mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1687890: Relax Principal Validation in Content Parent until we have Telemetry Pings r=nika 

Differential Revision: https://phabricator.services.mozilla.com/D102569
This commit is contained in:
Christoph Kerschbaumer 2021-01-22 08:10:12 +00:00
Родитель 59c49baa24
Коммит bb776a0333
1 изменённых файлов: 37 добавлений и 20 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

57
dom/ipc/ContentParent.cpp
Просмотреть файл

@ -1297,6 +1297,27 @@ mozilla::ipc::IPCResult ContentParent::RecvUngrabPointer(
#endif
}
static void LogFailedPrincipalValidationInfo(nsIPrincipal* aPrincipal,
const char* aMethod) {
// no need to do the dance if logging is disabled
if (MOZ_LOG_TEST(ContentParent::GetLog(), LogLevel::Error)) {
nsAutoCString spec;
if (!aPrincipal) {
spec.AssignLiteral("NullPtr");
} else if (aPrincipal->IsSystemPrincipal()) {
spec.AssignLiteral("SystemPrincipal");
} else if (aPrincipal->GetIsExpandedPrincipal()) {
spec.AssignLiteral("ExpandedPrincipal");
} else if (aPrincipal->GetIsContentPrincipal()) {
aPrincipal->GetSpec(spec);
}
MOZ_LOG(ContentParent::GetLog(), LogLevel::Error,
(" Receiving unexpected Principal (%s) within %s", spec.get(),
aMethod));
}
}
bool ContentParent::ValidatePrincipal(
nsIPrincipal* aPrincipal,
const EnumSet<ValidatePrincipalOptions>& aOptions) {
@ -1397,7 +1418,7 @@ mozilla::ipc::IPCResult ContentParent::RecvRemovePermission(
const IPC::Principal& aPrincipal, const nsCString& aPermissionType,
nsresult* aRv) {
if (!ValidatePrincipal(aPrincipal)) {
return IPC_FAIL(this, "receiving unexpected principal");
LogFailedPrincipalValidationInfo(aPrincipal, __func__);
}
*aRv = Permissions::RemovePermission(aPrincipal, aPermissionType);
return IPC_OK();
@ -3249,7 +3270,7 @@ mozilla::ipc::IPCResult ContentParent::RecvSetClipboard(
const int32_t& aWhichClipboard) {
if (!ValidatePrincipal(aRequestingPrincipal,
{ValidatePrincipalOptions::AllowNullPtr})) {
return IPC_FAIL(this, "receiving unexpected principal");
LogFailedPrincipalValidationInfo(aRequestingPrincipal, __func__);
}
nsresult rv;
@ -4481,7 +4502,7 @@ mozilla::ipc::IPCResult ContentParent::RecvCloseAlert(const nsString& aName) {
mozilla::ipc::IPCResult ContentParent::RecvDisableNotifications(
const IPC::Principal& aPrincipal) {
if (!ValidatePrincipal(aPrincipal)) {
return IPC_FAIL(this, "receiving unexpected principal");
LogFailedPrincipalValidationInfo(aPrincipal, __func__);
}
Unused << Notification::RemovePermission(aPrincipal);
return IPC_OK();
@ -4490,7 +4511,7 @@ mozilla::ipc::IPCResult ContentParent::RecvDisableNotifications(
mozilla::ipc::IPCResult ContentParent::RecvOpenNotificationSettings(
const IPC::Principal& aPrincipal) {
if (!ValidatePrincipal(aPrincipal)) {
return IPC_FAIL(this, "receiving unexpected principal");
LogFailedPrincipalValidationInfo(aPrincipal, __func__);
}
Unused << Notification::OpenSettings(aPrincipal);
return IPC_OK();
@ -5040,7 +5061,7 @@ bool ContentParent::DeallocPWebrtcGlobalParent(PWebrtcGlobalParent* aActor) {
mozilla::ipc::IPCResult ContentParent::RecvSetOfflinePermission(
const Principal& aPrincipal) {
if (!ValidatePrincipal(aPrincipal)) {
return IPC_FAIL(this, "receiving unexpected principal");
LogFailedPrincipalValidationInfo(aPrincipal, __func__);
}
nsCOMPtr<nsIOfflineCacheUpdateService> updateService =
components::OfflineCacheUpdate::Service();
@ -5378,7 +5399,7 @@ mozilla::ipc::IPCResult ContentParent::RecvCreateWindow(
CreateWindowResolver&& aResolve) {
if (!ValidatePrincipal(aTriggeringPrincipal,
{ValidatePrincipalOptions::AllowSystem})) {
return IPC_FAIL(this, "receiving unexpected principal");
LogFailedPrincipalValidationInfo(aTriggeringPrincipal, __func__);
}
nsresult rv = NS_OK;
@ -5694,7 +5715,7 @@ mozilla::ipc::IPCResult ContentParent::RecvNotifyPushObservers(
const nsCString& aScope, const IPC::Principal& aPrincipal,
const nsString& aMessageId) {
if (!ValidatePrincipal(aPrincipal)) {
return IPC_FAIL(this, "receiving unexpected principal");
LogFailedPrincipalValidationInfo(aPrincipal, __func__);
}
PushMessageDispatcher dispatcher(aScope, aPrincipal, aMessageId, Nothing());
Unused << NS_WARN_IF(NS_FAILED(dispatcher.NotifyObserversAndWorkers()));
@ -5705,7 +5726,7 @@ mozilla::ipc::IPCResult ContentParent::RecvNotifyPushObserversWithData(
const nsCString& aScope, const IPC::Principal& aPrincipal,
const nsString& aMessageId, nsTArray<uint8_t>&& aData) {
if (!ValidatePrincipal(aPrincipal)) {
return IPC_FAIL(this, "receiving unexpected principal");
LogFailedPrincipalValidationInfo(aPrincipal, __func__);
}
PushMessageDispatcher dispatcher(aScope, aPrincipal, aMessageId,
Some(std::move(aData)));
@ -5717,7 +5738,7 @@ mozilla::ipc::IPCResult
ContentParent::RecvNotifyPushSubscriptionChangeObservers(
const nsCString& aScope, const IPC::Principal& aPrincipal) {
if (!ValidatePrincipal(aPrincipal)) {
return IPC_FAIL(this, "receiving unexpected principal");
LogFailedPrincipalValidationInfo(aPrincipal, __func__);
}
PushSubscriptionChangeDispatcher dispatcher(aScope, aPrincipal);
Unused << NS_WARN_IF(NS_FAILED(dispatcher.NotifyObserversAndWorkers()));
@ -5728,7 +5749,7 @@ mozilla::ipc::IPCResult ContentParent::RecvPushError(
const nsCString& aScope, const IPC::Principal& aPrincipal,
const nsString& aMessage, const uint32_t& aFlags) {
if (!ValidatePrincipal(aPrincipal)) {
return IPC_FAIL(this, "receiving unexpected principal");
LogFailedPrincipalValidationInfo(aPrincipal, __func__);
}
PushErrorDispatcher dispatcher(aScope, aPrincipal, aMessage, aFlags);
Unused << NS_WARN_IF(NS_FAILED(dispatcher.NotifyObserversAndWorkers()));
@ -5739,7 +5760,7 @@ mozilla::ipc::IPCResult
ContentParent::RecvNotifyPushSubscriptionModifiedObservers(
const nsCString& aScope, const IPC::Principal& aPrincipal) {
if (!ValidatePrincipal(aPrincipal)) {
return IPC_FAIL(this, "receiving unexpected principal");
LogFailedPrincipalValidationInfo(aPrincipal, __func__);
}
PushSubscriptionModifiedDispatcher dispatcher(aScope, aPrincipal);
Unused << NS_WARN_IF(NS_FAILED(dispatcher.NotifyObservers()));
@ -5812,7 +5833,7 @@ mozilla::ipc::IPCResult ContentParent::RecvStoreAndBroadcastBlobURLRegistration(
const nsCString& aURI, const IPCBlob& aBlob, const Principal& aPrincipal,
const Maybe<nsID>& aAgentClusterId) {
if (!ValidatePrincipal(aPrincipal, {ValidatePrincipalOptions::AllowSystem})) {
return IPC_FAIL(this, "receiving unexpected principal");
LogFailedPrincipalValidationInfo(aPrincipal, __func__);
}
RefPtr<BlobImpl> blobImpl = IPCBlobUtils::Deserialize(aBlob);
if (NS_WARN_IF(!blobImpl)) {
@ -5835,7 +5856,7 @@ mozilla::ipc::IPCResult
ContentParent::RecvUnstoreAndBroadcastBlobURLUnregistration(
const nsCString& aURI, const Principal& aPrincipal) {
if (!ValidatePrincipal(aPrincipal, {ValidatePrincipalOptions::AllowSystem})) {
return IPC_FAIL(this, "receiving unexpected principal");
LogFailedPrincipalValidationInfo(aPrincipal, __func__);
}
BlobURLProtocolHandler::RemoveDataEntry(aURI, false /* Don't broadcast */);
BroadcastBlobURLUnregistration(aURI, aPrincipal, this);
@ -6181,10 +6202,6 @@ PURLClassifierParent* ContentParent::AllocPURLClassifierParent(
mozilla::ipc::IPCResult ContentParent::RecvPURLClassifierConstructor(
PURLClassifierParent* aActor, const Principal& aPrincipal, bool* aSuccess) {
if (!ValidatePrincipal(aPrincipal)) {
return IPC_FAIL(this, "receiving unexpected principal");
}
MOZ_ASSERT(NS_IsMainThread());
MOZ_ASSERT(aActor);
*aSuccess = false;
@ -6196,7 +6213,7 @@ mozilla::ipc::IPCResult ContentParent::RecvPURLClassifierConstructor(
return IPC_OK();
}
if (!ValidatePrincipal(aPrincipal)) {
return IPC_FAIL(this, "receiving unexpected principal");
LogFailedPrincipalValidationInfo(aPrincipal, __func__);
}
return actor->StartClassify(principal, aSuccess);
}
@ -6365,7 +6382,7 @@ ContentParent::RecvAutomaticStorageAccessPermissionCanBeGranted(
const Principal& aPrincipal,
AutomaticStorageAccessPermissionCanBeGrantedResolver&& aResolver) {
if (!ValidatePrincipal(aPrincipal)) {
return IPC_FAIL(this, "receiving unexpected principal");
LogFailedPrincipalValidationInfo(aPrincipal, __func__);
}
aResolver(Document::AutomaticStorageAccessPermissionCanBeGranted(aPrincipal));
return IPC_OK();
@ -6439,7 +6456,7 @@ mozilla::ipc::IPCResult ContentParent::RecvCompleteAllowAccessFor(
mozilla::ipc::IPCResult ContentParent::RecvStoreUserInteractionAsPermission(
const Principal& aPrincipal) {
if (!ValidatePrincipal(aPrincipal)) {
return IPC_FAIL(this, "receiving unexpected principal");
LogFailedPrincipalValidationInfo(aPrincipal, __func__);
}
ContentBlockingUserInteraction::Observe(aPrincipal);
return IPC_OK();