wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 1083422 - Add triggering Principal to nsILoadInfo - update callsites (r=bz,sicking)

Browse Source
This commit is contained in:
Christoph Kerschbaumer 2014-11-14 08:56:55 -08:00
parent a1bd996341
commit 35d8a6d9d1
10 changed files with 233 additions and 137 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
docshell/base/nsDocShell.cpp
View File

@ -10264,23 +10264,23 @@ nsDocShell::DoURILoad(nsIURI * aURI,
}
bool isSandBoxed = mSandboxFlags & SANDBOXED_ORIGIN;
// only inherit if we have a requestingPrincipal
// only inherit if we have a triggeringPrincipal
bool inherit = false;
nsCOMPtr<nsIPrincipal> requestingPrincipal = do_QueryInterface(aOwner);
if (requestingPrincipal) {
inherit = nsContentUtils::ChannelShouldInheritPrincipal(requestingPrincipal,
nsCOMPtr<nsIPrincipal> triggeringPrincipal = do_QueryInterface(aOwner);
if (triggeringPrincipal) {
inherit = nsContentUtils::ChannelShouldInheritPrincipal(triggeringPrincipal,
aURI,
true, // aInheritForAboutBlank
isSrcdoc);
}
else if (!requestingPrincipal && aReferrerURI) {
else if (!triggeringPrincipal && aReferrerURI) {
rv = CreatePrincipalFromReferrer(aReferrerURI,
getter_AddRefs(requestingPrincipal));
getter_AddRefs(triggeringPrincipal));
NS_ENSURE_SUCCESS(rv, rv);
}
else {
requestingPrincipal = nsContentUtils::GetSystemPrincipal();
triggeringPrincipal = nsContentUtils::GetSystemPrincipal();
}
nsSecurityFlags securityFlags = nsILoadInfo::SEC_NORMAL;
@ -10293,11 +10293,13 @@ nsDocShell::DoURILoad(nsIURI * aURI,
if (!isSrcdoc) {
nsCOMPtr<nsILoadInfo> loadInfo =
new mozilla::LoadInfo(requestingPrincipal,
requestingNode,
securityFlags,
aContentPolicyType,
aBaseURI);
new LoadInfo(requestingNode ?
requestingNode->NodePrincipal() : triggeringPrincipal.get(),
triggeringPrincipal,
requestingNode,
securityFlags,
aContentPolicyType,
aBaseURI);
rv = NS_NewChannelInternal(getter_AddRefs(channel),
aURI,
loadInfo,
@ -10335,7 +10337,9 @@ nsDocShell::DoURILoad(nsIURI * aURI,
rv = vsh->NewSrcdocChannel(aURI, aSrcdoc, getter_AddRefs(channel));
NS_ENSURE_SUCCESS(rv, rv);
nsCOMPtr<nsILoadInfo> loadInfo =
new LoadInfo(requestingPrincipal,
new LoadInfo(requestingNode ?
requestingNode->NodePrincipal() : triggeringPrincipal.get(),
triggeringPrincipal,
requestingNode,
securityFlags,
aContentPolicyType,
@ -10348,7 +10352,9 @@ nsDocShell::DoURILoad(nsIURI * aURI,
aSrcdoc,
NS_LITERAL_CSTRING("text/html"),
requestingNode,
requestingPrincipal,
requestingNode ?
requestingNode->NodePrincipal() : triggeringPrincipal.get(),
triggeringPrincipal,
securityFlags,
aContentPolicyType,
true,

4
dom/base/WebSocket.cpp
View File

@ -1470,7 +1470,9 @@ WebSocketImpl::InitializeConnection()
mOriginDocument = nullptr;
nsCOMPtr<nsILoadInfo> loadInfo =
new LoadInfo(mPrincipal,
new LoadInfo(doc ?
doc->NodePrincipal() : mPrincipal.get(),
mPrincipal,
doc,
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_WEBSOCKET);

17
dom/base/nsCrossSiteListenerProxy.cpp
View File

@ -1127,15 +1127,14 @@ NS_StartCORSPreflight(nsIChannel* aRequestChannel,
loadFlags);
}
else {
rv = NS_NewChannelInternal(getter_AddRefs(preflightChannel),
uri,
nullptr, // aRequestingNode,
nsContentUtils::GetSystemPrincipal(),
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_OTHER,
loadGroup,
nullptr, // aCallbacks
loadFlags);
rv = NS_NewChannel(getter_AddRefs(preflightChannel),
uri,
nsContentUtils::GetSystemPrincipal(),
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_OTHER,
loadGroup,
nullptr, // aCallbacks
loadFlags);
}
NS_ENSURE_SUCCESS(rv, rv);

36
dom/plugins/base/nsPluginHost.cpp
View File

@ -3070,23 +3070,35 @@ nsresult nsPluginHost::NewPluginURLStream(const nsString& aURL,
if (NS_FAILED(rv))
return rv;
if (!principal) {
principal = do_CreateInstance("@mozilla.org/nullprincipal;1", &rv);
NS_ENSURE_SUCCESS(rv, rv);
}
// @arg loadgroup:
// do not add this internal plugin's channel on the
// load group otherwise this channel could be canceled
// form |nsDocShell::OnLinkClickSync| bug 166613
nsCOMPtr<nsIChannel> channel;
rv = NS_NewChannelInternal(getter_AddRefs(channel),
url,
doc,
principal,
nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL,
nsIContentPolicy::TYPE_OBJECT_SUBREQUEST,
nullptr, // aLoadGroup
listenerPeer);
nsCOMPtr<nsINode> requestingNode(do_QueryInterface(element));
if (requestingNode) {
rv = NS_NewChannel(getter_AddRefs(channel),
url,
requestingNode,
nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL,
nsIContentPolicy::TYPE_OBJECT_SUBREQUEST,
nullptr, // aLoadGroup
listenerPeer);
}
else {
// in this else branch we really don't know where the load is coming
// from and in fact should use something better than just using
// a nullPrincipal as the loadingPrincipal.
principal = do_CreateInstance("@mozilla.org/nullprincipal;1", &rv);
NS_ENSURE_SUCCESS(rv, rv);
rv = NS_NewChannel(getter_AddRefs(channel),
url,
principal,
nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL,
nsIContentPolicy::TYPE_OBJECT_SUBREQUEST,
nullptr, // aLoadGroup
listenerPeer);
}
if (NS_FAILED(rv))
return rv;

43
dom/plugins/base/nsPluginStreamListenerPeer.cpp
View File

@ -4,6 +4,7 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsPluginStreamListenerPeer.h"
#include "nsIDOMElement.h"
#include "nsIStreamConverterService.h"
#include "nsIHttpChannel.h"
#include "nsIHttpChannelInternal.h"
@ -640,8 +641,11 @@ nsPluginStreamListenerPeer::RequestRead(NPByteRange* rangeList)
nsresult rv = NS_OK;
nsRefPtr<nsPluginInstanceOwner> owner = mPluginInstance->GetOwner();
nsCOMPtr<nsIDOMElement> element;
nsCOMPtr<nsIDocument> doc;
if (owner) {
rv = owner->GetDOMElement(getter_AddRefs(element));
NS_ENSURE_SUCCESS(rv, rv);
rv = owner->GetDocument(getter_AddRefs(doc));
NS_ENSURE_SUCCESS(rv, rv);
}
@ -649,21 +653,32 @@ nsPluginStreamListenerPeer::RequestRead(NPByteRange* rangeList)
nsCOMPtr<nsIInterfaceRequestor> callbacks = do_QueryReferent(mWeakPtrChannelCallbacks);
nsCOMPtr<nsILoadGroup> loadGroup = do_QueryReferent(mWeakPtrChannelLoadGroup);
nsCOMPtr<nsIPrincipal> principal = doc ? doc->NodePrincipal() : nullptr;
if (!principal) {
principal = do_CreateInstance("@mozilla.org/nullprincipal;1", &rv);
NS_ENSURE_SUCCESS(rv, rv);
}
nsCOMPtr<nsIChannel> channel;
rv = NS_NewChannelInternal(getter_AddRefs(channel),
mURL,
doc,
principal,
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_OTHER,
loadGroup,
callbacks);
nsCOMPtr<nsINode> requestingNode(do_QueryInterface(element));
if (requestingNode) {
rv = NS_NewChannel(getter_AddRefs(channel),
mURL,
requestingNode,
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_OTHER,
loadGroup,
callbacks);
}
else {
// in this else branch we really don't know where the load is coming
// from and in fact should use something better than just using
// a nullPrincipal as the loadingPrincipal.
nsCOMPtr<nsIPrincipal> principal =
do_CreateInstance("@mozilla.org/nullprincipal;1", &rv);
NS_ENSURE_SUCCESS(rv, rv);
rv = NS_NewChannel(getter_AddRefs(channel),
mURL,
principal,
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_OTHER,
loadGroup,
callbacks);
}
if (NS_FAILED(rv))
return rv;

31
dom/xbl/nsXBLService.cpp
View File

@ -1073,18 +1073,27 @@ nsXBLService::FetchBindingDocument(nsIContent* aBoundElement, nsIDocument* aBoun
// FetchBindingDocument(). LoadInfo will end up with no principal or node in those cases,
// so we use systemPrincipal. This achieves the same result of bypassing security checks,
// but it gives the wrong information to potential future consumers of loadInfo.
nsCOMPtr<nsIPrincipal> requestingPrincipal = aOriginPrincipal ? aOriginPrincipal
: nsContentUtils::GetSystemPrincipal();
nsCOMPtr<nsIChannel> channel;
// Note that we are calling NS_NewChannelInternal here with both a node and a principal.
// This is because the principal and node could be different.
rv = NS_NewChannelInternal(getter_AddRefs(channel),
aDocumentURI,
aBoundDocument,
requestingPrincipal,
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_OTHER,
loadGroup);
if (aOriginPrincipal) {
// if there is an originPrincipal we should also have aBoundDocument
NS_ASSERTION(aBoundDocument, "can not create a channel without aBoundDocument");
rv = NS_NewChannelWithTriggeringPrincipal(getter_AddRefs(channel),
aDocumentURI,
aBoundDocument,
aOriginPrincipal,
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_OTHER,
loadGroup);
}
else {
rv = NS_NewChannel(getter_AddRefs(channel),
aDocumentURI,
nsContentUtils::GetSystemPrincipal(),
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_OTHER,
loadGroup);
}
NS_ENSURE_SUCCESS(rv, rv);

51
image/src/imgLoader.cpp
View File

@ -663,18 +663,18 @@ static nsresult NewImageChannel(nsIChannel **aResult,
//
aLoadFlags |= nsIChannel::LOAD_CLASSIFY_URI;
nsCOMPtr<nsIPrincipal> requestingPrincipal = aLoadingPrincipal;
nsCOMPtr<nsIPrincipal> triggeringPrincipal = aLoadingPrincipal;
bool isSandBoxed = false;
// only inherit if we have a principal
bool inherit = false;
if (requestingPrincipal) {
inherit = nsContentUtils::ChannelShouldInheritPrincipal(requestingPrincipal,
if (triggeringPrincipal) {
inherit = nsContentUtils::ChannelShouldInheritPrincipal(triggeringPrincipal,
aURI,
false, // aInheritForAboutBlank
false); // aForceInherit
}
else {
requestingPrincipal = nsContentUtils::GetSystemPrincipal();
triggeringPrincipal = nsContentUtils::GetSystemPrincipal();
}
nsCOMPtr<nsINode> requestingNode = do_QueryInterface(aRequestingContext);
nsSecurityFlags securityFlags = nsILoadInfo::SEC_NORMAL;
@ -682,19 +682,36 @@ static nsresult NewImageChannel(nsIChannel **aResult,
securityFlags |= nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;
}
// Note we are calling NS_NewChannelInternal() here with a node and a principal.
// This is for things like background images that are specified by user
// stylesheets, where the document is being styled, but the principal is that
// of the user stylesheet.
rv = NS_NewChannelInternal(aResult,
aURI,
requestingNode,
requestingPrincipal,
securityFlags,
aPolicyType,
nullptr, // loadGroup
callbacks,
aLoadFlags);
// Note we are calling NS_NewChannelWithTriggeringPrincipal() here with a node
// and a principal. This is for things like background images that are specified
// by user stylesheets, where the document is being styled, but the principal
// is that of the user stylesheet.
if (requestingNode) {
rv = NS_NewChannelWithTriggeringPrincipal(aResult,
aURI,
requestingNode,
triggeringPrincipal,
securityFlags,
nsIContentPolicy::TYPE_IMAGE,
nullptr, // loadGroup
callbacks,
aLoadFlags);
}
else {
// either we are loading something inside a document, in which case
// we should always have a requestingNode, or we are loading something
// outside a document, in which case the triggeringPrincipal
// should always be the systemPrincipal.
MOZ_ASSERT(nsContentUtils::IsSystemPrincipal(triggeringPrincipal));
rv = NS_NewChannel(aResult,
aURI,
triggeringPrincipal,
securityFlags,
nsIContentPolicy::TYPE_IMAGE,
nullptr, // loadGroup
callbacks,
aLoadFlags);
}
if (NS_FAILED(rv))
return rv;

42
layout/style/FontFaceSet.cpp
View File

@ -389,17 +389,17 @@ FontFaceSet::StartLoad(gfxUserFontEntry* aUserFontEntry,
nsCOMPtr<nsILoadGroup> loadGroup(ps->GetDocument()->GetDocumentLoadGroup());
nsCOMPtr<nsIChannel> channel;
// Note we are calling NS_NewChannelInternal() with both a node and a
// principal. This is because the document where the font is being loaded
// might have a different origin from the principal of the stylesheet
// that initiated the font load.
rv = NS_NewChannelInternal(getter_AddRefs(channel),
aFontFaceSrc->mURI,
ps->GetDocument(),
aUserFontEntry->GetPrincipal(),
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_FONT,
loadGroup);
// Note we are calling NS_NewChannelWithTriggeringPrincipal() with both a
// node and a principal. This is because the document where the font is
// being loaded might have a different origin from the principal of the
// stylesheet that initiated the font load.
rv = NS_NewChannelWithTriggeringPrincipal(getter_AddRefs(channel),
aFontFaceSrc->mURI,
ps->GetDocument(),
aUserFontEntry->GetPrincipal(),
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_FONT,
loadGroup);
NS_ENSURE_SUCCESS(rv, rv);
@ -1185,16 +1185,16 @@ FontFaceSet::SyncLoadFontData(gfxUserFontEntry* aFontToLoad,
if (!ps) {
return NS_ERROR_FAILURE;
}
// Note we are calling NS_NewChannelInternal() with both a node and a
// principal. This is because the document where the font is being loaded
// might have a different origin from the principal of the stylesheet
// that initiated the font load.
rv = NS_NewChannelInternal(getter_AddRefs(channel),
aFontFaceSrc->mURI,
ps->GetDocument(),
aFontToLoad->GetPrincipal(),
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_FONT);
// Note we are calling NS_NewChannelWithTriggeringPrincipal() with both a
// node and a principal. This is because the document where the font is
// being loaded might have a different origin from the principal of the
// stylesheet that initiated the font load.
rv = NS_NewChannelWithTriggeringPrincipal(getter_AddRefs(channel),
aFontFaceSrc->mURI,
ps->GetDocument(),
aFontToLoad->GetPrincipal(),
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_FONT);
NS_ENSURE_SUCCESS(rv, rv);

93
layout/style/Loader.cpp
View File

@ -1424,8 +1424,8 @@ Loader::LoadSheet(SheetLoadData* aLoadData, StyleSheetState aSheetState)
}
bool inherit = false;
nsIPrincipal* requestingPrincipal = aLoadData->mLoaderPrincipal;
if (requestingPrincipal) {
nsIPrincipal* triggeringPrincipal = aLoadData->mLoaderPrincipal;
if (triggeringPrincipal) {
rv = NS_URIChainHasFlags(aLoadData->mURI,
nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT,
&inherit);
@ -1436,7 +1436,7 @@ Loader::LoadSheet(SheetLoadData* aLoadData, StyleSheetState aSheetState)
CheckMayLoad(aLoadData->mURI, false, false))));
}
else {
requestingPrincipal = nsContentUtils::GetSystemPrincipal();
triggeringPrincipal = nsContentUtils::GetSystemPrincipal();
}
if (aLoadData->mSyncLoad) {
@ -1469,17 +1469,36 @@ Loader::LoadSheet(SheetLoadData* aLoadData, StyleSheetState aSheetState)
// principal. This is because of a case where the node is the document
// being styled and the principal is the stylesheet (perhaps from a
// different origin) that is applying the styles.
rv = NS_OpenURIInternal(getter_AddRefs(stream),
aLoadData->mURI,
aLoadData->mRequestingNode,
requestingPrincipal,
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_OTHER,
nullptr, // aLoadGroup
nullptr, // aCallbacks
nsIRequest::LOAD_NORMAL,
nullptr, // aIoService
getter_AddRefs(channel));
if (aLoadData->mRequestingNode) {
rv = NS_OpenURIWithTriggeringPrincipal(getter_AddRefs(stream),
aLoadData->mURI,
aLoadData->mRequestingNode,
triggeringPrincipal,
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_OTHER,
nullptr, // aLoadGroup
nullptr, // aCallbacks
nsIRequest::LOAD_NORMAL,
nullptr, // aIoService
getter_AddRefs(channel));
}
else {
// either we are loading something inside a document, in which case
// we should always have a requestingNode, or we are loading something
// outside a document, in which case the triggeringPrincipal
// should always be the systemPrincipal.
MOZ_ASSERT(nsContentUtils::IsSystemPrincipal(triggeringPrincipal));
rv = NS_OpenURI(getter_AddRefs(stream),
aLoadData->mURI,
triggeringPrincipal,
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_OTHER,
nullptr, // aLoadGroup
nullptr, // aCallbacks
nsIRequest::LOAD_NORMAL,
nullptr, // aIoService
getter_AddRefs(channel));
}
if (NS_FAILED(rv)) {
LOG_ERROR((" Failed to open URI synchronously"));
@ -1560,20 +1579,38 @@ Loader::LoadSheet(SheetLoadData* aLoadData, StyleSheetState aSheetState)
}
nsCOMPtr<nsIChannel> channel;
// Note we are calling NS_NewChannelInternal here with a node and a principal.
// This is because of a case where the node is the document being styled and
// the principal is the stylesheet (perhaps from a different origin) that is
// applying the styles.
rv = NS_NewChannelInternal(getter_AddRefs(channel),
aLoadData->mURI,
aLoadData->mRequestingNode,
requestingPrincipal,
securityFlags,
nsIContentPolicy::TYPE_STYLESHEET,
loadGroup,
nullptr, // aCallbacks
nsIChannel::LOAD_NORMAL |
nsIChannel::LOAD_CLASSIFY_URI);
// Note we are calling NS_NewChannelWithTriggeringPrincipal here with a node
// and a principal. This is because of a case where the node is the document
// being styled and the principal is the stylesheet (perhaps from a different
// origin) that is applying the styles.
if (aLoadData->mRequestingNode) {
rv = NS_NewChannelWithTriggeringPrincipal(getter_AddRefs(channel),
aLoadData->mURI,
aLoadData->mRequestingNode,
triggeringPrincipal,
securityFlags,
nsIContentPolicy::TYPE_STYLESHEET,
loadGroup,
nullptr, // aCallbacks
nsIChannel::LOAD_NORMAL |
nsIChannel::LOAD_CLASSIFY_URI);
}
else {
// either we are loading something inside a document, in which case
// we should always have a requestingNode, or we are loading something
// outside a document, in which case the triggeringPrincipal
// should always be the systemPrincipal.
MOZ_ASSERT(nsContentUtils::IsSystemPrincipal(triggeringPrincipal));
rv = NS_NewChannel(getter_AddRefs(channel),
aLoadData->mURI,
triggeringPrincipal,
securityFlags,
nsIContentPolicy::TYPE_STYLESHEET,
loadGroup,
nullptr, // aCallbacks
nsIChannel::LOAD_NORMAL |
nsIChannel::LOAD_CLASSIFY_URI);
}
if (NS_FAILED(rv)) {
#ifdef DEBUG

19
modules/libjar/nsJARChannel.cpp
View File

@ -879,16 +879,15 @@ nsJARChannel::AsyncOpen(nsIStreamListener *listener, nsISupports *ctx)
mLoadFlags & ~(LOAD_DOCUMENT_URI | LOAD_CALL_CONTENT_SNIFFERS));
}
else {
rv = NS_OpenURIInternal(mDownloader,
nullptr, // aContext
mJarBaseURI,
nullptr, // aRequestingNode,
nsContentUtils::GetSystemPrincipal(),
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_OTHER,
mLoadGroup,
mCallbacks,
mLoadFlags & ~(LOAD_DOCUMENT_URI | LOAD_CALL_CONTENT_SNIFFERS));
rv = NS_OpenURI(mDownloader,
nullptr, // aContext
mJarBaseURI,
nsContentUtils::GetSystemPrincipal(),
nsILoadInfo::SEC_NORMAL,
nsIContentPolicy::TYPE_OTHER,
mLoadGroup,
mCallbacks,
mLoadFlags & ~(LOAD_DOCUMENT_URI | LOAD_CALL_CONTENT_SNIFFERS));
}
}
} else if (mOpeningRemote) {