Bug 1453869 part 7. Make the DOMParser WebIDL constructor use a nullprincipal for the document if the caller is system-principal. r=mrbkap

In our test suite, we only run into two calls to this constructor with a system
principal, and both are in test code.

After this, calling the WebIDL constructor from system code is _almost_
equivalent to creating by contract.  The one difference is that the resulting
DOMParser (and the documents it creates) will have its script handling object
set to the global the constructor came from instead of being null.

MozReview-Commit-ID: Fe2yMeqoYnB

dom/base/DOMParser.cpp

@@ -9,6 +9,7 @@
 #include "nsIDOMDocument.h"
 #include "nsNetUtil.h"
 #include "nsDOMString.h"
+#include "MainThreadUtils.h"
 #include "nsIStreamListener.h"
 #include "nsStringStream.h"
 #include "nsIScriptError.h"
@@ -296,10 +297,20 @@ DOMParser::Init(nsIPrincipal* principal, nsIURI* documentURI,
 DOMParser::Constructor(const GlobalObject& aOwner,
                        ErrorResult& rv)
 {
+  MOZ_ASSERT(NS_IsMainThread());
   RefPtr<DOMParser> domParser = new DOMParser(aOwner.GetAsSupports());
-  rv = domParser->InitInternal(aOwner.GetAsSupports(),
-                               nsContentUtils::SubjectPrincipal(),
+
+  nsCOMPtr<nsIPrincipal> docPrincipal = aOwner.GetSubjectPrincipal();
+  if (nsContentUtils::IsSystemPrincipal(docPrincipal)) {
+    docPrincipal = NullPrincipal::CreateWithoutOriginAttributes();
+    // Call Init() directly so we don't pick up our window's URI and
+    // base URI, for backwards compat.
+    nsCOMPtr<nsIGlobalObject> global = do_QueryInterface(aOwner.GetAsSupports());
+    rv = domParser->Init(docPrincipal, nullptr, nullptr, global);
+  } else {
+    rv = domParser->InitInternal(aOwner.GetAsSupports(), docPrincipal,
                                  nullptr, nullptr);
+  }
   if (rv.Failed()) {
     return nullptr;
   }