Bug 744867 - Fire INSTALL_FROM_DENIED for app installation failure due to installs_allowed_from. original-patch=ianb r=fabrice

2024-09-13 09:24:08 -07:00 · 2012-11-18 14:43:38 -08:00 · 2012-11-18 14:43:38 -08:00 · 39a83c668f
commit 39a83c668f
parent a6628ddd7d
7 changed files with 89 additions and 17 deletions
--- a/dom/apps/src/AppsUtils.jsm
+++ b/dom/apps/src/AppsUtils.jsm
@ -147,17 +147,10 @@ this.AppsUtils = {
   * from https://developer.mozilla.org/en/OpenWebApps/The_Manifest
   * only the name property is mandatory
   */
-  checkManifest: function(aManifest, aInstallOrigin) {
+  checkManifest: function(aManifest) {
    if (aManifest.name == undefined)
      return false;

-    function cbCheckAllowedOrigin(aOrigin) {
-      return aOrigin == "*" || aOrigin == aInstallOrigin;
-    }
-
-    if (aManifest.installs_allowed_from && !aManifest.installs_allowed_from.some(cbCheckAllowedOrigin))
-      return false;
-
    function isAbsolute(uri) {
      // See bug 810551
      let foo = Services.io.newURI("http://foo", null, null);
@ -192,11 +185,29 @@ this.AppsUtils = {
  },

  /**
- * Determine the type of app (app, privileged, certified)
- * that is installed by the manifest
- * @param object aManifest
- * @returns integer
- **/
+   * Determines whether the manifest allows installs for the given origin.
+   * @param object aManifest
+   * @param string aInstallOrigin
+   * @return boolean
+   **/
+  checkInstallAllowed: function checkInstallAllowed(aManifest, aInstallOrigin) {
+    if (!aManifest.installs_allowed_from) {
+      return true;
+    }
+
+    function cbCheckAllowedOrigin(aOrigin) {
+      return aOrigin == "*" || aOrigin == aInstallOrigin;
+    }
+
+    return aManifest.installs_allowed_from.some(cbCheckAllowedOrigin);
+  },
+
+  /**
+   * Determine the type of app (app, privileged, certified)
+   * that is installed by the manifest
+   * @param object aManifest
+   * @returns integer
+   **/
  getAppManifestStatus: function getAppManifestStatus(aManifest) {
    let type = aManifest.type || "web";

--- a/dom/apps/src/Webapps.js
+++ b/dom/apps/src/Webapps.js
@ -114,9 +114,12 @@ WebappsRegistry.prototype = {
          return;
        }

-        if (!AppsUtils.checkManifest(manifest, installOrigin)) {
+        if (!AppsUtils.checkManifest(manifest)) {
          Services.DOMRequest.fireError(request, "INVALID_MANIFEST");
          Cu.reportError("Error installing app from: " + installOrigin + ": " + "INVALID_MANIFEST");
+        } else if (!AppsUtils.checkInstallAllowed(manifest, installOrigin)) {
+          Services.DOMRequest.fireError(request, "INSTALL_FROM_DENIED");
+          Cu.reportError("Error installing app from: " + installOrigin + ": " + "INSTALL_FROM_DENIED");
        } else if (!this.checkAppStatus(manifest)) {
          Services.DOMRequest.fireError(request, "INVALID_SECURITY_LEVEL");
          Cu.reportError("Error installing app, '" + manifest.name + "': " + "INVALID_SECURITY_LEVEL");
@ -218,9 +221,11 @@ WebappsRegistry.prototype = {
          Services.DOMRequest.fireError(request, "MANIFEST_PARSE_ERROR");
          return;
        }
-        if (!(AppsUtils.checkManifest(manifest, installOrigin) &&
+        if (!(AppsUtils.checkManifest(manifest) &&
              manifest.package_path)) {
          Services.DOMRequest.fireError(request, "INVALID_MANIFEST");
+        } else if (!AppsUtils.checkInstallAllowed(manifest, installOrigin)) {
+          Services.DOMRequest.fireError(request, "INSTALL_FROM_DENIED");
        } else {
          if (!this.checkAppStatus(manifest)) {
            Services.DOMRequest.fireError(request, "INVALID_SECURITY_LEVEL");
--- a/dom/apps/src/Webapps.jsm
+++ b/dom/apps/src/Webapps.jsm
@ -1005,8 +1005,10 @@ this.DOMApplicationRegistry = {
          sendError("MANIFEST_PARSE_ERROR");
          return;
        }
-        if (!AppsUtils.checkManifest(manifest, app.installOrigin)) {
+        if (!AppsUtils.checkManifest(manifest)) {
          sendError("INVALID_MANIFEST");
+        } else if (!AppsUtils.checkInstallAllowed(manifest, app.installOrigin)) {
+          sendError("INSTALL_FROM_DENIED");
        } else {
          app.etag = xhr.getResponseHeader("Etag");
          app.lastCheckedUpdate = Date.now();
@ -1406,10 +1408,14 @@ this.DOMApplicationRegistry = {
            let manifest = JSON.parse(converter.ConvertToUnicode(NetUtil.readInputStreamToString(istream,
                                                                 istream.available()) || ""));

-            if (!AppsUtils.checkManifest(manifest, aApp.installOrigin)) {
+            if (!AppsUtils.checkManifest(manifest)) {
              throw "INVALID_MANIFEST";
            }

+            if (!AppsUtils.checkInstallAllowed(manifest, aApp.installOrigin)) {
+              throw "INSTALL_FROM_DENIED";
+            }
+
            if (!checkAppStatus(manifest)) {
              throw "INVALID_SECURITY_LEVEL";
            }
--- a/dom/tests/mochitest/webapps/apps/Makefile.in
+++ b/dom/tests/mochitest/webapps/apps/Makefile.in
@ -22,6 +22,8 @@ MOCHITEST_CHROME_FILES	= \
    bad_content_type.webapp \
    utf8.webapp \
    utf8.webapp^headers^ \
+    installs_allowed_from_chrome_mochitests.webapp \
+    installs_allowed_from_example.com.webapp \
    invalid_launch_path.webapp \
    invalid_launch_path.webapp^headers^ \
    invalid_launch_path2.webapp \
--- a/dom/tests/mochitest/webapps/apps/installs_allowed_from_chrome_mochitests.webapp
+++ b/dom/tests/mochitest/webapps/apps/installs_allowed_from_chrome_mochitests.webapp
@ -0,0 +1,4 @@
+{
+  "name": "An application which only allows chrome://mochitests to install it",
+  "installs_allowed_from": ["chrome://mochitests"]
+}
--- a/dom/tests/mochitest/webapps/apps/installs_allowed_from_example.com.webapp
+++ b/dom/tests/mochitest/webapps/apps/installs_allowed_from_example.com.webapp
@ -0,0 +1,4 @@
+{
+  "name": "An application which only allows https://example.com to install it",
+  "installs_allowed_from": ["https://example.com"]
+}
--- a/dom/tests/mochitest/webapps/test_install_errors.xul
+++ b/dom/tests/mochitest/webapps/test_install_errors.xul
@ -30,6 +30,8 @@ var steps = [
  invalidEntryPoint,
  invalidLocaleEntryPoint,
  fileURL,
+  originNotAllowed,
+  originAllowed,
 ];

 runAll(steps);
@ -169,5 +171,43 @@ function fileURL(next) {
  next();
 }

+function originNotAllowed(next) {
+  var url = "http://test/chrome/dom/tests/mochitest/webapps/apps/installs_allowed_from_example.com.webapp";
+
+  confirmNextInstall();
+  var request = navigator.mozApps.install(url, null);
+
+  request.onerror = function onInstallError() {
+    is(this.error.name, "INSTALL_FROM_DENIED", "origin is not in installs_allowed_from");
+    next();
+  };
+
+  request.onsuccess = function onInstall() {
+    ok(false, "test should fail because of installs_allowed_from");
+    this.result.uninstall().onsuccess = function onUninstall() {
+      next();
+    };
+  };
+}
+
+function originAllowed(next) {
+  var url = "http://test/chrome/dom/tests/mochitest/webapps/apps/installs_allowed_from_chrome_mochitests.webapp";
+
+  confirmNextInstall();
+  var request = navigator.mozApps.install(url, null);
+
+  request.onerror = function onInstallError() {
+    ok(false, "installation error: " + this.error.name);
+    next();
+  };
+
+  request.onsuccess = function onInstall() {
+    ok(true, "test origin is in installs_allowed_from");
+    this.result.uninstall().onsuccess = function onUninstall() {
+      next();
+    };
+  };
+}
+
 </script>
 </window>