From f4f685b62c126a64fe25c89a83cbd00fc5ed8a80 Mon Sep 17 00:00:00 2001 From: Ms2ger Date: Fri, 30 May 2014 09:36:52 +0200 Subject: [PATCH] Bug 1012320 - Move the code that defines window.netscape into nsGlobalWindow and simplify it; r=bholley --- caps/include/nsScriptSecurityManager.h | 16 ---- caps/src/moz.build | 1 - caps/src/nsSecurityManagerFactory.cpp | 127 ------------------------- dom/base/nsGlobalWindow.cpp | 46 +++++++++ layout/build/nsLayoutModule.cpp | 5 - 5 files changed, 46 insertions(+), 149 deletions(-) delete mode 100644 caps/src/nsSecurityManagerFactory.cpp diff --git a/caps/include/nsScriptSecurityManager.h b/caps/include/nsScriptSecurityManager.h index ef8d87522e90..7eec857f86b4 100644 --- a/caps/include/nsScriptSecurityManager.h +++ b/caps/include/nsScriptSecurityManager.h @@ -154,22 +154,6 @@ private: static JSRuntime *sRuntime; }; -#define NS_SECURITYNAMESET_CID \ - { 0x7c02eadc, 0x76, 0x4d03, \ - { 0x99, 0x8d, 0x80, 0xd7, 0x79, 0xc4, 0x85, 0x89 } } -#define NS_SECURITYNAMESET_CONTRACTID "@mozilla.org/security/script/nameset;1" - -class nsSecurityNameSet : public nsIScriptExternalNameSet -{ -public: - nsSecurityNameSet(); - virtual ~nsSecurityNameSet(); - - NS_DECL_ISUPPORTS - - NS_IMETHOD InitializeNameSet(nsIScriptContext* aScriptContext); -}; - namespace mozilla { void diff --git a/caps/src/moz.build b/caps/src/moz.build index 8adbb788ae8d..797bba56c6f4 100644 --- a/caps/src/moz.build +++ b/caps/src/moz.build @@ -11,7 +11,6 @@ UNIFIED_SOURCES += [ 'nsNullPrincipalURI.cpp', 'nsPrincipal.cpp', 'nsScriptSecurityManager.cpp', - 'nsSecurityManagerFactory.cpp', 'nsSystemPrincipal.cpp', ] diff --git a/caps/src/nsSecurityManagerFactory.cpp b/caps/src/nsSecurityManagerFactory.cpp deleted file mode 100644 index 711c60aba8e7..000000000000 --- a/caps/src/nsSecurityManagerFactory.cpp +++ /dev/null @@ -1,127 +0,0 @@ -/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/*Factory for internal browser security resource managers*/ - -#include "nsCOMPtr.h" -#include "nsIScriptSecurityManager.h" -#include "nsScriptSecurityManager.h" -#include "nsIPrincipal.h" -#include "nsPrincipal.h" -#include "nsSystemPrincipal.h" -#include "nsNullPrincipal.h" -#include "nsIScriptNameSpaceManager.h" -#include "nsIScriptContext.h" -#include "nsICategoryManager.h" -#include "nsXPIDLString.h" -#include "nsCOMPtr.h" -#include "nsIServiceManager.h" -#include "nsString.h" -#include "nsNetCID.h" -#include "nsIClassInfoImpl.h" -#include "nsJSUtils.h" -#include "nsPIDOMWindow.h" -#include "nsIScriptGlobalObject.h" -#include "nsIDocument.h" -#include "jsfriendapi.h" -#include "xpcprivate.h" -#include "nsCxPusher.h" -#include "mozilla/Preferences.h" -#include "mozilla/Telemetry.h" - -using namespace mozilla; - -/////////////////////// -// nsSecurityNameSet // -/////////////////////// - -nsSecurityNameSet::nsSecurityNameSet() -{ -} - -nsSecurityNameSet::~nsSecurityNameSet() -{ -} - -NS_IMPL_ISUPPORTS(nsSecurityNameSet, nsIScriptExternalNameSet) - -static bool -netscape_security_enablePrivilege(JSContext *cx, unsigned argc, JS::Value *vp) -{ - Telemetry::Accumulate(Telemetry::ENABLE_PRIVILEGE_EVER_CALLED, true); - return xpc::EnableUniversalXPConnect(cx); -} - -static const JSFunctionSpec PrivilegeManager_static_methods[] = { - JS_FS("enablePrivilege", netscape_security_enablePrivilege, 1, 0), - JS_FS_END -}; - -/* - * "Steal" calls to netscape.security.PrivilegeManager.enablePrivilege, - * et al. so that code that worked with 4.0 can still work. - */ -NS_IMETHODIMP -nsSecurityNameSet::InitializeNameSet(nsIScriptContext* aScriptContext) -{ - AutoJSContext cx; - JS::Rooted global(cx, aScriptContext->GetWindowProxy()); - JSAutoCompartment ac(cx, global); - - /* - * Find Object.prototype's class by walking up the global object's - * prototype chain. - */ - JS::Rooted obj(cx, global); - JS::Rooted proto(cx); - for (;;) { - MOZ_ALWAYS_TRUE(JS_GetPrototype(cx, obj, &proto)); - if (!proto) - break; - obj = proto; - } - const JSClass *objectClass = JS_GetClass(obj); - - JS::Rooted v(cx); - if (!JS_GetProperty(cx, global, "netscape", &v)) - return NS_ERROR_FAILURE; - - JS::Rooted securityObj(cx); - if (v.isObject()) { - /* - * "netscape" property of window object exists; get the - * "security" property. - */ - obj = &v.toObject(); - if (!JS_GetProperty(cx, obj, "security", &v) || !v.isObject()) - return NS_ERROR_FAILURE; - securityObj = &v.toObject(); - } else { - /* define netscape.security object */ - obj = JS_DefineObject(cx, global, "netscape", objectClass); - if (obj == nullptr) - return NS_ERROR_FAILURE; - securityObj = JS_DefineObject(cx, obj, "security", objectClass); - if (securityObj == nullptr) - return NS_ERROR_FAILURE; - } - - // We hide enablePrivilege behind a pref because it has been altered in a - // way that makes it fundamentally insecure to use in production. Mozilla - // uses this pref during automated testing to support legacy test code that - // uses enablePrivilege. If you're not doing test automation, you _must_ not - // flip this pref, or you will be exposing all your users to security - // vulnerabilities. - if (!Preferences::GetBool("security.turn_off_all_security_so_that_viruses_can_take_over_this_computer")) - return NS_OK; - - /* Define PrivilegeManager object with the necessary "static" methods. */ - obj = JS_DefineObject(cx, securityObj, "PrivilegeManager", objectClass); - if (obj == nullptr) - return NS_ERROR_FAILURE; - - return JS_DefineFunctions(cx, obj, PrivilegeManager_static_methods) - ? NS_OK - : NS_ERROR_FAILURE; -} diff --git a/dom/base/nsGlobalWindow.cpp b/dom/base/nsGlobalWindow.cpp index fb294bd2c237..83ffd989da74 100644 --- a/dom/base/nsGlobalWindow.cpp +++ b/dom/base/nsGlobalWindow.cpp @@ -2188,6 +2188,48 @@ TreatAsRemoteXUL(nsIPrincipal* aPrincipal) !Preferences::GetBool("dom.use_xbl_scopes_for_remote_xul", false); } +static bool +EnablePrivilege(JSContext* cx, unsigned argc, JS::Value* vp) +{ + Telemetry::Accumulate(Telemetry::ENABLE_PRIVILEGE_EVER_CALLED, true); + return xpc::EnableUniversalXPConnect(cx); +} + +static const JSFunctionSpec EnablePrivilegeSpec[] = { + JS_FS("enablePrivilege", EnablePrivilege, 1, 0), + JS_FS_END +}; + +static bool +InitializeLegacyNetscapeObject(JSContext* aCx, JS::Handle aGlobal) +{ + JSAutoCompartment ac(aCx, aGlobal); + + // Note: MathJax depends on window.netscape being exposed. See bug 791526. + JS::Rooted obj(aCx); + obj = JS_DefineObject(aCx, aGlobal, "netscape", nullptr); + NS_ENSURE_TRUE(obj, false); + + obj = JS_DefineObject(aCx, obj, "security", nullptr); + NS_ENSURE_TRUE(obj, false); + + // We hide enablePrivilege behind a pref because it has been altered in a + // way that makes it fundamentally insecure to use in production. Mozilla + // uses this pref during automated testing to support legacy test code that + // uses enablePrivilege. If you're not doing test automation, you _must_ not + // flip this pref, or you will be exposing all your users to security + // vulnerabilities. + if (!Preferences::GetBool("security.turn_off_all_security_so_that_viruses_can_take_over_this_computer")) { + return true; + } + + /* Define PrivilegeManager object with the necessary "static" methods. */ + obj = JS_DefineObject(aCx, obj, "PrivilegeManager", nullptr); + NS_ENSURE_TRUE(obj, false); + + return JS_DefineFunctions(aCx, obj, EnablePrivilegeSpec); +} + /** * Create a new global object that will be used for an inner window. * Return the native global and an nsISupports 'holder' that can be used @@ -2251,6 +2293,10 @@ CreateNativeGlobalForInner(JSContext* aCx, // about:memory may use that information xpc::SetLocationForGlobal(aGlobal, aURI); + if (!InitializeLegacyNetscapeObject(aCx, aGlobal)) { + return NS_ERROR_FAILURE; + } + return NS_OK; } diff --git a/layout/build/nsLayoutModule.cpp b/layout/build/nsLayoutModule.cpp index d33589aa87e0..fb9aab5ff7a1 100644 --- a/layout/build/nsLayoutModule.cpp +++ b/layout/build/nsLayoutModule.cpp @@ -597,7 +597,6 @@ NS_GENERIC_FACTORY_CONSTRUCTOR(CSPService) NS_GENERIC_FACTORY_CONSTRUCTOR(nsMixedContentBlocker) NS_GENERIC_FACTORY_CONSTRUCTOR(nsPrincipal) -NS_GENERIC_FACTORY_CONSTRUCTOR(nsSecurityNameSet) NS_GENERIC_FACTORY_SINGLETON_CONSTRUCTOR(nsSystemPrincipal, nsScriptSecurityManager::SystemPrincipalSingletonConstructor) NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsNullPrincipal, Init) @@ -750,7 +749,6 @@ NS_DEFINE_NAMED_CID(NS_SCRIPTSECURITYMANAGER_CID); NS_DEFINE_NAMED_CID(NS_PRINCIPAL_CID); NS_DEFINE_NAMED_CID(NS_SYSTEMPRINCIPAL_CID); NS_DEFINE_NAMED_CID(NS_NULLPRINCIPAL_CID); -NS_DEFINE_NAMED_CID(NS_SECURITYNAMESET_CID); NS_DEFINE_NAMED_CID(THIRDPARTYUTIL_CID); NS_DEFINE_NAMED_CID(NS_STRUCTUREDCLONECONTAINER_CID); NS_DEFINE_NAMED_CID(NS_DEVICE_SENSORS_CID); @@ -1042,7 +1040,6 @@ static const mozilla::Module::CIDEntry kLayoutCIDs[] = { { &kNS_PRINCIPAL_CID, false, nullptr, nsPrincipalConstructor }, { &kNS_SYSTEMPRINCIPAL_CID, false, nullptr, nsSystemPrincipalConstructor }, { &kNS_NULLPRINCIPAL_CID, false, nullptr, nsNullPrincipalConstructor }, - { &kNS_SECURITYNAMESET_CID, false, nullptr, nsSecurityNameSetConstructor }, { &kNS_DEVICE_SENSORS_CID, false, nullptr, nsDeviceSensorsConstructor }, #ifndef MOZ_WIDGET_GONK #if defined(ANDROID) @@ -1198,7 +1195,6 @@ static const mozilla::Module::ContractIDEntry kLayoutContracts[] = { { NS_PRINCIPAL_CONTRACTID, &kNS_PRINCIPAL_CID }, { NS_SYSTEMPRINCIPAL_CONTRACTID, &kNS_SYSTEMPRINCIPAL_CID }, { NS_NULLPRINCIPAL_CONTRACTID, &kNS_NULLPRINCIPAL_CID }, - { NS_SECURITYNAMESET_CONTRACTID, &kNS_SECURITYNAMESET_CID }, { NS_DEVICE_SENSORS_CONTRACTID, &kNS_DEVICE_SENSORS_CID }, #ifndef MOZ_WIDGET_GONK #if defined(ANDROID) @@ -1243,7 +1239,6 @@ static const mozilla::Module::CategoryEntry kLayoutCategories[] = { { "content-policy", "CSPService", CSPSERVICE_CONTRACTID }, { "content-policy", NS_MIXEDCONTENTBLOCKER_CONTRACTID, NS_MIXEDCONTENTBLOCKER_CONTRACTID }, { "net-channel-event-sinks", "CSPService", CSPSERVICE_CONTRACTID }, - { JAVASCRIPT_GLOBAL_STATIC_NAMESET_CATEGORY, "PrivilegeManager", NS_SECURITYNAMESET_CONTRACTID }, { "app-startup", "Script Security Manager", "service," NS_SCRIPTSECURITYMANAGER_CONTRACTID }, { TOPIC_WEB_APP_CLEAR_DATA, "QuotaManager", "service," QUOTA_MANAGER_CONTRACTID }, #ifdef MOZ_WIDGET_GONK