gecko-dev/caps
Kris Maglione 27c96362b9 Bug 1412345: Downgrade expanded principals before inheriting. r=bz,krizsa
There are several ways that expanded principals can be used as triggering
principals for requests. While that works fine for security checks, it also
sometimes causes them to be inherited, and used as result principals in
contexts where expanded principals aren't allowed.

This patch changes our inheritance behavior so that expanded principals are
downgraded to the most appropriate constituent principal when they would
otherwise be inherited.

The logic for choosing the most appropriate principal is a bit suspect, and
may eventually need to be changed to always select the last whitelist
principal, but I chose it to preserve the current principal downgrade behavior
used by XMLHttpRequest for the time being.

MozReview-Commit-ID: 9fvAKr2e2fa

--HG--
extra : rebase_source : c30df1b3851c11fed5a1d6a7fb158cec14933182
2017-11-02 19:56:27 -07:00
..
tests Bug 1408777 - Automatically fix instances of missing semicolons in the tree. r=Standard8 2017-10-15 20:50:39 +01:00
BasePrincipal.cpp Bug 1412345: Downgrade expanded principals before inheriting. r=bz,krizsa 2017-11-02 19:56:27 -07:00
BasePrincipal.h Bug 1412345: Downgrade expanded principals before inheriting. r=bz,krizsa 2017-11-02 19:56:27 -07:00
ContentPrincipal.cpp Bug 1396449: Part 1 - Use WebExtensionPolicy objects in extension content principals. r=krizsa 2017-09-05 11:04:43 -07:00
ContentPrincipal.h Bug 1396449: Part 1 - Use WebExtensionPolicy objects in extension content principals. r=krizsa 2017-09-05 11:04:43 -07:00
DomainPolicy.cpp Bug 1326520 - Rename nsIURI.path to pathQueryRef. r=valentin.gosu 2017-07-29 20:50:21 +09:00
DomainPolicy.h
ExpandedPrincipal.cpp Bug 1412345: Downgrade expanded principals before inheriting. r=bz,krizsa 2017-11-02 19:56:27 -07:00
ExpandedPrincipal.h Bug 1412345: Downgrade expanded principals before inheriting. r=bz,krizsa 2017-11-02 19:56:27 -07:00
NullPrincipal.cpp Bug 1326520 - Rename nsIURI.path to pathQueryRef. r=valentin.gosu 2017-07-29 20:50:21 +09:00
NullPrincipal.h Backed out 8 changesets (bug 1356334) for frequent test_ext_contentscript_async_loading.html failures on Android debug on a CLOSED TREE. 2017-08-18 11:32:18 -04:00
NullPrincipalURI.cpp Bug 1386103 (part 2, attempt 3) - Convert nsFixed[C]String uses to nsAuto[C]String. r=erahm. 2017-08-09 20:41:40 +10:00
NullPrincipalURI.h Bug 1386103 (part 2, attempt 3) - Convert nsFixed[C]String uses to nsAuto[C]String. r=erahm. 2017-08-09 20:41:40 +10:00
OriginAttributes.cpp
OriginAttributes.h
SystemPrincipal.cpp Bug 1390428 (part 9) - Remove nsXPIDLCString. r=erahm. 2017-08-17 15:29:03 +10:00
SystemPrincipal.h Backed out 8 changesets (bug 1356334) for frequent test_ext_contentscript_async_loading.html failures on Android debug on a CLOSED TREE. 2017-08-18 11:32:18 -04:00
moz.build Bug 1399590 - Modify the argument of nsICookiePermission::CanAccess for changing nsIURI to nsIPrincipal. r=jdm 2017-10-03 14:37:11 +08:00
nsIAddonPolicyService.idl Bug 1356334: Part 4 - Add a helper to synchronously get an extension's name from its ID. r=billm 2017-08-11 21:22:18 -07:00
nsIDomainPolicy.idl
nsIPrincipal.idl Bug 1412345: Downgrade expanded principals before inheriting. r=bz,krizsa 2017-11-02 19:56:27 -07:00
nsIScriptSecurityManager.idl Bug 1387805 - Remove [deprecated] nsIScriptSecurityManager.getCodebasePrincipal(). r=bz 2017-08-06 15:31:31 +09:00
nsJSPrincipals.cpp Bug 1390428 (part 9) - Remove nsXPIDLCString. r=erahm. 2017-08-17 15:29:03 +10:00
nsJSPrincipals.h
nsScriptSecurityManager.cpp Bug 1412345: Downgrade expanded principals before inheriting. r=bz,krizsa 2017-11-02 19:56:27 -07:00
nsScriptSecurityManager.h Bug 1409249: Require singleton constructors to return explicit already_AddRefed. r=froydnj 2017-10-16 21:08:42 -07:00