Bug 968335 - Implement Cu.getWebIDLCallerPrincipal. r=bz

2014-02-14 16:13:38 -08:00 · 2014-02-14 16:13:38 -08:00 · 8f0f5028b0
--- a/js/xpconnect/idl/xpccomponents.idl
+++ b/js/xpconnect/idl/xpccomponents.idl
@ -14,6 +14,7 @@ interface nsIClassInfo;
 interface nsIComponentManager;
 interface nsIJSCID;
 interface nsIJSIID;
+interface nsIPrincipal;
 interface nsIStackFrame;

 /**
@ -120,7 +121,7 @@ interface ScheduledGCCallback : nsISupports
 /**
 * interface of Components.utils
 */
-[scriptable, uuid(cd4bccf4-3433-492e-8dfd-dfdb3fe9efa1)]
+[scriptable, uuid(f4b12240-02aa-47e5-99d5-43cd50fbd4b7)]
 interface nsIXPCComponents_Utils : nsISupports
 {

@ -561,6 +562,22 @@ interface nsIXPCComponents_Utils : nsISupports
     */
    [implicit_jscontext]
    jsval cloneInto(in jsval value, in jsval scope, [optional] in jsval options);
+
+    /*
+     * When C++-Implemented code does security checks, it can generally query
+     * the subject principal (i.e. the principal of the most-recently-executed
+     * script) in order to determine the responsible party. However, when an API
+     * is implemented in JS, this doesn't work - the most-recently-executed
+     * script is always the System-Principaled API implementation. So we need
+     * another mechanism.
+     *
+     * Hence the notion of the "WebIDL Caller". If the current Entry Script on
+     * the Script Settings Stack represents the invocation of JS-implemented
+     * WebIDL, this API returns the principal of the caller at the time
+     * of invocation. Otherwise (i.e. outside of JS-implemented WebIDL), this
+     * function throws. If it throws, you probably shouldn't be using it.
+     */
+    nsIPrincipal getWebIDLCallerPrincipal();
 };

 /**
--- a/js/xpconnect/src/XPCComponents.cpp
+++ b/js/xpconnect/src/XPCComponents.cpp
@ -3626,6 +3626,19 @@ nsXPCComponents_Utils::CloneInto(HandleValue aValue, HandleValue aScope,
    return NS_OK;
 }

+NS_IMETHODIMP
+nsXPCComponents_Utils::GetWebIDLCallerPrincipal(nsIPrincipal **aResult)
+{
+    // This API may only be when the Entry Settings Object corresponds to a
+    // JS-implemented WebIDL call. In all other cases, the value will be null,
+    // and we throw.
+    nsCOMPtr<nsIPrincipal> callerPrin = mozilla::dom::GetWebIDLCallerPrincipal();
+    if (!callerPrin)
+        return NS_ERROR_NOT_AVAILABLE;
+    callerPrin.forget(aResult);
+    return NS_OK;
+}
+
 /***************************************************************************/
 /***************************************************************************/
 /***************************************************************************/