Bug 784551 - remove JSSecurityCallbacks::findObjectPrincipals (r=mrbkap)

--HG-- extra : rebase_source : 8043b79eb031e4c3e196f6f693fa6a8a16099ecb
2024-09-13 09:24:08 -07:00 · 2012-08-23 09:51:09 -07:00 · 2012-08-23 09:51:09 -07:00 · b275055a73
commit b275055a73
parent 4842917cc6
11 changed files with 9 additions and 71 deletions
--- a/caps/include/nsScriptSecurityManager.h
+++ b/caps/include/nsScriptSecurityManager.h
@ -393,9 +393,6 @@ private:
    CheckObjectAccess(JSContext *cx, JSHandleObject obj,
                      JSHandleId id, JSAccessMode mode,
                      jsval *vp);
    static JSPrincipals *
    ObjectPrincipalFinder(JSObject *obj);
    // Decides, based on CSP, whether or not eval() and stuff can be executed.
    static JSBool
--- a/caps/src/nsScriptSecurityManager.cpp
+++ b/caps/src/nsScriptSecurityManager.cpp
@ -467,12 +467,6 @@ NS_IMPL_ISUPPORTS4(nsScriptSecurityManager,
 ///////////////// Security Checks /////////////////
 /* static */ JSPrincipals *
 nsScriptSecurityManager::ObjectPrincipalFinder(JSObject *aObj)
 {
    return nsJSPrincipals::get(doGetObjectPrincipal(aObj));
 }
 JSBool
 nsScriptSecurityManager::ContentSecurityPolicyPermitsJSAction(JSContext *cx)
 {
@ -491,13 +485,8 @@ nsScriptSecurityManager::ContentSecurityPolicyPermitsJSAction(JSContext *cx)
    if (NS_FAILED(rv))
        return JS_FALSE; // Not just absence of principal, but failure.
-    if (!subjectPrincipal) {
+    if (!subjectPrincipal)
        // See bug 553448 for discussion of this case.
        NS_ASSERTION(!JS_GetSecurityCallbacks(js::GetRuntime(cx))->findObjectPrincipals,
                     "CSP: Should have been able to find subject principal. "
                     "Reluctantly granting access.");
        return JS_TRUE;
    }
    nsCOMPtr<nsIContentSecurityPolicy> csp;
    rv = subjectPrincipal->GetCsp(getter_AddRefs(csp));
@ -3048,7 +3037,6 @@ nsresult nsScriptSecurityManager::Init()
    static const JSSecurityCallbacks securityCallbacks = {
        CheckObjectAccess,
        ObjectPrincipalFinder,
        ContentSecurityPolicyPermitsJSAction
    };
--- a/js/src/builtin/Eval.cpp
+++ b/js/src/builtin/Eval.cpp
@ -366,5 +366,5 @@ js::PrincipalsForCompiledCode(const CallReceiver &call, JSContext *cx)
    // compiled code will be run with the callee's scope chain, this would make
    // fp->script()->compartment() != fp->compartment().
-    return call.callee().principals(cx);
+    return call.callee().compartment()->principals;
 }
--- a/js/src/jsapi-tests/testOriginPrincipals.cpp
+++ b/js/src/jsapi-tests/testOriginPrincipals.cpp
@ -6,20 +6,6 @@
 #include "jsdbgapi.h"
 #include "jsobjinlines.h"
 JSPrincipals *sCurrentGlobalPrincipals = NULL;
 JSPrincipals *
 ObjectPrincipalsFinder(JSObject *)
 {
    return sCurrentGlobalPrincipals;
 }
 static const JSSecurityCallbacks seccb = {
    NULL,
    ObjectPrincipalsFinder,
    NULL
 };
 JSPrincipals *sOriginPrincipalsInErrorReporter = NULL;
 static void
@ -33,8 +19,6 @@ JSPrincipals prin2 = { 1 };
 BEGIN_TEST(testOriginPrincipals)
 {
    JS_SetSecurityCallbacks(rt, &seccb);
    /*
     * Currently, the only way to set a non-trivial originPrincipal is to use
     * JS_EvaluateUCScriptForPrincipalsVersionOrigin. This does not expose the
@ -77,7 +61,11 @@ eval(const char *asciiChars, JSPrincipals *principals, JSPrincipals *originPrinc
        chars[i] = asciiChars[i];
    chars[len] = 0;
-    JS::RootedObject global(cx, JS_GetGlobalObject(cx));
+    JS::RootedObject global(cx, JS_NewGlobalObject(cx, getGlobalClass(), principals));
    CHECK(global);
    JSAutoEnterCompartment ac;
    CHECK(ac.enter(cx, global));
    CHECK(JS_InitStandardClasses(cx, global));
    bool ok = JS_EvaluateUCScriptForPrincipalsVersionOrigin(cx, global,
                                                            principals,
                                                            originPrincipals,
@ -98,8 +86,6 @@ testOuter(const char *asciiChars)
 bool
 testInner(const char *asciiChars, JSPrincipals *principal, JSPrincipals *originPrincipal)
 {
    sCurrentGlobalPrincipals = principal;
    jsval rval;
    CHECK(eval(asciiChars, principal, originPrincipal, &rval));
--- a/js/src/jsapi.h
+++ b/js/src/jsapi.h
@ -1997,17 +1997,6 @@ typedef JSBool
 typedef void
 (* JSDestroyPrincipalsOp)(JSPrincipals *principals);
 /*
 * Return a weak reference to the principals associated with obj, possibly via
 * the immutable parent chain leading from obj to a top-level container (e.g.,
 * a window object in the DOM level 0).  If there are no principals associated
 * with obj, return null.  Therefore null does not mean an error was reported;
 * in no event should an error be reported or an exception be thrown by this
 * callback's implementation.
 */
 typedef JSPrincipals *
 (* JSObjectPrincipalsFinder)(JSObject *obj);
 /*
 * Used to check if a CSP instance wants to disable eval() and friends.
 * See js_CheckCSPPermitsJSAction() in jsobj.
@ -4908,7 +4897,6 @@ JS_DropPrincipals(JSRuntime *rt, JSPrincipals *principals);
 struct JSSecurityCallbacks {
    JSCheckAccessOp            checkObjectAccess;
    JSObjectPrincipalsFinder   findObjectPrincipals;
    JSCSPEvalChecker           contentSecurityPolicyAllows;
 };
--- a/js/src/jsdbgapi.cpp
+++ b/js/src/jsdbgapi.cpp
@ -522,9 +522,7 @@ JS_GetFrameAnnotation(JSContext *cx, JSStackFrame *fpArg)
 {
    StackFrame *fp = Valueify(fpArg);
    if (fp->annotation() && fp->isScriptFrame()) {
-        JSPrincipals *principals = fp->scopeChain()->principals(cx);
+        if (fp->scopeChain()->compartment()->principals) {
        if (principals) {
            /*
             * Give out an annotation only if privileges have not been revoked
             * or disabled globally.
--- a/js/src/jsobj.h
+++ b/js/src/jsobj.h
@ -515,9 +515,6 @@ struct JSObject : public js::ObjectImpl
    inline js::GlobalObject &global() const;
    /* N.B. Infallible: NULL means 'no principal', not an error. */
    inline JSPrincipals *principals(JSContext *cx);
    /* Remove the type (and prototype) or parent from a new object. */
    static inline bool clearType(JSContext *cx, js::HandleObject obj);
    static bool clearParent(JSContext *cx, js::HandleObject obj);
--- a/js/src/jsobjinlines.h
+++ b/js/src/jsobjinlines.h
@ -912,14 +912,6 @@ JSObject::isCallable()
    return isFunction() || getClass()->call;
 }
 inline JSPrincipals *
 JSObject::principals(JSContext *cx)
 {
    if (JSObjectPrincipalsFinder find = cx->runtime->securityCallbacks->findObjectPrincipals)
        return find(this);
    return cx->compartment ? cx->compartment->principals : NULL;
 }
 inline void
 JSObject::nativeSetSlot(unsigned slot, const js::Value &value)
 {
--- a/js/src/shell/js.cpp
+++ b/js/src/shell/js.cpp
@ -4890,7 +4890,6 @@ CheckObjectAccess(JSContext *cx, HandleObject obj, HandleId id, JSAccessMode mod
 JSSecurityCallbacks securityCallbacks = {
    CheckObjectAccess,
    NULL,
    NULL
 };
--- a/js/src/vm/Debugger.cpp
+++ b/js/src/vm/Debugger.cpp
@ -3450,7 +3450,7 @@ js::EvaluateInEnv(JSContext *cx, Handle<Env*> env, StackFrame *fp, const jschar
     * static level will suffice.
     */
    CompileOptions options(cx);
-    options.setPrincipals(fp->scopeChain()->principals(cx))
+    options.setPrincipals(fp->scopeChain()->compartment()->principals)
           .setCompileAndGo(true)
           .setNoScriptRval(false)
           .setFileAndLine(filename, lineno);
--- a/js/xpconnect/shell/xpcshell.cpp
+++ b/js/xpconnect/shell/xpcshell.cpp
@ -1655,12 +1655,6 @@ GetCurrentWorkingDirectory(nsAString& workingDirectory)
    return true;
 }
 static JSPrincipals *
 FindObjectPrincipals(JSObject *obj)
 {
    return gJSPrincipals;
 }
 static JSSecurityCallbacks shellSecurityCallbacks;
 int
@ -1839,7 +1833,6 @@ main(int argc, char **argv, char **envp)
        const JSSecurityCallbacks *scb = JS_GetSecurityCallbacks(rt);
        NS_ASSERTION(scb, "We are assuming that nsScriptSecurityManager::Init() has been run");
        shellSecurityCallbacks = *scb;
        shellSecurityCallbacks.findObjectPrincipals = FindObjectPrincipals;
        JS_SetSecurityCallbacks(rt, &shellSecurityCallbacks);
 #ifdef TEST_TranslateThis