зеркало из https://github.com/mozilla/gecko-dev.git
Backed out changeset d71d95c73542 (bug 1347817)
This commit is contained in:
Родитель
f61a4826a3
Коммит
32c96bb13a
|
@ -56,7 +56,11 @@ NS_IMETHODIMP
|
|||
BasePrincipal::GetOriginNoSuffix(nsACString& aOrigin)
|
||||
{
|
||||
MOZ_ASSERT(mInitialized);
|
||||
return mOriginNoSuffix->ToUTF8String(aOrigin);
|
||||
|
||||
if (mOriginNoSuffix) {
|
||||
return mOriginNoSuffix->ToUTF8String(aOrigin);
|
||||
}
|
||||
return GetOriginNoSuffixInternal(aOrigin);
|
||||
}
|
||||
|
||||
bool
|
||||
|
@ -457,8 +461,7 @@ BasePrincipal::AddonAllowsLoad(nsIURI* aURI, bool aExplicit /* = false */)
|
|||
}
|
||||
|
||||
void
|
||||
BasePrincipal::FinishInit(const nsACString& aOriginNoSuffix,
|
||||
const OriginAttributes& aOriginAttributes)
|
||||
BasePrincipal::FinishInit(const OriginAttributes& aOriginAttributes)
|
||||
{
|
||||
mInitialized = true;
|
||||
mOriginAttributes = aOriginAttributes;
|
||||
|
@ -468,8 +471,17 @@ BasePrincipal::FinishInit(const nsACString& aOriginNoSuffix,
|
|||
mOriginAttributes.CreateSuffix(originSuffix);
|
||||
mOriginSuffix = NS_Atomize(originSuffix);
|
||||
|
||||
MOZ_ASSERT(!aOriginNoSuffix.IsEmpty());
|
||||
mOriginNoSuffix = NS_Atomize(aOriginNoSuffix);
|
||||
// Then compute the origin without the suffix.
|
||||
nsAutoCString originNoSuffix;
|
||||
nsresult rv = GetOriginNoSuffixInternal(originNoSuffix);
|
||||
if (NS_FAILED(rv)) {
|
||||
// If GetOriginNoSuffixInternal fails, we will get a null atom for
|
||||
// mOriginNoSuffix, which we deal with anywhere mOriginNoSuffix is used.
|
||||
// Once this is made infallible we can remove those null checks.
|
||||
mOriginNoSuffix = nullptr;
|
||||
return;
|
||||
}
|
||||
mOriginNoSuffix = NS_Atomize(originNoSuffix);
|
||||
}
|
||||
|
||||
} // namespace mozilla
|
||||
|
|
|
@ -104,6 +104,7 @@ public:
|
|||
protected:
|
||||
virtual ~BasePrincipal();
|
||||
|
||||
virtual nsresult GetOriginNoSuffixInternal(nsACString& aOrigin) = 0;
|
||||
// Note that this does not check OriginAttributes. Callers that depend on
|
||||
// those must call Subsumes instead.
|
||||
virtual bool SubsumesInternal(nsIPrincipal* aOther, DocumentDomainConsideration aConsider) = 0;
|
||||
|
@ -123,16 +124,14 @@ protected:
|
|||
// This function should be called as the last step of the initialization of the
|
||||
// principal objects. It's typically called as the last step from the Init()
|
||||
// method of the child classes.
|
||||
void FinishInit(const nsACString& aOriginNoSuffix,
|
||||
const OriginAttributes& aOriginAttributes);
|
||||
void FinishInit(const OriginAttributes& aOriginAttributes);
|
||||
|
||||
nsCOMPtr<nsIContentSecurityPolicy> mCSP;
|
||||
nsCOMPtr<nsIContentSecurityPolicy> mPreloadCSP;
|
||||
|
||||
private:
|
||||
nsCOMPtr<nsIAtom> mOriginNoSuffix;
|
||||
nsCOMPtr<nsIAtom> mOriginSuffix;
|
||||
|
||||
private:
|
||||
OriginAttributes mOriginAttributes;
|
||||
PrincipalKind mKind;
|
||||
bool mHasExplicitDomain;
|
||||
|
|
|
@ -115,13 +115,7 @@ ContentPrincipal::Init(nsIURI *aCodebase,
|
|||
mCodebase = NS_TryToMakeImmutable(aCodebase);
|
||||
mCodebaseImmutable = URIIsImmutable(mCodebase);
|
||||
|
||||
nsAutoCString originNoSuffix;
|
||||
nsresult rv = GenerateOriginNoSuffixFromURI(mCodebase, originNoSuffix);
|
||||
if (NS_WARN_IF(NS_FAILED(rv))) {
|
||||
return rv;
|
||||
}
|
||||
|
||||
FinishInit(originNoSuffix, aOriginAttributes);
|
||||
FinishInit(aOriginAttributes);
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
|
@ -132,15 +126,14 @@ ContentPrincipal::GetScriptLocation(nsACString &aStr)
|
|||
return mCodebase->GetSpec(aStr);
|
||||
}
|
||||
|
||||
/* static */ nsresult
|
||||
ContentPrincipal::GenerateOriginNoSuffixFromURI(nsIURI* aURI,
|
||||
nsACString& aOriginNoSuffix)
|
||||
nsresult
|
||||
ContentPrincipal::GetOriginNoSuffixInternal(nsACString& aOrigin)
|
||||
{
|
||||
if (!aURI) {
|
||||
if (!mCodebase) {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIURI> origin = NS_GetInnermostURI(aURI);
|
||||
nsCOMPtr<nsIURI> origin = NS_GetInnermostURI(mCodebase);
|
||||
if (!origin) {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
@ -152,7 +145,7 @@ ContentPrincipal::GenerateOriginNoSuffixFromURI(nsIURI* aURI,
|
|||
NS_URIIsLocalFile(origin)) {
|
||||
// If strict file origin policy is not in effect, all local files are
|
||||
// considered to be same-origin, so return a known dummy origin here.
|
||||
aOriginNoSuffix.AssignLiteral("file://UNIVERSAL_FILE_URI_ORIGIN");
|
||||
aOrigin.AssignLiteral("file://UNIVERSAL_FILE_URI_ORIGIN");
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
@ -192,21 +185,21 @@ ContentPrincipal::GenerateOriginNoSuffixFromURI(nsIURI* aURI,
|
|||
// We check for moz-safe-about:blank since origin is an innermost URI.
|
||||
!origin->GetSpecOrDefault().EqualsLiteral("moz-safe-about:blank")) ||
|
||||
(NS_SUCCEEDED(origin->SchemeIs("indexeddb", &isBehaved)) && isBehaved)) {
|
||||
rv = origin->GetAsciiSpec(aOriginNoSuffix);
|
||||
rv = origin->GetAsciiSpec(aOrigin);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
// These URIs could technically contain a '^', but they never should.
|
||||
if (NS_WARN_IF(aOriginNoSuffix.FindChar('^', 0) != -1)) {
|
||||
aOriginNoSuffix.Truncate();
|
||||
if (NS_WARN_IF(aOrigin.FindChar('^', 0) != -1)) {
|
||||
aOrigin.Truncate();
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
if (NS_SUCCEEDED(rv) && !isChrome) {
|
||||
rv = origin->GetScheme(aOriginNoSuffix);
|
||||
rv = origin->GetScheme(aOrigin);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
aOriginNoSuffix.AppendLiteral("://");
|
||||
aOriginNoSuffix.Append(hostPort);
|
||||
aOrigin.AppendLiteral("://");
|
||||
aOrigin.Append(hostPort);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
@ -219,7 +212,7 @@ ContentPrincipal::GenerateOriginNoSuffixFromURI(nsIURI* aURI,
|
|||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
if (uriPrincipal) {
|
||||
return uriPrincipal->GetOriginNoSuffix(aOriginNoSuffix);
|
||||
return uriPrincipal->GetOriginNoSuffix(aOrigin);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -235,21 +228,21 @@ ContentPrincipal::GenerateOriginNoSuffixFromURI(nsIURI* aURI,
|
|||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
rv = origin->GetAsciiSpec(aOriginNoSuffix);
|
||||
rv = origin->GetAsciiSpec(aOrigin);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// The origin, when taken from the spec, should not contain the ref part of
|
||||
// the URL.
|
||||
|
||||
int32_t pos = aOriginNoSuffix.FindChar('?');
|
||||
int32_t hashPos = aOriginNoSuffix.FindChar('#');
|
||||
int32_t pos = aOrigin.FindChar('?');
|
||||
int32_t hashPos = aOrigin.FindChar('#');
|
||||
|
||||
if (hashPos != kNotFound && (pos == kNotFound || hashPos < pos)) {
|
||||
pos = hashPos;
|
||||
}
|
||||
|
||||
if (pos != kNotFound) {
|
||||
aOriginNoSuffix.Truncate(pos);
|
||||
aOrigin.Truncate(pos);
|
||||
}
|
||||
|
||||
return NS_OK;
|
||||
|
|
|
@ -27,6 +27,7 @@ public:
|
|||
NS_IMETHOD GetBaseDomain(nsACString& aBaseDomain) override;
|
||||
NS_IMETHOD GetAddonId(nsAString& aAddonId) override;
|
||||
bool IsCodebasePrincipal() const override { return true; }
|
||||
nsresult GetOriginNoSuffixInternal(nsACString& aOrigin) override;
|
||||
|
||||
ContentPrincipal();
|
||||
|
||||
|
@ -55,9 +56,6 @@ protected:
|
|||
bool MayLoadInternal(nsIURI* aURI) override;
|
||||
|
||||
private:
|
||||
static nsresult
|
||||
GenerateOriginNoSuffixFromURI(nsIURI* aURI, nsACString& aOriginNoSuffix);
|
||||
|
||||
mozilla::Maybe<nsString> mAddonIdCache;
|
||||
};
|
||||
|
||||
|
|
|
@ -24,10 +24,10 @@ struct OriginComparator
|
|||
{
|
||||
nsAutoCString originA;
|
||||
nsresult rv = a->GetOrigin(originA);
|
||||
MOZ_ASSERT(NS_SUCCEEDED(rv));
|
||||
NS_ENSURE_SUCCESS(rv, false);
|
||||
nsAutoCString originB;
|
||||
rv = b->GetOrigin(originB);
|
||||
MOZ_ASSERT(NS_SUCCEEDED(rv));
|
||||
NS_ENSURE_SUCCESS(rv, false);
|
||||
return originA < originB;
|
||||
}
|
||||
|
||||
|
@ -35,10 +35,10 @@ struct OriginComparator
|
|||
{
|
||||
nsAutoCString originA;
|
||||
nsresult rv = a->GetOrigin(originA);
|
||||
MOZ_ASSERT(NS_SUCCEEDED(rv));
|
||||
NS_ENSURE_SUCCESS(rv, false);
|
||||
nsAutoCString originB;
|
||||
rv = b->GetOrigin(originB);
|
||||
MOZ_ASSERT(NS_SUCCEEDED(rv));
|
||||
NS_ENSURE_SUCCESS(rv, false);
|
||||
return a == b;
|
||||
}
|
||||
};
|
||||
|
@ -62,22 +62,7 @@ ExpandedPrincipal::Create(nsTArray<nsCOMPtr<nsIPrincipal>>& aWhiteList,
|
|||
const OriginAttributes& aAttrs)
|
||||
{
|
||||
RefPtr<ExpandedPrincipal> ep = new ExpandedPrincipal(aWhiteList);
|
||||
|
||||
nsAutoCString origin;
|
||||
origin.AssignLiteral("[Expanded Principal [");
|
||||
for (size_t i = 0; i < ep->mPrincipals.Length(); ++i) {
|
||||
if (i != 0) {
|
||||
origin.AppendLiteral(", ");
|
||||
}
|
||||
|
||||
nsAutoCString subOrigin;
|
||||
nsresult rv = ep->mPrincipals.ElementAt(i)->GetOrigin(subOrigin);
|
||||
MOZ_ASSERT(NS_SUCCEEDED(rv));
|
||||
origin.Append(subOrigin);
|
||||
}
|
||||
origin.Append("]]");
|
||||
|
||||
ep->FinishInit(origin, aAttrs);
|
||||
ep->FinishInit(aAttrs);
|
||||
return ep.forget();
|
||||
}
|
||||
|
||||
|
@ -94,6 +79,25 @@ ExpandedPrincipal::SetDomain(nsIURI* aDomain)
|
|||
return NS_OK;
|
||||
}
|
||||
|
||||
nsresult
|
||||
ExpandedPrincipal::GetOriginNoSuffixInternal(nsACString& aOrigin)
|
||||
{
|
||||
aOrigin.AssignLiteral("[Expanded Principal [");
|
||||
for (size_t i = 0; i < mPrincipals.Length(); ++i) {
|
||||
if (i != 0) {
|
||||
aOrigin.AppendLiteral(", ");
|
||||
}
|
||||
|
||||
nsAutoCString subOrigin;
|
||||
nsresult rv = mPrincipals.ElementAt(i)->GetOrigin(subOrigin);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
aOrigin.Append(subOrigin);
|
||||
}
|
||||
|
||||
aOrigin.Append("]]");
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
bool
|
||||
ExpandedPrincipal::SubsumesInternal(nsIPrincipal* aOther,
|
||||
BasePrincipal::DocumentDomainConsideration aConsideration)
|
||||
|
|
|
@ -34,6 +34,7 @@ public:
|
|||
NS_IMETHOD GetAddonId(nsAString& aAddonId) override;
|
||||
virtual bool AddonHasPermission(const nsAString& aPerm) override;
|
||||
virtual nsresult GetScriptLocation(nsACString &aStr) override;
|
||||
nsresult GetOriginNoSuffixInternal(nsACString& aOrigin) override;
|
||||
|
||||
protected:
|
||||
explicit ExpandedPrincipal(nsTArray<nsCOMPtr<nsIPrincipal>> &aWhiteList);
|
||||
|
|
|
@ -84,11 +84,7 @@ NullPrincipal::Init(const OriginAttributes& aOriginAttributes, nsIURI* aURI)
|
|||
NS_ENSURE_TRUE(mURI, NS_ERROR_NOT_AVAILABLE);
|
||||
}
|
||||
|
||||
nsAutoCString originNoSuffix;
|
||||
nsresult rv = mURI->GetSpec(originNoSuffix);
|
||||
MOZ_ASSERT(NS_SUCCEEDED(rv));
|
||||
|
||||
FinishInit(originNoSuffix, aOriginAttributes);
|
||||
FinishInit(aOriginAttributes);
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
|
@ -145,6 +141,12 @@ NullPrincipal::SetDomain(nsIURI* aDomain)
|
|||
return NS_ERROR_NOT_AVAILABLE;
|
||||
}
|
||||
|
||||
nsresult
|
||||
NullPrincipal::GetOriginNoSuffixInternal(nsACString& aOrigin)
|
||||
{
|
||||
return mURI->GetSpec(aOrigin);
|
||||
}
|
||||
|
||||
bool
|
||||
NullPrincipal::MayLoadInternal(nsIURI* aURI)
|
||||
{
|
||||
|
|
|
@ -51,6 +51,7 @@ public:
|
|||
NS_IMETHOD SetDomain(nsIURI* aDomain) override;
|
||||
NS_IMETHOD GetBaseDomain(nsACString& aBaseDomain) override;
|
||||
NS_IMETHOD GetAddonId(nsAString& aAddonId) override;
|
||||
nsresult GetOriginNoSuffixInternal(nsACString& aOrigin) override;
|
||||
|
||||
static already_AddRefed<NullPrincipal> CreateWithInheritedAttributes(nsIPrincipal* aInheritFrom);
|
||||
|
||||
|
|
|
@ -35,8 +35,7 @@ already_AddRefed<SystemPrincipal>
|
|||
SystemPrincipal::Create()
|
||||
{
|
||||
RefPtr<SystemPrincipal> sp = new SystemPrincipal();
|
||||
sp->FinishInit(NS_LITERAL_CSTRING(SYSTEM_PRINCIPAL_SPEC),
|
||||
OriginAttributes());
|
||||
sp->FinishInit(OriginAttributes());
|
||||
return sp.forget();
|
||||
}
|
||||
|
||||
|
@ -65,6 +64,13 @@ SystemPrincipal::GetURI(nsIURI** aURI)
|
|||
return NS_OK;
|
||||
}
|
||||
|
||||
nsresult
|
||||
SystemPrincipal::GetOriginNoSuffixInternal(nsACString& aOrigin)
|
||||
{
|
||||
aOrigin.AssignLiteral(SYSTEM_PRINCIPAL_SPEC);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
SystemPrincipal::GetCsp(nsIContentSecurityPolicy** aCsp)
|
||||
{
|
||||
|
|
|
@ -43,6 +43,7 @@ public:
|
|||
NS_IMETHOD EnsurePreloadCSP(nsIDOMDocument* aDocument, nsIContentSecurityPolicy** aCSP) override;
|
||||
NS_IMETHOD GetBaseDomain(nsACString& aBaseDomain) override;
|
||||
NS_IMETHOD GetAddonId(nsAString& aAddonId) override;
|
||||
nsresult GetOriginNoSuffixInternal(nsACString& aOrigin) override;
|
||||
|
||||
virtual nsresult GetScriptLocation(nsACString &aStr) override;
|
||||
|
||||
|
|
Загрузка…
Ссылка в новой задаче