From 3fafd876712832ddc69f5c36772c18d36584841e Mon Sep 17 00:00:00 2001
From: Andrea Marchesini <amarchesini@mozilla.com>
Date: Wed, 22 Jul 2015 17:01:55 +0100
Subject: [PATCH] Bug 1185360 - PostMessageEvent should not have a different
 behavior if the main principal subsumes the destination one., r=smaug

---
 dom/base/PostMessageEvent.cpp | 9 +++------
 dom/base/PostMessageEvent.h   | 3 +--
 dom/base/nsGlobalWindow.cpp   | 5 +----
 3 files changed, 5 insertions(+), 12 deletions(-)

diff --git a/dom/base/PostMessageEvent.cpp b/dom/base/PostMessageEvent.cpp
index de292e2cc1ba..cbcb7bdba3f9 100644
--- a/dom/base/PostMessageEvent.cpp
+++ b/dom/base/PostMessageEvent.cpp
@@ -26,7 +26,6 @@ namespace {
 struct StructuredCloneInfo
 {
   PostMessageEvent* event;
-  bool subsumes;
   nsPIDOMWindow* window;
 
   // This hashtable contains the transferred ports - used to avoid duplicates.
@@ -117,7 +116,7 @@ PostMessageEvent::WriteStructuredClone(JSContext* cx,
   // See if this is a File/Blob object.
   {
     Blob* blob = nullptr;
-    if (scInfo->subsumes && NS_SUCCEEDED(UNWRAP_OBJECT(Blob, obj, blob))) {
+    if (NS_SUCCEEDED(UNWRAP_OBJECT(Blob, obj, blob))) {
       BlobImpl* blobImpl = blob->Impl();
       if (JS_WriteUint32Pair(writer, SCTAG_DOM_BLOB, 0) &&
           JS_WriteBytes(writer, &blobImpl, sizeof(blobImpl))) {
@@ -135,7 +134,7 @@ PostMessageEvent::WriteStructuredClone(JSContext* cx,
     nsISupports* supports = wrappedNative->Native();
 
     nsCOMPtr<nsIDOMFileList> list = do_QueryInterface(supports);
-    if (list && scInfo->subsumes)
+    if (list)
       scTag = SCTAG_DOM_FILELIST;
 
     if (scTag)
@@ -379,15 +378,13 @@ PostMessageEvent::Run()
 
 bool
 PostMessageEvent::Write(JSContext* aCx, JS::Handle<JS::Value> aMessage,
-                        JS::Handle<JS::Value> aTransfer, bool aSubsumes,
-                        nsPIDOMWindow* aWindow)
+                        JS::Handle<JS::Value> aTransfer, nsPIDOMWindow* aWindow)
 {
   // We *must* clone the data here, or the JS::Value could be modified
   // by script
   StructuredCloneInfo scInfo;
   scInfo.event = this;
   scInfo.window = aWindow;
-  scInfo.subsumes = aSubsumes;
 
   return mBuffer.write(aCx, aMessage, aTransfer, &sPostMessageCallbacks,
                        &scInfo);
diff --git a/dom/base/PostMessageEvent.h b/dom/base/PostMessageEvent.h
index 5323ca85d462..80cd5da10e36 100644
--- a/dom/base/PostMessageEvent.h
+++ b/dom/base/PostMessageEvent.h
@@ -39,8 +39,7 @@ public:
                    bool aTrustedCaller);
 
   bool Write(JSContext* aCx, JS::Handle<JS::Value> aMessage,
-             JS::Handle<JS::Value> aTransfer, bool aSubsumes,
-             nsPIDOMWindow* aWindow);
+             JS::Handle<JS::Value> aTransfer, nsPIDOMWindow* aWindow);
 
 private:
   ~PostMessageEvent();
diff --git a/dom/base/nsGlobalWindow.cpp b/dom/base/nsGlobalWindow.cpp
index 6ecadee3e4ef..4280489f67bf 100644
--- a/dom/base/nsGlobalWindow.cpp
+++ b/dom/base/nsGlobalWindow.cpp
@@ -8561,13 +8561,10 @@ nsGlobalWindow::PostMessageMozOuter(JSContext* aCx, JS::Handle<JS::Value> aMessa
                          providedPrincipal,
                          nsContentUtils::IsCallerChrome());
 
-  nsIPrincipal* principal = GetPrincipal();
   JS::Rooted<JS::Value> message(aCx, aMessage);
   JS::Rooted<JS::Value> transfer(aCx, aTransfer);
-  bool subsumes;
 
-  if (NS_FAILED(callerPrin->Subsumes(principal, &subsumes)) ||
-      !event->Write(aCx, message, transfer, subsumes, this)) {
+  if (!event->Write(aCx, message, transfer, this)) {
     aError.Throw(NS_ERROR_DOM_DATA_CLONE_ERR);
     return;
   }