mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 767134 - Stuff the source principal into nsIContentPolicy (r=bz, sr=jst)
This commit is contained in:
parent
653c98d763
commit
7a3e5d2a07
@ -125,14 +125,16 @@ NS_CP_ContentTypeName(PRUint32 contentType)
|
|||||||
return NS_ERROR_FAILURE; \
|
return NS_ERROR_FAILURE; \
|
||||||
\
|
\
|
||||||
return policy-> action (contentType, contentLocation, requestOrigin, \
|
return policy-> action (contentType, contentLocation, requestOrigin, \
|
||||||
context, mimeType, extra, decision); \
|
context, mimeType, extra, originPrincipal, \
|
||||||
|
decision); \
|
||||||
PR_END_MACRO
|
PR_END_MACRO
|
||||||
|
|
||||||
/* Passes on parameters from its "caller"'s context. */
|
/* Passes on parameters from its "caller"'s context. */
|
||||||
#define CHECK_CONTENT_POLICY_WITH_SERVICE(action, _policy) \
|
#define CHECK_CONTENT_POLICY_WITH_SERVICE(action, _policy) \
|
||||||
PR_BEGIN_MACRO \
|
PR_BEGIN_MACRO \
|
||||||
return _policy-> action (contentType, contentLocation, requestOrigin, \
|
return _policy-> action (contentType, contentLocation, requestOrigin, \
|
||||||
context, mimeType, extra, decision); \
|
context, mimeType, extra, originPrincipal, \
|
||||||
|
decision); \
|
||||||
PR_END_MACRO
|
PR_END_MACRO
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -5,6 +5,7 @@
|
|||||||
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||||
|
|
||||||
#include "nsISupports.idl"
|
#include "nsISupports.idl"
|
||||||
|
#include "nsIPrincipal.idl"
|
||||||
|
|
||||||
interface nsIURI;
|
interface nsIURI;
|
||||||
interface nsIDOMNode;
|
interface nsIDOMNode;
|
||||||
@ -18,7 +19,7 @@ interface nsIDOMNode;
|
|||||||
* by launching a dialog to prompt the user for something).
|
* by launching a dialog to prompt the user for something).
|
||||||
*/
|
*/
|
||||||
|
|
||||||
[scriptable,uuid(344f9cb0-9a17-44c5-ab96-ee707884266c)]
|
[scriptable,uuid(e590e74f-bac7-4876-8c58-54dde92befb2)]
|
||||||
interface nsIContentPolicy : nsISupports
|
interface nsIContentPolicy : nsISupports
|
||||||
{
|
{
|
||||||
const unsigned long TYPE_OTHER = 1;
|
const unsigned long TYPE_OTHER = 1;
|
||||||
@ -209,7 +210,8 @@ interface nsIContentPolicy : nsISupports
|
|||||||
in nsIURI aRequestOrigin,
|
in nsIURI aRequestOrigin,
|
||||||
in nsISupports aContext,
|
in nsISupports aContext,
|
||||||
in ACString aMimeTypeGuess,
|
in ACString aMimeTypeGuess,
|
||||||
in nsISupports aExtra);
|
in nsISupports aExtra,
|
||||||
|
[optional] in nsIPrincipal aRequestPrincipal);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Should the resource be processed?
|
* Should the resource be processed?
|
||||||
@ -251,6 +253,7 @@ interface nsIContentPolicy : nsISupports
|
|||||||
in nsIURI aRequestOrigin,
|
in nsIURI aRequestOrigin,
|
||||||
in nsISupports aContext,
|
in nsISupports aContext,
|
||||||
in ACString aMimeType,
|
in ACString aMimeType,
|
||||||
in nsISupports aExtra);
|
in nsISupports aExtra,
|
||||||
|
[optional] in nsIPrincipal aRequestPrincipal);
|
||||||
|
|
||||||
};
|
};
|
||||||
|
@ -57,6 +57,7 @@ CSPService::ShouldLoad(PRUint32 aContentType,
|
|||||||
nsISupports *aRequestContext,
|
nsISupports *aRequestContext,
|
||||||
const nsACString &aMimeTypeGuess,
|
const nsACString &aMimeTypeGuess,
|
||||||
nsISupports *aExtra,
|
nsISupports *aExtra,
|
||||||
|
nsIPrincipal *aRequestPrincipal,
|
||||||
PRInt16 *aDecision)
|
PRInt16 *aDecision)
|
||||||
{
|
{
|
||||||
if (!aContentLocation)
|
if (!aContentLocation)
|
||||||
@ -123,6 +124,7 @@ CSPService::ShouldProcess(PRUint32 aContentType,
|
|||||||
nsISupports *aRequestContext,
|
nsISupports *aRequestContext,
|
||||||
const nsACString &aMimeTypeGuess,
|
const nsACString &aMimeTypeGuess,
|
||||||
nsISupports *aExtra,
|
nsISupports *aExtra,
|
||||||
|
nsIPrincipal *aRequestPrincipal,
|
||||||
PRInt16 *aDecision)
|
PRInt16 *aDecision)
|
||||||
{
|
{
|
||||||
if (!aContentLocation)
|
if (!aContentLocation)
|
||||||
|
@ -76,6 +76,7 @@ nsContentPolicy::CheckPolicy(CPMethod policyMethod,
|
|||||||
nsISupports *requestingContext,
|
nsISupports *requestingContext,
|
||||||
const nsACString &mimeType,
|
const nsACString &mimeType,
|
||||||
nsISupports *extra,
|
nsISupports *extra,
|
||||||
|
nsIPrincipal *requestPrincipal,
|
||||||
PRInt16 *decision)
|
PRInt16 *decision)
|
||||||
{
|
{
|
||||||
//sanity-check passed-through parameters
|
//sanity-check passed-through parameters
|
||||||
@ -122,7 +123,8 @@ nsContentPolicy::CheckPolicy(CPMethod policyMethod,
|
|||||||
/* check the appropriate policy */
|
/* check the appropriate policy */
|
||||||
rv = (entries[i]->*policyMethod)(contentType, contentLocation,
|
rv = (entries[i]->*policyMethod)(contentType, contentLocation,
|
||||||
requestingLocation, requestingContext,
|
requestingLocation, requestingContext,
|
||||||
mimeType, extra, decision);
|
mimeType, extra, requestPrincipal,
|
||||||
|
decision);
|
||||||
|
|
||||||
if (NS_SUCCEEDED(rv) && NS_CP_REJECTED(*decision)) {
|
if (NS_SUCCEEDED(rv) && NS_CP_REJECTED(*decision)) {
|
||||||
/* policy says no, no point continuing to check */
|
/* policy says no, no point continuing to check */
|
||||||
@ -177,13 +179,15 @@ nsContentPolicy::ShouldLoad(PRUint32 contentType,
|
|||||||
nsISupports *requestingContext,
|
nsISupports *requestingContext,
|
||||||
const nsACString &mimeType,
|
const nsACString &mimeType,
|
||||||
nsISupports *extra,
|
nsISupports *extra,
|
||||||
|
nsIPrincipal *requestPrincipal,
|
||||||
PRInt16 *decision)
|
PRInt16 *decision)
|
||||||
{
|
{
|
||||||
// ShouldProcess does not need a content location, but we do
|
// ShouldProcess does not need a content location, but we do
|
||||||
NS_PRECONDITION(contentLocation, "Must provide request location");
|
NS_PRECONDITION(contentLocation, "Must provide request location");
|
||||||
nsresult rv = CheckPolicy(&nsIContentPolicy::ShouldLoad, contentType,
|
nsresult rv = CheckPolicy(&nsIContentPolicy::ShouldLoad, contentType,
|
||||||
contentLocation, requestingLocation,
|
contentLocation, requestingLocation,
|
||||||
requestingContext, mimeType, extra, decision);
|
requestingContext, mimeType, extra,
|
||||||
|
requestPrincipal, decision);
|
||||||
LOG_CHECK("ShouldLoad");
|
LOG_CHECK("ShouldLoad");
|
||||||
|
|
||||||
return rv;
|
return rv;
|
||||||
@ -196,11 +200,13 @@ nsContentPolicy::ShouldProcess(PRUint32 contentType,
|
|||||||
nsISupports *requestingContext,
|
nsISupports *requestingContext,
|
||||||
const nsACString &mimeType,
|
const nsACString &mimeType,
|
||||||
nsISupports *extra,
|
nsISupports *extra,
|
||||||
|
nsIPrincipal *requestPrincipal,
|
||||||
PRInt16 *decision)
|
PRInt16 *decision)
|
||||||
{
|
{
|
||||||
nsresult rv = CheckPolicy(&nsIContentPolicy::ShouldProcess, contentType,
|
nsresult rv = CheckPolicy(&nsIContentPolicy::ShouldProcess, contentType,
|
||||||
contentLocation, requestingLocation,
|
contentLocation, requestingLocation,
|
||||||
requestingContext, mimeType, extra, decision);
|
requestingContext, mimeType, extra,
|
||||||
|
requestPrincipal, decision);
|
||||||
LOG_CHECK("ShouldProcess");
|
LOG_CHECK("ShouldProcess");
|
||||||
|
|
||||||
return rv;
|
return rv;
|
||||||
|
@ -31,7 +31,8 @@ class nsContentPolicy : public nsIContentPolicy
|
|||||||
NS_STDCALL_FUNCPROTO(nsresult, CPMethod, nsIContentPolicy,
|
NS_STDCALL_FUNCPROTO(nsresult, CPMethod, nsIContentPolicy,
|
||||||
ShouldProcess,
|
ShouldProcess,
|
||||||
(PRUint32, nsIURI*, nsIURI*, nsISupports*,
|
(PRUint32, nsIURI*, nsIURI*, nsISupports*,
|
||||||
const nsACString &, nsISupports*, PRInt16*));
|
const nsACString &, nsISupports*, nsIPrincipal*,
|
||||||
|
PRInt16*));
|
||||||
|
|
||||||
//Helper method that applies policyMethod across all policies in mPolicies
|
//Helper method that applies policyMethod across all policies in mPolicies
|
||||||
// with the given parameters
|
// with the given parameters
|
||||||
@ -39,6 +40,7 @@ class nsContentPolicy : public nsIContentPolicy
|
|||||||
nsIURI *aURI, nsIURI *origURI,
|
nsIURI *aURI, nsIURI *origURI,
|
||||||
nsISupports *requestingContext,
|
nsISupports *requestingContext,
|
||||||
const nsACString &mimeGuess, nsISupports *extra,
|
const nsACString &mimeGuess, nsISupports *extra,
|
||||||
|
nsIPrincipal *requestPrincipal,
|
||||||
PRInt16 *decision);
|
PRInt16 *decision);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -37,6 +37,7 @@ nsDataDocumentContentPolicy::ShouldLoad(PRUint32 aContentType,
|
|||||||
nsISupports *aRequestingContext,
|
nsISupports *aRequestingContext,
|
||||||
const nsACString &aMimeGuess,
|
const nsACString &aMimeGuess,
|
||||||
nsISupports *aExtra,
|
nsISupports *aExtra,
|
||||||
|
nsIPrincipal *aRequestPrincipal,
|
||||||
PRInt16 *aDecision)
|
PRInt16 *aDecision)
|
||||||
{
|
{
|
||||||
*aDecision = nsIContentPolicy::ACCEPT;
|
*aDecision = nsIContentPolicy::ACCEPT;
|
||||||
@ -129,8 +130,10 @@ nsDataDocumentContentPolicy::ShouldProcess(PRUint32 aContentType,
|
|||||||
nsISupports *aRequestingContext,
|
nsISupports *aRequestingContext,
|
||||||
const nsACString &aMimeGuess,
|
const nsACString &aMimeGuess,
|
||||||
nsISupports *aExtra,
|
nsISupports *aExtra,
|
||||||
|
nsIPrincipal *aRequestPrincipal,
|
||||||
PRInt16 *aDecision)
|
PRInt16 *aDecision)
|
||||||
{
|
{
|
||||||
return ShouldLoad(aContentType, aContentLocation, aRequestingLocation,
|
return ShouldLoad(aContentType, aContentLocation, aRequestingLocation,
|
||||||
aRequestingContext, aMimeGuess, aExtra, aDecision);
|
aRequestingContext, aMimeGuess, aExtra, aRequestPrincipal,
|
||||||
|
aDecision);
|
||||||
}
|
}
|
||||||
|
@ -26,6 +26,7 @@ nsNoDataProtocolContentPolicy::ShouldLoad(PRUint32 aContentType,
|
|||||||
nsISupports *aRequestingContext,
|
nsISupports *aRequestingContext,
|
||||||
const nsACString &aMimeGuess,
|
const nsACString &aMimeGuess,
|
||||||
nsISupports *aExtra,
|
nsISupports *aExtra,
|
||||||
|
nsIPrincipal *aRequestPrincipal,
|
||||||
PRInt16 *aDecision)
|
PRInt16 *aDecision)
|
||||||
{
|
{
|
||||||
*aDecision = nsIContentPolicy::ACCEPT;
|
*aDecision = nsIContentPolicy::ACCEPT;
|
||||||
@ -70,8 +71,10 @@ nsNoDataProtocolContentPolicy::ShouldProcess(PRUint32 aContentType,
|
|||||||
nsISupports *aRequestingContext,
|
nsISupports *aRequestingContext,
|
||||||
const nsACString &aMimeGuess,
|
const nsACString &aMimeGuess,
|
||||||
nsISupports *aExtra,
|
nsISupports *aExtra,
|
||||||
|
nsIPrincipal *aRequestPrincipal,
|
||||||
PRInt16 *aDecision)
|
PRInt16 *aDecision)
|
||||||
{
|
{
|
||||||
return ShouldLoad(aContentType, aContentLocation, aRequestingLocation,
|
return ShouldLoad(aContentType, aContentLocation, aRequestingLocation,
|
||||||
aRequestingContext, aMimeGuess, aExtra, aDecision);
|
aRequestingContext, aMimeGuess, aExtra, aRequestPrincipal,
|
||||||
|
aDecision);
|
||||||
}
|
}
|
||||||
|
@ -8162,8 +8162,8 @@ nsDocShell::InternalLoad(nsIURI * aURI,
|
|||||||
}
|
}
|
||||||
|
|
||||||
// XXXbz would be nice to know the loading principal here... but we don't
|
// XXXbz would be nice to know the loading principal here... but we don't
|
||||||
nsCOMPtr<nsIPrincipal> loadingPrincipal;
|
nsCOMPtr<nsIPrincipal> loadingPrincipal = do_QueryInterface(aOwner);
|
||||||
if (aReferrer) {
|
if (!loadingPrincipal && aReferrer) {
|
||||||
nsCOMPtr<nsIScriptSecurityManager> secMan =
|
nsCOMPtr<nsIScriptSecurityManager> secMan =
|
||||||
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
|
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
|
||||||
NS_ENSURE_SUCCESS(rv, rv);
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
@ -8171,7 +8171,7 @@ nsDocShell::InternalLoad(nsIURI * aURI,
|
|||||||
rv = secMan->GetCodebasePrincipal(aReferrer,
|
rv = secMan->GetCodebasePrincipal(aReferrer,
|
||||||
getter_AddRefs(loadingPrincipal));
|
getter_AddRefs(loadingPrincipal));
|
||||||
}
|
}
|
||||||
|
|
||||||
rv = NS_CheckContentLoadPolicy(contentType,
|
rv = NS_CheckContentLoadPolicy(contentType,
|
||||||
aURI,
|
aURI,
|
||||||
loadingPrincipal,
|
loadingPrincipal,
|
||||||
|
@ -75,6 +75,7 @@ nsWebBrowserContentPolicy::ShouldLoad(PRUint32 contentType,
|
|||||||
nsISupports *requestingContext,
|
nsISupports *requestingContext,
|
||||||
const nsACString &mimeGuess,
|
const nsACString &mimeGuess,
|
||||||
nsISupports *extra,
|
nsISupports *extra,
|
||||||
|
nsIPrincipal *requestPrincipal,
|
||||||
PRInt16 *shouldLoad)
|
PRInt16 *shouldLoad)
|
||||||
{
|
{
|
||||||
return PerformPolicyCheck(contentType, requestingContext, shouldLoad);
|
return PerformPolicyCheck(contentType, requestingContext, shouldLoad);
|
||||||
@ -87,6 +88,7 @@ nsWebBrowserContentPolicy::ShouldProcess(PRUint32 contentType,
|
|||||||
nsISupports *requestingContext,
|
nsISupports *requestingContext,
|
||||||
const nsACString &mimeGuess,
|
const nsACString &mimeGuess,
|
||||||
nsISupports *extra,
|
nsISupports *extra,
|
||||||
|
nsIPrincipal *requestPrincipal,
|
||||||
PRInt16 *shouldProcess)
|
PRInt16 *shouldProcess)
|
||||||
{
|
{
|
||||||
*shouldProcess = nsIContentPolicy::ACCEPT;
|
*shouldProcess = nsIContentPolicy::ACCEPT;
|
||||||
|
@ -127,6 +127,7 @@ nsContentBlocker::ShouldLoad(PRUint32 aContentType,
|
|||||||
nsISupports *aRequestingContext,
|
nsISupports *aRequestingContext,
|
||||||
const nsACString &aMimeGuess,
|
const nsACString &aMimeGuess,
|
||||||
nsISupports *aExtra,
|
nsISupports *aExtra,
|
||||||
|
nsIPrincipal *aRequestPrincipal,
|
||||||
PRInt16 *aDecision)
|
PRInt16 *aDecision)
|
||||||
{
|
{
|
||||||
*aDecision = nsIContentPolicy::ACCEPT;
|
*aDecision = nsIContentPolicy::ACCEPT;
|
||||||
@ -188,12 +189,13 @@ nsContentBlocker::ShouldLoad(PRUint32 aContentType,
|
|||||||
}
|
}
|
||||||
|
|
||||||
NS_ASSERTION(aContentType != nsIContentPolicy::TYPE_OBJECT,
|
NS_ASSERTION(aContentType != nsIContentPolicy::TYPE_OBJECT,
|
||||||
"Shouldn't happen. Infinite loops are bad!");
|
"Shouldn't happen. Infinite loops are bad!");
|
||||||
|
|
||||||
// Found a type that tells us more about what we're loading. Try
|
// Found a type that tells us more about what we're loading. Try
|
||||||
// the permissions check again!
|
// the permissions check again!
|
||||||
return ShouldLoad(aContentType, aContentLocation, aRequestingLocation,
|
return ShouldLoad(aContentType, aContentLocation, aRequestingLocation,
|
||||||
aRequestingContext, aMimeGuess, aExtra, aDecision);
|
aRequestingContext, aMimeGuess, aExtra, aRequestPrincipal,
|
||||||
|
aDecision);
|
||||||
}
|
}
|
||||||
|
|
||||||
NS_IMETHODIMP
|
NS_IMETHODIMP
|
||||||
@ -203,6 +205,7 @@ nsContentBlocker::ShouldProcess(PRUint32 aContentType,
|
|||||||
nsISupports *aRequestingContext,
|
nsISupports *aRequestingContext,
|
||||||
const nsACString &aMimeGuess,
|
const nsACString &aMimeGuess,
|
||||||
nsISupports *aExtra,
|
nsISupports *aExtra,
|
||||||
|
nsIPrincipal *aRequestPrincipal,
|
||||||
PRInt16 *aDecision)
|
PRInt16 *aDecision)
|
||||||
{
|
{
|
||||||
// For loads where aRequestingContext is chrome, we should just
|
// For loads where aRequestingContext is chrome, we should just
|
||||||
@ -223,7 +226,8 @@ nsContentBlocker::ShouldProcess(PRUint32 aContentType,
|
|||||||
// This isn't a load from chrome. Just do a ShouldLoad() check --
|
// This isn't a load from chrome. Just do a ShouldLoad() check --
|
||||||
// we want the same answer here
|
// we want the same answer here
|
||||||
return ShouldLoad(aContentType, aContentLocation, aRequestingLocation,
|
return ShouldLoad(aContentType, aContentLocation, aRequestingLocation,
|
||||||
aRequestingContext, aMimeGuess, aExtra, aDecision);
|
aRequestingContext, aMimeGuess, aExtra, aRequestPrincipal,
|
||||||
|
aDecision);
|
||||||
}
|
}
|
||||||
|
|
||||||
nsresult
|
nsresult
|
||||||
|
Loading…
Reference in New Issue
Block a user