зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1623417 - Refactor nsPermission.cpp r=ckerschb
*** Differential Revision: https://phabricator.services.mozilla.com/D67371
This commit is contained in:
Sebastian Streich
Родитель
138168a3c9
Коммит
bb11628699
|
|
@ -347,6 +347,109 @@ BasePrincipal::Equals(nsIPrincipal* aOther, bool* aResult) {
|
|||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
BasePrincipal::EqualsForPermission(nsIPrincipal* aOther, bool aExactHost,
|
||||
bool* aResult) {
|
||||
*aResult = false;
|
||||
NS_ENSURE_ARG_POINTER(aOther);
|
||||
NS_ENSURE_ARG_POINTER(aResult);
|
||||
|
||||
// If the principals are equal, then they match.
|
||||
if (FastEquals(aOther)) {
|
||||
*aResult = true;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// If we are matching with an exact host, we're done now - the permissions
|
||||
// don't match otherwise, we need to start comparing subdomains!
|
||||
if (aExactHost) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// Compare their OriginAttributes
|
||||
const mozilla::OriginAttributes& theirAttrs = aOther->OriginAttributesRef();
|
||||
const mozilla::OriginAttributes& ourAttrs = OriginAttributesRef();
|
||||
|
||||
if (theirAttrs != ourAttrs) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIURI> ourURI;
|
||||
nsresult rv = GetURI(getter_AddRefs(ourURI));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
auto* basePrin = BasePrincipal::Cast(aOther);
|
||||
return basePrin->EqualsURIForPermission(ourURI, aResult);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
BasePrincipal::EqualsURIForPermission(nsIURI* aOther, bool* aResult) {
|
||||
*aResult = false;
|
||||
nsCOMPtr<nsIURI> ourURI;
|
||||
nsresult rv = GetURI(getter_AddRefs(ourURI));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Compare schemes
|
||||
nsAutoCString otherScheme;
|
||||
rv = aOther->GetScheme(otherScheme);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
nsAutoCString ourScheme;
|
||||
rv = ourURI->GetScheme(ourScheme);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
if (otherScheme != ourScheme) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// Compare ports
|
||||
int32_t theirPort;
|
||||
rv = aOther->GetPort(&theirPort);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
int32_t ourPort;
|
||||
rv = ourURI->GetPort(&ourPort);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
if (theirPort != ourPort) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// Check if the host or any subdomain of their host matches.
|
||||
nsAutoCString theirHost;
|
||||
rv = aOther->GetHost(theirHost);
|
||||
if (NS_FAILED(rv) || theirHost.IsEmpty()) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsAutoCString ourHost;
|
||||
rv = ourURI->GetHost(ourHost);
|
||||
if (NS_FAILED(rv) || ourHost.IsEmpty()) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIEffectiveTLDService> tldService =
|
||||
do_GetService(NS_EFFECTIVETLDSERVICE_CONTRACTID);
|
||||
if (!tldService) {
|
||||
NS_ERROR("Should have a tld service!");
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
// This loop will not loop forever, as GetNextSubDomain will eventually fail
|
||||
// with NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS.
|
||||
while (theirHost != ourHost) {
|
||||
rv = tldService->GetNextSubDomain(theirHost, theirHost);
|
||||
if (NS_FAILED(rv)) {
|
||||
if (rv == NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS) {
|
||||
return NS_OK;
|
||||
}
|
||||
return rv;
|
||||
}
|
||||
}
|
||||
|
||||
*aResult = true;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
BasePrincipal::EqualsConsideringDomain(nsIPrincipal* aOther, bool* aResult) {
|
||||
NS_ENSURE_ARG_POINTER(aOther);
|
||||
|
|
|
|||
|
|
@ -106,6 +106,9 @@ class BasePrincipal : public nsJSPrincipals {
|
|||
NS_IMETHOD Equals(nsIPrincipal* other, bool* _retval) final;
|
||||
NS_IMETHOD EqualsConsideringDomain(nsIPrincipal* other, bool* _retval) final;
|
||||
NS_IMETHOD EqualsURI(nsIURI* aOtherURI, bool* _retval) override;
|
||||
NS_IMETHOD EqualsForPermission(nsIPrincipal* other, bool aExactHost,
|
||||
bool* _retval) final;
|
||||
NS_IMETHOD EqualsURIForPermission(nsIURI* other, bool* _retval) final;
|
||||
NS_IMETHOD Subsumes(nsIPrincipal* other, bool* _retval) final;
|
||||
NS_IMETHOD SubsumesConsideringDomain(nsIPrincipal* other,
|
||||
bool* _retval) final;
|
||||
|
|
|
|||
|
|
@ -58,6 +58,14 @@ interface nsIPrincipal : nsISerializable
|
|||
*/
|
||||
boolean equals(in nsIPrincipal other);
|
||||
|
||||
/**
|
||||
* Returns whether the other principal is equivalent to this principal
|
||||
* for permission purposes
|
||||
* Matches {originAttributes ,equalsURIForPermission}
|
||||
*/
|
||||
|
||||
boolean equalsForPermission(in nsIPrincipal other, in bool aExactHost);
|
||||
|
||||
/**
|
||||
* Like equals, but takes document.domain changes into account.
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -119,101 +119,8 @@ Permission::Matches(nsIPrincipal* aPrincipal, bool aExactHost, bool* aMatches) {
|
|||
|
||||
NS_IMETHODIMP
|
||||
Permission::MatchesPrincipalForPermission(nsIPrincipal* aPrincipal,
|
||||
bool aExactHost, bool* aMatches) {
|
||||
NS_ENSURE_ARG_POINTER(aPrincipal);
|
||||
NS_ENSURE_ARG_POINTER(aMatches);
|
||||
|
||||
*aMatches = false;
|
||||
|
||||
// If the principals are equal, then they match.
|
||||
if (mPrincipal->Equals(aPrincipal)) {
|
||||
*aMatches = true;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// If we are matching with an exact host, we're done now - the permissions
|
||||
// don't match otherwise, we need to start comparing subdomains!
|
||||
if (aExactHost) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// Compare their OriginAttributes
|
||||
const mozilla::OriginAttributes& theirAttrs =
|
||||
aPrincipal->OriginAttributesRef();
|
||||
const mozilla::OriginAttributes& ourAttrs = mPrincipal->OriginAttributesRef();
|
||||
|
||||
if (theirAttrs != ourAttrs) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIURI> theirURI;
|
||||
nsresult rv = aPrincipal->GetURI(getter_AddRefs(theirURI));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
nsCOMPtr<nsIURI> ourURI;
|
||||
rv = mPrincipal->GetURI(getter_AddRefs(ourURI));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Compare schemes
|
||||
nsAutoCString theirScheme;
|
||||
rv = theirURI->GetScheme(theirScheme);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
nsAutoCString ourScheme;
|
||||
rv = ourURI->GetScheme(ourScheme);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
if (theirScheme != ourScheme) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// Compare ports
|
||||
int32_t theirPort;
|
||||
rv = theirURI->GetPort(&theirPort);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
int32_t ourPort;
|
||||
rv = ourURI->GetPort(&ourPort);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
if (theirPort != ourPort) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// Check if the host or any subdomain of their host matches.
|
||||
nsAutoCString theirHost;
|
||||
rv = theirURI->GetHost(theirHost);
|
||||
if (NS_FAILED(rv) || theirHost.IsEmpty()) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsAutoCString ourHost;
|
||||
rv = ourURI->GetHost(ourHost);
|
||||
if (NS_FAILED(rv) || ourHost.IsEmpty()) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIEffectiveTLDService> tldService =
|
||||
do_GetService(NS_EFFECTIVETLDSERVICE_CONTRACTID);
|
||||
if (!tldService) {
|
||||
NS_ERROR("Should have a tld service!");
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
// This loop will not loop forever, as GetNextSubDomain will eventually fail
|
||||
// with NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS.
|
||||
while (theirHost != ourHost) {
|
||||
rv = tldService->GetNextSubDomain(theirHost, theirHost);
|
||||
if (NS_FAILED(rv)) {
|
||||
if (rv == NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS) {
|
||||
return NS_OK;
|
||||
}
|
||||
return rv;
|
||||
}
|
||||
}
|
||||
|
||||
*aMatches = true;
|
||||
return NS_OK;
|
||||
bool aExactHost, bool* aMatches) {
|
||||
return mPrincipal->EqualsForPermission(aPrincipal, aExactHost, aMatches);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче