Bug 784551 - remove JSSecurityCallbacks::findObjectPrincipals (r=mrbkap)

--HG--
extra : rebase_source : 8043b79eb031e4c3e196f6f693fa6a8a16099ecb

caps/include/nsScriptSecurityManager.h

@@ -393,9 +393,6 @@ private:
     CheckObjectAccess(JSContext *cx, JSHandleObject obj,
                       JSHandleId id, JSAccessMode mode,
                       jsval *vp);
-
-    static JSPrincipals *
-    ObjectPrincipalFinder(JSObject *obj);
     
     // Decides, based on CSP, whether or not eval() and stuff can be executed.
     static JSBool

caps/src/nsScriptSecurityManager.cpp

@@ -467,12 +467,6 @@ NS_IMPL_ISUPPORTS4(nsScriptSecurityManager,
 
 ///////////////// Security Checks /////////////////
 
-/* static */ JSPrincipals *
-nsScriptSecurityManager::ObjectPrincipalFinder(JSObject *aObj)
-{
-    return nsJSPrincipals::get(doGetObjectPrincipal(aObj));
-}
-
 JSBool
 nsScriptSecurityManager::ContentSecurityPolicyPermitsJSAction(JSContext *cx)
 {
@@ -491,13 +485,8 @@ nsScriptSecurityManager::ContentSecurityPolicyPermitsJSAction(JSContext *cx)
     if (NS_FAILED(rv))
         return JS_FALSE; // Not just absence of principal, but failure.
 
-    if (!subjectPrincipal) {
-        // See bug 553448 for discussion of this case.
-        NS_ASSERTION(!JS_GetSecurityCallbacks(js::GetRuntime(cx))->findObjectPrincipals,
-                     "CSP: Should have been able to find subject principal. "
-                     "Reluctantly granting access.");
+    if (!subjectPrincipal)
         return JS_TRUE;
-    }
 
     nsCOMPtr<nsIContentSecurityPolicy> csp;
     rv = subjectPrincipal->GetCsp(getter_AddRefs(csp));
@@ -3048,7 +3037,6 @@ nsresult nsScriptSecurityManager::Init()
 
     static const JSSecurityCallbacks securityCallbacks = {
         CheckObjectAccess,
-        ObjectPrincipalFinder,
         ContentSecurityPolicyPermitsJSAction
     };
 

js/src/builtin/Eval.cpp

@@ -366,5 +366,5 @@ js::PrincipalsForCompiledCode(const CallReceiver &call, JSContext *cx)
     // compiled code will be run with the callee's scope chain, this would make
     // fp->script()->compartment() != fp->compartment().
 
-    return call.callee().principals(cx);
+    return call.callee().compartment()->principals;
 }

js/src/jsapi-tests/testOriginPrincipals.cpp

@@ -6,20 +6,6 @@
 #include "jsdbgapi.h"
 #include "jsobjinlines.h"
 
-JSPrincipals *sCurrentGlobalPrincipals = NULL;
-
-JSPrincipals *
-ObjectPrincipalsFinder(JSObject *)
-{
-    return sCurrentGlobalPrincipals;
-}
-
-static const JSSecurityCallbacks seccb = {
-    NULL,
-    ObjectPrincipalsFinder,
-    NULL
-};
-
 JSPrincipals *sOriginPrincipalsInErrorReporter = NULL;
 
 static void
@@ -33,8 +19,6 @@ JSPrincipals prin2 = { 1 };
 
 BEGIN_TEST(testOriginPrincipals)
 {
-    JS_SetSecurityCallbacks(rt, &seccb);
-
     /*
      * Currently, the only way to set a non-trivial originPrincipal is to use
      * JS_EvaluateUCScriptForPrincipalsVersionOrigin. This does not expose the
@@ -77,7 +61,11 @@ eval(const char *asciiChars, JSPrincipals *principals, JSPrincipals *originPrinc
         chars[i] = asciiChars[i];
     chars[len] = 0;
 
-    JS::RootedObject global(cx, JS_GetGlobalObject(cx));
+    JS::RootedObject global(cx, JS_NewGlobalObject(cx, getGlobalClass(), principals));
+    CHECK(global);
+    JSAutoEnterCompartment ac;
+    CHECK(ac.enter(cx, global));
+    CHECK(JS_InitStandardClasses(cx, global));
     bool ok = JS_EvaluateUCScriptForPrincipalsVersionOrigin(cx, global,
                                                             principals,
                                                             originPrincipals,
@@ -98,8 +86,6 @@ testOuter(const char *asciiChars)
 bool
 testInner(const char *asciiChars, JSPrincipals *principal, JSPrincipals *originPrincipal)
 {
-    sCurrentGlobalPrincipals = principal;
-
     jsval rval;
     CHECK(eval(asciiChars, principal, originPrincipal, &rval));
 

js/src/jsapi.h

@@ -1997,17 +1997,6 @@ typedef JSBool
 typedef void
 (* JSDestroyPrincipalsOp)(JSPrincipals *principals);
 
-/*
- * Return a weak reference to the principals associated with obj, possibly via
- * the immutable parent chain leading from obj to a top-level container (e.g.,
- * a window object in the DOM level 0).  If there are no principals associated
- * with obj, return null.  Therefore null does not mean an error was reported;
- * in no event should an error be reported or an exception be thrown by this
- * callback's implementation.
- */
-typedef JSPrincipals *
-(* JSObjectPrincipalsFinder)(JSObject *obj);
-
 /*
  * Used to check if a CSP instance wants to disable eval() and friends.
  * See js_CheckCSPPermitsJSAction() in jsobj.
@@ -4908,7 +4897,6 @@ JS_DropPrincipals(JSRuntime *rt, JSPrincipals *principals);
 
 struct JSSecurityCallbacks {
     JSCheckAccessOp            checkObjectAccess;
-    JSObjectPrincipalsFinder   findObjectPrincipals;
     JSCSPEvalChecker           contentSecurityPolicyAllows;
 };
 

js/src/jsdbgapi.cpp

@@ -522,9 +522,7 @@ JS_GetFrameAnnotation(JSContext *cx, JSStackFrame *fpArg)
 {
     StackFrame *fp = Valueify(fpArg);
     if (fp->annotation() && fp->isScriptFrame()) {
-        JSPrincipals *principals = fp->scopeChain()->principals(cx);
-
-        if (principals) {
+        if (fp->scopeChain()->compartment()->principals) {
             /*
              * Give out an annotation only if privileges have not been revoked
              * or disabled globally.

js/src/jsobj.h

@@ -515,9 +515,6 @@ struct JSObject : public js::ObjectImpl
 
     inline js::GlobalObject &global() const;
 
-    /* N.B. Infallible: NULL means 'no principal', not an error. */
-    inline JSPrincipals *principals(JSContext *cx);
-
     /* Remove the type (and prototype) or parent from a new object. */
     static inline bool clearType(JSContext *cx, js::HandleObject obj);
     static bool clearParent(JSContext *cx, js::HandleObject obj);

js/src/jsobjinlines.h

@@ -912,14 +912,6 @@ JSObject::isCallable()
     return isFunction() || getClass()->call;
 }
 
-inline JSPrincipals *
-JSObject::principals(JSContext *cx)
-{
-    if (JSObjectPrincipalsFinder find = cx->runtime->securityCallbacks->findObjectPrincipals)
-        return find(this);
-    return cx->compartment ? cx->compartment->principals : NULL;
-}
-
 inline void
 JSObject::nativeSetSlot(unsigned slot, const js::Value &value)
 {

js/src/shell/js.cpp

@@ -4890,7 +4890,6 @@ CheckObjectAccess(JSContext *cx, HandleObject obj, HandleId id, JSAccessMode mod
 
 JSSecurityCallbacks securityCallbacks = {
     CheckObjectAccess,
-    NULL,
     NULL
 };
 

js/src/vm/Debugger.cpp

@@ -3450,7 +3450,7 @@ js::EvaluateInEnv(JSContext *cx, Handle<Env*> env, StackFrame *fp, const jschar
      * static level will suffice.
      */
     CompileOptions options(cx);
-    options.setPrincipals(fp->scopeChain()->principals(cx))
+    options.setPrincipals(fp->scopeChain()->compartment()->principals)
            .setCompileAndGo(true)
            .setNoScriptRval(false)
            .setFileAndLine(filename, lineno);

js/xpconnect/shell/xpcshell.cpp

@@ -1655,12 +1655,6 @@ GetCurrentWorkingDirectory(nsAString& workingDirectory)
     return true;
 }
 
-static JSPrincipals *
-FindObjectPrincipals(JSObject *obj)
-{
-    return gJSPrincipals;
-}
-
 static JSSecurityCallbacks shellSecurityCallbacks;
 
 int
@@ -1839,7 +1833,6 @@ main(int argc, char **argv, char **envp)
         const JSSecurityCallbacks *scb = JS_GetSecurityCallbacks(rt);
         NS_ASSERTION(scb, "We are assuming that nsScriptSecurityManager::Init() has been run");
         shellSecurityCallbacks = *scb;
-        shellSecurityCallbacks.findObjectPrincipals = FindObjectPrincipals;
         JS_SetSecurityCallbacks(rt, &shellSecurityCallbacks);
 
 #ifdef TEST_TranslateThis