mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 795061 - AssertAppProcessPermission: Kill any process that doesn't have the specified permission, not just app processes. r=cjones
This commit is contained in:
parent
f55a37c1ba
commit
fa0bd2ad31
@ -26,11 +26,16 @@ let ppmm = Cc["@mozilla.org/parentprocessmessagemanager;1"]
|
||||
.getService(Ci.nsIMessageBroadcaster);
|
||||
|
||||
/**
|
||||
* Load the example.org app in an <iframe mozbrowser mozapp>
|
||||
* Load the example.org site in an <iframe mozbrowser>
|
||||
*
|
||||
* @param isApp
|
||||
* If true, the example.org site will be loaded as an app.
|
||||
*/
|
||||
function loadApp(callback) {
|
||||
function loadBrowser(isApp, callback) {
|
||||
let iframe = document.createElement("iframe");
|
||||
iframe.setAttribute("mozapp", APP_MANIFEST);
|
||||
if (isApp) {
|
||||
iframe.setAttribute("mozapp", APP_MANIFEST);
|
||||
}
|
||||
iframe.mozbrowser = true;
|
||||
iframe.src = APP_URL;
|
||||
document.getElementById("content").appendChild(iframe);
|
||||
@ -102,18 +107,15 @@ function expectFrameProcessShutdown(iframe, frameMM, processMM, callback) {
|
||||
});
|
||||
}
|
||||
|
||||
function runTests(callback) {
|
||||
function setUp() {
|
||||
SpecialPowers.setBoolPref("dom.mozBrowserFramesEnabled", true);
|
||||
SpecialPowers.setBoolPref("dom.ipc.browser_frames.oop_by_default", true);
|
||||
SpecialPowers.addPermission("browser", true, window.document);
|
||||
runNextTest();
|
||||
}
|
||||
|
||||
function tearDown() {
|
||||
SpecialPowers.clearUserPref("dom.mozBrowserFramesEnabled");
|
||||
SpecialPowers.clearUserPref("dom.ipc.browser_frames.oop_by_default");
|
||||
SimpleTest.finish();
|
||||
}
|
||||
|
||||
loadApp(function (iframe) {
|
||||
function makeKillTest(isApp) function testKill() {
|
||||
loadBrowser(isApp, function (iframe) {
|
||||
// We want to make sure we get notified on both the frame and
|
||||
// process message managers.
|
||||
let frameMM = SpecialPowers.getBrowserFrameMessageManager(iframe);
|
||||
@ -124,12 +126,33 @@ function runTests(callback) {
|
||||
"Content child should not have this permission");
|
||||
expectFrameProcessShutdown(iframe, frameMM, processMM, function () {
|
||||
iframe.parentNode.removeChild(iframe);
|
||||
tearDown();
|
||||
runNextTest();
|
||||
});
|
||||
});
|
||||
});
|
||||
}
|
||||
|
||||
function tearDown() {
|
||||
SpecialPowers.clearUserPref("dom.mozBrowserFramesEnabled");
|
||||
SpecialPowers.clearUserPref("dom.ipc.browser_frames.oop_by_default");
|
||||
SimpleTest.finish();
|
||||
}
|
||||
|
||||
let _tests = [
|
||||
setUp,
|
||||
makeKillTest(false),
|
||||
makeKillTest(true),
|
||||
tearDown
|
||||
]
|
||||
function runNextTest() {
|
||||
SimpleTest.executeSoon(_tests.shift());
|
||||
}
|
||||
|
||||
function runTests() {
|
||||
SimpleTest.waitForExplicitFinish();
|
||||
runNextTest();
|
||||
}
|
||||
|
||||
</script>
|
||||
</pre>
|
||||
</body>
|
||||
|
@ -28,17 +28,19 @@ AssertAppProcessPermission(PBrowserParent* aActor, const char* aPermission)
|
||||
|
||||
TabParent* tab = static_cast<TabParent*>(aActor);
|
||||
nsCOMPtr<mozIApplication> app = tab->GetApp();
|
||||
bool hasPermission = false;
|
||||
|
||||
// isBrowser frames inherit their app descriptor to identify their
|
||||
// data storage, but they don't inherit the permissions associated
|
||||
// with that descriptor.
|
||||
if (!app || tab->IsBrowserElement()) {
|
||||
return false;
|
||||
if (app && !tab->IsBrowserElement()) {
|
||||
if (!NS_SUCCEEDED(app->HasPermission(aPermission, &hasPermission))) {
|
||||
hasPermission = false;
|
||||
}
|
||||
}
|
||||
|
||||
bool hasPermission = false;
|
||||
if (!NS_SUCCEEDED(app->HasPermission(aPermission, &hasPermission)) ||
|
||||
!hasPermission) {
|
||||
printf_stderr("Security problem: App process does not have `%s' permission. It will be killed.", aPermission);
|
||||
if (!hasPermission) {
|
||||
printf_stderr("Security problem: Content process does not have `%s' permission. It will be killed.\n", aPermission);
|
||||
ContentParent* process = static_cast<ContentParent*>(aActor->Manager());
|
||||
process->KillHard();
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user