зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1206961 - Use channel->AsyncOpen2() for imageLoader; Remove security checks from callsites (r=bz)
This commit is contained in:
Christoph Kerschbaumer
Родитель
0e1d963860
Коммит
da0d241d98
|
|
@ -39,6 +39,44 @@ static bool SchemeIs(nsIURI* aURI, const char* aScheme)
|
|||
return NS_SUCCEEDED(baseURI->SchemeIs(aScheme, &isScheme)) && isScheme;
|
||||
}
|
||||
|
||||
|
||||
static bool IsImageLoadInEditorAppType(nsILoadInfo* aLoadInfo)
|
||||
{
|
||||
// Editor apps get special treatment here, editors can load images
|
||||
// from anywhere. This allows editor to insert images from file://
|
||||
// into documents that are being edited.
|
||||
nsContentPolicyType type = aLoadInfo->InternalContentPolicyType();
|
||||
if (type != nsIContentPolicy::TYPE_INTERNAL_IMAGE &&
|
||||
type != nsIContentPolicy::TYPE_INTERNAL_IMAGE_PRELOAD &&
|
||||
type != nsIContentPolicy::TYPE_IMAGESET) {
|
||||
return false;
|
||||
}
|
||||
|
||||
uint32_t appType = nsIDocShell::APP_TYPE_UNKNOWN;
|
||||
nsINode* node = aLoadInfo->LoadingNode();
|
||||
if (!node) {
|
||||
return false;
|
||||
}
|
||||
nsIDocument* doc = node->OwnerDoc();
|
||||
if (!doc) {
|
||||
return false;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIDocShellTreeItem> docShellTreeItem = doc->GetDocShell();
|
||||
if (!docShellTreeItem) {
|
||||
return false;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIDocShellTreeItem> root;
|
||||
docShellTreeItem->GetRootTreeItem(getter_AddRefs(root));
|
||||
nsCOMPtr<nsIDocShell> docShell(do_QueryInterface(root));
|
||||
if (!docShell || NS_FAILED(docShell->GetAppType(&appType))) {
|
||||
appType = nsIDocShell::APP_TYPE_UNKNOWN;
|
||||
}
|
||||
|
||||
return appType == nsIDocShell::APP_TYPE_EDITOR;
|
||||
}
|
||||
|
||||
static nsresult
|
||||
DoCheckLoadURIChecks(nsIURI* aURI, nsILoadInfo* aLoadInfo)
|
||||
{
|
||||
|
|
@ -55,8 +93,11 @@ DoCheckLoadURIChecks(nsIURI* aURI, nsILoadInfo* aLoadInfo)
|
|||
flags |= nsIScriptSecurityManager::ALLOW_CHROME;
|
||||
}
|
||||
|
||||
bool isImageInEditorType = IsImageLoadInEditorAppType(aLoadInfo);
|
||||
|
||||
// We don't have a loadingPrincipal for TYPE_DOCUMENT
|
||||
if (aLoadInfo->GetExternalContentPolicyType() != nsIContentPolicy::TYPE_DOCUMENT) {
|
||||
if (aLoadInfo->GetExternalContentPolicyType() != nsIContentPolicy::TYPE_DOCUMENT &&
|
||||
!isImageInEditorType) {
|
||||
rv = nsContentUtils::GetSecurityManager()->
|
||||
CheckLoadURIWithPrincipal(loadingPrincipal,
|
||||
aURI,
|
||||
|
|
@ -67,7 +108,7 @@ DoCheckLoadURIChecks(nsIURI* aURI, nsILoadInfo* aLoadInfo)
|
|||
// If the loadingPrincipal and the triggeringPrincipal are different, then make
|
||||
// sure the triggeringPrincipal is allowed to access that URI.
|
||||
nsCOMPtr<nsIPrincipal> triggeringPrincipal = aLoadInfo->TriggeringPrincipal();
|
||||
if (loadingPrincipal != triggeringPrincipal) {
|
||||
if (loadingPrincipal != triggeringPrincipal && !isImageInEditorType) {
|
||||
rv = nsContentUtils::GetSecurityManager()->
|
||||
CheckLoadURIWithPrincipal(triggeringPrincipal,
|
||||
aURI,
|
||||
|
|
@ -155,7 +196,8 @@ DoContentSecurityChecks(nsIURI* aURI, nsILoadInfo* aLoadInfo)
|
|||
}
|
||||
|
||||
case nsIContentPolicy::TYPE_IMAGE: {
|
||||
MOZ_ASSERT(false, "contentPolicyType not supported yet");
|
||||
mimeTypeGuess = EmptyCString();
|
||||
requestingContext = aLoadInfo->LoadingNode();
|
||||
break;
|
||||
}
|
||||
|
||||
|
|
@ -295,7 +337,8 @@ DoContentSecurityChecks(nsIURI* aURI, nsILoadInfo* aLoadInfo)
|
|||
}
|
||||
|
||||
case nsIContentPolicy::TYPE_IMAGESET: {
|
||||
MOZ_ASSERT(false, "contentPolicyType not supported yet");
|
||||
mimeTypeGuess = EmptyCString();
|
||||
requestingContext = aLoadInfo->LoadingNode();
|
||||
break;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -113,11 +113,6 @@ nsXBLResourceLoader::LoadResources(bool* aResult)
|
|||
continue;
|
||||
|
||||
if (curr->mType == nsGkAtoms::image) {
|
||||
if (!nsContentUtils::CanLoadImage(url, doc, doc, docPrincipal)) {
|
||||
// We're not permitted to load this image, move on...
|
||||
continue;
|
||||
}
|
||||
|
||||
// Now kick off the image load...
|
||||
// Passing nullptr for pretty much everything -- cause we don't care!
|
||||
// XXX: initialDocumentURI is nullptr!
|
||||
|
|
|
|||
|
|
@ -257,26 +257,21 @@ ImageLoader::LoadImage(nsIURI* aURI, nsIPrincipal* aOriginPrincipal,
|
|||
return;
|
||||
}
|
||||
|
||||
if (!nsContentUtils::CanLoadImage(aURI, mDocument, mDocument,
|
||||
aOriginPrincipal)) {
|
||||
return;
|
||||
}
|
||||
|
||||
RefPtr<imgRequestProxy> request;
|
||||
nsContentUtils::LoadImage(aURI, mDocument, mDocument,
|
||||
aOriginPrincipal, aReferrer,
|
||||
mDocument->GetReferrerPolicy(),
|
||||
nullptr, nsIRequest::LOAD_NORMAL,
|
||||
NS_LITERAL_STRING("css"),
|
||||
getter_AddRefs(request));
|
||||
nsresult rv = nsContentUtils::LoadImage(aURI, mDocument, mDocument,
|
||||
aOriginPrincipal, aReferrer,
|
||||
mDocument->GetReferrerPolicy(),
|
||||
nullptr, nsIRequest::LOAD_NORMAL,
|
||||
NS_LITERAL_STRING("css"),
|
||||
getter_AddRefs(request));
|
||||
|
||||
if (!request) {
|
||||
if (NS_FAILED(rv) || !request) {
|
||||
return;
|
||||
}
|
||||
|
||||
RefPtr<imgRequestProxy> clonedRequest;
|
||||
mInClone = true;
|
||||
nsresult rv = request->Clone(this, getter_AddRefs(clonedRequest));
|
||||
rv = request->Clone(this, getter_AddRefs(clonedRequest));
|
||||
mInClone = false;
|
||||
|
||||
if (NS_FAILED(rv)) {
|
||||
|
|
|
|||
|
|
@ -233,15 +233,13 @@ nsImageBoxFrame::UpdateImage()
|
|||
src,
|
||||
doc,
|
||||
baseURI);
|
||||
if (uri) {
|
||||
nsresult rv = nsContentUtils::LoadImage(uri, mContent, doc, mContent->NodePrincipal(),
|
||||
doc->GetDocumentURI(), doc->GetReferrerPolicy(),
|
||||
mListener, mLoadFlags,
|
||||
EmptyString(), getter_AddRefs(mImageRequest));
|
||||
|
||||
if (uri && nsContentUtils::CanLoadImage(uri, mContent, doc,
|
||||
mContent->NodePrincipal())) {
|
||||
nsContentUtils::LoadImage(uri, mContent, doc, mContent->NodePrincipal(),
|
||||
doc->GetDocumentURI(), doc->GetReferrerPolicy(),
|
||||
mListener, mLoadFlags,
|
||||
EmptyString(), getter_AddRefs(mImageRequest));
|
||||
|
||||
if (mImageRequest) {
|
||||
if (NS_SUCCEEDED(rv) && mImageRequest) {
|
||||
nsLayoutUtils::RegisterImageRequestIfAnimated(presContext,
|
||||
mImageRequest,
|
||||
&mRequestRegistered);
|
||||
|
|
|
|||
|
|
@ -2188,21 +2188,17 @@ nsTreeBodyFrame::GetImage(int32_t aRowIndex, nsTreeColumn* aCol, bool aUseContex
|
|||
|
||||
// XXXbz what's the origin principal for this stuff that comes from our
|
||||
// view? I guess we should assume that it's the node's principal...
|
||||
if (nsContentUtils::CanLoadImage(srcURI, mContent, doc,
|
||||
mContent->NodePrincipal())) {
|
||||
nsresult rv = nsContentUtils::LoadImage(srcURI,
|
||||
mContent,
|
||||
doc,
|
||||
mContent->NodePrincipal(),
|
||||
doc->GetDocumentURI(),
|
||||
doc->GetReferrerPolicy(),
|
||||
imgNotificationObserver,
|
||||
nsIRequest::LOAD_NORMAL,
|
||||
EmptyString(),
|
||||
getter_AddRefs(imageRequest));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
}
|
||||
nsresult rv = nsContentUtils::LoadImage(srcURI,
|
||||
mContent,
|
||||
doc,
|
||||
mContent->NodePrincipal(),
|
||||
doc->GetDocumentURI(),
|
||||
doc->GetReferrerPolicy(),
|
||||
imgNotificationObserver,
|
||||
nsIRequest::LOAD_NORMAL,
|
||||
EmptyString(),
|
||||
getter_AddRefs(imageRequest));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
}
|
||||
listener->UnsuppressInvalidation();
|
||||
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче