mirror of
https://github.com/roytam1/palemoon27.git
synced 2026-05-26 23:06:52 +00:00
roytam1
54259209d7
- Bug 891551 - Part 7: Fix some intermittent failures in multi_tcp_socket_unittest. r=ekr (b0fb5f6167)
- Bug 891551 - Part 11: fix a couple of issues from part 5. r=bwc (1f3586e037)
- Bug 1131779: 403 on permission request no longer invalidates the whole TURN relay. r=bwc (d0c594e2c7)
- Bug 797262 - IPV6 support for webrtc. r=drno (91894f480c)
- Bug 1187775 - Plumb RTCConfiguration.iceTransportPolicy down to NrIceCtx. r=smaug, r=bwc (1edc8f89c7)
- Bug 1191258 - check for IFF_RUNNING to detect online interfaces. r=mcmanus (3882c4d36e)
- Bug 1191253 - start the link monitor, ignore link-local notifications. r=mcmanus (f26b864061)
- Bug 1203658 - mark Linux's nsNotifyAddrListener::mChildThreadShutdown member as Atomic; r=bagder (6459a89dc0)
- re-enable warnings (e132d2f5db)
- Bug 1205266 - log network-change events on Mac. r=mcmanus (4c50d25945)
- Bug 1163419 - Make nsQtNetworkLinkService destructor private. r=dougt (c6993deef9)
- Bug 1178091: Implement RTCDataChannel BufferedAmountLowThreshold and bufferedamountlow event r=smaug,drno (0536f587b4)
- Bug 1194817: disable PMTUD in DataChannels/SCTP, set initial MTU per spec r=tuexen (60db372861)
- Bug 1198730: fix simple bug in PMTUD disable that clears all other flags r=tuexen (aeac9858cf)
- Bug 1148231: fix wrong error message on DataChannel failed resend of packet r=khuey (c1d9d11e17)
- Bug 1152334 - StartWebsocketData null deref mSocketIn, r=bagder (e55850770e)
- Bug 1149872 - Add the missing format specifiers. r=jduell (ffef5c91c2)
- Bug 1182515 - WebSocketChannel leaked when WebSocketChannel::AsyncOpen fails, r=mcmanus (0b52e2eb82)
- Bug 1140765 - Build some network code in unified mode; r=mcmanus (a6b9c325bb)
- Bug 1147749 - View source should go through service worker interception, r=bz, r=jduell (8c5a3cab90)
- Bug 1137151: Marked destructors of ref-counted RTSP classes as protected, r=sworkman (a6873944ee)
- Bug 1117486 - [FFOS2.0][Woodduck] System crash by replaying the same RTSP clip several times. r=bechen (1401ee0f11)
- Bug 1133461 - [RTSP] Remove the extra PLAY request for seek operation. r=bechen (c603b06ac6)
- Bug 1138983 - RTSP not enabled in Lollipop. r=vchang (a42d0bcd30)
- Bug 1144513 - [gonk-lmr1] Adapt RTSPSource.cpp. r=ettseng (8e011ab7bf)
- Bug 1151760 - Separate timeout timer with end of stream. r=ettseng (60bb18556c)
- Bug 1208756 - Hoist shared CheckMayLoad logic into BasePrincipal. r=bz (0108fa0c7c)
- Bug 1208756 - Introduce URI_FETCHABLE_BY_ANYONE and use it for moz-extension. r=bz (04de31fcbd)
- Bug 1188421 - Properly null memory reporter's compressor reference. r=hurley (9275695d87)
- bug 1204614 - test for h2 per stream flow control r=hurley (a56d4aacff)
- Bug 1197847 - Disallow folded headers in h2. r=mcmanus (ec5febf843)
- Bug 1136361 - update node-http2 on ci. rs=mcmanus (a7e2de9e02)
- Bug 1197847 - make debugging h2 and spdy test servers easier. r=mcmanus (7dcc251b63)
- Missing bits of 1132357 (431f194ed7)
- Bug 1207519 - Prevent HashTable shrink from ignoring allocation failures that may have been reported r=Waldo (d9270ce946)
- Bug 920479 - Properly convert all arguments to the Function constructor to strings before parsing out an arguments list for the function to be created. r=arai (2ba9fb0af0)
- Bug 1206520: Create an option to throw on asm.js validation failures; r=luke (6a19a37db7)
- Bug 1210295 - Simplify TOK_DEFAULT case in Parser::exportDeclaration. r=Waldo (850e383381)
- code style (5356d4a123)
- Bug 589199 - Mark non-global lexical scopes are non-extensible. (r=efaust) (d0430a0f5e)
- Bug 589199 - Cleanup: remove unused DEPTH_SLOT from BlockObject. (r=efaust) (97206b2b00)
- Bug 1211100 - Add Vector::infallibleEmplaceBack and use it in JSScript::initScriptCounts() r=nbp (09705ff8db)
- Bug 1199203 - Add support for per-thread OOM testing. r=jonco (2a9919d659)
- Bug 1171226 - Fix mozilla::devtools::UniqueStringHashPolicy::match for strings with the same prefix; r=jimb (1843cec175)
- Bug 1206290 - Part 0: Move js/UbiNodeTraverse.h to js/UbiNodeBreadthFirst.h; r=sfink (c22e008995)
- Bug 1199843 - Part 1: Prefer T::traceChildren over tag dispatched TraceChildren; r=jonco (d935bb1c1c)
- Bug 1199843 - Part 2: Use js::TraceChildren everywhere we don't need external linkage; r=jonco (de8cd29a01)
- Bug 1199843 - Part 3: Strongly type JS::TraceChildren; r=jonco r=mccr8 (2cdd931159)
- Bug 1178961 - Restore the std::string fix from bug 1167230 r=BenWa (4251402fce)
- Bug 1206288 - Remove JS::ubi::SimpleEdge and make JS::ubi::Edge a concrete class; r=shu (d995efed2d)
- Bug 1182653 - Use JSRuntime* instead of JSContext* in ubi::Node infrastructure; r=sfink (e11e0bd0ba)
- Bug 1207236 - ARM64: Build errors with --enable-simulator=arm64. r=h4writer (cc76d43493)
- Bug 1207793 - Fix unified bustage from the TaggedPointer split; r=jolesen (e05b300406)
- Bug 1204866 - IonMonkey: Crash when failing to apand to parse finished list, r=bhackett (efab1b4a1f)
- Bug 1209911 - Use a Variant type to represent HelperThread data r=jandem (ea21131f21)
- Bug 1209911 - Make AutoEnterOOMUnsafeRegion ignore threads that are not simulating OOM r=terrence (769f06a4dc)
- Bug 1203814 - "Adding a testing function causes intermittent orange in oomInFormatStackDump.js on Win32 debug SM(p)." r=jcoppeard (da95054606)
- Bug 1209911 - Add oomThreadTypes() test function to report the number of thread types we can simulate OOM on r=terrence (1d56ca0b74)
- Bug 1209911 - Limit the number of helper threads of a particular type when simulating OOM r=jandem (ceafa83794)
- Bug 1209911 - Remove option to simulate OOM on all threads r=terrence (b43fcf3959)
- Bug 1201057 - Update shell args for OOM tests now we don't have to worry about unhandlable OOMs r=terrence (843c1fc6e3)
- Bug 1208994 - ToAtom<NoGC> should not throw an exception on failure r=terrence (ad57246c1e)
- Bug 1210760 - Don't simulate OOM in ExceptionHandlerBailout() r=terrence (89bab8d51b)
- Bug 1209911 - Enable threads for existing OOM tests r=terrence (a6f94e1f2f)
- Bug 1169974 - Tolerate inconsistent-missing-override warnings for MOCK_METHOD2 macro from gtests. r=fitzgen. (96d613239d)
- Bug 1206290 - Part 1: Implement a JS::ubi::PostOrder depth first traversal; r=sfink (d4de3aa8bc)
- Bug 1196461 - De-duplicate strings in heap snapshot core dumps; r=shu,jimb (24080971ae)
- missing bit of 1101561 (d4b61c9688)
- Bug 1199215 - Implement JS::ubi::Node::size for JS::Symbol referents;S::ubi::Node::size for JS::Symbol referents; r=sfink (929fceb199)
- Bug 1200345: Add comment to js/public/UbiNode.h warning about operating on graphs constructed by hostile code. DONTBUILD r=fitzgen (b83c2d0aad)
- Bug 1199216 - Implement JS::ubi::Node::size for JSScript referents; r=sfink (5a134ffa8e)
- Bug 1205744 - Removed redundant method IsContextRunningJS. r=h4writer (a7e90bbead)
- Bug 1203920 - Get rid of JS_SetStructuredCloneCallbacks, r=sfink (197118cf95)
- Bug 1204554 part 1 - Remove unused JSContext from LcovWriteScript. r=bhackett (12fa4dcc99)
- Bug 1209263 - Allow embedders to tell SpiderMonkey how to structured clone principals; r=bz (c4e929e50f)
- Bug 1191098 - Replace AutoHashableValueRooter with Rooted<HashableValue>; r=jonco (99e23cf3a4)
- Bug 1190628 - Replace AutoScriptVector with normal Rooted usage; r=jimb (926d499edd)
- Bug 1188445 - Allow PersistentRooted to store StaticTraceable; r=sfink (eac1824298)
- Bug 1195957 - Implement a Swap for Heap<T> that does not put temporaries on the stack, r=terrence (26935b5efd)
- Bug 1203695 - GenerateLcovInfo: Check if JSScripts have associated bytecode before spewing their content. r=bhackett (71854b606a)
- Bug 1204554 part 2 - Split LCov functions to make the aggregation of results incremental. r=terrence,bhackett (3a6bd8719e)
- Bug 1204554 part 3.0 - Collect lcov output on the JSCompartment, and on the JSRuntime. r=terrence,bhackett (35544460b1)
- Bug 1204554 part 3.1 - Prevent lazy parsing if we have to spew lcov result. r=bhackett (b36775e171)
- Bug 1204554 part 3.2 - Collect the source files before any script, as they are swept first. r=terrence (4d841a641e)
- Bug 1204554 part 3.3 - Only collect inner JSScript if they have the same source. r=terrence (b38f45764e)
- Bug 1204554 part 3.4 - Ensure that scriptCountsMaps data are still alive until the destruction of compartments. r=terrence,bhackett (50d4217d20)
- Bug 1200642 - Fix OOM handling issues r=terrence (d8ba8b1714)
- Bug 1206247 - Do not collect coverage information if the source has n filename. r=bhackett (0602188d8e)
- pointer style (09cd14aec3)
- Bug 1207232: Let lockOwner be Atomic; r=terrence (e4aa1e635d)
- Bug 1192304 - Common up the checks when entering GC API; r=jonco (935c618bc4)
- Bug 1192306 - Use a function to check if IsShutdownGC rather than open-coding it; r=jonco (c14a96ba2d)
- Bug 1202865 - Split out Zone selection from stats collection and malloc bytes reset; r=jonco (89d5e9def1)
- Bug 1193428 - Rename the incremental parameter to be more meaningful; r=jonco (5d5f38b39d)
- Bug 1209704 - Part 1: Rename BarrieredBase to WriteBarrieredBase; r=jonco (4559ae15aa)
- Bug 1209704 - Part 2: Share storage and mixins between Read and Write barriers; r=jonco (eddc9ff80c)
- Bug 1177515 - Skip tracing object elements if type information shows they don't contain any GC pointers r=terrence (94e2c1ee71)
- Bug 1209704 - Part 3: Share tracing accessors between all barrier classes; r=jonco (1e30d0f16d)
- Bug 1209704 - Part 4: Add a post-barrier to ReadBarriered; r=jonco (22bb316d70)
- Bug 1211022 - Add a type specialization for weak C++ GC thing references; r=sfink (d3d5e88ba8)
- Bug 1204169 - Push SPS pseudo frame entries when GCing; r=terrence (61501f7597)
- Bug 1211031 - Use WeakRef to manage the LazyScript to JSScript back-reference; r=jandem (7c48b04d35)
- Bug 1204167 - Create the js::AutoSPSEntry RAII class for defining psuedo frame entries; r=djvj (519342668f)
- Bug 1204584 - Ensure that entries created by AutoSPSEntry propogate their category information; r=djvj (bd5d96e8b6)
- Bug 1011786 - Diagnostic patch to detect cyclic ropes, r=terrence (c2ece1d49d)
- fix comment (619a5bff31)
463 lines
12 KiB
C++
463 lines
12 KiB
C++
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* vim: set ts=2 sw=2 et tw=80: */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#include "mozilla/BasePrincipal.h"
|
|
|
|
#include "nsDocShell.h"
|
|
#include "nsIAddonPolicyService.h"
|
|
#include "nsIContentSecurityPolicy.h"
|
|
#include "nsIObjectInputStream.h"
|
|
#include "nsIObjectOutputStream.h"
|
|
|
|
#include "nsPrincipal.h"
|
|
#include "nsNetUtil.h"
|
|
#include "nsIURIWithPrincipal.h"
|
|
#include "nsNullPrincipal.h"
|
|
#include "nsScriptSecurityManager.h"
|
|
#include "nsServiceManagerUtils.h"
|
|
|
|
#include "mozilla/dom/CSPDictionariesBinding.h"
|
|
#include "mozilla/dom/quota/QuotaManager.h"
|
|
#include "mozilla/dom/ToJSValue.h"
|
|
#include "mozilla/dom/URLSearchParams.h"
|
|
|
|
namespace mozilla {
|
|
|
|
using dom::URLParams;
|
|
|
|
void OriginAttributes::InheritFromDocShellParent(const OriginAttributes& aParent)
|
|
{
|
|
mAppId = aParent.mAppId;
|
|
mInBrowser = aParent.mInBrowser;
|
|
mUserContextId = aParent.mUserContextId;
|
|
mSignedPkg = aParent.mSignedPkg;
|
|
}
|
|
|
|
bool OriginAttributes::CopyFromLoadContext(nsILoadContext* aLoadContext)
|
|
{
|
|
OriginAttributes attrs;
|
|
bool result = aLoadContext->GetOriginAttributes(attrs);
|
|
NS_ENSURE_TRUE(result, false);
|
|
|
|
mAppId = attrs.mAppId;
|
|
mInBrowser = attrs.mInBrowser;
|
|
mAddonId = attrs.mAddonId;
|
|
mUserContextId = attrs.mUserContextId;
|
|
mSignedPkg = attrs.mSignedPkg;
|
|
return true;
|
|
}
|
|
|
|
void
|
|
OriginAttributes::CreateSuffix(nsACString& aStr) const
|
|
{
|
|
MOZ_RELEASE_ASSERT(mAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID);
|
|
|
|
UniquePtr<URLParams> params(new URLParams());
|
|
nsAutoString value;
|
|
|
|
//
|
|
// Important: While serializing any string-valued attributes, perform a
|
|
// release-mode assertion to make sure that they don't contain characters that
|
|
// will break the quota manager when it uses the serialization for file
|
|
// naming (see addonId below).
|
|
//
|
|
|
|
if (mAppId != nsIScriptSecurityManager::NO_APP_ID) {
|
|
value.AppendInt(mAppId);
|
|
params->Set(NS_LITERAL_STRING("appId"), value);
|
|
}
|
|
|
|
if (mInBrowser) {
|
|
params->Set(NS_LITERAL_STRING("inBrowser"), NS_LITERAL_STRING("1"));
|
|
}
|
|
|
|
if (!mAddonId.IsEmpty()) {
|
|
MOZ_RELEASE_ASSERT(mAddonId.FindCharInSet(dom::quota::QuotaManager::kReplaceChars) == kNotFound);
|
|
params->Set(NS_LITERAL_STRING("addonId"), mAddonId);
|
|
}
|
|
|
|
if (mUserContextId != nsIScriptSecurityManager::DEFAULT_USER_CONTEXT_ID) {
|
|
value.Truncate();
|
|
value.AppendInt(mUserContextId);
|
|
params->Set(NS_LITERAL_STRING("userContextId"), value);
|
|
}
|
|
|
|
if (!mSignedPkg.IsEmpty()) {
|
|
params->Set(NS_LITERAL_STRING("signedPkg"), mSignedPkg);
|
|
}
|
|
|
|
aStr.Truncate();
|
|
|
|
params->Serialize(value);
|
|
if (!value.IsEmpty()) {
|
|
aStr.AppendLiteral("^");
|
|
aStr.Append(NS_ConvertUTF16toUTF8(value));
|
|
}
|
|
|
|
// In debug builds, check the whole string for illegal characters too (just in case).
|
|
#ifdef DEBUG
|
|
nsAutoCString str;
|
|
str.Assign(aStr);
|
|
MOZ_ASSERT(str.FindCharInSet(dom::quota::QuotaManager::kReplaceChars) == kNotFound);
|
|
#endif
|
|
}
|
|
|
|
namespace {
|
|
|
|
class MOZ_STACK_CLASS PopulateFromSuffixIterator final
|
|
: public URLParams::ForEachIterator
|
|
{
|
|
public:
|
|
explicit PopulateFromSuffixIterator(OriginAttributes* aOriginAttributes)
|
|
: mOriginAttributes(aOriginAttributes)
|
|
{
|
|
MOZ_ASSERT(aOriginAttributes);
|
|
}
|
|
|
|
bool URLParamsIterator(const nsString& aName,
|
|
const nsString& aValue) override
|
|
{
|
|
if (aName.EqualsLiteral("appId")) {
|
|
nsresult rv;
|
|
mOriginAttributes->mAppId = aValue.ToInteger(&rv);
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
return false;
|
|
}
|
|
|
|
if (mOriginAttributes->mAppId == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
if (aName.EqualsLiteral("inBrowser")) {
|
|
if (!aValue.EqualsLiteral("1")) {
|
|
return false;
|
|
}
|
|
|
|
mOriginAttributes->mInBrowser = true;
|
|
return true;
|
|
}
|
|
|
|
if (aName.EqualsLiteral("addonId")) {
|
|
MOZ_RELEASE_ASSERT(mOriginAttributes->mAddonId.IsEmpty());
|
|
mOriginAttributes->mAddonId.Assign(aValue);
|
|
return true;
|
|
}
|
|
|
|
if (aName.EqualsLiteral("userContextId")) {
|
|
nsresult rv;
|
|
mOriginAttributes->mUserContextId = aValue.ToInteger(&rv);
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
if (aName.EqualsLiteral("signedPkg")) {
|
|
MOZ_RELEASE_ASSERT(mOriginAttributes->mSignedPkg.IsEmpty());
|
|
mOriginAttributes->mSignedPkg.Assign(aValue);
|
|
return true;
|
|
}
|
|
|
|
// No other attributes are supported.
|
|
return false;
|
|
}
|
|
|
|
private:
|
|
OriginAttributes* mOriginAttributes;
|
|
};
|
|
|
|
} // namespace
|
|
|
|
bool
|
|
OriginAttributes::PopulateFromSuffix(const nsACString& aStr)
|
|
{
|
|
if (aStr.IsEmpty()) {
|
|
return true;
|
|
}
|
|
|
|
if (aStr[0] != '^') {
|
|
return false;
|
|
}
|
|
|
|
UniquePtr<URLParams> params(new URLParams());
|
|
params->ParseInput(Substring(aStr, 1, aStr.Length() - 1));
|
|
|
|
PopulateFromSuffixIterator iterator(this);
|
|
return params->ForEach(iterator);
|
|
}
|
|
|
|
bool
|
|
OriginAttributes::PopulateFromOrigin(const nsACString& aOrigin,
|
|
nsACString& aOriginNoSuffix)
|
|
{
|
|
// RFindChar is only available on nsCString.
|
|
nsCString origin(aOrigin);
|
|
int32_t pos = origin.RFindChar('^');
|
|
|
|
if (pos == kNotFound) {
|
|
aOriginNoSuffix = origin;
|
|
return true;
|
|
}
|
|
|
|
aOriginNoSuffix = Substring(origin, 0, pos);
|
|
return PopulateFromSuffix(Substring(origin, pos));
|
|
}
|
|
|
|
BasePrincipal::BasePrincipal()
|
|
{}
|
|
|
|
BasePrincipal::~BasePrincipal()
|
|
{}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::GetOrigin(nsACString& aOrigin)
|
|
{
|
|
return GetOriginInternal(aOrigin);
|
|
}
|
|
|
|
bool
|
|
BasePrincipal::Subsumes(nsIPrincipal* aOther, DocumentDomainConsideration aConsideration)
|
|
{
|
|
MOZ_ASSERT(aOther);
|
|
return SubsumesInternal(aOther, aConsideration);
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::Equals(nsIPrincipal *aOther, bool *aResult)
|
|
{
|
|
NS_ENSURE_TRUE(aOther, NS_ERROR_INVALID_ARG);
|
|
*aResult = Subsumes(aOther, DontConsiderDocumentDomain) &&
|
|
Cast(aOther)->Subsumes(this, DontConsiderDocumentDomain);
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::EqualsConsideringDomain(nsIPrincipal *aOther, bool *aResult)
|
|
{
|
|
NS_ENSURE_TRUE(aOther, NS_ERROR_INVALID_ARG);
|
|
*aResult = Subsumes(aOther, ConsiderDocumentDomain) &&
|
|
Cast(aOther)->Subsumes(this, ConsiderDocumentDomain);
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::Subsumes(nsIPrincipal *aOther, bool *aResult)
|
|
{
|
|
NS_ENSURE_TRUE(aOther, NS_ERROR_INVALID_ARG);
|
|
*aResult = Subsumes(aOther, DontConsiderDocumentDomain);
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::SubsumesConsideringDomain(nsIPrincipal *aOther, bool *aResult)
|
|
{
|
|
NS_ENSURE_TRUE(aOther, NS_ERROR_INVALID_ARG);
|
|
*aResult = Subsumes(aOther, ConsiderDocumentDomain);
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::CheckMayLoad(nsIURI* aURI, bool aReport, bool aAllowIfInheritsPrincipal)
|
|
{
|
|
// Check the internal method first, which allows us to quickly approve loads
|
|
// for the System Principal.
|
|
if (MayLoadInternal(aURI)) {
|
|
return NS_OK;
|
|
}
|
|
|
|
nsresult rv;
|
|
if (aAllowIfInheritsPrincipal) {
|
|
// If the caller specified to allow loads of URIs that inherit
|
|
// our principal, allow the load if this URI inherits its principal.
|
|
bool doesInheritSecurityContext;
|
|
rv = NS_URIChainHasFlags(aURI, nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT,
|
|
&doesInheritSecurityContext);
|
|
if (NS_SUCCEEDED(rv) && doesInheritSecurityContext) {
|
|
return NS_OK;
|
|
}
|
|
}
|
|
|
|
bool fetchableByAnyone;
|
|
rv = NS_URIChainHasFlags(aURI, nsIProtocolHandler::URI_FETCHABLE_BY_ANYONE, &fetchableByAnyone);
|
|
if (NS_SUCCEEDED(rv) && fetchableByAnyone) {
|
|
return NS_OK;
|
|
}
|
|
|
|
if (aReport) {
|
|
nsCOMPtr<nsIURI> prinURI;
|
|
rv = GetURI(getter_AddRefs(prinURI));
|
|
if (NS_SUCCEEDED(rv) && prinURI) {
|
|
nsScriptSecurityManager::ReportError(nullptr, NS_LITERAL_STRING("CheckSameOriginError"), prinURI, aURI);
|
|
}
|
|
}
|
|
|
|
return NS_ERROR_DOM_BAD_URI;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::GetCsp(nsIContentSecurityPolicy** aCsp)
|
|
{
|
|
NS_IF_ADDREF(*aCsp = mCSP);
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::SetCsp(nsIContentSecurityPolicy* aCsp)
|
|
{
|
|
// If CSP was already set, it should not be destroyed! Instead, it should
|
|
// get set anew when a new principal is created.
|
|
if (mCSP)
|
|
return NS_ERROR_ALREADY_INITIALIZED;
|
|
|
|
mCSP = aCsp;
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::GetCspJSON(nsAString& outCSPinJSON)
|
|
{
|
|
outCSPinJSON.Truncate();
|
|
dom::CSPPolicies jsonPolicies;
|
|
|
|
if (!mCSP) {
|
|
jsonPolicies.ToJSON(outCSPinJSON);
|
|
return NS_OK;
|
|
}
|
|
return mCSP->ToJSON(outCSPinJSON);
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::GetIsNullPrincipal(bool* aIsNullPrincipal)
|
|
{
|
|
*aIsNullPrincipal = false;
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::GetJarPrefix(nsACString& aJarPrefix)
|
|
{
|
|
MOZ_ASSERT(AppId() != nsIScriptSecurityManager::UNKNOWN_APP_ID);
|
|
|
|
mozilla::GetJarPrefix(mOriginAttributes.mAppId, mOriginAttributes.mInBrowser, aJarPrefix);
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::GetOriginAttributes(JSContext* aCx, JS::MutableHandle<JS::Value> aVal)
|
|
{
|
|
if (NS_WARN_IF(!ToJSValue(aCx, mOriginAttributes, aVal))) {
|
|
return NS_ERROR_FAILURE;
|
|
}
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::GetOriginSuffix(nsACString& aOriginAttributes)
|
|
{
|
|
mOriginAttributes.CreateSuffix(aOriginAttributes);
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::GetAppStatus(uint16_t* aAppStatus)
|
|
{
|
|
if (AppId() == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
|
|
NS_WARNING("Asking for app status on a principal with an unknown app id");
|
|
*aAppStatus = nsIPrincipal::APP_STATUS_NOT_INSTALLED;
|
|
return NS_OK;
|
|
}
|
|
|
|
*aAppStatus = nsScriptSecurityManager::AppStatusForPrincipal(this);
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::GetAppId(uint32_t* aAppId)
|
|
{
|
|
if (AppId() == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
|
|
MOZ_ASSERT(false);
|
|
*aAppId = nsIScriptSecurityManager::NO_APP_ID;
|
|
return NS_OK;
|
|
}
|
|
|
|
*aAppId = AppId();
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::GetUserContextId(uint32_t* aUserContextId)
|
|
{
|
|
*aUserContextId = UserContextId();
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::GetIsInBrowserElement(bool* aIsInBrowserElement)
|
|
{
|
|
*aIsInBrowserElement = IsInBrowserElement();
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
BasePrincipal::GetUnknownAppId(bool* aUnknownAppId)
|
|
{
|
|
*aUnknownAppId = AppId() == nsIScriptSecurityManager::UNKNOWN_APP_ID;
|
|
return NS_OK;
|
|
}
|
|
|
|
already_AddRefed<BasePrincipal>
|
|
BasePrincipal::CreateCodebasePrincipal(nsIURI* aURI, const OriginAttributes& aAttrs)
|
|
{
|
|
// If the URI is supposed to inherit the security context of whoever loads it,
|
|
// we shouldn't make a codebase principal for it.
|
|
bool inheritsPrincipal;
|
|
nsresult rv = NS_URIChainHasFlags(aURI, nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT,
|
|
&inheritsPrincipal);
|
|
nsCOMPtr<nsIPrincipal> principal;
|
|
if (NS_FAILED(rv) || inheritsPrincipal) {
|
|
return nsNullPrincipal::Create();
|
|
}
|
|
|
|
// Check whether the URI knows what its principal is supposed to be.
|
|
nsCOMPtr<nsIURIWithPrincipal> uriPrinc = do_QueryInterface(aURI);
|
|
if (uriPrinc) {
|
|
nsCOMPtr<nsIPrincipal> principal;
|
|
uriPrinc->GetPrincipal(getter_AddRefs(principal));
|
|
if (!principal) {
|
|
return nsNullPrincipal::Create();
|
|
}
|
|
nsRefPtr<BasePrincipal> concrete = Cast(principal);
|
|
return concrete.forget();
|
|
}
|
|
|
|
// Mint a codebase principal.
|
|
nsRefPtr<nsPrincipal> codebase = new nsPrincipal();
|
|
rv = codebase->Init(aURI, aAttrs);
|
|
NS_ENSURE_SUCCESS(rv, nullptr);
|
|
return codebase.forget();
|
|
}
|
|
|
|
bool
|
|
BasePrincipal::AddonAllowsLoad(nsIURI* aURI)
|
|
{
|
|
if (mOriginAttributes.mAddonId.IsEmpty()) {
|
|
return false;
|
|
}
|
|
|
|
nsCOMPtr<nsIAddonPolicyService> aps = do_GetService("@mozilla.org/addons/policy-service;1");
|
|
NS_ENSURE_TRUE(aps, false);
|
|
|
|
bool allowed = false;
|
|
nsresult rv = aps->AddonMayLoadURI(mOriginAttributes.mAddonId, aURI, &allowed);
|
|
return NS_SUCCEEDED(rv) && allowed;
|
|
}
|
|
|
|
} // namespace mozilla
|