зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1012320 - Move the code that defines window.netscape into nsGlobalWindow and simplify it; r=bholley
This commit is contained in:
Родитель
d1f63c87ff
Коммит
f4f685b62c
|
@ -154,22 +154,6 @@ private:
|
|||
static JSRuntime *sRuntime;
|
||||
};
|
||||
|
||||
#define NS_SECURITYNAMESET_CID \
|
||||
{ 0x7c02eadc, 0x76, 0x4d03, \
|
||||
{ 0x99, 0x8d, 0x80, 0xd7, 0x79, 0xc4, 0x85, 0x89 } }
|
||||
#define NS_SECURITYNAMESET_CONTRACTID "@mozilla.org/security/script/nameset;1"
|
||||
|
||||
class nsSecurityNameSet : public nsIScriptExternalNameSet
|
||||
{
|
||||
public:
|
||||
nsSecurityNameSet();
|
||||
virtual ~nsSecurityNameSet();
|
||||
|
||||
NS_DECL_ISUPPORTS
|
||||
|
||||
NS_IMETHOD InitializeNameSet(nsIScriptContext* aScriptContext);
|
||||
};
|
||||
|
||||
namespace mozilla {
|
||||
|
||||
void
|
||||
|
|
|
@ -11,7 +11,6 @@ UNIFIED_SOURCES += [
|
|||
'nsNullPrincipalURI.cpp',
|
||||
'nsPrincipal.cpp',
|
||||
'nsScriptSecurityManager.cpp',
|
||||
'nsSecurityManagerFactory.cpp',
|
||||
'nsSystemPrincipal.cpp',
|
||||
]
|
||||
|
||||
|
|
|
@ -1,127 +0,0 @@
|
|||
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
|
||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||
/*Factory for internal browser security resource managers*/
|
||||
|
||||
#include "nsCOMPtr.h"
|
||||
#include "nsIScriptSecurityManager.h"
|
||||
#include "nsScriptSecurityManager.h"
|
||||
#include "nsIPrincipal.h"
|
||||
#include "nsPrincipal.h"
|
||||
#include "nsSystemPrincipal.h"
|
||||
#include "nsNullPrincipal.h"
|
||||
#include "nsIScriptNameSpaceManager.h"
|
||||
#include "nsIScriptContext.h"
|
||||
#include "nsICategoryManager.h"
|
||||
#include "nsXPIDLString.h"
|
||||
#include "nsCOMPtr.h"
|
||||
#include "nsIServiceManager.h"
|
||||
#include "nsString.h"
|
||||
#include "nsNetCID.h"
|
||||
#include "nsIClassInfoImpl.h"
|
||||
#include "nsJSUtils.h"
|
||||
#include "nsPIDOMWindow.h"
|
||||
#include "nsIScriptGlobalObject.h"
|
||||
#include "nsIDocument.h"
|
||||
#include "jsfriendapi.h"
|
||||
#include "xpcprivate.h"
|
||||
#include "nsCxPusher.h"
|
||||
#include "mozilla/Preferences.h"
|
||||
#include "mozilla/Telemetry.h"
|
||||
|
||||
using namespace mozilla;
|
||||
|
||||
///////////////////////
|
||||
// nsSecurityNameSet //
|
||||
///////////////////////
|
||||
|
||||
nsSecurityNameSet::nsSecurityNameSet()
|
||||
{
|
||||
}
|
||||
|
||||
nsSecurityNameSet::~nsSecurityNameSet()
|
||||
{
|
||||
}
|
||||
|
||||
NS_IMPL_ISUPPORTS(nsSecurityNameSet, nsIScriptExternalNameSet)
|
||||
|
||||
static bool
|
||||
netscape_security_enablePrivilege(JSContext *cx, unsigned argc, JS::Value *vp)
|
||||
{
|
||||
Telemetry::Accumulate(Telemetry::ENABLE_PRIVILEGE_EVER_CALLED, true);
|
||||
return xpc::EnableUniversalXPConnect(cx);
|
||||
}
|
||||
|
||||
static const JSFunctionSpec PrivilegeManager_static_methods[] = {
|
||||
JS_FS("enablePrivilege", netscape_security_enablePrivilege, 1, 0),
|
||||
JS_FS_END
|
||||
};
|
||||
|
||||
/*
|
||||
* "Steal" calls to netscape.security.PrivilegeManager.enablePrivilege,
|
||||
* et al. so that code that worked with 4.0 can still work.
|
||||
*/
|
||||
NS_IMETHODIMP
|
||||
nsSecurityNameSet::InitializeNameSet(nsIScriptContext* aScriptContext)
|
||||
{
|
||||
AutoJSContext cx;
|
||||
JS::Rooted<JSObject*> global(cx, aScriptContext->GetWindowProxy());
|
||||
JSAutoCompartment ac(cx, global);
|
||||
|
||||
/*
|
||||
* Find Object.prototype's class by walking up the global object's
|
||||
* prototype chain.
|
||||
*/
|
||||
JS::Rooted<JSObject*> obj(cx, global);
|
||||
JS::Rooted<JSObject*> proto(cx);
|
||||
for (;;) {
|
||||
MOZ_ALWAYS_TRUE(JS_GetPrototype(cx, obj, &proto));
|
||||
if (!proto)
|
||||
break;
|
||||
obj = proto;
|
||||
}
|
||||
const JSClass *objectClass = JS_GetClass(obj);
|
||||
|
||||
JS::Rooted<JS::Value> v(cx);
|
||||
if (!JS_GetProperty(cx, global, "netscape", &v))
|
||||
return NS_ERROR_FAILURE;
|
||||
|
||||
JS::Rooted<JSObject*> securityObj(cx);
|
||||
if (v.isObject()) {
|
||||
/*
|
||||
* "netscape" property of window object exists; get the
|
||||
* "security" property.
|
||||
*/
|
||||
obj = &v.toObject();
|
||||
if (!JS_GetProperty(cx, obj, "security", &v) || !v.isObject())
|
||||
return NS_ERROR_FAILURE;
|
||||
securityObj = &v.toObject();
|
||||
} else {
|
||||
/* define netscape.security object */
|
||||
obj = JS_DefineObject(cx, global, "netscape", objectClass);
|
||||
if (obj == nullptr)
|
||||
return NS_ERROR_FAILURE;
|
||||
securityObj = JS_DefineObject(cx, obj, "security", objectClass);
|
||||
if (securityObj == nullptr)
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
// We hide enablePrivilege behind a pref because it has been altered in a
|
||||
// way that makes it fundamentally insecure to use in production. Mozilla
|
||||
// uses this pref during automated testing to support legacy test code that
|
||||
// uses enablePrivilege. If you're not doing test automation, you _must_ not
|
||||
// flip this pref, or you will be exposing all your users to security
|
||||
// vulnerabilities.
|
||||
if (!Preferences::GetBool("security.turn_off_all_security_so_that_viruses_can_take_over_this_computer"))
|
||||
return NS_OK;
|
||||
|
||||
/* Define PrivilegeManager object with the necessary "static" methods. */
|
||||
obj = JS_DefineObject(cx, securityObj, "PrivilegeManager", objectClass);
|
||||
if (obj == nullptr)
|
||||
return NS_ERROR_FAILURE;
|
||||
|
||||
return JS_DefineFunctions(cx, obj, PrivilegeManager_static_methods)
|
||||
? NS_OK
|
||||
: NS_ERROR_FAILURE;
|
||||
}
|
|
@ -2188,6 +2188,48 @@ TreatAsRemoteXUL(nsIPrincipal* aPrincipal)
|
|||
!Preferences::GetBool("dom.use_xbl_scopes_for_remote_xul", false);
|
||||
}
|
||||
|
||||
static bool
|
||||
EnablePrivilege(JSContext* cx, unsigned argc, JS::Value* vp)
|
||||
{
|
||||
Telemetry::Accumulate(Telemetry::ENABLE_PRIVILEGE_EVER_CALLED, true);
|
||||
return xpc::EnableUniversalXPConnect(cx);
|
||||
}
|
||||
|
||||
static const JSFunctionSpec EnablePrivilegeSpec[] = {
|
||||
JS_FS("enablePrivilege", EnablePrivilege, 1, 0),
|
||||
JS_FS_END
|
||||
};
|
||||
|
||||
static bool
|
||||
InitializeLegacyNetscapeObject(JSContext* aCx, JS::Handle<JSObject*> aGlobal)
|
||||
{
|
||||
JSAutoCompartment ac(aCx, aGlobal);
|
||||
|
||||
// Note: MathJax depends on window.netscape being exposed. See bug 791526.
|
||||
JS::Rooted<JSObject*> obj(aCx);
|
||||
obj = JS_DefineObject(aCx, aGlobal, "netscape", nullptr);
|
||||
NS_ENSURE_TRUE(obj, false);
|
||||
|
||||
obj = JS_DefineObject(aCx, obj, "security", nullptr);
|
||||
NS_ENSURE_TRUE(obj, false);
|
||||
|
||||
// We hide enablePrivilege behind a pref because it has been altered in a
|
||||
// way that makes it fundamentally insecure to use in production. Mozilla
|
||||
// uses this pref during automated testing to support legacy test code that
|
||||
// uses enablePrivilege. If you're not doing test automation, you _must_ not
|
||||
// flip this pref, or you will be exposing all your users to security
|
||||
// vulnerabilities.
|
||||
if (!Preferences::GetBool("security.turn_off_all_security_so_that_viruses_can_take_over_this_computer")) {
|
||||
return true;
|
||||
}
|
||||
|
||||
/* Define PrivilegeManager object with the necessary "static" methods. */
|
||||
obj = JS_DefineObject(aCx, obj, "PrivilegeManager", nullptr);
|
||||
NS_ENSURE_TRUE(obj, false);
|
||||
|
||||
return JS_DefineFunctions(aCx, obj, EnablePrivilegeSpec);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new global object that will be used for an inner window.
|
||||
* Return the native global and an nsISupports 'holder' that can be used
|
||||
|
@ -2251,6 +2293,10 @@ CreateNativeGlobalForInner(JSContext* aCx,
|
|||
// about:memory may use that information
|
||||
xpc::SetLocationForGlobal(aGlobal, aURI);
|
||||
|
||||
if (!InitializeLegacyNetscapeObject(aCx, aGlobal)) {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
|
|
@ -597,7 +597,6 @@ NS_GENERIC_FACTORY_CONSTRUCTOR(CSPService)
|
|||
NS_GENERIC_FACTORY_CONSTRUCTOR(nsMixedContentBlocker)
|
||||
|
||||
NS_GENERIC_FACTORY_CONSTRUCTOR(nsPrincipal)
|
||||
NS_GENERIC_FACTORY_CONSTRUCTOR(nsSecurityNameSet)
|
||||
NS_GENERIC_FACTORY_SINGLETON_CONSTRUCTOR(nsSystemPrincipal,
|
||||
nsScriptSecurityManager::SystemPrincipalSingletonConstructor)
|
||||
NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsNullPrincipal, Init)
|
||||
|
@ -750,7 +749,6 @@ NS_DEFINE_NAMED_CID(NS_SCRIPTSECURITYMANAGER_CID);
|
|||
NS_DEFINE_NAMED_CID(NS_PRINCIPAL_CID);
|
||||
NS_DEFINE_NAMED_CID(NS_SYSTEMPRINCIPAL_CID);
|
||||
NS_DEFINE_NAMED_CID(NS_NULLPRINCIPAL_CID);
|
||||
NS_DEFINE_NAMED_CID(NS_SECURITYNAMESET_CID);
|
||||
NS_DEFINE_NAMED_CID(THIRDPARTYUTIL_CID);
|
||||
NS_DEFINE_NAMED_CID(NS_STRUCTUREDCLONECONTAINER_CID);
|
||||
NS_DEFINE_NAMED_CID(NS_DEVICE_SENSORS_CID);
|
||||
|
@ -1042,7 +1040,6 @@ static const mozilla::Module::CIDEntry kLayoutCIDs[] = {
|
|||
{ &kNS_PRINCIPAL_CID, false, nullptr, nsPrincipalConstructor },
|
||||
{ &kNS_SYSTEMPRINCIPAL_CID, false, nullptr, nsSystemPrincipalConstructor },
|
||||
{ &kNS_NULLPRINCIPAL_CID, false, nullptr, nsNullPrincipalConstructor },
|
||||
{ &kNS_SECURITYNAMESET_CID, false, nullptr, nsSecurityNameSetConstructor },
|
||||
{ &kNS_DEVICE_SENSORS_CID, false, nullptr, nsDeviceSensorsConstructor },
|
||||
#ifndef MOZ_WIDGET_GONK
|
||||
#if defined(ANDROID)
|
||||
|
@ -1198,7 +1195,6 @@ static const mozilla::Module::ContractIDEntry kLayoutContracts[] = {
|
|||
{ NS_PRINCIPAL_CONTRACTID, &kNS_PRINCIPAL_CID },
|
||||
{ NS_SYSTEMPRINCIPAL_CONTRACTID, &kNS_SYSTEMPRINCIPAL_CID },
|
||||
{ NS_NULLPRINCIPAL_CONTRACTID, &kNS_NULLPRINCIPAL_CID },
|
||||
{ NS_SECURITYNAMESET_CONTRACTID, &kNS_SECURITYNAMESET_CID },
|
||||
{ NS_DEVICE_SENSORS_CONTRACTID, &kNS_DEVICE_SENSORS_CID },
|
||||
#ifndef MOZ_WIDGET_GONK
|
||||
#if defined(ANDROID)
|
||||
|
@ -1243,7 +1239,6 @@ static const mozilla::Module::CategoryEntry kLayoutCategories[] = {
|
|||
{ "content-policy", "CSPService", CSPSERVICE_CONTRACTID },
|
||||
{ "content-policy", NS_MIXEDCONTENTBLOCKER_CONTRACTID, NS_MIXEDCONTENTBLOCKER_CONTRACTID },
|
||||
{ "net-channel-event-sinks", "CSPService", CSPSERVICE_CONTRACTID },
|
||||
{ JAVASCRIPT_GLOBAL_STATIC_NAMESET_CATEGORY, "PrivilegeManager", NS_SECURITYNAMESET_CONTRACTID },
|
||||
{ "app-startup", "Script Security Manager", "service," NS_SCRIPTSECURITYMANAGER_CONTRACTID },
|
||||
{ TOPIC_WEB_APP_CLEAR_DATA, "QuotaManager", "service," QUOTA_MANAGER_CONTRACTID },
|
||||
#ifdef MOZ_WIDGET_GONK
|
||||
|
|
Загрузка…
Ссылка в новой задаче