From 98f6ea7f6cd5bb13b136414e7eec1df101415954 Mon Sep 17 00:00:00 2001 From: Yoshi Huang Date: Mon, 17 Aug 2015 17:03:19 +0800 Subject: [PATCH] Bug 1165272 - Part 1: remove getAppCodebasePrincipal. r=bholley --- b2g/components/AboutServiceWorkers.jsm | 7 ++- b2g/components/ContentPermissionPrompt.js | 6 +-- caps/nsIScriptSecurityManager.idl | 10 ++-- docshell/base/nsDocShell.cpp | 18 +++---- dom/apps/AppsUtils.jsm | 6 +-- dom/apps/OfflineCacheInstaller.jsm | 4 +- dom/apps/ScriptPreloader.jsm | 2 +- dom/apps/Webapps.jsm | 8 +-- dom/base/nsGlobalWindow.cpp | 17 +++--- dom/browser-element/BrowserElementParent.js | 12 +++-- .../mochitest/browserElement_Auth.js | 10 ++-- dom/datastore/DataStoreService.cpp | 19 +++---- dom/indexedDB/ActorsParent.cpp | 25 +-------- .../test/unit/test_defaultStorageUpgrade.js | 5 +- dom/ipc/AppProcessChecker.cpp | 18 ++----- dom/ipc/TabChild.cpp | 18 ++----- dom/payment/Payment.jsm | 5 +- dom/permission/PermissionSettings.js | 15 ++++-- dom/permission/PermissionSettings.jsm | 12 ++++- dom/quota/QuotaManager.cpp | 7 ++- extensions/cookie/nsPermissionManager.cpp | 9 ++-- .../test/test_app_uninstall_permissions.html | 15 +++--- .../test/unit/test_permmanager_cleardata.js | 3 +- .../test/unit/test_permmanager_defaults.js | 5 +- .../test/unit/test_permmanager_matches.js | 52 ++++++++++--------- .../test/unit/test_permmanager_matchesuri.js | 3 +- ipc/glue/BackgroundUtils.cpp | 11 ++-- netwerk/cookie/CookieServiceParent.cpp | 15 +++--- netwerk/protocol/http/HttpChannelParent.cpp | 22 ++++---- netwerk/test/unit/test_auth_jar.js | 6 +-- .../fxaccounts/tests/xpcshell/test_manager.js | 2 +- services/mobileid/MobileIdentityManager.jsm | 4 +- services/mobileid/tests/xpcshell/head.js | 6 ++- .../driver/marionette_driver/marionette.py | 10 ++-- .../tests/Harness_sanity/test_bug816847.html | 7 +-- .../content/SpecialPowersObserverAPI.js | 4 +- .../prefetch/OfflineCacheUpdateParent.cpp | 12 +++-- 37 files changed, 201 insertions(+), 209 deletions(-) diff --git a/b2g/components/AboutServiceWorkers.jsm b/b2g/components/AboutServiceWorkers.jsm index 350e20143b2..9532bd6142f 100644 --- a/b2g/components/AboutServiceWorkers.jsm +++ b/b2g/components/AboutServiceWorkers.jsm @@ -154,11 +154,10 @@ this.AboutServiceWorkers = { return; } - let principal = Services.scriptSecurityManager.getAppCodebasePrincipal( + let principal = Services.scriptSecurityManager.createCodebasePrincipal( + // TODO: Bug 1196652. use originNoSuffix Services.io.newURI(message.principal.origin, null, null), - message.principal.originAttributes.appId, - message.principal.originAttributes.inBrowser - ); + message.principal.originAttributes); if (!message.scope) { self.sendError(message.id, "MissingScope"); diff --git a/b2g/components/ContentPermissionPrompt.js b/b2g/components/ContentPermissionPrompt.js index 48e3ceafa1c..bfe6957ca43 100644 --- a/b2g/components/ContentPermissionPrompt.js +++ b/b2g/components/ContentPermissionPrompt.js @@ -205,9 +205,9 @@ ContentPermissionPrompt.prototype = { // URL. let notDenyAppPrincipal = function(type) { let url = Services.io.newURI(app.origin, null, null); - let principal = secMan.getAppCodebasePrincipal(url, - request.principal.appId, - /*mozbrowser*/false); + let principal = + secMan.createCodebasePrincipal(url, + {appId: request.principal.appId}); let result = Services.perms.testExactPermissionFromPrincipal(principal, type.access); diff --git a/caps/nsIScriptSecurityManager.idl b/caps/nsIScriptSecurityManager.idl index dda4ff84fe8..e44cb07df91 100644 --- a/caps/nsIScriptSecurityManager.idl +++ b/caps/nsIScriptSecurityManager.idl @@ -26,7 +26,7 @@ class DomainPolicyClone; [ptr] native JSObjectPtr(JSObject); [ptr] native DomainPolicyClonePtr(mozilla::dom::DomainPolicyClone); -[scriptable, uuid(9a8f0b70-6b9f-4e19-8885-7cfe24f4a42d)] +[scriptable, uuid(73f92674-f59d-4c9b-a9b5-f7a3ae8ffa98)] interface nsIScriptSecurityManager : nsISupports { /** @@ -150,10 +150,12 @@ interface nsIScriptSecurityManager : nsISupports * @param appId is the app id of the principal. It can't be UNKNOWN_APP_ID. * @param inMozBrowser is true if the principal has to be considered as * inside a mozbrowser frame. + * + * @deprecated use createCodebasePrincipal instead. */ - nsIPrincipal getAppCodebasePrincipal(in nsIURI uri, - in unsigned long appId, - in boolean inMozBrowser); + [deprecated] nsIPrincipal getAppCodebasePrincipal(in nsIURI uri, + in unsigned long appId, + in boolean inMozBrowser); /** * Returns a principal that has the appId and inMozBrowser of the load diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index d4b6986a016..2e0718b303c 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -11,6 +11,7 @@ #include "mozilla/ArrayUtils.h" #include "mozilla/Attributes.h" #include "mozilla/AutoRestore.h" +#include "mozilla/BasePrincipal.h" #include "mozilla/Casting.h" #include "mozilla/dom/ContentChild.h" #include "mozilla/dom/Element.h" @@ -9360,9 +9361,6 @@ nsDocShell::CreatePrincipalFromReferrer(nsIURI* aReferrer, nsIPrincipal** aResult) { nsresult rv; - nsCOMPtr secMan = - do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); - NS_ENSURE_SUCCESS(rv, rv); uint32_t appId; rv = GetAppId(&appId); @@ -9370,12 +9368,14 @@ nsDocShell::CreatePrincipalFromReferrer(nsIURI* aReferrer, bool isInBrowserElement; rv = GetIsInBrowserElement(&isInBrowserElement); NS_ENSURE_SUCCESS(rv, rv); - rv = secMan->GetAppCodebasePrincipal(aReferrer, - appId, - isInBrowserElement, - aResult); - NS_ENSURE_SUCCESS(rv, rv); - return NS_OK; + + // TODO: Bug 1165466 - Pass mOriginAttributes directly. + OriginAttributes attrs(appId, isInBrowserElement); + nsCOMPtr prin = + BasePrincipal::CreateCodebasePrincipal(aReferrer, attrs); + prin.forget(aResult); + + return *aResult ? NS_OK : NS_ERROR_FAILURE; } NS_IMETHODIMP diff --git a/dom/apps/AppsUtils.jsm b/dom/apps/AppsUtils.jsm index e5b9e898d9e..f5d3bd12c27 100644 --- a/dom/apps/AppsUtils.jsm +++ b/dom/apps/AppsUtils.jsm @@ -73,11 +73,9 @@ mozIApplication.prototype = { this._principal = null; try { - this._principal = Services.scriptSecurityManager.getAppCodebasePrincipal( + this._principal = Services.scriptSecurityManager.createCodebasePrincipal( Services.io.newURI(this.origin, null, null), - this.localId, - false /* mozbrowser */ - ); + {appId: this.localId}); } catch(e) { dump("Could not create app principal " + e + "\n"); } diff --git a/dom/apps/OfflineCacheInstaller.jsm b/dom/apps/OfflineCacheInstaller.jsm index 7f81ffd369c..a585da127c2 100644 --- a/dom/apps/OfflineCacheInstaller.jsm +++ b/dom/apps/OfflineCacheInstaller.jsm @@ -228,8 +228,8 @@ function installCache(app) { if (!cacheManifest.exists()) return; - let principal = Services.scriptSecurityManager.getAppCodebasePrincipal( - app.origin, app.localId, false); + let principal = + Services.scriptSecurityManager.createCodebasePrincipal(app.origin, {appId: aApp.localId}); // If the build has been correctly configured, this should not happen! // If we install the cache anyway, it won't be updateable. If we don't install diff --git a/dom/apps/ScriptPreloader.jsm b/dom/apps/ScriptPreloader.jsm index 1925a9b1d2d..5c541c8b9b5 100644 --- a/dom/apps/ScriptPreloader.jsm +++ b/dom/apps/ScriptPreloader.jsm @@ -40,7 +40,7 @@ this.ScriptPreloader = { let toLoad = aManifest.precompile.length; let principal = Services.scriptSecurityManager - .getAppCodebasePrincipal(origin, aApp.localId, false); + .createCodebasePrincipal(origin, {appId: aApp.localId}); aManifest.precompile.forEach((aPath) => { let uri = Services.io.newURI(aPath, null, origin); diff --git a/dom/apps/Webapps.jsm b/dom/apps/Webapps.jsm index afdab53ffa9..2c40970a460 100644 --- a/dom/apps/Webapps.jsm +++ b/dom/apps/Webapps.jsm @@ -820,8 +820,7 @@ this.DOMApplicationRegistry = { let uri = Services.io.newURI(aOrigin, null, null); let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"] .getService(Ci.nsIScriptSecurityManager); - let principal = secMan.getAppCodebasePrincipal(uri, aId, - /*mozbrowser*/ false); + let principal = secMan.createCodebasePrincipal(uri, {appId: aId}); if (!dataStoreService.checkPermission(principal)) { return; } @@ -3369,8 +3368,9 @@ this.DOMApplicationRegistry = { let requestChannel; let appURI = NetUtil.newURI(aNewApp.origin, null, null); - let principal = Services.scriptSecurityManager.getAppCodebasePrincipal( - appURI, aNewApp.localId, false); + let principal = + Services.scriptSecurityManager.createCodebasePrincipal(appURI, + {appId: aNewApp.localId}); if (aIsLocalFileInstall) { requestChannel = NetUtil.newChannel({ diff --git a/dom/base/nsGlobalWindow.cpp b/dom/base/nsGlobalWindow.cpp index 4726af28b22..c5c15cb9197 100644 --- a/dom/base/nsGlobalWindow.cpp +++ b/dom/base/nsGlobalWindow.cpp @@ -95,7 +95,6 @@ #include "nsThreadUtils.h" #include "nsILoadContext.h" #include "nsIPresShell.h" -#include "nsIScriptSecurityManager.h" #include "nsIScrollableFrame.h" #include "nsView.h" #include "nsViewManager.h" @@ -192,6 +191,7 @@ #include "nsRefreshDriver.h" #include "mozilla/AddonPathService.h" +#include "mozilla/BasePrincipal.h" #include "mozilla/Services.h" #include "mozilla/Telemetry.h" #include "nsLocation.h" @@ -256,6 +256,8 @@ static const char kStorageEnabled[] = "dom.storage.enabled"; using namespace mozilla; using namespace mozilla::dom; using namespace mozilla::dom::ipc; +using mozilla::BasePrincipal; +using mozilla::OriginAttributes; using mozilla::TimeStamp; using mozilla::TimeDuration; using mozilla::dom::cache::CacheStorage; @@ -8586,21 +8588,14 @@ nsGlobalWindow::PostMessageMozOuter(JSContext* aCx, JS::Handle aMessa return; } - nsCOMPtr ssm = - nsContentUtils::GetSecurityManager(); - MOZ_ASSERT(ssm); - nsCOMPtr principal = nsContentUtils::SubjectPrincipal(); MOZ_ASSERT(principal); - uint32_t appId = principal->GetAppId(); - bool isInBrowser = principal->GetIsInBrowserElement(); - + OriginAttributes attrs = BasePrincipal::Cast(principal)->OriginAttributesRef(); // Create a nsIPrincipal inheriting the app/browser attributes from the // caller. - nsresult rv = ssm->GetAppCodebasePrincipal(originURI, appId, isInBrowser, - getter_AddRefs(providedPrincipal)); - if (NS_WARN_IF(NS_FAILED(rv))) { + providedPrincipal = BasePrincipal::CreateCodebasePrincipal(originURI, attrs); + if (NS_WARN_IF(!providedPrincipal)) { return; } } diff --git a/dom/browser-element/BrowserElementParent.js b/dom/browser-element/BrowserElementParent.js index 1cf6847f3ec..4856bcfd338 100644 --- a/dom/browser-element/BrowserElementParent.js +++ b/dom/browser-element/BrowserElementParent.js @@ -833,14 +833,16 @@ BrowserElementParent.prototype = { catch(e) { debug('Malformed referrer -- ' + e); } + + // TODO Bug 1165466: use originAttributes from nsILoadContext. + let attrs = {appId: this._frameLoader.loadContext.appId, + inBrowser: this._frameLoader.loadContext.isInBrowserElement}; // This simply returns null if there is no principal available // for the requested uri. This is an acceptable fallback when // calling newChannelFromURI2. - principal = - Services.scriptSecurityManager.getAppCodebasePrincipal( - referrer, - this._frameLoader.loadContext.appId, - this._frameLoader.loadContext.isInBrowserElement); + principal = + Services.scriptSecurityManager.createCodebasePrincipal( + referrer, attrs); } debug('Using principal? ' + !!principal); diff --git a/dom/browser-element/mochitest/browserElement_Auth.js b/dom/browser-element/mochitest/browserElement_Auth.js index 639a5159ae0..92989878679 100644 --- a/dom/browser-element/mochitest/browserElement_Auth.js +++ b/dom/browser-element/mochitest/browserElement_Auth.js @@ -158,15 +158,17 @@ function testAuthJarNoInterfere(e) { // Set a bunch of auth data that should not conflict with the correct auth data already // stored in the cache. - var principal = secMan.getAppCodebasePrincipal(uri, 1, false); + var attrs = {appId: 1}; + var principal = secMan.createCodebasePrincipal(uri, attrs); authMgr.setAuthIdentity('http', 'test', -1, 'basic', 'http_realm', 'tests/dom/browser-element/mochitest/file_http_401_response.sjs', '', 'httpuser', 'wrongpass', false, principal); - principal = secMan.getAppCodebasePrincipal(uri, 1, true); + attrs = {appId: 1, inBrowser: true}; + principal = secMan.createCodebasePrincipal(uri, attrs); authMgr.setAuthIdentity('http', 'test', -1, 'basic', 'http_realm', 'tests/dom/browser-element/mochitest/file_http_401_response.sjs', '', 'httpuser', 'wrongpass', false, principal); - principal = secMan.getAppCodebasePrincipal(uri, secMan.NO_APP_ID, false); + principal = secMan.createCodebasePrincipal(uri, {}); authMgr.setAuthIdentity('http', 'test', -1, 'basic', 'http_realm', 'tests/dom/browser-element/mochitest/file_http_401_response.sjs', '', 'httpuser', 'wrongpass', false, principal); @@ -196,7 +198,7 @@ function testAuthJarInterfere(e) { var uri = ioService.newURI("http://test/tests/dom/browser-element/mochitest/file_http_401_response.sjs", null, null); // Set some auth data that should overwrite the successful stored details. - var principal = secMan.getAppCodebasePrincipal(uri, secMan.NO_APP_ID, true); + var principal = secMan.createCodebasePrincipal(uri, {inBrowser: true}); authMgr.setAuthIdentity('http', 'test', -1, 'basic', 'http_realm', 'tests/dom/browser-element/mochitest/file_http_401_response.sjs', '', 'httpuser', 'wrongpass', false, principal); diff --git a/dom/datastore/DataStoreService.cpp b/dom/datastore/DataStoreService.cpp index 67391d3b9f1..6710aa22990 100644 --- a/dom/datastore/DataStoreService.cpp +++ b/dom/datastore/DataStoreService.cpp @@ -14,6 +14,7 @@ #include "mozilla/dom/DataStoreImplBinding.h" #include "nsIDataStore.h" +#include "mozilla/BasePrincipal.h" #include "mozilla/Preferences.h" #include "mozilla/Services.h" #include "mozilla/StaticPtr.h" @@ -56,6 +57,9 @@ return NS_ERROR_FAILURE; \ } +using mozilla::BasePrincipal; +using mozilla::OriginAttributes; + namespace mozilla { namespace dom { @@ -213,17 +217,10 @@ ResetPermission(uint32_t aAppId, const nsAString& aOriginURL, return rv; } - nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager(); - if (!ssm) { - return NS_ERROR_FAILURE; - } - - nsCOMPtr principal; - rv = ssm->GetAppCodebasePrincipal(uri, aAppId, false, - getter_AddRefs(principal)); - if (NS_WARN_IF(NS_FAILED(rv))) { - return rv; - } + OriginAttributes attrs(aAppId, false); + nsCOMPtr principal = + BasePrincipal::CreateCodebasePrincipal(uri, attrs); + NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE); nsCOMPtr pm = do_GetService(NS_PERMISSIONMANAGER_CONTRACTID); diff --git a/dom/indexedDB/ActorsParent.cpp b/dom/indexedDB/ActorsParent.cpp index 8e96517e8b8..5f41d382312 100644 --- a/dom/indexedDB/ActorsParent.cpp +++ b/dom/indexedDB/ActorsParent.cpp @@ -18519,12 +18519,6 @@ FactoryOp::CheckAtLeastOneAppHasPermission(ContentParent* aContentParent, return false; } - nsCOMPtr secMan = - do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID); - if (NS_WARN_IF(!secMan)) { - return false; - } - nsCOMPtr permMan = mozilla::services::GetPermissionManager(); if (NS_WARN_IF(!permMan)) { @@ -18548,24 +18542,9 @@ FactoryOp::CheckAtLeastOneAppHasPermission(ContentParent* aContentParent, return false; } - nsString origin; - rv = app->GetOrigin(origin); - if (NS_WARN_IF(NS_FAILED(rv))) { - return false; - } - - nsCOMPtr uri; - rv = NS_NewURI(getter_AddRefs(uri), origin, nullptr, nullptr, ioService); - if (NS_WARN_IF(NS_FAILED(rv))) { - return false; - } - nsCOMPtr principal; - rv = secMan->GetAppCodebasePrincipal(uri, appId, false, - getter_AddRefs(principal)); - if (NS_WARN_IF(NS_FAILED(rv))) { - return false; - } + app->GetPrincipal(getter_AddRefs(principal)); + NS_ENSURE_TRUE(principal, false); uint32_t permission; rv = permMan->TestExactPermissionFromPrincipal(principal, diff --git a/dom/indexedDB/test/unit/test_defaultStorageUpgrade.js b/dom/indexedDB/test/unit/test_defaultStorageUpgrade.js index 7f7ab312ed0..e6c67c1e692 100644 --- a/dom/indexedDB/test/unit/test_defaultStorageUpgrade.js +++ b/dom/indexedDB/test/unit/test_defaultStorageUpgrade.js @@ -92,8 +92,9 @@ function testSteps() let uri = ios.newURI(params.url, null, null); let principal; if ("appId" in params) { - principal = ssm.getAppCodebasePrincipal(uri, params.appId, - params.inMozBrowser); + principal = + ssm.createCodebasePrincipal(uri, {appId: params.appId, + inBrowser: params.inMozBrowser}); } else { principal = ssm.getNoAppCodebasePrincipal(uri); } diff --git a/dom/ipc/AppProcessChecker.cpp b/dom/ipc/AppProcessChecker.cpp index 57118a1a8bc..44a57576a95 100644 --- a/dom/ipc/AppProcessChecker.cpp +++ b/dom/ipc/AppProcessChecker.cpp @@ -12,7 +12,6 @@ #include "mozilla/hal_sandbox/PHalParent.h" #include "nsIAppsService.h" #include "nsIPrincipal.h" -#include "nsIScriptSecurityManager.h" #include "nsPrintfCString.h" #include "nsIURI.h" #include "nsNetUtil.h" @@ -232,21 +231,10 @@ GetAppPrincipal(uint32_t aAppId) nsresult rv = appsService->GetAppByLocalId(aAppId, getter_AddRefs(app)); NS_ENSURE_SUCCESS(rv, nullptr); - nsString origin; - rv = app->GetOrigin(origin); - NS_ENSURE_SUCCESS(rv, nullptr); + nsCOMPtr principal; + app->GetPrincipal(getter_AddRefs(principal)); - nsCOMPtr uri; - NS_NewURI(getter_AddRefs(uri), origin); - - nsCOMPtr secMan = - do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID); - - nsCOMPtr appPrincipal; - rv = secMan->GetAppCodebasePrincipal(uri, aAppId, false, - getter_AddRefs(appPrincipal)); - NS_ENSURE_SUCCESS(rv, nullptr); - return appPrincipal.forget(); + return principal.forget(); } uint32_t diff --git a/dom/ipc/TabChild.cpp b/dom/ipc/TabChild.cpp index 1cc9662da1f..22ca5ed560c 100644 --- a/dom/ipc/TabChild.cpp +++ b/dom/ipc/TabChild.cpp @@ -1562,23 +1562,15 @@ TabChild::MaybeRequestPreinitCamera() return; } - nsString manifestUrl = EmptyString(); - appsService->GetManifestURLByLocalId(OwnAppId(), manifestUrl); - nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); - if (NS_WARN_IF(!secMan)) { - return; - } - - nsCOMPtr uri; - nsresult rv = NS_NewURI(getter_AddRefs(uri), manifestUrl); - if (NS_WARN_IF(NS_FAILED(rv))) { + nsCOMPtr app; + nsresult rv = appsService->GetAppByLocalId(OwnAppId(), getter_AddRefs(app)); + if (NS_WARN_IF(NS_FAILED(rv)) || !app) { return; } nsCOMPtr principal; - rv = secMan->GetAppCodebasePrincipal(uri, OwnAppId(), false, - getter_AddRefs(principal)); - if (NS_WARN_IF(NS_FAILED(rv))) { + app->GetPrincipal(getter_AddRefs(principal)); + if (NS_WARN_IF(!principal)) { return; } diff --git a/dom/payment/Payment.jsm b/dom/payment/Payment.jsm index d833448df90..6ab9351bf96 100644 --- a/dom/payment/Payment.jsm +++ b/dom/payment/Payment.jsm @@ -236,8 +236,9 @@ let PaymentManager = { if (systemAppId != Ci.nsIScriptSecurityManager.NO_APP_ID) { this.LOG("Granting firefox-accounts permission to " + provider.uri); let uri = Services.io.newURI(provider.uri, null, null); - let principal = Services.scriptSecurityManager - .getAppCodebasePrincipal(uri, systemAppId, true); + let attrs = {appId: systemAppId, inBrowser: true}; + let principal = + Services.scriptSecurityManager.createCodebasePrincipal(uri, attrs); Services.perms.addFromPrincipal(principal, "firefox-accounts", Ci.nsIPermissionManager.ALLOW_ACTION, diff --git a/dom/permission/PermissionSettings.js b/dom/permission/PermissionSettings.js index 0921554ea2b..6e8d3adb4d7 100644 --- a/dom/permission/PermissionSettings.js +++ b/dom/permission/PermissionSettings.js @@ -35,10 +35,14 @@ XPCOMUtils.defineLazyServiceGetter(this, PermissionSettings.prototype = { get: function get(aPermName, aManifestURL, aOrigin, aBrowserFlag) { + // TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.js debug("Get called with: " + aPermName + ", " + aManifestURL + ", " + aOrigin + ", " + aBrowserFlag); let uri = Services.io.newURI(aOrigin, null, null); let appID = appsService.getAppLocalIdByManifestURL(aManifestURL); - let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, appID, aBrowserFlag); + let principal = + Services.scriptSecurityManager.createCodebasePrincipal(uri, + {appId: appID, + inBrowser: aBrowserFlag}); let result = Services.perms.testExactPermanentPermission(principal, aPermName); switch (result) @@ -59,11 +63,12 @@ PermissionSettings.prototype = { isExplicit: function isExplicit(aPermName, aManifestURL, aOrigin, aBrowserFlag) { + // TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.js debug("isExplicit: " + aPermName + ", " + aManifestURL + ", " + aOrigin); let uri = Services.io.newURI(aOrigin, null, null); let app = appsService.getAppByManifestURL(aManifestURL); let principal = Services.scriptSecurityManager - .getAppCodebasePrincipal(uri, app.localId, aBrowserFlag); + .createCodebasePrincipal(uri, {appId: app.localId, inBrowser: aBrowserFlag}); return isExplicitInPermissionsTable(aPermName, principal.appStatus, @@ -99,9 +104,13 @@ PermissionSettings.prototype = { }, remove: function remove(aPermName, aManifestURL, aOrigin) { + // TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.js let uri = Services.io.newURI(aOrigin, null, null); let appID = appsService.getAppLocalIdByManifestURL(aManifestURL); - let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, appID, true); + let principal = + Services.scriptSecurityManager.createCodebasePrincipal(uri, + {appId: appID, + inBrowser: true}); if (principal.appStatus !== Ci.nsIPrincipal.APP_STATUS_NOT_INSTALLED) { let errorMsg = "PermissionSettings.js: '" + aOrigin + "'" + diff --git a/dom/permission/PermissionSettings.jsm b/dom/permission/PermissionSettings.jsm index 6c948ffc2fc..8cda5e09a04 100644 --- a/dom/permission/PermissionSettings.jsm +++ b/dom/permission/PermissionSettings.jsm @@ -67,9 +67,13 @@ this.PermissionSettingsModule = { _internalAddPermission: function _internalAddPermission(aData, aAllowAllChanges, aCallbacks) { + // TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.jsm let uri = Services.io.newURI(aData.origin, null, null); let app = appsService.getAppByManifestURL(aData.manifestURL); - let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, app.localId, aData.browserFlag); + let principal = + Services.scriptSecurityManager.createCodebasePrincipal(uri, + {appId: app.localId, + inBrowser: aData.browserFlag}); let action; switch (aData.value) @@ -103,10 +107,14 @@ this.PermissionSettingsModule = { }, getPermission: function getPermission(aPermName, aManifestURL, aOrigin, aBrowserFlag) { + // TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.jsm debug("getPermission: " + aPermName + ", " + aManifestURL + ", " + aOrigin); let uri = Services.io.newURI(aOrigin, null, null); let appID = appsService.getAppLocalIdByManifestURL(aManifestURL); - let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, appID, aBrowserFlag); + let principal = + Services.scriptSecurityManager.createCodebasePrincipal(uri, + {appId: appID, + inBrowser: aBrowserFlag}); let result = Services.perms.testExactPermissionFromPrincipal(principal, aPermName); switch (result) diff --git a/dom/quota/QuotaManager.cpp b/dom/quota/QuotaManager.cpp index 3ecffc3c980..ab451bbd63a 100644 --- a/dom/quota/QuotaManager.cpp +++ b/dom/quota/QuotaManager.cpp @@ -5288,10 +5288,9 @@ StorageDirectoryHelper::RunOnMainThread() rv = secMan->GetSimpleCodebasePrincipal(uri, getter_AddRefs(principal)); } else { - rv = secMan->GetAppCodebasePrincipal(uri, - originProps.mAppId, - originProps.mInMozBrowser, - getter_AddRefs(principal)); + OriginAttributes attrs(originProps.mAppId, originProps.mInMozBrowser); + principal = BasePrincipal::CreateCodebasePrincipal(uri, attrs); + rv = principal ? NS_OK : NS_ERROR_FAILURE; } if (NS_WARN_IF(NS_FAILED(rv))) { return rv; diff --git a/extensions/cookie/nsPermissionManager.cpp b/extensions/cookie/nsPermissionManager.cpp index 9704e4a5692..351f2e5f744 100644 --- a/extensions/cookie/nsPermissionManager.cpp +++ b/extensions/cookie/nsPermissionManager.cpp @@ -126,10 +126,13 @@ GetPrincipalFromOrigin(const nsACString& aOrigin, nsIPrincipal** aPrincipal) nsresult GetPrincipal(nsIURI* aURI, uint32_t aAppId, bool aIsInBrowserElement, nsIPrincipal** aPrincipal) { - nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); - NS_ENSURE_TRUE(secMan, NS_ERROR_FAILURE); + // TODO: Bug 1165267 - Use OriginAttributes for nsCookieService + mozilla::OriginAttributes attrs(aAppId, aIsInBrowserElement); + nsCOMPtr principal = mozilla::BasePrincipal::CreateCodebasePrincipal(aURI, attrs); + NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE); - return secMan->GetAppCodebasePrincipal(aURI, aAppId, aIsInBrowserElement, aPrincipal); + principal.forget(aPrincipal); + return NS_OK; } nsresult diff --git a/extensions/cookie/test/test_app_uninstall_permissions.html b/extensions/cookie/test/test_app_uninstall_permissions.html index 13cf9f7380b..be942c789b9 100644 --- a/extensions/cookie/test/test_app_uninstall_permissions.html +++ b/extensions/cookie/test/test_app_uninstall_permissions.html @@ -67,19 +67,22 @@ function onInstall() { var currentPermissionCount = getPermissionCountForApp(-1); - var principal = secMan.getAppCodebasePrincipal(ioService.newURI("http://www.example.com", null, null), - testAppId, false); + var attrs = {appId: testAppId}; + var principal = secMan.createCodebasePrincipal(ioService.newURI("http://www.example.com", null, null), + attrs); permManager.addFromPrincipal(principal, "foobar", Ci.nsIPermissionManager.ALLOW_ACTION); permManager.addFromPrincipal(principal, "foo", Ci.nsIPermissionManager.DENY_ACTION); permManager.addFromPrincipal(principal, "bar", Ci.nsIPermissionManager.ALLOW_ACTION, Ci.nsIPermissionManager.EXPIRE_SESSION, 0); - principal = secMan.getAppCodebasePrincipal(ioService.newURI("http://www.example.com", null, null), - testAppId, true); + attrs = {appId: testAppId, inBrowser: true}; + principal = secMan.createCodebasePrincipal(ioService.newURI("http://www.example.com", null, null), + attrs); permManager.addFromPrincipal(principal, "foobar", Ci.nsIPermissionManager.ALLOW_ACTION); - principal = secMan.getAppCodebasePrincipal(ioService.newURI("http://www.example.org", null, null), - testAppId, false); + attrs = {appId: testAppId}; + principal = secMan.createCodebasePrincipal(ioService.newURI("http://www.example.org", null, null), + attrs); permManager.addFromPrincipal(principal, "foobar", Ci.nsIPermissionManager.ALLOW_ACTION); is(getPermissionCountForApp(testAppId), 5, "App should have 5 permissions"); diff --git a/extensions/cookie/test/unit/test_permmanager_cleardata.js b/extensions/cookie/test/unit/test_permmanager_cleardata.js index 675c863d85c..5ff228ab81c 100644 --- a/extensions/cookie/test/unit/test_permmanager_cleardata.js +++ b/extensions/cookie/test/unit/test_permmanager_cleardata.js @@ -6,7 +6,8 @@ let pm; // Create a principal based on the { origin, appId, browserElement }. function createPrincipal(aOrigin, aAppId, aBrowserElement) { - return Services.scriptSecurityManager.getAppCodebasePrincipal(NetUtil.newURI(aOrigin), aAppId, aBrowserElement); + var attrs = {appId: aAppId, inBrowser: aBrowserElement}; + return Services.scriptSecurityManager.createCodebasePrincipal(NetUtil.newURI(aOrigin), attrs); } // Return the subject required by 'webapps-clear-data' notification. diff --git a/extensions/cookie/test/unit/test_permmanager_defaults.js b/extensions/cookie/test/unit/test_permmanager_defaults.js index 664211deb6c..39048217c43 100644 --- a/extensions/cookie/test/unit/test_permmanager_defaults.js +++ b/extensions/cookie/test/unit/test_permmanager_defaults.js @@ -55,8 +55,9 @@ add_task(function* do_test() { let principalHttps = Services.scriptSecurityManager.getNoAppCodebasePrincipal(TEST_ORIGIN_HTTPS); let principal2 = Services.scriptSecurityManager.getNoAppCodebasePrincipal(TEST_ORIGIN_2); let principal3 = Services.scriptSecurityManager.getNoAppCodebasePrincipal(TEST_ORIGIN_3); - let principal4 = Services.scriptSecurityManager.getAppCodebasePrincipal(TEST_ORIGIN, 1000, true); - let principal5 = Services.scriptSecurityManager.getAppCodebasePrincipal(TEST_ORIGIN_3, 1000, true); + let attrs = {appId: 1000, inBrowser: true}; + let principal4 = Services.scriptSecurityManager.createCodebasePrincipal(TEST_ORIGIN, attrs); + let principal5 = Services.scriptSecurityManager.createCodebasePrincipal(TEST_ORIGIN_3, attrs); do_check_eq(Ci.nsIPermissionManager.ALLOW_ACTION, pm.testPermissionFromPrincipal(principal, TEST_PERMISSION)); diff --git a/extensions/cookie/test/unit/test_permmanager_matches.js b/extensions/cookie/test/unit/test_permmanager_matches.js index 475581aeabd..fa97cabdf1f 100644 --- a/extensions/cookie/test/unit/test_permmanager_matches.js +++ b/extensions/cookie/test/unit/test_permmanager_matches.js @@ -45,33 +45,37 @@ function run_test() { let uri4_n_n = secMan.getNoAppCodebasePrincipal(uri4); let uri5_n_n = secMan.getNoAppCodebasePrincipal(uri5); - let uri0_1000_n = secMan.getAppCodebasePrincipal(uri0, 1000, false); - let uri1_1000_n = secMan.getAppCodebasePrincipal(uri1, 1000, false); - let uri2_1000_n = secMan.getAppCodebasePrincipal(uri2, 1000, false); - let uri3_1000_n = secMan.getAppCodebasePrincipal(uri3, 1000, false); - let uri4_1000_n = secMan.getAppCodebasePrincipal(uri4, 1000, false); - let uri5_1000_n = secMan.getAppCodebasePrincipal(uri5, 1000, false); + let attrs = {appId: 1000}; + let uri0_1000_n = secMan.createCodebasePrincipal(uri0, attrs); + let uri1_1000_n = secMan.createCodebasePrincipal(uri1, attrs); + let uri2_1000_n = secMan.createCodebasePrincipal(uri2, attrs); + let uri3_1000_n = secMan.createCodebasePrincipal(uri3, attrs); + let uri4_1000_n = secMan.createCodebasePrincipal(uri4, attrs); + let uri5_1000_n = secMan.createCodebasePrincipal(uri5, attrs); - let uri0_1000_y = secMan.getAppCodebasePrincipal(uri0, 1000, true); - let uri1_1000_y = secMan.getAppCodebasePrincipal(uri1, 1000, true); - let uri2_1000_y = secMan.getAppCodebasePrincipal(uri2, 1000, true); - let uri3_1000_y = secMan.getAppCodebasePrincipal(uri3, 1000, true); - let uri4_1000_y = secMan.getAppCodebasePrincipal(uri4, 1000, true); - let uri5_1000_y = secMan.getAppCodebasePrincipal(uri5, 1000, true); + attrs = {appId: 1000, inBrowser: true}; + let uri0_1000_y = secMan.createCodebasePrincipal(uri0, attrs); + let uri1_1000_y = secMan.createCodebasePrincipal(uri1, attrs); + let uri2_1000_y = secMan.createCodebasePrincipal(uri2, attrs); + let uri3_1000_y = secMan.createCodebasePrincipal(uri3, attrs); + let uri4_1000_y = secMan.createCodebasePrincipal(uri4, attrs); + let uri5_1000_y = secMan.createCodebasePrincipal(uri5, attrs); - let uri0_2000_n = secMan.getAppCodebasePrincipal(uri0, 2000, false); - let uri1_2000_n = secMan.getAppCodebasePrincipal(uri1, 2000, false); - let uri2_2000_n = secMan.getAppCodebasePrincipal(uri2, 2000, false); - let uri3_2000_n = secMan.getAppCodebasePrincipal(uri3, 2000, false); - let uri4_2000_n = secMan.getAppCodebasePrincipal(uri4, 2000, false); - let uri5_2000_n = secMan.getAppCodebasePrincipal(uri5, 2000, false); + attrs = {appId: 2000}; + let uri0_2000_n = secMan.createCodebasePrincipal(uri0, attrs); + let uri1_2000_n = secMan.createCodebasePrincipal(uri1, attrs); + let uri2_2000_n = secMan.createCodebasePrincipal(uri2, attrs); + let uri3_2000_n = secMan.createCodebasePrincipal(uri3, attrs); + let uri4_2000_n = secMan.createCodebasePrincipal(uri4, attrs); + let uri5_2000_n = secMan.createCodebasePrincipal(uri5, attrs); - let uri0_2000_y = secMan.getAppCodebasePrincipal(uri0, 2000, true); - let uri1_2000_y = secMan.getAppCodebasePrincipal(uri1, 2000, true); - let uri2_2000_y = secMan.getAppCodebasePrincipal(uri2, 2000, true); - let uri3_2000_y = secMan.getAppCodebasePrincipal(uri3, 2000, true); - let uri4_2000_y = secMan.getAppCodebasePrincipal(uri4, 2000, true); - let uri5_2000_y = secMan.getAppCodebasePrincipal(uri5, 2000, true); + attrs = {appId: 2000, inBrowser: true}; + let uri0_2000_y = secMan.createCodebasePrincipal(uri0, attrs); + let uri1_2000_y = secMan.createCodebasePrincipal(uri1, attrs); + let uri2_2000_y = secMan.createCodebasePrincipal(uri2, attrs); + let uri3_2000_y = secMan.createCodebasePrincipal(uri3, attrs); + let uri4_2000_y = secMan.createCodebasePrincipal(uri4, attrs); + let uri5_2000_y = secMan.createCodebasePrincipal(uri5, attrs); pm.addFromPrincipal(uri0_n_n, "test/matches", pm.ALLOW_ACTION); let perm_n_n = pm.getPermissionObject(uri0_n_n, "test/matches", true); diff --git a/extensions/cookie/test/unit/test_permmanager_matchesuri.js b/extensions/cookie/test/unit/test_permmanager_matchesuri.js index 7317cb35d3a..1b9e5fcfce1 100644 --- a/extensions/cookie/test/unit/test_permmanager_matchesuri.js +++ b/extensions/cookie/test/unit/test_permmanager_matchesuri.js @@ -30,8 +30,9 @@ function mk_permission(uri, isAppPermission = false) { .getService(Ci.nsIScriptSecurityManager); // Get the permission from the principal! + let attrs = {appId: 1000}; let principal = isAppPermission ? - secMan.getAppCodebasePrincipal(uri, 1000, false) : + secMan.createCodebasePrincipal(uri, attrs) : secMan.getNoAppCodebasePrincipal(uri); pm.addFromPrincipal(principal, "test/matchesuri", pm.ALLOW_ACTION); diff --git a/ipc/glue/BackgroundUtils.cpp b/ipc/glue/BackgroundUtils.cpp index 1db7fee623d..517bfab3bde 100644 --- a/ipc/glue/BackgroundUtils.cpp +++ b/ipc/glue/BackgroundUtils.cpp @@ -6,6 +6,7 @@ #include "MainThreadUtils.h" #include "mozilla/Assertions.h" +#include "mozilla/BasePrincipal.h" #include "mozilla/ipc/PBackgroundSharedTypes.h" #include "mozilla/net/NeckoChannelParams.h" #include "nsPrincipal.h" @@ -23,6 +24,8 @@ namespace net { class OptionalLoadInfoArgs; } +using mozilla::BasePrincipal; +using mozilla::OriginAttributes; using namespace mozilla::net; namespace ipc { @@ -77,10 +80,10 @@ PrincipalInfoToPrincipal(const PrincipalInfo& aPrincipalInfo, if (info.appId() == nsIScriptSecurityManager::UNKNOWN_APP_ID) { rv = secMan->GetSimpleCodebasePrincipal(uri, getter_AddRefs(principal)); } else { - rv = secMan->GetAppCodebasePrincipal(uri, - info.appId(), - info.isInBrowserElement(), - getter_AddRefs(principal)); + // TODO: Bug 1167100 - User nsIPrincipal.originAttribute in ContentPrincipalInfo + OriginAttributes attrs(info.appId(), info.isInBrowserElement()); + principal = BasePrincipal::CreateCodebasePrincipal(uri, attrs); + rv = principal ? NS_OK : NS_ERROR_FAILURE; } if (NS_WARN_IF(NS_FAILED(rv))) { return nullptr; diff --git a/netwerk/cookie/CookieServiceParent.cpp b/netwerk/cookie/CookieServiceParent.cpp index 467eeba8cf9..beec3207c8b 100644 --- a/netwerk/cookie/CookieServiceParent.cpp +++ b/netwerk/cookie/CookieServiceParent.cpp @@ -7,6 +7,7 @@ #include "mozilla/dom/PContentParent.h" #include "mozilla/net/NeckoParent.h" +#include "mozilla/BasePrincipal.h" #include "mozilla/ipc/URIUtils.h" #include "nsCookieService.h" #include "nsIScriptSecurityManager.h" @@ -16,6 +17,8 @@ #include "SerializedLoadContext.h" using namespace mozilla::ipc; +using mozilla::BasePrincipal; +using mozilla::OriginAttributes; using mozilla::dom::PContentParent; using mozilla::net::NeckoParent; @@ -29,16 +32,16 @@ CreateDummyChannel(nsIURI* aHostURI, uint32_t aAppId, bool aInMozBrowser, { MOZ_ASSERT(aAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID); - nsCOMPtr principal; - nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager(); - nsresult rv = ssm->GetAppCodebasePrincipal(aHostURI, aAppId, aInMozBrowser, - getter_AddRefs(principal)); - if (NS_FAILED(rv)) { + // TODO: Bug 1165267 - Use OriginAttributes for nsCookieService + OriginAttributes attrs(aAppId, aInMozBrowser); + nsCOMPtr principal = + BasePrincipal::CreateCodebasePrincipal(aHostURI, attrs); + if (!principal) { return; } nsCOMPtr dummyURI; - rv = NS_NewURI(getter_AddRefs(dummyURI), "about:blank"); + nsresult rv = NS_NewURI(getter_AddRefs(dummyURI), "about:blank"); if (NS_FAILED(rv)) { return; } diff --git a/netwerk/protocol/http/HttpChannelParent.cpp b/netwerk/protocol/http/HttpChannelParent.cpp index fd6b5e58aa0..6febd5687f4 100644 --- a/netwerk/protocol/http/HttpChannelParent.cpp +++ b/netwerk/protocol/http/HttpChannelParent.cpp @@ -17,7 +17,6 @@ #include "nsNetUtil.h" #include "nsISupportsPriority.h" #include "nsIAuthPromptProvider.h" -#include "nsIScriptSecurityManager.h" #include "nsSerializationHelper.h" #include "nsISerializable.h" #include "nsIAssociatedContentSecurity.h" @@ -34,7 +33,10 @@ #include "mozilla/LoadInfo.h" #include "nsIHttpHeaderVisitor.h" #include "nsQueryObject.h" +#include "mozilla/BasePrincipal.h" +using mozilla::BasePrincipal; +using mozilla::OriginAttributes; using namespace mozilla::dom; using namespace mozilla::ipc; @@ -456,17 +458,15 @@ HttpChannelParent::DoAsyncOpen( const URIParams& aURI, mLoadContext->GetIsInBrowserElement(&inBrowser); } - bool chooseAppCache = false; - nsCOMPtr secMan = - do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID); - if (secMan) { - nsCOMPtr principal; - secMan->GetAppCodebasePrincipal(uri, appId, inBrowser, getter_AddRefs(principal)); + // TODO: Bug 1165466 - use originAttribute in nsILoadContext. + OriginAttributes attrs(appId, inBrowser); + nsCOMPtr principal = + BasePrincipal::CreateCodebasePrincipal(uri, attrs); - // This works because we've already called SetNotificationCallbacks and - // done mPBOverride logic by this point. - chooseAppCache = NS_ShouldCheckAppCache(principal, NS_UsePrivateBrowsing(mChannel)); - } + bool chooseAppCache = false; + // This works because we've already called SetNotificationCallbacks and + // done mPBOverride logic by this point. + chooseAppCache = NS_ShouldCheckAppCache(principal, NS_UsePrivateBrowsing(mChannel)); appCacheChan->SetChooseApplicationCache(chooseAppCache); } diff --git a/netwerk/test/unit/test_auth_jar.js b/netwerk/test/unit/test_auth_jar.js index 5a1e909caaf..b5e42b5e836 100644 --- a/netwerk/test/unit/test_auth_jar.js +++ b/netwerk/test/unit/test_auth_jar.js @@ -13,9 +13,9 @@ function run_test() { var secMan = Cc["@mozilla.org/scriptsecuritymanager;1"].getService(Ci.nsIScriptSecurityManager); const kURI1 = "http://example.com"; - var app1 = secMan.getAppCodebasePrincipal(createURI(kURI1), 1, false); - var app10 = secMan.getAppCodebasePrincipal(createURI(kURI1), 10, false); - var app1browser = secMan.getAppCodebasePrincipal(createURI(kURI1), 1, true); + var app1 = secMan.createCodebasePrincipal(createURI(kURI1), {appId: 1}); + var app10 = secMan.createCodebasePrincipal(createURI(kURI1),{appId: 10}); + var app1browser = secMan.createCodebasePrincipal(createURI(kURI1), {appId: 1, inBrowser: true}); var am = Cc["@mozilla.org/network/http-auth-manager;1"]. getService(Ci.nsIHttpAuthManager); diff --git a/services/fxaccounts/tests/xpcshell/test_manager.js b/services/fxaccounts/tests/xpcshell/test_manager.js index 37774bd6fcc..0a87e7db93e 100644 --- a/services/fxaccounts/tests/xpcshell/test_manager.js +++ b/services/fxaccounts/tests/xpcshell/test_manager.js @@ -25,7 +25,7 @@ function makePrincipal(origin, appId) { let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"] .getService(Ci.nsIScriptSecurityManager); let uri = Services.io.newURI(origin, null, null); - return secMan.getAppCodebasePrincipal(uri, appId, false); + return secMan.createCodebasePrincipal(uri, {appId: appId}); } let principal = makePrincipal('app://settings.gaiamobile.org', 27, false); diff --git a/services/mobileid/MobileIdentityManager.jsm b/services/mobileid/MobileIdentityManager.jsm index 102ee031173..77d99def065 100644 --- a/services/mobileid/MobileIdentityManager.jsm +++ b/services/mobileid/MobileIdentityManager.jsm @@ -897,9 +897,7 @@ this.MobileIdentityManager = { getMobileIdAssertion: function(aPrincipal, aPromiseId, aOptions) { log.debug("getMobileIdAssertion ${}", aPrincipal); - let uri = Services.io.newURI(aPrincipal.origin, null, null); - let principal = securityManager.getAppCodebasePrincipal( - uri, aPrincipal.appId, aPrincipal.isInBrowserElement); + let principal = aPrincipal; let manifestURL = appsService.getManifestURLByLocalId(aPrincipal.appId); let permission = permissionManager.testPermissionFromPrincipal( diff --git a/services/mobileid/tests/xpcshell/head.js b/services/mobileid/tests/xpcshell/head.js index 5d2c388fb9d..a77ac35895e 100644 --- a/services/mobileid/tests/xpcshell/head.js +++ b/services/mobileid/tests/xpcshell/head.js @@ -125,9 +125,10 @@ function addPermission(aAction) { let uri = Cc["@mozilla.org/network/io-service;1"] .getService(Ci.nsIIOService) .newURI(ORIGIN, null, null); + let attrs = {appId: APP_ID}; let _principal = Cc["@mozilla.org/scriptsecuritymanager;1"] .getService(Ci.nsIScriptSecurityManager) - .getAppCodebasePrincipal(uri, APP_ID, false); + .createCodebasePrincipal(uri, attrs); let pm = Cc["@mozilla.org/permissionmanager;1"] .getService(Ci.nsIPermissionManager); pm.addFromPrincipal(_principal, MOBILEID_PERM, aAction); @@ -137,9 +138,10 @@ function removePermission() { let uri = Cc["@mozilla.org/network/io-service;1"] .getService(Ci.nsIIOService) .newURI(ORIGIN, null, null); + let attrs = {appId: APP_ID}; let _principal = Cc["@mozilla.org/scriptsecuritymanager;1"] .getService(Ci.nsIScriptSecurityManager) - .getAppCodebasePrincipal(uri, APP_ID, false); + .createCodebasePrincipal(uri, attrs); let pm = Cc["@mozilla.org/permissionmanager;1"] .getService(Ci.nsIPermissionManager); pm.removeFromPrincipal(_principal, MOBILEID_PERM); diff --git a/testing/marionette/driver/marionette_driver/marionette.py b/testing/marionette/driver/marionette_driver/marionette.py index 5f7b997479f..56b156395a1 100644 --- a/testing/marionette/driver/marionette_driver/marionette.py +++ b/testing/marionette/driver/marionette_driver/marionette.py @@ -809,9 +809,10 @@ class Marionette(object): Components.utils.import("resource://gre/modules/Services.jsm"); let perm = arguments[0]; let secMan = Services.scriptSecurityManager; - let principal = secMan.getAppCodebasePrincipal( + let attrs = {appId: perm.appId, inBrowser: perm.isInBrowserElement}; + let principal = secMan.createCodebasePrincipal( Services.io.newURI(perm.url, null, null), - perm.appId, perm.isInBrowserElement); + attrs); let testPerm = Services.perms.testPermissionFromPrincipal( principal, perm.type); return testPerm; @@ -870,8 +871,9 @@ class Marionette(object): Components.utils.import("resource://gre/modules/Services.jsm"); let perm = arguments[0]; let secMan = Services.scriptSecurityManager; - let principal = secMan.getAppCodebasePrincipal(Services.io.newURI(perm.url, null, null), - perm.appId, perm.isInBrowserElement); + let attrs = {appId: perm.appId, inBrowser: perm.isInBrowserElement}; + let principal = secMan.createCodebasePrincipal(Services.io.newURI(perm.url, null, null), + attrs); Services.perms.addFromPrincipal(principal, perm.type, perm.action); return true; """, script_args=[perm]) diff --git a/testing/mochitest/tests/Harness_sanity/test_bug816847.html b/testing/mochitest/tests/Harness_sanity/test_bug816847.html index a575e07ad94..a7ff5e308c7 100644 --- a/testing/mochitest/tests/Harness_sanity/test_bug816847.html +++ b/testing/mochitest/tests/Harness_sanity/test_bug816847.html @@ -36,12 +36,7 @@ const perms = ['network-events', 'geolocation', 'camera', 'alarms'] function createPrincipal(aURI, aIsApp, aIsInBrowserElement) { if(aIsApp) { var app = appsSvc.getAppByManifestURL(aURI); - var localId = appsSvc.getAppLocalIdByManifestURL(aURI); - var uri = Services.io.newURI(app.origin, null, null); - return Services.scriptSecurityManager - .getAppCodebasePrincipal(uri, - localId, - aIsInBrowserElement); + return app.principal; } var uri = Services.io.newURI(aURI, null, null); diff --git a/testing/specialpowers/content/SpecialPowersObserverAPI.js b/testing/specialpowers/content/SpecialPowersObserverAPI.js index ee25b4b5b0c..44b74d26753 100644 --- a/testing/specialpowers/content/SpecialPowersObserverAPI.js +++ b/testing/specialpowers/content/SpecialPowersObserverAPI.js @@ -323,7 +323,9 @@ SpecialPowersObserverAPI.prototype = { let msg = aMessage.json; let secMan = Services.scriptSecurityManager; - let principal = secMan.getAppCodebasePrincipal(this._getURI(msg.url), msg.appId, msg.isInBrowserElement); + // TODO: Bug 1196665 - Add originAttributes into SpecialPowers + let attrs = {appId: msg.appId, inBrowser: msg.isInBrowserElement}; + let principal = secMan.createCodebasePrincipal(this._getURI(msg.url), attrs); switch (msg.op) { case "add": diff --git a/uriloader/prefetch/OfflineCacheUpdateParent.cpp b/uriloader/prefetch/OfflineCacheUpdateParent.cpp index 56ad75fbdc0..28fb935f489 100644 --- a/uriloader/prefetch/OfflineCacheUpdateParent.cpp +++ b/uriloader/prefetch/OfflineCacheUpdateParent.cpp @@ -5,6 +5,7 @@ #include "OfflineCacheUpdateParent.h" +#include "mozilla/BasePrincipal.h" #include "mozilla/dom/TabParent.h" #include "mozilla/ipc/URIUtils.h" #include "mozilla/unused.h" @@ -12,9 +13,10 @@ #include "nsIApplicationCache.h" #include "nsIScriptSecurityManager.h" #include "nsNetUtil.h" -#include "nsContentUtils.h" using namespace mozilla::ipc; +using mozilla::BasePrincipal; +using mozilla::OriginAttributes; using mozilla::dom::TabParent; // @@ -91,10 +93,10 @@ OfflineCacheUpdateParent::Schedule(const URIParams& aManifestURI, bool offlinePermissionAllowed = false; - nsCOMPtr principal; - nsContentUtils::GetSecurityManager()-> - GetAppCodebasePrincipal(manifestURI, mAppId, mIsInBrowserElement, - getter_AddRefs(principal)); + // TODO: Bug 1165466 - use OriginAttributes + OriginAttributes attrs(mAppId, mIsInBrowserElement); + nsCOMPtr principal = + BasePrincipal::CreateCodebasePrincipal(manifestURI, attrs); nsresult rv = service->OfflineAppAllowed( principal, nullptr, &offlinePermissionAllowed);