributes(); } else { - AttemptedInitMarker marker(&domParser->mAttemptedInit); // Grab document and base URIs off the window our constructor was // called on. Error out if anything untoward happens. nsCOMPtr window = do_QueryInterface(aOwner.GetAsSupports()); @@ -317,8 +289,11 @@ DOMParser::Constructor(const GlobalObject& aOwner, } } + RefPtr domParser = new DOMParser(aOwner.GetAsSupports(), + docPrincipal); + nsCOMPtr global = do_QueryInterface(aOwner.GetAsSupports()); - rv = domParser->Init(docPrincipal, documentURI, baseURI, global); + rv = domParser->Init(documentURI, baseURI, global); if (rv.Failed()) { return nullptr; } @@ -335,30 +310,15 @@ DOMParser::SetUpDocument(DocumentFlavor aFlavor, ErrorResult& aRv) // off of nsIScriptGlobalObject, but that's a yak to shave another day. nsCOMPtr scriptHandlingObject = do_QueryReferent(mScriptHandlingObject); - nsresult rv; - if (!mPrincipal) { - if (NS_WARN_IF(mAttemptedInit)) { - aRv.Throw(NS_ERROR_NOT_INITIALIZED); - return nullptr; - } - AttemptedInitMarker marker(&mAttemptedInit); - - nsCOMPtr prin = NullPrincipal::CreateWithoutOriginAttributes(); - rv = Init(prin, nullptr, nullptr, scriptHandlingObject); - if (NS_WARN_IF(NS_FAILED(rv))) { - aRv.Throw(rv); - return nullptr; - } - } // Try to inherit a style backend. NS_ASSERTION(mPrincipal, "Must have principal by now"); NS_ASSERTION(mDocumentURI, "Must have document URI by now"); nsCOMPtr domDoc; - rv = NS_NewDOMDocument(getter_AddRefs(domDoc), EmptyString(), EmptyString(), - nullptr, mDocumentURI, mBaseURI, mPrincipal, - true, scriptHandlingObject, aFlavor); + nsresult rv = NS_NewDOMDocument(getter_AddRefs(domDoc), EmptyString(), EmptyString(), + nullptr, mDocumentURI, mBaseURI, mPrincipal, + true, scriptHandlingObject, aFlavor); if (NS_WARN_IF(NS_FAILED(rv))) { aRv.Throw(rv); return nullptr; diff --git a/dom/base/DOMParser.h b/dom/base/DOMParser.h index c7afd8179304..2f53e0374b2e 100644 --- a/dom/base/DOMParser.h +++ b/dom/base/DOMParser.h @@ -78,13 +78,7 @@ public: } private: - explicit DOMParser(nsISupports* aOwner) - : mOwner(aOwner) - , mAttemptedInit(false) - , mForceEnableXULXBL(false) - { - MOZ_ASSERT(aOwner); - } + DOMParser(nsISupports* aOwner, nsIPrincipal* aDocPrincipal); /** * Initialize the principal and document and base URIs that the parser should @@ -94,10 +88,6 @@ private: * called once. If this method fails, all following parse attempts will * fail. * - * @param principal The principal to use for documents we create. - * If this is null, a codebase principal will be created - * based on documentURI; in that case the documentURI must - * be non-null. * @param documentURI The documentURI to use for the documents we create. * If null, the principal's URI will be used; * in that case, the principal must be non-null and its @@ -107,8 +97,8 @@ private: * @param scriptObject The object from which the context for event handling * can be got. */ - nsresult Init(nsIPrincipal* aPrincipal, nsIURI* aDocumentURI, - nsIURI* aBaseURI, nsIGlobalObject* aSriptObjet); + nsresult Init(nsIURI* aDocumentURI, nsIURI* aBaseURI, + nsIGlobalObject* aSriptObjet); already_AddRefed SetUpDocument(DocumentFlavor aFlavor, diff --git a/dom/locales/en-US/chrome/dom/dom.properties b/dom/locales/en-US/chrome/dom/dom.properties index 0890b43f6212..c39fee756fc8 100644 --- a/dom/locales/en-US/chrome/dom/dom.properties +++ b/dom/locales/en-US/chrome/dom/dom.properties @@ -297,7 +297,6 @@ PreventDefaultFromPassiveListenerWarning=Ignoring ‘preventDefault()’ call on FileLastModifiedDateWarning=File.lastModifiedDate is deprecated. Use File.lastModified instead. # LOCALIZATION NOTE: 'ImageBitmapRenderingContext.transferImageBitmap' and 'ImageBitmapRenderingContext.transferFromImageBitmap' should not be translated ImageBitmapRenderingContext_TransferImageBitmap=ImageBitmapRenderingContext.transferImageBitmap is deprecated and will be removed soon. Use ImageBitmapRenderingContext.transferFromImageBitmap instead. -ChromeScriptedDOMParserWithoutPrincipal=Creating DOMParser without a principal is deprecated. IIRFilterChannelCountChangeWarning=IIRFilterNode channel count changes may produce audio glitches. BiquadFilterChannelCountChangeWarning=BiquadFilterNode channel count changes may produce audio glitches. # LOCALIZATION NOTE: Do not translate ".jpeg"