Browse Source

import changes from `dev' branch of rmottola/Arctic-Fox:

- Bug 1165272 - Part 1: Remove getAppCodebasePrincipal. r=bholley (6ed136eaee)
pull/8/head
roytam1 3 months ago
parent
commit
643393b1a3
  1. 7
      b2g/components/AboutServiceWorkers.jsm
  2. 6
      b2g/components/ContentPermissionPrompt.js
  3. 10
      caps/nsIScriptSecurityManager.idl
  4. 18
      docshell/base/nsDocShell.cpp
  5. 6
      dom/apps/AppsUtils.jsm
  6. 4
      dom/apps/OfflineCacheInstaller.jsm
  7. 2
      dom/apps/ScriptPreloader.jsm
  8. 8
      dom/apps/Webapps.jsm
  9. 17
      dom/base/nsGlobalWindow.cpp
  10. 12
      dom/browser-element/BrowserElementParent.js
  11. 10
      dom/browser-element/mochitest/browserElement_Auth.js
  12. 19
      dom/datastore/DataStoreService.cpp
  13. 25
      dom/indexedDB/ActorsParent.cpp
  14. 5
      dom/indexedDB/test/unit/test_defaultStorageUpgrade.js
  15. 18
      dom/ipc/AppProcessChecker.cpp
  16. 16
      dom/ipc/TabChild.cpp
  17. 5
      dom/payment/Payment.jsm
  18. 15
      dom/permission/PermissionSettings.js
  19. 12
      dom/permission/PermissionSettings.jsm
  20. 8
      dom/quota/QuotaManager.cpp
  21. 12
      extensions/cookie/nsPermissionManager.cpp
  22. 15
      extensions/cookie/test/test_app_uninstall_permissions.html
  23. 3
      extensions/cookie/test/unit/test_permmanager_cleardata.js
  24. 11
      ipc/glue/BackgroundUtils.cpp
  25. 15
      netwerk/cookie/CookieServiceParent.cpp
  26. 22
      netwerk/protocol/http/HttpChannelParent.cpp
  27. 6
      netwerk/test/unit/test_auth_jar.js
  28. 2
      services/fxaccounts/tests/xpcshell/test_manager.js
  29. 4
      services/mobileid/MobileIdentityManager.jsm
  30. 6
      services/mobileid/tests/xpcshell/head.js
  31. 10
      testing/marionette/driver/marionette_driver/marionette.py
  32. 7
      testing/mochitest/tests/Harness_sanity/test_bug816847.html
  33. 4
      testing/specialpowers/content/SpecialPowersObserverAPI.js
  34. 12
      uriloader/prefetch/OfflineCacheUpdateParent.cpp

7
b2g/components/AboutServiceWorkers.jsm

@ -154,11 +154,10 @@ this.AboutServiceWorkers = {
return;
}
let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
// TODO: Bug 1196652. use originNoSuffix
Services.io.newURI(message.principal.origin, null, null),
message.principal.originAttributes.appId,
message.principal.originAttributes.inBrowser
);
message.principal.originAttributes);
if (!message.scope) {
self.sendError(message.id, "MissingScope");

6
b2g/components/ContentPermissionPrompt.js

@ -205,9 +205,9 @@ ContentPermissionPrompt.prototype = {
// URL.
let notDenyAppPrincipal = function(type) {
let url = Services.io.newURI(app.origin, null, null);
let principal = secMan.getAppCodebasePrincipal(url,
request.principal.appId,
/*mozbrowser*/false);
let principal =
secMan.createCodebasePrincipal(url,
{appId: request.principal.appId});
let result = Services.perms.testExactPermissionFromPrincipal(principal,
type.access);

10
caps/nsIScriptSecurityManager.idl

@ -26,7 +26,7 @@ class DomainPolicyClone;
[ptr] native JSObjectPtr(JSObject);
[ptr] native DomainPolicyClonePtr(mozilla::dom::DomainPolicyClone);
[scriptable, uuid(9a8f0b70-6b9f-4e19-8885-7cfe24f4a42d)]
[scriptable, uuid(73f92674-f59d-4c9b-a9b5-f7a3ae8ffa98)]
interface nsIScriptSecurityManager : nsISupports
{
/**
@ -150,10 +150,12 @@ interface nsIScriptSecurityManager : nsISupports
* @param appId is the app id of the principal. It can't be UNKNOWN_APP_ID.
* @param inMozBrowser is true if the principal has to be considered as
* inside a mozbrowser frame.
*
* @deprecated use createCodebasePrincipal instead.
*/
nsIPrincipal getAppCodebasePrincipal(in nsIURI uri,
in unsigned long appId,
in boolean inMozBrowser);
[deprecated] nsIPrincipal getAppCodebasePrincipal(in nsIURI uri,
in unsigned long appId,
in boolean inMozBrowser);
/**
* Returns a principal that has the appId and inMozBrowser of the load

18
docshell/base/nsDocShell.cpp

@ -11,6 +11,7 @@
#include "mozilla/ArrayUtils.h"
#include "mozilla/Attributes.h"
#include "mozilla/AutoRestore.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/Casting.h"
#include "mozilla/dom/ContentChild.h"
#include "mozilla/dom/Element.h"
@ -9527,9 +9528,6 @@ nsDocShell::CreatePrincipalFromReferrer(nsIURI* aReferrer,
nsIPrincipal** aResult)
{
nsresult rv;
nsCOMPtr<nsIScriptSecurityManager> secMan =
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
NS_ENSURE_SUCCESS(rv, rv);
uint32_t appId;
rv = GetAppId(&appId);
@ -9537,12 +9535,14 @@ nsDocShell::CreatePrincipalFromReferrer(nsIURI* aReferrer,
bool isInBrowserElement;
rv = GetIsInBrowserElement(&isInBrowserElement);
NS_ENSURE_SUCCESS(rv, rv);
rv = secMan->GetAppCodebasePrincipal(aReferrer,
appId,
isInBrowserElement,
aResult);
NS_ENSURE_SUCCESS(rv, rv);
return NS_OK;
// TODO: Bug 1165466 - Pass mOriginAttributes directly.
OriginAttributes attrs(appId, isInBrowserElement);
nsCOMPtr<nsIPrincipal> prin =
BasePrincipal::CreateCodebasePrincipal(aReferrer, attrs);
prin.forget(aResult);
return *aResult ? NS_OK : NS_ERROR_FAILURE;
}
NS_IMETHODIMP

6
dom/apps/AppsUtils.jsm

@ -70,11 +70,9 @@ mozIApplication.prototype = {
this._principal = null;
try {
this._principal = Services.scriptSecurityManager.getAppCodebasePrincipal(
this._principal = Services.scriptSecurityManager.createCodebasePrincipal(
Services.io.newURI(this.origin, null, null),
this.localId,
false /* mozbrowser */
);
{appId: this.localId});
} catch(e) {
dump("Could not create app principal " + e + "\n");
}

4
dom/apps/OfflineCacheInstaller.jsm

@ -228,8 +228,8 @@ function installCache(app) {
if (!cacheManifest.exists())
return;
let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(
app.origin, app.localId, false);
let principal =
Services.scriptSecurityManager.createCodebasePrincipal(app.origin, {appId: aApp.localId});
// If the build has been correctly configured, this should not happen!
// If we install the cache anyway, it won't be updateable. If we don't install

2
dom/apps/ScriptPreloader.jsm

@ -40,7 +40,7 @@ this.ScriptPreloader = {
let toLoad = aManifest.precompile.length;
let principal =
Services.scriptSecurityManager
.getAppCodebasePrincipal(origin, aApp.localId, false);
.createCodebasePrincipal(origin, {appId: aApp.localId});
aManifest.precompile.forEach((aPath) => {
let uri = Services.io.newURI(aPath, null, origin);

8
dom/apps/Webapps.jsm

@ -813,8 +813,7 @@ this.DOMApplicationRegistry = {
let uri = Services.io.newURI(aOrigin, null, null);
let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"]
.getService(Ci.nsIScriptSecurityManager);
let principal = secMan.getAppCodebasePrincipal(uri, aId,
/*mozbrowser*/ false);
let principal = secMan.createCodebasePrincipal(uri, {appId: aId});
if (!dataStoreService.checkPermission(principal)) {
return;
}
@ -3348,8 +3347,9 @@ this.DOMApplicationRegistry = {
let requestChannel;
let appURI = NetUtil.newURI(aNewApp.origin, null, null);
let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(
appURI, aNewApp.localId, false);
let principal =
Services.scriptSecurityManager.createCodebasePrincipal(appURI,
{appId: aNewApp.localId});
if (aIsLocalFileInstall) {
requestChannel = NetUtil.newChannel({

17
dom/base/nsGlobalWindow.cpp

@ -97,7 +97,6 @@
#include "nsThreadUtils.h"
#include "nsILoadContext.h"
#include "nsIPresShell.h"
#include "nsIScriptSecurityManager.h"
#include "nsIScrollableFrame.h"
#include "nsView.h"
#include "nsViewManager.h"
@ -194,6 +193,7 @@
#include "nsRefreshDriver.h"
#include "mozilla/AddonPathService.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/Services.h"
#include "mozilla/Telemetry.h"
#include "nsLocation.h"
@ -258,6 +258,8 @@ static const char kStorageEnabled[] = "dom.storage.enabled";
using namespace mozilla;
using namespace mozilla::dom;
using namespace mozilla::dom::ipc;
using mozilla::BasePrincipal;
using mozilla::OriginAttributes;
using mozilla::TimeStamp;
using mozilla::TimeDuration;
using mozilla::dom::cache::CacheStorage;
@ -8311,21 +8313,14 @@ nsGlobalWindow::PostMessageMozOuter(JSContext* aCx, JS::Handle<JS::Value> aMessa
return;
}
nsCOMPtr<nsIScriptSecurityManager> ssm =
nsContentUtils::GetSecurityManager();
MOZ_ASSERT(ssm);
nsCOMPtr<nsIPrincipal> principal = nsContentUtils::SubjectPrincipal();
MOZ_ASSERT(principal);
uint32_t appId = principal->GetAppId();
bool isInBrowser = principal->GetIsInBrowserElement();
OriginAttributes attrs = BasePrincipal::Cast(principal)->OriginAttributesRef();
// Create a nsIPrincipal inheriting the app/browser attributes from the
// caller.
nsresult rv = ssm->GetAppCodebasePrincipal(originURI, appId, isInBrowser,
getter_AddRefs(providedPrincipal));
if (NS_WARN_IF(NS_FAILED(rv))) {
providedPrincipal = BasePrincipal::CreateCodebasePrincipal(originURI, attrs);
if (NS_WARN_IF(!providedPrincipal)) {
return;
}
}

12
dom/browser-element/BrowserElementParent.js

@ -820,14 +820,16 @@ BrowserElementParent.prototype = {
catch(e) {
debug('Malformed referrer -- ' + e);
}
// TODO Bug 1165466: use originAttributes from nsILoadContext.
let attrs = {appId: this._frameLoader.loadContext.appId,
inBrowser: this._frameLoader.loadContext.isInBrowserElement};
// This simply returns null if there is no principal available
// for the requested uri. This is an acceptable fallback when
// calling newChannelFromURI2.
principal =
Services.scriptSecurityManager.getAppCodebasePrincipal(
referrer,
this._frameLoader.loadContext.appId,
this._frameLoader.loadContext.isInBrowserElement);
principal =
Services.scriptSecurityManager.createCodebasePrincipal(
referrer, attrs);
}
debug('Using principal? ' + !!principal);

10
dom/browser-element/mochitest/browserElement_Auth.js

@ -89,15 +89,17 @@ function testAuthJarNoInterfere(e) {
// Set a bunch of auth data that should not conflict with the correct auth data already
// stored in the cache.
var principal = secMan.getAppCodebasePrincipal(uri, 1, false);
var attrs = {appId: 1};
var principal = secMan.createCodebasePrincipal(uri, attrs);
authMgr.setAuthIdentity('http', 'test', -1, 'basic', 'http_realm',
'tests/dom/browser-element/mochitest/file_http_401_response.sjs',
'', 'httpuser', 'wrongpass', false, principal);
principal = secMan.getAppCodebasePrincipal(uri, 1, true);
attrs = {appId: 1, inBrowser: true};
principal = secMan.createCodebasePrincipal(uri, attrs);
authMgr.setAuthIdentity('http', 'test', -1, 'basic', 'http_realm',
'tests/dom/browser-element/mochitest/file_http_401_response.sjs',
'', 'httpuser', 'wrongpass', false, principal);
principal = secMan.getAppCodebasePrincipal(uri, secMan.NO_APP_ID, false);
principal = secMan.createCodebasePrincipal(uri, {});
authMgr.setAuthIdentity('http', 'test', -1, 'basic', 'http_realm',
'tests/dom/browser-element/mochitest/file_http_401_response.sjs',
'', 'httpuser', 'wrongpass', false, principal);
@ -127,7 +129,7 @@ function testAuthJarInterfere(e) {
var uri = ioService.newURI("http://test/tests/dom/browser-element/mochitest/file_http_401_response.sjs", null, null);
// Set some auth data that should overwrite the successful stored details.
var principal = secMan.getAppCodebasePrincipal(uri, secMan.NO_APP_ID, true);
var principal = secMan.createCodebasePrincipal(uri, {inBrowser: true});
authMgr.setAuthIdentity('http', 'test', -1, 'basic', 'http_realm',
'tests/dom/browser-element/mochitest/file_http_401_response.sjs',
'', 'httpuser', 'wrongpass', false, principal);

19
dom/datastore/DataStoreService.cpp

@ -14,6 +14,7 @@
#include "mozilla/dom/DataStoreImplBinding.h"
#include "nsIDataStore.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/Preferences.h"
#include "mozilla/Services.h"
#include "mozilla/StaticPtr.h"
@ -56,6 +57,9 @@
return NS_ERROR_FAILURE; \
}
using mozilla::BasePrincipal;
using mozilla::OriginAttributes;
namespace mozilla {
namespace dom {
@ -213,17 +217,10 @@ ResetPermission(uint32_t aAppId, const nsAString& aOriginURL,
return rv;
}
nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
if (!ssm) {
return NS_ERROR_FAILURE;
}
nsCOMPtr<nsIPrincipal> principal;
rv = ssm->GetAppCodebasePrincipal(uri, aAppId, false,
getter_AddRefs(principal));
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}
OriginAttributes attrs(aAppId, false);
nsCOMPtr<nsIPrincipal> principal =
BasePrincipal::CreateCodebasePrincipal(uri, attrs);
NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE);
nsCOMPtr<nsIPermissionManager> pm =
do_GetService(NS_PERMISSIONMANAGER_CONTRACTID);

25
dom/indexedDB/ActorsParent.cpp

@ -18638,12 +18638,6 @@ FactoryOp::CheckAtLeastOneAppHasPermission(ContentParent* aContentParent,
return false;
}
nsCOMPtr<nsIScriptSecurityManager> secMan =
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID);
if (NS_WARN_IF(!secMan)) {
return false;
}
nsCOMPtr<nsIPermissionManager> permMan =
mozilla::services::GetPermissionManager();
if (NS_WARN_IF(!permMan)) {
@ -18666,24 +18660,9 @@ FactoryOp::CheckAtLeastOneAppHasPermission(ContentParent* aContentParent,
return false;
}
nsString origin;
rv = app->GetOrigin(origin);
if (NS_WARN_IF(NS_FAILED(rv))) {
return false;
}
nsCOMPtr<nsIURI> uri;
rv = NS_NewURI(getter_AddRefs(uri), origin, nullptr, nullptr, ioService);
if (NS_WARN_IF(NS_FAILED(rv))) {
return false;
}
nsCOMPtr<nsIPrincipal> principal;
rv = secMan->GetAppCodebasePrincipal(uri, appId, false,
getter_AddRefs(principal));
if (NS_WARN_IF(NS_FAILED(rv))) {
return false;
}
app->GetPrincipal(getter_AddRefs(principal));
NS_ENSURE_TRUE(principal, false);
uint32_t permission;
rv = permMan->TestExactPermissionFromPrincipal(principal,

5
dom/indexedDB/test/unit/test_defaultStorageUpgrade.js

@ -92,8 +92,9 @@ function testSteps()
let uri = ios.newURI(params.url, null, null);
let principal;
if ("appId" in params) {
principal = ssm.getAppCodebasePrincipal(uri, params.appId,
params.inMozBrowser);
principal =
ssm.createCodebasePrincipal(uri, {appId: params.appId,
inBrowser: params.inMozBrowser});
} else {
principal = ssm.getNoAppCodebasePrincipal(uri);
}

18
dom/ipc/AppProcessChecker.cpp

@ -12,7 +12,6 @@
#include "mozilla/hal_sandbox/PHalParent.h"
#include "nsIAppsService.h"
#include "nsIPrincipal.h"
#include "nsIScriptSecurityManager.h"
#include "nsPrintfCString.h"
#include "nsIURI.h"
#include "nsNetUtil.h"
@ -232,21 +231,10 @@ GetAppPrincipal(uint32_t aAppId)
nsresult rv = appsService->GetAppByLocalId(aAppId, getter_AddRefs(app));
NS_ENSURE_SUCCESS(rv, nullptr);
nsString origin;
rv = app->GetOrigin(origin);
NS_ENSURE_SUCCESS(rv, nullptr);
nsCOMPtr<nsIURI> uri;
NS_NewURI(getter_AddRefs(uri), origin);
nsCOMPtr<nsIPrincipal> principal;
app->GetPrincipal(getter_AddRefs(principal));
nsCOMPtr<nsIScriptSecurityManager> secMan =
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID);
nsCOMPtr<nsIPrincipal> appPrincipal;
rv = secMan->GetAppCodebasePrincipal(uri, aAppId, false,
getter_AddRefs(appPrincipal));
NS_ENSURE_SUCCESS(rv, nullptr);
return appPrincipal.forget();
return principal.forget();
}
uint32_t

16
dom/ipc/TabChild.cpp

@ -1594,23 +1594,15 @@ TabChild::MaybeRequestPreinitCamera()
return;
}
nsString manifestUrl = EmptyString();
appsService->GetManifestURLByLocalId(OwnAppId(), manifestUrl);
nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager();
if (NS_WARN_IF(!secMan)) {
return;
}
nsCOMPtr<nsIURI> uri;
nsresult rv = NS_NewURI(getter_AddRefs(uri), manifestUrl);
nsCOMPtr<mozIApplication> app;
nsresult rv = appsService->GetAppByLocalId(OwnAppId(), getter_AddRefs(app));
if (NS_WARN_IF(NS_FAILED(rv))) {
return;
}
nsCOMPtr<nsIPrincipal> principal;
rv = secMan->GetAppCodebasePrincipal(uri, OwnAppId(), false,
getter_AddRefs(principal));
if (NS_WARN_IF(NS_FAILED(rv))) {
app->GetPrincipal(getter_AddRefs(principal));
if (NS_WARN_IF(!principal)) {
return;
}

5
dom/payment/Payment.jsm

@ -236,8 +236,9 @@ let PaymentManager = {
if (systemAppId != Ci.nsIScriptSecurityManager.NO_APP_ID) {
this.LOG("Granting firefox-accounts permission to " + provider.uri);
let uri = Services.io.newURI(provider.uri, null, null);
let principal = Services.scriptSecurityManager
.getAppCodebasePrincipal(uri, systemAppId, true);
let attrs = {appId: systemAppId, inBrowser: true};
let principal =
Services.scriptSecurityManager.createCodebasePrincipal(uri, attrs);
Services.perms.addFromPrincipal(principal, "firefox-accounts",
Ci.nsIPermissionManager.ALLOW_ACTION,

15
dom/permission/PermissionSettings.js

@ -35,10 +35,14 @@ XPCOMUtils.defineLazyServiceGetter(this,
PermissionSettings.prototype = {
get: function get(aPermName, aManifestURL, aOrigin, aBrowserFlag) {
// TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.js
debug("Get called with: " + aPermName + ", " + aManifestURL + ", " + aOrigin + ", " + aBrowserFlag);
let uri = Services.io.newURI(aOrigin, null, null);
let appID = appsService.getAppLocalIdByManifestURL(aManifestURL);
let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, appID, aBrowserFlag);
let principal =
Services.scriptSecurityManager.createCodebasePrincipal(uri,
{appId: appID,
inBrowser: aBrowserFlag});
let result = Services.perms.testExactPermanentPermission(principal, aPermName);
switch (result)
@ -59,11 +63,12 @@ PermissionSettings.prototype = {
isExplicit: function isExplicit(aPermName, aManifestURL, aOrigin,
aBrowserFlag) {
// TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.js
debug("isExplicit: " + aPermName + ", " + aManifestURL + ", " + aOrigin);
let uri = Services.io.newURI(aOrigin, null, null);
let app = appsService.getAppByManifestURL(aManifestURL);
let principal = Services.scriptSecurityManager
.getAppCodebasePrincipal(uri, app.localId, aBrowserFlag);
.createCodebasePrincipal(uri, {appId: app.localId, inBrowser: aBrowserFlag});
return isExplicitInPermissionsTable(aPermName,
principal.appStatus,
@ -99,9 +104,13 @@ PermissionSettings.prototype = {
},
remove: function remove(aPermName, aManifestURL, aOrigin) {
// TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.js
let uri = Services.io.newURI(aOrigin, null, null);
let appID = appsService.getAppLocalIdByManifestURL(aManifestURL);
let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, appID, true);
let principal =
Services.scriptSecurityManager.createCodebasePrincipal(uri,
{appId: appID,
inBrowser: true});
if (principal.appStatus !== Ci.nsIPrincipal.APP_STATUS_NOT_INSTALLED) {
let errorMsg = "PermissionSettings.js: '" + aOrigin + "'" +

12
dom/permission/PermissionSettings.jsm

@ -67,9 +67,13 @@ this.PermissionSettingsModule = {
_internalAddPermission: function _internalAddPermission(aData, aAllowAllChanges, aCallbacks) {
// TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.jsm
let uri = Services.io.newURI(aData.origin, null, null);
let app = appsService.getAppByManifestURL(aData.manifestURL);
let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, app.localId, aData.browserFlag);
let principal =
Services.scriptSecurityManager.createCodebasePrincipal(uri,
{appId: app.localId,
inBrowser: aData.browserFlag});
let action;
switch (aData.value)
@ -103,10 +107,14 @@ this.PermissionSettingsModule = {
},
getPermission: function getPermission(aPermName, aManifestURL, aOrigin, aBrowserFlag) {
// TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.jsm
debug("getPermission: " + aPermName + ", " + aManifestURL + ", " + aOrigin);
let uri = Services.io.newURI(aOrigin, null, null);
let appID = appsService.getAppLocalIdByManifestURL(aManifestURL);
let principal = Services.scriptSecurityManager.getAppCodebasePrincipal(uri, appID, aBrowserFlag);
let principal =
Services.scriptSecurityManager.createCodebasePrincipal(uri,
{appId: appID,
inBrowser: aBrowserFlag});
let result = Services.perms.testExactPermissionFromPrincipal(principal, aPermName);
switch (result)

8
dom/quota/QuotaManager.cpp

@ -27,6 +27,7 @@
#include <algorithm>
#include "GeckoProfiler.h"
#include "mozilla/Atomics.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/CondVar.h"
#include "mozilla/dom/PContent.h"
#include "mozilla/dom/asmjscache/AsmJSCache.h"
@ -5305,10 +5306,9 @@ StorageDirectoryHelper::RunOnMainThread()
rv = secMan->GetSimpleCodebasePrincipal(uri,
getter_AddRefs(principal));
} else {
rv = secMan->GetAppCodebasePrincipal(uri,
originProps.mAppId,
originProps.mInMozBrowser,
getter_AddRefs(principal));
OriginAttributes attrs(originProps.mAppId, originProps.mInMozBrowser);
principal = BasePrincipal::CreateCodebasePrincipal(uri, attrs);
rv = principal ? NS_OK : NS_ERROR_FAILURE;
}
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;

12
extensions/cookie/nsPermissionManager.cpp

@ -36,6 +36,7 @@
#include "nsIDocument.h"
#include "mozilla/net/NeckoMessageUtils.h"
#include "mozilla/Preferences.h"
#include "mozilla/BasePrincipal.h"
#include "nsReadLine.h"
#include "mozilla/Telemetry.h"
#include "nsIConsoleService.h"
@ -104,9 +105,6 @@ nsresult
GetPrincipal(const nsACString& aHost, uint32_t aAppId, bool aIsInBrowserElement,
nsIPrincipal** aPrincipal)
{
nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager();
NS_ENSURE_TRUE(secMan, NS_ERROR_FAILURE);
nsCOMPtr<nsIURI> uri;
nsresult rv = NS_NewURI(getter_AddRefs(uri), aHost);
if (NS_FAILED(rv)) {
@ -123,7 +121,13 @@ GetPrincipal(const nsACString& aHost, uint32_t aAppId, bool aIsInBrowserElement,
NS_ENSURE_SUCCESS(rv, rv);
}
return secMan->GetAppCodebasePrincipal(uri, aAppId, aIsInBrowserElement, aPrincipal);
// TODO: Bug 1165267 - Use OriginAttributes for nsCookieService
mozilla::OriginAttributes attrs(aAppId, aIsInBrowserElement);
nsCOMPtr<nsIPrincipal> principal = mozilla::BasePrincipal::CreateCodebasePrincipal(uri, attrs);
NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE);
principal.forget(aPrincipal);
return NS_OK;
}
nsresult

15
extensions/cookie/test/test_app_uninstall_permissions.html

@ -67,19 +67,22 @@ function onInstall() {
var currentPermissionCount = getPermissionCountForApp(-1);
var principal = secMan.getAppCodebasePrincipal(ioService.newURI("http://www.example.com", null, null),
testAppId, false);
var attrs = {appId: testAppId};
var principal = secMan.createCodebasePrincipal(ioService.newURI("http://www.example.com", null, null),
attrs);
permManager.addFromPrincipal(principal, "foobar", Ci.nsIPermissionManager.ALLOW_ACTION);
permManager.addFromPrincipal(principal, "foo", Ci.nsIPermissionManager.DENY_ACTION);
permManager.addFromPrincipal(principal, "bar", Ci.nsIPermissionManager.ALLOW_ACTION, Ci.nsIPermissionManager.EXPIRE_SESSION, 0);
principal = secMan.getAppCodebasePrincipal(ioService.newURI("http://www.example.com", null, null),
testAppId, true);
attrs = {appId: testAppId, inBrowser: true};
principal = secMan.createCodebasePrincipal(ioService.newURI("http://www.example.com", null, null),
attrs);
permManager.addFromPrincipal(principal, "foobar", Ci.nsIPermissionManager.ALLOW_ACTION);
principal = secMan.getAppCodebasePrincipal(ioService.newURI("http://www.example.org", null, null),
testAppId, false);
attrs = {appId: testAppId};
principal = secMan.createCodebasePrincipal(ioService.newURI("http://www.example.org", null, null),
attrs);
permManager.addFromPrincipal(principal, "foobar", Ci.nsIPermissionManager.ALLOW_ACTION);
is(getPermissionCountForApp(testAppId), 5, "App should have 5 permissions");

3
extensions/cookie/test/unit/test_permmanager_cleardata.js

@ -6,7 +6,8 @@ let pm;
// Create a principal based on the { origin, appId, browserElement }.
function createPrincipal(aOrigin, aAppId, aBrowserElement)
{
return Services.scriptSecurityManager.getAppCodebasePrincipal(NetUtil.newURI(aOrigin), aAppId, aBrowserElement);
var attrs = {appId: aAppId, inBrowser: aBrowserElement};
return Services.scriptSecurityManager.createCodebasePrincipal(NetUtil.newURI(aOrigin), attrs);
}
// Return the subject required by 'webapps-clear-data' notification.

11
ipc/glue/BackgroundUtils.cpp

@ -6,6 +6,7 @@
#include "MainThreadUtils.h"
#include "mozilla/Assertions.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/ipc/PBackgroundSharedTypes.h"
#include "mozilla/net/NeckoChannelParams.h"
#include "nsPrincipal.h"
@ -23,6 +24,8 @@ namespace net {
class OptionalLoadInfoArgs;
}
using mozilla::BasePrincipal;
using mozilla::OriginAttributes;
using namespace mozilla::net;
namespace ipc {
@ -77,10 +80,10 @@ PrincipalInfoToPrincipal(const PrincipalInfo& aPrincipalInfo,
if (info.appId() == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
rv = secMan->GetSimpleCodebasePrincipal(uri, getter_AddRefs(principal));
} else {
rv = secMan->GetAppCodebasePrincipal(uri,
info.appId(),
info.isInBrowserElement(),
getter_AddRefs(principal));
// TODO: Bug 1167100 - User nsIPrincipal.originAttribute in ContentPrincipalInfo
OriginAttributes attrs(info.appId(), info.isInBrowserElement());
principal = BasePrincipal::CreateCodebasePrincipal(uri, attrs);
rv = principal ? NS_OK : NS_ERROR_FAILURE;
}
if (NS_WARN_IF(NS_FAILED(rv))) {
return nullptr;

15
netwerk/cookie/CookieServiceParent.cpp

@ -7,6 +7,7 @@
#include "mozilla/dom/PContentParent.h"
#include "mozilla/net/NeckoParent.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/ipc/URIUtils.h"
#include "nsCookieService.h"
#include "nsIScriptSecurityManager.h"
@ -16,6 +17,8 @@
#include "SerializedLoadContext.h"
using namespace mozilla::ipc;
using mozilla::BasePrincipal;
using mozilla::OriginAttributes;
using mozilla::dom::PContentParent;
using mozilla::net::NeckoParent;
@ -29,16 +32,16 @@ CreateDummyChannel(nsIURI* aHostURI, uint32_t aAppId, bool aInMozBrowser,
{
MOZ_ASSERT(aAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID);
nsCOMPtr<nsIPrincipal> principal;
nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
nsresult rv = ssm->GetAppCodebasePrincipal(aHostURI, aAppId, aInMozBrowser,
getter_AddRefs(principal));
if (NS_FAILED(rv)) {
// TODO: Bug 1165267 - Use OriginAttributes for nsCookieService
OriginAttributes attrs(aAppId, aInMozBrowser);
nsCOMPtr<nsIPrincipal> principal =
BasePrincipal::CreateCodebasePrincipal(aHostURI, attrs);
if (!principal) {
return;
}
nsCOMPtr<nsIURI> dummyURI;
rv = NS_NewURI(getter_AddRefs(dummyURI), "about:blank");
nsresult rv = NS_NewURI(getter_AddRefs(dummyURI), "about:blank");
if (NS_FAILED(rv)) {
return;
}

22
netwerk/protocol/http/HttpChannelParent.cpp

@ -17,7 +17,6 @@
#include "nsNetUtil.h"
#include "nsISupportsPriority.h"
#include "nsIAuthPromptProvider.h"
#include "nsIScriptSecurityManager.h"
#include "nsSerializationHelper.h"
#include "nsISerializable.h"
#include "nsIAssociatedContentSecurity.h"
@ -34,7 +33,10 @@
#include "mozilla/LoadInfo.h"
#include "nsIHttpHeaderVisitor.h"
#include "nsQueryObject.h"
#include "mozilla/BasePrincipal.h"
using mozilla::BasePrincipal;
using mozilla::OriginAttributes;
using namespace mozilla::dom;
using namespace mozilla::ipc;
@ -464,17 +466,15 @@ HttpChannelParent::DoAsyncOpen( const URIParams& aURI,
mLoadContext->GetIsInBrowserElement(&inBrowser);
}
// TODO: Bug 1165466 - use originAttribute in nsILoadContext.
OriginAttributes attrs(appId, inBrowser);
nsCOMPtr<nsIPrincipal> principal =
BasePrincipal::CreateCodebasePrincipal(uri, attrs);
bool chooseAppCache = false;
nsCOMPtr<nsIScriptSecurityManager> secMan =
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID);
if (secMan) {
nsCOMPtr<nsIPrincipal> principal;
secMan->GetAppCodebasePrincipal(uri, appId, inBrowser, getter_AddRefs(principal));
// This works because we've already called SetNotificationCallbacks and
// done mPBOverride logic by this point.
chooseAppCache = NS_ShouldCheckAppCache(principal, NS_UsePrivateBrowsing(mChannel));
}
// This works because we've already called SetNotificationCallbacks and
// done mPBOverride logic by this point.
chooseAppCache = NS_ShouldCheckAppCache(principal, NS_UsePrivateBrowsing(mChannel));
appCacheChan->SetChooseApplicationCache(chooseAppCache);
}

6
netwerk/test/unit/test_auth_jar.js

@ -13,9 +13,9 @@ function run_test() {
var secMan = Cc["@mozilla.org/scriptsecuritymanager;1"].getService(Ci.nsIScriptSecurityManager);
const kURI1 = "http://example.com";
var app1 = secMan.getAppCodebasePrincipal(createURI(kURI1), 1, false);
var app10 = secMan.getAppCodebasePrincipal(createURI(kURI1), 10, false);
var app1browser = secMan.getAppCodebasePrincipal(createURI(kURI1), 1, true);
var app1 = secMan.createCodebasePrincipal(createURI(kURI1), {appId: 1});
var app10 = secMan.createCodebasePrincipal(createURI(kURI1),{appId: 10});
var app1browser = secMan.createCodebasePrincipal(createURI(kURI1), {appId: 1, inBrowser: true});
var am = Cc["@mozilla.org/network/http-auth-manager;1"].
getService(Ci.nsIHttpAuthManager);

2
services/fxaccounts/tests/xpcshell/test_manager.js

@ -25,7 +25,7 @@ function makePrincipal(origin, appId) {
let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"]
.getService(Ci.nsIScriptSecurityManager);
let uri = Services.io.newURI(origin, null, null);
return secMan.getAppCodebasePrincipal(uri, appId, false);
return secMan.createCodebasePrincipal(uri, {appId: appId});
}
let principal = makePrincipal('app://settings.gaiamobile.org', 27, false);

4
services/mobileid/MobileIdentityManager.jsm

@ -895,9 +895,7 @@ this.MobileIdentityManager = {
getMobileIdAssertion: function(aPrincipal, aPromiseId, aOptions) {
log.debug("getMobileIdAssertion ${}", aPrincipal);
let uri = Services.io.newURI(aPrincipal.origin, null, null);
let principal = securityManager.getAppCodebasePrincipal(
uri, aPrincipal.appId, aPrincipal.isInBrowserElement);
let principal = aPrincipal;
let manifestURL = appsService.getManifestURLByLocalId(aPrincipal.appId);
let permission = permissionManager.testPermissionFromPrincipal(

6
services/mobileid/tests/xpcshell/head.js

@ -125,9 +125,10 @@ function addPermission(aAction) {
let uri = Cc["@mozilla.org/network/io-service;1"]
.getService(Ci.nsIIOService)
.newURI(ORIGIN, null, null);
let attrs = {appId: APP_ID};
let _principal = Cc["@mozilla.org/scriptsecuritymanager;1"]
.getService(Ci.nsIScriptSecurityManager)
.getAppCodebasePrincipal(uri, APP_ID, false);
.createCodebasePrincipal(uri, attrs);
let pm = Cc["@mozilla.org/permissionmanager;1"]
.getService(Ci.nsIPermissionManager);
pm.addFromPrincipal(_principal, MOBILEID_PERM, aAction);
@ -137,9 +138,10 @@ function removePermission() {
let uri = Cc["@mozilla.org/network/io-service;1"]
.getService(Ci.nsIIOService)
.newURI(ORIGIN, null, null);
let attrs = {appId: APP_ID};
let _principal = Cc["@mozilla.org/scriptsecuritymanager;1"]
.getService(Ci.nsIScriptSecurityManager)
.getAppCodebasePrincipal(uri, APP_ID, false);
.createCodebasePrincipal(uri, attrs);
let pm = Cc["@mozilla.org/permissionmanager;1"]
.getService(Ci.nsIPermissionManager);
pm.removeFromPrincipal(_principal, MOBILEID_PERM);

10
testing/marionette/driver/marionette_driver/marionette.py

@ -809,9 +809,10 @@ class Marionette(object):
Components.utils.import("resource://gre/modules/Services.jsm");
let perm = arguments[0];
let secMan = Services.scriptSecurityManager;
let principal = secMan.getAppCodebasePrincipal(
let attrs = {appId: perm.appId, inBrowser: perm.isInBrowserElement};
let principal = secMan.createCodebasePrincipal(
Services.io.newURI(perm.url, null, null),
perm.appId, perm.isInBrowserElement);
attrs);
let testPerm = Services.perms.testPermissionFromPrincipal(
principal, perm.type);
return testPerm;
@ -870,8 +871,9 @@ class Marionette(object):
Components.utils.import("resource://gre/modules/Services.jsm");
let perm = arguments[0];
let secMan = Services.scriptSecurityManager;
let principal = secMan.getAppCodebasePrincipal(Services.io.newURI(perm.url, null, null),
perm.appId, perm.isInBrowserElement);
let attrs = {appId: perm.appId, inBrowser: perm.isInBrowserElement};
let principal = secMan.createCodebasePrincipal(Services.io.newURI(perm.url, null, null),
attrs);
Services.perms.addFromPrincipal(principal, perm.type, perm.action);
return true;
""", script_args=[perm])

7
testing/mochitest/tests/Harness_sanity/test_bug816847.html

@ -36,12 +36,7 @@ const perms = ['network-events', 'geolocation', 'camera', 'alarms']
function createPrincipal(aURI, aIsApp, aIsInBrowserElement) {
if(aIsApp) {
var app = appsSvc.getAppByManifestURL(aURI);
var localId = appsSvc.getAppLocalIdByManifestURL(aURI);
var uri = Services.io.newURI(app.origin, null, null);
return Services.scriptSecurityManager
.getAppCodebasePrincipal(uri,
localId,
aIsInBrowserElement);
return app.principal;
}
var uri = Services.io.newURI(aURI, null, null);

4
testing/specialpowers/content/SpecialPowersObserverAPI.js

@ -314,7 +314,9 @@ SpecialPowersObserverAPI.prototype = {
let msg = aMessage.json;
let secMan = Services.scriptSecurityManager;
let principal = secMan.getAppCodebasePrincipal(this._getURI(msg.url), msg.appId, msg.isInBrowserElement);
// TODO: Bug 1196665 - Add originAttributes into SpecialPowers
let attrs = {appId: msg.appId, inBrowser: msg.isInBrowserElement};
let principal = secMan.createCodebasePrincipal(this._getURI(msg.url), attrs);
switch (msg.op) {
case "add":

12
uriloader/prefetch/OfflineCacheUpdateParent.cpp

@ -5,6 +5,7 @@
#include "OfflineCacheUpdateParent.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/dom/TabParent.h"
#include "mozilla/ipc/URIUtils.h"
#include "mozilla/unused.h"
@ -12,9 +13,10 @@
#include "nsIApplicationCache.h"
#include "nsIScriptSecurityManager.h"
#include "nsNetUtil.h"
#include "nsContentUtils.h"
using namespace mozilla::ipc;
using mozilla::BasePrincipal;
using mozilla::OriginAttributes;
using mozilla::dom::TabParent;
//
@ -91,10 +93,10 @@ OfflineCacheUpdateParent::Schedule(const URIParams& aManifestURI,
bool offlinePermissionAllowed = false;
nsCOMPtr<nsIPrincipal> principal;
nsContentUtils::GetSecurityManager()->
GetAppCodebasePrincipal(manifestURI, mAppId, mIsInBrowserElement,
getter_AddRefs(principal));
// TODO: Bug 1165466 - use OriginAttributes
OriginAttributes attrs(mAppId, mIsInBrowserElement);
nsCOMPtr<nsIPrincipal> principal =
BasePrincipal::CreateCodebasePrincipal(manifestURI, attrs);
nsresult rv = service->OfflineAppAllowed(
principal, nullptr, &offlinePermissionAllowed);

Loading…
Cancel
Save