mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 923625 - DataStore sends the principal as argument in sendAsyncMessage, r=ehsan
This commit is contained in:
parent
f0c3b189a6
commit
dcf5365ef2
@ -236,8 +236,11 @@ DataStoreService.prototype = {
|
||||
// This method can be called in the child so we need to send a request
|
||||
// to the parent and create DataStore object here.
|
||||
new DataStoreServiceChild(aWindow, aName, function(aStores) {
|
||||
debug("DataStoreServiceChild callback!");
|
||||
debug("DataStoreServiceChild success callback!");
|
||||
self.getDataStoreCreate(aWindow, resolve, aStores);
|
||||
}, function() {
|
||||
debug("DataStoreServiceChild error callback!");
|
||||
reject(new aWindow.DOMError("SecurityError", "Access denied"));
|
||||
});
|
||||
}
|
||||
});
|
||||
@ -425,32 +428,38 @@ DataStoreService.prototype = {
|
||||
|
||||
/* DataStoreServiceChild */
|
||||
|
||||
function DataStoreServiceChild(aWindow, aName, aCallback) {
|
||||
function DataStoreServiceChild(aWindow, aName, aSuccessCb, aErrorCb) {
|
||||
debug("DataStoreServiceChild created");
|
||||
this.init(aWindow, aName, aCallback);
|
||||
this.init(aWindow, aName, aSuccessCb, aErrorCb);
|
||||
}
|
||||
|
||||
DataStoreServiceChild.prototype = {
|
||||
__proto__: DOMRequestIpcHelper.prototype,
|
||||
|
||||
init: function(aWindow, aName, aCallback) {
|
||||
init: function(aWindow, aName, aSuccessCb, aErrorCb) {
|
||||
debug("DataStoreServiceChild init");
|
||||
this._callback = aCallback;
|
||||
this._successCb = aSuccessCb;
|
||||
this._errorCb = aErrorCb;
|
||||
|
||||
this.initDOMRequestHelper(aWindow, [ "DataStore:Get:Return" ]);
|
||||
this.initDOMRequestHelper(aWindow, [ "DataStore:Get:Return:OK",
|
||||
"DataStore:Get:Return:KO" ]);
|
||||
|
||||
// This is a security issue and it will be fixed by Bug 916091
|
||||
cpmm.sendAsyncMessage("DataStore:Get",
|
||||
{ name: aName, appId: aWindow.document.nodePrincipal.appId });
|
||||
{ name: aName }, null, aWindow.document.nodePrincipal );
|
||||
},
|
||||
|
||||
receiveMessage: function(aMessage) {
|
||||
debug("DataStoreServiceChild receiveMessage");
|
||||
if (aMessage.name != 'DataStore:Get:Return') {
|
||||
return;
|
||||
}
|
||||
|
||||
this._callback(aMessage.data.stores);
|
||||
switch (aMessage.name) {
|
||||
case 'DataStore:Get:Return:OK':
|
||||
this._successCb(aMessage.data.stores);
|
||||
break;
|
||||
|
||||
case 'DataStore:Get:Return:KO':
|
||||
this._errorCb();
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -42,9 +42,14 @@ this.DataStoreServiceInternal = {
|
||||
|
||||
let msg = aMessage.data;
|
||||
|
||||
// This is a security issue and it will be fixed by Bug 916091
|
||||
msg.stores = dataStoreService.getDataStoresInfo(msg.name, msg.appId);
|
||||
aMessage.target.sendAsyncMessage("DataStore:Get:Return", msg);
|
||||
if (!aMessage.principal ||
|
||||
aMessage.principal.appId == Ci.nsIScriptSecurityManager.UNKNOWN_APP_ID) {
|
||||
aMessage.target.sendAsyncMessage("DataStore:Get:Return:KO");
|
||||
return;
|
||||
}
|
||||
|
||||
msg.stores = dataStoreService.getDataStoresInfo(msg.name, aMessage.principal.appId);
|
||||
aMessage.target.sendAsyncMessage("DataStore:Get:Return:OK", msg);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -26,7 +26,8 @@
|
||||
{ "type": "webapps-manage", "allow": 1, "context": document }],
|
||||
function() {
|
||||
SpecialPowers.pushPrefEnv({"set": [["dom.datastore.enabled", true],
|
||||
["dom.promise.enabled", true]]}, function() {
|
||||
["dom.promise.enabled", true],
|
||||
["geo.testing.ignore_ipc_principal", true]]}, function() {
|
||||
gGenerator.next(); });
|
||||
});
|
||||
|
||||
|
@ -83,6 +83,10 @@
|
||||
SpecialPowers.pushPrefEnv({"set": [["dom.datastore.enabled", true]]}, runTest);
|
||||
},
|
||||
|
||||
function() {
|
||||
SpecialPowers.pushPrefEnv({"set": [["geo.testing.ignore_ipc_principal", true]]}, runTest);
|
||||
},
|
||||
|
||||
function() {
|
||||
SpecialPowers.setAllAppsLaunchable(true);
|
||||
SpecialPowers.setBoolPref("dom.mozBrowserFramesEnabled", true);
|
||||
|
@ -83,6 +83,10 @@
|
||||
SpecialPowers.pushPrefEnv({"set": [["dom.datastore.enabled", true]]}, runTest);
|
||||
},
|
||||
|
||||
function() {
|
||||
SpecialPowers.pushPrefEnv({"set": [["geo.testing.ignore_ipc_principal", true]]}, runTest);
|
||||
},
|
||||
|
||||
function() {
|
||||
SpecialPowers.setAllAppsLaunchable(true);
|
||||
SpecialPowers.setBoolPref("dom.mozBrowserFramesEnabled", true);
|
||||
|
@ -83,6 +83,10 @@
|
||||
SpecialPowers.pushPrefEnv({"set": [["dom.datastore.enabled", true]]}, runTest);
|
||||
},
|
||||
|
||||
function() {
|
||||
SpecialPowers.pushPrefEnv({"set": [["geo.testing.ignore_ipc_principal", true]]}, runTest);
|
||||
},
|
||||
|
||||
function() {
|
||||
SpecialPowers.setAllAppsLaunchable(true);
|
||||
SpecialPowers.setBoolPref("dom.mozBrowserFramesEnabled", true);
|
||||
|
@ -127,6 +127,10 @@
|
||||
SpecialPowers.pushPrefEnv({"set": [["dom.datastore.enabled", true]]}, runTest);
|
||||
},
|
||||
|
||||
function() {
|
||||
SpecialPowers.pushPrefEnv({"set": [["geo.testing.ignore_ipc_principal", true]]}, runTest);
|
||||
},
|
||||
|
||||
// Enabling mozBrowser
|
||||
function() {
|
||||
SpecialPowers.setAllAppsLaunchable(true);
|
||||
|
@ -83,6 +83,10 @@
|
||||
SpecialPowers.pushPrefEnv({"set": [["dom.datastore.enabled", true]]}, runTest);
|
||||
},
|
||||
|
||||
function() {
|
||||
SpecialPowers.pushPrefEnv({"set": [["geo.testing.ignore_ipc_principal", true]]}, runTest);
|
||||
},
|
||||
|
||||
function() {
|
||||
SpecialPowers.pushPrefEnv({"set": [["dom.ipc.browser_frames.oop_by_default", true]]}, runTest);
|
||||
},
|
||||
|
@ -101,7 +101,8 @@
|
||||
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
SpecialPowers.pushPrefEnv({"set": [["dom.promise.enabled", true],
|
||||
["dom.datastore.enabled", true]]}, runTest);
|
||||
["dom.datastore.enabled", true],
|
||||
["geo.testing.ignore_ipc_principal", true]]}, runTest);
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
|
@ -83,6 +83,10 @@
|
||||
SpecialPowers.pushPrefEnv({"set": [["dom.datastore.enabled", true]]}, runTest);
|
||||
},
|
||||
|
||||
function() {
|
||||
SpecialPowers.pushPrefEnv({"set": [["geo.testing.ignore_ipc_principal", true]]}, runTest);
|
||||
},
|
||||
|
||||
function() {
|
||||
SpecialPowers.setBoolPref("dom.mozBrowserFramesEnabled", true);
|
||||
runTest();
|
||||
|
@ -2711,7 +2711,8 @@ ContentParent::RecvSyncMessage(const nsString& aMsg,
|
||||
InfallibleTArray<nsString>* aRetvals)
|
||||
{
|
||||
nsIPrincipal* principal = aPrincipal;
|
||||
if (principal && !AssertAppPrincipal(this, principal)) {
|
||||
if (!Preferences::GetBool("geo.testing.ignore_ipc_principal", false) &&
|
||||
principal && !AssertAppPrincipal(this, principal)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -2734,7 +2735,8 @@ ContentParent::AnswerRpcMessage(const nsString& aMsg,
|
||||
InfallibleTArray<nsString>* aRetvals)
|
||||
{
|
||||
nsIPrincipal* principal = aPrincipal;
|
||||
if (principal && !AssertAppPrincipal(this, principal)) {
|
||||
if (!Preferences::GetBool("geo.testing.ignore_ipc_principal", false) &&
|
||||
principal && !AssertAppPrincipal(this, principal)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -2755,7 +2757,8 @@ ContentParent::RecvAsyncMessage(const nsString& aMsg,
|
||||
const IPC::Principal& aPrincipal)
|
||||
{
|
||||
nsIPrincipal* principal = aPrincipal;
|
||||
if (principal && !AssertAppPrincipal(this, principal)) {
|
||||
if (!Preferences::GetBool("geo.testing.ignore_ipc_principal", false) &&
|
||||
principal && !AssertAppPrincipal(this, principal)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
@ -775,7 +775,8 @@ TabParent::RecvSyncMessage(const nsString& aMessage,
|
||||
{
|
||||
nsIPrincipal* principal = aPrincipal;
|
||||
ContentParent* parent = static_cast<ContentParent*>(Manager());
|
||||
if (principal && !AssertAppPrincipal(parent, principal)) {
|
||||
if (!Preferences::GetBool("geo.testing.ignore_ipc_principal", false) &&
|
||||
principal && !AssertAppPrincipal(parent, principal)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -793,7 +794,8 @@ TabParent::AnswerRpcMessage(const nsString& aMessage,
|
||||
{
|
||||
nsIPrincipal* principal = aPrincipal;
|
||||
ContentParent* parent = static_cast<ContentParent*>(Manager());
|
||||
if (principal && !AssertAppPrincipal(parent, principal)) {
|
||||
if (!Preferences::GetBool("geo.testing.ignore_ipc_principal", false) &&
|
||||
principal && !AssertAppPrincipal(parent, principal)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -810,7 +812,8 @@ TabParent::RecvAsyncMessage(const nsString& aMessage,
|
||||
{
|
||||
nsIPrincipal* principal = aPrincipal;
|
||||
ContentParent* parent = static_cast<ContentParent*>(Manager());
|
||||
if (principal && !AssertAppPrincipal(parent, principal)) {
|
||||
if (!Preferences::GetBool("geo.testing.ignore_ipc_principal", false) &&
|
||||
principal && !AssertAppPrincipal(parent, principal)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user