Bug 672026 - Ensure that there is an object principals finder during early startup (r=mrbkap)

2024-09-13 09:24:08 -07:00 · 2011-07-18 17:37:19 -07:00 · 2011-07-18 17:37:19 -07:00 · de46d72752
commit de46d72752
parent 6497fb9c0c
2 changed files with 41 additions and 2 deletions
--- a/caps/src/nsScriptSecurityManager.cpp
+++ b/caps/src/nsScriptSecurityManager.cpp
@ -3325,6 +3325,41 @@ nsScriptSecurityManager::Observe(nsISupports* aObject, const char* aTopic,
    return rv;
 }

+///////////////////////////////////
+// Default ObjectPrincipalFinder //
+///////////////////////////////////
+
+// The default JSSecurityCallbacks::findObjectPrincipals is necessary since
+// scripts run (and ask for object principals) during startup before
+// nsJSRuntime::Init() has been called (which resets findObjectPrincipals).
+
+// Defined NS_EXPORT for linkage with debug-only assert in xpcshell
+NS_EXPORT JSPrincipals *
+NS_DefaultObjectPrincipalFinder(JSContext *cx, JSObject *obj)
+{
+    nsScriptSecurityManager *ssm = nsScriptSecurityManager::GetScriptSecurityManager();
+    if (!ssm) {
+        return nsnull;
+    }
+
+    nsCOMPtr<nsIPrincipal> principal;
+    nsresult rv = ssm->GetObjectPrincipal(cx, obj, getter_AddRefs(principal));
+    if (NS_FAILED(rv) || !principal) {
+        return nsnull;
+    }
+
+    JSPrincipals *jsPrincipals = nsnull;
+    principal->GetJSPrincipals(cx, &jsPrincipals);
+
+    // nsIPrincipal::GetJSPrincipals() returns a strong reference to the
+    // JS principals, but the caller of this function expects a weak
+    // reference. So we need to release here.
+
+    JSPRINCIPALS_DROP(cx, jsPrincipals);
+
+    return jsPrincipals;
+}
+
 /////////////////////////////////////////////
 // Constructor, Destructor, Initialization //
 /////////////////////////////////////////////
@ -3397,7 +3432,7 @@ nsresult nsScriptSecurityManager::Init()
    static JSSecurityCallbacks securityCallbacks = {
        CheckObjectAccess,
        NULL,
-        NULL,
+        NS_DefaultObjectPrincipalFinder,
        ContentSecurityPolicyPermitsJSAction
    };

--- a/js/src/xpconnect/shell/xpcshell.cpp
+++ b/js/src/xpconnect/shell/xpcshell.cpp
@ -1750,6 +1750,10 @@ FindObjectPrincipals(JSContext *cx, JSObject *obj)
    return gJSPrincipals;
 }

+// defined in nsScriptSecurityManager.cpp
+NS_IMPORT JSPrincipals *
+NS_DefaultObjectPrincipalFinder(JSContext *cx, JSObject *obj);
+
 int
 main(int argc, char **argv, char **envp)
 {
@ -1903,7 +1907,7 @@ main(int argc, char **argv, char **envp)

        JSSecurityCallbacks *cb = JS_GetRuntimeSecurityCallbacks(rt);
        NS_ASSERTION(cb, "We are assuming that nsScriptSecurityManager::Init() has been run");
-        NS_ASSERTION(!cb->findObjectPrincipals, "Your pigeon is in my hole!");
+        NS_ASSERTION(cb->findObjectPrincipals == NS_DefaultObjectPrincipalFinder, "Your pigeon is in my hole!");
        cb->findObjectPrincipals = FindObjectPrincipals;

 #ifdef TEST_TranslateThis