mirror of
https://github.com/roytam1/palemoon27.git
synced 2026-05-26 14:30:27 +00:00
roytam1
be191f3772
- Bug 1153939 - Avoid a race condition with setting nsBaseWidgets WidgetShutdownObserver widget pointer to null. Fixes a crash in nsBaseWidget::DestroyCompositor(). r=roc (342dfa066) - Bug 1153570 - Remove AutoUseBasicLayerManager, which has been unused since 78b90e6c491b (bug 676241 part 3). r=mstange (0e9184271) - Bug 1158284 - Utility in gfxPlatform to check for safe mode, lazier computation if we should accelerate and random cleanup of prefs usage. r=botond (3ca893900) - Bug 1154739 - Rename flag to be more general. r=billm (c17156078) - Bug 1154739 - On desktop platforms, only enable APZ in e10s windows. r=dvander,mstange (339d0fa64) - remove auxclick event (54cbbdad2) - more AUXCLICK remove (8a76b76ed) - on drag exist is not idl (6c6a3d6c6) - fix typo (a62de38d6) - reinstantiate mouse events in PostHandle (387c3dd5b) - Bug 1158425 - Rename _SYNTH event names. r=smaug (913a0f0d2) - Bug 1136478 - Fire pagehide / pageshow events in content after swapping remote frame loaders. r=smaug. (f60d5955e) - Bug 1083361 - Exposing a PromiseDebugging API to monitor uncaught DOM Promise. r=bz (a4d9a44e8) - Bug 1058695 - Add member to nsIGlobalObject to detect it is going away. Make promises use it. r=bholley (8f77dbc4e) - Bug 1156875 - patch 1 - URL.createObjectURL leaks in JS sandbox, r=bholley (f3a68da2c) - Bug 1156875 - patch 2 - Unify the registration of blob URIs in WorkerPrivate and nsIGlobalObject, r=bent (66218f13a) - Bug 1156875 - patch 3 - nsIGlobalObject members correctly ordered in the header file, r=bz (4936f05a6) - Bug 1148033 - BroadcastChannel API should rispect the B2G app sandboxes, r=ehsan (d856835b9) - Bug 1151480 - Correct check of the BroadcastChannel origin in b2g, r=ehsan (375f85fda) - Bug 1161507 - BroadcastChannel should use origin+appId+IsInBrowserElement as key in b2g, r=sicking (5da9b5d1d) - Bug 1144298 - Eliminate gratuitous gotos from Directory::RemoveInternal(). r=baku (055a8e240) - Bug 1134309 - Fix slice handling when the first access is from a remote input stream, r=khuey. (62ceb80a7) - Bug 1151597 - Step 0: Move IPC memory report generation number to parent-side actor. r=erahm (c1a49e2e1) - Bug 1151597 - Step 1: Change memory reporting IPC to send one report per message. r=erahm (4797c3914) - Bug 1151597 - Step 2: Don't start child process memory reports until parent is finished. r=erahm (d6df516b3) - Bug 1088070 - Rename nsPrintingPromptServiceProxy to nsPrintingProxy. r=smaug. (7925069ae) - Bug 1088070 - Move saving nsIPrintSettings after a print job to browser-content.js. r=Mossop. (9e7926158) - Bug 1088070 - Instantiate print settings from the content process ins…tead of the parent. r=Mossop. (9152d5cef) - Bug 1088070 - If saving print settings in the content process, proxy to the parent. r=smaug. (bc9e928ef) - Bug 1129315 - require app processes update permissions after forked from nuwa. r=jdm (5333979c8) - Bug 1069643 - Remove always failing call to GetCPOWManager from ContentChild::Init. r=billm a=ryanvm (1e9c9b72f) - Bug 1110911 - Move Mac sandboxing code into plugin-container. r=cpearce,areinald,jld (f1830d72f) - Bug 1149483: Change content sandbox level 1 to a working low integrity sandbox. r=tabraldes, r=billm (52e60db87)
125 lines
3.4 KiB
C++
125 lines
3.4 KiB
C++
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#include "mozilla/ipc/IOThreadChild.h"
|
|
|
|
#include "ContentProcess.h"
|
|
|
|
#if defined(XP_WIN) && defined(MOZ_CONTENT_SANDBOX)
|
|
#include "mozilla/Preferences.h"
|
|
#include "nsDirectoryService.h"
|
|
#include "nsDirectoryServiceDefs.h"
|
|
#endif
|
|
|
|
using mozilla::ipc::IOThreadChild;
|
|
|
|
namespace mozilla {
|
|
namespace dom {
|
|
|
|
#if defined(XP_WIN) && defined(MOZ_CONTENT_SANDBOX)
|
|
static already_AddRefed<nsIFile>
|
|
GetLowIntegrityTemp()
|
|
{
|
|
MOZ_ASSERT(nsDirectoryService::gService,
|
|
"GetLowIntegrityTemp relies on nsDirectoryService being initialized");
|
|
|
|
// A low integrity temp only currently makes sense for sandbox pref level 1.
|
|
if (Preferences::GetInt("security.sandbox.content.level") != 1) {
|
|
return nullptr;
|
|
}
|
|
|
|
nsCOMPtr<nsIFile> lowIntegrityTemp;
|
|
nsresult rv = nsDirectoryService::gService->Get(NS_WIN_LOW_INTEGRITY_TEMP,
|
|
NS_GET_IID(nsIFile),
|
|
getter_AddRefs(lowIntegrityTemp));
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
return nullptr;
|
|
}
|
|
|
|
return lowIntegrityTemp.forget();
|
|
}
|
|
|
|
static void
|
|
SetUpSandboxEnvironment()
|
|
{
|
|
MOZ_ASSERT(nsDirectoryService::gService,
|
|
"SetUpSandboxEnvironment relies on nsDirectoryService being initialized");
|
|
|
|
// Setup to use a low integrity temp if available.
|
|
nsCOMPtr<nsIFile> lowIntegrityTemp = GetLowIntegrityTemp();
|
|
if (!lowIntegrityTemp) {
|
|
return;
|
|
}
|
|
|
|
// Undefine returns a failure if the property is not already set.
|
|
unused << nsDirectoryService::gService->Undefine(NS_OS_TEMP_DIR);
|
|
nsresult rv = nsDirectoryService::gService->Set(NS_OS_TEMP_DIR, lowIntegrityTemp);
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
return;
|
|
}
|
|
|
|
// Set TEMP and TMP environment variables.
|
|
nsAutoString lowIntegrityTempPath;
|
|
rv = lowIntegrityTemp->GetPath(lowIntegrityTempPath);
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
return;
|
|
}
|
|
|
|
bool setOK = SetEnvironmentVariableW(L"TEMP", lowIntegrityTempPath.get());
|
|
NS_WARN_IF_FALSE(setOK, "Failed to set TEMP to low integrity temp path");
|
|
setOK = SetEnvironmentVariableW(L"TMP", lowIntegrityTempPath.get());
|
|
NS_WARN_IF_FALSE(setOK, "Failed to set TMP to low integrity temp path");
|
|
}
|
|
|
|
static void
|
|
CleanUpSandboxEnvironment()
|
|
{
|
|
// Remove low integrity temp if it exists.
|
|
nsCOMPtr<nsIFile> lowIntegrityTemp = GetLowIntegrityTemp();
|
|
if (!lowIntegrityTemp) {
|
|
return;
|
|
}
|
|
|
|
// Don't check the return value as the directory will only have been created
|
|
// if it has been used.
|
|
unused << lowIntegrityTemp->Remove(/* aRecursive */ true);
|
|
}
|
|
#endif
|
|
|
|
void
|
|
ContentProcess::SetAppDir(const nsACString& aPath)
|
|
{
|
|
mXREEmbed.SetAppDir(aPath);
|
|
}
|
|
|
|
bool
|
|
ContentProcess::Init()
|
|
{
|
|
mContent.Init(IOThreadChild::message_loop(),
|
|
ParentPid(),
|
|
IOThreadChild::channel());
|
|
mXREEmbed.Start();
|
|
mContent.InitXPCOM();
|
|
|
|
#if defined(XP_WIN) && defined(MOZ_CONTENT_SANDBOX)
|
|
SetUpSandboxEnvironment();
|
|
#endif
|
|
|
|
return true;
|
|
}
|
|
|
|
void
|
|
ContentProcess::CleanUp()
|
|
{
|
|
#if defined(XP_WIN) && defined(MOZ_CONTENT_SANDBOX)
|
|
CleanUpSandboxEnvironment();
|
|
#endif
|
|
mXREEmbed.Stop();
|
|
}
|
|
|
|
} // namespace dom
|
|
} // namespace mozilla
|