mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 1062529 - Split GetChannelPrincipal into GetChannelResultPrincipal and GetChannelURIPrincipal. r=bz
This commit is contained in:
Christoph Kerschbaumer
parent
3a1086521b
commit
42b948f5dd
@ -19,7 +19,7 @@ interface nsILoadContext;
|
||||
[ptr] native JSContextPtr(JSContext);
|
||||
[ptr] native JSObjectPtr(JSObject);
|
||||
|
||||
[scriptable, uuid(f6e1e37e-14d0-44fa-a9bb-712bfad6c5f7)]
|
||||
[scriptable, uuid(3b021962-975e-43b5-8a93-9fc2d20346e9)]
|
||||
interface nsIScriptSecurityManager : nsISupports
|
||||
{
|
||||
/**
|
||||
@ -199,7 +199,13 @@ interface nsIScriptSecurityManager : nsISupports
|
||||
* channel owner if there is one, and the codebase principal for the
|
||||
* channel's URI otherwise. aChannel must not be null.
|
||||
*/
|
||||
nsIPrincipal getChannelPrincipal(in nsIChannel aChannel);
|
||||
nsIPrincipal getChannelResultPrincipal(in nsIChannel aChannel);
|
||||
|
||||
/**
|
||||
* Get the codebase principal for the channel's URI.
|
||||
* aChannel must not be null.
|
||||
*/
|
||||
nsIPrincipal getChannelURIPrincipal(in nsIChannel aChannel);
|
||||
|
||||
/**
|
||||
* Check whether a given principal is a system principal. This allows us
|
||||
|
||||
@ -306,8 +306,8 @@ nsScriptSecurityManager::AppStatusForPrincipal(nsIPrincipal *aPrin)
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsScriptSecurityManager::GetChannelPrincipal(nsIChannel* aChannel,
|
||||
nsIPrincipal** aPrincipal)
|
||||
nsScriptSecurityManager::GetChannelResultPrincipal(nsIChannel* aChannel,
|
||||
nsIPrincipal** aPrincipal)
|
||||
{
|
||||
NS_PRECONDITION(aChannel, "Must have channel!");
|
||||
nsCOMPtr<nsISupports> owner;
|
||||
@ -336,14 +336,21 @@ nsScriptSecurityManager::GetChannelPrincipal(nsIChannel* aChannel,
|
||||
return NS_OK;
|
||||
}
|
||||
}
|
||||
return GetChannelURIPrincipal(aChannel, aPrincipal);
|
||||
}
|
||||
|
||||
// OK, get the principal from the URI. Make sure this does the same thing
|
||||
NS_IMETHODIMP
|
||||
nsScriptSecurityManager::GetChannelURIPrincipal(nsIChannel* aChannel,
|
||||
nsIPrincipal** aPrincipal)
|
||||
{
|
||||
NS_PRECONDITION(aChannel, "Must have channel!");
|
||||
|
||||
// Get the principal from the URI. Make sure this does the same thing
|
||||
// as nsDocument::Reset and XULDocument::StartDocumentLoad.
|
||||
nsCOMPtr<nsIURI> uri;
|
||||
nsresult rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(uri));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
|
||||
nsCOMPtr<nsILoadContext> loadContext;
|
||||
NS_QueryNotificationCallbacks(aChannel, loadContext);
|
||||
|
||||
@ -1189,7 +1196,7 @@ nsScriptSecurityManager::AsyncOnChannelRedirect(nsIChannel* oldChannel,
|
||||
nsIAsyncVerifyRedirectCallback *cb)
|
||||
{
|
||||
nsCOMPtr<nsIPrincipal> oldPrincipal;
|
||||
GetChannelPrincipal(oldChannel, getter_AddRefs(oldPrincipal));
|
||||
GetChannelResultPrincipal(oldChannel, getter_AddRefs(oldPrincipal));
|
||||
|
||||
nsCOMPtr<nsIURI> newURI;
|
||||
newChannel->GetURI(getter_AddRefs(newURI));
|
||||
|
||||
@ -343,8 +343,8 @@ ImportLoader::OnStartRequest(nsIRequest* aRequest, nsISupports* aContext)
|
||||
if (nsContentUtils::IsSystemPrincipal(principal)) {
|
||||
// We should never import non-system documents and run their scripts with system principal!
|
||||
nsCOMPtr<nsIPrincipal> channelPrincipal;
|
||||
nsContentUtils::GetSecurityManager()->GetChannelPrincipal(channel,
|
||||
getter_AddRefs(channelPrincipal));
|
||||
nsContentUtils::GetSecurityManager()->GetChannelResultPrincipal(channel,
|
||||
getter_AddRefs(channelPrincipal));
|
||||
if (!nsContentUtils::IsSystemPrincipal(channelPrincipal)) {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
|
||||
@ -5670,7 +5670,7 @@ nsContentUtils::CheckSameOrigin(nsIChannel *aOldChannel, nsIChannel *aNewChannel
|
||||
|
||||
nsCOMPtr<nsIPrincipal> oldPrincipal;
|
||||
nsContentUtils::GetSecurityManager()->
|
||||
GetChannelPrincipal(aOldChannel, getter_AddRefs(oldPrincipal));
|
||||
GetChannelResultPrincipal(aOldChannel, getter_AddRefs(oldPrincipal));
|
||||
|
||||
nsCOMPtr<nsIURI> newURI;
|
||||
aNewChannel->GetURI(getter_AddRefs(newURI));
|
||||
|
||||
@ -682,13 +682,15 @@ nsCORSListenerProxy::AsyncOnChannelRedirect(nsIChannel *aOldChannel,
|
||||
|
||||
if (mHasBeenCrossSite) {
|
||||
// Once we've been cross-site, cross-origin redirects reset our source
|
||||
// origin.
|
||||
// origin. Note that we need to call GetChannelURIPrincipal() because
|
||||
// we are looking for the principal that is actually being loaded and not
|
||||
// the principal that initiated the load.
|
||||
nsCOMPtr<nsIPrincipal> oldChannelPrincipal;
|
||||
nsContentUtils::GetSecurityManager()->
|
||||
GetChannelPrincipal(aOldChannel, getter_AddRefs(oldChannelPrincipal));
|
||||
GetChannelURIPrincipal(aOldChannel, getter_AddRefs(oldChannelPrincipal));
|
||||
nsCOMPtr<nsIPrincipal> newChannelPrincipal;
|
||||
nsContentUtils::GetSecurityManager()->
|
||||
GetChannelPrincipal(aNewChannel, getter_AddRefs(newChannelPrincipal));
|
||||
GetChannelURIPrincipal(aNewChannel, getter_AddRefs(newChannelPrincipal));
|
||||
if (!oldChannelPrincipal || !newChannelPrincipal) {
|
||||
rv = NS_ERROR_OUT_OF_MEMORY;
|
||||
}
|
||||
|
||||
@ -2208,15 +2208,15 @@ nsDocument::Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup)
|
||||
nsCOMPtr<nsIPrincipal> principal;
|
||||
if (aChannel) {
|
||||
// Note: this code is duplicated in XULDocument::StartDocumentLoad and
|
||||
// nsScriptSecurityManager::GetChannelPrincipal.
|
||||
// nsScriptSecurityManager::GetChannelResultPrincipal.
|
||||
// Note: this should match nsDocShell::OnLoadingSite
|
||||
NS_GetFinalChannelURI(aChannel, getter_AddRefs(uri));
|
||||
|
||||
nsIScriptSecurityManager *securityManager =
|
||||
nsContentUtils::GetSecurityManager();
|
||||
if (securityManager) {
|
||||
securityManager->GetChannelPrincipal(aChannel,
|
||||
getter_AddRefs(principal));
|
||||
securityManager->GetChannelResultPrincipal(aChannel,
|
||||
getter_AddRefs(principal));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -1461,7 +1461,7 @@ nsScriptLoader::PrepareLoadedRequest(nsScriptLoadRequest* aRequest,
|
||||
// principal as the origin principal
|
||||
if (aRequest->mCORSMode == CORS_NONE) {
|
||||
rv = nsContentUtils::GetSecurityManager()->
|
||||
GetChannelPrincipal(channel, getter_AddRefs(aRequest->mOriginPrincipal));
|
||||
GetChannelResultPrincipal(channel, getter_AddRefs(aRequest->mOriginPrincipal));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
}
|
||||
|
||||
|
||||
@ -94,7 +94,7 @@ ImageListener::OnStartRequest(nsIRequest* request, nsISupports *ctxt)
|
||||
nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager();
|
||||
nsCOMPtr<nsIPrincipal> channelPrincipal;
|
||||
if (secMan) {
|
||||
secMan->GetChannelPrincipal(channel, getter_AddRefs(channelPrincipal));
|
||||
secMan->GetChannelResultPrincipal(channel, getter_AddRefs(channelPrincipal));
|
||||
}
|
||||
|
||||
int16_t decision = nsIContentPolicy::ACCEPT;
|
||||
|
||||
@ -534,7 +534,7 @@ ChannelMediaResource::OnDataAvailable(nsIRequest* aRequest,
|
||||
CopySegmentClosure closure;
|
||||
nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager();
|
||||
if (secMan && mChannel) {
|
||||
secMan->GetChannelPrincipal(mChannel, getter_AddRefs(closure.mPrincipal));
|
||||
secMan->GetChannelResultPrincipal(mChannel, getter_AddRefs(closure.mPrincipal));
|
||||
}
|
||||
closure.mResource = this;
|
||||
|
||||
@ -1406,7 +1406,7 @@ already_AddRefed<nsIPrincipal> FileMediaResource::GetCurrentPrincipal()
|
||||
nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager();
|
||||
if (!secMan || !mChannel)
|
||||
return nullptr;
|
||||
secMan->GetChannelPrincipal(mChannel, getter_AddRefs(principal));
|
||||
secMan->GetChannelResultPrincipal(mChannel, getter_AddRefs(principal));
|
||||
return principal.forget();
|
||||
}
|
||||
|
||||
|
||||
@ -740,7 +740,7 @@ already_AddRefed<nsIPrincipal> RtspMediaResource::GetCurrentPrincipal()
|
||||
nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager();
|
||||
if (!secMan || !mChannel)
|
||||
return nullptr;
|
||||
secMan->GetChannelPrincipal(mChannel, getter_AddRefs(principal));
|
||||
secMan->GetChannelResultPrincipal(mChannel, getter_AddRefs(principal));
|
||||
return principal.forget();
|
||||
}
|
||||
|
||||
|
||||
@ -2004,7 +2004,7 @@ XULDocument::PrepareToLoad(nsISupports* aContainer,
|
||||
// Get the document's principal
|
||||
nsCOMPtr<nsIPrincipal> principal;
|
||||
nsContentUtils::GetSecurityManager()->
|
||||
GetChannelPrincipal(aChannel, getter_AddRefs(principal));
|
||||
GetChannelResultPrincipal(aChannel, getter_AddRefs(principal));
|
||||
return PrepareToLoadPrototype(mDocumentURI, aCommand, principal, aResult);
|
||||
}
|
||||
|
||||
@ -4516,7 +4516,7 @@ XULDocument::ParserObserver::OnStartRequest(nsIRequest *request,
|
||||
nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager();
|
||||
if (channel && secMan) {
|
||||
nsCOMPtr<nsIPrincipal> principal;
|
||||
secMan->GetChannelPrincipal(channel, getter_AddRefs(principal));
|
||||
secMan->GetChannelResultPrincipal(channel, getter_AddRefs(principal));
|
||||
|
||||
// Failure there is ok -- it'll just set a (safe) null principal
|
||||
mPrototype->SetDocumentPrincipal(principal);
|
||||
|
||||
@ -6580,7 +6580,7 @@ NS_IMETHODIMP nsDocShell::SetupRefreshURI(nsIChannel * aChannel)
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
nsCOMPtr<nsIPrincipal> principal;
|
||||
rv = secMan->GetChannelPrincipal(aChannel, getter_AddRefs(principal));
|
||||
rv = secMan->GetChannelResultPrincipal(aChannel, getter_AddRefs(principal));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
SetupReferrerFromChannel(aChannel);
|
||||
|
||||
@ -502,7 +502,7 @@ private:
|
||||
NS_ASSERTION(ssm, "Should never be null!");
|
||||
|
||||
nsCOMPtr<nsIPrincipal> channelPrincipal;
|
||||
rv = ssm->GetChannelPrincipal(channel, getter_AddRefs(channelPrincipal));
|
||||
rv = ssm->GetChannelResultPrincipal(channel, getter_AddRefs(channelPrincipal));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// See if this is a resource URI. Since JSMs usually come from resource://
|
||||
|
||||
@ -246,8 +246,8 @@ ImageFactory::CreateRasterImage(nsIRequest* aRequest,
|
||||
nsCOMPtr<nsIChannel> chan(do_QueryInterface(aRequest));
|
||||
nsCOMPtr<nsIPrincipal> principal;
|
||||
if (chan) {
|
||||
nsContentUtils::GetSecurityManager()->GetChannelPrincipal(chan,
|
||||
getter_AddRefs(principal));
|
||||
nsContentUtils::GetSecurityManager()->GetChannelResultPrincipal(chan,
|
||||
getter_AddRefs(principal));
|
||||
}
|
||||
|
||||
if ((principal &&
|
||||
|
||||
@ -652,8 +652,8 @@ NS_IMETHODIMP imgRequest::OnStartRequest(nsIRequest *aRequest, nsISupports *ctxt
|
||||
if (chan) {
|
||||
nsCOMPtr<nsIScriptSecurityManager> secMan = nsContentUtils::GetSecurityManager();
|
||||
if (secMan) {
|
||||
nsresult rv = secMan->GetChannelPrincipal(chan,
|
||||
getter_AddRefs(mPrincipal));
|
||||
nsresult rv = secMan->GetChannelResultPrincipal(chan,
|
||||
getter_AddRefs(mPrincipal));
|
||||
if (NS_FAILED(rv)) {
|
||||
return rv;
|
||||
}
|
||||
|
||||
@ -123,7 +123,7 @@ MayUseXULXBL(nsIChannel* aChannel)
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIPrincipal> principal;
|
||||
securityManager->GetChannelPrincipal(aChannel, getter_AddRefs(principal));
|
||||
securityManager->GetChannelResultPrincipal(aChannel, getter_AddRefs(principal));
|
||||
NS_ENSURE_TRUE(principal, false);
|
||||
|
||||
return nsContentUtils::AllowXULXBLForPrincipal(principal);
|
||||
|
||||
@ -861,7 +861,7 @@ SheetLoadData::OnStreamComplete(nsIUnicharStreamLoader* aLoader,
|
||||
if (mUseSystemPrincipal) {
|
||||
result = secMan->GetSystemPrincipal(getter_AddRefs(principal));
|
||||
} else {
|
||||
result = secMan->GetChannelPrincipal(channel, getter_AddRefs(principal));
|
||||
result = secMan->GetChannelResultPrincipal(channel, getter_AddRefs(principal));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -226,8 +226,8 @@ nsChannelClassifier::Start(nsIChannel *aChannel)
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
nsCOMPtr<nsIPrincipal> principal;
|
||||
rv = securityManager->GetChannelPrincipal(aChannel,
|
||||
getter_AddRefs(principal));
|
||||
rv = securityManager->GetChannelResultPrincipal(aChannel,
|
||||
getter_AddRefs(principal));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
bool expectCallback;
|
||||
|
||||
@ -1736,7 +1736,7 @@ HttpBaseChannel::GetPrincipal(bool requireAppId)
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
securityManager->GetChannelPrincipal(this, getter_AddRefs(mPrincipal));
|
||||
securityManager->GetChannelResultPrincipal(this, getter_AddRefs(mPrincipal));
|
||||
if (!mPrincipal) {
|
||||
LOG(("HttpBaseChannel::GetPrincipal: No channel principal [this=%p]",
|
||||
this));
|
||||
|
||||
@ -882,7 +882,7 @@ RDFXMLDataSourceImpl::AsyncOnChannelRedirect(nsIChannel *aOldChannel,
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
nsCOMPtr<nsIPrincipal> oldPrincipal;
|
||||
secMan->GetChannelPrincipal(aOldChannel, getter_AddRefs(oldPrincipal));
|
||||
secMan->GetChannelResultPrincipal(aOldChannel, getter_AddRefs(oldPrincipal));
|
||||
|
||||
nsCOMPtr<nsIURI> newURI;
|
||||
aNewChannel->GetURI(getter_AddRefs(newURI));
|
||||
|
||||
Loading…
Reference in New Issue
Block a user