wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 968335 - Implement Cu.getWebIDLCallerPrincipal. r=bz

Browse Source
This commit is contained in:
Bobby Holley 2014-02-14 22:36:44 -08:00
parent 7df867acf9
commit 15eba92086
2 changed files with 31 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
js/xpconnect/idl/xpccomponents.idl
View File

@ -14,6 +14,7 @@ interface nsIClassInfo;
interface nsIComponentManager; interface nsIComponentManager;
interface nsIJSCID; interface nsIJSCID;
interface nsIJSIID; interface nsIJSIID;
interface nsIPrincipal;
interface nsIStackFrame; interface nsIStackFrame;
/** /**
@ -120,7 +121,7 @@ interface ScheduledGCCallback : nsISupports
/** /**
* interface of Components.utils * interface of Components.utils
*/ */
[scriptable, uuid(cd4bccf4-3433-492e-8dfd-dfdb3fe9efa1)] [scriptable, uuid(f4b12240-02aa-47e5-99d5-43cd50fbd4b7)]
interface nsIXPCComponents_Utils : nsISupports interface nsIXPCComponents_Utils : nsISupports
{ {
@ -561,6 +562,22 @@ interface nsIXPCComponents_Utils : nsISupports
*/ */
[implicit_jscontext] [implicit_jscontext]
jsval cloneInto(in jsval value, in jsval scope, [optional] in jsval options); jsval cloneInto(in jsval value, in jsval scope, [optional] in jsval options);
/*
* When C++-Implemented code does security checks, it can generally query
* the subject principal (i.e. the principal of the most-recently-executed
* script) in order to determine the responsible party. However, when an API
* is implemented in JS, this doesn't work - the most-recently-executed
* script is always the System-Principaled API implementation. So we need
* another mechanism.
*
* Hence the notion of the "WebIDL Caller". If the current Entry Script on
* the Script Settings Stack represents the invocation of JS-implemented
* WebIDL, this API returns the principal of the caller at the time
* of invocation. Otherwise (i.e. outside of JS-implemented WebIDL), this
* function throws. If it throws, you probably shouldn't be using it.
*/
nsIPrincipal getWebIDLCallerPrincipal();
}; };
/** /**

13
js/xpconnect/src/XPCComponents.cpp
View File

@ -3626,6 +3626,19 @@ nsXPCComponents_Utils::CloneInto(HandleValue aValue, HandleValue aScope,
return NS_OK; return NS_OK;
} }
NS_IMETHODIMP
nsXPCComponents_Utils::GetWebIDLCallerPrincipal(nsIPrincipal **aResult)
{
// This API may only be when the Entry Settings Object corresponds to a
// JS-implemented WebIDL call. In all other cases, the value will be null,
// and we throw.
nsCOMPtr<nsIPrincipal> callerPrin = mozilla::dom::GetWebIDLCallerPrincipal();
if (!callerPrin)
return NS_ERROR_NOT_AVAILABLE;
callerPrin.forget(aResult);
return NS_OK;
}
/***************************************************************************/ /***************************************************************************/
/***************************************************************************/ /***************************************************************************/
/***************************************************************************/ /***************************************************************************/