mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Backed out 5 changesets (bug 1022229) for non-unified bustage. 

Backed out changeset d79b991a8d96 (bug 1022229)
Backed out changeset 34f9a0e7dbde (bug 1022229)
Backed out changeset 37fbaf69c6e0 (bug 1022229)
Backed out changeset d6111b0603f5 (bug 1022229)
Backed out changeset 154922edf5fe (bug 1022229)
This commit is contained in:
Ryan VanderMeulen 2014-07-28 15:08:51 -04:00
Родитель b755961e1d
Коммит 9a8cfb647e
10 изменённых файлов: 57 добавлений и 207 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

39
caps/nsNullPrincipal.cpp
Просмотреть файл

@ -18,8 +18,6 @@
#include "nsID.h"
#include "nsNetUtil.h"
#include "nsIClassInfoImpl.h"
#include "nsIObjectInputStream.h"
#include "nsIObjectOutputStream.h"
#include "nsNetCID.h"
#include "nsError.h"
#include "nsIScriptSecurityManager.h"
@ -68,24 +66,11 @@ nsNullPrincipal::~nsNullPrincipal()
{
}
/* static */ already_AddRefed<nsNullPrincipal>
nsNullPrincipal::CreateWithInheritedAttributes(nsIPrincipal* aInheritFrom)
{
nsRefPtr<nsNullPrincipal> nullPrin = new nsNullPrincipal();
nsresult rv = nullPrin->Init(aInheritFrom->GetAppId(),
aInheritFrom->GetIsInBrowserElement());
return NS_SUCCEEDED(rv) ? nullPrin.forget() : nullptr;
}
#define NS_NULLPRINCIPAL_PREFIX NS_NULLPRINCIPAL_SCHEME ":"
nsresult
nsNullPrincipal::Init(uint32_t aAppId, bool aInMozBrowser)
nsNullPrincipal::Init()
{
MOZ_ASSERT(aAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID);
mAppId = aAppId;
mInMozBrowser = aInMozBrowser;
// FIXME: bug 327161 -- make sure the uuid generator is reseeding-resistant.
nsresult rv;
nsCOMPtr<nsIUUIDGenerator> uuidgen =
@ -271,21 +256,21 @@ nsNullPrincipal::GetJarPrefix(nsACString& aJarPrefix)
NS_IMETHODIMP
nsNullPrincipal::GetAppStatus(uint16_t* aAppStatus)
{
*aAppStatus = nsScriptSecurityManager::AppStatusForPrincipal(this);
*aAppStatus = nsIPrincipal::APP_STATUS_NOT_INSTALLED;
return NS_OK;
}
NS_IMETHODIMP
nsNullPrincipal::GetAppId(uint32_t* aAppId)
{
*aAppId = mAppId;
*aAppId = nsIScriptSecurityManager::NO_APP_ID;
return NS_OK;
}
NS_IMETHODIMP
nsNullPrincipal::GetIsInBrowserElement(bool* aIsInBrowserElement)
{
*aIsInBrowserElement = mInMozBrowser;
*aIsInBrowserElement = false;
return NS_OK;
}
@ -316,24 +301,16 @@ nsNullPrincipal::GetBaseDomain(nsACString& aBaseDomain)
NS_IMETHODIMP
nsNullPrincipal::Read(nsIObjectInputStream* aStream)
{
// Note - nsNullPrincipal use NS_GENERIC_FACTORY_CONSTRUCTOR_INIT, which means
// that the Init() method has already been invoked by the time we deserialize.
// This is in contrast to nsPrincipal, which uses NS_GENERIC_FACTORY_CONSTRUCTOR,
// in which case ::Read needs to invoke Init().
nsresult rv = aStream->Read32(&mAppId);
NS_ENSURE_SUCCESS(rv, rv);
rv = aStream->ReadBoolean(&mInMozBrowser);
NS_ENSURE_SUCCESS(rv, rv);
// no-op: CID is sufficient to create a useful nsNullPrincipal, since the URI
// is not really relevant.
return NS_OK;
}
NS_IMETHODIMP
nsNullPrincipal::Write(nsIObjectOutputStream* aStream)
{
aStream->Write32(mAppId);
aStream->WriteBoolean(mInMozBrowser);
// no-op: CID is sufficient to create a useful nsNullPrincipal, since the URI
// is not really relevant.
return NS_OK;
}

12
caps/nsNullPrincipal.h
Просмотреть файл

@ -14,15 +14,14 @@
#include "nsIPrincipal.h"
#include "nsJSPrincipals.h"
#include "nsIScriptSecurityManager.h"
#include "nsCOMPtr.h"
#include "nsIContentSecurityPolicy.h"
class nsIURI;
#define NS_NULLPRINCIPAL_CID \
{ 0xa0bd8b42, 0xf6bf, 0x4fb9, \
{ 0x93, 0x42, 0x90, 0xbf, 0xc9, 0xb7, 0xa1, 0xab } }
{ 0xdd156d62, 0xd26f, 0x4441, \
{ 0x9c, 0xdb, 0xe8, 0xf0, 0x91, 0x07, 0xc2, 0x73 } }
#define NS_NULLPRINCIPAL_CONTRACTID "@mozilla.org/nullprincipal;1"
#define NS_NULLPRINCIPAL_SCHEME "moz-nullprincipal"
@ -42,10 +41,7 @@ public:
NS_DECL_NSIPRINCIPAL
NS_DECL_NSISERIALIZABLE
static already_AddRefed<nsNullPrincipal> CreateWithInheritedAttributes(nsIPrincipal *aInheritFrom);
nsresult Init(uint32_t aAppId = nsIScriptSecurityManager::NO_APP_ID,
bool aInMozBrowser = false);
nsresult Init();
virtual void GetScriptLocation(nsACString &aStr) MOZ_OVERRIDE;
@ -58,8 +54,6 @@ public:
nsCOMPtr<nsIURI> mURI;
nsCOMPtr<nsIContentSecurityPolicy> mCSP;
uint32_t mAppId;
bool mInMozBrowser;
};
#endif // nsNullPrincipal_h__

43
caps/nsPrincipal.cpp
Просмотреть файл

@ -577,11 +577,48 @@ nsPrincipal::Write(nsIObjectOutputStream* aStream)
uint16_t
nsPrincipal::GetAppStatus()
{
if (mAppId == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
NS_WARNING("Asking for app status on a principal with an unknown app id");
NS_WARN_IF_FALSE(mAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID,
"Asking for app status on a principal with an unknown app id");
// Installed apps have a valid app id (not NO_APP_ID or UNKNOWN_APP_ID)
// and they are not inside a mozbrowser.
if (mAppId == nsIScriptSecurityManager::NO_APP_ID ||
mAppId == nsIScriptSecurityManager::UNKNOWN_APP_ID || mInMozBrowser) {
return nsIPrincipal::APP_STATUS_NOT_INSTALLED;
}
return nsScriptSecurityManager::AppStatusForPrincipal(this);
nsCOMPtr<nsIAppsService> appsService = do_GetService(APPS_SERVICE_CONTRACTID);
NS_ENSURE_TRUE(appsService, nsIPrincipal::APP_STATUS_NOT_INSTALLED);
nsCOMPtr<mozIApplication> app;
appsService->GetAppByLocalId(mAppId, getter_AddRefs(app));
NS_ENSURE_TRUE(app, nsIPrincipal::APP_STATUS_NOT_INSTALLED);
uint16_t status = nsIPrincipal::APP_STATUS_INSTALLED;
NS_ENSURE_SUCCESS(app->GetAppStatus(&status),
nsIPrincipal::APP_STATUS_NOT_INSTALLED);
nsAutoCString origin;
NS_ENSURE_SUCCESS(GetOrigin(getter_Copies(origin)),
nsIPrincipal::APP_STATUS_NOT_INSTALLED);
nsString appOrigin;
NS_ENSURE_SUCCESS(app->GetOrigin(appOrigin),
nsIPrincipal::APP_STATUS_NOT_INSTALLED);
// We go from string -> nsIURI -> origin to be sure we
// compare two punny-encoded origins.
nsCOMPtr<nsIURI> appURI;
NS_ENSURE_SUCCESS(NS_NewURI(getter_AddRefs(appURI), appOrigin),
nsIPrincipal::APP_STATUS_NOT_INSTALLED);
nsAutoCString appOriginPunned;
NS_ENSURE_SUCCESS(GetOriginForURI(appURI, getter_Copies(appOriginPunned)),
nsIPrincipal::APP_STATUS_NOT_INSTALLED);
if (!appOriginPunned.Equals(origin)) {
return nsIPrincipal::APP_STATUS_NOT_INSTALLED;
}
return status;
}
/************************************************************************************************************************/

57
caps/nsScriptSecurityManager.cpp
Просмотреть файл

@ -252,57 +252,6 @@ nsScriptSecurityManager::SecurityHashURI(nsIURI* aURI)
return NS_SecurityHashURI(aURI);
}
uint16_t
nsScriptSecurityManager::AppStatusForPrincipal(nsIPrincipal *aPrin)
{
uint32_t appId = aPrin->GetAppId();
bool inMozBrowser = aPrin->GetIsInBrowserElement();
NS_WARN_IF_FALSE(appId != nsIScriptSecurityManager::UNKNOWN_APP_ID,
"Asking for app status on a principal with an unknown app id");
// Installed apps have a valid app id (not NO_APP_ID or UNKNOWN_APP_ID)
// and they are not inside a mozbrowser.
if (appId == nsIScriptSecurityManager::NO_APP_ID ||
appId == nsIScriptSecurityManager::UNKNOWN_APP_ID || inMozBrowser)
{
return nsIPrincipal::APP_STATUS_NOT_INSTALLED;
}
nsCOMPtr<nsIAppsService> appsService = do_GetService(APPS_SERVICE_CONTRACTID);
NS_ENSURE_TRUE(appsService, nsIPrincipal::APP_STATUS_NOT_INSTALLED);
nsCOMPtr<mozIApplication> app;
appsService->GetAppByLocalId(appId, getter_AddRefs(app));
NS_ENSURE_TRUE(app, nsIPrincipal::APP_STATUS_NOT_INSTALLED);
uint16_t status = nsIPrincipal::APP_STATUS_INSTALLED;
NS_ENSURE_SUCCESS(app->GetAppStatus(&status),
nsIPrincipal::APP_STATUS_NOT_INSTALLED);
nsAutoCString origin;
NS_ENSURE_SUCCESS(aPrin->GetOrigin(getter_Copies(origin)),
nsIPrincipal::APP_STATUS_NOT_INSTALLED);
nsString appOrigin;
NS_ENSURE_SUCCESS(app->GetOrigin(appOrigin),
nsIPrincipal::APP_STATUS_NOT_INSTALLED);
// We go from string -> nsIURI -> origin to be sure we
// compare two punny-encoded origins.
nsCOMPtr<nsIURI> appURI;
NS_ENSURE_SUCCESS(NS_NewURI(getter_AddRefs(appURI), appOrigin),
nsIPrincipal::APP_STATUS_NOT_INSTALLED);
nsAutoCString appOriginPunned;
NS_ENSURE_SUCCESS(nsPrincipal::GetOriginForURI(appURI, getter_Copies(appOriginPunned)),
nsIPrincipal::APP_STATUS_NOT_INSTALLED);
if (!appOriginPunned.Equals(origin)) {
return nsIPrincipal::APP_STATUS_NOT_INSTALLED;
}
return status;
}
NS_IMETHODIMP
nsScriptSecurityManager::GetChannelPrincipal(nsIChannel* aChannel,
nsIPrincipal** aPrincipal)
@ -322,11 +271,7 @@ nsScriptSecurityManager::GetChannelPrincipal(nsIChannel* aChannel,
aChannel->GetLoadInfo(getter_AddRefs(loadInfo));
if (loadInfo) {
if (loadInfo->GetLoadingSandboxed()) {
nsRefPtr<nsNullPrincipal> prin =
nsNullPrincipal::CreateWithInheritedAttributes(loadInfo->LoadingPrincipal());
NS_ENSURE_TRUE(prin, NS_ERROR_FAILURE);
prin.forget(aPrincipal);
return NS_OK;
return CallCreateInstance(NS_NULLPRINCIPAL_CONTRACTID, aPrincipal);
}
if (loadInfo->GetForceInheritPrincipal()) {

2
caps/nsScriptSecurityManager.h
Просмотреть файл

@ -68,8 +68,6 @@ public:
static bool SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI);
static uint32_t SecurityHashURI(nsIURI* aURI);
static uint16_t AppStatusForPrincipal(nsIPrincipal *aPrin);
static nsresult
ReportError(JSContext* cx, const nsAString& messageTag,
nsIURI* aSource, nsIURI* aTarget);

9
docshell/base/nsDocShell.cpp
Просмотреть файл

@ -7415,8 +7415,7 @@ nsDocShell::CreateAboutBlankContentViewer(nsIPrincipal* aPrincipal,
if (docFactory) {
nsCOMPtr<nsIPrincipal> principal;
if (mSandboxFlags & SANDBOXED_ORIGIN) {
principal = nsNullPrincipal::CreateWithInheritedAttributes(aPrincipal);
NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE);
principal = do_CreateInstance("@mozilla.org/nullprincipal;1");
} else {
principal = aPrincipal;
}
@ -11147,8 +11146,10 @@ nsDocShell::AddToSessionHistory(nsIURI * aURI, nsIChannel * aChannel,
if (loadInfo) {
// For now keep storing just the principal in the SHEntry.
if (loadInfo->GetLoadingSandboxed()) {
owner = nsNullPrincipal::CreateWithInheritedAttributes(loadInfo->LoadingPrincipal());
NS_ENSURE_TRUE(owner, NS_ERROR_FAILURE);
owner = do_CreateInstance(NS_NULLPRINCIPAL_CONTRACTID, &rv);
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}
} else if (loadInfo->GetForceInheritPrincipal()) {
owner = loadInfo->LoadingPrincipal();
}

40
dom/base/test/iframe_main_bug1022229.html
Просмотреть файл

@ -1,40 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<script>
// Uncomment this definition of SimpleTest (and comment out the one below) to
// debug in mozBrowser mode.
/*
var SimpleTest = { ok: function(c, m) { dump(m + ": " + c + "\n"); },
info: function(m) { dump(m + "\n"); },
finish: function() { dump("Test done\n");} };
*/
var SimpleTest = parent.SimpleTest;
var ok = SimpleTest.ok;
var info = SimpleTest.info;
var finish = SimpleTest.finish.bind(SimpleTest);
var gotTargetedMessage = false;
window.onmessage = function(evt) {
var message = evt.data;
info("Received message: " + message);
switch (message) {
case 'targeted':
gotTargetedMessage = true;
break;
case 'broadcast':
ok(gotTargetedMessage, "Should have received targeted message");
finish();
break;
default:
ok(false, "Unexpected message: " + message);
break;
}
}
</script>
</head>
<body>
<iframe src="iframe_sandbox_bug1022229.html" sandbox="allow-scripts"></iframe>
</body>
</html>

13
dom/base/test/iframe_sandbox_bug1022229.html
Просмотреть файл

@ -1,13 +0,0 @@
<!DOCTYPE html>
<html>
<head>
<script>
// First send an origin-restricted message, and then send a non-restricted
// message to end the test promptly even in a failure mode.
parent.postMessage('targeted', 'http://mochi.test:8888');
setTimeout(function() { parent.postMessage('broadcast', '*'); }, 0);
</script>
</head>
<body>
</body>
</html>

3
dom/base/test/mochitest.ini
Просмотреть файл

@ -2,8 +2,6 @@
support-files =
audio.ogg
iframe_bug976673.html
iframe_main_bug1022229.html
iframe_sandbox_bug1022229.html
iframe_messageChannel_cloning.html
iframe_messageChannel_chrome.html
iframe_messageChannel_pingpong.html
@ -23,7 +21,6 @@ skip-if = buildapp == 'mulet'
[test_bug979109.html]
[test_bug989665.html]
[test_bug999456.html]
[test_bug1022229.html]
[test_clearTimeoutIntervalNoArg.html]
[test_consoleEmptyStack.html]
[test_constructor-assignment.html]

46
dom/base/test/test_bug1022229.html
Просмотреть файл

@ -1,46 +0,0 @@
<!DOCTYPE HTML>
<html>
<!--
https://bugzilla.mozilla.org/show_bug.cgi?id=1022229
-->
<head>
<meta charset="utf-8">
<title>Test for Bug 1022229</title>
<script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
<script type="application/javascript">
/** Test for postMessage between sandboxed iframe and non-sandboxed window.
This test is particularly interesting on b2g where we're in a mozBrowser.
We set the test up with an extra iframe so that we can easily run it in
an artificial mozbrowser for desktop builds.
**/
SimpleTest.waitForExplicitFinish();
function go() {
var ifr = document.createElement('iframe');
/* Uncomment this chunk to run in a mozBrowser. Make sure to uncomment the
chunk in iframe_main as well. */
/*
SpecialPowers.Services.prefs.setBoolPref("dom.mozBrowserFramesEnabled", true);
SpecialPowers.Services.prefs.setBoolPref("dom.ipc.browser_frames.oop_by_default", false);
SpecialPowers.addPermission("browser", true, document);
SpecialPowers.wrap(ifr).mozbrowser = true;
*/
ifr.setAttribute('src', 'iframe_main_bug1022229.html');
document.body.appendChild(ifr);
}
</script>
</head>
<body onload="go()">
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1022229">Mozilla Bug 1022229</a>
<p id="display"></p>
<div id="content" style="display: none">
</div>
<pre id="test">
</pre>
</body>
</html>