Bug 1344706 - Do not reuse originPrincipal as triggeringPrincipal within utilityOverlay.js. r=gijs

This commit is contained in:
Christoph Kerschbaumer 2017-04-03 09:58:17 +02:00
Родитель e0b947bce4
Коммит a40ae7abe5
5 изменённых файлов: 23 добавлений и 5 удалений

Просмотреть файл

@ -1340,6 +1340,7 @@ var gBrowserInit = {
// [5]: referrerPolicy (int)
// [6]: userContextId (int)
// [7]: originPrincipal (nsIPrincipal)
// [8]: triggeringPrincipal (nsIPrincipal)
let referrerURI = window.arguments[2];
if (typeof(referrerURI) == "string") {
try {
@ -1356,7 +1357,7 @@ var gBrowserInit = {
window.arguments[4] || false, referrerPolicy, userContextId,
// pass the origin principal (if any) and force its use to create
// an initial about:blank viewer if present:
window.arguments[7], !!window.arguments[7]);
window.arguments[7], !!window.arguments[7], window.arguments[8]);
window.focus();
} else {
// Note: loadOneOrMoreURIs *must not* be called if window.arguments.length >= 3.
@ -2248,7 +2249,8 @@ function BrowserTryToCloseWindow() {
}
function loadURI(uri, referrer, postData, allowThirdPartyFixup, referrerPolicy,
userContextId, originPrincipal, forceAboutBlankViewerInCurrent) {
userContextId, originPrincipal, forceAboutBlankViewerInCurrent,
triggeringPrincipal) {
try {
openLinkIn(uri, "current",
{ referrerURI: referrer,
@ -2257,6 +2259,7 @@ function loadURI(uri, referrer, postData, allowThirdPartyFixup, referrerPolicy,
allowThirdPartyFixup,
userContextId,
originPrincipal,
triggeringPrincipal,
forceAboutBlankViewerInCurrent,
});
} catch (e) {}
@ -5782,6 +5785,7 @@ function handleLinkClick(event, href, linkNode) {
referrerPolicy,
noReferrer: BrowserUtils.linkHasNoReferrer(linkNode),
originPrincipal: doc.nodePrincipal,
triggeringPrincipal: doc.nodePrincipal,
frameOuterWindowID,
};

Просмотреть файл

@ -578,6 +578,7 @@ var ClickEventHandler = {
} catch (e) {}
}
json.originPrincipal = ownerDoc.nodePrincipal;
json.triggeringPrincipal = ownerDoc.nodePrincipal;
sendAsyncMessage("Content:Click", json);
return;

Просмотреть файл

@ -985,6 +985,7 @@ nsContextMenu.prototype = {
_openLinkInParameters(extra) {
let params = { charset: gContextMenuContentData.charSet,
originPrincipal: this.principal,
triggeringPrincipal: this.principal,
referrerURI: gContextMenuContentData.documentURIObject,
referrerPolicy: gContextMenuContentData.referrerPolicy,
frameOuterWindowID: gContextMenuContentData.frameOuterWindowID,
@ -1174,7 +1175,7 @@ nsContextMenu.prototype = {
this._canvasToBlobURL(this.target).then(function(blobURL) {
openUILink(blobURL, e, { disallowInheritPrincipal: true,
referrerURI,
originPrincipal: systemPrincipal});
triggeringPrincipal: systemPrincipal});
}, Cu.reportError);
} else {
urlSecurityCheck(this.mediaURL,

Просмотреть файл

@ -220,6 +220,7 @@ function openLinkIn(url, where, params) {
var aUserContextId = params.userContextId;
var aIndicateErrorPageLoad = params.indicateErrorPageLoad;
var aPrincipal = params.originPrincipal;
var aTriggeringPrincipal = params.triggeringPrincipal;
var aForceAboutBlankViewerInCurrent =
params.forceAboutBlankViewerInCurrent;
@ -267,6 +268,15 @@ function openLinkIn(url, where, params) {
};
aPrincipal = Services.scriptSecurityManager.createCodebasePrincipal(aPrincipal.URI, attrs);
}
if (aTriggeringPrincipal && aTriggeringPrincipal.isCodebasePrincipal) {
let attrs = {
userContextId: aUserContextId,
privateBrowsingId: aIsPrivate || (w && PrivateBrowsingUtils.isWindowPrivate(w)),
};
aTriggeringPrincipal =
Services.scriptSecurityManager.createCodebasePrincipal(aTriggeringPrincipal.URI, attrs);
}
if (!w || where == "window") {
// This propagates to window.arguments.
@ -311,6 +321,7 @@ function openLinkIn(url, where, params) {
sa.appendElement(referrerPolicySupports, /* weak =*/ false);
sa.appendElement(userContextIdSupports, /* weak =*/ false);
sa.appendElement(aPrincipal, /* weak =*/ false);
sa.appendElement(aTriggeringPrincipal, /* weak =*/ false);
let features = "chrome,dialog=no,all";
if (aIsPrivate) {
@ -414,7 +425,7 @@ function openLinkIn(url, where, params) {
}
targetBrowser.loadURIWithFlags(url, {
triggeringPrincipal: aPrincipal,
triggeringPrincipal: aTriggeringPrincipal,
flags,
referrerURI: aNoReferrer ? null : aReferrerURI,
referrerPolicy: aReferrerPolicy,
@ -439,7 +450,7 @@ function openLinkIn(url, where, params) {
noReferrer: aNoReferrer,
userContextId: aUserContextId,
originPrincipal: aPrincipal,
triggeringPrincipal: aPrincipal,
triggeringPrincipal: aTriggeringPrincipal,
});
targetBrowser = tabUsedForLoad.linkedBrowser;

Просмотреть файл

@ -85,6 +85,7 @@ var ContentClick = {
allowMixedContent: json.allowMixedContent,
isContentWindowPrivate: json.isContentWindowPrivate,
originPrincipal: json.originPrincipal,
triggeringPrincipal: json.triggeringPrincipal,
frameOuterWindowID: json.frameOuterWindowID,
};