diff --git a/addon-sdk/source/lib/sdk/indexed-db.js b/addon-sdk/source/lib/sdk/indexed-db.js index e2f06513ec5..f8afee0a974 100644 --- a/addon-sdk/source/lib/sdk/indexed-db.js +++ b/addon-sdk/source/lib/sdk/indexed-db.js @@ -32,9 +32,9 @@ let principaluri = Cc["@mozilla.org/network/io-service;1"]. getService(Ci.nsIIOService). newURI(PSEUDOURI, null, null); -let ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); -let principal = ssm.createCodebasePrincipal(principaluri, {}); +let principal = Cc["@mozilla.org/scriptsecuritymanager;1"]. + getService(Ci.nsIScriptSecurityManager). + getCodebasePrincipal(principaluri); function toArray(args) { return Array.prototype.slice.call(args); diff --git a/b2g/components/AboutServiceWorkers.jsm b/b2g/components/AboutServiceWorkers.jsm index 9532bd6142f..350e20143b2 100644 --- a/b2g/components/AboutServiceWorkers.jsm +++ b/b2g/components/AboutServiceWorkers.jsm @@ -154,10 +154,11 @@ this.AboutServiceWorkers = { return; } - let principal = Services.scriptSecurityManager.createCodebasePrincipal( - // TODO: Bug 1196652. use originNoSuffix + let principal = Services.scriptSecurityManager.getAppCodebasePrincipal( Services.io.newURI(message.principal.origin, null, null), - message.principal.originAttributes); + message.principal.originAttributes.appId, + message.principal.originAttributes.inBrowser + ); if (!message.scope) { self.sendError(message.id, "MissingScope"); diff --git a/b2g/components/ContentPermissionPrompt.js b/b2g/components/ContentPermissionPrompt.js index bfe6957ca43..48e3ceafa1c 100644 --- a/b2g/components/ContentPermissionPrompt.js +++ b/b2g/components/ContentPermissionPrompt.js @@ -205,9 +205,9 @@ ContentPermissionPrompt.prototype = { // URL. let notDenyAppPrincipal = function(type) { let url = Services.io.newURI(app.origin, null, null); - let principal = - secMan.createCodebasePrincipal(url, - {appId: request.principal.appId}); + let principal = secMan.getAppCodebasePrincipal(url, + request.principal.appId, + /*mozbrowser*/false); let result = Services.perms.testExactPermissionFromPrincipal(principal, type.access); diff --git a/browser/base/content/aboutSocialError.xhtml b/browser/base/content/aboutSocialError.xhtml index e4800db7239..b9d84190686 100644 --- a/browser/base/content/aboutSocialError.xhtml +++ b/browser/base/content/aboutSocialError.xhtml @@ -55,8 +55,7 @@ // the error message. if (!config.origin) { let URI = Services.io.newURI(url, null, null); - config.origin = - Services.scriptSecurityManager.createCodebasePrincipal(URI, {}).origin; + config.origin = Services.scriptSecurityManager.getNoAppCodebasePrincipal(URI).origin; } switch (mode) { diff --git a/browser/base/content/test/general/browser_offlineQuotaNotification.js b/browser/base/content/test/general/browser_offlineQuotaNotification.js index 6a53675b286..8a1fbdb1f79 100644 --- a/browser/base/content/test/general/browser_offlineQuotaNotification.js +++ b/browser/base/content/test/general/browser_offlineQuotaNotification.js @@ -11,7 +11,7 @@ const URL = "http://mochi.test:8888/browser/browser/base/content/test/general/of registerCleanupFunction(function() { // Clean up after ourself let uri = Services.io.newURI(URL, null, null); - let principal = Services.scriptSecurityManager.createCodebasePrincipal(uri, {}); + var principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(uri); Services.perms.removeFromPrincipal(principal, "offline-app"); Services.prefs.clearUserPref("offline-apps.quota.warn"); Services.prefs.clearUserPref("offline-apps.allow_by_default"); diff --git a/browser/base/content/test/general/browser_sanitizeDialog.js b/browser/base/content/test/general/browser_sanitizeDialog.js index fa867128a4e..67edca79f91 100644 --- a/browser/base/content/test/general/browser_sanitizeDialog.js +++ b/browser/base/content/test/general/browser_sanitizeDialog.js @@ -564,7 +564,7 @@ var gAllTests = [ var sm = Cc["@mozilla.org/scriptsecuritymanager;1"] .getService(Ci.nsIScriptSecurityManager); - var principal = sm.createCodebasePrincipal(URI, {}); + var principal = sm.getNoAppCodebasePrincipal(URI); // Give www.example.com privileges to store offline data var pm = Cc["@mozilla.org/permissionmanager;1"] @@ -634,7 +634,7 @@ var gAllTests = [ var sm = Cc["@mozilla.org/scriptsecuritymanager;1"] .getService(Ci.nsIScriptSecurityManager); - var principal = sm.createCodebasePrincipal(URI, {}); + var principal = sm.getNoAppCodebasePrincipal(URI); // Open the dialog let wh = new WindowHelper(); diff --git a/browser/base/content/test/general/test_offlineNotification.html b/browser/base/content/test/general/test_offlineNotification.html index 4f78184b429..787dbb57692 100644 --- a/browser/base/content/test/general/test_offlineNotification.html +++ b/browser/base/content/test/general/test_offlineNotification.html @@ -43,10 +43,12 @@ window.addEventListener("message", function(event) { var uri1 = ioService.newURI(frames.testFrame.location, null, null); var uri2 = ioService.newURI(frames.testFrame3.location, null, null); - var ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(SpecialPowers.Ci.nsIScriptSecurityManager); - var principal1 = ssm.createCodebasePrincipal(uri1, {}); - var principal2 = ssm.createCodebasePrincipal(uri2, {}); + var principal1 = Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(SpecialPowers.Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri1); + var principal2 = Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(SpecialPowers.Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri2); pm.removeFromPrincipal(principal1, "offline-app"); pm.removeFromPrincipal(principal2, "offline-app"); diff --git a/browser/base/content/test/general/test_offline_gzip.html b/browser/base/content/test/general/test_offline_gzip.html index 98cbdf9ac1c..1d318b38e64 100644 --- a/browser/base/content/test/general/test_offline_gzip.html +++ b/browser/base/content/test/general/test_offline_gzip.html @@ -39,9 +39,9 @@ function finishTest() { var uri = Cc["@mozilla.org/network/io-service;1"].getService(SpecialPowers.Ci.nsIIOService) .newURI(window.frames[0].location, null, null); - var ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(SpecialPowers.Ci.nsIScriptSecurityManager); - var principal = ssm.createCodebasePrincipal(uri, {}); + var principal = Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(SpecialPowers.Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); pm.removeFromPrincipal(principal, "offline-app"); diff --git a/browser/base/content/test/newtab/head.js b/browser/base/content/test/newtab/head.js index d8433b2e621..6eb54ebf03f 100644 --- a/browser/base/content/test/newtab/head.js +++ b/browser/base/content/test/newtab/head.js @@ -18,7 +18,7 @@ Cu.import("resource://gre/modules/Timer.jsm", tmp); let {Promise, NewTabUtils, Sanitizer, clearTimeout, setTimeout, DirectoryLinksProvider, PlacesTestUtils} = tmp; let uri = Services.io.newURI("about:newtab", null, null); -let principal = Services.scriptSecurityManager.createCodebasePrincipal(uri, {}); +let principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(uri); let isMac = ("nsILocalFileMac" in Ci); let isLinux = ("@mozilla.org/gnome-gconf-service;1" in Cc); diff --git a/browser/components/feeds/FeedConverter.js b/browser/components/feeds/FeedConverter.js index a6ecfb4575d..75115cc94d1 100644 --- a/browser/components/feeds/FeedConverter.js +++ b/browser/components/feeds/FeedConverter.js @@ -254,7 +254,7 @@ FeedConverter.prototype = { chromeChannel = ios.newChannelFromURIWithLoadInfo(aboutFeedsURI, loadInfo); chromeChannel.originalURI = result.uri; chromeChannel.owner = - Services.scriptSecurityManager.createCodebasePrincipal(aboutFeedsURI, {}); + Services.scriptSecurityManager.getNoAppCodebasePrincipal(aboutFeedsURI); } else { chromeChannel = ios.newChannelFromURIWithLoadInfo(result.uri, loadInfo); } diff --git a/browser/components/preferences/aboutPermissions.js b/browser/components/preferences/aboutPermissions.js index 50441de02bd..22320b2ed1f 100644 --- a/browser/components/preferences/aboutPermissions.js +++ b/browser/components/preferences/aboutPermissions.js @@ -497,7 +497,7 @@ let AboutPermissions = { while (row = aResults.getNextRow()) { let spec = row.getResultByName("url"); let uri = NetUtil.newURI(spec); - let principal = gSecMan.createCodebasePrincipal(uri, {}); + let principal = gSecMan.getNoAppCodebasePrincipal(uri); AboutPermissions.addPrincipal(principal); } @@ -548,7 +548,7 @@ let AboutPermissions = { try { // aLogin.hostname is a string in origin URL format (e.g. "http://foo.com") let uri = NetUtil.newURI(aLogin.hostname); - let principal = gSecMan.createCodebasePrincipal(uri, {}); + let principal = gSecMan.getNoAppCodebasePrincipal(uri); this.addPrincipal(principal); } catch (e) { // newURI will throw for add-ons logins stored in chrome:// URIs @@ -564,7 +564,7 @@ let AboutPermissions = { try { // aHostname is a string in origin URL format (e.g. "http://foo.com") let uri = NetUtil.newURI(aHostname); - let principal = gSecMan.createCodebasePrincipal(uri, {}); + let principal = gSecMan.getNoAppCodebasePrincipal(uri); this.addPrincipal(principal); } catch (e) { // newURI will throw for add-ons logins stored in chrome:// URIs diff --git a/browser/components/preferences/permissions.js b/browser/components/preferences/permissions.js index 3a19a0612af..c3f5d717557 100644 --- a/browser/components/preferences/permissions.js +++ b/browser/components/preferences/permissions.js @@ -95,12 +95,12 @@ var gPermissionManager = { let uri; try { uri = Services.io.newURI(input_url, null, null); - principal = Services.scriptSecurityManager.createCodebasePrincipal(uri, {}); + principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(uri); // If we have ended up with an unknown scheme, the following will throw. principal.origin; } catch(ex) { uri = Services.io.newURI("http://" + input_url, null, null); - principal = Services.scriptSecurityManager.createCodebasePrincipal(uri, {}); + principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(uri); // If we have ended up with an unknown scheme, the following will throw. principal.origin; } diff --git a/browser/components/preferences/tests/browser_permissions.js b/browser/components/preferences/tests/browser_permissions.js index 620883e4be0..6dc766e2a2b 100644 --- a/browser/components/preferences/tests/browser_permissions.js +++ b/browser/components/preferences/tests/browser_permissions.js @@ -8,10 +8,8 @@ const ABOUT_PERMISSIONS_SPEC = "about:permissions"; const TEST_URI_1 = NetUtil.newURI("http://mozilla.com/"); const TEST_URI_2 = NetUtil.newURI("http://mozilla.org/"); -const TEST_PRINCIPAL_1 = - Services.scriptSecurityManager.createCodebasePrincipal(TEST_URI_1, {}); -const TEST_PRINCIPAL_2 = - Services.scriptSecurityManager.createCodebasePrincipal(TEST_URI_2, {}); +const TEST_PRINCIPAL_1 = Services.scriptSecurityManager.getNoAppCodebasePrincipal(TEST_URI_1); +const TEST_PRINCIPAL_2 = Services.scriptSecurityManager.getNoAppCodebasePrincipal(TEST_URI_2); // values from DefaultPermissions object const PERM_UNKNOWN = 0; diff --git a/browser/devtools/styleinspector/test/browser_styleinspector_csslogic-content-stylesheets.js b/browser/devtools/styleinspector/test/browser_styleinspector_csslogic-content-stylesheets.js index 1255f8fb7e9..0c68b7e5dd3 100644 --- a/browser/devtools/styleinspector/test/browser_styleinspector_csslogic-content-stylesheets.js +++ b/browser/devtools/styleinspector/test/browser_styleinspector_csslogic-content-stylesheets.js @@ -15,9 +15,9 @@ const TEST_URI_XUL = TEST_URL_ROOT + "doc_content_stylesheet.xul"; const XUL_URI = Cc["@mozilla.org/network/io-service;1"] .getService(Ci.nsIIOService) .newURI(TEST_URI_XUL, null, null); -let ssm = Components.classes["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); -const XUL_PRINCIPAL = ssm.createCodebasePrincipal(XUL_URI, {}); +const XUL_PRINCIPAL = Components.classes["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(XUL_URI); add_task(function*() { info("Checking stylesheets on HTML document"); diff --git a/browser/extensions/pdfjs/content/PdfStreamConverter.jsm b/browser/extensions/pdfjs/content/PdfStreamConverter.jsm index 1a38324d0b0..b088bdf3025 100644 --- a/browser/extensions/pdfjs/content/PdfStreamConverter.jsm +++ b/browser/extensions/pdfjs/content/PdfStreamConverter.jsm @@ -995,21 +995,14 @@ PdfStreamConverter.prototype = { // We can use resource principal when data is fetched by the chrome // e.g. useful for NoScript - var ssm = Cc['@mozilla.org/scriptsecuritymanager;1'] - .getService(Ci.nsIScriptSecurityManager); + var securityManager = Cc['@mozilla.org/scriptsecuritymanager;1'] + .getService(Ci.nsIScriptSecurityManager); var uri = NetUtil.newURI(PDF_VIEWER_WEB_PAGE, null, null); // FF16 and below had getCodebasePrincipal, it was replaced by // getNoAppCodebasePrincipal (bug 758258). - // FF 43 added createCodebasePrincipal to replace getNoAppCodebasePrincipal - // (bug 1165272). - var resourcePrincipal - if ('createCodebasePrincipal' in ssm) { - resourcePrincipal = ssm.createCodebasePrincipal(uri, {}); - } else if ('getNoAppCodebasePrincipal' in ssm) { - resourcePrincipal = ssm.getNoAppCodebasePrincipal(uri) - } else { - resourcePrincipal = ssm.getCodebasePrincipal(uri); - } + var resourcePrincipal = 'getNoAppCodebasePrincipal' in securityManager ? + securityManager.getNoAppCodebasePrincipal(uri) : + securityManager.getCodebasePrincipal(uri); aRequest.owner = resourcePrincipal; channel.asyncOpen(proxy, aContext); }, diff --git a/browser/extensions/shumway/chrome/SpecialStorage.jsm b/browser/extensions/shumway/chrome/SpecialStorage.jsm index 636d263eebe..03815f6cc95 100644 --- a/browser/extensions/shumway/chrome/SpecialStorage.jsm +++ b/browser/extensions/shumway/chrome/SpecialStorage.jsm @@ -22,9 +22,9 @@ var SpecialStorageUtils = { createWrappedSpecialStorage: function (sandbox, swfUrl, privateBrowsing) { // Creating internal localStorage object based on url and privateBrowsing setting. var uri = Services.io.newURI(swfUrl, null, null); - var ssm = Components.classes["@mozilla.org/scriptsecuritymanager;1"] - .getService(Components.interfaces.nsIScriptSecurityManager); - var principal = ssm.createCodebasePrincipal(uri, {}); + var principal = Components.classes["@mozilla.org/scriptsecuritymanager;1"] + .getService(Components.interfaces.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); var dsm = Components.classes["@mozilla.org/dom/localStorage-manager;1"] .getService(Components.interfaces.nsIDOMStorageManager); var storage = dsm.createStorage(null, principal, privateBrowsing); diff --git a/browser/modules/Feeds.jsm b/browser/modules/Feeds.jsm index 481095ff4b0..b2bdbe0422b 100644 --- a/browser/modules/Feeds.jsm +++ b/browser/modules/Feeds.jsm @@ -66,8 +66,7 @@ this.Feeds = { if (aIsFeed) { // re-create the principal as it may be a CPOW. let principalURI = BrowserUtils.makeURIFromCPOW(aPrincipal.URI); - let principalToCheck = - Services.scriptSecurityManager.createCodebasePrincipal(principalURI, {}); + let principalToCheck = Services.scriptSecurityManager.getNoAppCodebasePrincipal(principalURI); try { BrowserUtils.urlSecurityCheck(aLink.href, principalToCheck, Ci.nsIScriptSecurityManager.DISALLOW_INHERIT_PRINCIPAL); diff --git a/caps/nsIScriptSecurityManager.idl b/caps/nsIScriptSecurityManager.idl index 916563d8587..dda4ff84fe8 100644 --- a/caps/nsIScriptSecurityManager.idl +++ b/caps/nsIScriptSecurityManager.idl @@ -26,7 +26,7 @@ class DomainPolicyClone; [ptr] native JSObjectPtr(JSObject); [ptr] native DomainPolicyClonePtr(mozilla::dom::DomainPolicyClone); -[scriptable, uuid(6e8a4d1e-d9c6-4d86-bf53-d73f58f36148)] +[scriptable, uuid(9a8f0b70-6b9f-4e19-8885-7cfe24f4a42d)] interface nsIScriptSecurityManager : nsISupports { /** @@ -150,12 +150,10 @@ interface nsIScriptSecurityManager : nsISupports * @param appId is the app id of the principal. It can't be UNKNOWN_APP_ID. * @param inMozBrowser is true if the principal has to be considered as * inside a mozbrowser frame. - * - * @deprecated use createCodebasePrincipal instead. */ - [deprecated] nsIPrincipal getAppCodebasePrincipal(in nsIURI uri, - in unsigned long appId, - in boolean inMozBrowser); + nsIPrincipal getAppCodebasePrincipal(in nsIURI uri, + in unsigned long appId, + in boolean inMozBrowser); /** * Returns a principal that has the appId and inMozBrowser of the load @@ -177,10 +175,8 @@ interface nsIScriptSecurityManager : nsISupports * Returns a principal with that has the same origin as uri and is not part * of an appliction. * The returned principal will have appId = NO_APP_ID. - * - * @deprecated use createCodebasePrincipal instead. */ - [deprecated] nsIPrincipal getNoAppCodebasePrincipal(in nsIURI uri); + nsIPrincipal getNoAppCodebasePrincipal(in nsIURI uri); /** * Legacy method for getting a principal with no origin attributes. diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 2e0718b303c..d4b6986a016 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -11,7 +11,6 @@ #include "mozilla/ArrayUtils.h" #include "mozilla/Attributes.h" #include "mozilla/AutoRestore.h" -#include "mozilla/BasePrincipal.h" #include "mozilla/Casting.h" #include "mozilla/dom/ContentChild.h" #include "mozilla/dom/Element.h" @@ -9361,6 +9360,9 @@ nsDocShell::CreatePrincipalFromReferrer(nsIURI* aReferrer, nsIPrincipal** aResult) { nsresult rv; + nsCOMPtr secMan = + do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); + NS_ENSURE_SUCCESS(rv, rv); uint32_t appId; rv = GetAppId(&appId); @@ -9368,14 +9370,12 @@ nsDocShell::CreatePrincipalFromReferrer(nsIURI* aReferrer, bool isInBrowserElement; rv = GetIsInBrowserElement(&isInBrowserElement); NS_ENSURE_SUCCESS(rv, rv); - - // TODO: Bug 1165466 - Pass mOriginAttributes directly. - OriginAttributes attrs(appId, isInBrowserElement); - nsCOMPtr prin = - BasePrincipal::CreateCodebasePrincipal(aReferrer, attrs); - prin.forget(aResult); - - return *aResult ? NS_OK : NS_ERROR_FAILURE; + rv = secMan->GetAppCodebasePrincipal(aReferrer, + appId, + isInBrowserElement, + aResult); + NS_ENSURE_SUCCESS(rv, rv); + return NS_OK; } NS_IMETHODIMP diff --git a/dom/apps/AppsUtils.jsm b/dom/apps/AppsUtils.jsm index f5d3bd12c27..e5b9e898d9e 100644 --- a/dom/apps/AppsUtils.jsm +++ b/dom/apps/AppsUtils.jsm @@ -73,9 +73,11 @@ mozIApplication.prototype = { this._principal = null; try { - this._principal = Services.scriptSecurityManager.createCodebasePrincipal( + this._principal = Services.scriptSecurityManager.getAppCodebasePrincipal( Services.io.newURI(this.origin, null, null), - {appId: this.localId}); + this.localId, + false /* mozbrowser */ + ); } catch(e) { dump("Could not create app principal " + e + "\n"); } diff --git a/dom/apps/OfflineCacheInstaller.jsm b/dom/apps/OfflineCacheInstaller.jsm index a585da127c2..7f81ffd369c 100644 --- a/dom/apps/OfflineCacheInstaller.jsm +++ b/dom/apps/OfflineCacheInstaller.jsm @@ -228,8 +228,8 @@ function installCache(app) { if (!cacheManifest.exists()) return; - let principal = - Services.scriptSecurityManager.createCodebasePrincipal(app.origin, {appId: aApp.localId}); + let principal = Services.scriptSecurityManager.getAppCodebasePrincipal( + app.origin, app.localId, false); // If the build has been correctly configured, this should not happen! // If we install the cache anyway, it won't be updateable. If we don't install diff --git a/dom/apps/ScriptPreloader.jsm b/dom/apps/ScriptPreloader.jsm index 5c541c8b9b5..1925a9b1d2d 100644 --- a/dom/apps/ScriptPreloader.jsm +++ b/dom/apps/ScriptPreloader.jsm @@ -40,7 +40,7 @@ this.ScriptPreloader = { let toLoad = aManifest.precompile.length; let principal = Services.scriptSecurityManager - .createCodebasePrincipal(origin, {appId: aApp.localId}); + .getAppCodebasePrincipal(origin, aApp.localId, false); aManifest.precompile.forEach((aPath) => { let uri = Services.io.newURI(aPath, null, origin); diff --git a/dom/apps/Webapps.jsm b/dom/apps/Webapps.jsm index 2c40970a460..afdab53ffa9 100644 --- a/dom/apps/Webapps.jsm +++ b/dom/apps/Webapps.jsm @@ -820,7 +820,8 @@ this.DOMApplicationRegistry = { let uri = Services.io.newURI(aOrigin, null, null); let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"] .getService(Ci.nsIScriptSecurityManager); - let principal = secMan.createCodebasePrincipal(uri, {appId: aId}); + let principal = secMan.getAppCodebasePrincipal(uri, aId, + /*mozbrowser*/ false); if (!dataStoreService.checkPermission(principal)) { return; } @@ -3368,9 +3369,8 @@ this.DOMApplicationRegistry = { let requestChannel; let appURI = NetUtil.newURI(aNewApp.origin, null, null); - let principal = - Services.scriptSecurityManager.createCodebasePrincipal(appURI, - {appId: aNewApp.localId}); + let principal = Services.scriptSecurityManager.getAppCodebasePrincipal( + appURI, aNewApp.localId, false); if (aIsLocalFileInstall) { requestChannel = NetUtil.newChannel({ diff --git a/dom/base/nsGlobalWindow.cpp b/dom/base/nsGlobalWindow.cpp index b825d450790..97a492a2a8c 100644 --- a/dom/base/nsGlobalWindow.cpp +++ b/dom/base/nsGlobalWindow.cpp @@ -95,6 +95,7 @@ #include "nsThreadUtils.h" #include "nsILoadContext.h" #include "nsIPresShell.h" +#include "nsIScriptSecurityManager.h" #include "nsIScrollableFrame.h" #include "nsView.h" #include "nsViewManager.h" @@ -191,7 +192,6 @@ #include "nsRefreshDriver.h" #include "mozilla/AddonPathService.h" -#include "mozilla/BasePrincipal.h" #include "mozilla/Services.h" #include "mozilla/Telemetry.h" #include "nsLocation.h" @@ -256,8 +256,6 @@ static const char kStorageEnabled[] = "dom.storage.enabled"; using namespace mozilla; using namespace mozilla::dom; using namespace mozilla::dom::ipc; -using mozilla::BasePrincipal; -using mozilla::OriginAttributes; using mozilla::TimeStamp; using mozilla::TimeDuration; using mozilla::dom::cache::CacheStorage; @@ -8589,14 +8587,21 @@ nsGlobalWindow::PostMessageMozOuter(JSContext* aCx, JS::Handle aMessa return; } + nsCOMPtr ssm = + nsContentUtils::GetSecurityManager(); + MOZ_ASSERT(ssm); + nsCOMPtr principal = nsContentUtils::SubjectPrincipal(); MOZ_ASSERT(principal); - OriginAttributes attrs = BasePrincipal::Cast(principal)->OriginAttributesRef(); + uint32_t appId = principal->GetAppId(); + bool isInBrowser = principal->GetIsInBrowserElement(); + // Create a nsIPrincipal inheriting the app/browser attributes from the // caller. - providedPrincipal = BasePrincipal::CreateCodebasePrincipal(originURI, attrs); - if (NS_WARN_IF(!providedPrincipal)) { + nsresult rv = ssm->GetAppCodebasePrincipal(originURI, appId, isInBrowser, + getter_AddRefs(providedPrincipal)); + if (NS_WARN_IF(NS_FAILED(rv))) { return; } } diff --git a/dom/browser-element/BrowserElementParent.js b/dom/browser-element/BrowserElementParent.js index 4856bcfd338..1cf6847f3ec 100644 --- a/dom/browser-element/BrowserElementParent.js +++ b/dom/browser-element/BrowserElementParent.js @@ -833,16 +833,14 @@ BrowserElementParent.prototype = { catch(e) { debug('Malformed referrer -- ' + e); } - - // TODO Bug 1165466: use originAttributes from nsILoadContext. - let attrs = {appId: this._frameLoader.loadContext.appId, - inBrowser: this._frameLoader.loadContext.isInBrowserElement}; // This simply returns null if there is no principal available // for the requested uri. This is an acceptable fallback when // calling newChannelFromURI2. - principal = - Services.scriptSecurityManager.createCodebasePrincipal( - referrer, attrs); + principal = + Services.scriptSecurityManager.getAppCodebasePrincipal( + referrer, + this._frameLoader.loadContext.appId, + this._frameLoader.loadContext.isInBrowserElement); } debug('Using principal? ' + !!principal); diff --git a/dom/browser-element/mochitest/browserElement_Auth.js b/dom/browser-element/mochitest/browserElement_Auth.js index 92989878679..639a5159ae0 100644 --- a/dom/browser-element/mochitest/browserElement_Auth.js +++ b/dom/browser-element/mochitest/browserElement_Auth.js @@ -158,17 +158,15 @@ function testAuthJarNoInterfere(e) { // Set a bunch of auth data that should not conflict with the correct auth data already // stored in the cache. - var attrs = {appId: 1}; - var principal = secMan.createCodebasePrincipal(uri, attrs); + var principal = secMan.getAppCodebasePrincipal(uri, 1, false); authMgr.setAuthIdentity('http', 'test', -1, 'basic', 'http_realm', 'tests/dom/browser-element/mochitest/file_http_401_response.sjs', '', 'httpuser', 'wrongpass', false, principal); - attrs = {appId: 1, inBrowser: true}; - principal = secMan.createCodebasePrincipal(uri, attrs); + principal = secMan.getAppCodebasePrincipal(uri, 1, true); authMgr.setAuthIdentity('http', 'test', -1, 'basic', 'http_realm', 'tests/dom/browser-element/mochitest/file_http_401_response.sjs', '', 'httpuser', 'wrongpass', false, principal); - principal = secMan.createCodebasePrincipal(uri, {}); + principal = secMan.getAppCodebasePrincipal(uri, secMan.NO_APP_ID, false); authMgr.setAuthIdentity('http', 'test', -1, 'basic', 'http_realm', 'tests/dom/browser-element/mochitest/file_http_401_response.sjs', '', 'httpuser', 'wrongpass', false, principal); @@ -198,7 +196,7 @@ function testAuthJarInterfere(e) { var uri = ioService.newURI("http://test/tests/dom/browser-element/mochitest/file_http_401_response.sjs", null, null); // Set some auth data that should overwrite the successful stored details. - var principal = secMan.createCodebasePrincipal(uri, {inBrowser: true}); + var principal = secMan.getAppCodebasePrincipal(uri, secMan.NO_APP_ID, true); authMgr.setAuthIdentity('http', 'test', -1, 'basic', 'http_realm', 'tests/dom/browser-element/mochitest/file_http_401_response.sjs', '', 'httpuser', 'wrongpass', false, principal); diff --git a/dom/cache/test/mochitest/test_chrome_constructor.html b/dom/cache/test/mochitest/test_chrome_constructor.html index 97b1a0a7ef6..c131fc5a37d 100644 --- a/dom/cache/test/mochitest/test_chrome_constructor.html +++ b/dom/cache/test/mochitest/test_chrome_constructor.html @@ -20,7 +20,7 @@ // attach to a different origin's CacheStorage var url = 'http://example.com/'; var uri = Services.io.newURI(url, null, null); - var principal = Services.scriptSecurityManager.createCodebasePrincipal(uri, {}); + var principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(uri); var storage = new CacheStorage('content', principal); // verify we can use the other origin's CacheStorage as normal diff --git a/dom/datastore/DataStoreService.cpp b/dom/datastore/DataStoreService.cpp index 6710aa22990..67391d3b9f1 100644 --- a/dom/datastore/DataStoreService.cpp +++ b/dom/datastore/DataStoreService.cpp @@ -14,7 +14,6 @@ #include "mozilla/dom/DataStoreImplBinding.h" #include "nsIDataStore.h" -#include "mozilla/BasePrincipal.h" #include "mozilla/Preferences.h" #include "mozilla/Services.h" #include "mozilla/StaticPtr.h" @@ -57,9 +56,6 @@ return NS_ERROR_FAILURE; \ } -using mozilla::BasePrincipal; -using mozilla::OriginAttributes; - namespace mozilla { namespace dom { @@ -217,10 +213,17 @@ ResetPermission(uint32_t aAppId, const nsAString& aOriginURL, return rv; } - OriginAttributes attrs(aAppId, false); - nsCOMPtr principal = - BasePrincipal::CreateCodebasePrincipal(uri, attrs); - NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE); + nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager(); + if (!ssm) { + return NS_ERROR_FAILURE; + } + + nsCOMPtr principal; + rv = ssm->GetAppCodebasePrincipal(uri, aAppId, false, + getter_AddRefs(principal)); + if (NS_WARN_IF(NS_FAILED(rv))) { + return rv; + } nsCOMPtr pm = do_GetService(NS_PERMISSIONMANAGER_CONTRACTID); diff --git a/dom/indexedDB/ActorsParent.cpp b/dom/indexedDB/ActorsParent.cpp index 5f41d382312..8e96517e8b8 100644 --- a/dom/indexedDB/ActorsParent.cpp +++ b/dom/indexedDB/ActorsParent.cpp @@ -18519,6 +18519,12 @@ FactoryOp::CheckAtLeastOneAppHasPermission(ContentParent* aContentParent, return false; } + nsCOMPtr secMan = + do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID); + if (NS_WARN_IF(!secMan)) { + return false; + } + nsCOMPtr permMan = mozilla::services::GetPermissionManager(); if (NS_WARN_IF(!permMan)) { @@ -18542,9 +18548,24 @@ FactoryOp::CheckAtLeastOneAppHasPermission(ContentParent* aContentParent, return false; } + nsString origin; + rv = app->GetOrigin(origin); + if (NS_WARN_IF(NS_FAILED(rv))) { + return false; + } + + nsCOMPtr uri; + rv = NS_NewURI(getter_AddRefs(uri), origin, nullptr, nullptr, ioService); + if (NS_WARN_IF(NS_FAILED(rv))) { + return false; + } + nsCOMPtr principal; - app->GetPrincipal(getter_AddRefs(principal)); - NS_ENSURE_TRUE(principal, false); + rv = secMan->GetAppCodebasePrincipal(uri, appId, false, + getter_AddRefs(principal)); + if (NS_WARN_IF(NS_FAILED(rv))) { + return false; + } uint32_t permission; rv = permMan->TestExactPermissionFromPrincipal(principal, diff --git a/dom/indexedDB/test/head.js b/dom/indexedDB/test/head.js index eb4244fc1c5..7b58ef7687f 100644 --- a/dom/indexedDB/test/head.js +++ b/dom/indexedDB/test/head.js @@ -116,9 +116,9 @@ function setPermission(url, permission) let uri = Components.classes["@mozilla.org/network/io-service;1"] .getService(Components.interfaces.nsIIOService) .newURI(url, null, null); - let ssm = Components.classes["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); - let principal = ssm.createCodebasePrincipal(uri, {}); + let principal = Components.classes["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); Components.classes["@mozilla.org/permissionmanager;1"] .getService(nsIPermissionManager) @@ -131,9 +131,9 @@ function removePermission(url, permission) let uri = Components.classes["@mozilla.org/network/io-service;1"] .getService(Components.interfaces.nsIIOService) .newURI(url, null, null); - let ssm = Components.classes["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); - let principal = ssm.createCodebasePrincipal(uri, {}); + let principal = Components.classes["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); Components.classes["@mozilla.org/permissionmanager;1"] .getService(Components.interfaces.nsIPermissionManager) @@ -145,9 +145,9 @@ function getPermission(url, permission) let uri = Components.classes["@mozilla.org/network/io-service;1"] .getService(Components.interfaces.nsIIOService) .newURI(url, null, null); - let ssm = Components.classes["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); - let principal = ssm.createCodebasePrincipal(uri, {}); + let principal = Components.classes["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); return Components.classes["@mozilla.org/permissionmanager;1"] .getService(Components.interfaces.nsIPermissionManager) diff --git a/dom/indexedDB/test/unit/test_defaultStorageUpgrade.js b/dom/indexedDB/test/unit/test_defaultStorageUpgrade.js index c6042ca5c28..7f7ab312ed0 100644 --- a/dom/indexedDB/test/unit/test_defaultStorageUpgrade.js +++ b/dom/indexedDB/test/unit/test_defaultStorageUpgrade.js @@ -90,10 +90,13 @@ function testSteps() let request; if ("url" in params) { let uri = ios.newURI(params.url, null, null); - let principal = - ssm.createCodebasePrincipal(uri, - {appId: params.appId || ssm.NO_APPID, - inBrowser: params.inMozBrowser}); + let principal; + if ("appId" in params) { + principal = ssm.getAppCodebasePrincipal(uri, params.appId, + params.inMozBrowser); + } else { + principal = ssm.getNoAppCodebasePrincipal(uri); + } if ("dbVersion" in params) { request = indexedDB.openForPrincipal(principal, params.dbName, params.dbVersion); diff --git a/dom/indexedDB/test/unit/test_idle_maintenance.js b/dom/indexedDB/test/unit/test_idle_maintenance.js index dfba12a61fc..96ff9ec139c 100644 --- a/dom/indexedDB/test/unit/test_idle_maintenance.js +++ b/dom/indexedDB/test/unit/test_idle_maintenance.js @@ -10,9 +10,9 @@ function testSteps() let uri = Cc["@mozilla.org/network/io-service;1"]. getService(Ci.nsIIOService). newURI("https://www.example.com", null, null); - let ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); - let principal = ssm.createCodebasePrincipal(uri, {}); + let principal = Cc["@mozilla.org/scriptsecuritymanager;1"]. + getService(Ci.nsIScriptSecurityManager). + getNoAppCodebasePrincipal(uri); info("Setting permissions"); diff --git a/dom/indexedDB/test/unit/test_metadataRestore.js b/dom/indexedDB/test/unit/test_metadataRestore.js index e1a84a1507d..24285740eb6 100644 --- a/dom/indexedDB/test/unit/test_metadataRestore.js +++ b/dom/indexedDB/test/unit/test_metadataRestore.js @@ -67,7 +67,7 @@ function testSteps() let request; if ("url" in params) { let uri = ios.newURI(params.url, null, null); - let principal = ssm.createCodebasePrincipal(uri, {}); + let principal = ssm.getNoAppCodebasePrincipal(uri); request = indexedDB.openForPrincipal(principal, params.dbName, params.dbOptions); } else { diff --git a/dom/indexedDB/test/unit/test_open_for_principal.js b/dom/indexedDB/test/unit/test_open_for_principal.js index 171f71b3986..0c885194001 100644 --- a/dom/indexedDB/test/unit/test_open_for_principal.js +++ b/dom/indexedDB/test/unit/test_open_for_principal.js @@ -48,9 +48,9 @@ function testSteps() let uri = Components.classes["@mozilla.org/network/io-service;1"] .getService(Components.interfaces.nsIIOService) .newURI("http://appdata.example.com", null, null); - let ssm = Components.classes["@mozilla.org/scriptsecuritymanager;1"] - .getService(Components.interfaces.nsIScriptSecurityManager); - let principal = ssm.createCodebasePrincipal(uri, {}); + let principal = Components.classes["@mozilla.org/scriptsecuritymanager;1"] + .getService(Components.interfaces.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); request = indexedDB.openForPrincipal(principal, name, 1); request.onerror = errorHandler; diff --git a/dom/indexedDB/test/unit/test_temporary_storage.js b/dom/indexedDB/test/unit/test_temporary_storage.js index 5e29483deb7..95b76e8945c 100644 --- a/dom/indexedDB/test/unit/test_temporary_storage.js +++ b/dom/indexedDB/test/unit/test_temporary_storage.js @@ -34,9 +34,9 @@ function testSteps() let uri = Cc["@mozilla.org/network/io-service;1"] .getService(Ci.nsIIOService) .newURI(url, null, null); - let ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); - return ssm.createCodebasePrincipal(uri, {}); + return Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); } for (let temporary of [true, false]) { diff --git a/dom/ipc/AppProcessChecker.cpp b/dom/ipc/AppProcessChecker.cpp index 44a57576a95..57118a1a8bc 100644 --- a/dom/ipc/AppProcessChecker.cpp +++ b/dom/ipc/AppProcessChecker.cpp @@ -12,6 +12,7 @@ #include "mozilla/hal_sandbox/PHalParent.h" #include "nsIAppsService.h" #include "nsIPrincipal.h" +#include "nsIScriptSecurityManager.h" #include "nsPrintfCString.h" #include "nsIURI.h" #include "nsNetUtil.h" @@ -231,10 +232,21 @@ GetAppPrincipal(uint32_t aAppId) nsresult rv = appsService->GetAppByLocalId(aAppId, getter_AddRefs(app)); NS_ENSURE_SUCCESS(rv, nullptr); - nsCOMPtr principal; - app->GetPrincipal(getter_AddRefs(principal)); + nsString origin; + rv = app->GetOrigin(origin); + NS_ENSURE_SUCCESS(rv, nullptr); - return principal.forget(); + nsCOMPtr uri; + NS_NewURI(getter_AddRefs(uri), origin); + + nsCOMPtr secMan = + do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID); + + nsCOMPtr appPrincipal; + rv = secMan->GetAppCodebasePrincipal(uri, aAppId, false, + getter_AddRefs(appPrincipal)); + NS_ENSURE_SUCCESS(rv, nullptr); + return appPrincipal.forget(); } uint32_t diff --git a/dom/ipc/TabChild.cpp b/dom/ipc/TabChild.cpp index 98e617b656d..8a81ad04a65 100644 --- a/dom/ipc/TabChild.cpp +++ b/dom/ipc/TabChild.cpp @@ -1562,15 +1562,23 @@ TabChild::MaybeRequestPreinitCamera() return; } - nsCOMPtr app; - nsresult rv = appsService->GetAppByLocalId(OwnAppId(), getter_AddRefs(app)); + nsString manifestUrl = EmptyString(); + appsService->GetManifestURLByLocalId(OwnAppId(), manifestUrl); + nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); + if (NS_WARN_IF(!secMan)) { + return; + } + + nsCOMPtr uri; + nsresult rv = NS_NewURI(getter_AddRefs(uri), manifestUrl); if (NS_WARN_IF(NS_FAILED(rv))) { return; } nsCOMPtr principal; - app->GetPrincipal(getter_AddRefs(principal)); - if (NS_WARN_IF(!principal)) { + rv = secMan->GetAppCodebasePrincipal(uri, OwnAppId(), false, + getter_AddRefs(principal)); + if (NS_WARN_IF(NS_FAILED(rv))) { return; } diff --git a/dom/payment/Payment.jsm b/dom/payment/Payment.jsm index 6ab9351bf96..d833448df90 100644 --- a/dom/payment/Payment.jsm +++ b/dom/payment/Payment.jsm @@ -236,9 +236,8 @@ let PaymentManager = { if (systemAppId != Ci.nsIScriptSecurityManager.NO_APP_ID) { this.LOG("Granting firefox-accounts permission to " + provider.uri); let uri = Services.io.newURI(provider.uri, null, null); - let attrs = {appId: systemAppId, inBrowser: true}; - let principal = - Services.scriptSecurityManager.createCodebasePrincipal(uri, attrs); + let principal = Services.scriptSecurityManager + .getAppCodebasePrincipal(uri, systemAppId, true); Services.perms.addFromPrincipal(principal, "firefox-accounts", Ci.nsIPermissionManager.ALLOW_ACTION, diff --git a/dom/permission/PermissionSettings.js b/dom/permission/PermissionSettings.js index 6e8d3adb4d7..0921554ea2b 100644 --- a/dom/permission/PermissionSettings.js +++ b/dom/permission/PermissionSettings.js @@ -35,14 +35,10 @@ XPCOMUtils.defineLazyServiceGetter(this, PermissionSettings.prototype = { get: function get(aPermName, aManifestURL, aOrigin, aBrowserFlag) { - // TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.js debug("Get called with: " + aPermName + ", " + aManifestURL + ", " + aOrigin + ", " + aBrowserFlag); let uri = Services.io.newURI(aOrigin, null, null); let appID = appsService.getAppLocalIdByManifestURL(aManifestURL); - let principal = - Services.scriptSecurityManager.createCodebasePrincipal(uri, - {appId: appID, - inBrowser: aBrowserFlag}); + let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, appID, aBrowserFlag); let result = Services.perms.testExactPermanentPermission(principal, aPermName); switch (result) @@ -63,12 +59,11 @@ PermissionSettings.prototype = { isExplicit: function isExplicit(aPermName, aManifestURL, aOrigin, aBrowserFlag) { - // TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.js debug("isExplicit: " + aPermName + ", " + aManifestURL + ", " + aOrigin); let uri = Services.io.newURI(aOrigin, null, null); let app = appsService.getAppByManifestURL(aManifestURL); let principal = Services.scriptSecurityManager - .createCodebasePrincipal(uri, {appId: app.localId, inBrowser: aBrowserFlag}); + .getAppCodebasePrincipal(uri, app.localId, aBrowserFlag); return isExplicitInPermissionsTable(aPermName, principal.appStatus, @@ -104,13 +99,9 @@ PermissionSettings.prototype = { }, remove: function remove(aPermName, aManifestURL, aOrigin) { - // TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.js let uri = Services.io.newURI(aOrigin, null, null); let appID = appsService.getAppLocalIdByManifestURL(aManifestURL); - let principal = - Services.scriptSecurityManager.createCodebasePrincipal(uri, - {appId: appID, - inBrowser: true}); + let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, appID, true); if (principal.appStatus !== Ci.nsIPrincipal.APP_STATUS_NOT_INSTALLED) { let errorMsg = "PermissionSettings.js: '" + aOrigin + "'" + diff --git a/dom/permission/PermissionSettings.jsm b/dom/permission/PermissionSettings.jsm index 8cda5e09a04..6c948ffc2fc 100644 --- a/dom/permission/PermissionSettings.jsm +++ b/dom/permission/PermissionSettings.jsm @@ -67,13 +67,9 @@ this.PermissionSettingsModule = { _internalAddPermission: function _internalAddPermission(aData, aAllowAllChanges, aCallbacks) { - // TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.jsm let uri = Services.io.newURI(aData.origin, null, null); let app = appsService.getAppByManifestURL(aData.manifestURL); - let principal = - Services.scriptSecurityManager.createCodebasePrincipal(uri, - {appId: app.localId, - inBrowser: aData.browserFlag}); + let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, app.localId, aData.browserFlag); let action; switch (aData.value) @@ -107,14 +103,10 @@ this.PermissionSettingsModule = { }, getPermission: function getPermission(aPermName, aManifestURL, aOrigin, aBrowserFlag) { - // TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.jsm debug("getPermission: " + aPermName + ", " + aManifestURL + ", " + aOrigin); let uri = Services.io.newURI(aOrigin, null, null); let appID = appsService.getAppLocalIdByManifestURL(aManifestURL); - let principal = - Services.scriptSecurityManager.createCodebasePrincipal(uri, - {appId: appID, - inBrowser: aBrowserFlag}); + let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, appID, aBrowserFlag); let result = Services.perms.testExactPermissionFromPrincipal(principal, aPermName); switch (result) diff --git a/dom/quota/QuotaManager.cpp b/dom/quota/QuotaManager.cpp index ab451bbd63a..3ecffc3c980 100644 --- a/dom/quota/QuotaManager.cpp +++ b/dom/quota/QuotaManager.cpp @@ -5288,9 +5288,10 @@ StorageDirectoryHelper::RunOnMainThread() rv = secMan->GetSimpleCodebasePrincipal(uri, getter_AddRefs(principal)); } else { - OriginAttributes attrs(originProps.mAppId, originProps.mInMozBrowser); - principal = BasePrincipal::CreateCodebasePrincipal(uri, attrs); - rv = principal ? NS_OK : NS_ERROR_FAILURE; + rv = secMan->GetAppCodebasePrincipal(uri, + originProps.mAppId, + originProps.mInMozBrowser, + getter_AddRefs(principal)); } if (NS_WARN_IF(NS_FAILED(rv))) { return rv; diff --git a/dom/tests/mochitest/chrome/test_MozDomFullscreen_event.xul b/dom/tests/mochitest/chrome/test_MozDomFullscreen_event.xul index 5d801dc3543..7bb5f2352ae 100644 --- a/dom/tests/mochitest/chrome/test_MozDomFullscreen_event.xul +++ b/dom/tests/mochitest/chrome/test_MozDomFullscreen_event.xul @@ -27,9 +27,9 @@ function make_uri(url) { // Ensure "fullscreen" permissions are not present on the test URI. var pm = Cc["@mozilla.org/permissionmanager;1"].getService(Ci.nsIPermissionManager); var uri = make_uri("http://mochi.test:8888"); -var ssm = Components.classes["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); -var principal = ssm.createCodebasePrincipal(uri, {}); +var principal = Components.classes["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); pm.removeFromPrincipal(principal, "fullscreen"); SpecialPowers.pushPrefEnv({"set": [ diff --git a/dom/tests/mochitest/localstorage/test_localStorageFromChrome.xhtml b/dom/tests/mochitest/localstorage/test_localStorageFromChrome.xhtml index 22665b00870..983ca176b5e 100644 --- a/dom/tests/mochitest/localstorage/test_localStorageFromChrome.xhtml +++ b/dom/tests/mochitest/localstorage/test_localStorageFromChrome.xhtml @@ -18,11 +18,11 @@ function startTest() .getService(Components.interfaces.nsIDOMStorageManager); var uri = ios.newURI(url, "", null); - var principal = ssm.createCodebasePrincipal(uri, {}); + var principal = ssm.getNoAppCodebasePrincipal(uri); var storage = dsm.createStorage(window, principal, ""); - + storage.setItem("chromekey", "chromevalue"); - + var aframe = document.getElementById("aframe"); aframe.onload = function() { diff --git a/extensions/cookie/nsPermission.cpp b/extensions/cookie/nsPermission.cpp index 61d0d62634f..8398b7584e8 100644 --- a/extensions/cookie/nsPermission.cpp +++ b/extensions/cookie/nsPermission.cpp @@ -7,6 +7,7 @@ #include "nsContentUtils.h" #include "nsIClassInfoImpl.h" #include "nsIEffectiveTLDService.h" +#include "nsIScriptSecurityManager.h" #include "mozilla/BasePrincipal.h" // nsPermission Implementation @@ -167,9 +168,12 @@ nsPermission::MatchesURI(nsIURI* aURI, bool aExactHost, bool* aMatches) { NS_ENSURE_ARG_POINTER(aURI); - mozilla::OriginAttributes attrs; - nsCOMPtr principal = mozilla::BasePrincipal::CreateCodebasePrincipal(aURI, attrs); - NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE); + nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); + NS_ENSURE_TRUE(secMan, NS_ERROR_FAILURE); + + nsCOMPtr principal; + nsresult rv = secMan->GetNoAppCodebasePrincipal(aURI, getter_AddRefs(principal)); + NS_ENSURE_SUCCESS(rv, rv); return Matches(principal, aExactHost, aMatches); } diff --git a/extensions/cookie/nsPermissionManager.cpp b/extensions/cookie/nsPermissionManager.cpp index d91489671ba..9704e4a5692 100644 --- a/extensions/cookie/nsPermissionManager.cpp +++ b/extensions/cookie/nsPermissionManager.cpp @@ -126,24 +126,19 @@ GetPrincipalFromOrigin(const nsACString& aOrigin, nsIPrincipal** aPrincipal) nsresult GetPrincipal(nsIURI* aURI, uint32_t aAppId, bool aIsInBrowserElement, nsIPrincipal** aPrincipal) { - // TODO: Bug 1165267 - Use OriginAttributes for nsCookieService - mozilla::OriginAttributes attrs(aAppId, aIsInBrowserElement); - nsCOMPtr principal = mozilla::BasePrincipal::CreateCodebasePrincipal(aURI, attrs); - NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE); + nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); + NS_ENSURE_TRUE(secMan, NS_ERROR_FAILURE); - principal.forget(aPrincipal); - return NS_OK; + return secMan->GetAppCodebasePrincipal(aURI, aAppId, aIsInBrowserElement, aPrincipal); } nsresult GetPrincipal(nsIURI* aURI, nsIPrincipal** aPrincipal) { - mozilla::OriginAttributes attrs; - nsCOMPtr principal = mozilla::BasePrincipal::CreateCodebasePrincipal(aURI, attrs); - NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE); + nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); + NS_ENSURE_TRUE(secMan, NS_ERROR_FAILURE); - principal.forget(aPrincipal); - return NS_OK; + return secMan->GetNoAppCodebasePrincipal(aURI, aPrincipal); } nsCString diff --git a/extensions/cookie/test/test_app_uninstall_permissions.html b/extensions/cookie/test/test_app_uninstall_permissions.html index be942c789b9..13cf9f7380b 100644 --- a/extensions/cookie/test/test_app_uninstall_permissions.html +++ b/extensions/cookie/test/test_app_uninstall_permissions.html @@ -67,22 +67,19 @@ function onInstall() { var currentPermissionCount = getPermissionCountForApp(-1); - var attrs = {appId: testAppId}; - var principal = secMan.createCodebasePrincipal(ioService.newURI("http://www.example.com", null, null), - attrs); + var principal = secMan.getAppCodebasePrincipal(ioService.newURI("http://www.example.com", null, null), + testAppId, false); permManager.addFromPrincipal(principal, "foobar", Ci.nsIPermissionManager.ALLOW_ACTION); permManager.addFromPrincipal(principal, "foo", Ci.nsIPermissionManager.DENY_ACTION); permManager.addFromPrincipal(principal, "bar", Ci.nsIPermissionManager.ALLOW_ACTION, Ci.nsIPermissionManager.EXPIRE_SESSION, 0); - attrs = {appId: testAppId, inBrowser: true}; - principal = secMan.createCodebasePrincipal(ioService.newURI("http://www.example.com", null, null), - attrs); + principal = secMan.getAppCodebasePrincipal(ioService.newURI("http://www.example.com", null, null), + testAppId, true); permManager.addFromPrincipal(principal, "foobar", Ci.nsIPermissionManager.ALLOW_ACTION); - attrs = {appId: testAppId}; - principal = secMan.createCodebasePrincipal(ioService.newURI("http://www.example.org", null, null), - attrs); + principal = secMan.getAppCodebasePrincipal(ioService.newURI("http://www.example.org", null, null), + testAppId, false); permManager.addFromPrincipal(principal, "foobar", Ci.nsIPermissionManager.ALLOW_ACTION); is(getPermissionCountForApp(testAppId), 5, "App should have 5 permissions"); diff --git a/extensions/cookie/test/unit/test_permmanager_cleardata.js b/extensions/cookie/test/unit/test_permmanager_cleardata.js index 5ff228ab81c..675c863d85c 100644 --- a/extensions/cookie/test/unit/test_permmanager_cleardata.js +++ b/extensions/cookie/test/unit/test_permmanager_cleardata.js @@ -6,8 +6,7 @@ let pm; // Create a principal based on the { origin, appId, browserElement }. function createPrincipal(aOrigin, aAppId, aBrowserElement) { - var attrs = {appId: aAppId, inBrowser: aBrowserElement}; - return Services.scriptSecurityManager.createCodebasePrincipal(NetUtil.newURI(aOrigin), attrs); + return Services.scriptSecurityManager.getAppCodebasePrincipal(NetUtil.newURI(aOrigin), aAppId, aBrowserElement); } // Return the subject required by 'webapps-clear-data' notification. diff --git a/extensions/cookie/test/unit/test_permmanager_defaults.js b/extensions/cookie/test/unit/test_permmanager_defaults.js index 18f2ea1ed8e..664211deb6c 100644 --- a/extensions/cookie/test/unit/test_permmanager_defaults.js +++ b/extensions/cookie/test/unit/test_permmanager_defaults.js @@ -51,14 +51,12 @@ add_task(function* do_test() { getService(Ci.nsIPermissionManager); // test the default permission was applied. - let principal = Services.scriptSecurityManager.createCodebasePrincipal(TEST_ORIGIN, {}); - let principalHttps = Services.scriptSecurityManager.createCodebasePrincipal(TEST_ORIGIN_HTTPS, {}); - let principal2 = Services.scriptSecurityManager.createCodebasePrincipal(TEST_ORIGIN_2, {}); - let principal3 = Services.scriptSecurityManager.createCodebasePrincipal(TEST_ORIGIN_3, {}); - - let attrs = {appId: 1000, inBrowser: true}; - let principal4 = Services.scriptSecurityManager.createCodebasePrincipal(TEST_ORIGIN, attrs); - let principal5 = Services.scriptSecurityManager.createCodebasePrincipal(TEST_ORIGIN_3, attrs); + let principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(TEST_ORIGIN); + let principalHttps = Services.scriptSecurityManager.getNoAppCodebasePrincipal(TEST_ORIGIN_HTTPS); + let principal2 = Services.scriptSecurityManager.getNoAppCodebasePrincipal(TEST_ORIGIN_2); + let principal3 = Services.scriptSecurityManager.getNoAppCodebasePrincipal(TEST_ORIGIN_3); + let principal4 = Services.scriptSecurityManager.getAppCodebasePrincipal(TEST_ORIGIN, 1000, true); + let principal5 = Services.scriptSecurityManager.getAppCodebasePrincipal(TEST_ORIGIN_3, 1000, true); do_check_eq(Ci.nsIPermissionManager.ALLOW_ACTION, pm.testPermissionFromPrincipal(principal, TEST_PERMISSION)); @@ -224,7 +222,7 @@ function checkCapabilityViaDB(expected, origin = TEST_ORIGIN, type = TEST_PERMIS // value (ie, the "capability" in nsIPermission parlance) or null if it can't // be found. function findCapabilityViaDB(origin = TEST_ORIGIN, type = TEST_PERMISSION) { - let principal = Services.scriptSecurityManager.createCodebasePrincipal(origin, {}); + let principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(origin); let originStr = principal.origin; let file = Services.dirsvc.get("ProfD", Ci.nsIFile); diff --git a/extensions/cookie/test/unit/test_permmanager_expiration.js b/extensions/cookie/test/unit/test_permmanager_expiration.js index 6ec8f677ef6..0216320eae8 100644 --- a/extensions/cookie/test/unit/test_permmanager_expiration.js +++ b/extensions/cookie/test/unit/test_permmanager_expiration.js @@ -21,7 +21,7 @@ function do_run_test() { let pm = Services.perms; let permURI = NetUtil.newURI("http://example.com"); - let principal = Services.scriptSecurityManager.createCodebasePrincipal(permURI, {}); + let principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(permURI); let now = Number(Date.now()); diff --git a/extensions/cookie/test/unit/test_permmanager_getPermissionObject.js b/extensions/cookie/test/unit/test_permmanager_getPermissionObject.js index d01b51923dc..f2f13f38e3a 100644 --- a/extensions/cookie/test/unit/test_permmanager_getPermissionObject.js +++ b/extensions/cookie/test/unit/test_permmanager_getPermissionObject.js @@ -1,11 +1,10 @@ /* Any copyright is dedicated to the Public Domain. http://creativecommons.org/publicdomain/zero/1.0/ */ -function getPrincipalFromURI(aURI) { - let ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); - let uri = NetUtil.newURI(aURI); - return ssm.createCodebasePrincipal(uri, {}); +function getPrincipalFromURI(uri) { + return Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(NetUtil.newURI(uri)); } function getSystemPrincipal() { diff --git a/extensions/cookie/test/unit/test_permmanager_idn.js b/extensions/cookie/test/unit/test_permmanager_idn.js index 72fc06bbaa9..eeb1e52bb18 100644 --- a/extensions/cookie/test/unit/test_permmanager_idn.js +++ b/extensions/cookie/test/unit/test_permmanager_idn.js @@ -2,10 +2,9 @@ http://creativecommons.org/publicdomain/zero/1.0/ */ function getPrincipalFromDomain(aDomain) { - let ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); - let uri = NetUtil.newURI("http://" + aDomain); - return ssm.createCodebasePrincipal(uri, {}); + return Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(NetUtil.newURI("http://" + aDomain)); } function run_test() { @@ -46,4 +45,4 @@ function run_test() { do_check_eq(pm.testPermissionFromPrincipal(witnessPrincipal, perm), pm.UNKNOWN_ACTION); witnessPrincipal = getPrincipalFromDomain("foo.bar.com"); do_check_eq(pm.testPermissionFromPrincipal(witnessPrincipal, perm), pm.UNKNOWN_ACTION); -} +} \ No newline at end of file diff --git a/extensions/cookie/test/unit/test_permmanager_load_invalid_entries.js b/extensions/cookie/test/unit/test_permmanager_load_invalid_entries.js index 36a8378dace..1dd3682010b 100644 --- a/extensions/cookie/test/unit/test_permmanager_load_invalid_entries.js +++ b/extensions/cookie/test/unit/test_permmanager_load_invalid_entries.js @@ -134,9 +134,8 @@ function run_test() { do_check_true(numMigrated > 0, "we found at least 1 record that was migrated"); // This permission should always be there. - let ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); - let uri = NetUtil.newURI("http://example.org"); - let principal = ssm.createCodebasePrincipal(uri, {}); + let principal = Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(NetUtil.newURI("http://example.org")); do_check_eq(pm.testPermissionFromPrincipal(principal, 'test-load-invalid-entries'), Ci.nsIPermissionManager.ALLOW_ACTION); } diff --git a/extensions/cookie/test/unit/test_permmanager_local_files.js b/extensions/cookie/test/unit/test_permmanager_local_files.js index b9c803f5c27..67884cb642c 100644 --- a/extensions/cookie/test/unit/test_permmanager_local_files.js +++ b/extensions/cookie/test/unit/test_permmanager_local_files.js @@ -5,8 +5,7 @@ function getPrincipalFromURIString(uriStr) { - let uri = NetUtil.newURI(uriStr); - return Services.scriptSecurityManager.createCodebasePrincipal(uri, {}); + return Services.scriptSecurityManager.getNoAppCodebasePrincipal(NetUtil.newURI(uriStr)); } function run_test() { diff --git a/extensions/cookie/test/unit/test_permmanager_matches.js b/extensions/cookie/test/unit/test_permmanager_matches.js index 47ae194c1b7..475581aeabd 100644 --- a/extensions/cookie/test/unit/test_permmanager_matches.js +++ b/extensions/cookie/test/unit/test_permmanager_matches.js @@ -38,44 +38,40 @@ function run_test() { let uri4 = NetUtil.newURI("https://hangouts.google.com/#!/hangout", null, null); let uri5 = NetUtil.newURI("http://google.com:8096/", null, null); - let uri0_n_n = secMan.createCodebasePrincipal(uri0, {}); - let uri1_n_n = secMan.createCodebasePrincipal(uri1, {}); - let uri2_n_n = secMan.createCodebasePrincipal(uri2, {}); - let uri3_n_n = secMan.createCodebasePrincipal(uri3, {}); - let uri4_n_n = secMan.createCodebasePrincipal(uri4, {}); - let uri5_n_n = secMan.createCodebasePrincipal(uri5, {}); + let uri0_n_n = secMan.getNoAppCodebasePrincipal(uri0); + let uri1_n_n = secMan.getNoAppCodebasePrincipal(uri1); + let uri2_n_n = secMan.getNoAppCodebasePrincipal(uri2); + let uri3_n_n = secMan.getNoAppCodebasePrincipal(uri3); + let uri4_n_n = secMan.getNoAppCodebasePrincipal(uri4); + let uri5_n_n = secMan.getNoAppCodebasePrincipal(uri5); - let attrs = {appId: 1000}; - let uri0_1000_n = secMan.createCodebasePrincipal(uri0, attrs); - let uri1_1000_n = secMan.createCodebasePrincipal(uri1, attrs); - let uri2_1000_n = secMan.createCodebasePrincipal(uri2, attrs); - let uri3_1000_n = secMan.createCodebasePrincipal(uri3, attrs); - let uri4_1000_n = secMan.createCodebasePrincipal(uri4, attrs); - let uri5_1000_n = secMan.createCodebasePrincipal(uri5, attrs); + let uri0_1000_n = secMan.getAppCodebasePrincipal(uri0, 1000, false); + let uri1_1000_n = secMan.getAppCodebasePrincipal(uri1, 1000, false); + let uri2_1000_n = secMan.getAppCodebasePrincipal(uri2, 1000, false); + let uri3_1000_n = secMan.getAppCodebasePrincipal(uri3, 1000, false); + let uri4_1000_n = secMan.getAppCodebasePrincipal(uri4, 1000, false); + let uri5_1000_n = secMan.getAppCodebasePrincipal(uri5, 1000, false); - attrs = {appId: 1000, inBrowser: true}; - let uri0_1000_y = secMan.createCodebasePrincipal(uri0, attrs); - let uri1_1000_y = secMan.createCodebasePrincipal(uri1, attrs); - let uri2_1000_y = secMan.createCodebasePrincipal(uri2, attrs); - let uri3_1000_y = secMan.createCodebasePrincipal(uri3, attrs); - let uri4_1000_y = secMan.createCodebasePrincipal(uri4, attrs); - let uri5_1000_y = secMan.createCodebasePrincipal(uri5, attrs); + let uri0_1000_y = secMan.getAppCodebasePrincipal(uri0, 1000, true); + let uri1_1000_y = secMan.getAppCodebasePrincipal(uri1, 1000, true); + let uri2_1000_y = secMan.getAppCodebasePrincipal(uri2, 1000, true); + let uri3_1000_y = secMan.getAppCodebasePrincipal(uri3, 1000, true); + let uri4_1000_y = secMan.getAppCodebasePrincipal(uri4, 1000, true); + let uri5_1000_y = secMan.getAppCodebasePrincipal(uri5, 1000, true); - attrs = {appId: 2000}; - let uri0_2000_n = secMan.createCodebasePrincipal(uri0, attrs); - let uri1_2000_n = secMan.createCodebasePrincipal(uri1, attrs); - let uri2_2000_n = secMan.createCodebasePrincipal(uri2, attrs); - let uri3_2000_n = secMan.createCodebasePrincipal(uri3, attrs); - let uri4_2000_n = secMan.createCodebasePrincipal(uri4, attrs); - let uri5_2000_n = secMan.createCodebasePrincipal(uri5, attrs); + let uri0_2000_n = secMan.getAppCodebasePrincipal(uri0, 2000, false); + let uri1_2000_n = secMan.getAppCodebasePrincipal(uri1, 2000, false); + let uri2_2000_n = secMan.getAppCodebasePrincipal(uri2, 2000, false); + let uri3_2000_n = secMan.getAppCodebasePrincipal(uri3, 2000, false); + let uri4_2000_n = secMan.getAppCodebasePrincipal(uri4, 2000, false); + let uri5_2000_n = secMan.getAppCodebasePrincipal(uri5, 2000, false); - attrs = {appId: 2000, inBrowser: true}; - let uri0_2000_y = secMan.createCodebasePrincipal(uri0, attrs); - let uri1_2000_y = secMan.createCodebasePrincipal(uri1, attrs); - let uri2_2000_y = secMan.createCodebasePrincipal(uri2, attrs); - let uri3_2000_y = secMan.createCodebasePrincipal(uri3, attrs); - let uri4_2000_y = secMan.createCodebasePrincipal(uri4, attrs); - let uri5_2000_y = secMan.createCodebasePrincipal(uri5, attrs); + let uri0_2000_y = secMan.getAppCodebasePrincipal(uri0, 2000, true); + let uri1_2000_y = secMan.getAppCodebasePrincipal(uri1, 2000, true); + let uri2_2000_y = secMan.getAppCodebasePrincipal(uri2, 2000, true); + let uri3_2000_y = secMan.getAppCodebasePrincipal(uri3, 2000, true); + let uri4_2000_y = secMan.getAppCodebasePrincipal(uri4, 2000, true); + let uri5_2000_y = secMan.getAppCodebasePrincipal(uri5, 2000, true); pm.addFromPrincipal(uri0_n_n, "test/matches", pm.ALLOW_ACTION); let perm_n_n = pm.getPermissionObject(uri0_n_n, "test/matches", true); diff --git a/extensions/cookie/test/unit/test_permmanager_matchesuri.js b/extensions/cookie/test/unit/test_permmanager_matchesuri.js index 88578166ca0..7317cb35d3a 100644 --- a/extensions/cookie/test/unit/test_permmanager_matchesuri.js +++ b/extensions/cookie/test/unit/test_permmanager_matchesuri.js @@ -30,9 +30,9 @@ function mk_permission(uri, isAppPermission = false) { .getService(Ci.nsIScriptSecurityManager); // Get the permission from the principal! - let attrs = {appId: 1000}; - let principal = - secMan.createCodebasePrincipal(uri, isAppPermission ? attrs : {}); + let principal = isAppPermission ? + secMan.getAppCodebasePrincipal(uri, 1000, false) : + secMan.getNoAppCodebasePrincipal(uri); pm.addFromPrincipal(principal, "test/matchesuri", pm.ALLOW_ACTION); let permission = pm.getPermissionObject(principal, "test/matchesuri", true); diff --git a/extensions/cookie/test/unit/test_permmanager_notifications.js b/extensions/cookie/test/unit/test_permmanager_notifications.js index 780e83ca6a6..20768d1b310 100644 --- a/extensions/cookie/test/unit/test_permmanager_notifications.js +++ b/extensions/cookie/test/unit/test_permmanager_notifications.js @@ -23,10 +23,9 @@ function do_run_test() { let pm = Services.perms; let now = Number(Date.now()); let permType = "test/expiration-perm"; - let ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); - let uri = NetUtil.newURI("http://example.com"); - let principal = ssm.createCodebasePrincipal(uri, {}); + let principal = Components.classes["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(NetUtil.newURI("http://example.com")); let observer = new permission_observer(test_generator, now, permType); Services.obs.addObserver(observer, "perm-changed", false); diff --git a/extensions/cookie/test/unit/test_permmanager_removesince.js b/extensions/cookie/test/unit/test_permmanager_removesince.js index 35d649cfeb5..e7d4dadd546 100644 --- a/extensions/cookie/test/unit/test_permmanager_removesince.js +++ b/extensions/cookie/test/unit/test_permmanager_removesince.js @@ -24,10 +24,10 @@ function do_run_test() { // to help with testing edge-cases, we will arrange for .removeAllSince to // remove *all* permissions from one principal and one permission from another. let permURI1 = NetUtil.newURI("http://example.com"); - let principal1 = Services.scriptSecurityManager.createCodebasePrincipal(permURI1, {}); + let principal1 = Services.scriptSecurityManager.getNoAppCodebasePrincipal(permURI1); let permURI2 = NetUtil.newURI("http://example.org"); - let principal2 = Services.scriptSecurityManager.createCodebasePrincipal(permURI2, {}); + let principal2 = Services.scriptSecurityManager.getNoAppCodebasePrincipal(permURI2); // add a permission now - this isn't going to be removed. pm.addFromPrincipal(principal1, "test/remove-since", 1); diff --git a/extensions/cookie/test/unit/test_permmanager_subdomains.js b/extensions/cookie/test/unit/test_permmanager_subdomains.js index 4e78e4d4665..56cddcbc73e 100644 --- a/extensions/cookie/test/unit/test_permmanager_subdomains.js +++ b/extensions/cookie/test/unit/test_permmanager_subdomains.js @@ -1,11 +1,10 @@ /* Any copyright is dedicated to the Public Domain. http://creativecommons.org/publicdomain/zero/1.0/ */ -function getPrincipalFromURI(aURI) { - let ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); - let uri = NetUtil.newURI(aURI); - return ssm.createCodebasePrincipal(uri, {}); +function getPrincipalFromURI(uri) { + return Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(NetUtil.newURI(uri)); } function run_test() { @@ -54,4 +53,4 @@ function run_test() { do_check_eq(pm.testPermissionFromPrincipal(sub1Principal, "test/subdomains"), pm.UNKNOWN_ACTION); do_check_eq(pm.testPermissionFromPrincipal(sub2Principal, "test/subdomains"), pm.UNKNOWN_ACTION); do_check_eq(pm.testPermissionFromPrincipal(subsubPrincipal, "test/subdomains"), pm.UNKNOWN_ACTION); -} +} \ No newline at end of file diff --git a/extensions/cookie/test/unit_ipc/test_child.js b/extensions/cookie/test/unit_ipc/test_child.js index ae81da05c2a..ebe2db5b8d2 100644 --- a/extensions/cookie/test/unit_ipc/test_child.js +++ b/extensions/cookie/test/unit_ipc/test_child.js @@ -12,9 +12,9 @@ function isParentProcess() { function getPrincipalForURI(aURI) { var uri = gIoService.newURI(aURI, null, null); - var ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); - return ssm.createCodebasePrincipal(uri, {}); + return Components.classes["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); } function run_test() { diff --git a/extensions/cookie/test/unit_ipc/test_parent.js b/extensions/cookie/test/unit_ipc/test_parent.js index b1056146c0f..fb217d76ae3 100644 --- a/extensions/cookie/test/unit_ipc/test_parent.js +++ b/extensions/cookie/test/unit_ipc/test_parent.js @@ -12,9 +12,9 @@ function isParentProcess() { function getPrincipalForURI(aURI) { var uri = gIoService.newURI(aURI, null, null); - var ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); - return ssm.createCodebasePrincipal(uri, {}); + return Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); } function run_test() { diff --git a/gfx/thebes/gfxSVGGlyphs.cpp b/gfx/thebes/gfxSVGGlyphs.cpp index 4e76420dd5e..ab4c360e171 100644 --- a/gfx/thebes/gfxSVGGlyphs.cpp +++ b/gfx/thebes/gfxSVGGlyphs.cpp @@ -19,10 +19,10 @@ #include "nsStringStream.h" #include "nsStreamUtils.h" #include "nsIPrincipal.h" -#include "mozilla/BasePrincipal.h" #include "mozilla/dom/Element.h" #include "mozilla/LoadInfo.h" #include "nsSVGUtils.h" +#include "nsIScriptSecurityManager.h" #include "nsHostObjectProtocolHandler.h" #include "nsContentUtils.h" #include "gfxFont.h" @@ -348,10 +348,9 @@ gfxSVGGlyphsDocument::ParseDocument(const uint8_t *aBuffer, uint32_t aBufLen) rv = NS_NewURI(getter_AddRefs(uri), mSVGGlyphsDocumentURI); NS_ENSURE_SUCCESS(rv, rv); - OriginAttributes attrs; - nsCOMPtr principal = - BasePrincipal::CreateCodebasePrincipal(uri, attrs); - NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE); + nsCOMPtr principal; + nsContentUtils::GetSecurityManager()-> + GetNoAppCodebasePrincipal(uri, getter_AddRefs(principal)); nsCOMPtr domDoc; rv = NS_NewDOMDocument(getter_AddRefs(domDoc), diff --git a/ipc/glue/BackgroundUtils.cpp b/ipc/glue/BackgroundUtils.cpp index 517bfab3bde..1db7fee623d 100644 --- a/ipc/glue/BackgroundUtils.cpp +++ b/ipc/glue/BackgroundUtils.cpp @@ -6,7 +6,6 @@ #include "MainThreadUtils.h" #include "mozilla/Assertions.h" -#include "mozilla/BasePrincipal.h" #include "mozilla/ipc/PBackgroundSharedTypes.h" #include "mozilla/net/NeckoChannelParams.h" #include "nsPrincipal.h" @@ -24,8 +23,6 @@ namespace net { class OptionalLoadInfoArgs; } -using mozilla::BasePrincipal; -using mozilla::OriginAttributes; using namespace mozilla::net; namespace ipc { @@ -80,10 +77,10 @@ PrincipalInfoToPrincipal(const PrincipalInfo& aPrincipalInfo, if (info.appId() == nsIScriptSecurityManager::UNKNOWN_APP_ID) { rv = secMan->GetSimpleCodebasePrincipal(uri, getter_AddRefs(principal)); } else { - // TODO: Bug 1167100 - User nsIPrincipal.originAttribute in ContentPrincipalInfo - OriginAttributes attrs(info.appId(), info.isInBrowserElement()); - principal = BasePrincipal::CreateCodebasePrincipal(uri, attrs); - rv = principal ? NS_OK : NS_ERROR_FAILURE; + rv = secMan->GetAppCodebasePrincipal(uri, + info.appId(), + info.isInBrowserElement(), + getter_AddRefs(principal)); } if (NS_WARN_IF(NS_FAILED(rv))) { return nullptr; diff --git a/js/xpconnect/src/Sandbox.cpp b/js/xpconnect/src/Sandbox.cpp index 1a08862176c..6f7932563b1 100644 --- a/js/xpconnect/src/Sandbox.cpp +++ b/js/xpconnect/src/Sandbox.cpp @@ -16,6 +16,7 @@ #include "nsGlobalWindow.h" #include "nsIScriptContext.h" #include "nsIScriptObjectPrincipal.h" +#include "nsIScriptSecurityManager.h" #include "nsIURI.h" #include "nsJSUtils.h" #include "nsNetUtil.h" @@ -1192,15 +1193,15 @@ ParsePrincipal(JSContext* cx, HandleString codebase, nsIPrincipal** principal) return false; } + nsCOMPtr secman = + do_GetService(kScriptSecurityManagerContractID); + NS_ENSURE_TRUE(secman, false); + // We could allow passing in the app-id and browser-element info to the // sandbox constructor. But creating a sandbox based on a string is a // deprecated API so no need to add features to it. - OriginAttributes attrs; - nsCOMPtr prin = - BasePrincipal::CreateCodebasePrincipal(uri, attrs); - prin.forget(principal); - - if (!*principal) { + rv = secman->GetNoAppCodebasePrincipal(uri, principal); + if (NS_FAILED(rv) || !*principal) { JS_ReportError(cx, "Creating Principal from URI failed"); return false; } diff --git a/netwerk/cookie/CookieServiceParent.cpp b/netwerk/cookie/CookieServiceParent.cpp index beec3207c8b..467eeba8cf9 100644 --- a/netwerk/cookie/CookieServiceParent.cpp +++ b/netwerk/cookie/CookieServiceParent.cpp @@ -7,7 +7,6 @@ #include "mozilla/dom/PContentParent.h" #include "mozilla/net/NeckoParent.h" -#include "mozilla/BasePrincipal.h" #include "mozilla/ipc/URIUtils.h" #include "nsCookieService.h" #include "nsIScriptSecurityManager.h" @@ -17,8 +16,6 @@ #include "SerializedLoadContext.h" using namespace mozilla::ipc; -using mozilla::BasePrincipal; -using mozilla::OriginAttributes; using mozilla::dom::PContentParent; using mozilla::net::NeckoParent; @@ -32,16 +29,16 @@ CreateDummyChannel(nsIURI* aHostURI, uint32_t aAppId, bool aInMozBrowser, { MOZ_ASSERT(aAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID); - // TODO: Bug 1165267 - Use OriginAttributes for nsCookieService - OriginAttributes attrs(aAppId, aInMozBrowser); - nsCOMPtr principal = - BasePrincipal::CreateCodebasePrincipal(aHostURI, attrs); - if (!principal) { + nsCOMPtr principal; + nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager(); + nsresult rv = ssm->GetAppCodebasePrincipal(aHostURI, aAppId, aInMozBrowser, + getter_AddRefs(principal)); + if (NS_FAILED(rv)) { return; } nsCOMPtr dummyURI; - nsresult rv = NS_NewURI(getter_AddRefs(dummyURI), "about:blank"); + rv = NS_NewURI(getter_AddRefs(dummyURI), "about:blank"); if (NS_FAILED(rv)) { return; } diff --git a/netwerk/protocol/http/HttpChannelParent.cpp b/netwerk/protocol/http/HttpChannelParent.cpp index 6febd5687f4..fd6b5e58aa0 100644 --- a/netwerk/protocol/http/HttpChannelParent.cpp +++ b/netwerk/protocol/http/HttpChannelParent.cpp @@ -17,6 +17,7 @@ #include "nsNetUtil.h" #include "nsISupportsPriority.h" #include "nsIAuthPromptProvider.h" +#include "nsIScriptSecurityManager.h" #include "nsSerializationHelper.h" #include "nsISerializable.h" #include "nsIAssociatedContentSecurity.h" @@ -33,10 +34,7 @@ #include "mozilla/LoadInfo.h" #include "nsIHttpHeaderVisitor.h" #include "nsQueryObject.h" -#include "mozilla/BasePrincipal.h" -using mozilla::BasePrincipal; -using mozilla::OriginAttributes; using namespace mozilla::dom; using namespace mozilla::ipc; @@ -458,15 +456,17 @@ HttpChannelParent::DoAsyncOpen( const URIParams& aURI, mLoadContext->GetIsInBrowserElement(&inBrowser); } - // TODO: Bug 1165466 - use originAttribute in nsILoadContext. - OriginAttributes attrs(appId, inBrowser); - nsCOMPtr principal = - BasePrincipal::CreateCodebasePrincipal(uri, attrs); - bool chooseAppCache = false; - // This works because we've already called SetNotificationCallbacks and - // done mPBOverride logic by this point. - chooseAppCache = NS_ShouldCheckAppCache(principal, NS_UsePrivateBrowsing(mChannel)); + nsCOMPtr secMan = + do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID); + if (secMan) { + nsCOMPtr principal; + secMan->GetAppCodebasePrincipal(uri, appId, inBrowser, getter_AddRefs(principal)); + + // This works because we've already called SetNotificationCallbacks and + // done mPBOverride logic by this point. + chooseAppCache = NS_ShouldCheckAppCache(principal, NS_UsePrivateBrowsing(mChannel)); + } appCacheChan->SetChooseApplicationCache(chooseAppCache); } diff --git a/netwerk/test/unit/test_auth_dialog_permission.js b/netwerk/test/unit/test_auth_dialog_permission.js index c7d2a2a7a6e..5bfe9853722 100644 --- a/netwerk/test/unit/test_auth_dialog_permission.js +++ b/netwerk/test/unit/test_auth_dialog_permission.js @@ -111,10 +111,11 @@ function make_uri(url) { } function makeChan(loadingUrl, url, contentPolicy) { - var ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); - var uri = make_uri(loadingUrl); - var principal = ssm.createCodebasePrincipal(uri, {}); + var loadingUri = make_uri(loadingUrl); + var principal = Components.classes["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(loadingUri); + var ios = Components.classes["@mozilla.org/network/io-service;1"] .getService(Components.interfaces.nsIIOService); var chan = ios.newChannel2(url, diff --git a/netwerk/test/unit/test_auth_jar.js b/netwerk/test/unit/test_auth_jar.js index b5e42b5e836..5a1e909caaf 100644 --- a/netwerk/test/unit/test_auth_jar.js +++ b/netwerk/test/unit/test_auth_jar.js @@ -13,9 +13,9 @@ function run_test() { var secMan = Cc["@mozilla.org/scriptsecuritymanager;1"].getService(Ci.nsIScriptSecurityManager); const kURI1 = "http://example.com"; - var app1 = secMan.createCodebasePrincipal(createURI(kURI1), {appId: 1}); - var app10 = secMan.createCodebasePrincipal(createURI(kURI1),{appId: 10}); - var app1browser = secMan.createCodebasePrincipal(createURI(kURI1), {appId: 1, inBrowser: true}); + var app1 = secMan.getAppCodebasePrincipal(createURI(kURI1), 1, false); + var app10 = secMan.getAppCodebasePrincipal(createURI(kURI1), 10, false); + var app1browser = secMan.getAppCodebasePrincipal(createURI(kURI1), 1, true); var am = Cc["@mozilla.org/network/http-auth-manager;1"]. getService(Ci.nsIHttpAuthManager); diff --git a/netwerk/test/unit/test_fallback_no-cache-entry_canceled.js b/netwerk/test/unit/test_fallback_no-cache-entry_canceled.js index a7553e925f1..5ce21bd48d7 100644 --- a/netwerk/test/unit/test_fallback_no-cache-entry_canceled.js +++ b/netwerk/test/unit/test_fallback_no-cache-entry_canceled.js @@ -72,10 +72,10 @@ function run_test() var pm = Cc["@mozilla.org/permissionmanager;1"] .getService(Ci.nsIPermissionManager); - var ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); var uri = make_uri("http://localhost:" + httpServer.identity.primaryPort); - var principal = ssm.createCodebasePrincipal(uri, {}); + var principal = Components.classes["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); if (pm.testPermissionFromPrincipal(principal, "offline-app") != 0) { dump("Previous test failed to clear offline-app permission! Expect failures.\n"); diff --git a/netwerk/test/unit/test_fallback_no-cache-entry_passing.js b/netwerk/test/unit/test_fallback_no-cache-entry_passing.js index f6d551f6b9b..4ce1ee37105 100644 --- a/netwerk/test/unit/test_fallback_no-cache-entry_passing.js +++ b/netwerk/test/unit/test_fallback_no-cache-entry_passing.js @@ -72,10 +72,10 @@ function run_test() var pm = Cc["@mozilla.org/permissionmanager;1"] .getService(Ci.nsIPermissionManager); - var ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); var uri = make_uri("http://localhost:" + httpServer.identity.primaryPort); - var principal = ssm.createCodebasePrincipal(uri, {}); + var principal = Components.classes["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); if (pm.testPermissionFromPrincipal(principal, "offline-app") != 0) { dump("Previous test failed to clear offline-app permission! Expect failures.\n"); diff --git a/netwerk/test/unit/test_fallback_redirect-to-different-origin_canceled.js b/netwerk/test/unit/test_fallback_redirect-to-different-origin_canceled.js index ba94fb51971..bba4240b2d1 100644 --- a/netwerk/test/unit/test_fallback_redirect-to-different-origin_canceled.js +++ b/netwerk/test/unit/test_fallback_redirect-to-different-origin_canceled.js @@ -80,10 +80,10 @@ function run_test() var pm = Cc["@mozilla.org/permissionmanager;1"] .getService(Ci.nsIPermissionManager); - var ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); var uri = make_uri("http://localhost:" + httpServer.identity.primaryPort); - var principal = ssm.createCodebasePrincipal(uri, {}); + var principal = Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); if (pm.testPermissionFromPrincipal(principal, "offline-app") != 0) { dump("Previous test failed to clear offline-app permission! Expect failures.\n"); diff --git a/netwerk/test/unit/test_fallback_redirect-to-different-origin_passing.js b/netwerk/test/unit/test_fallback_redirect-to-different-origin_passing.js index 7c848bcb44a..9c12b9a71b3 100644 --- a/netwerk/test/unit/test_fallback_redirect-to-different-origin_passing.js +++ b/netwerk/test/unit/test_fallback_redirect-to-different-origin_passing.js @@ -80,10 +80,10 @@ function run_test() var pm = Cc["@mozilla.org/permissionmanager;1"] .getService(Ci.nsIPermissionManager); - var ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); var uri = make_uri("http://localhost:" + httpServer.identity.primaryPort); - var principal = ssm.createCodebasePrincipal(uri, {}); + var principal = Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); if (pm.testPermissionFromPrincipal(principal, "offline-app") != 0) { dump("Previous test failed to clear offline-app permission! Expect failures.\n"); diff --git a/netwerk/test/unit/test_fallback_request-error_canceled.js b/netwerk/test/unit/test_fallback_request-error_canceled.js index cd39adc822b..4308fe8a0dc 100644 --- a/netwerk/test/unit/test_fallback_request-error_canceled.js +++ b/netwerk/test/unit/test_fallback_request-error_canceled.js @@ -79,10 +79,10 @@ function run_test() var pm = Cc["@mozilla.org/permissionmanager;1"] .getService(Ci.nsIPermissionManager); - var ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); var uri = make_uri("http://localhost:" + httpServer.identity.primaryPort); - var principal = ssm.createCodebasePrincipal(uri, {}); + var principal = Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); if (pm.testPermissionFromPrincipal(principal, "offline-app") != 0) { dump("Previous test failed to clear offline-app permission! Expect failures.\n"); diff --git a/netwerk/test/unit/test_fallback_request-error_passing.js b/netwerk/test/unit/test_fallback_request-error_passing.js index cde494b157d..11349557f5e 100644 --- a/netwerk/test/unit/test_fallback_request-error_passing.js +++ b/netwerk/test/unit/test_fallback_request-error_passing.js @@ -79,10 +79,10 @@ function run_test() var pm = Cc["@mozilla.org/permissionmanager;1"] .getService(Ci.nsIPermissionManager); - var ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); var uri = make_uri("http://localhost:" + httpServer.identity.primaryPort); - var principal = ssm.createCodebasePrincipal(uri, {}); + var principal = Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); if (pm.testPermissionFromPrincipal(principal, "offline-app") != 0) { dump("Previous test failed to clear offline-app permission! Expect failures.\n"); diff --git a/netwerk/test/unit/test_fallback_response-error_canceled.js b/netwerk/test/unit/test_fallback_response-error_canceled.js index a83b8209ab8..d0138abee6c 100644 --- a/netwerk/test/unit/test_fallback_response-error_canceled.js +++ b/netwerk/test/unit/test_fallback_response-error_canceled.js @@ -79,10 +79,10 @@ function run_test() var pm = Cc["@mozilla.org/permissionmanager;1"] .getService(Ci.nsIPermissionManager); - var ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); var uri = make_uri("http://localhost:" + httpServer.identity.primaryPort); - var principal = ssm.createCodebasePrincipal(uri, {}); + var principal = Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); if (pm.testPermissionFromPrincipal(principal, "offline-app") != 0) { dump("Previous test failed to clear offline-app permission! Expect failures.\n"); diff --git a/netwerk/test/unit/test_fallback_response-error_passing.js b/netwerk/test/unit/test_fallback_response-error_passing.js index 2469b196699..5f5d4bfbe88 100644 --- a/netwerk/test/unit/test_fallback_response-error_passing.js +++ b/netwerk/test/unit/test_fallback_response-error_passing.js @@ -79,10 +79,10 @@ function run_test() var pm = Cc["@mozilla.org/permissionmanager;1"] .getService(Ci.nsIPermissionManager); - var ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); var uri = make_uri("http://localhost:" + httpServer.identity.primaryPort); - var principal = ssm.createCodebasePrincipal(uri, {}); + var principal = Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); if (pm.testPermissionFromPrincipal(principal, "offline-app") != 0) { dump("Previous test failed to clear offline-app permission! Expect failures.\n"); diff --git a/netwerk/test/unit/test_offlinecache_custom-directory.js b/netwerk/test/unit/test_offlinecache_custom-directory.js index 2472860b7d3..4e00ba8c5be 100644 --- a/netwerk/test/unit/test_offlinecache_custom-directory.js +++ b/netwerk/test/unit/test_offlinecache_custom-directory.js @@ -103,10 +103,10 @@ function run_test() var pm = Cc["@mozilla.org/permissionmanager;1"] .getService(Ci.nsIPermissionManager); - var ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); var uri = make_uri("http://localhost:4444"); - var principal = ssm.createCodebasePrincipal(uri, {}); + var principal = Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(uri); if (pm.testPermissionFromPrincipal(principal, "offline-app") != 0) { dump("Previous test failed to clear offline-app permission! Expect failures.\n"); diff --git a/netwerk/test/unit/test_permmgr.js b/netwerk/test/unit/test_permmgr.js index bb4a2349c7a..5a6ddd8b5a1 100644 --- a/netwerk/test/unit/test_permmgr.js +++ b/netwerk/test/unit/test_permmgr.js @@ -46,7 +46,7 @@ function run_test() { // put a few hosts in for (var i = 0; i < hosts.length; ++i) { let uri = ioService.newURI(hosts[i][0], null, null); - let principal = secMan.createCodebasePrincipal(uri, {}); + let principal = secMan.getNoAppCodebasePrincipal(uri); pm.addFromPrincipal(principal, hosts[i][1], hosts[i][2]); } @@ -54,7 +54,7 @@ function run_test() { // test the result for (var i = 0; i < results.length; ++i) { let uri = ioService.newURI(results[i][0], null, null); - let principal = secMan.createCodebasePrincipal(uri, {}); + let principal = secMan.getNoAppCodebasePrincipal(uri); do_check_eq(pm.testPermissionFromPrincipal(principal, results[i][1]), results[i][2]); do_check_eq(pm.testExactPermissionFromPrincipal(principal, results[i][1]), results[i][3]); diff --git a/services/fxaccounts/tests/xpcshell/test_manager.js b/services/fxaccounts/tests/xpcshell/test_manager.js index 0a87e7db93e..37774bd6fcc 100644 --- a/services/fxaccounts/tests/xpcshell/test_manager.js +++ b/services/fxaccounts/tests/xpcshell/test_manager.js @@ -25,7 +25,7 @@ function makePrincipal(origin, appId) { let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"] .getService(Ci.nsIScriptSecurityManager); let uri = Services.io.newURI(origin, null, null); - return secMan.createCodebasePrincipal(uri, {appId: appId}); + return secMan.getAppCodebasePrincipal(uri, appId, false); } let principal = makePrincipal('app://settings.gaiamobile.org', 27, false); diff --git a/services/mobileid/MobileIdentityManager.jsm b/services/mobileid/MobileIdentityManager.jsm index 77d99def065..102ee031173 100644 --- a/services/mobileid/MobileIdentityManager.jsm +++ b/services/mobileid/MobileIdentityManager.jsm @@ -897,7 +897,9 @@ this.MobileIdentityManager = { getMobileIdAssertion: function(aPrincipal, aPromiseId, aOptions) { log.debug("getMobileIdAssertion ${}", aPrincipal); - let principal = aPrincipal; + let uri = Services.io.newURI(aPrincipal.origin, null, null); + let principal = securityManager.getAppCodebasePrincipal( + uri, aPrincipal.appId, aPrincipal.isInBrowserElement); let manifestURL = appsService.getManifestURLByLocalId(aPrincipal.appId); let permission = permissionManager.testPermissionFromPrincipal( diff --git a/services/mobileid/tests/xpcshell/head.js b/services/mobileid/tests/xpcshell/head.js index a77ac35895e..5d2c388fb9d 100644 --- a/services/mobileid/tests/xpcshell/head.js +++ b/services/mobileid/tests/xpcshell/head.js @@ -125,10 +125,9 @@ function addPermission(aAction) { let uri = Cc["@mozilla.org/network/io-service;1"] .getService(Ci.nsIIOService) .newURI(ORIGIN, null, null); - let attrs = {appId: APP_ID}; let _principal = Cc["@mozilla.org/scriptsecuritymanager;1"] .getService(Ci.nsIScriptSecurityManager) - .createCodebasePrincipal(uri, attrs); + .getAppCodebasePrincipal(uri, APP_ID, false); let pm = Cc["@mozilla.org/permissionmanager;1"] .getService(Ci.nsIPermissionManager); pm.addFromPrincipal(_principal, MOBILEID_PERM, aAction); @@ -138,10 +137,9 @@ function removePermission() { let uri = Cc["@mozilla.org/network/io-service;1"] .getService(Ci.nsIIOService) .newURI(ORIGIN, null, null); - let attrs = {appId: APP_ID}; let _principal = Cc["@mozilla.org/scriptsecuritymanager;1"] .getService(Ci.nsIScriptSecurityManager) - .createCodebasePrincipal(uri, attrs); + .getAppCodebasePrincipal(uri, APP_ID, false); let pm = Cc["@mozilla.org/permissionmanager;1"] .getService(Ci.nsIPermissionManager); pm.removeFromPrincipal(_principal, MOBILEID_PERM); diff --git a/services/sync/Weave.js b/services/sync/Weave.js index 423dd5d7fad..cb11a54e239 100644 --- a/services/sync/Weave.js +++ b/services/sync/Weave.js @@ -188,8 +188,7 @@ AboutWeaveLog.prototype = { // view. That way links to files can be opened. let ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] .getService(Ci.nsIScriptSecurityManager); - let principal = ssm.createCodebasePrincipal(uri, {}); - + let principal = ssm.getNoAppCodebasePrincipal(uri); channel.owner = principal; return channel; } diff --git a/testing/marionette/driver/marionette_driver/marionette.py b/testing/marionette/driver/marionette_driver/marionette.py index 56b156395a1..5f7b997479f 100644 --- a/testing/marionette/driver/marionette_driver/marionette.py +++ b/testing/marionette/driver/marionette_driver/marionette.py @@ -809,10 +809,9 @@ class Marionette(object): Components.utils.import("resource://gre/modules/Services.jsm"); let perm = arguments[0]; let secMan = Services.scriptSecurityManager; - let attrs = {appId: perm.appId, inBrowser: perm.isInBrowserElement}; - let principal = secMan.createCodebasePrincipal( + let principal = secMan.getAppCodebasePrincipal( Services.io.newURI(perm.url, null, null), - attrs); + perm.appId, perm.isInBrowserElement); let testPerm = Services.perms.testPermissionFromPrincipal( principal, perm.type); return testPerm; @@ -871,9 +870,8 @@ class Marionette(object): Components.utils.import("resource://gre/modules/Services.jsm"); let perm = arguments[0]; let secMan = Services.scriptSecurityManager; - let attrs = {appId: perm.appId, inBrowser: perm.isInBrowserElement}; - let principal = secMan.createCodebasePrincipal(Services.io.newURI(perm.url, null, null), - attrs); + let principal = secMan.getAppCodebasePrincipal(Services.io.newURI(perm.url, null, null), + perm.appId, perm.isInBrowserElement); Services.perms.addFromPrincipal(principal, perm.type, perm.action); return true; """, script_args=[perm]) diff --git a/testing/mochitest/tests/Harness_sanity/test_bug816847.html b/testing/mochitest/tests/Harness_sanity/test_bug816847.html index 85732e2e955..a575e07ad94 100644 --- a/testing/mochitest/tests/Harness_sanity/test_bug816847.html +++ b/testing/mochitest/tests/Harness_sanity/test_bug816847.html @@ -34,14 +34,19 @@ const unknown = Ci.nsIPermissionManager.UNKNOWN_ACTION; const perms = ['network-events', 'geolocation', 'camera', 'alarms'] function createPrincipal(aURI, aIsApp, aIsInBrowserElement) { - if (aIsApp) { + if(aIsApp) { var app = appsSvc.getAppByManifestURL(aURI); - return app.principal; + var localId = appsSvc.getAppLocalIdByManifestURL(aURI); + var uri = Services.io.newURI(app.origin, null, null); + return Services.scriptSecurityManager + .getAppCodebasePrincipal(uri, + localId, + aIsInBrowserElement); } var uri = Services.io.newURI(aURI, null, null); return Services.scriptSecurityManager - .createCodebasePrincipal(uri, {}); + .getNoAppCodebasePrincipal(uri); } // test addPermission and removePermission diff --git a/testing/specialpowers/content/SpecialPowersObserverAPI.js b/testing/specialpowers/content/SpecialPowersObserverAPI.js index 607a72127b3..f6b2da92ecb 100644 --- a/testing/specialpowers/content/SpecialPowersObserverAPI.js +++ b/testing/specialpowers/content/SpecialPowersObserverAPI.js @@ -314,9 +314,7 @@ SpecialPowersObserverAPI.prototype = { let msg = aMessage.json; let secMan = Services.scriptSecurityManager; - // TODO: Bug 1196665 - Add originAttributes into SpecialPowers - let attrs = {appId: msg.appId, inBrowser: msg.isInBrowserElement}; - let principal = secMan.createCodebasePrincipal(this._getURI(msg.url), attrs); + let principal = secMan.getAppCodebasePrincipal(this._getURI(msg.url), msg.appId, msg.isInBrowserElement); switch (msg.op) { case "add": diff --git a/toolkit/components/downloads/ApplicationReputation.cpp b/toolkit/components/downloads/ApplicationReputation.cpp index f678ffd9895..67aba51a6ea 100644 --- a/toolkit/components/downloads/ApplicationReputation.cpp +++ b/toolkit/components/downloads/ApplicationReputation.cpp @@ -15,6 +15,7 @@ #include "nsIHttpChannel.h" #include "nsIIOService.h" #include "nsIPrefService.h" +#include "nsIScriptSecurityManager.h" #include "nsISimpleEnumerator.h" #include "nsIStreamListener.h" #include "nsIStringStream.h" @@ -27,7 +28,6 @@ #include "nsIX509CertDB.h" #include "nsIX509CertList.h" -#include "mozilla/BasePrincipal.h" #include "mozilla/Preferences.h" #include "mozilla/Services.h" #include "mozilla/Telemetry.h" @@ -50,8 +50,6 @@ #include "nsILoadInfo.h" #include "nsContentUtils.h" -using mozilla::BasePrincipal; -using mozilla::OriginAttributes; using mozilla::Preferences; using mozilla::TimeStamp; using mozilla::Telemetry::Accumulate; @@ -295,12 +293,13 @@ PendingDBLookup::LookupSpecInternal(const nsACString& aSpec) rv = ios->NewURI(aSpec, nullptr, nullptr, getter_AddRefs(uri)); NS_ENSURE_SUCCESS(rv, rv); - OriginAttributes attrs; - nsCOMPtr principal = - BasePrincipal::CreateCodebasePrincipal(uri, attrs); - if (!principal) { - return NS_ERROR_FAILURE; - } + nsCOMPtr principal; + nsCOMPtr secMan = + do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); + NS_ENSURE_SUCCESS(rv, rv); + + rv = secMan->GetNoAppCodebasePrincipal(uri, getter_AddRefs(principal)); + NS_ENSURE_SUCCESS(rv, rv); // Check local lists to see if the URI has already been whitelisted or // blacklisted. diff --git a/toolkit/components/downloads/test/unit/test_app_rep.js b/toolkit/components/downloads/test/unit/test_app_rep.js index 4d68afe7128..0ed46b72740 100644 --- a/toolkit/components/downloads/test/unit/test_app_rep.js +++ b/toolkit/components/downloads/test/unit/test_app_rep.js @@ -317,11 +317,11 @@ add_test(function test_redirect_on_blocklist() { let secman = Services.scriptSecurityManager; let badRedirects = Cc["@mozilla.org/array;1"] .createInstance(Ci.nsIMutableArray); - badRedirects.appendElement(secman.createCodebasePrincipal(exampleURI, {}), + badRedirects.appendElement(secman.getNoAppCodebasePrincipal(exampleURI), false); - badRedirects.appendElement(secman.createCodebasePrincipal(blocklistedURI, {}), + badRedirects.appendElement(secman.getNoAppCodebasePrincipal(blocklistedURI), false); - badRedirects.appendElement(secman.createCodebasePrincipal(whitelistedURI, {}), + badRedirects.appendElement(secman.getNoAppCodebasePrincipal(whitelistedURI), false); gAppRep.queryReputation({ sourceURI: whitelistedURI, diff --git a/toolkit/components/places/BookmarkJSONUtils.jsm b/toolkit/components/places/BookmarkJSONUtils.jsm index 80350215046..a2ac406d467 100644 --- a/toolkit/components/places/BookmarkJSONUtils.jsm +++ b/toolkit/components/places/BookmarkJSONUtils.jsm @@ -209,7 +209,7 @@ BookmarkImporter.prototype = { let uri = NetUtil.newURI(spec); let channel = NetUtil.newChannel({ uri, - loadingPrincipal: Services.scriptSecurityManager.createCodebasePrincipal(uri, {}), + loadingPrincipal: Services.scriptSecurityManager.getNoAppCodebasePrincipal(uri), contentPolicyType: Ci.nsIContentPolicy.TYPE_INTERNAL_XMLHTTPREQUEST }); let streamLoader = Cc["@mozilla.org/network/stream-loader;1"] diff --git a/toolkit/components/places/nsLivemarkService.js b/toolkit/components/places/nsLivemarkService.js index 58ed8d59431..b039f02920e 100644 --- a/toolkit/components/places/nsLivemarkService.js +++ b/toolkit/components/places/nsLivemarkService.js @@ -528,7 +528,7 @@ Livemark.prototype = { createInstance(Ci.nsILoadGroup); let channel = NetUtil.newChannel({ uri: this.feedURI.spec, - loadingPrincipal: Services.scriptSecurityManager.createCodebasePrincipal(this.feedURI, {}), + loadingPrincipal: Services.scriptSecurityManager.getNoAppCodebasePrincipal(this.feedURI), contentPolicyType: Ci.nsIContentPolicy.TYPE_INTERNAL_XMLHTTPREQUEST }).QueryInterface(Ci.nsIHttpChannel); channel.loadGroup = loadgroup; diff --git a/toolkit/components/social/SocialService.jsm b/toolkit/components/social/SocialService.jsm index e1e3a35c422..434421c29ec 100644 --- a/toolkit/components/social/SocialService.jsm +++ b/toolkit/components/social/SocialService.jsm @@ -153,7 +153,7 @@ XPCOMUtils.defineLazyGetter(SocialServiceInternal, "providers", function () { function getOriginActivationType(origin) { // if this is an about uri, treat it as a directory let URI = Services.io.newURI(origin, null, null); - let principal = Services.scriptSecurityManager.createCodebasePrincipal(URI, {}); + let principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(URI); if (Services.scriptSecurityManager.isSystemPrincipal(principal) || origin == "moz-safe-about:home") { return "internal"; } @@ -513,7 +513,7 @@ this.SocialService = { } // force/fixup origin let URI = Services.io.newURI(installOrigin, null, null); - principal = Services.scriptSecurityManager.createCodebasePrincipal(URI, {}); + principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(URI); data.origin = principal.origin; // iconURL and name are required @@ -714,7 +714,7 @@ function SocialProvider(input) { this.postActivationURL = input.postActivationURL; this.origin = input.origin; let originUri = Services.io.newURI(input.origin, null, null); - this.principal = Services.scriptSecurityManager.createCodebasePrincipal(originUri, {}); + this.principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(originUri); this.ambientNotificationIcons = {}; this.errorState = null; this.frecency = 0; diff --git a/toolkit/components/url-classifier/tests/unit/head_urlclassifier.js b/toolkit/components/url-classifier/tests/unit/head_urlclassifier.js index 6dcb95aac56..956f315f85a 100644 --- a/toolkit/components/url-classifier/tests/unit/head_urlclassifier.js +++ b/toolkit/components/url-classifier/tests/unit/head_urlclassifier.js @@ -221,7 +221,7 @@ checkUrls: function(urls, expected, cb) var doLookup = function() { if (urls.length > 0) { var fragment = urls.shift(); - var principal = secMan.createCodebasePrincipal(iosvc.newURI("http://" + fragment, null, null), {}); + var principal = secMan.getNoAppCodebasePrincipal(iosvc.newURI("http://" + fragment, null, null)); dbservice.lookup(principal, allTables, function(arg) { do_check_eq(expected, arg); diff --git a/toolkit/components/url-classifier/tests/unit/test_dbservice.js b/toolkit/components/url-classifier/tests/unit/test_dbservice.js index 3c59205b8fa..c421c994f42 100644 --- a/toolkit/components/url-classifier/tests/unit/test_dbservice.js +++ b/toolkit/components/url-classifier/tests/unit/test_dbservice.js @@ -97,7 +97,7 @@ function checkNoHost() // Looking up a no-host uri such as a data: uri should throw an exception. var exception; try { - var principal = secMan.createCodebasePrincipal(iosvc.newURI("data:text/html,test", null, null), {}); + var principal = secMan.getNoAppCodebasePrincipal(iosvc.newURI("data:text/html,test", null, null)); dbservice.lookup(principal, allTables); exception = false; @@ -198,27 +198,26 @@ function checkState() { numExpecting = 0; - for (var key in phishExpected) { - var principal = secMan.createCodebasePrincipal(iosvc.newURI("http://" + key, null, null), {}); + var principal = secMan.getNoAppCodebasePrincipal(iosvc.newURI("http://" + key, null, null)); dbservice.lookup(principal, allTables, phishExists, true); numExpecting++; } for (var key in phishUnexpected) { - var principal = secMan.createCodebasePrincipal(iosvc.newURI("http://" + key, null, null), {}); + var principal = secMan.getNoAppCodebasePrincipal(iosvc.newURI("http://" + key, null, null)); dbservice.lookup(principal, allTables, phishDoesntExist, true); numExpecting++; } for (var key in malwareExpected) { - var principal = secMan.createCodebasePrincipal(iosvc.newURI("http://" + key, null, null), {}); + var principal = secMan.getNoAppCodebasePrincipal(iosvc.newURI("http://" + key, null, null)); dbservice.lookup(principal, allTables, malwareExists, true); numExpecting++; } for (var key in unwantedExpected) { - var principal = secMan.createCodebasePrincipal(iosvc.newURI("http://" + key, null, null), {}); + var principal = secMan.getNoAppCodebasePrincipal(iosvc.newURI("http://" + key, null, null)); dbservice.lookup(principal, allTables, unwantedExists, true); numExpecting++; } diff --git a/toolkit/components/url-classifier/tests/unit/test_digest256.js b/toolkit/components/url-classifier/tests/unit/test_digest256.js index e460b2f3d32..74f8bc8d0d3 100644 --- a/toolkit/components/url-classifier/tests/unit/test_digest256.js +++ b/toolkit/components/url-classifier/tests/unit/test_digest256.js @@ -124,7 +124,7 @@ add_test(function test_update() { add_test(function test_url_not_whitelisted() { let uri = createURI("http://example.com"); - let principal = gSecMan.createCodebasePrincipal(uri, {}); + let principal = gSecMan.getNoAppCodebasePrincipal(uri); gDbService.lookup(principal, "goog-downloadwhite-digest256", function handleEvent(aEvent) { // This URI is not on any lists. @@ -137,7 +137,7 @@ add_test(function test_url_whitelisted() { // Hash of "whitelisted.com/" (canonicalized URL) is: // 93CA5F48E15E9861CD37C2D95DB43D23CC6E6DE5C3F8FA6E8BE66F97CC518907 let uri = createURI("http://whitelisted.com"); - let principal = gSecMan.createCodebasePrincipal(uri, {}); + let principal = gSecMan.getNoAppCodebasePrincipal(uri); gDbService.lookup(principal, "goog-downloadwhite-digest256", function handleEvent(aEvent) { do_check_eq("goog-downloadwhite-digest256", aEvent); diff --git a/toolkit/devtools/server/actors/storage.js b/toolkit/devtools/server/actors/storage.js index 8b6846e884b..3f3b7354790 100644 --- a/toolkit/devtools/server/actors/storage.js +++ b/toolkit/devtools/server/actors/storage.js @@ -1324,7 +1324,7 @@ let indexedDBHelpers = { principal = Services.scriptSecurityManager.getSystemPrincipal(); } else { let uri = Services.io.newURI(host, null, null); - principal = Services.scriptSecurityManager.createCodebasePrincipal(uri, {}); + principal = Services.scriptSecurityManager.getCodebasePrincipal(uri); } return require("indexedDB").openForPrincipal(principal, name); diff --git a/toolkit/forgetaboutsite/test/unit/test_removeDataFromDomain.js b/toolkit/forgetaboutsite/test/unit/test_removeDataFromDomain.js index 81cc9780fba..a6793091c70 100644 --- a/toolkit/forgetaboutsite/test/unit/test_removeDataFromDomain.js +++ b/toolkit/forgetaboutsite/test/unit/test_removeDataFromDomain.js @@ -185,9 +185,9 @@ function add_permission(aURI) check_permission_exists(aURI, false); let pm = Cc["@mozilla.org/permissionmanager;1"]. getService(Ci.nsIPermissionManager); - let ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); - let principal = ssm.createCodebasePrincipal(aURI, {}); + let principal = Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(aURI); pm.addFromPrincipal(principal, PERMISSION_TYPE, PERMISSION_VALUE); check_permission_exists(aURI, true); @@ -205,9 +205,9 @@ function check_permission_exists(aURI, aExists) { let pm = Cc["@mozilla.org/permissionmanager;1"]. getService(Ci.nsIPermissionManager); - let ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); - let principal = ssm.createCodebasePrincipal(aURI, {}); + let principal = Cc["@mozilla.org/scriptsecuritymanager;1"] + .getService(Ci.nsIScriptSecurityManager) + .getNoAppCodebasePrincipal(aURI); let perm = pm.testExactPermissionFromPrincipal(principal, PERMISSION_TYPE); let checker = aExists ? do_check_eq : do_check_neq; @@ -554,10 +554,9 @@ function test_storage_cleared() { function getStorageForURI(aURI) { - let ssm = Cc["@mozilla.org/scriptsecuritymanager;1"] - .getService(Ci.nsIScriptSecurityManager); - let principal = ssm.createCodebasePrincipal(aURI, {}); - + let principal = Cc["@mozilla.org/scriptsecuritymanager;1"]. + getService(Ci.nsIScriptSecurityManager). + getNoAppCodebasePrincipal(aURI); let dsm = Cc["@mozilla.org/dom/localStorage-manager;1"]. getService(Ci.nsIDOMStorageManager); return dsm.createStorage(null, principal, ""); diff --git a/toolkit/modules/NewTabUtils.jsm b/toolkit/modules/NewTabUtils.jsm index 3120b9b23a2..4d89dfd9b43 100644 --- a/toolkit/modules/NewTabUtils.jsm +++ b/toolkit/modules/NewTabUtils.jsm @@ -25,7 +25,7 @@ XPCOMUtils.defineLazyModuleGetter(this, "BinarySearch", XPCOMUtils.defineLazyGetter(this, "gPrincipal", function () { let uri = Services.io.newURI("about:newtab", null, null); - return Services.scriptSecurityManager.createCodebasePrincipal(uri, {}); + return Services.scriptSecurityManager.getNoAppCodebasePrincipal(uri); }); XPCOMUtils.defineLazyGetter(this, "gCryptoHash", function () { diff --git a/toolkit/modules/PermissionsUtils.jsm b/toolkit/modules/PermissionsUtils.jsm index 07eaaa27bc0..ec04826959c 100644 --- a/toolkit/modules/PermissionsUtils.jsm +++ b/toolkit/modules/PermissionsUtils.jsm @@ -39,8 +39,8 @@ function importPrefBranch(aPrefBranch, aPermission, aAction) { let httpsURI = Services.io.newURI("https://" + origin, null, null); principals = [ - Services.scriptSecurityManager.createCodebasePrincipal(httpURI, {}), - Services.scriptSecurityManager.createCodebasePrincipal(httpsURI, {}) + Services.scriptSecurityManager.getNoAppCodebasePrincipal(httpURI), + Services.scriptSecurityManager.getNoAppCodebasePrincipal(httpsURI) ]; } catch (e2) {} } diff --git a/toolkit/webapps/NativeApp.jsm b/toolkit/webapps/NativeApp.jsm index 111719e4fda..8de17947808 100644 --- a/toolkit/webapps/NativeApp.jsm +++ b/toolkit/webapps/NativeApp.jsm @@ -457,9 +457,10 @@ function downloadIcon(aIconURI) { // installing the app, hence app.origin is not available yet and // therefore we can not call getAppCodebasePrincipal. let principal = - aIconURI.schemeIs("chrome") ? - Services.scriptSecurityManager.getSystemPrincipal() : - Services.scriptSecurityManager.createCodebasePrincipal(aIconURI, {}); + aIconURI.schemeIs("chrome") ? Services.scriptSecurityManager + .getSystemPrincipal() + : Services.scriptSecurityManager + .getNoAppCodebasePrincipal(aIconURI); let channel = NetUtil.newChannel({ uri: aIconURI, diff --git a/uriloader/prefetch/OfflineCacheUpdateParent.cpp b/uriloader/prefetch/OfflineCacheUpdateParent.cpp index 28fb935f489..56ad75fbdc0 100644 --- a/uriloader/prefetch/OfflineCacheUpdateParent.cpp +++ b/uriloader/prefetch/OfflineCacheUpdateParent.cpp @@ -5,7 +5,6 @@ #include "OfflineCacheUpdateParent.h" -#include "mozilla/BasePrincipal.h" #include "mozilla/dom/TabParent.h" #include "mozilla/ipc/URIUtils.h" #include "mozilla/unused.h" @@ -13,10 +12,9 @@ #include "nsIApplicationCache.h" #include "nsIScriptSecurityManager.h" #include "nsNetUtil.h" +#include "nsContentUtils.h" using namespace mozilla::ipc; -using mozilla::BasePrincipal; -using mozilla::OriginAttributes; using mozilla::dom::TabParent; // @@ -93,10 +91,10 @@ OfflineCacheUpdateParent::Schedule(const URIParams& aManifestURI, bool offlinePermissionAllowed = false; - // TODO: Bug 1165466 - use OriginAttributes - OriginAttributes attrs(mAppId, mIsInBrowserElement); - nsCOMPtr principal = - BasePrincipal::CreateCodebasePrincipal(manifestURI, attrs); + nsCOMPtr principal; + nsContentUtils::GetSecurityManager()-> + GetAppCodebasePrincipal(manifestURI, mAppId, mIsInBrowserElement, + getter_AddRefs(principal)); nsresult rv = service->OfflineAppAllowed( principal, nullptr, &offlinePermissionAllowed); diff --git a/uriloader/prefetch/nsOfflineCacheUpdateService.cpp b/uriloader/prefetch/nsOfflineCacheUpdateService.cpp index aae490c1208..be0e4937d8b 100644 --- a/uriloader/prefetch/nsOfflineCacheUpdateService.cpp +++ b/uriloader/prefetch/nsOfflineCacheUpdateService.cpp @@ -29,6 +29,7 @@ #include "nsICryptoHash.h" #include "nsIPermissionManager.h" #include "nsIPrincipal.h" +#include "nsIScriptSecurityManager.h" #include "nsNetCID.h" #include "nsServiceManagerUtils.h" #include "nsStreamUtils.h" @@ -717,9 +718,9 @@ nsOfflineCacheUpdateService::OfflineAppAllowedForURI(nsIURI *aURI, nsIPrefBranch *aPrefBranch, bool *aAllowed) { - OriginAttributes attrs; - nsCOMPtr principal = - BasePrincipal::CreateCodebasePrincipal(aURI, attrs); + nsCOMPtr principal; + nsContentUtils::GetSecurityManager()-> + GetNoAppCodebasePrincipal(aURI, getter_AddRefs(principal)); return OfflineAppPermForPrincipal(principal, aPrefBranch, false, aAllowed); } @@ -728,9 +729,9 @@ nsOfflineCacheUpdateService::OfflineAppPinnedForURI(nsIURI *aDocumentURI, nsIPrefBranch *aPrefBranch, bool *aPinned) { - OriginAttributes attrs; - nsCOMPtr principal = - BasePrincipal::CreateCodebasePrincipal(aDocumentURI, attrs); + nsCOMPtr principal; + nsContentUtils::GetSecurityManager()-> + GetNoAppCodebasePrincipal(aDocumentURI, getter_AddRefs(principal)); return OfflineAppPermForPrincipal(principal, aPrefBranch, true, aPinned); }