Bug 1582512 - Disable script filename restrictions in Marionette r=jandem,marionette-reviewers,whimboo

Differential Revision: https://phabricator.services.mozilla.com/D51676 --HG-- extra : moz-landing-system : lando
2019-11-18 20:59:41 +00:00 · 2019-11-18 20:59:41 +00:00 · 3a72c5e713
--- a/js/xpconnect/idl/xpccomponents.idl
+++ b/js/xpconnect/idl/xpccomponents.idl
@ -136,7 +136,8 @@ interface nsIXPCComponents_Utils : nsISupports
    jsval evalInSandbox(in AString source, in jsval sandbox,
                        [optional] in jsval version,
                        [optional] in AUTF8String filename,
-                        [optional] in long lineNo);
+                        [optional] in long lineNo,
+                        [optional] in bool enforceFilenameRestrictions);

    /*
     * Get the sandbox for running JS-implemented UA widgets (video controls etc.),
--- a/js/xpconnect/src/Sandbox.cpp
+++ b/js/xpconnect/src/Sandbox.cpp
@ -1881,7 +1881,8 @@ nsresult nsXPCComponents_utils_Sandbox::CallOrConstruct(

 nsresult xpc::EvalInSandbox(JSContext* cx, HandleObject sandboxArg,
                            const nsAString& source, const nsACString& filename,
-                            int32_t lineNo, MutableHandleValue rval) {
+                            int32_t lineNo, bool enforceFilenameRestrictions,
+                            MutableHandleValue rval) {
  JS_AbortIfWrongThread(cx);
  rval.set(UndefinedValue());

@ -1923,6 +1924,7 @@ nsresult xpc::EvalInSandbox(JSContext* cx, HandleObject sandboxArg,

    JS::CompileOptions options(sandcx);
    options.setFileAndLine(filenameBuf.get(), lineNo);
+    options.setSkipFilenameValidation(!enforceFilenameRestrictions);
    MOZ_ASSERT(JS_IsGlobalObject(sandbox));

    const nsPromiseFlatString& flat = PromiseFlatString(source);
--- a/js/xpconnect/src/XPCComponents.cpp
+++ b/js/xpconnect/src/XPCComponents.cpp
@ -1448,8 +1448,9 @@ nsXPCComponents_Utils::ReportError(HandleValue error, HandleValue stack,
 NS_IMETHODIMP
 nsXPCComponents_Utils::EvalInSandbox(
    const nsAString& source, HandleValue sandboxVal, HandleValue version,
-    const nsACString& filenameArg, int32_t lineNumber, JSContext* cx,
-    uint8_t optionalArgc, MutableHandleValue retval) {
+    const nsACString& filenameArg, int32_t lineNumber,
+    bool enforceFilenameRestrictions, JSContext* cx, uint8_t optionalArgc,
+    MutableHandleValue retval) {
  RootedObject sandbox(cx);
  if (!JS_ValueToObject(cx, sandboxVal, &sandbox) || !sandbox) {
    return NS_ERROR_INVALID_ARG;
@ -1472,8 +1473,11 @@ nsXPCComponents_Utils::EvalInSandbox(
      lineNo = frame->GetLineNumber(cx);
    }
  }
+  enforceFilenameRestrictions =
+      (optionalArgc >= 4) ? enforceFilenameRestrictions : true;

-  return xpc::EvalInSandbox(cx, sandbox, source, filename, lineNo, retval);
+  return xpc::EvalInSandbox(cx, sandbox, source, filename, lineNo,
+                            enforceFilenameRestrictions, retval);
 }

 NS_IMETHODIMP
--- a/js/xpconnect/src/nsXPConnect.cpp
+++ b/js/xpconnect/src/nsXPConnect.cpp
@ -777,7 +777,8 @@ nsXPConnect::EvalInSandboxObject(const nsAString& source, const char* filename,
  } else {
    filenameStr = NS_LITERAL_CSTRING("x-bogus://XPConnect/Sandbox");
  }
-  return EvalInSandbox(cx, sandbox, source, filenameStr, 1, rval);
+  return EvalInSandbox(cx, sandbox, source, filenameStr, 1,
+                       /* enforceFilenameRestrictions */ true, rval);
 }

 NS_IMETHODIMP
--- a/js/xpconnect/src/xpcprivate.h
+++ b/js/xpconnect/src/xpcprivate.h
@ -2502,7 +2502,8 @@ nsresult CreateSandboxObject(JSContext* cx, JS::MutableHandleValue vp,
 // principal and line number 1 as a fallback.
 nsresult EvalInSandbox(JSContext* cx, JS::HandleObject sandbox,
                       const nsAString& source, const nsACString& filename,
-                       int32_t lineNo, JS::MutableHandleValue rval);
+                       int32_t lineNo, bool enforceFilenameRestrictions,
+                       JS::MutableHandleValue rval);

 // Helper for retrieving metadata stored in a reserved slot. The metadata
 // is set during the sandbox creation using the "metadata" option.
--- a/testing/marionette/evaluate.js
+++ b/testing/marionette/evaluate.js
@ -135,7 +135,14 @@ evaluate.sandbox = function(
    marionetteSandbox.window.addEventListener("unload", unloadHandler);

    let promises = [
-      Cu.evalInSandbox(src, sb, "1.8", file, line),
+      Cu.evalInSandbox(
+        src,
+        sb,
+        "1.8",
+        file,
+        line,
+        /* enforceFilenameRestrictions */ false
+      ),
      timeoutPromise,
    ];