Bug 1601941 - Refactor GetURI usage in nsScriptSecurityManager.cpp r=ckerschb

Differential Revision: https://phabricator.services.mozilla.com/D56185 --HG-- extra : moz-landing-system : lando
2019-12-11 16:21:18 +00:00 · 2019-12-11 16:21:18 +00:00 · 8b390d55c7
--- a/caps/ContentPrincipal.cpp
+++ b/caps/ContentPrincipal.cpp
@ -330,7 +330,12 @@ bool ContentPrincipal::MayLoadInternal(nsIURI* aURI) {
 uint32_t ContentPrincipal::GetHashValue() {
  MOZ_ASSERT(mURI, "Need a principal URI");

-  return nsScriptSecurityManager::HashPrincipalByOrigin(this);
+  nsCOMPtr<nsIURI> uri;
+  GetDomain(getter_AddRefs(uri));
+  if (!uri) {
+    GetURI(getter_AddRefs(uri));
+  };
+  return NS_SecurityHashURI(uri);
 }

 NS_IMETHODIMP
--- a/caps/nsScriptSecurityManager.cpp
+++ b/caps/nsScriptSecurityManager.cpp
@ -147,6 +147,9 @@ class nsAutoInPrincipalDomainOriginSetter {
 uint32_t nsAutoInPrincipalDomainOriginSetter::sInPrincipalDomainOrigin;

 static nsresult GetOriginFromURI(nsIURI* aURI, nsACString& aOrigin) {
+  if (!aURI) {
+    return NS_ERROR_NULL_POINTER;
+  }
  if (nsAutoInPrincipalDomainOriginSetter::sInPrincipalDomainOrigin > 1) {
    // Allow a single recursive call to GetPrincipalDomainOrigin, since that
    // might be happening on a different principal from the first call.  But
@ -180,14 +183,15 @@ static nsresult GetOriginFromURI(nsIURI* aURI, nsACString& aOrigin) {

 static nsresult GetPrincipalDomainOrigin(nsIPrincipal* aPrincipal,
                                         nsACString& aOrigin) {
+  aOrigin.Truncate();
  nsCOMPtr<nsIURI> uri;
  aPrincipal->GetDomain(getter_AddRefs(uri));
-  if (!uri) {
-    aPrincipal->GetURI(getter_AddRefs(uri));
+  nsresult rv = GetOriginFromURI(uri, aOrigin);
+  if (NS_SUCCEEDED(rv)) {
+    return rv;
  }
-  NS_ENSURE_TRUE(uri, NS_ERROR_UNEXPECTED);
-
-  return GetOriginFromURI(uri, aOrigin);
+  // If there is no Domain fallback to the Principals Origin
+  return aPrincipal->GetOriginNoSuffix(aOrigin);
 }

 inline void SetPendingExceptionASCII(JSContext* cx, const char* aMsg) {
@ -509,15 +513,6 @@ nsScriptSecurityManager::CheckSameOriginURI(nsIURI* aSourceURI,
  return NS_OK;
 }

-/*static*/
-uint32_t nsScriptSecurityManager::HashPrincipalByOrigin(
-    nsIPrincipal* aPrincipal) {
-  nsCOMPtr<nsIURI> uri;
-  aPrincipal->GetDomain(getter_AddRefs(uri));
-  if (!uri) aPrincipal->GetURI(getter_AddRefs(uri));
-  return SecurityHashURI(uri);
-}
-
 NS_IMETHODIMP
 nsScriptSecurityManager::CheckLoadURIFromScript(JSContext* cx, nsIURI* aURI) {
  // Get principal of currently executing script.
--- a/caps/nsScriptSecurityManager.h
+++ b/caps/nsScriptSecurityManager.h
@ -71,8 +71,6 @@ class nsScriptSecurityManager final : public nsIScriptSecurityManager {
  static nsresult ReportError(const char* aMessageTag, nsIURI* aSource,
                              nsIURI* aTarget, bool aFromPrivateWindow);

-  static uint32_t HashPrincipalByOrigin(nsIPrincipal* aPrincipal);
-
  static bool GetStrictFileOriginPolicy() { return sStrictFileOriginPolicy; }

  void DeactivateDomainPolicy();