Bug 784551 - remove JSSecurityCallbacks::findObjectPrincipals (r=mrbkap)

--HG--
extra : rebase_source : 8043b79eb031e4c3e196f6f693fa6a8a16099ecb
This commit is contained in:
Luke Wagner 2012-08-23 09:51:09 -07:00
parent 4842917cc6
commit b275055a73
11 changed files with 9 additions and 71 deletions

View File

@ -393,9 +393,6 @@ private:
CheckObjectAccess(JSContext *cx, JSHandleObject obj,
JSHandleId id, JSAccessMode mode,
jsval *vp);
static JSPrincipals *
ObjectPrincipalFinder(JSObject *obj);
// Decides, based on CSP, whether or not eval() and stuff can be executed.
static JSBool

View File

@ -467,12 +467,6 @@ NS_IMPL_ISUPPORTS4(nsScriptSecurityManager,
///////////////// Security Checks /////////////////
/* static */ JSPrincipals *
nsScriptSecurityManager::ObjectPrincipalFinder(JSObject *aObj)
{
return nsJSPrincipals::get(doGetObjectPrincipal(aObj));
}
JSBool
nsScriptSecurityManager::ContentSecurityPolicyPermitsJSAction(JSContext *cx)
{
@ -491,13 +485,8 @@ nsScriptSecurityManager::ContentSecurityPolicyPermitsJSAction(JSContext *cx)
if (NS_FAILED(rv))
return JS_FALSE; // Not just absence of principal, but failure.
if (!subjectPrincipal) {
// See bug 553448 for discussion of this case.
NS_ASSERTION(!JS_GetSecurityCallbacks(js::GetRuntime(cx))->findObjectPrincipals,
"CSP: Should have been able to find subject principal. "
"Reluctantly granting access.");
if (!subjectPrincipal)
return JS_TRUE;
}
nsCOMPtr<nsIContentSecurityPolicy> csp;
rv = subjectPrincipal->GetCsp(getter_AddRefs(csp));
@ -3048,7 +3037,6 @@ nsresult nsScriptSecurityManager::Init()
static const JSSecurityCallbacks securityCallbacks = {
CheckObjectAccess,
ObjectPrincipalFinder,
ContentSecurityPolicyPermitsJSAction
};

View File

@ -366,5 +366,5 @@ js::PrincipalsForCompiledCode(const CallReceiver &call, JSContext *cx)
// compiled code will be run with the callee's scope chain, this would make
// fp->script()->compartment() != fp->compartment().
return call.callee().principals(cx);
return call.callee().compartment()->principals;
}

View File

@ -6,20 +6,6 @@
#include "jsdbgapi.h"
#include "jsobjinlines.h"
JSPrincipals *sCurrentGlobalPrincipals = NULL;
JSPrincipals *
ObjectPrincipalsFinder(JSObject *)
{
return sCurrentGlobalPrincipals;
}
static const JSSecurityCallbacks seccb = {
NULL,
ObjectPrincipalsFinder,
NULL
};
JSPrincipals *sOriginPrincipalsInErrorReporter = NULL;
static void
@ -33,8 +19,6 @@ JSPrincipals prin2 = { 1 };
BEGIN_TEST(testOriginPrincipals)
{
JS_SetSecurityCallbacks(rt, &seccb);
/*
* Currently, the only way to set a non-trivial originPrincipal is to use
* JS_EvaluateUCScriptForPrincipalsVersionOrigin. This does not expose the
@ -77,7 +61,11 @@ eval(const char *asciiChars, JSPrincipals *principals, JSPrincipals *originPrinc
chars[i] = asciiChars[i];
chars[len] = 0;
JS::RootedObject global(cx, JS_GetGlobalObject(cx));
JS::RootedObject global(cx, JS_NewGlobalObject(cx, getGlobalClass(), principals));
CHECK(global);
JSAutoEnterCompartment ac;
CHECK(ac.enter(cx, global));
CHECK(JS_InitStandardClasses(cx, global));
bool ok = JS_EvaluateUCScriptForPrincipalsVersionOrigin(cx, global,
principals,
originPrincipals,
@ -98,8 +86,6 @@ testOuter(const char *asciiChars)
bool
testInner(const char *asciiChars, JSPrincipals *principal, JSPrincipals *originPrincipal)
{
sCurrentGlobalPrincipals = principal;
jsval rval;
CHECK(eval(asciiChars, principal, originPrincipal, &rval));

View File

@ -1997,17 +1997,6 @@ typedef JSBool
typedef void
(* JSDestroyPrincipalsOp)(JSPrincipals *principals);
/*
* Return a weak reference to the principals associated with obj, possibly via
* the immutable parent chain leading from obj to a top-level container (e.g.,
* a window object in the DOM level 0). If there are no principals associated
* with obj, return null. Therefore null does not mean an error was reported;
* in no event should an error be reported or an exception be thrown by this
* callback's implementation.
*/
typedef JSPrincipals *
(* JSObjectPrincipalsFinder)(JSObject *obj);
/*
* Used to check if a CSP instance wants to disable eval() and friends.
* See js_CheckCSPPermitsJSAction() in jsobj.
@ -4908,7 +4897,6 @@ JS_DropPrincipals(JSRuntime *rt, JSPrincipals *principals);
struct JSSecurityCallbacks {
JSCheckAccessOp checkObjectAccess;
JSObjectPrincipalsFinder findObjectPrincipals;
JSCSPEvalChecker contentSecurityPolicyAllows;
};

View File

@ -522,9 +522,7 @@ JS_GetFrameAnnotation(JSContext *cx, JSStackFrame *fpArg)
{
StackFrame *fp = Valueify(fpArg);
if (fp->annotation() && fp->isScriptFrame()) {
JSPrincipals *principals = fp->scopeChain()->principals(cx);
if (principals) {
if (fp->scopeChain()->compartment()->principals) {
/*
* Give out an annotation only if privileges have not been revoked
* or disabled globally.

View File

@ -515,9 +515,6 @@ struct JSObject : public js::ObjectImpl
inline js::GlobalObject &global() const;
/* N.B. Infallible: NULL means 'no principal', not an error. */
inline JSPrincipals *principals(JSContext *cx);
/* Remove the type (and prototype) or parent from a new object. */
static inline bool clearType(JSContext *cx, js::HandleObject obj);
static bool clearParent(JSContext *cx, js::HandleObject obj);

View File

@ -912,14 +912,6 @@ JSObject::isCallable()
return isFunction() || getClass()->call;
}
inline JSPrincipals *
JSObject::principals(JSContext *cx)
{
if (JSObjectPrincipalsFinder find = cx->runtime->securityCallbacks->findObjectPrincipals)
return find(this);
return cx->compartment ? cx->compartment->principals : NULL;
}
inline void
JSObject::nativeSetSlot(unsigned slot, const js::Value &value)
{

View File

@ -4890,7 +4890,6 @@ CheckObjectAccess(JSContext *cx, HandleObject obj, HandleId id, JSAccessMode mod
JSSecurityCallbacks securityCallbacks = {
CheckObjectAccess,
NULL,
NULL
};

View File

@ -3450,7 +3450,7 @@ js::EvaluateInEnv(JSContext *cx, Handle<Env*> env, StackFrame *fp, const jschar
* static level will suffice.
*/
CompileOptions options(cx);
options.setPrincipals(fp->scopeChain()->principals(cx))
options.setPrincipals(fp->scopeChain()->compartment()->principals)
.setCompileAndGo(true)
.setNoScriptRval(false)
.setFileAndLine(filename, lineno);

View File

@ -1655,12 +1655,6 @@ GetCurrentWorkingDirectory(nsAString& workingDirectory)
return true;
}
static JSPrincipals *
FindObjectPrincipals(JSObject *obj)
{
return gJSPrincipals;
}
static JSSecurityCallbacks shellSecurityCallbacks;
int
@ -1839,7 +1833,6 @@ main(int argc, char **argv, char **envp)
const JSSecurityCallbacks *scb = JS_GetSecurityCallbacks(rt);
NS_ASSERTION(scb, "We are assuming that nsScriptSecurityManager::Init() has been run");
shellSecurityCallbacks = *scb;
shellSecurityCallbacks.findObjectPrincipals = FindObjectPrincipals;
JS_SetSecurityCallbacks(rt, &shellSecurityCallbacks);
#ifdef TEST_TranslateThis