Bug 1012320 - Move the code that defines window.netscape into nsGlobalWindow and simplify it; r=bholley

caps/include/nsScriptSecurityManager.h

@@ -154,22 +154,6 @@ private:
     static JSRuntime       *sRuntime;
 };
 
-#define NS_SECURITYNAMESET_CID \
- { 0x7c02eadc, 0x76, 0x4d03, \
- { 0x99, 0x8d, 0x80, 0xd7, 0x79, 0xc4, 0x85, 0x89 } }
-#define NS_SECURITYNAMESET_CONTRACTID "@mozilla.org/security/script/nameset;1"
-
-class nsSecurityNameSet : public nsIScriptExternalNameSet 
-{
-public:
-    nsSecurityNameSet();
-    virtual ~nsSecurityNameSet();
-    
-    NS_DECL_ISUPPORTS
-
-    NS_IMETHOD InitializeNameSet(nsIScriptContext* aScriptContext);
-};
-
 namespace mozilla {
 
 void

caps/src/moz.build

@@ -11,7 +11,6 @@ UNIFIED_SOURCES += [
     'nsNullPrincipalURI.cpp',
     'nsPrincipal.cpp',
     'nsScriptSecurityManager.cpp',
-    'nsSecurityManagerFactory.cpp',
     'nsSystemPrincipal.cpp',
 ]
 

caps/src/nsSecurityManagerFactory.cpp

@@ -1,127 +0,0 @@
-/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-/*Factory for internal browser security resource managers*/
-
-#include "nsCOMPtr.h"
-#include "nsIScriptSecurityManager.h"
-#include "nsScriptSecurityManager.h"
-#include "nsIPrincipal.h"
-#include "nsPrincipal.h"
-#include "nsSystemPrincipal.h"
-#include "nsNullPrincipal.h"
-#include "nsIScriptNameSpaceManager.h"
-#include "nsIScriptContext.h"
-#include "nsICategoryManager.h"
-#include "nsXPIDLString.h"
-#include "nsCOMPtr.h"
-#include "nsIServiceManager.h"
-#include "nsString.h"
-#include "nsNetCID.h"
-#include "nsIClassInfoImpl.h"
-#include "nsJSUtils.h"
-#include "nsPIDOMWindow.h"
-#include "nsIScriptGlobalObject.h"
-#include "nsIDocument.h"
-#include "jsfriendapi.h"
-#include "xpcprivate.h"
-#include "nsCxPusher.h"
-#include "mozilla/Preferences.h"
-#include "mozilla/Telemetry.h"
-
-using namespace mozilla;
-
-///////////////////////
-// nsSecurityNameSet //
-///////////////////////
-
-nsSecurityNameSet::nsSecurityNameSet()
-{
-}
-
-nsSecurityNameSet::~nsSecurityNameSet()
-{
-}
-
-NS_IMPL_ISUPPORTS(nsSecurityNameSet, nsIScriptExternalNameSet)
-
-static bool
-netscape_security_enablePrivilege(JSContext *cx, unsigned argc, JS::Value *vp)
-{
-    Telemetry::Accumulate(Telemetry::ENABLE_PRIVILEGE_EVER_CALLED, true);
-    return xpc::EnableUniversalXPConnect(cx);
-}
-
-static const JSFunctionSpec PrivilegeManager_static_methods[] = {
-    JS_FS("enablePrivilege", netscape_security_enablePrivilege, 1, 0),
-    JS_FS_END
-};
-
-/*
- * "Steal" calls to netscape.security.PrivilegeManager.enablePrivilege,
- * et al. so that code that worked with 4.0 can still work.
- */
-NS_IMETHODIMP
-nsSecurityNameSet::InitializeNameSet(nsIScriptContext* aScriptContext)
-{
-    AutoJSContext cx;
-    JS::Rooted<JSObject*> global(cx, aScriptContext->GetWindowProxy());
-    JSAutoCompartment ac(cx, global);
-
-    /*
-     * Find Object.prototype's class by walking up the global object's
-     * prototype chain.
-     */
-    JS::Rooted<JSObject*> obj(cx, global);
-    JS::Rooted<JSObject*> proto(cx);
-    for (;;) {
-        MOZ_ALWAYS_TRUE(JS_GetPrototype(cx, obj, &proto));
-        if (!proto)
-            break;
-        obj = proto;
-    }
-    const JSClass *objectClass = JS_GetClass(obj);
-
-    JS::Rooted<JS::Value> v(cx);
-    if (!JS_GetProperty(cx, global, "netscape", &v))
-        return NS_ERROR_FAILURE;
-
-    JS::Rooted<JSObject*> securityObj(cx);
-    if (v.isObject()) {
-        /*
-         * "netscape" property of window object exists; get the
-         * "security" property.
-         */
-        obj = &v.toObject();
-        if (!JS_GetProperty(cx, obj, "security", &v) || !v.isObject())
-            return NS_ERROR_FAILURE;
-        securityObj = &v.toObject();
-    } else {
-        /* define netscape.security object */
-        obj = JS_DefineObject(cx, global, "netscape", objectClass);
-        if (obj == nullptr)
-            return NS_ERROR_FAILURE;
-        securityObj = JS_DefineObject(cx, obj, "security", objectClass);
-        if (securityObj == nullptr)
-            return NS_ERROR_FAILURE;
-    }
-
-    // We hide enablePrivilege behind a pref because it has been altered in a
-    // way that makes it fundamentally insecure to use in production. Mozilla
-    // uses this pref during automated testing to support legacy test code that
-    // uses enablePrivilege. If you're not doing test automation, you _must_ not
-    // flip this pref, or you will be exposing all your users to security
-    // vulnerabilities.
-    if (!Preferences::GetBool("security.turn_off_all_security_so_that_viruses_can_take_over_this_computer"))
-        return NS_OK;
-
-    /* Define PrivilegeManager object with the necessary "static" methods. */
-    obj = JS_DefineObject(cx, securityObj, "PrivilegeManager", objectClass);
-    if (obj == nullptr)
-        return NS_ERROR_FAILURE;
-
-    return JS_DefineFunctions(cx, obj, PrivilegeManager_static_methods)
-           ? NS_OK
-           : NS_ERROR_FAILURE;
-}

dom/base/nsGlobalWindow.cpp

@@ -2188,6 +2188,48 @@ TreatAsRemoteXUL(nsIPrincipal* aPrincipal)
          !Preferences::GetBool("dom.use_xbl_scopes_for_remote_xul", false);
 }
 
+static bool
+EnablePrivilege(JSContext* cx, unsigned argc, JS::Value* vp)
+{
+  Telemetry::Accumulate(Telemetry::ENABLE_PRIVILEGE_EVER_CALLED, true);
+  return xpc::EnableUniversalXPConnect(cx);
+}
+
+static const JSFunctionSpec EnablePrivilegeSpec[] = {
+  JS_FS("enablePrivilege", EnablePrivilege, 1, 0),
+  JS_FS_END
+};
+
+static bool
+InitializeLegacyNetscapeObject(JSContext* aCx, JS::Handle<JSObject*> aGlobal)
+{
+  JSAutoCompartment ac(aCx, aGlobal);
+
+  // Note: MathJax depends on window.netscape being exposed. See bug 791526.
+  JS::Rooted<JSObject*> obj(aCx);
+  obj = JS_DefineObject(aCx, aGlobal, "netscape", nullptr);
+  NS_ENSURE_TRUE(obj, false);
+
+  obj = JS_DefineObject(aCx, obj, "security", nullptr);
+  NS_ENSURE_TRUE(obj, false);
+
+  // We hide enablePrivilege behind a pref because it has been altered in a
+  // way that makes it fundamentally insecure to use in production. Mozilla
+  // uses this pref during automated testing to support legacy test code that
+  // uses enablePrivilege. If you're not doing test automation, you _must_ not
+  // flip this pref, or you will be exposing all your users to security
+  // vulnerabilities.
+  if (!Preferences::GetBool("security.turn_off_all_security_so_that_viruses_can_take_over_this_computer")) {
+    return true;
+  }
+
+  /* Define PrivilegeManager object with the necessary "static" methods. */
+  obj = JS_DefineObject(aCx, obj, "PrivilegeManager", nullptr);
+  NS_ENSURE_TRUE(obj, false);
+
+  return JS_DefineFunctions(aCx, obj, EnablePrivilegeSpec);
+}
+
 /**
  * Create a new global object that will be used for an inner window.
  * Return the native global and an nsISupports 'holder' that can be used
@@ -2251,6 +2293,10 @@ CreateNativeGlobalForInner(JSContext* aCx,
   // about:memory may use that information
   xpc::SetLocationForGlobal(aGlobal, aURI);
 
+  if (!InitializeLegacyNetscapeObject(aCx, aGlobal)) {
+    return NS_ERROR_FAILURE;
+  }
+
   return NS_OK;
 }
 

layout/build/nsLayoutModule.cpp

@@ -597,7 +597,6 @@ NS_GENERIC_FACTORY_CONSTRUCTOR(CSPService)
 NS_GENERIC_FACTORY_CONSTRUCTOR(nsMixedContentBlocker)
 
 NS_GENERIC_FACTORY_CONSTRUCTOR(nsPrincipal)
-NS_GENERIC_FACTORY_CONSTRUCTOR(nsSecurityNameSet)
 NS_GENERIC_FACTORY_SINGLETON_CONSTRUCTOR(nsSystemPrincipal,
     nsScriptSecurityManager::SystemPrincipalSingletonConstructor)
 NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsNullPrincipal, Init)
@@ -750,7 +749,6 @@ NS_DEFINE_NAMED_CID(NS_SCRIPTSECURITYMANAGER_CID);
 NS_DEFINE_NAMED_CID(NS_PRINCIPAL_CID);
 NS_DEFINE_NAMED_CID(NS_SYSTEMPRINCIPAL_CID);
 NS_DEFINE_NAMED_CID(NS_NULLPRINCIPAL_CID);
-NS_DEFINE_NAMED_CID(NS_SECURITYNAMESET_CID);
 NS_DEFINE_NAMED_CID(THIRDPARTYUTIL_CID);
 NS_DEFINE_NAMED_CID(NS_STRUCTUREDCLONECONTAINER_CID);
 NS_DEFINE_NAMED_CID(NS_DEVICE_SENSORS_CID);
@@ -1042,7 +1040,6 @@ static const mozilla::Module::CIDEntry kLayoutCIDs[] = {
   { &kNS_PRINCIPAL_CID, false, nullptr, nsPrincipalConstructor },
   { &kNS_SYSTEMPRINCIPAL_CID, false, nullptr, nsSystemPrincipalConstructor },
   { &kNS_NULLPRINCIPAL_CID, false, nullptr, nsNullPrincipalConstructor },
-  { &kNS_SECURITYNAMESET_CID, false, nullptr, nsSecurityNameSetConstructor },
   { &kNS_DEVICE_SENSORS_CID, false, nullptr, nsDeviceSensorsConstructor },
 #ifndef MOZ_WIDGET_GONK
 #if defined(ANDROID)
@@ -1198,7 +1195,6 @@ static const mozilla::Module::ContractIDEntry kLayoutContracts[] = {
   { NS_PRINCIPAL_CONTRACTID, &kNS_PRINCIPAL_CID },
   { NS_SYSTEMPRINCIPAL_CONTRACTID, &kNS_SYSTEMPRINCIPAL_CID },
   { NS_NULLPRINCIPAL_CONTRACTID, &kNS_NULLPRINCIPAL_CID },
-  { NS_SECURITYNAMESET_CONTRACTID, &kNS_SECURITYNAMESET_CID },
   { NS_DEVICE_SENSORS_CONTRACTID, &kNS_DEVICE_SENSORS_CID },
 #ifndef MOZ_WIDGET_GONK
 #if defined(ANDROID)
@@ -1243,7 +1239,6 @@ static const mozilla::Module::CategoryEntry kLayoutCategories[] = {
   { "content-policy", "CSPService", CSPSERVICE_CONTRACTID },
   { "content-policy", NS_MIXEDCONTENTBLOCKER_CONTRACTID, NS_MIXEDCONTENTBLOCKER_CONTRACTID },
   { "net-channel-event-sinks", "CSPService", CSPSERVICE_CONTRACTID },
-  { JAVASCRIPT_GLOBAL_STATIC_NAMESET_CATEGORY, "PrivilegeManager", NS_SECURITYNAMESET_CONTRACTID },
   { "app-startup", "Script Security Manager", "service," NS_SCRIPTSECURITYMANAGER_CONTRACTID },
   { TOPIC_WEB_APP_CLEAR_DATA, "QuotaManager", "service," QUOTA_MANAGER_CONTRACTID },
 #ifdef MOZ_WIDGET_GONK