Bug 1165272 - Part 1: remove getAppCodebasePrincipal. r=bholley

This commit is contained in:
Yoshi Huang 2015-08-17 17:03:19 +08:00
parent 021c1251f2
commit 98f6ea7f6c
37 changed files with 201 additions and 209 deletions

View File

@ -154,11 +154,10 @@ this.AboutServiceWorkers = {
return;
}
let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
// TODO: Bug 1196652. use originNoSuffix
Services.io.newURI(message.principal.origin, null, null),
message.principal.originAttributes.appId,
message.principal.originAttributes.inBrowser
);
message.principal.originAttributes);
if (!message.scope) {
self.sendError(message.id, "MissingScope");

View File

@ -205,9 +205,9 @@ ContentPermissionPrompt.prototype = {
// URL.
let notDenyAppPrincipal = function(type) {
let url = Services.io.newURI(app.origin, null, null);
let principal = secMan.getAppCodebasePrincipal(url,
request.principal.appId,
/*mozbrowser*/false);
let principal =
secMan.createCodebasePrincipal(url,
{appId: request.principal.appId});
let result = Services.perms.testExactPermissionFromPrincipal(principal,
type.access);

View File

@ -26,7 +26,7 @@ class DomainPolicyClone;
[ptr] native JSObjectPtr(JSObject);
[ptr] native DomainPolicyClonePtr(mozilla::dom::DomainPolicyClone);
[scriptable, uuid(9a8f0b70-6b9f-4e19-8885-7cfe24f4a42d)]
[scriptable, uuid(73f92674-f59d-4c9b-a9b5-f7a3ae8ffa98)]
interface nsIScriptSecurityManager : nsISupports
{
/**
@ -150,10 +150,12 @@ interface nsIScriptSecurityManager : nsISupports
* @param appId is the app id of the principal. It can't be UNKNOWN_APP_ID.
* @param inMozBrowser is true if the principal has to be considered as
* inside a mozbrowser frame.
*
* @deprecated use createCodebasePrincipal instead.
*/
nsIPrincipal getAppCodebasePrincipal(in nsIURI uri,
in unsigned long appId,
in boolean inMozBrowser);
[deprecated] nsIPrincipal getAppCodebasePrincipal(in nsIURI uri,
in unsigned long appId,
in boolean inMozBrowser);
/**
* Returns a principal that has the appId and inMozBrowser of the load

View File

@ -11,6 +11,7 @@
#include "mozilla/ArrayUtils.h"
#include "mozilla/Attributes.h"
#include "mozilla/AutoRestore.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/Casting.h"
#include "mozilla/dom/ContentChild.h"
#include "mozilla/dom/Element.h"
@ -9360,9 +9361,6 @@ nsDocShell::CreatePrincipalFromReferrer(nsIURI* aReferrer,
nsIPrincipal** aResult)
{
nsresult rv;
nsCOMPtr<nsIScriptSecurityManager> secMan =
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, rv);
uint32_t appId;
rv = GetAppId(&appId);
@ -9370,12 +9368,14 @@ nsDocShell::CreatePrincipalFromReferrer(nsIURI* aReferrer,
bool isInBrowserElement;
rv = GetIsInBrowserElement(&isInBrowserElement);
NS_ENSURE_SUCCESS(rv, rv);
rv = secMan->GetAppCodebasePrincipal(aReferrer,
appId,
isInBrowserElement,
aResult);
NS_ENSURE_SUCCESS(rv, rv);
return NS_OK;
// TODO: Bug 1165466 - Pass mOriginAttributes directly.
OriginAttributes attrs(appId, isInBrowserElement);
nsCOMPtr<nsIPrincipal> prin =
BasePrincipal::CreateCodebasePrincipal(aReferrer, attrs);
prin.forget(aResult);
return *aResult ? NS_OK : NS_ERROR_FAILURE;
}
NS_IMETHODIMP

View File

@ -73,11 +73,9 @@ mozIApplication.prototype = {
this._principal = null;
try {
this._principal = Services.scriptSecurityManager.getAppCodebasePrincipal(
this._principal = Services.scriptSecurityManager.createCodebasePrincipal(
Services.io.newURI(this.origin, null, null),
this.localId,
false /* mozbrowser */
);
{appId: this.localId});
} catch(e) {
dump("Could not create app principal " + e + "\n");
}

View File

@ -228,8 +228,8 @@ function installCache(app) {
if (!cacheManifest.exists())
return;
let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(
app.origin, app.localId, false);
let principal =
Services.scriptSecurityManager.createCodebasePrincipal(app.origin, {appId: aApp.localId});
// If the build has been correctly configured, this should not happen!
// If we install the cache anyway, it won't be updateable. If we don't install

View File

@ -40,7 +40,7 @@ this.ScriptPreloader = {
let toLoad = aManifest.precompile.length;
let principal =
Services.scriptSecurityManager
.getAppCodebasePrincipal(origin, aApp.localId, false);
.createCodebasePrincipal(origin, {appId: aApp.localId});
aManifest.precompile.forEach((aPath) => {
let uri = Services.io.newURI(aPath, null, origin);

View File

@ -820,8 +820,7 @@ this.DOMApplicationRegistry = {
let uri = Services.io.newURI(aOrigin, null, null);
let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"]
.getService(Ci.nsIScriptSecurityManager);
let principal = secMan.getAppCodebasePrincipal(uri, aId,
/*mozbrowser*/ false);
let principal = secMan.createCodebasePrincipal(uri, {appId: aId});
if (!dataStoreService.checkPermission(principal)) {
return;
}
@ -3369,8 +3368,9 @@ this.DOMApplicationRegistry = {
let requestChannel;
let appURI = NetUtil.newURI(aNewApp.origin, null, null);
let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(
appURI, aNewApp.localId, false);
let principal =
Services.scriptSecurityManager.createCodebasePrincipal(appURI,
{appId: aNewApp.localId});
if (aIsLocalFileInstall) {
requestChannel = NetUtil.newChannel({

View File

@ -95,7 +95,6 @@
#include "nsThreadUtils.h"
#include "nsILoadContext.h"
#include "nsIPresShell.h"
#include "nsIScriptSecurityManager.h"
#include "nsIScrollableFrame.h"
#include "nsView.h"
#include "nsViewManager.h"
@ -192,6 +191,7 @@
#include "nsRefreshDriver.h"
#include "mozilla/AddonPathService.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/Services.h"
#include "mozilla/Telemetry.h"
#include "nsLocation.h"
@ -256,6 +256,8 @@ static const char kStorageEnabled[] = "dom.storage.enabled";
using namespace mozilla;
using namespace mozilla::dom;
using namespace mozilla::dom::ipc;
using mozilla::BasePrincipal;
using mozilla::OriginAttributes;
using mozilla::TimeStamp;
using mozilla::TimeDuration;
using mozilla::dom::cache::CacheStorage;
@ -8586,21 +8588,14 @@ nsGlobalWindow::PostMessageMozOuter(JSContext* aCx, JS::Handle<JS::Value> aMessa
return;
}
nsCOMPtr<nsIScriptSecurityManager> ssm =
nsContentUtils::GetSecurityManager();
MOZ_ASSERT(ssm);
nsCOMPtr<nsIPrincipal> principal = nsContentUtils::SubjectPrincipal();
MOZ_ASSERT(principal);
uint32_t appId = principal->GetAppId();
bool isInBrowser = principal->GetIsInBrowserElement();
OriginAttributes attrs = BasePrincipal::Cast(principal)->OriginAttributesRef();
// Create a nsIPrincipal inheriting the app/browser attributes from the
// caller.
nsresult rv = ssm->GetAppCodebasePrincipal(originURI, appId, isInBrowser,
getter_AddRefs(providedPrincipal));
if (NS_WARN_IF(NS_FAILED(rv))) {
providedPrincipal = BasePrincipal::CreateCodebasePrincipal(originURI, attrs);
if (NS_WARN_IF(!providedPrincipal)) {
return;
}
}

View File

@ -833,14 +833,16 @@ BrowserElementParent.prototype = {
catch(e) {
debug('Malformed referrer -- ' + e);
}
// TODO Bug 1165466: use originAttributes from nsILoadContext.
let attrs = {appId: this._frameLoader.loadContext.appId,
inBrowser: this._frameLoader.loadContext.isInBrowserElement};
// This simply returns null if there is no principal available
// for the requested uri. This is an acceptable fallback when
// calling newChannelFromURI2.
principal =
Services.scriptSecurityManager.getAppCodebasePrincipal(
referrer,
this._frameLoader.loadContext.appId,
this._frameLoader.loadContext.isInBrowserElement);
principal =
Services.scriptSecurityManager.createCodebasePrincipal(
referrer, attrs);
}
debug('Using principal? ' + !!principal);

View File

@ -158,15 +158,17 @@ function testAuthJarNoInterfere(e) {
// Set a bunch of auth data that should not conflict with the correct auth data already
// stored in the cache.
var principal = secMan.getAppCodebasePrincipal(uri, 1, false);
var attrs = {appId: 1};
var principal = secMan.createCodebasePrincipal(uri, attrs);
authMgr.setAuthIdentity('http', 'test', -1, 'basic', 'http_realm',
'tests/dom/browser-element/mochitest/file_http_401_response.sjs',
'', 'httpuser', 'wrongpass', false, principal);
principal = secMan.getAppCodebasePrincipal(uri, 1, true);
attrs = {appId: 1, inBrowser: true};
principal = secMan.createCodebasePrincipal(uri, attrs);
authMgr.setAuthIdentity('http', 'test', -1, 'basic', 'http_realm',
'tests/dom/browser-element/mochitest/file_http_401_response.sjs',
'', 'httpuser', 'wrongpass', false, principal);
principal = secMan.getAppCodebasePrincipal(uri, secMan.NO_APP_ID, false);
principal = secMan.createCodebasePrincipal(uri, {});
authMgr.setAuthIdentity('http', 'test', -1, 'basic', 'http_realm',
'tests/dom/browser-element/mochitest/file_http_401_response.sjs',
'', 'httpuser', 'wrongpass', false, principal);
@ -196,7 +198,7 @@ function testAuthJarInterfere(e) {
var uri = ioService.newURI("http://test/tests/dom/browser-element/mochitest/file_http_401_response.sjs", null, null);
// Set some auth data that should overwrite the successful stored details.
var principal = secMan.getAppCodebasePrincipal(uri, secMan.NO_APP_ID, true);
var principal = secMan.createCodebasePrincipal(uri, {inBrowser: true});
authMgr.setAuthIdentity('http', 'test', -1, 'basic', 'http_realm',
'tests/dom/browser-element/mochitest/file_http_401_response.sjs',
'', 'httpuser', 'wrongpass', false, principal);

View File

@ -14,6 +14,7 @@
#include "mozilla/dom/DataStoreImplBinding.h"
#include "nsIDataStore.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/Preferences.h"
#include "mozilla/Services.h"
#include "mozilla/StaticPtr.h"
@ -56,6 +57,9 @@
return NS_ERROR_FAILURE; \
}
using mozilla::BasePrincipal;
using mozilla::OriginAttributes;
namespace mozilla {
namespace dom {
@ -213,17 +217,10 @@ ResetPermission(uint32_t aAppId, const nsAString& aOriginURL,
return rv;
}
nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
if (!ssm) {
return NS_ERROR_FAILURE;
}
nsCOMPtr<nsIPrincipal> principal;
rv = ssm->GetAppCodebasePrincipal(uri, aAppId, false,
getter_AddRefs(principal));
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}
OriginAttributes attrs(aAppId, false);
nsCOMPtr<nsIPrincipal> principal =
BasePrincipal::CreateCodebasePrincipal(uri, attrs);
NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE);
nsCOMPtr<nsIPermissionManager> pm =
do_GetService(NS_PERMISSIONMANAGER_CONTRACTID);

View File

@ -18519,12 +18519,6 @@ FactoryOp::CheckAtLeastOneAppHasPermission(ContentParent* aContentParent,
return false;
}
nsCOMPtr<nsIScriptSecurityManager> secMan =
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID);
if (NS_WARN_IF(!secMan)) {
return false;
}
nsCOMPtr<nsIPermissionManager> permMan =
mozilla::services::GetPermissionManager();
if (NS_WARN_IF(!permMan)) {
@ -18548,24 +18542,9 @@ FactoryOp::CheckAtLeastOneAppHasPermission(ContentParent* aContentParent,
return false;
}
nsString origin;
rv = app->GetOrigin(origin);
if (NS_WARN_IF(NS_FAILED(rv))) {
return false;
}
nsCOMPtr<nsIURI> uri;
rv = NS_NewURI(getter_AddRefs(uri), origin, nullptr, nullptr, ioService);
if (NS_WARN_IF(NS_FAILED(rv))) {
return false;
}
nsCOMPtr<nsIPrincipal> principal;
rv = secMan->GetAppCodebasePrincipal(uri, appId, false,
getter_AddRefs(principal));
if (NS_WARN_IF(NS_FAILED(rv))) {
return false;
}
app->GetPrincipal(getter_AddRefs(principal));
NS_ENSURE_TRUE(principal, false);
uint32_t permission;
rv = permMan->TestExactPermissionFromPrincipal(principal,

View File

@ -92,8 +92,9 @@ function testSteps()
let uri = ios.newURI(params.url, null, null);
let principal;
if ("appId" in params) {
principal = ssm.getAppCodebasePrincipal(uri, params.appId,
params.inMozBrowser);
principal =
ssm.createCodebasePrincipal(uri, {appId: params.appId,
inBrowser: params.inMozBrowser});
} else {
principal = ssm.getNoAppCodebasePrincipal(uri);
}

View File

@ -12,7 +12,6 @@
#include "mozilla/hal_sandbox/PHalParent.h"
#include "nsIAppsService.h"
#include "nsIPrincipal.h"
#include "nsIScriptSecurityManager.h"
#include "nsPrintfCString.h"
#include "nsIURI.h"
#include "nsNetUtil.h"
@ -232,21 +231,10 @@ GetAppPrincipal(uint32_t aAppId)
nsresult rv = appsService->GetAppByLocalId(aAppId, getter_AddRefs(app));
NS_ENSURE_SUCCESS(rv, nullptr);
nsString origin;
rv = app->GetOrigin(origin);
NS_ENSURE_SUCCESS(rv, nullptr);
nsCOMPtr<nsIPrincipal> principal;
app->GetPrincipal(getter_AddRefs(principal));
nsCOMPtr<nsIURI> uri;
NS_NewURI(getter_AddRefs(uri), origin);
nsCOMPtr<nsIScriptSecurityManager> secMan =
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID);
nsCOMPtr<nsIPrincipal> appPrincipal;
rv = secMan->GetAppCodebasePrincipal(uri, aAppId, false,
getter_AddRefs(appPrincipal));
NS_ENSURE_SUCCESS(rv, nullptr);
return appPrincipal.forget();
return principal.forget();
}
uint32_t

View File

@ -1562,23 +1562,15 @@ TabChild::MaybeRequestPreinitCamera()
return;
}
nsString manifestUrl = EmptyString();
appsService->GetManifestURLByLocalId(OwnAppId(), manifestUrl);
nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager();
if (NS_WARN_IF(!secMan)) {
return;
}
nsCOMPtr<nsIURI> uri;
nsresult rv = NS_NewURI(getter_AddRefs(uri), manifestUrl);
if (NS_WARN_IF(NS_FAILED(rv))) {
nsCOMPtr<mozIApplication> app;
nsresult rv = appsService->GetAppByLocalId(OwnAppId(), getter_AddRefs(app));
if (NS_WARN_IF(NS_FAILED(rv)) || !app) {
return;
}
nsCOMPtr<nsIPrincipal> principal;
rv = secMan->GetAppCodebasePrincipal(uri, OwnAppId(), false,
getter_AddRefs(principal));
if (NS_WARN_IF(NS_FAILED(rv))) {
app->GetPrincipal(getter_AddRefs(principal));
if (NS_WARN_IF(!principal)) {
return;
}

View File

@ -236,8 +236,9 @@ let PaymentManager = {
if (systemAppId != Ci.nsIScriptSecurityManager.NO_APP_ID) {
this.LOG("Granting firefox-accounts permission to " + provider.uri);
let uri = Services.io.newURI(provider.uri, null, null);
let principal = Services.scriptSecurityManager
.getAppCodebasePrincipal(uri, systemAppId, true);
let attrs = {appId: systemAppId, inBrowser: true};
let principal =
Services.scriptSecurityManager.createCodebasePrincipal(uri, attrs);
Services.perms.addFromPrincipal(principal, "firefox-accounts",
Ci.nsIPermissionManager.ALLOW_ACTION,

View File

@ -35,10 +35,14 @@ XPCOMUtils.defineLazyServiceGetter(this,
PermissionSettings.prototype = {
get: function get(aPermName, aManifestURL, aOrigin, aBrowserFlag) {
// TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.js
debug("Get called with: " + aPermName + ", " + aManifestURL + ", " + aOrigin + ", " + aBrowserFlag);
let uri = Services.io.newURI(aOrigin, null, null);
let appID = appsService.getAppLocalIdByManifestURL(aManifestURL);
let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, appID, aBrowserFlag);
let principal =
Services.scriptSecurityManager.createCodebasePrincipal(uri,
{appId: appID,
inBrowser: aBrowserFlag});
let result = Services.perms.testExactPermanentPermission(principal, aPermName);
switch (result)
@ -59,11 +63,12 @@ PermissionSettings.prototype = {
isExplicit: function isExplicit(aPermName, aManifestURL, aOrigin,
aBrowserFlag) {
// TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.js
debug("isExplicit: " + aPermName + ", " + aManifestURL + ", " + aOrigin);
let uri = Services.io.newURI(aOrigin, null, null);
let app = appsService.getAppByManifestURL(aManifestURL);
let principal = Services.scriptSecurityManager
.getAppCodebasePrincipal(uri, app.localId, aBrowserFlag);
.createCodebasePrincipal(uri, {appId: app.localId, inBrowser: aBrowserFlag});
return isExplicitInPermissionsTable(aPermName,
principal.appStatus,
@ -99,9 +104,13 @@ PermissionSettings.prototype = {
},
remove: function remove(aPermName, aManifestURL, aOrigin) {
// TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.js
let uri = Services.io.newURI(aOrigin, null, null);
let appID = appsService.getAppLocalIdByManifestURL(aManifestURL);
let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, appID, true);
let principal =
Services.scriptSecurityManager.createCodebasePrincipal(uri,
{appId: appID,
inBrowser: true});
if (principal.appStatus !== Ci.nsIPrincipal.APP_STATUS_NOT_INSTALLED) {
let errorMsg = "PermissionSettings.js: '" + aOrigin + "'" +

View File

@ -67,9 +67,13 @@ this.PermissionSettingsModule = {
_internalAddPermission: function _internalAddPermission(aData, aAllowAllChanges, aCallbacks) {
// TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.jsm
let uri = Services.io.newURI(aData.origin, null, null);
let app = appsService.getAppByManifestURL(aData.manifestURL);
let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, app.localId, aData.browserFlag);
let principal =
Services.scriptSecurityManager.createCodebasePrincipal(uri,
{appId: app.localId,
inBrowser: aData.browserFlag});
let action;
switch (aData.value)
@ -103,10 +107,14 @@ this.PermissionSettingsModule = {
},
getPermission: function getPermission(aPermName, aManifestURL, aOrigin, aBrowserFlag) {
// TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.jsm
debug("getPermission: " + aPermName + ", " + aManifestURL + ", " + aOrigin);
let uri = Services.io.newURI(aOrigin, null, null);
let appID = appsService.getAppLocalIdByManifestURL(aManifestURL);
let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, appID, aBrowserFlag);
let principal =
Services.scriptSecurityManager.createCodebasePrincipal(uri,
{appId: appID,
inBrowser: aBrowserFlag});
let result = Services.perms.testExactPermissionFromPrincipal(principal, aPermName);
switch (result)

View File

@ -5288,10 +5288,9 @@ StorageDirectoryHelper::RunOnMainThread()
rv = secMan->GetSimpleCodebasePrincipal(uri,
getter_AddRefs(principal));
} else {
rv = secMan->GetAppCodebasePrincipal(uri,
originProps.mAppId,
originProps.mInMozBrowser,
getter_AddRefs(principal));
OriginAttributes attrs(originProps.mAppId, originProps.mInMozBrowser);
principal = BasePrincipal::CreateCodebasePrincipal(uri, attrs);
rv = principal ? NS_OK : NS_ERROR_FAILURE;
}
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;

View File

@ -126,10 +126,13 @@ GetPrincipalFromOrigin(const nsACString& aOrigin, nsIPrincipal** aPrincipal)
nsresult
GetPrincipal(nsIURI* aURI, uint32_t aAppId, bool aIsInBrowserElement, nsIPrincipal** aPrincipal)
{
nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager();
NS_ENSURE_TRUE(secMan, NS_ERROR_FAILURE);
// TODO: Bug 1165267 - Use OriginAttributes for nsCookieService
mozilla::OriginAttributes attrs(aAppId, aIsInBrowserElement);
nsCOMPtr<nsIPrincipal> principal = mozilla::BasePrincipal::CreateCodebasePrincipal(aURI, attrs);
NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE);
return secMan->GetAppCodebasePrincipal(aURI, aAppId, aIsInBrowserElement, aPrincipal);
principal.forget(aPrincipal);
return NS_OK;
}
nsresult

View File

@ -67,19 +67,22 @@ function onInstall() {
var currentPermissionCount = getPermissionCountForApp(-1);
var principal = secMan.getAppCodebasePrincipal(ioService.newURI("http://www.example.com", null, null),
testAppId, false);
var attrs = {appId: testAppId};
var principal = secMan.createCodebasePrincipal(ioService.newURI("http://www.example.com", null, null),
attrs);
permManager.addFromPrincipal(principal, "foobar", Ci.nsIPermissionManager.ALLOW_ACTION);
permManager.addFromPrincipal(principal, "foo", Ci.nsIPermissionManager.DENY_ACTION);
permManager.addFromPrincipal(principal, "bar", Ci.nsIPermissionManager.ALLOW_ACTION, Ci.nsIPermissionManager.EXPIRE_SESSION, 0);
principal = secMan.getAppCodebasePrincipal(ioService.newURI("http://www.example.com", null, null),
testAppId, true);
attrs = {appId: testAppId, inBrowser: true};
principal = secMan.createCodebasePrincipal(ioService.newURI("http://www.example.com", null, null),
attrs);
permManager.addFromPrincipal(principal, "foobar", Ci.nsIPermissionManager.ALLOW_ACTION);
principal = secMan.getAppCodebasePrincipal(ioService.newURI("http://www.example.org", null, null),
testAppId, false);
attrs = {appId: testAppId};
principal = secMan.createCodebasePrincipal(ioService.newURI("http://www.example.org", null, null),
attrs);
permManager.addFromPrincipal(principal, "foobar", Ci.nsIPermissionManager.ALLOW_ACTION);
is(getPermissionCountForApp(testAppId), 5, "App should have 5 permissions");

View File

@ -6,7 +6,8 @@ let pm;
// Create a principal based on the { origin, appId, browserElement }.
function createPrincipal(aOrigin, aAppId, aBrowserElement)
{
return Services.scriptSecurityManager.getAppCodebasePrincipal(NetUtil.newURI(aOrigin), aAppId, aBrowserElement);
var attrs = {appId: aAppId, inBrowser: aBrowserElement};
return Services.scriptSecurityManager.createCodebasePrincipal(NetUtil.newURI(aOrigin), attrs);
}
// Return the subject required by 'webapps-clear-data' notification.

View File

@ -55,8 +55,9 @@ add_task(function* do_test() {
let principalHttps = Services.scriptSecurityManager.getNoAppCodebasePrincipal(TEST_ORIGIN_HTTPS);
let principal2 = Services.scriptSecurityManager.getNoAppCodebasePrincipal(TEST_ORIGIN_2);
let principal3 = Services.scriptSecurityManager.getNoAppCodebasePrincipal(TEST_ORIGIN_3);
let principal4 = Services.scriptSecurityManager.getAppCodebasePrincipal(TEST_ORIGIN, 1000, true);
let principal5 = Services.scriptSecurityManager.getAppCodebasePrincipal(TEST_ORIGIN_3, 1000, true);
let attrs = {appId: 1000, inBrowser: true};
let principal4 = Services.scriptSecurityManager.createCodebasePrincipal(TEST_ORIGIN, attrs);
let principal5 = Services.scriptSecurityManager.createCodebasePrincipal(TEST_ORIGIN_3, attrs);
do_check_eq(Ci.nsIPermissionManager.ALLOW_ACTION,
pm.testPermissionFromPrincipal(principal, TEST_PERMISSION));

View File

@ -45,33 +45,37 @@ function run_test() {
let uri4_n_n = secMan.getNoAppCodebasePrincipal(uri4);
let uri5_n_n = secMan.getNoAppCodebasePrincipal(uri5);
let uri0_1000_n = secMan.getAppCodebasePrincipal(uri0, 1000, false);
let uri1_1000_n = secMan.getAppCodebasePrincipal(uri1, 1000, false);
let uri2_1000_n = secMan.getAppCodebasePrincipal(uri2, 1000, false);
let uri3_1000_n = secMan.getAppCodebasePrincipal(uri3, 1000, false);
let uri4_1000_n = secMan.getAppCodebasePrincipal(uri4, 1000, false);
let uri5_1000_n = secMan.getAppCodebasePrincipal(uri5, 1000, false);
let attrs = {appId: 1000};
let uri0_1000_n = secMan.createCodebasePrincipal(uri0, attrs);
let uri1_1000_n = secMan.createCodebasePrincipal(uri1, attrs);
let uri2_1000_n = secMan.createCodebasePrincipal(uri2, attrs);
let uri3_1000_n = secMan.createCodebasePrincipal(uri3, attrs);
let uri4_1000_n = secMan.createCodebasePrincipal(uri4, attrs);
let uri5_1000_n = secMan.createCodebasePrincipal(uri5, attrs);
let uri0_1000_y = secMan.getAppCodebasePrincipal(uri0, 1000, true);
let uri1_1000_y = secMan.getAppCodebasePrincipal(uri1, 1000, true);
let uri2_1000_y = secMan.getAppCodebasePrincipal(uri2, 1000, true);
let uri3_1000_y = secMan.getAppCodebasePrincipal(uri3, 1000, true);
let uri4_1000_y = secMan.getAppCodebasePrincipal(uri4, 1000, true);
let uri5_1000_y = secMan.getAppCodebasePrincipal(uri5, 1000, true);
attrs = {appId: 1000, inBrowser: true};
let uri0_1000_y = secMan.createCodebasePrincipal(uri0, attrs);
let uri1_1000_y = secMan.createCodebasePrincipal(uri1, attrs);
let uri2_1000_y = secMan.createCodebasePrincipal(uri2, attrs);
let uri3_1000_y = secMan.createCodebasePrincipal(uri3, attrs);
let uri4_1000_y = secMan.createCodebasePrincipal(uri4, attrs);
let uri5_1000_y = secMan.createCodebasePrincipal(uri5, attrs);
let uri0_2000_n = secMan.getAppCodebasePrincipal(uri0, 2000, false);
let uri1_2000_n = secMan.getAppCodebasePrincipal(uri1, 2000, false);
let uri2_2000_n = secMan.getAppCodebasePrincipal(uri2, 2000, false);
let uri3_2000_n = secMan.getAppCodebasePrincipal(uri3, 2000, false);
let uri4_2000_n = secMan.getAppCodebasePrincipal(uri4, 2000, false);
let uri5_2000_n = secMan.getAppCodebasePrincipal(uri5, 2000, false);
attrs = {appId: 2000};
let uri0_2000_n = secMan.createCodebasePrincipal(uri0, attrs);
let uri1_2000_n = secMan.createCodebasePrincipal(uri1, attrs);
let uri2_2000_n = secMan.createCodebasePrincipal(uri2, attrs);
let uri3_2000_n = secMan.createCodebasePrincipal(uri3, attrs);
let uri4_2000_n = secMan.createCodebasePrincipal(uri4, attrs);
let uri5_2000_n = secMan.createCodebasePrincipal(uri5, attrs);
let uri0_2000_y = secMan.getAppCodebasePrincipal(uri0, 2000, true);
let uri1_2000_y = secMan.getAppCodebasePrincipal(uri1, 2000, true);
let uri2_2000_y = secMan.getAppCodebasePrincipal(uri2, 2000, true);
let uri3_2000_y = secMan.getAppCodebasePrincipal(uri3, 2000, true);
let uri4_2000_y = secMan.getAppCodebasePrincipal(uri4, 2000, true);
let uri5_2000_y = secMan.getAppCodebasePrincipal(uri5, 2000, true);
attrs = {appId: 2000, inBrowser: true};
let uri0_2000_y = secMan.createCodebasePrincipal(uri0, attrs);
let uri1_2000_y = secMan.createCodebasePrincipal(uri1, attrs);
let uri2_2000_y = secMan.createCodebasePrincipal(uri2, attrs);
let uri3_2000_y = secMan.createCodebasePrincipal(uri3, attrs);
let uri4_2000_y = secMan.createCodebasePrincipal(uri4, attrs);
let uri5_2000_y = secMan.createCodebasePrincipal(uri5, attrs);
pm.addFromPrincipal(uri0_n_n, "test/matches", pm.ALLOW_ACTION);
let perm_n_n = pm.getPermissionObject(uri0_n_n, "test/matches", true);

View File

@ -30,8 +30,9 @@ function mk_permission(uri, isAppPermission = false) {
.getService(Ci.nsIScriptSecurityManager);
// Get the permission from the principal!
let attrs = {appId: 1000};
let principal = isAppPermission ?
secMan.getAppCodebasePrincipal(uri, 1000, false) :
secMan.createCodebasePrincipal(uri, attrs) :
secMan.getNoAppCodebasePrincipal(uri);
pm.addFromPrincipal(principal, "test/matchesuri", pm.ALLOW_ACTION);

View File

@ -6,6 +6,7 @@
#include "MainThreadUtils.h"
#include "mozilla/Assertions.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/ipc/PBackgroundSharedTypes.h"
#include "mozilla/net/NeckoChannelParams.h"
#include "nsPrincipal.h"
@ -23,6 +24,8 @@ namespace net {
class OptionalLoadInfoArgs;
}
using mozilla::BasePrincipal;
using mozilla::OriginAttributes;
using namespace mozilla::net;
namespace ipc {
@ -77,10 +80,10 @@ PrincipalInfoToPrincipal(const PrincipalInfo& aPrincipalInfo,
if (info.appId() == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
rv = secMan->GetSimpleCodebasePrincipal(uri, getter_AddRefs(principal));
} else {
rv = secMan->GetAppCodebasePrincipal(uri,
info.appId(),
info.isInBrowserElement(),
getter_AddRefs(principal));
// TODO: Bug 1167100 - User nsIPrincipal.originAttribute in ContentPrincipalInfo
OriginAttributes attrs(info.appId(), info.isInBrowserElement());
principal = BasePrincipal::CreateCodebasePrincipal(uri, attrs);
rv = principal ? NS_OK : NS_ERROR_FAILURE;
}
if (NS_WARN_IF(NS_FAILED(rv))) {
return nullptr;

View File

@ -7,6 +7,7 @@
#include "mozilla/dom/PContentParent.h"
#include "mozilla/net/NeckoParent.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/ipc/URIUtils.h"
#include "nsCookieService.h"
#include "nsIScriptSecurityManager.h"
@ -16,6 +17,8 @@
#include "SerializedLoadContext.h"
using namespace mozilla::ipc;
using mozilla::BasePrincipal;
using mozilla::OriginAttributes;
using mozilla::dom::PContentParent;
using mozilla::net::NeckoParent;
@ -29,16 +32,16 @@ CreateDummyChannel(nsIURI* aHostURI, uint32_t aAppId, bool aInMozBrowser,
{
MOZ_ASSERT(aAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID);
nsCOMPtr<nsIPrincipal> principal;
nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
nsresult rv = ssm->GetAppCodebasePrincipal(aHostURI, aAppId, aInMozBrowser,
getter_AddRefs(principal));
if (NS_FAILED(rv)) {
// TODO: Bug 1165267 - Use OriginAttributes for nsCookieService
OriginAttributes attrs(aAppId, aInMozBrowser);
nsCOMPtr<nsIPrincipal> principal =
BasePrincipal::CreateCodebasePrincipal(aHostURI, attrs);
if (!principal) {
return;
}
nsCOMPtr<nsIURI> dummyURI;
rv = NS_NewURI(getter_AddRefs(dummyURI), "about:blank");
nsresult rv = NS_NewURI(getter_AddRefs(dummyURI), "about:blank");
if (NS_FAILED(rv)) {
return;
}

View File

@ -17,7 +17,6 @@
#include "nsNetUtil.h"
#include "nsISupportsPriority.h"
#include "nsIAuthPromptProvider.h"
#include "nsIScriptSecurityManager.h"
#include "nsSerializationHelper.h"
#include "nsISerializable.h"
#include "nsIAssociatedContentSecurity.h"
@ -34,7 +33,10 @@
#include "mozilla/LoadInfo.h"
#include "nsIHttpHeaderVisitor.h"
#include "nsQueryObject.h"
#include "mozilla/BasePrincipal.h"
using mozilla::BasePrincipal;
using mozilla::OriginAttributes;
using namespace mozilla::dom;
using namespace mozilla::ipc;
@ -456,17 +458,15 @@ HttpChannelParent::DoAsyncOpen( const URIParams& aURI,
mLoadContext->GetIsInBrowserElement(&inBrowser);
}
bool chooseAppCache = false;
nsCOMPtr<nsIScriptSecurityManager> secMan =
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID);
if (secMan) {
nsCOMPtr<nsIPrincipal> principal;
secMan->GetAppCodebasePrincipal(uri, appId, inBrowser, getter_AddRefs(principal));
// TODO: Bug 1165466 - use originAttribute in nsILoadContext.
OriginAttributes attrs(appId, inBrowser);
nsCOMPtr<nsIPrincipal> principal =
BasePrincipal::CreateCodebasePrincipal(uri, attrs);
// This works because we've already called SetNotificationCallbacks and
// done mPBOverride logic by this point.
chooseAppCache = NS_ShouldCheckAppCache(principal, NS_UsePrivateBrowsing(mChannel));
}
bool chooseAppCache = false;
// This works because we've already called SetNotificationCallbacks and
// done mPBOverride logic by this point.
chooseAppCache = NS_ShouldCheckAppCache(principal, NS_UsePrivateBrowsing(mChannel));
appCacheChan->SetChooseApplicationCache(chooseAppCache);
}

View File

@ -13,9 +13,9 @@ function run_test() {
var secMan = Cc["@mozilla.org/scriptsecuritymanager;1"].getService(Ci.nsIScriptSecurityManager);
const kURI1 = "http://example.com";
var app1 = secMan.getAppCodebasePrincipal(createURI(kURI1), 1, false);
var app10 = secMan.getAppCodebasePrincipal(createURI(kURI1), 10, false);
var app1browser = secMan.getAppCodebasePrincipal(createURI(kURI1), 1, true);
var app1 = secMan.createCodebasePrincipal(createURI(kURI1), {appId: 1});
var app10 = secMan.createCodebasePrincipal(createURI(kURI1),{appId: 10});
var app1browser = secMan.createCodebasePrincipal(createURI(kURI1), {appId: 1, inBrowser: true});
var am = Cc["@mozilla.org/network/http-auth-manager;1"].
getService(Ci.nsIHttpAuthManager);

View File

@ -25,7 +25,7 @@ function makePrincipal(origin, appId) {
let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"]
.getService(Ci.nsIScriptSecurityManager);
let uri = Services.io.newURI(origin, null, null);
return secMan.getAppCodebasePrincipal(uri, appId, false);
return secMan.createCodebasePrincipal(uri, {appId: appId});
}
let principal = makePrincipal('app://settings.gaiamobile.org', 27, false);

View File

@ -897,9 +897,7 @@ this.MobileIdentityManager = {
getMobileIdAssertion: function(aPrincipal, aPromiseId, aOptions) {
log.debug("getMobileIdAssertion ${}", aPrincipal);
let uri = Services.io.newURI(aPrincipal.origin, null, null);
let principal = securityManager.getAppCodebasePrincipal(
uri, aPrincipal.appId, aPrincipal.isInBrowserElement);
let principal = aPrincipal;
let manifestURL = appsService.getManifestURLByLocalId(aPrincipal.appId);
let permission = permissionManager.testPermissionFromPrincipal(

View File

@ -125,9 +125,10 @@ function addPermission(aAction) {
let uri = Cc["@mozilla.org/network/io-service;1"]
.getService(Ci.nsIIOService)
.newURI(ORIGIN, null, null);
let attrs = {appId: APP_ID};
let _principal = Cc["@mozilla.org/scriptsecuritymanager;1"]
.getService(Ci.nsIScriptSecurityManager)
.getAppCodebasePrincipal(uri, APP_ID, false);
.createCodebasePrincipal(uri, attrs);
let pm = Cc["@mozilla.org/permissionmanager;1"]
.getService(Ci.nsIPermissionManager);
pm.addFromPrincipal(_principal, MOBILEID_PERM, aAction);
@ -137,9 +138,10 @@ function removePermission() {
let uri = Cc["@mozilla.org/network/io-service;1"]
.getService(Ci.nsIIOService)
.newURI(ORIGIN, null, null);
let attrs = {appId: APP_ID};
let _principal = Cc["@mozilla.org/scriptsecuritymanager;1"]
.getService(Ci.nsIScriptSecurityManager)
.getAppCodebasePrincipal(uri, APP_ID, false);
.createCodebasePrincipal(uri, attrs);
let pm = Cc["@mozilla.org/permissionmanager;1"]
.getService(Ci.nsIPermissionManager);
pm.removeFromPrincipal(_principal, MOBILEID_PERM);

View File

@ -809,9 +809,10 @@ class Marionette(object):
Components.utils.import("resource://gre/modules/Services.jsm");
let perm = arguments[0];
let secMan = Services.scriptSecurityManager;
let principal = secMan.getAppCodebasePrincipal(
let attrs = {appId: perm.appId, inBrowser: perm.isInBrowserElement};
let principal = secMan.createCodebasePrincipal(
Services.io.newURI(perm.url, null, null),
perm.appId, perm.isInBrowserElement);
attrs);
let testPerm = Services.perms.testPermissionFromPrincipal(
principal, perm.type);
return testPerm;
@ -870,8 +871,9 @@ class Marionette(object):
Components.utils.import("resource://gre/modules/Services.jsm");
let perm = arguments[0];
let secMan = Services.scriptSecurityManager;
let principal = secMan.getAppCodebasePrincipal(Services.io.newURI(perm.url, null, null),
perm.appId, perm.isInBrowserElement);
let attrs = {appId: perm.appId, inBrowser: perm.isInBrowserElement};
let principal = secMan.createCodebasePrincipal(Services.io.newURI(perm.url, null, null),
attrs);
Services.perms.addFromPrincipal(principal, perm.type, perm.action);
return true;
""", script_args=[perm])

View File

@ -36,12 +36,7 @@ const perms = ['network-events', 'geolocation', 'camera', 'alarms']
function createPrincipal(aURI, aIsApp, aIsInBrowserElement) {
if(aIsApp) {
var app = appsSvc.getAppByManifestURL(aURI);
var localId = appsSvc.getAppLocalIdByManifestURL(aURI);
var uri = Services.io.newURI(app.origin, null, null);
return Services.scriptSecurityManager
.getAppCodebasePrincipal(uri,
localId,
aIsInBrowserElement);
return app.principal;
}
var uri = Services.io.newURI(aURI, null, null);

View File

@ -323,7 +323,9 @@ SpecialPowersObserverAPI.prototype = {
let msg = aMessage.json;
let secMan = Services.scriptSecurityManager;
let principal = secMan.getAppCodebasePrincipal(this._getURI(msg.url), msg.appId, msg.isInBrowserElement);
// TODO: Bug 1196665 - Add originAttributes into SpecialPowers
let attrs = {appId: msg.appId, inBrowser: msg.isInBrowserElement};
let principal = secMan.createCodebasePrincipal(this._getURI(msg.url), attrs);
switch (msg.op) {
case "add":

View File

@ -5,6 +5,7 @@
#include "OfflineCacheUpdateParent.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/dom/TabParent.h"
#include "mozilla/ipc/URIUtils.h"
#include "mozilla/unused.h"
@ -12,9 +13,10 @@
#include "nsIApplicationCache.h"
#include "nsIScriptSecurityManager.h"
#include "nsNetUtil.h"
#include "nsContentUtils.h"
using namespace mozilla::ipc;
using mozilla::BasePrincipal;
using mozilla::OriginAttributes;
using mozilla::dom::TabParent;
//
@ -91,10 +93,10 @@ OfflineCacheUpdateParent::Schedule(const URIParams& aManifestURI,
bool offlinePermissionAllowed = false;
nsCOMPtr<nsIPrincipal> principal;
nsContentUtils::GetSecurityManager()->
GetAppCodebasePrincipal(manifestURI, mAppId, mIsInBrowserElement,
getter_AddRefs(principal));
// TODO: Bug 1165466 - use OriginAttributes
OriginAttributes attrs(mAppId, mIsInBrowserElement);
nsCOMPtr<nsIPrincipal> principal =
BasePrincipal::CreateCodebasePrincipal(manifestURI, attrs);
nsresult rv = service->OfflineAppAllowed(
principal, nullptr, &offlinePermissionAllowed);