зеркало из https://github.com/mozilla/gecko-dev.git
Bug 754202 - Pull object principals directly off the compartment, and assert that behavior doesn't change. r=bz
This commit is contained in:
Родитель
96f9194428
Коммит
ddbdb6b79b
|
@ -403,12 +403,11 @@ private:
|
|||
|
||||
// Returns null if a principal cannot be found; generally callers
|
||||
// should error out at that point.
|
||||
static nsIPrincipal*
|
||||
doGetObjectPrincipal(JSObject *obj
|
||||
static nsIPrincipal* doGetObjectPrincipal(JSObject *obj);
|
||||
#ifdef DEBUG
|
||||
, bool aAllowShortCircuit = true
|
||||
static nsIPrincipal*
|
||||
old_doGetObjectPrincipal(JSObject *obj, bool aAllowShortCircuit = true);
|
||||
#endif
|
||||
);
|
||||
|
||||
// Returns null if a principal cannot be found. Note that rv can be NS_OK
|
||||
// when this happens -- this means that there was no JS running.
|
||||
|
|
|
@ -2382,19 +2382,33 @@ nsScriptSecurityManager::GetObjectPrincipal(JSContext *aCx, JSObject *aObj,
|
|||
|
||||
// static
|
||||
nsIPrincipal*
|
||||
nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj
|
||||
nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj)
|
||||
{
|
||||
JSCompartment *compartment = js::GetObjectCompartment(aObj);
|
||||
JSPrincipals *principals = JS_GetCompartmentPrincipals(compartment);
|
||||
nsIPrincipal *principal = nsJSPrincipals::get(principals);
|
||||
|
||||
// We leave the old code in for a little while to make sure that pulling
|
||||
// object principals directly off the compartment always gives an equivalent
|
||||
// result (from a security perspective).
|
||||
#ifdef DEBUG
|
||||
, bool aAllowShortCircuit
|
||||
nsIPrincipal *old = old_doGetObjectPrincipal(aObj);
|
||||
MOZ_ASSERT(NS_SUCCEEDED(CheckSameOriginPrincipal(principal, old)));
|
||||
#endif
|
||||
)
|
||||
|
||||
return principal;
|
||||
}
|
||||
|
||||
#ifdef DEBUG
|
||||
// static
|
||||
nsIPrincipal*
|
||||
nsScriptSecurityManager::old_doGetObjectPrincipal(JSObject *aObj,
|
||||
bool aAllowShortCircuit)
|
||||
{
|
||||
NS_ASSERTION(aObj, "Bad call to doGetObjectPrincipal()!");
|
||||
nsIPrincipal* result = nsnull;
|
||||
|
||||
#ifdef DEBUG
|
||||
JSObject* origObj = aObj;
|
||||
#endif
|
||||
|
||||
js::Class *jsClass = js::GetObjectClass(aObj);
|
||||
|
||||
// A common case seen in this code is that we enter this function
|
||||
|
@ -2428,12 +2442,7 @@ nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj
|
|||
|
||||
if (IS_WRAPPER_CLASS(jsClass)) {
|
||||
result = sXPConnect->GetPrincipal(aObj,
|
||||
#ifdef DEBUG
|
||||
aAllowShortCircuit
|
||||
#else
|
||||
true
|
||||
#endif
|
||||
);
|
||||
aAllowShortCircuit);
|
||||
if (result) {
|
||||
break;
|
||||
}
|
||||
|
@ -2449,7 +2458,6 @@ nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj
|
|||
priv = nsnull;
|
||||
}
|
||||
|
||||
#ifdef DEBUG
|
||||
if (aAllowShortCircuit) {
|
||||
nsCOMPtr<nsIXPConnectWrappedNative> xpcWrapper =
|
||||
do_QueryInterface(priv);
|
||||
|
@ -2459,7 +2467,6 @@ nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj
|
|||
"Uh, an nsIXPConnectWrappedNative with the "
|
||||
"wrong JSClass or getObjectOps hooks!");
|
||||
}
|
||||
#endif
|
||||
|
||||
nsCOMPtr<nsIScriptObjectPrincipal> objPrin =
|
||||
do_QueryInterface(priv);
|
||||
|
@ -2481,9 +2488,8 @@ nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj
|
|||
jsClass = js::GetObjectClass(aObj);
|
||||
} while (1);
|
||||
|
||||
#ifdef DEBUG
|
||||
if (aAllowShortCircuit) {
|
||||
nsIPrincipal *principal = doGetObjectPrincipal(origObj, false);
|
||||
nsIPrincipal *principal = old_doGetObjectPrincipal(origObj, false);
|
||||
|
||||
// Because of inner window reuse, we can have objects with one principal
|
||||
// living in a scope with a different (but same-origin) principal. So
|
||||
|
@ -2491,10 +2497,10 @@ nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj
|
|||
NS_ASSERTION(NS_SUCCEEDED(CheckSameOriginPrincipal(result, principal)),
|
||||
"Principal mismatch. Not good");
|
||||
}
|
||||
#endif
|
||||
|
||||
return result;
|
||||
}
|
||||
#endif /* DEBUG */
|
||||
|
||||
///////////////// Capabilities API /////////////////////
|
||||
NS_IMETHODIMP
|
||||
|
|
Загрузка…
Ссылка в новой задаче