diff --git a/content/base/public/nsContentPolicyUtils.h b/content/base/public/nsContentPolicyUtils.h index eab5de256966..f3790607dffe 100644 --- a/content/base/public/nsContentPolicyUtils.h +++ b/content/base/public/nsContentPolicyUtils.h @@ -39,6 +39,9 @@ /* * Utility routines for checking content load/process policy settings, * and routines helpful for content policy implementors. + * + * XXXbz it would be nice if some of this stuff could be out-of-lined in + * nsContentUtils. That would work for almost all the callers... */ #ifndef __nsContentPolicyUtils_h__ @@ -50,6 +53,8 @@ #include "nsIContentPolicy.h" #include "nsIServiceManager.h" #include "nsIContent.h" +#include "nsIScriptSecurityManager.h" +#include "nsIPrincipal.h" //XXXtw sadly, this makes consumers of nsContentPolicyUtils depend on widget #include "nsIDocument.h" @@ -163,21 +168,57 @@ NS_CP_ContentTypeName(PRUint32 contentType) PR_END_MACRO /** - * Alias for calling ShouldLoad on the content policy service. - * Parameters are the same as nsIContentPolicy::shouldLoad, except for - * the last parameter, which can be used to pass in a pointer to the - * service if the caller already has one. + * Check whether we can short-circuit this check and bail out. If not, get the + * origin URI to use. + * + * Note: requestOrigin is scoped outside the PR_BEGIN_MACRO/PR_END_MACRO on + * purpose */ +#define CHECK_PRINCIPAL \ + nsCOMPtr requestOrigin; \ + PR_BEGIN_MACRO \ + if (originPrincipal) { \ + nsCOMPtr secMan = aSecMan; \ + if (!secMan) { \ + secMan = do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID); \ + } \ + if (secMan) { \ + PRBool isSystem; \ + nsresult rv = secMan->IsSystemPrincipal(originPrincipal, \ + &isSystem); \ + NS_ENSURE_SUCCESS(rv, rv); \ + if (isSystem) { \ + *decision = nsIContentPolicy::ACCEPT; \ + return NS_OK; \ + } \ + } \ + nsresult rv = originPrincipal->GetURI(getter_AddRefs(requestOrigin)); \ + NS_ENSURE_SUCCESS(rv, rv); \ + } else { \ + requestOrigin = originURI; \ + } \ + PR_END_MACRO + +/** + * Alias for calling ShouldLoad on the content policy service. Parameters are + * the same as nsIContentPolicy::shouldLoad, except for the originPrincipal + * parameter, which should be non-null if possible, and the last two + * parameters, which can be used to pass in pointer to some useful services if + * the caller already has them. |originURI| is only used if |originPrincipal| + * is null. */ inline nsresult NS_CheckContentLoadPolicy(PRUint32 contentType, nsIURI *contentLocation, - nsIURI *requestOrigin, + nsIURI *originURI, + nsIPrincipal *originPrincipal, nsISupports *context, const nsACString &mimeType, nsISupports *extra, PRInt16 *decision, - nsIContentPolicy *policyService = nsnull) + nsIContentPolicy *policyService = nsnull, + nsIScriptSecurityManager* aSecMan = nsnull) { + CHECK_PRINCIPAL; if (policyService) { CHECK_CONTENT_POLICY_WITH_SERVICE(ShouldLoad, policyService); } @@ -185,19 +226,26 @@ NS_CheckContentLoadPolicy(PRUint32 contentType, } /** - * Alias for calling ShouldProcess on the content policy service. - * Parameters are the same as nsIContentPolicy::shouldProcess. + * Alias for calling ShouldProcess on the content policy service. Parameters + * are the same as nsIContentPolicy::shouldLoad, except for the originPrincipal + * parameter, which should be non-null if possible, and the last two + * parameters, which can be used to pass in pointer to some useful services if + * the caller already has them. |originURI| is only used if |originPrincipal| + * is null. */ inline nsresult NS_CheckContentProcessPolicy(PRUint32 contentType, nsIURI *contentLocation, - nsIURI *requestOrigin, + nsIURI *originURI, + nsIPrincipal *originPrincipal, nsISupports *context, const nsACString &mimeType, nsISupports *extra, PRInt16 *decision, - nsIContentPolicy *policyService = nsnull) + nsIContentPolicy *policyService = nsnull, + nsIScriptSecurityManager* aSecMan = nsnull) { + CHECK_PRINCIPAL; if (policyService) { CHECK_CONTENT_POLICY_WITH_SERVICE(ShouldProcess, policyService); } diff --git a/content/base/src/nsContentUtils.cpp b/content/base/src/nsContentUtils.cpp index c32519a5b281..1c6d7adc1b12 100644 --- a/content/base/src/nsContentUtils.cpp +++ b/content/base/src/nsContentUtils.cpp @@ -2116,20 +2116,18 @@ nsContentUtils::CanLoadImage(nsIURI* aURI, nsISupports* aContext, } } - nsCOMPtr loadingURI; - rv = aLoadingPrincipal->GetURI(getter_AddRefs(loadingURI)); - NS_ENSURE_SUCCESS(rv, PR_FALSE); - PRInt16 decision = nsIContentPolicy::ACCEPT; rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_IMAGE, aURI, - loadingURI, + nsnull, + aLoadingPrincipal, aContext, EmptyCString(), //mime guess nsnull, //extra &decision, - GetContentPolicy()); + GetContentPolicy(), + sSecurityManager); if (aImageBlockingStatus) { *aImageBlockingStatus = @@ -3611,13 +3609,11 @@ nsContentUtils::CheckSecurityBeforeLoad(nsIURI* aURIToLoad, const nsACString& aMimeGuess, nsISupports* aExtra) { + NS_PRECONDITION(aLoadingPrincipal, "Must have a loading principal here"); + // XXXbz do we want to fast-path skin stylesheets loading XBL here somehow? - nsCOMPtr loadingURI; - nsresult rv = aLoadingPrincipal->GetURI(getter_AddRefs(loadingURI)); - NS_ENSURE_SUCCESS(rv, rv); - // CheckLoadURIWithPrincipal - rv = sSecurityManager-> + nsresult rv = sSecurityManager-> CheckLoadURIWithPrincipal(aLoadingPrincipal, aURIToLoad, aCheckLoadFlags); NS_ENSURE_SUCCESS(rv, rv); @@ -3625,12 +3621,14 @@ nsContentUtils::CheckSecurityBeforeLoad(nsIURI* aURIToLoad, PRInt16 shouldLoad = nsIContentPolicy::ACCEPT; rv = NS_CheckContentLoadPolicy(aContentPolicyType, aURIToLoad, - loadingURI, + nsnull, + aLoadingPrincipal, aContext, aMimeGuess, aExtra, &shouldLoad, - GetContentPolicy()); + GetContentPolicy(), + sSecurityManager); NS_ENSURE_SUCCESS(rv, rv); if (NS_CP_REJECTED(shouldLoad)) { return NS_ERROR_CONTENT_BLOCKED; @@ -3642,6 +3640,10 @@ nsContentUtils::CheckSecurityBeforeLoad(nsIURI* aURIToLoad, SchemeIs(aURIToLoad, "chrome"))) { return NS_OK; } + + nsCOMPtr loadingURI; + rv = aLoadingPrincipal->GetURI(getter_AddRefs(loadingURI)); + NS_ENSURE_SUCCESS(rv, rv); return sSecurityManager->CheckSameOriginURI(loadingURI, aURIToLoad); } diff --git a/content/base/src/nsObjectLoadingContent.cpp b/content/base/src/nsObjectLoadingContent.cpp index e6e7f36ba318..9f799dcad19e 100644 --- a/content/base/src/nsObjectLoadingContent.cpp +++ b/content/base/src/nsObjectLoadingContent.cpp @@ -891,12 +891,14 @@ nsObjectLoadingContent::LoadObject(nsIURI* aURI, rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_OBJECT, aURI, - doc->GetDocumentURI(), + nsnull, + doc->NodePrincipal(), static_cast(this), aTypeHint, nsnull, //extra &shouldLoad, - nsContentUtils::GetContentPolicy()); + nsContentUtils::GetContentPolicy(), + nsContentUtils::GetSecurityManager()); if (NS_FAILED(rv) || NS_CP_REJECTED(shouldLoad)) { // Must call UnloadContent first, as it overwrites // mSuppressed/mUserDisabled. It also takes care of setting the type to diff --git a/content/base/src/nsScriptLoader.cpp b/content/base/src/nsScriptLoader.cpp index ee11a91e0012..b27cd9d2a531 100644 --- a/content/base/src/nsScriptLoader.cpp +++ b/content/base/src/nsScriptLoader.cpp @@ -425,15 +425,16 @@ nsScriptLoader::ProcessScriptElement(nsIScriptElement *aElement) // After the security manager, the content-policy stuff gets a veto PRInt16 shouldLoad = nsIContentPolicy::ACCEPT; - nsIURI *docURI = mDocument->GetDocumentURI(); rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_SCRIPT, scriptURI, - docURI, + nsnull, + mDocument->NodePrincipal(), aElement, NS_LossyConvertUTF16toASCII(type), nsnull, //extra &shouldLoad, - nsContentUtils::GetContentPolicy()); + nsContentUtils::GetContentPolicy(), + nsContentUtils::GetSecurityManager()); if (NS_FAILED(rv) || NS_CP_REJECTED(shouldLoad)) { if (NS_FAILED(rv) || shouldLoad != nsIContentPolicy::REJECT_TYPE) { return NS_ERROR_CONTENT_BLOCKED; diff --git a/content/base/src/nsXMLHttpRequest.cpp b/content/base/src/nsXMLHttpRequest.cpp index dcf918970f93..0f9a63735587 100644 --- a/content/base/src/nsXMLHttpRequest.cpp +++ b/content/base/src/nsXMLHttpRequest.cpp @@ -1264,11 +1264,14 @@ nsXMLHttpRequest::OpenRequest(const nsACString& method, PRInt16 shouldLoad = nsIContentPolicy::ACCEPT; rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_XMLHTTPREQUEST, uri, - (doc ? doc->GetDocumentURI() : nsnull), + nsnull, + (doc ? doc->NodePrincipal() : nsnull), doc, EmptyCString(), //mime guess nsnull, //extra - &shouldLoad); + &shouldLoad, + nsContentUtils::GetContentPolicy(), + nsContentUtils::GetSecurityManager()); if (NS_FAILED(rv)) return rv; if (NS_CP_REJECTED(shouldLoad)) { // Disallowed by content policy diff --git a/content/html/document/src/nsImageDocument.cpp b/content/html/document/src/nsImageDocument.cpp index 1642ef56b2b2..cb35b226f807 100644 --- a/content/html/document/src/nsImageDocument.cpp +++ b/content/html/document/src/nsImageDocument.cpp @@ -185,16 +185,24 @@ ImageListener::OnStartRequest(nsIRequest* request, nsISupports *ctxt) nsCAutoString mimeType; channel->GetContentType(mimeType); - + + nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); + nsCOMPtr channelPrincipal; + if (secMan) { + secMan->GetChannelPrincipal(channel, getter_AddRefs(channelPrincipal)); + } + PRInt16 decision = nsIContentPolicy::ACCEPT; nsresult rv = NS_CheckContentProcessPolicy(nsIContentPolicy::TYPE_IMAGE, channelURI, nsnull, + channelPrincipal, domWindow->GetFrameElementInternal(), mimeType, nsnull, &decision, - nsContentUtils::GetContentPolicy()); + nsContentUtils::GetContentPolicy(), + secMan); if (NS_FAILED(rv) || NS_CP_REJECTED(decision)) { request->Cancel(NS_ERROR_CONTENT_BLOCKED); diff --git a/content/xbl/src/nsXBLResourceLoader.cpp b/content/xbl/src/nsXBLResourceLoader.cpp index dd93aa14da5c..26766c730a93 100644 --- a/content/xbl/src/nsXBLResourceLoader.cpp +++ b/content/xbl/src/nsXBLResourceLoader.cpp @@ -110,6 +110,7 @@ nsXBLResourceLoader::LoadResources(PRBool* aResult) nsICSSLoader* cssLoader = doc->CSSLoader(); nsIURI *docURL = doc->GetDocumentURI(); + nsIPrincipal* docPrincipal = doc->NodePrincipal(); nsCOMPtr url; @@ -122,7 +123,7 @@ nsXBLResourceLoader::LoadResources(PRBool* aResult) continue; if (curr->mType == nsGkAtoms::image) { - if (!nsContentUtils::CanLoadImage(url, doc, doc, doc->NodePrincipal())) { + if (!nsContentUtils::CanLoadImage(url, doc, doc, docPrincipal)) { // We're not permitted to load this image, move on... continue; } @@ -131,7 +132,7 @@ nsXBLResourceLoader::LoadResources(PRBool* aResult) // Passing NULL for pretty much everything -- cause we don't care! // XXX: initialDocumentURI is NULL! nsCOMPtr req; - nsContentUtils::LoadImage(url, doc, doc->NodePrincipal(), docURL, nsnull, + nsContentUtils::LoadImage(url, doc, docPrincipal, docURL, nsnull, nsIRequest::LOAD_BACKGROUND, getter_AddRefs(req)); } @@ -155,7 +156,7 @@ nsXBLResourceLoader::LoadResources(PRBool* aResult) } else { - rv = cssLoader->LoadSheet(url, docURL, doc->NodePrincipal(), this); + rv = cssLoader->LoadSheet(url, docPrincipal, this); if (NS_SUCCEEDED(rv)) ++mPendingSheets; } diff --git a/content/xml/document/src/nsXMLContentSink.cpp b/content/xml/document/src/nsXMLContentSink.cpp index 6eb97c2861b0..82d796fa88aa 100644 --- a/content/xml/document/src/nsXMLContentSink.cpp +++ b/content/xml/document/src/nsXMLContentSink.cpp @@ -763,12 +763,14 @@ nsXMLContentSink::ProcessStyleLink(nsIContent* aElement, PRInt16 decision = nsIContentPolicy::ACCEPT; rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_STYLESHEET, url, - mDocument->GetDocumentURI(), + nsnull, + mDocument->NodePrincipal(), aElement, type, nsnull, &decision, - nsContentUtils::GetContentPolicy()); + nsContentUtils::GetContentPolicy(), + nsContentUtils::GetSecurityManager()); NS_ENSURE_SUCCESS(rv, rv); diff --git a/content/xslt/src/xslt/txMozillaStylesheetCompiler.cpp b/content/xslt/src/xslt/txMozillaStylesheetCompiler.cpp index c276ca39f9e2..9c3363a75c4b 100644 --- a/content/xslt/src/xslt/txMozillaStylesheetCompiler.cpp +++ b/content/xslt/src/xslt/txMozillaStylesheetCompiler.cpp @@ -448,9 +448,11 @@ CheckLoadURI(nsIURI *aUri, nsIURI *aReferrerUri, // Then do a content policy check. PRInt16 decision = nsIContentPolicy::ACCEPT; rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_STYLESHEET, - aUri, aReferrerUri, aContext, + aUri, nsnull, aReferrerPrincipal, aContext, NS_LITERAL_CSTRING("application/xml"), nsnull, - &decision); + &decision, + nsContentUtils::GetContentPolicy(), + nsContentUtils::GetSecurityManager()); NS_ENSURE_SUCCESS(rv, rv); return NS_CP_REJECTED(decision) ? NS_ERROR_XSLT_LOAD_BLOCKED_ERROR : NS_OK; @@ -473,9 +475,9 @@ protected: nsAutoRefCnt mRefCnt; private: - nsCOMPtr mCallerPrincipal; nsRefPtr mProcessor; nsCOMPtr mLoadGroup; + nsCOMPtr mCallerPrincipal; protected: // This exists solely to suppress a warning from nsDerivedSafe diff --git a/content/xul/document/src/nsXULDocument.cpp b/content/xul/document/src/nsXULDocument.cpp index 88de793d1e49..97788747e3f8 100644 --- a/content/xul/document/src/nsXULDocument.cpp +++ b/content/xul/document/src/nsXULDocument.cpp @@ -3700,7 +3700,7 @@ nsXULDocument::AddPrototypeSheets() nsCOMPtr uri = sheets[i]; nsCOMPtr incompleteSheet; - rv = CSSLoader()->LoadSheet(uri, mCurrentPrototype->GetURI(), + rv = CSSLoader()->LoadSheet(uri, mCurrentPrototype->DocumentPrincipal(), this, getter_AddRefs(incompleteSheet)); diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index e6fc2d3488b9..7e86d7820580 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -6380,9 +6380,11 @@ nsDocShell::InternalLoad(nsIURI * aURI, if (!context) { context = mScriptGlobal; } + // XXXbz would be nice to know the loading principal here... but we don't rv = NS_CheckContentLoadPolicy(contentType, aURI, aReferrer, + nsnull, context, EmptyCString(), //mime guess nsnull, //extra diff --git a/docshell/base/nsWebShell.cpp b/docshell/base/nsWebShell.cpp index d9e1ef08b0cf..224e5597d16d 100644 --- a/docshell/base/nsWebShell.cpp +++ b/docshell/base/nsWebShell.cpp @@ -220,14 +220,10 @@ CheckPingURI(nsIURI* uri, nsIContent* content) // Check with contentpolicy PRInt16 shouldLoad = nsIContentPolicy::ACCEPT; - nsIURI* docURI = nsnull; - nsIDocument* doc = content->GetOwnerDoc(); - if (doc) { - docURI = doc->GetDocumentURI(); - } rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_PING, uri, - docURI, + nsnull, + content->NodePrincipal(), content, EmptyCString(), // mime hint nsnull, //extra diff --git a/editor/libeditor/html/nsHTMLEditor.cpp b/editor/libeditor/html/nsHTMLEditor.cpp index 7e7ddacb45e5..38b596a155ea 100644 --- a/editor/libeditor/html/nsHTMLEditor.cpp +++ b/editor/libeditor/html/nsHTMLEditor.cpp @@ -3552,7 +3552,7 @@ nsHTMLEditor::ReplaceStyleSheet(const nsAString& aURL) rv = NS_NewURI(getter_AddRefs(uaURI), aURL); NS_ENSURE_SUCCESS(rv, rv); - rv = cssLoader->LoadSheet(uaURI, nsnull, nsnull, this); + rv = cssLoader->LoadSheet(uaURI, nsnull, this); NS_ENSURE_SUCCESS(rv, rv); return NS_OK; diff --git a/embedding/browser/webBrowser/Makefile.in b/embedding/browser/webBrowser/Makefile.in index 8bf63a12f197..e352baf9a3bd 100644 --- a/embedding/browser/webBrowser/Makefile.in +++ b/embedding/browser/webBrowser/Makefile.in @@ -69,6 +69,8 @@ REQUIRES = xpcom \ locale \ embed_base \ view \ + caps \ + xpconnect \ $(NULL) ifdef MOZ_PHOENIX diff --git a/extensions/permissions/Makefile.in b/extensions/permissions/Makefile.in index 7d0550668dd4..e2cecd8f5fef 100644 --- a/extensions/permissions/Makefile.in +++ b/extensions/permissions/Makefile.in @@ -60,6 +60,9 @@ REQUIRES = xpcom \ layout \ pref \ docshell \ + caps \ + xpconnect \ + js \ $(NULL) CPPSRCS = \ diff --git a/layout/style/nsCSSLoader.cpp b/layout/style/nsCSSLoader.cpp index aeecd25b80e6..3167aeeb384d 100644 --- a/layout/style/nsCSSLoader.cpp +++ b/layout/style/nsCSSLoader.cpp @@ -920,7 +920,6 @@ CSSLoaderImpl::IsAlternate(const nsAString& aTitle, PRBool aHasAlternateRel) * CheckLoadAllowed will return success if the load is allowed, * failure otherwise. * - * @param aSourceURI the uri of the document or parent sheet loading the sheet * @param aSourcePrincipal the principal of the node or document or parent * sheet loading the sheet * @param aTargetURI the uri of the sheet to be loaded @@ -928,8 +927,7 @@ CSSLoaderImpl::IsAlternate(const nsAString& aTitle, PRBool aHasAlternateRel) * owning the stylesheet (possibly indirectly, for child sheets) */ nsresult -CSSLoaderImpl::CheckLoadAllowed(nsIURI* aSourceURI, - nsIPrincipal* aSourcePrincipal, +CSSLoaderImpl::CheckLoadAllowed(nsIPrincipal* aSourcePrincipal, nsIURI* aTargetURI, nsISupports* aContext) { @@ -946,22 +944,22 @@ CSSLoaderImpl::CheckLoadAllowed(nsIURI* aSourceURI, if (NS_FAILED(rv)) { // failure is normal here; don't warn return rv; } - } - LOG((" Passed security check")); + LOG((" Passed security check")); - if (aSourceURI) { // Check with content policy PRInt16 shouldLoad = nsIContentPolicy::ACCEPT; rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_STYLESHEET, aTargetURI, - aSourceURI, + nsnull, + aSourcePrincipal, aContext, NS_LITERAL_CSTRING("text/css"), nsnull, //extra param &shouldLoad, - nsContentUtils::GetContentPolicy()); + nsContentUtils::GetContentPolicy(), + nsContentUtils::GetSecurityManager()); if (NS_FAILED(rv) || NS_CP_REJECTED(shouldLoad)) { LOG((" Load blocked by content policy")); @@ -1772,10 +1770,6 @@ CSSLoaderImpl::LoadStyleLink(nsIContent* aElement, NS_ENSURE_TRUE(mDocument, NS_ERROR_NOT_INITIALIZED); - // Check whether we should even load - nsIURI *docURI = mDocument->GetDocumentURI(); - if (!docURI) return NS_ERROR_FAILURE; - nsIPrincipal* principal = aElement ? aElement->NodePrincipal() : mDocument->NodePrincipal(); @@ -1783,7 +1777,7 @@ CSSLoaderImpl::LoadStyleLink(nsIContent* aElement, if (!context) { context = mDocument; } - nsresult rv = CheckLoadAllowed(docURI, principal, aURL, context); + nsresult rv = CheckLoadAllowed(principal, aURL, context); if (NS_FAILED(rv)) return rv; LOG((" Passed load check")); @@ -1865,17 +1859,12 @@ CSSLoaderImpl::LoadChildSheet(nsICSSStyleSheet* aParentSheet, LOG_URI(" Child uri: '%s'", aURL); - // Check whether we should even load - nsCOMPtr sheetURI; - nsresult rv = aParentSheet->GetSheetURI(getter_AddRefs(sheetURI)); - if (NS_FAILED(rv) || !sheetURI) return NS_ERROR_FAILURE; - nsCOMPtr owningNode; // check for an owning document: if none, don't bother walking up the parent // sheets nsCOMPtr owningDoc; - rv = aParentSheet->GetOwningDocument(*getter_AddRefs(owningDoc)); + nsresult rv = aParentSheet->GetOwningDocument(*getter_AddRefs(owningDoc)); if (NS_SUCCEEDED(rv) && owningDoc) { nsCOMPtr nextParentSheet(do_QueryInterface(aParentSheet)); NS_ENSURE_TRUE(nextParentSheet, NS_ERROR_FAILURE); //Not a stylesheet!? @@ -1896,7 +1885,7 @@ CSSLoaderImpl::LoadChildSheet(nsICSSStyleSheet* aParentSheet, } nsIPrincipal* principal = aParentSheet->Principal(); - rv = CheckLoadAllowed(sheetURI, principal, aURL, context); + rv = CheckLoadAllowed(principal, aURL, context); if (NS_FAILED(rv)) return rv; LOG((" Passed load check")); @@ -1984,37 +1973,34 @@ CSSLoaderImpl::LoadSheetSync(nsIURI* aURL, PRBool aAllowUnsafeRules, { LOG(("CSSLoaderImpl::LoadSheetSync")); return InternalLoadNonDocumentSheet(aURL, aAllowUnsafeRules, nsnull, - nsnull, aSheet, nsnull); + aSheet, nsnull); } NS_IMETHODIMP CSSLoaderImpl::LoadSheet(nsIURI* aURL, - nsIURI* aOriginURI, nsIPrincipal* aOriginPrincipal, nsICSSLoaderObserver* aObserver, nsICSSStyleSheet** aSheet) { LOG(("CSSLoaderImpl::LoadSheet(aURL, aObserver, aSheet) api call")); NS_PRECONDITION(aSheet, "aSheet is null"); - return InternalLoadNonDocumentSheet(aURL, PR_FALSE, aOriginURI, - aOriginPrincipal, aSheet, aObserver); + return InternalLoadNonDocumentSheet(aURL, PR_FALSE, aOriginPrincipal, + aSheet, aObserver); } NS_IMETHODIMP CSSLoaderImpl::LoadSheet(nsIURI* aURL, - nsIURI* aOriginURI, nsIPrincipal* aOriginPrincipal, nsICSSLoaderObserver* aObserver) { LOG(("CSSLoaderImpl::LoadSheet(aURL, aObserver) api call")); - return InternalLoadNonDocumentSheet(aURL, PR_FALSE, aOriginURI, - aOriginPrincipal, nsnull, aObserver); + return InternalLoadNonDocumentSheet(aURL, PR_FALSE, aOriginPrincipal, + nsnull, aObserver); } nsresult CSSLoaderImpl::InternalLoadNonDocumentSheet(nsIURI* aURL, PRBool aAllowUnsafeRules, - nsIURI* aOriginURI, nsIPrincipal* aOriginPrincipal, nsICSSStyleSheet** aSheet, nsICSSLoaderObserver* aObserver) @@ -2034,7 +2020,7 @@ CSSLoaderImpl::InternalLoadNonDocumentSheet(nsIURI* aURL, return NS_ERROR_NOT_AVAILABLE; } - nsresult rv = CheckLoadAllowed(aOriginURI, aOriginPrincipal, aURL, mDocument); + nsresult rv = CheckLoadAllowed(aOriginPrincipal, aURL, mDocument); if (NS_FAILED(rv)) { return rv; } diff --git a/layout/style/nsCSSLoader.h b/layout/style/nsCSSLoader.h index 99c317d01dae..f34196357813 100644 --- a/layout/style/nsCSSLoader.h +++ b/layout/style/nsCSSLoader.h @@ -342,13 +342,11 @@ public: nsICSSStyleSheet** aSheet); NS_IMETHOD LoadSheet(nsIURI* aURL, - nsIURI* aOriginURI, nsIPrincipal* aOriginPrincipal, nsICSSLoaderObserver* aObserver, nsICSSStyleSheet** aSheet); NS_IMETHOD LoadSheet(nsIURI* aURL, - nsIURI* aOriginURI, nsIPrincipal* aOriginPrincipal, nsICSSLoaderObserver* aObserver); @@ -379,10 +377,9 @@ public: PRBool IsAlternate(const nsAString& aTitle, PRBool aHasAlternateRel); private: - // Note: null aSourceURI or aSourcePrincipal indicates that the content - // policy or CheckLoadURI checks (respectively) should be skipped. - nsresult CheckLoadAllowed(nsIURI* aSourceURI, - nsIPrincipal* aSourcePrincipal, + // Note: null aSourcePrincipal indicates that the content policy and + // CheckLoadURI checks should be skipped. + nsresult CheckLoadAllowed(nsIPrincipal* aSourcePrincipal, nsIURI* aTargetURI, nsISupports* aContext); @@ -418,7 +415,6 @@ private: nsresult InternalLoadNonDocumentSheet(nsIURI* aURL, PRBool aAllowUnsafeRules, - nsIURI* aOriginURI, nsIPrincipal* aOriginPrincipal, nsICSSStyleSheet** aSheet, nsICSSLoaderObserver* aObserver); diff --git a/layout/style/nsICSSLoader.h b/layout/style/nsICSSLoader.h index 9731ceaf78bd..da14a664b11e 100644 --- a/layout/style/nsICSSLoader.h +++ b/layout/style/nsICSSLoader.h @@ -58,10 +58,10 @@ class nsICSSImportRule; class nsIPrincipal; // IID for the nsICSSLoader interface -// eed4ac28-0add-43a7-84bf-fb53109ae40c +// 0c6d7e76-dddc-4727-b557-7ef531127e11 #define NS_ICSS_LOADER_IID \ -{ 0xeed4ac28, 0x0add, 0x43a7, \ - { 0x84, 0xbf, 0xfb, 0x53, 0x10, 0x9a, 0xe4, 0x0c } } +{ 0x0c6d7e76, 0xdddc, 0x4727, \ + { 0xb5, 0x57, 0x7e, 0xf5, 0x31, 0x12, 0x7e, 0x11 } } typedef void (*nsCSSLoaderCallbackFunc)(nsICSSStyleSheet* aSheet, void *aData, PRBool aDidNotify); @@ -203,9 +203,6 @@ public: * sheets not associated with a document. * * @param aURL the URL of the sheet to load - * @param aOriginURI the URI the load originated from, for content policy - * checks. This can be null to indicate that these checks - * should be skipped. * @param aOriginPrincipal the principal to use for security checks. This * can be null to indicate that these checks should * be skipped. @@ -215,7 +212,6 @@ public: * not be loaded by the time this method returns. */ NS_IMETHOD LoadSheet(nsIURI* aURL, - nsIURI* aOriginURI, nsIPrincipal* aOriginPrincipal, nsICSSLoaderObserver* aObserver, nsICSSStyleSheet** aSheet) = 0; @@ -225,7 +221,6 @@ public: * not-yet-loaded sheet. */ NS_IMETHOD LoadSheet(nsIURI* aURL, - nsIURI* aOriginURI, nsIPrincipal* aOriginPrincipal, nsICSSLoaderObserver* aObserver) = 0; diff --git a/modules/plugin/base/src/nsPluginHostImpl.cpp b/modules/plugin/base/src/nsPluginHostImpl.cpp index 4259bc96d355..2a825c325b8c 100644 --- a/modules/plugin/base/src/nsPluginHostImpl.cpp +++ b/modules/plugin/base/src/nsPluginHostImpl.cpp @@ -3457,7 +3457,8 @@ NS_IMETHODIMP nsPluginHostImpl::InstantiateEmbeddedPlugin(const char *aMimeType, nsresult rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_OBJECT, aURL, - doc->GetDocumentURI(), + nsnull, + doc->NodePrincipal(), elem, nsDependentCString(aMimeType ? aMimeType : ""), nsnull, //extra @@ -5909,7 +5910,8 @@ NS_IMETHODIMP nsPluginHostImpl::NewPluginURLStream(const nsString& aURL, PRInt16 shouldLoad = nsIContentPolicy::ACCEPT; rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_OBJECT_SUBREQUEST, url, - (doc ? doc->GetDocumentURI() : nsnull), + nsnull, + (doc ? doc->NodePrincipal() : nsnull), element, EmptyCString(), //mime guess nsnull, //extra