mozilla
/
pjs
зеркало из https://github.com/mozilla/pjs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 416942. Give user and ua sheets the system principal. r+sr=sicking

This commit is contained in:
Boris Zbarsky 2009-03-16 21:38:36 -04:00
Родитель b0463a8597
Коммит 51ff79c905
11 изменённых файлов: 79 добавлений и 43 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

3
chrome/src/nsChromeRegistry.cpp
Просмотреть файл

@ -1002,7 +1002,8 @@ nsresult nsChromeRegistry::RefreshWindow(nsIDOMWindowInternal* aWindow,
if (IsChromeURI(uri)) {
// Reload the sheet.
nsCOMPtr<nsICSSStyleSheet> newSheet;
rv = aCSSLoader->LoadSheetSync(uri, PR_TRUE, getter_AddRefs(newSheet));
rv = aCSSLoader->LoadSheetSync(uri, PR_TRUE, PR_TRUE,
getter_AddRefs(newSheet));
if (NS_FAILED(rv)) return rv;
if (newSheet) {
rv = newAgentSheets.AppendObject(newSheet) ? NS_OK : NS_ERROR_FAILURE;

2
content/base/src/nsDocument.cpp
Просмотреть файл

@ -3494,7 +3494,7 @@ nsDocument::EnsureCatalogStyleSheet(const char *aStyleSheetURI)
NS_NewURI(getter_AddRefs(uri), aStyleSheetURI);
if (uri) {
nsCOMPtr<nsICSSStyleSheet> sheet;
cssLoader->LoadSheetSync(uri, PR_TRUE, getter_AddRefs(sheet));
cssLoader->LoadSheetSync(uri, PR_TRUE, PR_TRUE, getter_AddRefs(sheet));
if (sheet) {
BeginUpdate(UPDATE_STYLE);
AddCatalogStyleSheet(sheet);

20
content/xbl/src/nsXBLResourceLoader.cpp
Просмотреть файл

@ -59,6 +59,7 @@
#include "nsCSSRuleProcessor.h"
#include "nsContentUtils.h"
#include "nsStyleSet.h"
#include "nsIScriptSecurityManager.h"
NS_IMPL_CYCLE_COLLECTION_CLASS(nsXBLResourceLoader)
NS_IMPL_CYCLE_COLLECTION_UNLINK_BEGIN(nsXBLResourceLoader)
@ -148,13 +149,18 @@ nsXBLResourceLoader::LoadResources(PRBool* aResult)
nsresult rv;
if (NS_SUCCEEDED(url->SchemeIs("chrome", &chrome)) && chrome)
{
nsCOMPtr<nsICSSStyleSheet> sheet;
rv = cssLoader->LoadSheetSync(url, getter_AddRefs(sheet));
NS_ASSERTION(NS_SUCCEEDED(rv), "Load failed!!!");
if (NS_SUCCEEDED(rv))
{
rv = StyleSheetLoaded(sheet, PR_FALSE, NS_OK);
NS_ASSERTION(NS_SUCCEEDED(rv), "Processing the style sheet failed!!!");
rv = nsContentUtils::GetSecurityManager()->
CheckLoadURIWithPrincipal(docPrincipal, url,
nsIScriptSecurityManager::ALLOW_CHROME);
if (NS_SUCCEEDED(rv)) {
nsCOMPtr<nsICSSStyleSheet> sheet;
rv = cssLoader->LoadSheetSync(url, getter_AddRefs(sheet));
NS_ASSERTION(NS_SUCCEEDED(rv), "Load failed!!!");
if (NS_SUCCEEDED(rv))
{
rv = StyleSheetLoaded(sheet, PR_FALSE, NS_OK);
NS_ASSERTION(NS_SUCCEEDED(rv), "Processing the style sheet failed!!!");
}
}
}
else

22
content/xbl/src/nsXBLService.cpp
Просмотреть файл

@ -1114,24 +1114,18 @@ nsXBLService::LoadBindingDocumentInfo(nsIContent* aBoundElement,
NS_ENSURE_SUCCESS(rv, rv);
// Also make sure that we're same-origin with the bound document
// except if the stylesheet is a UA stylesheet. We fake testing
// for UA stylesheets by calling CheckLoadURI.
nsCOMPtr<nsIURI> principalURI;
rv = aOriginPrincipal->GetURI(getter_AddRefs(principalURI));
// except if the stylesheet has the system principal.
PRBool isSystem;
rv = nsContentUtils::GetSecurityManager()->
IsSystemPrincipal(aOriginPrincipal, &isSystem);
NS_ENSURE_SUCCESS(rv, rv);
if (principalURI &&
if (!isSystem &&
!(gAllowDataURIs && SchemeIs(aBindingURI, "data")) &&
!SchemeIs(aBindingURI, "chrome")) {
nsresult uaCheckRes =
nsContentUtils::GetSecurityManager()->
CheckLoadURIWithPrincipal(aBoundDocument->NodePrincipal(),
principalURI, 0);
if (NS_SUCCEEDED(uaCheckRes)) {
rv = aBoundDocument->NodePrincipal()->CheckMayLoad(aBindingURI,
PR_TRUE);
NS_ENSURE_SUCCESS(rv, rv);
}
rv = aBoundDocument->NodePrincipal()->CheckMayLoad(aBindingURI,
PR_TRUE);
NS_ENSURE_SUCCESS(rv, rv);
}
}

2
content/xml/document/src/nsXMLContentSink.cpp
Просмотреть файл

@ -1289,7 +1289,7 @@ nsXMLContentSink::HandleDoctypeDecl(const nsAString & aSubset,
nsCOMPtr<nsIURI> uri(do_QueryInterface(aCatalogData));
if (uri) {
nsCOMPtr<nsICSSStyleSheet> sheet;
mCSSLoader->LoadSheetSync(uri, PR_TRUE, getter_AddRefs(sheet));
mCSSLoader->LoadSheetSync(uri, PR_TRUE, PR_TRUE, getter_AddRefs(sheet));
#ifdef NS_DEBUG
nsCAutoString uriStr;

2
editor/libeditor/html/nsHTMLEditor.cpp
Просмотреть файл

@ -3602,7 +3602,7 @@ nsHTMLEditor::AddOverrideStyleSheet(const nsAString& aURL)
// synchronously, of course..
nsCOMPtr<nsICSSStyleSheet> sheet;
// Editor override style sheets may want to style Gecko anonymous boxes
rv = cssLoader->LoadSheetSync(uaURI, PR_TRUE, getter_AddRefs(sheet));
rv = cssLoader->LoadSheetSync(uaURI, PR_TRUE, PR_TRUE, getter_AddRefs(sheet));
// Synchronous loads should ALWAYS return completed
if (!sheet)

2
layout/base/nsStyleSheetService.cpp
Просмотреть файл

@ -172,7 +172,7 @@ nsStyleSheetService::LoadAndRegisterSheetInternal(nsIURI *aSheetURI,
nsCOMPtr<nsICSSStyleSheet> sheet;
// Allow UA sheets, but not user sheets, to use unsafe rules
nsresult rv = loader->LoadSheetSync(aSheetURI, aSheetType == AGENT_SHEET,
getter_AddRefs(sheet));
PR_TRUE, getter_AddRefs(sheet));
NS_ENSURE_SUCCESS(rv, rv);
if (!mSheets[aSheetType].AppendObject(sheet)) {

43
layout/style/nsCSSLoader.cpp
Просмотреть файл

@ -166,11 +166,11 @@ SheetLoadData::SheetLoadData(CSSLoaderImpl* aLoader,
mMustNotify(PR_FALSE),
mWasAlternate(aIsAlternate),
mAllowUnsafeRules(PR_FALSE),
mUseSystemPrincipal(PR_FALSE),
mOwningElement(aOwningElement),
mObserver(aObserver),
mLoaderPrincipal(aLoaderPrincipal)
{
NS_PRECONDITION(mLoader, "Must have a loader!");
NS_ADDREF(mLoader);
}
@ -195,11 +195,11 @@ SheetLoadData::SheetLoadData(CSSLoaderImpl* aLoader,
mMustNotify(PR_FALSE),
mWasAlternate(PR_FALSE),
mAllowUnsafeRules(PR_FALSE),
mUseSystemPrincipal(PR_FALSE),
mOwningElement(nsnull),
mObserver(aObserver),
mLoaderPrincipal(aLoaderPrincipal)
{
NS_PRECONDITION(mLoader, "Must have a loader!");
NS_ADDREF(mLoader);
if (mParentData) {
@ -207,8 +207,12 @@ SheetLoadData::SheetLoadData(CSSLoaderImpl* aLoader,
mSyncLoad = mParentData->mSyncLoad;
mIsNonDocumentSheet = mParentData->mIsNonDocumentSheet;
mAllowUnsafeRules = mParentData->mAllowUnsafeRules;
mUseSystemPrincipal = mParentData->mUseSystemPrincipal;
++(mParentData->mPendingChildren);
}
NS_POSTCONDITION(!mUseSystemPrincipal || mSyncLoad,
"Shouldn't use system principal for async loads");
}
SheetLoadData::SheetLoadData(CSSLoaderImpl* aLoader,
@ -216,6 +220,7 @@ SheetLoadData::SheetLoadData(CSSLoaderImpl* aLoader,
nsICSSStyleSheet* aSheet,
PRBool aSyncLoad,
PRBool aAllowUnsafeRules,
PRBool aUseSystemPrincipal,
nsICSSLoaderObserver* aObserver,
nsIPrincipal* aLoaderPrincipal)
: mLoader(aLoader),
@ -232,13 +237,16 @@ SheetLoadData::SheetLoadData(CSSLoaderImpl* aLoader,
mMustNotify(PR_FALSE),
mWasAlternate(PR_FALSE),
mAllowUnsafeRules(aAllowUnsafeRules),
mUseSystemPrincipal(aUseSystemPrincipal),
mOwningElement(nsnull),
mObserver(aObserver),
mLoaderPrincipal(aLoaderPrincipal)
{
NS_PRECONDITION(mLoader, "Must have a loader!");
NS_ADDREF(mLoader);
NS_POSTCONDITION(!mUseSystemPrincipal || mSyncLoad,
"Shouldn't use system principal for async loads");
}
SheetLoadData::~SheetLoadData()
@ -1272,6 +1280,8 @@ CSSLoaderImpl::LoadSheet(SheetLoadData* aLoadData, StyleSheetState aSheetState)
NS_PRECONDITION(aLoadData->mURI, "Need a URI to load");
NS_PRECONDITION(aLoadData->mSheet, "Need a sheet to load into");
NS_PRECONDITION(aSheetState != eSheetComplete, "Why bother?");
NS_PRECONDITION(!aLoadData->mUseSystemPrincipal || aLoadData->mSyncLoad,
"Shouldn't use system principal for async loads");
NS_ASSERTION(mLoadingDatas.IsInitialized(), "mLoadingDatas should be initialized by now.");
LOG_URI(" Load from: '%s'", aLoadData->mURI);
@ -1305,10 +1315,16 @@ CSSLoaderImpl::LoadSheet(SheetLoadData* aLoadData, StyleSheetState aSheetState)
NS_ASSERTION(channel, "NS_OpenURI lied?");
// Get the principal for this channel
// Get the principal for this sheet
nsCOMPtr<nsIPrincipal> principal;
rv = nsContentUtils::GetSecurityManager()->
GetChannelPrincipal(channel, getter_AddRefs(principal));
if (aLoadData->mUseSystemPrincipal) {
rv = nsContentUtils::GetSecurityManager()->
GetSystemPrincipal(getter_AddRefs(principal));
} else {
rv = nsContentUtils::GetSecurityManager()->
GetChannelPrincipal(channel, getter_AddRefs(principal));
}
if (NS_FAILED(rv)) {
LOG_ERROR((" Failed to get a principal for the sheet"));
SheetComplete(aLoadData, rv);
@ -1973,10 +1989,12 @@ CSSLoaderImpl::LoadChildSheet(nsICSSStyleSheet* aParentSheet,
NS_IMETHODIMP
CSSLoaderImpl::LoadSheetSync(nsIURI* aURL, PRBool aAllowUnsafeRules,
PRBool aUseSystemPrincipal,
nsICSSStyleSheet** aSheet)
{
LOG(("CSSLoaderImpl::LoadSheetSync"));
return InternalLoadNonDocumentSheet(aURL, aAllowUnsafeRules, nsnull,
return InternalLoadNonDocumentSheet(aURL, aAllowUnsafeRules,
aUseSystemPrincipal, nsnull,
aSheet, nsnull);
}
@ -1988,7 +2006,8 @@ CSSLoaderImpl::LoadSheet(nsIURI* aURL,
{
LOG(("CSSLoaderImpl::LoadSheet(aURL, aObserver, aSheet) api call"));
NS_PRECONDITION(aSheet, "aSheet is null");
return InternalLoadNonDocumentSheet(aURL, PR_FALSE, aOriginPrincipal,
return InternalLoadNonDocumentSheet(aURL, PR_FALSE, PR_FALSE,
aOriginPrincipal,
aSheet, aObserver);
}
@ -1998,19 +2017,23 @@ CSSLoaderImpl::LoadSheet(nsIURI* aURL,
nsICSSLoaderObserver* aObserver)
{
LOG(("CSSLoaderImpl::LoadSheet(aURL, aObserver) api call"));
return InternalLoadNonDocumentSheet(aURL, PR_FALSE, aOriginPrincipal,
return InternalLoadNonDocumentSheet(aURL, PR_FALSE, PR_FALSE,
aOriginPrincipal,
nsnull, aObserver);
}
nsresult
CSSLoaderImpl::InternalLoadNonDocumentSheet(nsIURI* aURL,
PRBool aAllowUnsafeRules,
PRBool aUseSystemPrincipal,
nsIPrincipal* aOriginPrincipal,
nsICSSStyleSheet** aSheet,
nsICSSLoaderObserver* aObserver)
{
NS_PRECONDITION(aURL, "Must have a URI to load");
NS_PRECONDITION(aSheet || aObserver, "Sheet and observer can't both be null");
NS_PRECONDITION(!aUseSystemPrincipal || !aObserver,
"Shouldn't load system-principal sheets async");
NS_ASSERTION(mParsingDatas.Length() == 0, "We're in the middle of a parse?");
LOG_URI(" Non-document sheet uri: '%s'", aURL);
@ -2054,7 +2077,7 @@ CSSLoaderImpl::InternalLoadNonDocumentSheet(nsIURI* aURL,
SheetLoadData* data =
new SheetLoadData(this, aURL, sheet, syncLoad, aAllowUnsafeRules,
aObserver, aOriginPrincipal);
aUseSystemPrincipal, aObserver, aOriginPrincipal);
if (!data) {
sheet->SetComplete();

8
layout/style/nsCSSLoader.h
Просмотреть файл

@ -135,6 +135,7 @@ public:
nsICSSStyleSheet* aSheet,
PRBool aSyncLoad,
PRBool aAllowUnsafeRules,
PRBool aUseSystemPrincipal,
nsICSSLoaderObserver* aObserver,
nsIPrincipal* aLoaderPrincipal);
@ -207,6 +208,11 @@ public:
// mAllowUnsafeRules is true if we should allow unsafe rules to be parsed
// in the loaded sheet.
PRPackedBool mAllowUnsafeRules : 1;
// mUseSystemPrincipal is true if the system principal should be used for
// this sheet, no matter what the channel principal is. Only true for sync
// loads.
PRPackedBool mUseSystemPrincipal : 1;
// This is the element that imported the sheet. Needed to get the
// charset set on it.
@ -339,6 +345,7 @@ public:
nsICSSImportRule* aRule);
NS_IMETHOD LoadSheetSync(nsIURI* aURL, PRBool aAllowUnsafeRules,
PRBool aUseSystemPrincipal,
nsICSSStyleSheet** aSheet);
NS_IMETHOD LoadSheet(nsIURI* aURL,
@ -415,6 +422,7 @@ private:
nsresult InternalLoadNonDocumentSheet(nsIURI* aURL,
PRBool aAllowUnsafeRules,
PRBool aUseSystemPrincipal,
nsIPrincipal* aOriginPrincipal,
nsICSSStyleSheet** aSheet,
nsICSSLoaderObserver* aObserver);

15
layout/style/nsICSSLoader.h
Просмотреть файл

@ -58,10 +58,10 @@ class nsICSSImportRule;
class nsIPrincipal;
// IID for the nsICSSLoader interface
// 0c6d7e76-dddc-4727-b557-7ef531127e11
// 51735c82-f3d9-4237-9a81-f5bdaf4865c5
#define NS_ICSS_LOADER_IID \
{ 0x0c6d7e76, 0xdddc, 0x4727, \
{ 0xb5, 0x57, 0x7e, 0xf5, 0x31, 0x12, 0x7e, 0x11 } }
{ 0x51735c82, 0xf3d9, 0x4237, \
{ 0x9a, 0x81, 0xf5, 0xbd, 0xaf, 0x48, 0x65, 0xc5 } }
typedef void (*nsCSSLoaderCallbackFunc)(nsICSSStyleSheet* aSheet, void *aData, PRBool aDidNotify);
@ -169,7 +169,6 @@ public:
* method can be used to load sheets not associated with a document.
*
* @param aURL the URL of the sheet to load
* @param [out] aSheet the loaded, complete sheet.
* @param aEnableUnsafeRules whether unsafe rules are enabled for this
* sheet load
* Unsafe rules are rules that can violate key Gecko invariants if misused.
@ -177,6 +176,9 @@ public:
* styled or we will have severe problems. Therefore unsafe rules should
* never be enabled for stylesheets controlled by untrusted sites; preferably
* unsafe rules should only be enabled for agent sheets.
* @param aUseSystemPrincipal if true, give the resulting sheet the system
* principal no matter where it's being loaded from.
* @param [out] aSheet the loaded, complete sheet.
*
* NOTE: At the moment, this method assumes the sheet will be UTF-8, but
* ideally it would allow arbitrary encodings. Callers should NOT depend on
@ -187,13 +189,14 @@ public:
* about the status of child sheets of the returned sheet.
*/
NS_IMETHOD LoadSheetSync(nsIURI* aURL, PRBool aEnableUnsafeRules,
PRBool aUseSystemPrincipal,
nsICSSStyleSheet** aSheet) = 0;
/**
* As above, but aEnableUnsafeRules is assumed false.
* As above, but aUseSystemPrincipal and aEnableUnsafeRules are assumed false.
*/
nsresult LoadSheetSync(nsIURI* aURL, nsICSSStyleSheet** aSheet) {
return LoadSheetSync(aURL, PR_FALSE, aSheet);
return LoadSheetSync(aURL, PR_FALSE, PR_FALSE, aSheet);
}
/**

3
layout/style/nsLayoutStylesheetCache.cpp
Просмотреть файл

@ -258,7 +258,8 @@ nsLayoutStylesheetCache::LoadSheet(nsIURI* aURI, nsCOMPtr<nsICSSStyleSheet> &aSh
NS_NewCSSLoader(&gCSSLoader);
if (gCSSLoader) {
gCSSLoader->LoadSheetSync(aURI, aEnableUnsafeRules, getter_AddRefs(aSheet));
gCSSLoader->LoadSheetSync(aURI, aEnableUnsafeRules, PR_TRUE,
getter_AddRefs(aSheet));
}
}