Bug 1534351 - HTMLInputElement should always allow popups for system principal, r=smaug

Differential Revision: https://phabricator.services.mozilla.com/D26671

--HG--
extra : moz-landing-system : lando

docshell/base/nsDocShell.cpp

@@ -9622,7 +9622,10 @@ nsresult nsDocShell::DoURILoad(nsDocShellLoadState* aLoadState,
         // page is allowed to open them without abuse regardless of allowed
         // events
         if (PopupBlocker::GetPopupControlState() <= PopupBlocker::openBlocked) {
-          popupBlocked = !PopupBlocker::TryUsePopupOpeningToken();
+          nsCOMPtr<nsINode> loadingNode =
+              mScriptGlobal->AsOuter()->GetFrameElementInternal();
+          popupBlocked = !PopupBlocker::TryUsePopupOpeningToken(
+              loadingNode ? loadingNode->NodePrincipal() : nullptr);
         } else if (mIsActive &&
                    PopupBlocker::ConsumeTimerTokenForExternalProtocolIframe()) {
           popupBlocked = false;

dom/base/PopupBlocker.cpp

@@ -136,7 +136,7 @@ bool PopupBlocker::CanShowPopupByPermission(nsIPrincipal* aPrincipal) {
 }
 
 /* static */
-bool PopupBlocker::TryUsePopupOpeningToken() {
+bool PopupBlocker::TryUsePopupOpeningToken(nsIPrincipal* aPrincipal) {
   MOZ_ASSERT(sPopupStatePusherCount);
 
   if (!sUnusedPopupToken) {
@@ -144,6 +144,10 @@ bool PopupBlocker::TryUsePopupOpeningToken() {
     return true;
   }
 
+  if (aPrincipal && nsContentUtils::IsSystemPrincipal(aPrincipal)) {
+    return true;
+  }
+
   return false;
 }
 

dom/base/PopupBlocker.h

@@ -46,7 +46,9 @@ class PopupBlocker final {
   // This method returns true if the caller is allowed to show a popup, and it
   // consumes the popup token for the current event. There is just 1 popup
   // allowed per event.
-  static bool TryUsePopupOpeningToken();
+  // This method returns true if the token has been already consumed but
+  // aPrincipal is the system principal.
+  static bool TryUsePopupOpeningToken(nsIPrincipal* aPrincipal);
 
   static bool IsPopupOpeningTokenUnused();
 

dom/base/nsGlobalWindowOuter.cpp

@@ -5613,7 +5613,7 @@ PopupBlocker::PopupControlState nsGlobalWindowOuter::RevisePopupAbuseLevel(
   if ((abuse == PopupBlocker::openAllowed ||
        abuse == PopupBlocker::openControlled) &&
       StaticPrefs::dom_block_multiple_popups() && !PopupWhitelisted() &&
-      !PopupBlocker::TryUsePopupOpeningToken()) {
+      !PopupBlocker::TryUsePopupOpeningToken(mDoc->NodePrincipal())) {
     abuse = PopupBlocker::openBlocked;
   }
 

dom/html/HTMLInputElement.cpp

@@ -654,7 +654,7 @@ bool HTMLInputElement::IsPopupBlocked() const {
 
   // Check if page can open a popup without abuse regardless of allowed events
   if (PopupBlocker::GetPopupControlState() <= PopupBlocker::openBlocked) {
-    return !PopupBlocker::TryUsePopupOpeningToken();
+    return !PopupBlocker::TryUsePopupOpeningToken(OwnerDoc()->NodePrincipal());
   }
 
   return !PopupBlocker::CanShowPopupByPermission(OwnerDoc()->NodePrincipal());