Bug 1453869 part 12. Make the DOMParser constructor require a principal. r=mrbkap

We always have one now.  So we can remove all the codepaths that attempted to
handle the !mPrincipal case.

We can also remove the nsContentUtils::IsSystemPrincipal(mPrincipal) codepaths,
because that can never happen: DOMParser::Constructor never creates a DOMParser
with a system principal.

MozReview-Commit-ID: EUrGoiI0o3u

dom/base/DOMParser.cpp

@@ -28,6 +28,16 @@
 using namespace mozilla;
 using namespace mozilla::dom;
 
+DOMParser::DOMParser(nsISupports* aOwner, nsIPrincipal* aDocPrincipal)
+  : mOwner(aOwner)
+  , mPrincipal(aDocPrincipal)
+  , mAttemptedInit(false)
+  , mForceEnableXULXBL(false)
+{
+  MOZ_ASSERT(aOwner);
+  MOZ_ASSERT(aDocPrincipal);
+}
+
 DOMParser::~DOMParser()
 {
 }
@@ -230,56 +240,21 @@ DOMParser::ParseFromStream(nsIInputStream* aStream,
 }
 
 nsresult
-DOMParser::Init(nsIPrincipal* principal, nsIURI* documentURI,
+DOMParser::Init(nsIURI* documentURI, nsIURI* baseURI,
-                nsIURI* baseURI, nsIGlobalObject* aScriptObject)
+                nsIGlobalObject* aScriptObject)
 {
   NS_ENSURE_STATE(!mAttemptedInit);
   mAttemptedInit = true;
-  NS_ENSURE_ARG(principal || documentURI);
   mDocumentURI = documentURI;
 
   if (!mDocumentURI) {
-    principal->GetURI(getter_AddRefs(mDocumentURI));
+    mPrincipal->GetURI(getter_AddRefs(mDocumentURI));
-    // If we have the system principal, then we'll just use the null principals
+    if (!mDocumentURI) {
-    // uri.
-    if (!mDocumentURI && !nsContentUtils::IsSystemPrincipal(principal)) {
       return NS_ERROR_INVALID_ARG;
     }
   }
 
   mScriptHandlingObject = do_GetWeakReference(aScriptObject);
-  mPrincipal = principal;
-  nsresult rv;
-  if (!mPrincipal) {
-    // BUG 1237080 -- in this case we're getting a chrome privilege scripted
-    // DOMParser object creation without an explicit principal set.  This is
-    // now deprecated.
-    nsContentUtils::ReportToConsole(nsIScriptError::warningFlag,
-                                    NS_LITERAL_CSTRING("DOM"),
-                                    nullptr,
-                                    nsContentUtils::eDOM_PROPERTIES,
-                                    "ChromeScriptedDOMParserWithoutPrincipal",
-                                    nullptr,
-                                    0,
-                                    documentURI);
-
-    OriginAttributes attrs;
-    mPrincipal = BasePrincipal::CreateCodebasePrincipal(mDocumentURI, attrs);
-    NS_ENSURE_TRUE(mPrincipal, NS_ERROR_FAILURE);
-  } else {
-    if (nsContentUtils::IsSystemPrincipal(mPrincipal)) {
-      // Don't give DOMParsers the system principal.  Use a null
-      // principal instead.
-      mForceEnableXULXBL = true;
-      mPrincipal = NullPrincipal::CreateWithoutOriginAttributes();
-
-      if (!mDocumentURI) {
-        rv = mPrincipal->GetURI(getter_AddRefs(mDocumentURI));
-        NS_ENSURE_SUCCESS(rv, rv);
-      }
-    }
-  }
-
   mBaseURI = baseURI;
 
   MOZ_ASSERT(mPrincipal, "Must have principal");
@@ -292,15 +267,12 @@ DOMParser::Constructor(const GlobalObject& aOwner,
                        ErrorResult& rv)
 {
   MOZ_ASSERT(NS_IsMainThread());
-  RefPtr<DOMParser> domParser = new DOMParser(aOwner.GetAsSupports());
-
   nsCOMPtr<nsIPrincipal> docPrincipal = aOwner.GetSubjectPrincipal();
   nsIURI* documentURI = nullptr;
   nsIURI* baseURI = nullptr;
   if (nsContentUtils::IsSystemPrincipal(docPrincipal)) {
     docPrincipal = NullPrincipal::CreateWithoutOriginAttributes();
   } else {
-    AttemptedInitMarker marker(&domParser->mAttemptedInit);
     // Grab document and base URIs off the window our constructor was
     // called on. Error out if anything untoward happens.
     nsCOMPtr<nsPIDOMWindowInner> window = do_QueryInterface(aOwner.GetAsSupports());
@@ -317,8 +289,11 @@ DOMParser::Constructor(const GlobalObject& aOwner,
     }
   }
 
+  RefPtr<DOMParser> domParser = new DOMParser(aOwner.GetAsSupports(),
+                                              docPrincipal);
+
   nsCOMPtr<nsIGlobalObject> global = do_QueryInterface(aOwner.GetAsSupports());
-  rv = domParser->Init(docPrincipal, documentURI, baseURI, global);
+  rv = domParser->Init(documentURI, baseURI, global);
   if (rv.Failed()) {
     return nullptr;
   }
@@ -335,30 +310,15 @@ DOMParser::SetUpDocument(DocumentFlavor aFlavor, ErrorResult& aRv)
   // off of nsIScriptGlobalObject, but that's a yak to shave another day.
   nsCOMPtr<nsIScriptGlobalObject> scriptHandlingObject =
     do_QueryReferent(mScriptHandlingObject);
-  nsresult rv;
-  if (!mPrincipal) {
-    if (NS_WARN_IF(mAttemptedInit)) {
-      aRv.Throw(NS_ERROR_NOT_INITIALIZED);
-      return nullptr;
-    }
-    AttemptedInitMarker marker(&mAttemptedInit);
-
-    nsCOMPtr<nsIPrincipal> prin = NullPrincipal::CreateWithoutOriginAttributes();
-    rv = Init(prin, nullptr, nullptr, scriptHandlingObject);
-    if (NS_WARN_IF(NS_FAILED(rv))) {
-      aRv.Throw(rv);
-      return nullptr;
-    }
-  }
 
   // Try to inherit a style backend.
   NS_ASSERTION(mPrincipal, "Must have principal by now");
   NS_ASSERTION(mDocumentURI, "Must have document URI by now");
 
   nsCOMPtr<nsIDOMDocument> domDoc;
-  rv = NS_NewDOMDocument(getter_AddRefs(domDoc), EmptyString(), EmptyString(),
+  nsresult rv = NS_NewDOMDocument(getter_AddRefs(domDoc), EmptyString(), EmptyString(),
-                         nullptr, mDocumentURI, mBaseURI, mPrincipal,
+                                  nullptr, mDocumentURI, mBaseURI, mPrincipal,
-                         true, scriptHandlingObject, aFlavor);
+                                  true, scriptHandlingObject, aFlavor);
   if (NS_WARN_IF(NS_FAILED(rv))) {
     aRv.Throw(rv);
     return nullptr;

dom/base/DOMParser.h

@@ -78,13 +78,7 @@ public:
   }
 
 private:
-  explicit DOMParser(nsISupports* aOwner)
+  DOMParser(nsISupports* aOwner, nsIPrincipal* aDocPrincipal);
-    : mOwner(aOwner)
-    , mAttemptedInit(false)
-    , mForceEnableXULXBL(false)
-  {
-    MOZ_ASSERT(aOwner);
-  }
 
   /**
    * Initialize the principal and document and base URIs that the parser should
@@ -94,10 +88,6 @@ private:
    * called once.  If this method fails, all following parse attempts will
    * fail.
    *
-   * @param principal The principal to use for documents we create.
-   *                  If this is null, a codebase principal will be created
-   *                  based on documentURI; in that case the documentURI must
-   *                  be non-null.
    * @param documentURI The documentURI to use for the documents we create.
    *                    If null, the principal's URI will be used;
    *                    in that case, the principal must be non-null and its
@@ -107,8 +97,8 @@ private:
    * @param scriptObject The object from which the context for event handling
    *                     can be got.
    */
-  nsresult Init(nsIPrincipal* aPrincipal, nsIURI* aDocumentURI,
+  nsresult Init(nsIURI* aDocumentURI, nsIURI* aBaseURI,
-                nsIURI* aBaseURI, nsIGlobalObject* aSriptObjet);
+                nsIGlobalObject* aSriptObjet);
 
 
   already_AddRefed<nsIDocument> SetUpDocument(DocumentFlavor aFlavor,

dom/locales/en-US/chrome/dom/dom.properties

@@ -297,7 +297,6 @@ PreventDefaultFromPassiveListenerWarning=Ignoring ‘preventDefault()’ call on
 FileLastModifiedDateWarning=File.lastModifiedDate is deprecated. Use File.lastModified instead.
 # LOCALIZATION NOTE: 'ImageBitmapRenderingContext.transferImageBitmap' and 'ImageBitmapRenderingContext.transferFromImageBitmap' should not be translated
 ImageBitmapRenderingContext_TransferImageBitmap=ImageBitmapRenderingContext.transferImageBitmap is deprecated and will be removed soon. Use ImageBitmapRenderingContext.transferFromImageBitmap instead.
-ChromeScriptedDOMParserWithoutPrincipal=Creating DOMParser without a principal is deprecated.
 IIRFilterChannelCountChangeWarning=IIRFilterNode channel count changes may produce audio glitches.
 BiquadFilterChannelCountChangeWarning=BiquadFilterNode channel count changes may produce audio glitches.
 # LOCALIZATION NOTE: Do not translate ".jpeg"