wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Backout ea6db8f420c0 (bug 770831), b51c79ee0883 (bug 774957), 020f6ed5958b (bug 758258), 11d8e19e1fca (bug 758258), 707fc51bfe2e (bug 775354), 489d944a6fe6 (bug 327244), be7df3c9d50f (bug 327244) for m-oth orange

Browse Source
This commit is contained in:
Ed Morley 2012-07-19 08:29:48 +01:00
parent da708e688e
commit 80af77da9d
27 changed files with 218 additions and 550 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
caps/idl/nsIScriptSecurityManager.idl
View File

@ -9,7 +9,7 @@
interface nsIURI;
interface nsIChannel;
[scriptable, uuid(bd94820d-4fd5-4d57-a40e-406ee72d27b7)]
[scriptable, uuid(cdb27711-492b-4973-938b-de81ac124658)]
interface nsIScriptSecurityManager : nsIXPCSecurityManager
{
///////////////// Security Checks //////////////////
@ -84,6 +84,21 @@ interface nsIScriptSecurityManager : nsIXPCSecurityManager
in nsIURI uri,
in unsigned long flags);
/**
* Check that content from "from" can load "uri".
*
* Will return error code NS_ERROR_DOM_BAD_URI if the load request
* should be denied.
*
* @param from the URI causing the load
* @param uri the URI that is being loaded
* @param flags the permission set, see above
*
* @deprecated Use checkLoadURIWithPrincipal instead of this function.
*/
[deprecated] void checkLoadURI(in nsIURI from, in nsIURI uri,
in unsigned long flags);
/**
* Similar to checkLoadURIWithPrincipal but there are two differences:
*
@ -97,6 +112,15 @@ interface nsIScriptSecurityManager : nsIXPCSecurityManager
in AUTF8String uri,
in unsigned long flags);
/**
* Same as CheckLoadURI but takes string arguments for ease of use
* by scripts
*
* @deprecated Use checkLoadURIStrWithPrincipal instead of this function.
*/
[deprecated] void checkLoadURIStr(in AUTF8String from, in AUTF8String uri,
in unsigned long flags);
/**
* Check that the function 'funObj' is allowed to run on 'targetObj'
*
@ -236,18 +260,6 @@ interface nsIScriptSecurityManager : nsIXPCSecurityManager
[noscript,notxpcom] nsIPrincipal getCxSubjectPrincipal(in JSContextPtr cx);
[noscript,notxpcom] nsIPrincipal getCxSubjectPrincipalAndFrame(in JSContextPtr cx,
out JSStackFramePtr fp);
const unsigned long NO_APP_ID = 0;
const unsigned long UNKNOWN_APP_ID = 4294967295; // PR_UINT32_MAX
/**
* Returns the extended origin for the uri.
* appId can be NO_APP_ID, UNKWOWN_APP_ID or a valid app id.
* inMozBrowser has to be true if the uri is inside a mozbrowser iframe.
*/
AUTF8String getExtendedOrigin(in nsIURI uri, in unsigned long appId,
in boolean inMozBrowser);
};
%{C++

5
caps/include/nsPrincipal.h
View File

@ -153,11 +153,6 @@ public:
virtual void GetScriptLocation(nsACString& aStr) MOZ_OVERRIDE;
void SetURI(nsIURI* aURI);
/**
* Computes the puny-encoded origin of aURI.
*/
static nsresult GetOriginForURI(nsIURI* aURI, char **aOrigin);
nsCOMPtr<nsIURI> mDomain;
nsCOMPtr<nsIURI> mCodebase;
// If mCodebaseImmutable is true, mCodebase is non-null and immutable

26
caps/src/nsPrincipal.cpp
View File

@ -656,17 +656,18 @@ nsPrincipal::GetScriptLocation(nsACString &aStr)
}
}
/* static */ nsresult
nsPrincipal::GetOriginForURI(nsIURI* aURI, char **aOrigin)
NS_IMETHODIMP
nsPrincipal::GetOrigin(char **aOrigin)
{
if (!aURI) {
return NS_ERROR_FAILURE;
}
*aOrigin = nsnull;
nsCOMPtr<nsIURI> origin = NS_GetInnermostURI(aURI);
nsCOMPtr<nsIURI> origin;
if (mCodebase) {
origin = NS_GetInnermostURI(mCodebase);
}
if (!origin) {
NS_ASSERTION(mCert, "No Domain or Codebase for a non-cert principal");
return NS_ERROR_FAILURE;
}
@ -682,9 +683,8 @@ nsPrincipal::GetOriginForURI(nsIURI* aURI, char **aOrigin)
rv = origin->GetAsciiHost(hostPort);
// Some implementations return an empty string, treat it as no support
// for asciiHost by that implementation.
if (hostPort.IsEmpty()) {
if (hostPort.IsEmpty())
rv = NS_ERROR_FAILURE;
}
}
PRInt32 port;
@ -701,7 +701,6 @@ nsPrincipal::GetOriginForURI(nsIURI* aURI, char **aOrigin)
nsCAutoString scheme;
rv = origin->GetScheme(scheme);
NS_ENSURE_SUCCESS(rv, rv);
*aOrigin = ToNewCString(scheme + NS_LITERAL_CSTRING("://") + hostPort);
}
else {
@ -712,19 +711,12 @@ nsPrincipal::GetOriginForURI(nsIURI* aURI, char **aOrigin)
// both fall back to GetSpec. That needs to be fixed.
rv = origin->GetAsciiSpec(spec);
NS_ENSURE_SUCCESS(rv, rv);
*aOrigin = ToNewCString(spec);
}
return *aOrigin ? NS_OK : NS_ERROR_OUT_OF_MEMORY;
}
NS_IMETHODIMP
nsPrincipal::GetOrigin(char **aOrigin)
{
return GetOriginForURI(mCodebase, aOrigin);
}
NS_IMETHODIMP
nsPrincipal::Equals(nsIPrincipal *aOther, bool *aResult)
{

78
caps/src/nsScriptSecurityManager.cpp
View File

@ -60,7 +60,6 @@
#include "mozilla/dom/BindingUtils.h"
#include "mozilla/StandardInteger.h"
#include "mozilla/ClearOnShutdown.h"
#include "nsIAppsService.h"
using namespace mozilla;
using namespace mozilla::dom;
@ -1263,6 +1262,25 @@ nsScriptSecurityManager::CheckLoadURIFromScript(JSContext *cx, nsIURI *aURI)
return NS_ERROR_DOM_BAD_URI;
}
NS_IMETHODIMP
nsScriptSecurityManager::CheckLoadURI(nsIURI *aSourceURI, nsIURI *aTargetURI,
PRUint32 aFlags)
{
// FIXME: bug 327244 -- this function should really die... Really truly.
NS_PRECONDITION(aSourceURI, "CheckLoadURI called with null source URI");
NS_ENSURE_ARG_POINTER(aSourceURI);
// Note: this is not _quite_ right if aSourceURI has
// NS_NULLPRINCIPAL_SCHEME, but we'll just extract the scheme in
// CheckLoadURIWithPrincipal anyway, so this is good enough. This method
// really needs to go away....
nsCOMPtr<nsIPrincipal> sourcePrincipal;
nsresult rv = CreateCodebasePrincipal(aSourceURI,
getter_AddRefs(sourcePrincipal));
NS_ENSURE_SUCCESS(rv, rv);
return CheckLoadURIWithPrincipal(sourcePrincipal, aTargetURI, aFlags);
}
/**
* Helper method to handle cases where a flag passed to
* CheckLoadURIWithPrincipal means denying loading if the given URI has certain
@ -1569,6 +1587,30 @@ nsScriptSecurityManager::ReportError(JSContext* cx, const nsAString& messageTag,
return NS_OK;
}
NS_IMETHODIMP
nsScriptSecurityManager::CheckLoadURIStr(const nsACString& aSourceURIStr,
const nsACString& aTargetURIStr,
PRUint32 aFlags)
{
// FIXME: bug 327244 -- this function should really die... Really truly.
nsCOMPtr<nsIURI> source;
nsresult rv = NS_NewURI(getter_AddRefs(source), aSourceURIStr,
nsnull, nsnull, sIOService);
NS_ENSURE_SUCCESS(rv, rv);
// Note: this is not _quite_ right if aSourceURI has
// NS_NULLPRINCIPAL_SCHEME, but we'll just extract the scheme in
// CheckLoadURIWithPrincipal anyway, so this is good enough. This method
// really needs to go away....
nsCOMPtr<nsIPrincipal> sourcePrincipal;
rv = CreateCodebasePrincipal(source,
getter_AddRefs(sourcePrincipal));
NS_ENSURE_SUCCESS(rv, rv);
return CheckLoadURIStrWithPrincipal(sourcePrincipal, aTargetURIStr,
aFlags);
}
NS_IMETHODIMP
nsScriptSecurityManager::CheckLoadURIStrWithPrincipal(nsIPrincipal* aPrincipal,
const nsACString& aTargetURIStr,
@ -3552,40 +3594,6 @@ nsScriptSecurityManager::InitPrefs()
return NS_OK;
}
NS_IMETHODIMP
nsScriptSecurityManager::GetExtendedOrigin(nsIURI* aURI,
PRUint32 aAppId,
bool aInMozBrowser,
nsACString& aExtendedOrigin)
{
MOZ_ASSERT(aURI);
if (aAppId == UNKNOWN_APP_ID) {
aExtendedOrigin.Truncate();
return NS_OK;
}
// Fallback.
if (aAppId == nsIScriptSecurityManager::NO_APP_ID && !aInMozBrowser) {
nsCAutoString origin;
nsPrincipal::GetOriginForURI(aURI, getter_Copies(origin));
aExtendedOrigin.Assign(origin);
return NS_OK;
}
nsCAutoString origin;
nsPrincipal::GetOriginForURI(aURI, getter_Copies(origin));
// aExtendedOrigin = origin + " " + aAppId + " " + int(aInMozBrowser)
aExtendedOrigin.Assign(origin + NS_LITERAL_CSTRING("@"));
aExtendedOrigin.AppendInt(aAppId);
aExtendedOrigin.Append(aInMozBrowser ? NS_LITERAL_CSTRING("t")
: NS_LITERAL_CSTRING("f"));
return NS_OK;
}
///////////////////////////////////////////////////////////////////////////////
// The following code prints the contents of the policy DB to the console.
#ifdef DEBUG_CAPS_HACKER

3
caps/tests/mochitest/Makefile.in
View File

@ -18,9 +18,6 @@ MOCHITEST_FILES = test_bug423375.html \
test_disallowInheritPrincipal.html \
$(NULL)
MOCHITEST_CHROME_FILES = test_principal_extendedorigin_appid_appstatus.html \
$(NULL)
test_bug292789.html : % : %.in
$(PYTHON) $(topsrcdir)/config/Preprocessor.py \
$(AUTOMATION_PPARGS) $(DEFINES) $(ACDEFINES) $< > $@

143
caps/tests/mochitest/test_principal_extendedorigin_appid_appstatus.html
View File

@ -1,143 +0,0 @@
<!DOCTYPE HTML>
<html>
<!--
https://bugzilla.mozilla.org/show_bug.cgi?id=758258
-->
<head>
<meta charset="utf-8">
<title>Test for nsIPrincipal extendedOrigin, appStatus and appId</title>
<script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"?>
</head>
<body>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=758258">Mozilla Bug 758258</a>
<p id="display"></p>
<div id="content">
</div>
<pre id="test">
<script type="application/javascript">
/** Test for Bug 758258 **/
SimpleTest.waitForExplicitFinish();
var gData = [
{
app: "http://example.org/manifest.webapp",
origin: "http://example.org",
},
{
app: "https://example.com:443/manifest.webapp",
origin: "https://example.com",
},
{
app: "http://test1.example.org/manifest.webapp",
origin: "http://test1.example.org",
},
{
app: "http://test1.example.org:8000/manifest.webapp",
origin: "http://test1.example.org:8000",
},
{
app: "http://sub1.test1.example.org/manifest.webapp",
origin: "http://sub1.test1.example.org",
},
{
app: "http://example.org/foo/manifest.webapp",
origin: "http://example.org",
},
{
app: "http://example.org/bar/manifest.webapp",
origin: "http://example.org",
},
{
browser: true,
origin: "http://example.org",
},
{
origin: "http://example.org",
},
{
app: "http://example.org/wedonthaveanyappinthatdirectory/manifest.webapp",
origin: "http://example.org",
},
{
app: "http://example.org/manifest.webapp",
origin: "data:text/html,foobar",
test: [ "todo-origin" ],
},
{
app: "http://example.org/manifest.webapp",
origin: "data:text/html,foobar2",
test: [ "todo-origin" ],
},
{
origin: "file:///",
},
{
origin: "file:///tmp",
},
{
app: "http://example.org/manifest.webapp",
origin: "file:///",
},
{
app: "http://example.org/manifest.webapp",
origin: "file:///tmp",
},
];
var content = document.getElementById('content');
var checkedCount = 0;
var checksTodo = gData.length;
function checkPrincipalForIFrame(aFrame, data) {
var principal = aFrame.contentDocument.nodePrincipal;
// TODO: TEMP.
if (!data.test) {
data.test = [];
}
if (data.test.indexOf('todo-origin') == -1) {
is(principal.URI.origin, data.origin, 'the correct URL should have been loaded');
}
checkedCount++;
if (checkedCount == checksTodo) {
SimpleTest.finish();
}
}
is('appStatus' in document.nodePrincipal, false,
'appStatus should not be present in nsIPrincipal');
is('extendedOrigin' in document.nodePrincipal, false,
'extendedOrigin should not be present in nsIPrincipal');
is('appId' in document.nodePrincipal, false,
'appId should not be present in nsIPrincipal');
gData.forEach(function(data) {
var iframe = document.createElement('iframe');
iframe.checkPrincipal = function() {
checkPrincipalForIFrame(this, data);
};
if (data.app) {
iframe.setAttribute('mozapp', data.app);
iframe.setAttribute('mozbrowser', '');
} else if (data.browser) {
iframe.setAttribute('mozbrowser', '');
}
iframe.src = data.origin;
iframe.addEventListener('load', iframe.checkPrincipal.bind(iframe));
content.appendChild(iframe);
});
</script>
</pre>
</body>
</html>

14
content/base/src/contentAreaDropListener.js
View File

@ -66,12 +66,12 @@ ContentAreaDropListener.prototype =
uriString = uriString.replace(/^\s*|\s*$/g, '');
let uri;
let ioService = Cc["@mozilla.org/network/io-service;1"]
.getService(Components.interfaces.nsIIOService);
try {
// Check that the uri is valid first and return an empty string if not.
// It may just be plain text and should be ignored here
uri = ioService.newURI(uriString, null, null);
uri = Cc["@mozilla.org/network/io-service;1"].
getService(Components.interfaces.nsIIOService).
newURI(uriString, null, null);
} catch (ex) { }
if (!uri)
return uriString;
@ -85,10 +85,10 @@ ContentAreaDropListener.prototype =
flags |= secMan.DISALLOW_INHERIT_PRINCIPAL;
// Use file:/// as the default uri so that drops of file URIs are always allowed
let principal = sourceNode ? sourceNode.principal
: secMan.getCodebasePrincipal(ioService.newURI("file:///", null, null));
secMan.checkLoadURIStrWithPrincipal(principal, uriString, flags);
if (sourceNode)
secMan.checkLoadURIStrWithPrincipal(sourceNode.nodePrincipal, uriString, flags);
else
secMan.checkLoadURIStr("file:///", uriString, flags);
return uriString;
},

2
content/base/src/nsDocument.cpp
View File

@ -3087,7 +3087,7 @@ nsDocument::SetHeaderData(nsIAtom* aHeaderField, const nsAString& aData)
// should really be the same thing). Note that this code can run
// before the current URI of the webnavigation has been updated, so we
// can't assert equality here.
refresher->SetupRefreshURIFromHeader(mDocumentURI, NodePrincipal(),
refresher->SetupRefreshURIFromHeader(mDocumentURI,
NS_ConvertUTF16toUTF8(aData));
}
}

46
content/base/src/nsFrameLoader.cpp
View File

@ -80,7 +80,6 @@
#include "mozilla/unused.h"
#include "mozilla/dom/Element.h"
#include "mozilla/layout/RenderFrameParent.h"
#include "nsIAppsService.h"
#include "jsapi.h"
@ -1110,29 +1109,14 @@ nsFrameLoader::SwapWithOtherLoader(nsFrameLoader* aOther,
return NS_ERROR_NOT_IMPLEMENTED;
}
bool ourContentBoundary, otherContentBoundary;
ourDocshell->GetIsContentBoundary(&ourContentBoundary);
otherDocshell->GetIsContentBoundary(&otherContentBoundary);
if (ourContentBoundary != otherContentBoundary) {
bool weAreBrowserFrame = false;
bool otherIsBrowserFrame = false;
ourDocshell->GetIsBrowserFrame(&weAreBrowserFrame);
otherDocshell->GetIsBrowserFrame(&otherIsBrowserFrame);
if (weAreBrowserFrame != otherIsBrowserFrame) {
return NS_ERROR_NOT_IMPLEMENTED;
}
if (ourContentBoundary) {
bool ourIsBrowser, otherIsBrowser;
ourDocshell->GetIsBrowserElement(&ourIsBrowser);
otherDocshell->GetIsBrowserElement(&otherIsBrowser);
if (ourIsBrowser != otherIsBrowser) {
return NS_ERROR_NOT_IMPLEMENTED;
}
bool ourIsApp, otherIsApp;
ourDocshell->GetIsApp(&ourIsApp);
otherDocshell->GetIsApp(&otherIsApp);
if (ourIsApp != otherIsApp) {
return NS_ERROR_NOT_IMPLEMENTED;
}
}
if (mInSwap || aOther->mInSwap) {
return NS_ERROR_NOT_IMPLEMENTED;
}
@ -1477,24 +1461,6 @@ nsFrameLoader::MaybeCreateDocShell()
mDocShell = do_CreateInstance("@mozilla.org/docshell;1");
NS_ENSURE_TRUE(mDocShell, NS_ERROR_FAILURE);
if (OwnerIsBrowserFrame() &&
mOwnerContent->HasAttr(kNameSpaceID_None, nsGkAtoms::mozapp)) {
nsCOMPtr<nsIAppsService> appsService =
do_GetService(APPS_SERVICE_CONTRACTID);
if (!appsService) {
NS_ERROR("Apps Service is not available!");
return NS_ERROR_FAILURE;
}
nsAutoString manifest;
mOwnerContent->GetAttr(kNameSpaceID_None, nsGkAtoms::mozapp, manifest);
PRUint32 appId;
appsService->GetAppLocalIdByManifestURL(manifest, &appId);
mDocShell->SetAppId(appId);
}
if (!mNetworkCreated) {
nsCOMPtr<nsIDocShellHistory> history = do_QueryInterface(mDocShell);
if (history) {
@ -1597,7 +1563,7 @@ nsFrameLoader::MaybeCreateDocShell()
EnsureMessageManager();
if (OwnerIsBrowserFrame()) {
mDocShell->SetIsBrowser();
mDocShell->SetIsBrowserFrame(true);
nsCOMPtr<nsIObserverService> os = services::GetObserverService();
if (os) {

1
content/xslt/src/xslt/txMozillaXMLOutput.cpp
View File

@ -241,7 +241,6 @@ txMozillaXMLOutput::endDocument(nsresult aResult)
do_QueryInterface(win->GetDocShell());
if (refURI) {
refURI->SetupRefreshURIFromHeader(mDocument->GetDocBaseURI(),
mDocument->NodePrincipal(),
mRefreshString);
}
}

6
docshell/base/nsDSURIContentListener.cpp
View File

@ -311,9 +311,9 @@ bool nsDSURIContentListener::CheckOneFrameOptionsPolicy(nsIRequest *request,
parentDocShellItem) {
nsCOMPtr<nsIDocShell> curDocShell = do_QueryInterface(curDocShellItem);
bool isContentBoundary;
curDocShell->GetIsContentBoundary(&isContentBoundary);
if (isContentBoundary) {
bool browserFrame = false;
curDocShell->GetIsBrowserFrame(&browserFrame);
if (browserFrame) {
break;
}

170
docshell/base/nsDocShell.cpp
View File

@ -763,7 +763,6 @@ nsDocShell::nsDocShell():
#ifdef DEBUG
mInEnsureScriptEnv(false),
#endif
mAppId(nsIScriptSecurityManager::NO_APP_ID),
mParentCharsetSource(0)
{
mHistoryID = ++gDocshellIDCounter;
@ -5529,7 +5528,6 @@ nsDocShell::ForceRefreshURI(nsIURI * aURI,
nsresult
nsDocShell::SetupRefreshURIFromHeader(nsIURI * aBaseURI,
nsIPrincipal* aPrincipal,
const nsACString & aHeader)
{
// Refresh headers are parsed with the following format in mind
@ -5571,8 +5569,6 @@ nsDocShell::SetupRefreshURIFromHeader(nsIURI * aBaseURI,
// when done, seconds is 0 or the given number of seconds
// uriAttrib is empty or the URI specified
MOZ_ASSERT(aPrincipal);
nsCAutoString uriAttrib;
PRInt32 seconds = 0;
bool specifiesSeconds = false;
@ -5737,8 +5733,9 @@ nsDocShell::SetupRefreshURIFromHeader(nsIURI * aBaseURI,
(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv));
if (NS_SUCCEEDED(rv)) {
rv = securityManager->
CheckLoadURIWithPrincipal(aPrincipal, uri,
nsIScriptSecurityManager::LOAD_IS_AUTOMATIC_DOCUMENT_REPLACEMENT);
CheckLoadURI(aBaseURI, uri,
nsIScriptSecurityManager::
LOAD_IS_AUTOMATIC_DOCUMENT_REPLACEMENT);
if (NS_SUCCEEDED(rv)) {
bool isjs = true;
@ -5774,16 +5771,8 @@ NS_IMETHODIMP nsDocShell::SetupRefreshURI(nsIChannel * aChannel)
refreshHeader);
if (!refreshHeader.IsEmpty()) {
nsCOMPtr<nsIScriptSecurityManager> secMan =
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, rv);
nsCOMPtr<nsIPrincipal> principal;
rv = secMan->GetChannelPrincipal(aChannel, getter_AddRefs(principal));
NS_ENSURE_SUCCESS(rv, rv);
SetupReferrerFromChannel(aChannel);
rv = SetupRefreshURIFromHeader(mCurrentURI, principal, refreshHeader);
rv = SetupRefreshURIFromHeader(mCurrentURI, refreshHeader);
if (NS_SUCCEEDED(rv)) {
return NS_REFRESHURI_HEADER_FOUND;
}
@ -12024,145 +12013,52 @@ nsDocShell::GetCanExecuteScripts(bool *aResult)
}
NS_IMETHODIMP
nsDocShell::SetIsBrowser()
nsDocShell::GetIsBrowserFrame(bool *aOut)
{
if (mIsBrowserFrame) {
NS_ERROR("You should not call SetIsBrowser() more than once.");
return NS_OK;
}
NS_ENSURE_ARG_POINTER(aOut);
*aOut = mIsBrowserFrame;
return NS_OK;
}
mIsBrowserFrame = true;
NS_IMETHODIMP
nsDocShell::SetIsBrowserFrame(bool aValue)
{
// Disallow transitions from browser frame to not-browser-frame. Once a
// browser frame, always a browser frame. (Otherwise, observers of
// docshell-marked-as-browser-frame would have to distinguish between
// newly-created browser frames and frames which went from true to false back
// to true.)
NS_ENSURE_STATE(!mIsBrowserFrame || aValue);
bool wasBrowserFrame = mIsBrowserFrame;
mIsBrowserFrame = aValue;
if (aValue && !wasBrowserFrame) {
nsCOMPtr<nsIObserverService> os = services::GetObserverService();
if (os) {
os->NotifyObservers(GetAsSupports(this),
"docshell-marked-as-browser-frame", NULL);
os->NotifyObservers(GetAsSupports(this),
"docshell-marked-as-browser-frame", NULL);
}
return NS_OK;
}
return NS_OK;
}
nsDocShell::FrameType
nsDocShell::GetInheritedFrameType()
NS_IMETHODIMP
nsDocShell::GetContainedInBrowserFrame(bool *aOut)
{
FrameType type = GetFrameType();
*aOut = false;
if (type != eFrameTypeRegular) {
return type;
if (mIsBrowserFrame) {
*aOut = true;
return NS_OK;
}
nsCOMPtr<nsIDocShellTreeItem> parentAsItem;
GetSameTypeParent(getter_AddRefs(parentAsItem));
nsCOMPtr<nsIDocShell> parent = do_QueryInterface(parentAsItem);
if (!parent) {
return eFrameTypeRegular;
}
return static_cast<nsDocShell*>(parent.get())->GetInheritedFrameType();
}
nsDocShell::FrameType
nsDocShell::GetFrameType()
{
if (mAppId != nsIScriptSecurityManager::NO_APP_ID) {
return eFrameTypeApp;
}
return mIsBrowserFrame ? eFrameTypeBrowser : eFrameTypeRegular;
}
NS_IMETHODIMP
nsDocShell::GetIsBrowserElement(bool* aIsBrowser)
{
*aIsBrowser = (GetFrameType() == eFrameTypeBrowser);
return NS_OK;
}
NS_IMETHODIMP
nsDocShell::GetIsApp(bool* aIsApp)
{
*aIsApp = (GetFrameType() == eFrameTypeApp);
return NS_OK;
}
NS_IMETHODIMP
nsDocShell::GetIsContentBoundary(bool* aIsContentBoundary)
{
switch (GetFrameType()) {
case eFrameTypeRegular:
*aIsContentBoundary = false;
break;
case eFrameTypeBrowser:
case eFrameTypeApp:
*aIsContentBoundary = true;
break;
if (parent) {
return parent->GetContainedInBrowserFrame(aOut);
}
return NS_OK;
}
NS_IMETHODIMP
nsDocShell::GetIsInBrowserElement(bool* aIsInBrowserElement)
{
*aIsInBrowserElement = (GetInheritedFrameType() == eFrameTypeBrowser);
return NS_OK;
}
NS_IMETHODIMP
nsDocShell::GetIsInApp(bool* aIsInApp)
{
*aIsInApp = (GetInheritedFrameType() == eFrameTypeApp);
return NS_OK;
}
NS_IMETHODIMP
nsDocShell::GetIsBelowContentBoundary(bool* aIsInContentBoundary)
{
switch (GetInheritedFrameType()) {
case eFrameTypeRegular:
*aIsInContentBoundary = false;
break;
case eFrameTypeBrowser:
case eFrameTypeApp:
*aIsInContentBoundary = true;
break;
}
return NS_OK;
}
NS_IMETHODIMP
nsDocShell::SetAppId(PRUint32 aAppId)
{
MOZ_ASSERT(mAppId == nsIScriptSecurityManager::NO_APP_ID);
MOZ_ASSERT(aAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID);
mAppId = aAppId;
return NS_OK;
}
NS_IMETHODIMP
nsDocShell::GetAppId(PRUint32* aAppId)
{
if (mAppId != nsIScriptSecurityManager::NO_APP_ID) {
MOZ_ASSERT(GetFrameType() == eFrameTypeApp);
*aAppId = mAppId;
return NS_OK;
}
MOZ_ASSERT(GetFrameType() != eFrameTypeApp);
nsCOMPtr<nsIDocShellTreeItem> parentAsItem;
GetSameTypeParent(getter_AddRefs(parentAsItem));
nsCOMPtr<nsIDocShell> parent = do_QueryInterface(parentAsItem);
if (!parent) {
*aAppId = nsIScriptSecurityManager::NO_APP_ID;
return NS_OK;
}
return parent->GetAppId(aAppId);
}

11
docshell/base/nsDocShell.h
View File

@ -664,15 +664,6 @@ protected:
bool JustStartedNetworkLoad();
enum FrameType {
eFrameTypeRegular = 0x0, // 0000
eFrameTypeBrowser = 0x1, // 0001
eFrameTypeApp = 0x2 // 0010
};
FrameType GetInheritedFrameType();
FrameType GetFrameType();
// hash of session storages, keyed by domain
nsInterfaceHashtable<nsCStringHashKey, nsIDOMStorage> mStorages;
@ -824,8 +815,6 @@ protected:
nsRefPtr<nsDOMNavigationTiming> mTiming;
PRUint32 mAppId;
private:
nsCOMPtr<nsIAtom> mForcedCharset;
nsCOMPtr<nsIAtom> mParentCharset;

69
docshell/base/nsIDocShell.idl
View File

@ -39,7 +39,7 @@ interface nsIWebBrowserPrint;
interface nsIVariant;
interface nsIPrivacyTransitionObserver;
[scriptable, builtinclass, uuid(c98f0f21-fe96-4f06-9978-0a9422a789fa)]
[scriptable, builtinclass, uuid(89ea9f32-18ec-413b-9e2c-ce9a4c851b1c)]
interface nsIDocShell : nsISupports
{
/**
@ -589,64 +589,21 @@ interface nsIDocShell : nsISupports
*/
void addWeakPrivacyTransitionObserver(in nsIPrivacyTransitionObserver obs);
/**
* Mark the docshell as a browser frame.
* This should be used for <iframe mozbrowser> but not for <iframe mozapp>.
/*
* Is this docshell a browser frame (i.e., does it correspond to an <iframe
* mozbrowser>)? The frameloader is responsible for setting this property
* when it initializes the docshell.
*
* This method should not be called more than once.
*/
void setIsBrowser();
/**
* Returns true iff the docshell is marked as a browser frame.
*/
readonly attribute boolean isBrowserElement;
/**
* Returns true iif the docshell is marked as an app frame.
*/
readonly attribute boolean isApp;
/**
* Returns true iif the docshell is marked as a type that behaves like a
* content boundary.
*/
readonly attribute boolean isContentBoundary;
/**
* Returns true iif the docshell is inside a browser element.
*/
readonly attribute boolean isInBrowserElement;
/**
* Returns true iif the docshell is inside an application.
* However, it will return false if the docshell is inside a browser element
* that is inside an application.
*/
readonly attribute boolean isInApp;
/**
* Returns if the docshell has a docshell that behaves as a content boundary
* in his parent hierarchy.
*/
readonly attribute boolean isBelowContentBoundary;
/**
* Set the app id this docshell is associated with. It has to be a valid app
* id. If the docshell isn't associated with any app, the value should be
* nsIScriptSecurityManager::NO_APP_ID.
* However, this is the default value if nothing is set.
* If so, this docshell should act like a chrome/content boundary for the
* purposes of window.top and window.parent.
*
* This method is [noscript] to reduce the scope. It should be used at very
* specific moments.
*
* Calling setAppId() will mark the frame as an app frame.
* See also nsIMozBrowserFrame.
*/
[noscript] void setAppId(in unsigned long appId);
attribute bool isBrowserFrame;
/**
* Returns the app id of the app the docshell is in.
* Returns nsIScriptSecurityManager::NO_APP_ID If the docshell is not in an app.
/*
* Is this docshell contained in an <iframe mozbrowser>, either directly or
* indirectly?
*/
readonly attribute unsigned long appId;
readonly attribute bool containedInBrowserFrame;
};

8
docshell/base/nsIRefreshURI.idl
View File

@ -7,9 +7,8 @@
#include "nsISupports.idl"
#include "nsIURI.idl"
interface nsIChannel;
interface nsIPrincipal;
[scriptable, uuid(a5e61a3c-51bd-45be-ac0c-e87b71860656)]
[scriptable, uuid(cb0ad623-6b46-4c09-a473-c1d6ca63d3c7)]
interface nsIRefreshURI : nsISupports {
/**
* Load a uri after waiting for aMillis milliseconds. If the docshell
@ -56,11 +55,10 @@ interface nsIRefreshURI : nsISupports {
* the current page finishes loading.
*
* @param aBaseURI base URI to resolve refresh uri with.
* @param principal the associated principal
* @param aHeader The meta refresh header string.
*/
void setupRefreshURIFromHeader(in nsIURI aBaseURI, in nsIPrincipal principal, in ACString aHeader);
void setupRefreshURIFromHeader(in nsIURI aBaseURI, in ACString aHeader);
/**
* Cancels all timer loads.
*/

5
dom/apps/src/Webapps.jsm
View File

@ -317,8 +317,7 @@ let DOMApplicationRegistry = {
},
_nextLocalId: function() {
let maxLocalId = Ci.nsIScriptSecurityManager.NO_APP_ID;
let maxLocalId = 0;
for (let id in this.webapps) {
if (this.webapps[id].localId > maxLocalId) {
maxLocalId = this.webapps[id].localId;
@ -636,7 +635,7 @@ let DOMApplicationRegistry = {
}
}
return Ci.nsIScriptSecurityManager.NO_APP_ID;
return 0;
},
getAllWithoutManifests: function(aCallback) {

19
dom/base/nsGlobalWindow.cpp
View File

@ -2965,9 +2965,9 @@ nsGlobalWindow::GetScriptableParent(nsIDOMWindow** aParent)
return NS_OK;
}
bool isContentBoundary = false;
mDocShell->GetIsContentBoundary(&isContentBoundary);
if (isContentBoundary) {
bool isMozBrowser = false;
mDocShell->GetIsBrowserFrame(&isMozBrowser);
if (isMozBrowser) {
nsCOMPtr<nsIDOMWindow> parent = static_cast<nsIDOMWindow*>(this);
parent.swap(*aParent);
return NS_OK;
@ -6446,13 +6446,12 @@ nsGlobalWindow::Close()
{
FORWARD_TO_OUTER(Close, (), NS_ERROR_NOT_INITIALIZED);
bool isContentBoundary = false;
bool isMozBrowser = false;
if (mDocShell) {
mDocShell->GetIsContentBoundary(&isContentBoundary);
mDocShell->GetIsBrowserFrame(&isMozBrowser);
}
if ((!isContentBoundary && IsFrame()) ||
!mDocShell || IsInModalState()) {
if ((!isMozBrowser && IsFrame()) || !mDocShell || IsInModalState()) {
// window.close() is called on a frame in a frameset, on a window
// that's already closed, or on a window for which there's
// currently a modal dialog open. Ignore such calls.
@ -6981,9 +6980,9 @@ nsGlobalWindow::GetScriptableFrameElement(nsIDOMElement** aFrameElement)
return NS_OK;
}
bool isContentBoundary = false;
mDocShell->GetIsContentBoundary(&isContentBoundary);
if (isContentBoundary) {
bool isMozBrowser = false;
mDocShell->GetIsBrowserFrame(&isMozBrowser);
if (isMozBrowser) {
return NS_OK;
}

2
dom/browser-element/BrowserElementChild.js
View File

@ -62,7 +62,7 @@ BrowserElementChild.prototype = {
BrowserElementPromptService.mapWindowToBrowserElementChild(content, this);
docShell.setIsBrowser();
docShell.isBrowserFrame = true;
docShell.QueryInterface(Ci.nsIWebProgress)
.addProgressListener(this._progressListener,
Ci.nsIWebProgress.NOTIFY_LOCATION |

9
dom/interfaces/apps/nsIAppsService.idl
View File

@ -15,16 +15,9 @@ interface mozIDOMApplication;
* This service allows accessing some DOMApplicationRegistry methods from
* non-javascript code.
*/
[scriptable, uuid(1210a0f3-add3-4381-b892-9c102e3afc42)]
[scriptable, uuid(40e580e7-8891-4eb8-b514-0b5796af4df1)]
interface nsIAppsService : nsISupports
{
mozIDOMApplication getAppByManifestURL(in DOMString manifestURL);
/**
* Returns the |localId| of the app associated with the |manifestURL| passed
* in parameter.
* Returns nsIScriptSecurityManager::NO_APP_ID if |manifestURL| isn't a valid
* installed manifest URL.
*/
unsigned long getAppLocalIdByManifestURL(in DOMString manifestURL);
};

6
dom/ipc/TabChild.cpp
View File

@ -337,12 +337,12 @@ TabChild::ProvideWindow(nsIDOMWindow* aParent, PRUint32 aChromeFlags,
// open a modal-type window, we're going to create a new <iframe mozbrowser>
// and return its window here.
nsCOMPtr<nsIDocShell> docshell = do_GetInterface(aParent);
bool isInContentBoundary = false;
bool inBrowserFrame = false;
if (docshell) {
docshell->GetIsBelowContentBoundary(&isInContentBoundary);
docshell->GetContainedInBrowserFrame(&inBrowserFrame);
}
if (isInContentBoundary &&
if (inBrowserFrame &&
!(aChromeFlags & (nsIWebBrowserChrome::CHROME_MODAL |
nsIWebBrowserChrome::CHROME_OPENAS_DIALOG |
nsIWebBrowserChrome::CHROME_OPENAS_CHROME))) {

25
ipc/testshell/XPCShellEnvironment.cpp
View File

@ -713,6 +713,14 @@ FullTrustSecMan::CheckLoadURIWithPrincipal(nsIPrincipal *aPrincipal,
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::CheckLoadURI(nsIURI *from,
nsIURI *uri,
PRUint32 flags)
{
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::CheckLoadURIStrWithPrincipal(nsIPrincipal *aPrincipal,
const nsACString & uri,
@ -721,6 +729,14 @@ FullTrustSecMan::CheckLoadURIStrWithPrincipal(nsIPrincipal *aPrincipal,
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::CheckLoadURIStr(const nsACString & from,
const nsACString & uri,
PRUint32 flags)
{
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::CheckFunctionAccess(JSContext * cx,
void * funObj,
@ -864,15 +880,6 @@ FullTrustSecMan::GetCxSubjectPrincipalAndFrame(JSContext *cx,
return mSystemPrincipal;
}
NS_IMETHODIMP
FullTrustSecMan::GetExtendedOrigin(nsIURI* aURI, PRUint32 aAppId,
bool aInMozBrowser,
nsACString& aExtendedOrigin)
{
aExtendedOrigin.Truncate();
return NS_OK;
}
NS_IMETHODIMP_(nsrefcnt)
XPCShellDirProvider::AddRef()
{

24
js/xpconnect/shell/xpcshell.cpp
View File

@ -1332,6 +1332,13 @@ FullTrustSecMan::CheckLoadURIWithPrincipal(nsIPrincipal *aPrincipal,
return NS_OK;
}
/* void checkLoadURI (in nsIURI from, in nsIURI uri, in unsigned long flags); */
NS_IMETHODIMP
FullTrustSecMan::CheckLoadURI(nsIURI *from, nsIURI *uri, PRUint32 flags)
{
return NS_OK;
}
/* void checkLoadURIStrWithPrincipal (in nsIPrincipal aPrincipal, in AUTF8String uri, in unsigned long flags); */
NS_IMETHODIMP
FullTrustSecMan::CheckLoadURIStrWithPrincipal(nsIPrincipal *aPrincipal,
@ -1341,6 +1348,14 @@ FullTrustSecMan::CheckLoadURIStrWithPrincipal(nsIPrincipal *aPrincipal,
return NS_OK;
}
/* void checkLoadURIStr (in AUTF8String from, in AUTF8String uri, in unsigned long flags); */
NS_IMETHODIMP
FullTrustSecMan::CheckLoadURIStr(const nsACString & from,
const nsACString & uri, PRUint32 flags)
{
return NS_OK;
}
/* [noscript] void checkFunctionAccess (in JSContextPtr cx, in voidPtr funObj, in voidPtr targetObj); */
NS_IMETHODIMP
FullTrustSecMan::CheckFunctionAccess(JSContext * cx, void * funObj,
@ -1487,15 +1502,6 @@ FullTrustSecMan::GetCxSubjectPrincipalAndFrame(JSContext *cx, JSStackFrame **fp)
return mSystemPrincipal;
}
NS_IMETHODIMP
FullTrustSecMan::GetExtendedOrigin(nsIURI* aURI, PRUint32 aAppId,
bool aInMozBrowser,
nsACString& aExtendedOrigin)
{
aExtendedOrigin.Truncate();
return NS_OK;
}
/***************************************************************************/
// #define TEST_InitClassesWithNewWrappedGlobal

34
layout/tools/reftest/reftest.js
View File

@ -809,14 +809,12 @@ function ReadManifest(aURL, inherited_status)
}
}
var principal = secMan.getCodebasePrincipal(aURL);
if (items[0] == "include") {
if (items.length != 2 || runHttp)
throw "Error 2 in manifest file " + aURL.spec + " line " + lineNo;
var incURI = gIOService.newURI(items[1], null, listURL);
secMan.checkLoadURIWithPrincipal(principal, incURI,
CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
secMan.checkLoadURI(aURL, incURI,
CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
ReadManifest(incURI, expected_status);
} else if (items[0] == TYPE_LOAD) {
if (items.length != 2 ||
@ -824,14 +822,14 @@ function ReadManifest(aURL, inherited_status)
expected_status != EXPECTED_DEATH))
throw "Error 3 in manifest file " + aURL.spec + " line " + lineNo;
var [testURI] = runHttp
? ServeFiles(principal, httpDepth,
? ServeFiles(aURL, httpDepth,
listURL, [items[1]])
: [gIOService.newURI(items[1], null, listURL)];
var prettyPath = runHttp
? gIOService.newURI(items[1], null, listURL).spec
: testURI.spec;
secMan.checkLoadURIWithPrincipal(principal, testURI,
CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
secMan.checkLoadURI(aURL, testURI,
CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
gURLs.push( { type: TYPE_LOAD,
expected: expected_status,
allowSilentFail: allow_silent_fail,
@ -850,14 +848,14 @@ function ReadManifest(aURL, inherited_status)
if (items.length != 2)
throw "Error 4 in manifest file " + aURL.spec + " line " + lineNo;
var [testURI] = runHttp
? ServeFiles(principal, httpDepth,
? ServeFiles(aURL, httpDepth,
listURL, [items[1]])
: [gIOService.newURI(items[1], null, listURL)];
var prettyPath = runHttp
? gIOService.newURI(items[1], null, listURL).spec
: testURI.spec;
secMan.checkLoadURIWithPrincipal(principal, testURI,
CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
secMan.checkLoadURI(aURL, testURI,
CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
gURLs.push( { type: TYPE_SCRIPT,
expected: expected_status,
allowSilentFail: allow_silent_fail,
@ -876,17 +874,17 @@ function ReadManifest(aURL, inherited_status)
if (items.length != 3)
throw "Error 5 in manifest file " + aURL.spec + " line " + lineNo;
var [testURI, refURI] = runHttp
? ServeFiles(principal, httpDepth,
? ServeFiles(aURL, httpDepth,
listURL, [items[1], items[2]])
: [gIOService.newURI(items[1], null, listURL),
gIOService.newURI(items[2], null, listURL)];
var prettyPath = runHttp
? gIOService.newURI(items[1], null, listURL).spec
: testURI.spec;
secMan.checkLoadURIWithPrincipal(principal, testURI,
CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
secMan.checkLoadURIWithPrincipal(principal, refURI,
CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
secMan.checkLoadURI(aURL, testURI,
CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
secMan.checkLoadURI(aURL, refURI,
CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
gURLs.push( { type: items[0],
expected: expected_status,
allowSilentFail: allow_silent_fail,
@ -938,7 +936,7 @@ function BuildUseCounts()
}
}
function ServeFiles(manifestPrincipal, depth, aURL, files)
function ServeFiles(manifestURL, depth, aURL, files)
{
var listURL = aURL.QueryInterface(CI.nsIFileURL);
var directory = listURL.file.parent;
@ -970,8 +968,8 @@ function ServeFiles(manifestPrincipal, depth, aURL, files)
var testURI = gIOService.newURI(file, null, testbase);
// XXX necessary? manifestURL guaranteed to be file, others always HTTP
secMan.checkLoadURIWithPrincipal(manifestPrincipal, testURI,
CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
secMan.checkLoadURI(manifestURL, testURI,
CI.nsIScriptSecurityManager.DISALLOW_SCRIPT);
return testURI;
}

2
toolkit/components/social/FrameWorker.jsm
View File

@ -243,7 +243,7 @@ function makeHiddenFrame() {
// TODO: disable media (bug 759964)
// Mark this docShell as a "browserFrame", to break script access to e.g. window.top
docShell.setIsBrowser();
docShell.isBrowserFrame = true;
return iframe;
}

14
toolkit/content/nsDragAndDrop.js
View File

@ -565,10 +565,11 @@ var nsDragAndDrop = {
aDraggedText = aDraggedText.replace(/^\s*|\s*$/g, '');
var uri;
var ioService = Components.classes["@mozilla.org/network/io-service;1"]
.getService(Components.interfaces.nsIIOService);
try {
uri = ioService.newURI(aDraggedText, null, null);
uri = Components.classes["@mozilla.org/network/io-service;1"]
.getService(Components.interfaces.nsIIOService)
.newURI(aDraggedText, null, null);
} catch (e) {
}
@ -587,12 +588,11 @@ var nsDragAndDrop = {
var sourceDoc = aDragSession.sourceDocument;
// Use "file:///" as the default sourceURI so that drops of file:// URIs
// are always allowed.
var principal = sourceDoc ? sourceDoc.nodePrincipal
: secMan.getCodebasePrincipal(ioService.newURI("file:///", null, null));
var sourceURI = sourceDoc ? sourceDoc.documentURI : "file:///";
try {
secMan.checkLoadURIStrWithPrincipal(principal, aDraggedText,
nsIScriptSecurityManager.STANDARD);
secMan.checkLoadURIStr(sourceURI, aDraggedText,
nsIScriptSecurityManager.STANDARD);
} catch (e) {
// Stop event propagation right here.
aEvent.stopPropagation();

2
toolkit/identity/Sandbox.jsm
View File

@ -93,7 +93,7 @@ Sandbox.prototype = {
.getInterface(Ci.nsIDocShell);
// Mark this docShell as a "browserFrame", to break script access to e.g. window.top
docShell.setIsBrowser();
docShell.isBrowserFrame = true;
// Stop about:blank from being loaded.
docShell.stop(Ci.nsIWebNavigation.STOP_NETWORK);

6
xpfe/appshell/src/nsContentTreeOwner.cpp
View File

@ -842,12 +842,12 @@ nsContentTreeOwner::ProvideWindow(nsIDOMWindow* aParent,
// open a modal-type window, we're going to create a new <iframe mozbrowser>
// and return its window here.
nsCOMPtr<nsIDocShell> docshell = do_GetInterface(aParent);
bool isInContentBoundary = false;
bool inBrowserFrame = false;
if (docshell) {
docshell->GetIsBelowContentBoundary(&isInContentBoundary);
docshell->GetContainedInBrowserFrame(&inBrowserFrame);
}
if (isInContentBoundary &&
if (inBrowserFrame &&
!(aChromeFlags & (nsIWebBrowserChrome::CHROME_MODAL |
nsIWebBrowserChrome::CHROME_OPENAS_DIALOG |
nsIWebBrowserChrome::CHROME_OPENAS_CHROME))) {