mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 462800. Treat document.domain in a more uniform manner in DOM storage. Also fixes bug 462801. r=dcamp, sr=sicking, a=beltzner.
This commit is contained in:
parent
547c81f8f3
commit
162c4c7269
@ -833,6 +833,40 @@ nsDOMStorage::GetDBValue(const nsAString& aKey, nsAString& aValue,
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// The URI returned is the innermost URI that should be used for
|
||||
// security-check-like stuff. aHost is its hostname, correctly canonicalized.
|
||||
static nsresult
|
||||
GetPrincipalURIAndHost(nsIPrincipal* aPrincipal, nsIURI** aURI, nsString& aHost)
|
||||
{
|
||||
nsresult rv = aPrincipal->GetDomain(aURI);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
if (!*aURI) {
|
||||
rv = aPrincipal->GetURI(aURI);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
}
|
||||
|
||||
if (*aURI) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIURI> innerURI = NS_GetInnermostURI(*aURI);
|
||||
if (!innerURI) {
|
||||
return NS_ERROR_UNEXPECTED;
|
||||
}
|
||||
|
||||
nsCAutoString asciiHost;
|
||||
rv = innerURI->GetAsciiHost(asciiHost);
|
||||
if (NS_FAILED(rv)) {
|
||||
return NS_ERROR_DOM_SECURITY_ERR;
|
||||
}
|
||||
|
||||
CopyUTF8toUTF16(asciiHost, aHost);
|
||||
innerURI.swap(*aURI);
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsDOMStorage::SetDBValue(const nsAString& aKey,
|
||||
const nsAString& aValue,
|
||||
@ -856,17 +890,13 @@ nsDOMStorage::SetDBValue(const nsAString& aKey,
|
||||
nsAutoString currentDomain;
|
||||
|
||||
if (subjectPrincipal) {
|
||||
nsCOMPtr<nsIURI> uri;
|
||||
rv = subjectPrincipal->GetURI(getter_AddRefs(uri));
|
||||
|
||||
if (NS_SUCCEEDED(rv) && uri) {
|
||||
nsCOMPtr<nsIURI> innerUri = NS_GetInnermostURI(uri);
|
||||
if (!innerUri)
|
||||
return NS_ERROR_UNEXPECTED;
|
||||
|
||||
nsCAutoString currentDomainAscii;
|
||||
innerUri->GetAsciiHost(currentDomainAscii);
|
||||
currentDomain = NS_ConvertUTF8toUTF16(currentDomainAscii);
|
||||
nsCOMPtr<nsIURI> unused;
|
||||
rv = GetPrincipalURIAndHost(subjectPrincipal, getter_AddRefs(unused),
|
||||
currentDomain);
|
||||
// Don't bail out on NS_ERROR_DOM_SECURITY_ERR, since we want to allow
|
||||
// trusted file:// URIs below.
|
||||
if (NS_FAILED(rv) && rv != NS_ERROR_DOM_SECURITY_ERR) {
|
||||
return rv;
|
||||
}
|
||||
|
||||
if (currentDomain.IsEmpty()) {
|
||||
@ -1082,50 +1112,26 @@ nsDOMStorageList::GetNamedItem(const nsAString& aDomain, nsresult* aResult)
|
||||
NS_ENSURE_SUCCESS(*aResult, nsnull);
|
||||
|
||||
nsCOMPtr<nsIURI> uri;
|
||||
nsCAutoString currentDomain;
|
||||
nsAutoString currentDomain;
|
||||
if (subjectPrincipal) {
|
||||
*aResult = subjectPrincipal->GetDomain(getter_AddRefs(uri));
|
||||
*aResult = GetPrincipalURIAndHost(subjectPrincipal, getter_AddRefs(uri),
|
||||
currentDomain);
|
||||
NS_ENSURE_SUCCESS(*aResult, nsnull);
|
||||
|
||||
if (!uri) {
|
||||
*aResult = subjectPrincipal->GetURI(getter_AddRefs(uri));
|
||||
NS_ENSURE_SUCCESS(*aResult, nsnull);
|
||||
}
|
||||
|
||||
if (uri) {
|
||||
PRPackedBool sessionOnly;
|
||||
if (!nsDOMStorage::CanUseStorage(uri, &sessionOnly)) {
|
||||
*aResult = NS_ERROR_DOM_SECURITY_ERR;
|
||||
return nsnull;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIURI> innerUri = NS_GetInnermostURI(uri);
|
||||
if (!innerUri) {
|
||||
*aResult = NS_ERROR_UNEXPECTED;
|
||||
return nsnull;
|
||||
}
|
||||
|
||||
uri = innerUri;
|
||||
nsresult rv = uri->GetAsciiHost(currentDomain);
|
||||
if (NS_FAILED(rv)) {
|
||||
*aResult = NS_ERROR_DOM_SECURITY_ERR;
|
||||
return nsnull;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
PRBool isSystem;
|
||||
*aResult = ssm->SubjectPrincipalIsSystem(&isSystem);
|
||||
NS_ENSURE_SUCCESS(*aResult, nsnull);
|
||||
|
||||
// allow code that has read privileges to get the storage for any domain
|
||||
if (!isSystem && nsContentUtils::IsCallerTrustedForRead())
|
||||
isSystem = PR_TRUE;
|
||||
PRBool isSystem = nsContentUtils::IsCallerTrustedForRead();
|
||||
|
||||
if (isSystem || !currentDomain.IsEmpty()) {
|
||||
return GetStorageForDomain(uri, NS_ConvertUTF8toUTF16(requestedDomain),
|
||||
NS_ConvertUTF8toUTF16(currentDomain),
|
||||
isSystem, aResult);
|
||||
currentDomain, isSystem, aResult);
|
||||
}
|
||||
|
||||
*aResult = NS_ERROR_DOM_SECURITY_ERR;
|
||||
|
Loading…
Reference in New Issue
Block a user