Bug 1388413 - ServiceWorkerClients::OpenWindow() should use the triggeringPrincipal, r=bz

This is done using a JS Sandbox with the triggering Principal.

dom/workers/ServiceWorkerClients.cpp

@@ -8,6 +8,7 @@
 
 #include "mozilla/dom/Promise.h"
 #include "mozilla/dom/PromiseWorkerProxy.h"
+#include "mozilla/JSObjectHolder.h"
 
 #include "ServiceWorkerClient.h"
 #include "ServiceWorkerManager.h"
@@ -670,6 +671,9 @@ private:
     MOZ_DIAGNOSTIC_ASSERT(aWindow);
     WorkerPrivate* workerPrivate = mPromiseProxy->GetWorkerPrivate();
 
+    nsCOMPtr<nsIPrincipal> triggeringPrincipal = workerPrivate->GetPrincipal();
+    MOZ_DIAGNOSTIC_ASSERT(triggeringPrincipal);
+
     // [[1. Let url be the result of parsing url with entry settings object's API
     //   base URL.]]
     nsCOMPtr<nsIURI> uri;
@@ -694,6 +698,25 @@ private:
     }
 
     if (XRE_IsContentProcess()) {
+
+      // Let's create a sandbox in order to have a valid JSContext and correctly
+      // propagate the SubjectPrincipal.
+      AutoJSAPI jsapi;
+      jsapi.Init();
+
+      JSContext* cx = jsapi.cx();
+
+      nsIXPConnect* xpc = nsContentUtils::XPConnect();
+      MOZ_ASSERT(xpc, "This should never be null!");
+
+      JS::Rooted<JSObject*> sandbox(cx);
+      rv = xpc->CreateSandbox(cx, triggeringPrincipal, sandbox.address());
+      if (NS_WARN_IF(NS_FAILED(rv))) {
+        return rv;
+      }
+
+      JSAutoCompartment ac(cx, sandbox);
+
       // ContentProcess
       nsCOMPtr<nsIWindowWatcher> wwatch =
         do_GetService(NS_WINDOWWATCHER_CONTRACTID, &rv);
@@ -754,9 +777,6 @@ private:
       return NS_ERROR_FAILURE;
     }
 
-    nsCOMPtr<nsIPrincipal> triggeringPrincipal = workerPrivate->GetPrincipal();
-    MOZ_DIAGNOSTIC_ASSERT(triggeringPrincipal);
-
     nsCOMPtr<mozIDOMWindowProxy> win;
     rv = bwin->OpenURI(uri, nullptr,
                        nsIBrowserDOMWindow::OPEN_DEFAULTWINDOW,