wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 462800. Treat document.domain in a more uniform manner in DOM storage. Also fixes bug 462801. r=dcamp, sr=sicking, a=beltzner.

Browse Source
This commit is contained in:
Boris Zbarsky 2008-11-26 16:52:40 -05:00
parent 547c81f8f3
commit 162c4c7269
1 changed files with 46 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
dom/src/storage/nsDOMStorage.cpp
View File

@ -833,6 +833,40 @@ nsDOMStorage::GetDBValue(const nsAString& aKey, nsAString& aValue,
return NS_OK;
}
// The URI returned is the innermost URI that should be used for
// security-check-like stuff. aHost is its hostname, correctly canonicalized.
static nsresult
GetPrincipalURIAndHost(nsIPrincipal* aPrincipal, nsIURI** aURI, nsString& aHost)
{
nsresult rv = aPrincipal->GetDomain(aURI);
NS_ENSURE_SUCCESS(rv, rv);
if (!*aURI) {
rv = aPrincipal->GetURI(aURI);
NS_ENSURE_SUCCESS(rv, rv);
}
if (*aURI) {
return NS_OK;
}
nsCOMPtr<nsIURI> innerURI = NS_GetInnermostURI(*aURI);
if (!innerURI) {
return NS_ERROR_UNEXPECTED;
}
nsCAutoString asciiHost;
rv = innerURI->GetAsciiHost(asciiHost);
if (NS_FAILED(rv)) {
return NS_ERROR_DOM_SECURITY_ERR;
}
CopyUTF8toUTF16(asciiHost, aHost);
innerURI.swap(*aURI);
return NS_OK;
}
nsresult
nsDOMStorage::SetDBValue(const nsAString& aKey,
const nsAString& aValue,
@ -856,17 +890,13 @@ nsDOMStorage::SetDBValue(const nsAString& aKey,
nsAutoString currentDomain;
if (subjectPrincipal) {
nsCOMPtr<nsIURI> uri;
rv = subjectPrincipal->GetURI(getter_AddRefs(uri));
if (NS_SUCCEEDED(rv) && uri) {
nsCOMPtr<nsIURI> innerUri = NS_GetInnermostURI(uri);
if (!innerUri)
return NS_ERROR_UNEXPECTED;
nsCAutoString currentDomainAscii;
innerUri->GetAsciiHost(currentDomainAscii);
currentDomain = NS_ConvertUTF8toUTF16(currentDomainAscii);
nsCOMPtr<nsIURI> unused;
rv = GetPrincipalURIAndHost(subjectPrincipal, getter_AddRefs(unused),
currentDomain);
// Don't bail out on NS_ERROR_DOM_SECURITY_ERR, since we want to allow
// trusted file:// URIs below.
if (NS_FAILED(rv) && rv != NS_ERROR_DOM_SECURITY_ERR) {
return rv;
}
if (currentDomain.IsEmpty()) {
@ -1082,50 +1112,26 @@ nsDOMStorageList::GetNamedItem(const nsAString& aDomain, nsresult* aResult)
NS_ENSURE_SUCCESS(*aResult, nsnull);
nsCOMPtr<nsIURI> uri;
nsCAutoString currentDomain;
nsAutoString currentDomain;
if (subjectPrincipal) {
*aResult = subjectPrincipal->GetDomain(getter_AddRefs(uri));
*aResult = GetPrincipalURIAndHost(subjectPrincipal, getter_AddRefs(uri),
currentDomain);
NS_ENSURE_SUCCESS(*aResult, nsnull);
if (!uri) {
*aResult = subjectPrincipal->GetURI(getter_AddRefs(uri));
NS_ENSURE_SUCCESS(*aResult, nsnull);
}
if (uri) {
PRPackedBool sessionOnly;
if (!nsDOMStorage::CanUseStorage(uri, &sessionOnly)) {
*aResult = NS_ERROR_DOM_SECURITY_ERR;
return nsnull;
}
nsCOMPtr<nsIURI> innerUri = NS_GetInnermostURI(uri);
if (!innerUri) {
*aResult = NS_ERROR_UNEXPECTED;
return nsnull;
}
uri = innerUri;
nsresult rv = uri->GetAsciiHost(currentDomain);
if (NS_FAILED(rv)) {
*aResult = NS_ERROR_DOM_SECURITY_ERR;
return nsnull;
}
}
}
PRBool isSystem;
*aResult = ssm->SubjectPrincipalIsSystem(&isSystem);
NS_ENSURE_SUCCESS(*aResult, nsnull);
// allow code that has read privileges to get the storage for any domain
if (!isSystem && nsContentUtils::IsCallerTrustedForRead())
isSystem = PR_TRUE;
PRBool isSystem = nsContentUtils::IsCallerTrustedForRead();
if (isSystem || !currentDomain.IsEmpty()) {
return GetStorageForDomain(uri, NS_ConvertUTF8toUTF16(requestedDomain),
NS_ConvertUTF8toUTF16(currentDomain),
isSystem, aResult);
currentDomain, isSystem, aResult);
}
*aResult = NS_ERROR_DOM_SECURITY_ERR;