diff --git a/ipc/glue/BackgroundUtils.cpp b/ipc/glue/BackgroundUtils.cpp index 53ff9734e0fd..0fcd83e097eb 100644 --- a/ipc/glue/BackgroundUtils.cpp +++ b/ipc/glue/BackgroundUtils.cpp @@ -224,6 +224,10 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo, rv = PrincipalToPrincipalInfo(aLoadInfo->TriggeringPrincipal(), &triggeringPrincipalInfo); + PrincipalInfo principalToInheritInfo; + rv = PrincipalToPrincipalInfo(aLoadInfo->PrincipalToInherit(), + &principalToInheritInfo); + nsTArray redirectChainIncludingInternalRedirects; for (const nsCOMPtr& principal : aLoadInfo->RedirectChainIncludingInternalRedirects()) { rv = PrincipalToPrincipalInfo(principal, redirectChainIncludingInternalRedirects.AppendElement()); @@ -240,6 +244,7 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo, LoadInfoArgs( loadingPrincipalInfo, triggeringPrincipalInfo, + principalToInheritInfo, aLoadInfo->GetSecurityFlags(), aLoadInfo->InternalContentPolicyType(), static_cast(aLoadInfo->GetTainting()), @@ -288,6 +293,10 @@ LoadInfoArgsToLoadInfo(const OptionalLoadInfoArgs& aOptionalLoadInfoArgs, PrincipalInfoToPrincipal(loadInfoArgs.triggeringPrincipalInfo(), &rv); NS_ENSURE_SUCCESS(rv, rv); + nsCOMPtr principalToInherit = + PrincipalInfoToPrincipal(loadInfoArgs.principalToInheritInfo(), &rv); + NS_ENSURE_SUCCESS(rv, rv); + nsTArray> redirectChainIncludingInternalRedirects; for (const PrincipalInfo& principalInfo : loadInfoArgs.redirectChainIncludingInternalRedirects()) { nsCOMPtr redirectedPrincipal = @@ -307,6 +316,7 @@ LoadInfoArgsToLoadInfo(const OptionalLoadInfoArgs& aOptionalLoadInfoArgs, nsCOMPtr loadInfo = new mozilla::LoadInfo(loadingPrincipal, triggeringPrincipal, + principalToInherit, loadInfoArgs.securityFlags(), loadInfoArgs.contentPolicyType(), static_cast(loadInfoArgs.tainting()), diff --git a/netwerk/base/LoadInfo.cpp b/netwerk/base/LoadInfo.cpp index 1e33df471a77..6ce2bf1c1b72 100644 --- a/netwerk/base/LoadInfo.cpp +++ b/netwerk/base/LoadInfo.cpp @@ -44,6 +44,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, aLoadingContext->NodePrincipal() : aLoadingPrincipal) , mTriggeringPrincipal(aTriggeringPrincipal ? aTriggeringPrincipal : mLoadingPrincipal.get()) + , mPrincipalToInherit(mTriggeringPrincipal) , mLoadingContext(do_GetWeakReference(aLoadingContext)) , mSecurityFlags(aSecurityFlags) , mInternalContentPolicyType(aContentPolicyType) @@ -64,6 +65,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, { MOZ_ASSERT(mLoadingPrincipal); MOZ_ASSERT(mTriggeringPrincipal); + MOZ_ASSERT(mPrincipalToInherit); #ifdef DEBUG // TYPE_DOCUMENT loads initiated by javascript tests will go through @@ -214,6 +216,7 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow, nsSecurityFlags aSecurityFlags) : mLoadingPrincipal(nullptr) , mTriggeringPrincipal(aTriggeringPrincipal) + , mPrincipalToInherit(mTriggeringPrincipal) , mSecurityFlags(aSecurityFlags) , mInternalContentPolicyType(nsIContentPolicy::TYPE_DOCUMENT) , mTainting(LoadTainting::Basic) @@ -235,6 +238,7 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow, // Grab the information we can out of the window. MOZ_ASSERT(aOuterWindow); MOZ_ASSERT(mTriggeringPrincipal); + MOZ_ASSERT(mPrincipalToInherit); // if the load is sandboxed, we can not also inherit the principal if (mSecurityFlags & nsILoadInfo::SEC_SANDBOXED) { @@ -270,6 +274,7 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow, LoadInfo::LoadInfo(const LoadInfo& rhs) : mLoadingPrincipal(rhs.mLoadingPrincipal) , mTriggeringPrincipal(rhs.mTriggeringPrincipal) + , mPrincipalToInherit(rhs.mPrincipalToInherit) , mLoadingContext(rhs.mLoadingContext) , mSecurityFlags(rhs.mSecurityFlags) , mInternalContentPolicyType(rhs.mInternalContentPolicyType) @@ -297,6 +302,7 @@ LoadInfo::LoadInfo(const LoadInfo& rhs) LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, nsIPrincipal* aTriggeringPrincipal, + nsIPrincipal* aPrincipalToInherit, nsSecurityFlags aSecurityFlags, nsContentPolicyType aContentPolicyType, LoadTainting aTainting, @@ -319,6 +325,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, bool aIsPreflight) : mLoadingPrincipal(aLoadingPrincipal) , mTriggeringPrincipal(aTriggeringPrincipal) + , mPrincipalToInherit(aPrincipalToInherit) , mSecurityFlags(aSecurityFlags) , mInternalContentPolicyType(aContentPolicyType) , mTainting(aTainting) @@ -341,6 +348,7 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal, // Only top level TYPE_DOCUMENT loads can have a null loadingPrincipal MOZ_ASSERT(mLoadingPrincipal || aContentPolicyType == nsIContentPolicy::TYPE_DOCUMENT); MOZ_ASSERT(mTriggeringPrincipal); + MOZ_ASSERT(mPrincipalToInherit); mRedirectChainIncludingInternalRedirects.SwapElements( aRedirectChainIncludingInternalRedirects); @@ -425,6 +433,27 @@ LoadInfo::TriggeringPrincipal() return mTriggeringPrincipal; } +NS_IMETHODIMP +LoadInfo::GetPrincipalToInherit(nsIPrincipal** aPrincipalToInherit) +{ + NS_ADDREF(*aPrincipalToInherit = mPrincipalToInherit); + return NS_OK; +} + +NS_IMETHODIMP +LoadInfo::SetPrincipalToInherit(nsIPrincipal* aPrincipalToInherit) +{ + MOZ_ASSERT(aPrincipalToInherit, "must be a valid principal to inherit"); + mPrincipalToInherit = aPrincipalToInherit; + return NS_OK; +} + +nsIPrincipal* +LoadInfo::PrincipalToInherit() +{ + return mPrincipalToInherit; +} + NS_IMETHODIMP LoadInfo::GetLoadingDocument(nsIDOMDocument** aResult) { diff --git a/netwerk/base/LoadInfo.h b/netwerk/base/LoadInfo.h index 0f407d449ec4..8d90beb53378 100644 --- a/netwerk/base/LoadInfo.h +++ b/netwerk/base/LoadInfo.h @@ -86,6 +86,7 @@ private: // Please note that aRedirectChain uses swapElements. LoadInfo(nsIPrincipal* aLoadingPrincipal, nsIPrincipal* aTriggeringPrincipal, + nsIPrincipal* aPrincipalToInherit, nsSecurityFlags aSecurityFlags, nsContentPolicyType aContentPolicyType, LoadTainting aTainting, @@ -126,6 +127,7 @@ private: // if you add a member, please also update the copy constructor nsCOMPtr mLoadingPrincipal; nsCOMPtr mTriggeringPrincipal; + nsCOMPtr mPrincipalToInherit; nsWeakPtr mLoadingContext; nsSecurityFlags mSecurityFlags; nsContentPolicyType mInternalContentPolicyType; diff --git a/netwerk/base/nsILoadInfo.idl b/netwerk/base/nsILoadInfo.idl index 3cb7c18189cb..6894aa565e3b 100644 --- a/netwerk/base/nsILoadInfo.idl +++ b/netwerk/base/nsILoadInfo.idl @@ -246,6 +246,19 @@ interface nsILoadInfo : nsISupports [noscript, notxpcom, nostdcall, binaryname(TriggeringPrincipal)] nsIPrincipal binaryTriggeringPrincipal(); + /** + * The principalToInherit is the principal that is used when the inherit flag + * is set. For loads that are not TYPE_DOCUMENT or TYPE_SUBDOCUMENT that + * principal is always identical to the triggeringPrincipal. + */ + attribute nsIPrincipal principalToInherit; + + /** + * A C++-friendly version of principalToInherit. + */ + [noscript, notxpcom, nostdcall, binaryname(PrincipalToInherit)] + nsIPrincipal binaryPrincipalToInherit(); + /** * This is the ownerDocument of the LoadingNode. Unless the LoadingNode * is a Document, in which case the LoadingDocument is the same as the diff --git a/netwerk/ipc/NeckoChannelParams.ipdlh b/netwerk/ipc/NeckoChannelParams.ipdlh index 477f959c44d8..6bc287182ed8 100644 --- a/netwerk/ipc/NeckoChannelParams.ipdlh +++ b/netwerk/ipc/NeckoChannelParams.ipdlh @@ -30,6 +30,7 @@ struct LoadInfoArgs { OptionalPrincipalInfo requestingPrincipalInfo; PrincipalInfo triggeringPrincipalInfo; + PrincipalInfo principalToInheritInfo; uint32_t securityFlags; uint32_t contentPolicyType; uint32_t tainting;