Bug 774633 - Wean SetInitialPrincipalToSubject off some parameters and clean it up. r=jst

We can remove the fallback to the principal of aParent because we already push the
cx for aParent (callerContextGuard) whenever we're concerned about using its principal.

dom/base/nsGlobalWindow.cpp

@@ -1549,35 +1549,29 @@ nsGlobalWindow::SetOpenerScriptPrincipal(nsIPrincipal* aPrincipal)
 }
 
 void
-nsGlobalWindow::SetInitialPrincipalToSubject(nsIDocShellTreeItem* aItem,
-                                             nsIDOMWindow* aParent)
+nsGlobalWindow::SetInitialPrincipalToSubject()
 {
+  // First, grab the subject principal. These methods never fail.
   nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
-  MOZ_ASSERT(ssm);
-
-  nsresult rv;
-  nsCOMPtr<nsIPrincipal> newWindowPrincipal;
-  rv = ssm->GetSubjectPrincipal(getter_AddRefs(newWindowPrincipal));
-  MOZ_ASSERT(NS_SUCCEEDED(rv));
-
-  if (!newWindowPrincipal && aParent) {
-    nsCOMPtr<nsIScriptObjectPrincipal> sop(do_QueryInterface(aParent));
-    if (sop) {
-      newWindowPrincipal = sop->GetPrincipal();
-    }
+  nsCOMPtr<nsIPrincipal> newWindowPrincipal, systemPrincipal;
+  ssm->GetSubjectPrincipal(getter_AddRefs(newWindowPrincipal));
+  ssm->GetSystemPrincipal(getter_AddRefs(systemPrincipal));
+  if (!newWindowPrincipal) {
+    newWindowPrincipal = systemPrincipal;
   }
 
-  bool isSystem;
-  rv = ssm->IsSystemPrincipal(newWindowPrincipal, &isSystem);
-  if (NS_FAILED(rv) || isSystem) {
-    // Don't pass this principal along to content windows
+  // Now, if we're about to use the system principal, make sure we're not using
+  // it for a content docshell.
+  if (newWindowPrincipal == systemPrincipal) {
     int32_t itemType;
-    rv = aItem->GetItemType(&itemType);
+    nsCOMPtr<nsIDocShellTreeItem> item = do_QueryInterface(GetDocShell());
+    nsresult rv = item->GetItemType(&itemType);
     if (NS_FAILED(rv) || itemType != nsIDocShellTreeItem::typeChrome) {
       newWindowPrincipal = nullptr;
     }
   }
 
+  // Set the initial about:blank document up with the correct principal.
   SetOpenerScriptPrincipal(newWindowPrincipal);
 }
 

dom/base/nsGlobalWindow.h

@@ -343,8 +343,7 @@ public:
   virtual NS_HIDDEN_(void) SetChromeEventHandler(nsIDOMEventTarget* aChromeEventHandler);
 
   virtual NS_HIDDEN_(void) SetOpenerScriptPrincipal(nsIPrincipal* aPrincipal);
-  virtual NS_HIDDEN_(void) SetInitialPrincipalToSubject(nsIDocShellTreeItem* aItem,
-                                                        nsIDOMWindow* aParent);
+  virtual NS_HIDDEN_(void) SetInitialPrincipalToSubject();
   virtual NS_HIDDEN_(nsIPrincipal*) GetOpenerScriptPrincipal();
 
   virtual NS_HIDDEN_(PopupControlState) PushPopupControlState(PopupControlState state, bool aForce) const;

dom/base/nsPIDOMWindow.h

@@ -24,7 +24,6 @@
 
 class nsIIdleObserver;
 class nsIPrincipal;
-class nsIDocShellTreeItem; // XXX - Temporary! Goes away in the next patch
 
 // Popup control state enum. The values in this enum must go from most
 // permissive to least permissive so that it's safe to push state in
@@ -287,8 +286,7 @@ public:
   // preloaded into it when it was created, or created by
   // CreateAboutBlankContentViewer()).
   virtual void SetOpenerScriptPrincipal(nsIPrincipal* aPrincipal) = 0;
-  virtual void SetInitialPrincipalToSubject(nsIDocShellTreeItem* aItem,
-                                            nsIDOMWindow* aParent) = 0;
+  virtual void SetInitialPrincipalToSubject() = 0;
 
   // Ask this window who opened it.
   virtual nsIPrincipal* GetOpenerScriptPrincipal() = 0;

embedding/components/windowwatcher/src/nsWindowWatcher.cpp

@@ -879,7 +879,7 @@ nsWindowWatcher::OpenWindowInternal(nsIDOMWindow *aParent,
     NS_ASSERTION(newWindow == newDebugWindow, "Different windows??");
 #endif
     if (newWindow) {
-      newWindow->SetInitialPrincipalToSubject(newDocShellItem, aParent);
+      newWindow->SetInitialPrincipalToSubject();
     }
   }