mirror of
https://github.com/roytam1/palemoon27.git
synced 2026-05-26 14:30:27 +00:00
roytam1
56aad8a83e
- Bug 1149987 - Part 2: Make ErrorResult unassignable; r=bzbarsky (32661559b) - Bug 1149987 - Part 3: Give ErrorResult a move constructor and a move assignment operator; (27f4c6125) - Bug 1149987 - Part 4: Do not attempt to delete ErrorResult::mMessage when deserializing the object from IPDL; r=bzbarsky (0f9dcc603) - Bug 1110485 P0 Add an ErrorResult constructor that takes nsresult. (72a779666) - Bug 1110485 P1 Refactor Cache IPC requests to use a separate actor. (a7e4c1959) - Bug 1127914 - Part 1 - Duplicate keyed histograms for double submission. (78673277f) - Bug 1127914 - Part 2 - Duplicate normal histograms for double submission. (55c302057) - Bug 1127914 - Part 3 - Submit duplicate histogram data for 'non-classic' telemetry sessions. r=vladan (bb3e49c43) - Bug 1120362 - Part 1 - Enable snapshotting and clearing subsession histograms. (14378a6e5) - Bug 1120362 - Part 2 - Enable snapshotting and clearing keyed subsession histograms. r=vladan (c0e0bfb3e) - partial apply of Bug 1119281 - Fix missing telemetry client id (ae0dc0194) - Bug 1122047 - Part 1 - Sketch out Telemetry environment module. (0419391b0) - Bug 1122047 - Part 2 - Make TelemetryPing shutdown properly on delayed initialization (0102cef09) - Bug 1122061 - Give TelemetryPing a common API for sending pings. (999cb825d) - Bug 1122061 - Move TelemetrySession tests out of test_telemetryPing.js. (2d5b61de1) - Bug 1120362 - Part 3 - Reset subsession histograms on telemetry payload collections. r=vladan (0d3f04df1) - Bug 1120362 - Part 4 - Start new telemetry subsessions on local midnight. r=vladan (93eb9ca21) - Bug 1120363 - Break up Telemetry sessions on environment changes. (a7c8d70c7) - Bug 1122052 - Remove duplicated data from TelemetrySession. (bb905d602) - Bug 1122050 - Remove persona and experiment data from TelemetrySession. (40ca59a9e) - Bug 1134268 - Part 1 - Fix and order Telemetry shutdown for TelemetryPing and TelemetrySession. r=yoric (30d0f0656) - Bug 1134268 - Part 2 - Fixup TelemetryEnvironment shutdown if the module wasnt initialized. r=vladan (ec2875fea) - Bug 1135076 - Missing histograms in childPayloads. r=vladan (9f317cf9d) - Bug 1134279 - Make TelemetryPing and TelemetrySession code use the "FHR enabled" & "Telemetry enabled" prefs properly. r=vladan (4050d7f24) - Bug 1128768: Part 1 - Modify IPC to allow retrieval of topmost routing id on the stack; (cd2e8a2f0) - Bug 1129249 - Add a "restyle" feature to profiler and split the style label in Cleopatra based on the restyleSource, r=dholbert,mstange (b37df94d1) - Bug 1150684: Remove XPCOM.h from IOInterposer.h (5b7e1cef3) - Bug 1093934 - Create a XPCOM library that can be used to support standalone WebRTC. (9ec8a819f) - Merge branch 'master' of https://github.com/rmottola/Arctic-Fox (d0f05eea4) - Bug 1128768: Part 2,3,4 - Refactor hang annotation code; (f5086aba9) (with xpcom/threads/ fixes for my tele-removed tree) - Bug 1128768: Part 5 - Update plugin code to retrieve SWF file for hang annotations; (774a47aec) - Bug 1110485 P2 Remove 'P' prefix from non-protocol IPC types in Cache API. r=baku (ea29a10cf) - Bug 1110485 P3 Move Fetch IPC PHeaderEntry type to Cache. Rename HeadesEntry. (9eba0aca0) - Bug 1110485 P4 Keep Cache Actors alive during async operations. (eb75f2316) - Bug 1110485 P5 Replace useless DBSchema class type with namespace. (159b902db) - Bug 1110485 P6 Remove useless cache::FileUtils type (1bdf00fc3) - Bug 1110485 P7 Rename DeleteCache() to DeleteCacheId() better distinguish it from CacheDelete(). (5199f9d6f) - Bug 1110485 P8 Correctly set the Feature on the stream control child actor. (c8673cb13) - Bug 1150691 Fix Cache API race with storage invalidation. (2723dff50) - Bug 1151892 Refactor Cache Manager Context usage to be more sane and fix shutdown assert. r=ehsan (ea96381cf) - Bug 1136331 - OdinMonkey: allow stdlib calls in heap expressions (2fc5e2bfd) - Bug 1141439 - Exit with an error code instead of falling through the REMOTE_NOT_FOUND code path when the X-remote returns an explicit command line handler error. (afcf9b1aa) - Bug 1135825: Add missing MOZ_OVERRIDE annotation in RTCIdentityProviderRegistrar.h (e8beec4e8) - (Bug 1135138 is not merged due to broken build)
215 lines
6.3 KiB
C++
215 lines
6.3 KiB
C++
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#include "mozilla/dom/cache/PrincipalVerifier.h"
|
|
|
|
#include "mozilla/AppProcessChecker.h"
|
|
#include "mozilla/dom/ContentParent.h"
|
|
#include "mozilla/dom/cache/ManagerId.h"
|
|
#include "mozilla/ipc/BackgroundParent.h"
|
|
#include "mozilla/ipc/PBackgroundParent.h"
|
|
#include "mozilla/ipc/BackgroundUtils.h"
|
|
#include "nsIPrincipal.h"
|
|
#include "nsIScriptSecurityManager.h"
|
|
#include "nsNetUtil.h"
|
|
|
|
namespace mozilla {
|
|
namespace dom {
|
|
namespace cache {
|
|
|
|
using mozilla::ipc::AssertIsOnBackgroundThread;
|
|
using mozilla::ipc::BackgroundParent;
|
|
using mozilla::ipc::PBackgroundParent;
|
|
using mozilla::ipc::PrincipalInfo;
|
|
using mozilla::ipc::PrincipalInfoToPrincipal;
|
|
|
|
// static
|
|
already_AddRefed<PrincipalVerifier>
|
|
PrincipalVerifier::CreateAndDispatch(Listener* aListener,
|
|
PBackgroundParent* aActor,
|
|
const PrincipalInfo& aPrincipalInfo)
|
|
{
|
|
// We must get the ContentParent actor from the PBackgroundParent. This
|
|
// only works on the PBackground thread.
|
|
AssertIsOnBackgroundThread();
|
|
|
|
nsRefPtr<PrincipalVerifier> verifier = new PrincipalVerifier(aListener,
|
|
aActor,
|
|
aPrincipalInfo);
|
|
|
|
MOZ_ALWAYS_TRUE(NS_SUCCEEDED(NS_DispatchToMainThread(verifier)));
|
|
|
|
return verifier.forget();
|
|
}
|
|
|
|
void
|
|
PrincipalVerifier::AddListener(Listener* aListener)
|
|
{
|
|
AssertIsOnBackgroundThread();
|
|
MOZ_ASSERT(aListener);
|
|
MOZ_ASSERT(!mListenerList.Contains(aListener));
|
|
mListenerList.AppendElement(aListener);
|
|
}
|
|
|
|
void
|
|
PrincipalVerifier::RemoveListener(Listener* aListener)
|
|
{
|
|
AssertIsOnBackgroundThread();
|
|
MOZ_ASSERT(aListener);
|
|
MOZ_ALWAYS_TRUE(mListenerList.RemoveElement(aListener));
|
|
}
|
|
|
|
PrincipalVerifier::PrincipalVerifier(Listener* aListener,
|
|
PBackgroundParent* aActor,
|
|
const PrincipalInfo& aPrincipalInfo)
|
|
: mActor(BackgroundParent::GetContentParent(aActor))
|
|
, mPrincipalInfo(aPrincipalInfo)
|
|
, mInitiatingThread(NS_GetCurrentThread())
|
|
, mResult(NS_OK)
|
|
{
|
|
AssertIsOnBackgroundThread();
|
|
MOZ_ASSERT(mInitiatingThread);
|
|
MOZ_ASSERT(aListener);
|
|
|
|
mListenerList.AppendElement(aListener);
|
|
}
|
|
|
|
PrincipalVerifier::~PrincipalVerifier()
|
|
{
|
|
// Since the PrincipalVerifier is a Runnable that executes on multiple
|
|
// threads, its a race to see which thread de-refs us last. Therefore
|
|
// we cannot guarantee which thread we destruct on.
|
|
|
|
MOZ_ASSERT(mListenerList.IsEmpty());
|
|
|
|
// We should always be able to explicitly release the actor on the main
|
|
// thread.
|
|
MOZ_ASSERT(!mActor);
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
PrincipalVerifier::Run()
|
|
{
|
|
// Executed twice. First, on the main thread and then back on the
|
|
// originating thread.
|
|
|
|
if (NS_IsMainThread()) {
|
|
VerifyOnMainThread();
|
|
return NS_OK;
|
|
}
|
|
|
|
CompleteOnInitiatingThread();
|
|
return NS_OK;
|
|
}
|
|
|
|
void
|
|
PrincipalVerifier::VerifyOnMainThread()
|
|
{
|
|
MOZ_ASSERT(NS_IsMainThread());
|
|
|
|
// No matter what happens, we need to release the actor before leaving
|
|
// this method.
|
|
nsRefPtr<ContentParent> actor;
|
|
actor.swap(mActor);
|
|
|
|
nsresult rv;
|
|
nsRefPtr<nsIPrincipal> principal = PrincipalInfoToPrincipal(mPrincipalInfo,
|
|
&rv);
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
DispatchToInitiatingThread(rv);
|
|
return;
|
|
}
|
|
|
|
// We disallow null principal and unknown app IDs on the client side, but
|
|
// double-check here.
|
|
if (NS_WARN_IF(principal->GetIsNullPrincipal() ||
|
|
principal->GetUnknownAppId())) {
|
|
DispatchToInitiatingThread(NS_ERROR_FAILURE);
|
|
return;
|
|
}
|
|
|
|
// Verify that a child process claims to own the app for this principal
|
|
if (NS_WARN_IF(actor && !AssertAppPrincipal(actor, principal))) {
|
|
DispatchToInitiatingThread(NS_ERROR_FAILURE);
|
|
return;
|
|
}
|
|
actor = nullptr;
|
|
|
|
nsCOMPtr<nsIScriptSecurityManager> ssm = nsContentUtils::GetSecurityManager();
|
|
if (NS_WARN_IF(!ssm)) {
|
|
DispatchToInitiatingThread(NS_ERROR_ILLEGAL_DURING_SHUTDOWN);
|
|
return;
|
|
}
|
|
|
|
#ifdef DEBUG
|
|
// Sanity check principal origin by using it to construct a URI and security
|
|
// checking it. Don't do this for the system principal, though, as its origin
|
|
// is a synthetic [System Principal] string.
|
|
if (!ssm->IsSystemPrincipal(principal)) {
|
|
nsAutoCString origin;
|
|
rv = principal->GetOrigin(getter_Copies(origin));
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
DispatchToInitiatingThread(rv);
|
|
return;
|
|
}
|
|
nsCOMPtr<nsIURI> uri;
|
|
rv = NS_NewURI(getter_AddRefs(uri), origin);
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
DispatchToInitiatingThread(rv);
|
|
return;
|
|
}
|
|
rv = principal->CheckMayLoad(uri, false, false);
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
DispatchToInitiatingThread(rv);
|
|
return;
|
|
}
|
|
}
|
|
#endif
|
|
|
|
rv = ManagerId::Create(principal, getter_AddRefs(mManagerId));
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
DispatchToInitiatingThread(rv);
|
|
return;
|
|
}
|
|
|
|
DispatchToInitiatingThread(NS_OK);
|
|
}
|
|
|
|
void
|
|
PrincipalVerifier::CompleteOnInitiatingThread()
|
|
{
|
|
AssertIsOnBackgroundThread();
|
|
ListenerList::ForwardIterator iter(mListenerList);
|
|
while (iter.HasMore()) {
|
|
iter.GetNext()->OnPrincipalVerified(mResult, mManagerId);
|
|
}
|
|
|
|
// The listener must clear its reference in OnPrincipalVerified()
|
|
MOZ_ASSERT(mListenerList.IsEmpty());
|
|
}
|
|
|
|
void
|
|
PrincipalVerifier::DispatchToInitiatingThread(nsresult aRv)
|
|
{
|
|
MOZ_ASSERT(NS_IsMainThread());
|
|
|
|
mResult = aRv;
|
|
|
|
// The Cache ShutdownObserver does not track all principal verifiers, so we
|
|
// cannot ensure this always succeeds. Instead, simply warn on failures.
|
|
// This will result in a new CacheStorage object delaying operations until
|
|
// shutdown completes and the browser goes away. This is as graceful as
|
|
// we can get here.
|
|
nsresult rv = mInitiatingThread->Dispatch(this, nsIThread::DISPATCH_NORMAL);
|
|
if (NS_FAILED(rv)) {
|
|
NS_WARNING("Cache unable to complete principal verification due to shutdown.");
|
|
}
|
|
}
|
|
|
|
} // namesapce cache
|
|
} // namespace dom
|
|
} // namespace mozilla
|