Backing out mstoltz. r=dbaron,jrgm

This commit is contained in:
mcafee%netscape.com 2002-02-19 04:06:53 +00:00
Родитель d3269fdb4c
Коммит dbe661a6ae
8 изменённых файлов: 10 добавлений и 140 удалений

Просмотреть файл

@ -198,12 +198,6 @@ interface nsIScriptSecurityManager : nsIXPCSecurityManager
[noscript] nsIPrincipal getObjectPrincipal(in JSContextPtr cx,
in JSObjectPtr obj);
/**
* Returns true if the principal of the currently running script is the
* system principal, false otherwise.
*/
boolean subjectPrincipalIsSystem();
/**
* Forget all currently stored security policies and reread from prefs.
* This must be called after any capability.policy prefs have changed.

Просмотреть файл

@ -1240,31 +1240,6 @@ nsScriptSecurityManager::GetSystemPrincipal(nsIPrincipal **result)
return NS_OK;
}
NS_IMETHODIMP
nsScriptSecurityManager::SubjectPrincipalIsSystem(PRBool* aIsSystem)
{
NS_ENSURE_ARG_POINTER(aIsSystem);
*aIsSystem = PR_FALSE;
if (!mSystemPrincipal)
return NS_OK;
nsCOMPtr<nsIPrincipal> subject;
nsresult rv = GetSubjectPrincipal(getter_AddRefs(subject));
if (NS_FAILED(rv))
return rv;
if(!subject)
{
// No subject principal means no JS is running;
// this is the equivalent of system principal code
*aIsSystem = PR_TRUE;
return NS_OK;
}
return mSystemPrincipal->Equals(subject, aIsSystem);
}
NS_IMETHODIMP
nsScriptSecurityManager::GetCertificatePrincipal(const char* aCertID,
nsIPrincipal **result)
@ -2702,6 +2677,7 @@ nsScriptSecurityManager::InitPrefs()
PRUint32 prefCount;
char** prefNames;
//-- Set a callback for policy changes
// Registering the security manager as an observer to the
// profile-after-change topic. We will build up the policy table
// after the initial profile loads and after profile switches.

Просмотреть файл

@ -1,4 +1 @@
JSURLLoadBlockedWarning = Attempt to load a javascript: URL from one host\nin a window displaying content from another host\nwas blocked by the security manager.
ConfirmWindowCloseDialogTitle = Close Window?
ConfirmWindowCloseDialogText = A script wants to close the current window. Do you wish to allow this?
JSURLLoadBlockedWarning=Attempt to load a javascript: URL from one host\nin a window displaying content from another host\nwas blocked by the security manager.

Просмотреть файл

@ -60,7 +60,6 @@ REQUIRES = xpcom \
xmlextras \
find \
appshell \
intl \
$(NULL)
CPPSRCS = \

Просмотреть файл

@ -57,7 +57,6 @@ REQUIRES = xpcom \
htmlparser \
chardet \
transformiix \
intl \
xmlextras \
find \
appshell \

Просмотреть файл

@ -124,7 +124,6 @@
#include "nsISupportsPrimitives.h"
#include "nsDOMClassInfo.h"
#include "nsIJSNativeInitializer.h"
#include "nsIStringBundle.h"
#include "plbase64.h"
@ -156,7 +155,7 @@ static NS_DEFINE_IID(kISupportsIID, NS_ISUPPORTS_IID);
static NS_DEFINE_CID(kWindowMediatorCID, NS_WINDOWMEDIATOR_CID); // For window.find()
static const char *sWindowWatcherContractID = "@mozilla.org/embedcomp/window-watcher;1";
static const char *sJSStackContractID = "@mozilla.org/js/xpc/ContextStack;1";
static NS_DEFINE_CID(kStringBundleServiceCID, NS_STRINGBUNDLESERVICE_CID);
static const char * const kCryptoContractID = NS_CRYPTO_CONTRACTID;
static const char * const kPkcs11ContractID = NS_PKCS11_CONTRACTID;
@ -1157,28 +1156,7 @@ GlobalWindowImpl::GetControllers(nsIControllers** aResult)
NS_IMETHODIMP
GlobalWindowImpl::GetOpener(nsIDOMWindowInternal** aOpener)
{
*aOpener = nsnull;
// We don't want to reveal the opener if the opener is a mail window,
// because opener can be used to spoof the contents of a message (bug 105050).
// So, we look in the opener's root docshell to see if it's a mail window.
nsCOMPtr<nsIScriptGlobalObject> openerSGO(do_QueryInterface(mOpener));
if (openerSGO) {
nsCOMPtr<nsIDocShell> openerDocShell;
openerSGO->GetDocShell(getter_AddRefs(openerDocShell));
nsCOMPtr<nsIDocShellTreeItem> docShellAsItem(do_QueryInterface(openerDocShell));
if (docShellAsItem) {
nsCOMPtr<nsIDocShellTreeItem> openerRootItem;
docShellAsItem->GetRootTreeItem(getter_AddRefs(openerRootItem));
nsCOMPtr<nsIDocShell> openerRootDocShell(do_QueryInterface(openerRootItem));
if (openerRootDocShell) {
PRUint32 appType;
nsresult rv = openerRootDocShell->GetAppType(&appType);
if (NS_SUCCEEDED(rv) && appType != nsIDocShell::APP_TYPE_MAIL) {
*aOpener = mOpener;
}
}
}
}
*aOpener = mOpener;
NS_IF_ADDREF(*aOpener);
return NS_OK;
}
@ -2460,46 +2438,6 @@ GlobalWindowImpl::GetFrames(nsIDOMWindow** aFrames)
return NS_OK;
}
#define DOM_PROPERTIES_URL "chrome://communicator/locale/dom/dom.properties"
nsresult
GlobalWindowImpl::ConfirmClose(PRBool* aConfirmed)
{
nsresult rv;
// Get the localized strings for the dialog
nsCOMPtr<nsIStringBundleService> bundleService(
do_GetService(kStringBundleServiceCID, &rv));
NS_ENSURE_SUCCESS(rv, rv);
//XXX: What to do on error?
nsCOMPtr<nsIStringBundle> bundle;
rv = bundleService->CreateBundle(NS_LITERAL_CSTRING(DOM_PROPERTIES_URL).get(),
getter_AddRefs(bundle));
NS_ENSURE_SUCCESS(rv, rv);
nsXPIDLString confirmTitle;
rv = bundle->GetStringFromName(NS_LITERAL_STRING("ConfirmWindowCloseDialogTitle").get(),
getter_Copies(confirmTitle));
NS_ENSURE_SUCCESS(rv, rv);
nsXPIDLString confirmText;
rv = bundle->GetStringFromName(NS_LITERAL_STRING("ConfirmWindowCloseDialogText").get(),
getter_Copies(confirmText));
NS_ENSURE_SUCCESS(rv, rv);
// Show the dialog
nsCOMPtr<nsIPrompt> prompter;
rv = GetPrompter(getter_AddRefs(prompter));
NS_ENSURE_SUCCESS(rv, rv);
return prompter->Confirm(confirmTitle,
confirmText, aConfirmed);
}
#define DENY_SCRIPT_CLOSE 0
#define CONFIRM_SCRIPT_CLOSE 1
#define ALLOW_SCRIPT_CLOSE 2
NS_IMETHODIMP
GlobalWindowImpl::Close()
{
@ -2509,44 +2447,15 @@ GlobalWindowImpl::Close()
if (parent != NS_STATIC_CAST(nsIDOMWindow *, this)) {
// window.close() is called on a frame in a frameset, such calls
// are ignored.
return NS_OK;
}
// If this window was not opened by script (!mOpener), find out
// whether it's OK for a script to close it.
if (!mOpener) {
nsresult rv;
nsCOMPtr<nsIScriptSecurityManager> secMan =
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, rv);
// System scripts can close all windows
PRBool InSystemCode = PR_FALSE;
rv = secMan->SubjectPrincipalIsSystem(&InSystemCode);
if (NS_FAILED(rv) || !InSystemCode) {
// Check the pref "dom.allow_scripts_to_close_windows"
nsCOMPtr<nsIPref> pref(do_GetService(kPrefServiceCID, &rv));
NS_ENSURE_SUCCESS(rv, rv);
PRInt32 closePref;
rv = pref->GetIntPref("dom.allow_scripts_to_close_windows", &closePref);
if (NS_FAILED(rv))
closePref = CONFIRM_SCRIPT_CLOSE;
PRBool confirmOK = PR_FALSE;
if (closePref == CONFIRM_SCRIPT_CLOSE) {
// Ask the user whether it's OK to close the window
rv = ConfirmClose(&confirmOK);
if (NS_FAILED(rv))
return rv;
} else {
confirmOK = (closePref == ALLOW_SCRIPT_CLOSE);
}
if (!confirmOK) {
// User clicked Cancel, so abort the close
return NS_OK;
}
}
}
// Note: the basic security check, rejecting windows not opened through JS,
// has been removed. This was approved long ago by ...you're going to call me
// on this, aren't you... well it was. And anyway, a better means is coming.
// In the new world of application-level interfaces being written in JS, this
// security check was causing problems.
nsCOMPtr<nsIJSContextStack> stack =
do_GetService("@mozilla.org/js/xpc/ContextStack;1");

Просмотреть файл

@ -214,7 +214,6 @@ protected:
const nsAReadableString& aOptions,
PRBool aDialog, jsval *argv, PRUint32 argc,
nsISupports *aExtraArgument, nsIDOMWindow **aReturn);
nsresult ConfirmClose(PRBool* aConfirmed);
static void CloseWindow(nsISupports* aWindow);
// Timeout Functions

Просмотреть файл

@ -335,9 +335,6 @@ pref("capability.principal.codebase.foo.granted", "UniversalFoo");
//////////////////////////////////////////////////////////
pref("dom.disable_open_during_load", false);
// 0 = never allow scripts to close windows that weren't opened by script,
// 1 = prompt user, 2 = always allow. Default is prompt.
pref("dom.allow_scripts_to_close_windows", 1);
pref("javascript.enabled", true);
pref("javascript.allow.mailnews", false);