wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 1165263 - Part 1: Update nsPermissionManager to use origins instead of hosts internally, r=ehsan

Browse Source
This commit is contained in:
Michael Layzell 2015-06-16 15:27:45 -04:00 committed by Ehsan Akhgari
parent 746485a7e1
commit 48c0c2b431
4 changed files with 560 additions and 307 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
browser/app/permissions
View File

@ -1,21 +1,21 @@
# This file has default permissions for the permission manager.
# The file-format is strict:
# * matchtype \t type \t permission \t host
# * Only "host" is supported for matchtype
# * "origin" should be used for matchtype, "host" is supported for legacy reasons
# * type is a string that identifies the type of permission (e.g. "cookie")
# * permission is an integer between 1 and 15
# See nsPermissionManager.cpp for more...
# UITour
host uitour 1 www.mozilla.org
host uitour 1 self-repair.mozilla.org
host uitour 1 support.mozilla.org
host uitour 1 about:home
origin uitour 1 https://www.mozilla.org
origin uitour 1 https://self-repair.mozilla.org
origin uitour 1 https://support.mozilla.org
origin uitour 1 about:home
# XPInstall
host install 1 addons.mozilla.org
host install 1 marketplace.firefox.com
origin install 1 https://addons.mozilla.org
origin install 1 https://marketplace.firefox.com
# Remote troubleshooting
host remote-troubleshooting 1 input.mozilla.org
host remote-troubleshooting 1 support.mozilla.org
origin remote-troubleshooting 1 https://input.mozilla.org
origin remote-troubleshooting 1 https://support.mozilla.org

67
extensions/cookie/nsPermission.cpp
View File

@ -1,4 +1,4 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
@ -8,6 +8,7 @@
#include "nsIClassInfoImpl.h"
#include "nsIEffectiveTLDService.h"
#include "nsIScriptSecurityManager.h"
#include "mozilla/BasePrincipal.h"
// nsPermission Implementation
@ -77,29 +78,55 @@ nsPermission::Matches(nsIPrincipal* aPrincipal, bool aExactHost, bool* aMatches)
return NS_OK;
}
// Make sure that the OriginAttributes of the two entries are the same
nsAutoCString theirSuffix;
nsresult rv = aPrincipal->GetOriginSuffix(theirSuffix);
NS_ENSURE_SUCCESS(rv, rv);
nsAutoCString ourSuffix;
rv = mPrincipal->GetOriginSuffix(ourSuffix);
NS_ENSURE_SUCCESS(rv, rv);
if (theirSuffix != ourSuffix) {
return NS_OK;
// If we are matching with an exact host, we're done now - the permissions don't match
// otherwise, we need to start comparing subdomains!
if (aExactHost) {
return NS_OK;
}
// Compare their OriginAttributes
const mozilla::OriginAttributes& theirAttrs = mozilla::BasePrincipal::Cast(aPrincipal)->OriginAttributesRef();
const mozilla::OriginAttributes& ourAttrs = mozilla::BasePrincipal::Cast(mPrincipal)->OriginAttributesRef();
if (theirAttrs != ourAttrs) {
return NS_OK;
}
// Right now, we only care about the hosts
nsCOMPtr<nsIURI> theirURI;
rv = aPrincipal->GetURI(getter_AddRefs(theirURI));
nsresult rv = aPrincipal->GetURI(getter_AddRefs(theirURI));
NS_ENSURE_SUCCESS(rv, rv);
nsCOMPtr<nsIURI> ourURI;
rv = mPrincipal->GetURI(getter_AddRefs(ourURI));
NS_ENSURE_SUCCESS(rv, rv);
// Get the hosts so we can compare them
// Compare schemes
nsAutoCString theirScheme;
rv = theirURI->GetScheme(theirScheme);
NS_ENSURE_SUCCESS(rv, rv);
nsAutoCString ourScheme;
rv = ourURI->GetScheme(ourScheme);
NS_ENSURE_SUCCESS(rv, rv);
if (theirScheme != ourScheme) {
return NS_OK;
}
// Compare ports
int32_t theirPort;
rv = theirURI->GetPort(&theirPort);
NS_ENSURE_SUCCESS(rv, rv);
int32_t ourPort;
rv = ourURI->GetPort(&ourPort);
NS_ENSURE_SUCCESS(rv, rv);
if (theirPort != ourPort) {
return NS_OK;
}
// Check if the host or any subdomain of their host matches.
nsAutoCString theirHost;
rv = theirURI->GetHost(theirHost);
if (NS_FAILED(rv) || theirHost.IsEmpty()) {
@ -112,11 +139,6 @@ nsPermission::Matches(nsIPrincipal* aPrincipal, bool aExactHost, bool* aMatches)
return NS_OK;
}
if (aExactHost) { // If we only care about the exact host, we compare them and are done
*aMatches = theirHost == ourHost;
return NS_OK;
}
nsCOMPtr<nsIEffectiveTLDService> tldService =
do_GetService(NS_EFFECTIVETLDSERVICE_CONTRACTID);
if (!tldService) {
@ -124,9 +146,8 @@ nsPermission::Matches(nsIPrincipal* aPrincipal, bool aExactHost, bool* aMatches)
return NS_ERROR_FAILURE;
}
// Check if the host or any subdomain of the host matches. This loop will
// not loop forever, as GetNextSubDomain will eventually fail with
// NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS.
// This loop will not loop forever, as GetNextSubDomain will eventually fail
// with NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS.
while (theirHost != ourHost) {
rv = tldService->GetNextSubDomain(theirHost, theirHost);
if (NS_FAILED(rv)) {

741
extensions/cookie/nsPermissionManager.cpp
View File

File diff suppressed because it is too large Load Diff

41
extensions/cookie/nsPermissionManager.h
View File

@ -71,35 +71,22 @@ public:
{
public:
explicit PermissionKey(nsIPrincipal* aPrincipal);
PermissionKey(const nsACString& aHost,
uint32_t aAppId,
bool aIsInBrowserElement)
: mHost(aHost)
, mAppId(aAppId)
, mIsInBrowserElement(aIsInBrowserElement)
explicit PermissionKey(const nsACString& aOrigin)
: mOrigin(aOrigin)
{
}
bool operator==(const PermissionKey& aKey) const {
return mHost.Equals(aKey.mHost) &&
mAppId == aKey.mAppId &&
mIsInBrowserElement == aKey.mIsInBrowserElement;
return mOrigin.Equals(aKey.mOrigin);
}
PLDHashNumber GetHashCode() const {
nsAutoCString str;
str.Assign(mHost);
str.AppendInt(mAppId);
str.AppendInt(static_cast<int32_t>(mIsInBrowserElement));
return mozilla::HashString(str);
return mozilla::HashString(mOrigin);
}
NS_INLINE_DECL_THREADSAFE_REFCOUNTING(PermissionKey)
nsCString mHost;
uint32_t mAppId;
bool mIsInBrowserElement;
nsCString mOrigin;
private:
// Default ctor shouldn't be used.
@ -222,11 +209,9 @@ private:
int32_t GetTypeIndex(const char *aTypeString,
bool aAdd);
PermissionHashKey* GetPermissionHashKey(const nsACString& aHost,
uint32_t aAppId,
bool aIsInBrowserElement,
uint32_t aType,
bool aExactHostMatch);
PermissionHashKey* GetPermissionHashKey(nsIPrincipal* aPrincipal,
uint32_t aType,
bool aExactHostMatch);
nsresult CommonTestPermission(nsIPrincipal* aPrincipal,
const char *aType,
@ -241,9 +226,7 @@ private:
nsresult ImportDefaults();
nsresult _DoImport(nsIInputStream *inputStream, mozIStorageConnection *aConn);
nsresult Read();
void NotifyObserversWithPermission(const nsACString &aHost,
uint32_t aAppId,
bool aIsInBrowserElement,
void NotifyObserversWithPermission(nsIPrincipal* aPrincipal,
const nsCString &aType,
uint32_t aPermission,
uint32_t aExpireType,
@ -261,14 +244,12 @@ private:
static void UpdateDB(OperationType aOp,
mozIStorageAsyncStatement* aStmt,
int64_t aID,
const nsACString& aHost,
const nsACString& aOrigin,
const nsACString& aType,
uint32_t aPermission,
uint32_t aExpireType,
int64_t aExpireTime,
int64_t aModificationTime,
uint32_t aAppId,
bool aIsInBrowserElement);
int64_t aModificationTime);
nsresult RemoveExpiredPermissionsForApp(uint32_t aAppId);