mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 833935 - Centralize UsingNeckoIPDLSecurity function. r=jdm
This commit is contained in:
Jason Duell
parent
800db35b78
commit
5aa243add2
@ -15,22 +15,17 @@
|
||||
#include "mozilla/net/WebSocketChannelChild.h"
|
||||
#include "mozilla/net/RemoteOpenFileChild.h"
|
||||
#include "mozilla/dom/network/TCPSocketChild.h"
|
||||
#include "mozilla/Preferences.h"
|
||||
|
||||
using mozilla::dom::TCPSocketChild;
|
||||
|
||||
namespace mozilla {
|
||||
namespace net {
|
||||
|
||||
static bool gDisableIPCSecurity = false;
|
||||
static const char kPrefDisableIPCSecurity[] = "network.disable.ipc.security";
|
||||
|
||||
PNeckoChild *gNeckoChild = nullptr;
|
||||
|
||||
// C++ file contents
|
||||
NeckoChild::NeckoChild()
|
||||
{
|
||||
Preferences::AddBoolVarCache(&gDisableIPCSecurity, kPrefDisableIPCSecurity);
|
||||
}
|
||||
|
||||
NeckoChild::~NeckoChild()
|
||||
|
||||
@ -11,6 +11,7 @@
|
||||
#include "nsXULAppAPI.h"
|
||||
#include "prenv.h"
|
||||
#include "nsPrintfCString.h"
|
||||
#include "mozilla/Preferences.h"
|
||||
|
||||
#if defined(DEBUG) || defined(ENABLE_TESTS)
|
||||
# define NECKO_ERRORS_ARE_FATAL_DEFAULT true
|
||||
@ -95,6 +96,22 @@ IsNeckoChild()
|
||||
return amChild;
|
||||
}
|
||||
|
||||
// This should always return true unless xpcshell tests are being used
|
||||
inline bool
|
||||
UsingNeckoIPCSecurity()
|
||||
{
|
||||
static bool securityDisabled = true;
|
||||
static bool registeredBool = false;
|
||||
|
||||
if (!registeredBool) {
|
||||
Preferences::AddBoolVarCache(&securityDisabled,
|
||||
"network.disable.ipc.security");
|
||||
registeredBool = true;
|
||||
}
|
||||
return !securityDisabled;
|
||||
}
|
||||
|
||||
|
||||
|
||||
} // namespace net
|
||||
} // namespace mozilla
|
||||
|
||||
@ -16,7 +16,6 @@
|
||||
#include "mozilla/dom/TabParent.h"
|
||||
#include "mozilla/dom/network/TCPSocketParent.h"
|
||||
#include "mozilla/ipc/URIUtils.h"
|
||||
#include "mozilla/Preferences.h"
|
||||
#include "mozilla/LoadContext.h"
|
||||
#include "nsPrintfCString.h"
|
||||
#include "nsHTMLDNSPrefetch.h"
|
||||
@ -31,15 +30,10 @@ using IPC::SerializedLoadContext;
|
||||
namespace mozilla {
|
||||
namespace net {
|
||||
|
||||
static bool gDisableIPCSecurity = false;
|
||||
static const char kPrefDisableIPCSecurity[] = "network.disable.ipc.security";
|
||||
|
||||
// C++ file contents
|
||||
NeckoParent::NeckoParent()
|
||||
{
|
||||
Preferences::AddBoolVarCache(&gDisableIPCSecurity, kPrefDisableIPCSecurity);
|
||||
|
||||
if (!gDisableIPCSecurity) {
|
||||
if (UsingNeckoIPCSecurity()) {
|
||||
// cache values for core/packaged apps basepaths
|
||||
nsAutoString corePath, webPath;
|
||||
nsCOMPtr<nsIAppsService> appsService = do_GetService(APPS_SERVICE_CONTRACTID);
|
||||
@ -76,7 +70,7 @@ NeckoParent::GetValidatedAppInfo(const SerializedLoadContext& aSerialized,
|
||||
uint32_t* aAppId,
|
||||
bool* aInBrowserElement)
|
||||
{
|
||||
if (!gDisableIPCSecurity) {
|
||||
if (UsingNeckoIPCSecurity()) {
|
||||
if (!aBrowser) {
|
||||
return "missing required PBrowser argument";
|
||||
}
|
||||
@ -102,7 +96,7 @@ NeckoParent::GetValidatedAppInfo(const SerializedLoadContext& aSerialized,
|
||||
if (tabParent->HasOwnApp()) {
|
||||
return "TabParent reports NECKO_NO_APP_ID but also is an app";
|
||||
}
|
||||
if (!gDisableIPCSecurity && tabParent->IsBrowserElement()) {
|
||||
if (UsingNeckoIPCSecurity() && tabParent->IsBrowserElement()) {
|
||||
// <iframe mozbrowser> which doesn't have an <iframe mozapp> above it.
|
||||
// This is not supported now, and we'll need to do a code audit to make
|
||||
// sure we can handle it (i.e don't short-circuit using separate
|
||||
@ -113,8 +107,8 @@ NeckoParent::GetValidatedAppInfo(const SerializedLoadContext& aSerialized,
|
||||
} else {
|
||||
// Only trust appId/inBrowser from child-side loadcontext if we're in
|
||||
// testing mode: allows xpcshell tests to masquerade as apps
|
||||
MOZ_ASSERT(gDisableIPCSecurity);
|
||||
if (!gDisableIPCSecurity) {
|
||||
MOZ_ASSERT(!UsingNeckoIPCSecurity());
|
||||
if (UsingNeckoIPCSecurity()) {
|
||||
return "internal error";
|
||||
}
|
||||
if (aSerialized.IsNotNull()) {
|
||||
@ -145,7 +139,7 @@ NeckoParent::CreateChannelLoadContext(PBrowserParent* aBrowser,
|
||||
topFrameElement = tabParent->GetOwnerElement();
|
||||
}
|
||||
|
||||
// if gDisableIPCSecurity, we may not have a LoadContext to set. This is
|
||||
// if !UsingNeckoIPCSecurity(), we may not have a LoadContext to set. This is
|
||||
// the common case for most xpcshell tests.
|
||||
if (aSerialized.IsNotNull()) {
|
||||
aResult = new LoadContext(aSerialized, topFrameElement, appId, inBrowser);
|
||||
@ -310,7 +304,7 @@ NeckoParent::AllocPRemoteOpenFile(const URIParams& aURI,
|
||||
}
|
||||
|
||||
// security checks
|
||||
if (!gDisableIPCSecurity) {
|
||||
if (UsingNeckoIPCSecurity()) {
|
||||
if (!aBrowser) {
|
||||
printf_stderr("NeckoParent::AllocPRemoteOpenFile: "
|
||||
"FATAL error: missing TabParent: KILLING CHILD PROCESS\n");
|
||||
|
||||
Loading…
Reference in New Issue
Block a user