Use the principal doing the load to decide on the URI to pass to content policies. This will help do the right thing for data:/javascript:/about:blank, as well as allow us to skip content policies altogether if the caller is system. Bug 388597, r+sr=sicking

This commit is contained in:
bzbarsky@mit.edu 2007-08-07 18:16:09 -07:00
parent 52166cc918
commit 16e6040261
19 changed files with 145 additions and 94 deletions

View File

@ -39,6 +39,9 @@
/*
* Utility routines for checking content load/process policy settings,
* and routines helpful for content policy implementors.
*
* XXXbz it would be nice if some of this stuff could be out-of-lined in
* nsContentUtils. That would work for almost all the callers...
*/
#ifndef __nsContentPolicyUtils_h__
@ -50,6 +53,8 @@
#include "nsIContentPolicy.h"
#include "nsIServiceManager.h"
#include "nsIContent.h"
#include "nsIScriptSecurityManager.h"
#include "nsIPrincipal.h"
//XXXtw sadly, this makes consumers of nsContentPolicyUtils depend on widget
#include "nsIDocument.h"
@ -163,21 +168,57 @@ NS_CP_ContentTypeName(PRUint32 contentType)
PR_END_MACRO
/**
* Alias for calling ShouldLoad on the content policy service.
* Parameters are the same as nsIContentPolicy::shouldLoad, except for
* the last parameter, which can be used to pass in a pointer to the
* service if the caller already has one.
* Check whether we can short-circuit this check and bail out. If not, get the
* origin URI to use.
*
* Note: requestOrigin is scoped outside the PR_BEGIN_MACRO/PR_END_MACRO on
* purpose */
#define CHECK_PRINCIPAL \
nsCOMPtr<nsIURI> requestOrigin; \
PR_BEGIN_MACRO \
if (originPrincipal) { \
nsCOMPtr<nsIScriptSecurityManager> secMan = aSecMan; \
if (!secMan) { \
secMan = do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID); \
} \
if (secMan) { \
PRBool isSystem; \
nsresult rv = secMan->IsSystemPrincipal(originPrincipal, \
&isSystem); \
NS_ENSURE_SUCCESS(rv, rv); \
if (isSystem) { \
*decision = nsIContentPolicy::ACCEPT; \
return NS_OK; \
} \
} \
nsresult rv = originPrincipal->GetURI(getter_AddRefs(requestOrigin)); \
NS_ENSURE_SUCCESS(rv, rv); \
} else { \
requestOrigin = originURI; \
} \
PR_END_MACRO
/**
* Alias for calling ShouldLoad on the content policy service. Parameters are
* the same as nsIContentPolicy::shouldLoad, except for the originPrincipal
* parameter, which should be non-null if possible, and the last two
* parameters, which can be used to pass in pointer to some useful services if
* the caller already has them. |originURI| is only used if |originPrincipal|
* is null.
*/
inline nsresult
NS_CheckContentLoadPolicy(PRUint32 contentType,
nsIURI *contentLocation,
nsIURI *requestOrigin,
nsIURI *originURI,
nsIPrincipal *originPrincipal,
nsISupports *context,
const nsACString &mimeType,
nsISupports *extra,
PRInt16 *decision,
nsIContentPolicy *policyService = nsnull)
nsIContentPolicy *policyService = nsnull,
nsIScriptSecurityManager* aSecMan = nsnull)
{
CHECK_PRINCIPAL;
if (policyService) {
CHECK_CONTENT_POLICY_WITH_SERVICE(ShouldLoad, policyService);
}
@ -185,19 +226,26 @@ NS_CheckContentLoadPolicy(PRUint32 contentType,
}
/**
* Alias for calling ShouldProcess on the content policy service.
* Parameters are the same as nsIContentPolicy::shouldProcess.
* Alias for calling ShouldProcess on the content policy service. Parameters
* are the same as nsIContentPolicy::shouldLoad, except for the originPrincipal
* parameter, which should be non-null if possible, and the last two
* parameters, which can be used to pass in pointer to some useful services if
* the caller already has them. |originURI| is only used if |originPrincipal|
* is null.
*/
inline nsresult
NS_CheckContentProcessPolicy(PRUint32 contentType,
nsIURI *contentLocation,
nsIURI *requestOrigin,
nsIURI *originURI,
nsIPrincipal *originPrincipal,
nsISupports *context,
const nsACString &mimeType,
nsISupports *extra,
PRInt16 *decision,
nsIContentPolicy *policyService = nsnull)
nsIContentPolicy *policyService = nsnull,
nsIScriptSecurityManager* aSecMan = nsnull)
{
CHECK_PRINCIPAL;
if (policyService) {
CHECK_CONTENT_POLICY_WITH_SERVICE(ShouldProcess, policyService);
}

View File

@ -2116,20 +2116,18 @@ nsContentUtils::CanLoadImage(nsIURI* aURI, nsISupports* aContext,
}
}
nsCOMPtr<nsIURI> loadingURI;
rv = aLoadingPrincipal->GetURI(getter_AddRefs(loadingURI));
NS_ENSURE_SUCCESS(rv, PR_FALSE);
PRInt16 decision = nsIContentPolicy::ACCEPT;
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_IMAGE,
aURI,
loadingURI,
nsnull,
aLoadingPrincipal,
aContext,
EmptyCString(), //mime guess
nsnull, //extra
&decision,
GetContentPolicy());
GetContentPolicy(),
sSecurityManager);
if (aImageBlockingStatus) {
*aImageBlockingStatus =
@ -3611,13 +3609,11 @@ nsContentUtils::CheckSecurityBeforeLoad(nsIURI* aURIToLoad,
const nsACString& aMimeGuess,
nsISupports* aExtra)
{
// XXXbz do we want to fast-path skin stylesheets loading XBL here somehow?
nsCOMPtr<nsIURI> loadingURI;
nsresult rv = aLoadingPrincipal->GetURI(getter_AddRefs(loadingURI));
NS_ENSURE_SUCCESS(rv, rv);
NS_PRECONDITION(aLoadingPrincipal, "Must have a loading principal here");
// XXXbz do we want to fast-path skin stylesheets loading XBL here somehow?
// CheckLoadURIWithPrincipal
rv = sSecurityManager->
nsresult rv = sSecurityManager->
CheckLoadURIWithPrincipal(aLoadingPrincipal, aURIToLoad, aCheckLoadFlags);
NS_ENSURE_SUCCESS(rv, rv);
@ -3625,12 +3621,14 @@ nsContentUtils::CheckSecurityBeforeLoad(nsIURI* aURIToLoad,
PRInt16 shouldLoad = nsIContentPolicy::ACCEPT;
rv = NS_CheckContentLoadPolicy(aContentPolicyType,
aURIToLoad,
loadingURI,
nsnull,
aLoadingPrincipal,
aContext,
aMimeGuess,
aExtra,
&shouldLoad,
GetContentPolicy());
GetContentPolicy(),
sSecurityManager);
NS_ENSURE_SUCCESS(rv, rv);
if (NS_CP_REJECTED(shouldLoad)) {
return NS_ERROR_CONTENT_BLOCKED;
@ -3642,6 +3640,10 @@ nsContentUtils::CheckSecurityBeforeLoad(nsIURI* aURIToLoad,
SchemeIs(aURIToLoad, "chrome"))) {
return NS_OK;
}
nsCOMPtr<nsIURI> loadingURI;
rv = aLoadingPrincipal->GetURI(getter_AddRefs(loadingURI));
NS_ENSURE_SUCCESS(rv, rv);
return sSecurityManager->CheckSameOriginURI(loadingURI, aURIToLoad);
}

View File

@ -891,12 +891,14 @@ nsObjectLoadingContent::LoadObject(nsIURI* aURI,
rv =
NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_OBJECT,
aURI,
doc->GetDocumentURI(),
nsnull,
doc->NodePrincipal(),
static_cast<nsIImageLoadingContent*>(this),
aTypeHint,
nsnull, //extra
&shouldLoad,
nsContentUtils::GetContentPolicy());
nsContentUtils::GetContentPolicy(),
nsContentUtils::GetSecurityManager());
if (NS_FAILED(rv) || NS_CP_REJECTED(shouldLoad)) {
// Must call UnloadContent first, as it overwrites
// mSuppressed/mUserDisabled. It also takes care of setting the type to

View File

@ -425,15 +425,16 @@ nsScriptLoader::ProcessScriptElement(nsIScriptElement *aElement)
// After the security manager, the content-policy stuff gets a veto
PRInt16 shouldLoad = nsIContentPolicy::ACCEPT;
nsIURI *docURI = mDocument->GetDocumentURI();
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_SCRIPT,
scriptURI,
docURI,
nsnull,
mDocument->NodePrincipal(),
aElement,
NS_LossyConvertUTF16toASCII(type),
nsnull, //extra
&shouldLoad,
nsContentUtils::GetContentPolicy());
nsContentUtils::GetContentPolicy(),
nsContentUtils::GetSecurityManager());
if (NS_FAILED(rv) || NS_CP_REJECTED(shouldLoad)) {
if (NS_FAILED(rv) || shouldLoad != nsIContentPolicy::REJECT_TYPE) {
return NS_ERROR_CONTENT_BLOCKED;

View File

@ -1264,11 +1264,14 @@ nsXMLHttpRequest::OpenRequest(const nsACString& method,
PRInt16 shouldLoad = nsIContentPolicy::ACCEPT;
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_XMLHTTPREQUEST,
uri,
(doc ? doc->GetDocumentURI() : nsnull),
nsnull,
(doc ? doc->NodePrincipal() : nsnull),
doc,
EmptyCString(), //mime guess
nsnull, //extra
&shouldLoad);
&shouldLoad,
nsContentUtils::GetContentPolicy(),
nsContentUtils::GetSecurityManager());
if (NS_FAILED(rv)) return rv;
if (NS_CP_REJECTED(shouldLoad)) {
// Disallowed by content policy

View File

@ -186,15 +186,23 @@ ImageListener::OnStartRequest(nsIRequest* request, nsISupports *ctxt)
nsCAutoString mimeType;
channel->GetContentType(mimeType);
nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager();
nsCOMPtr<nsIPrincipal> channelPrincipal;
if (secMan) {
secMan->GetChannelPrincipal(channel, getter_AddRefs(channelPrincipal));
}
PRInt16 decision = nsIContentPolicy::ACCEPT;
nsresult rv = NS_CheckContentProcessPolicy(nsIContentPolicy::TYPE_IMAGE,
channelURI,
nsnull,
channelPrincipal,
domWindow->GetFrameElementInternal(),
mimeType,
nsnull,
&decision,
nsContentUtils::GetContentPolicy());
nsContentUtils::GetContentPolicy(),
secMan);
if (NS_FAILED(rv) || NS_CP_REJECTED(decision)) {
request->Cancel(NS_ERROR_CONTENT_BLOCKED);

View File

@ -110,6 +110,7 @@ nsXBLResourceLoader::LoadResources(PRBool* aResult)
nsICSSLoader* cssLoader = doc->CSSLoader();
nsIURI *docURL = doc->GetDocumentURI();
nsIPrincipal* docPrincipal = doc->NodePrincipal();
nsCOMPtr<nsIURI> url;
@ -122,7 +123,7 @@ nsXBLResourceLoader::LoadResources(PRBool* aResult)
continue;
if (curr->mType == nsGkAtoms::image) {
if (!nsContentUtils::CanLoadImage(url, doc, doc, doc->NodePrincipal())) {
if (!nsContentUtils::CanLoadImage(url, doc, doc, docPrincipal)) {
// We're not permitted to load this image, move on...
continue;
}
@ -131,7 +132,7 @@ nsXBLResourceLoader::LoadResources(PRBool* aResult)
// Passing NULL for pretty much everything -- cause we don't care!
// XXX: initialDocumentURI is NULL!
nsCOMPtr<imgIRequest> req;
nsContentUtils::LoadImage(url, doc, doc->NodePrincipal(), docURL, nsnull,
nsContentUtils::LoadImage(url, doc, docPrincipal, docURL, nsnull,
nsIRequest::LOAD_BACKGROUND,
getter_AddRefs(req));
}
@ -155,7 +156,7 @@ nsXBLResourceLoader::LoadResources(PRBool* aResult)
}
else
{
rv = cssLoader->LoadSheet(url, docURL, doc->NodePrincipal(), this);
rv = cssLoader->LoadSheet(url, docPrincipal, this);
if (NS_SUCCEEDED(rv))
++mPendingSheets;
}

View File

@ -763,12 +763,14 @@ nsXMLContentSink::ProcessStyleLink(nsIContent* aElement,
PRInt16 decision = nsIContentPolicy::ACCEPT;
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_STYLESHEET,
url,
mDocument->GetDocumentURI(),
nsnull,
mDocument->NodePrincipal(),
aElement,
type,
nsnull,
&decision,
nsContentUtils::GetContentPolicy());
nsContentUtils::GetContentPolicy(),
nsContentUtils::GetSecurityManager());
NS_ENSURE_SUCCESS(rv, rv);

View File

@ -448,9 +448,11 @@ CheckLoadURI(nsIURI *aUri, nsIURI *aReferrerUri,
// Then do a content policy check.
PRInt16 decision = nsIContentPolicy::ACCEPT;
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_STYLESHEET,
aUri, aReferrerUri, aContext,
aUri, nsnull, aReferrerPrincipal, aContext,
NS_LITERAL_CSTRING("application/xml"), nsnull,
&decision);
&decision,
nsContentUtils::GetContentPolicy(),
nsContentUtils::GetSecurityManager());
NS_ENSURE_SUCCESS(rv, rv);
return NS_CP_REJECTED(decision) ? NS_ERROR_XSLT_LOAD_BLOCKED_ERROR : NS_OK;
@ -473,9 +475,9 @@ protected:
nsAutoRefCnt mRefCnt;
private:
nsCOMPtr<nsIPrincipal> mCallerPrincipal;
nsRefPtr<txMozillaXSLTProcessor> mProcessor;
nsCOMPtr<nsILoadGroup> mLoadGroup;
nsCOMPtr<nsIPrincipal> mCallerPrincipal;
protected:
// This exists solely to suppress a warning from nsDerivedSafe

View File

@ -3700,7 +3700,7 @@ nsXULDocument::AddPrototypeSheets()
nsCOMPtr<nsIURI> uri = sheets[i];
nsCOMPtr<nsICSSStyleSheet> incompleteSheet;
rv = CSSLoader()->LoadSheet(uri, mCurrentPrototype->GetURI(),
rv = CSSLoader()->LoadSheet(uri,
mCurrentPrototype->DocumentPrincipal(),
this, getter_AddRefs(incompleteSheet));

View File

@ -6380,9 +6380,11 @@ nsDocShell::InternalLoad(nsIURI * aURI,
if (!context) {
context = mScriptGlobal;
}
// XXXbz would be nice to know the loading principal here... but we don't
rv = NS_CheckContentLoadPolicy(contentType,
aURI,
aReferrer,
nsnull,
context,
EmptyCString(), //mime guess
nsnull, //extra

View File

@ -220,14 +220,10 @@ CheckPingURI(nsIURI* uri, nsIContent* content)
// Check with contentpolicy
PRInt16 shouldLoad = nsIContentPolicy::ACCEPT;
nsIURI* docURI = nsnull;
nsIDocument* doc = content->GetOwnerDoc();
if (doc) {
docURI = doc->GetDocumentURI();
}
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_PING,
uri,
docURI,
nsnull,
content->NodePrincipal(),
content,
EmptyCString(), // mime hint
nsnull, //extra

View File

@ -3552,7 +3552,7 @@ nsHTMLEditor::ReplaceStyleSheet(const nsAString& aURL)
rv = NS_NewURI(getter_AddRefs(uaURI), aURL);
NS_ENSURE_SUCCESS(rv, rv);
rv = cssLoader->LoadSheet(uaURI, nsnull, nsnull, this);
rv = cssLoader->LoadSheet(uaURI, nsnull, this);
NS_ENSURE_SUCCESS(rv, rv);
return NS_OK;

View File

@ -69,6 +69,8 @@ REQUIRES = xpcom \
locale \
embed_base \
view \
caps \
xpconnect \
$(NULL)
ifdef MOZ_PHOENIX

View File

@ -60,6 +60,9 @@ REQUIRES = xpcom \
layout \
pref \
docshell \
caps \
xpconnect \
js \
$(NULL)
CPPSRCS = \

View File

@ -920,7 +920,6 @@ CSSLoaderImpl::IsAlternate(const nsAString& aTitle, PRBool aHasAlternateRel)
* CheckLoadAllowed will return success if the load is allowed,
* failure otherwise.
*
* @param aSourceURI the uri of the document or parent sheet loading the sheet
* @param aSourcePrincipal the principal of the node or document or parent
* sheet loading the sheet
* @param aTargetURI the uri of the sheet to be loaded
@ -928,8 +927,7 @@ CSSLoaderImpl::IsAlternate(const nsAString& aTitle, PRBool aHasAlternateRel)
* owning the stylesheet (possibly indirectly, for child sheets)
*/
nsresult
CSSLoaderImpl::CheckLoadAllowed(nsIURI* aSourceURI,
nsIPrincipal* aSourcePrincipal,
CSSLoaderImpl::CheckLoadAllowed(nsIPrincipal* aSourcePrincipal,
nsIURI* aTargetURI,
nsISupports* aContext)
{
@ -946,22 +944,22 @@ CSSLoaderImpl::CheckLoadAllowed(nsIURI* aSourceURI,
if (NS_FAILED(rv)) { // failure is normal here; don't warn
return rv;
}
}
LOG((" Passed security check"));
if (aSourceURI) {
// Check with content policy
PRInt16 shouldLoad = nsIContentPolicy::ACCEPT;
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_STYLESHEET,
aTargetURI,
aSourceURI,
nsnull,
aSourcePrincipal,
aContext,
NS_LITERAL_CSTRING("text/css"),
nsnull, //extra param
&shouldLoad,
nsContentUtils::GetContentPolicy());
nsContentUtils::GetContentPolicy(),
nsContentUtils::GetSecurityManager());
if (NS_FAILED(rv) || NS_CP_REJECTED(shouldLoad)) {
LOG((" Load blocked by content policy"));
@ -1772,10 +1770,6 @@ CSSLoaderImpl::LoadStyleLink(nsIContent* aElement,
NS_ENSURE_TRUE(mDocument, NS_ERROR_NOT_INITIALIZED);
// Check whether we should even load
nsIURI *docURI = mDocument->GetDocumentURI();
if (!docURI) return NS_ERROR_FAILURE;
nsIPrincipal* principal =
aElement ? aElement->NodePrincipal() : mDocument->NodePrincipal();
@ -1783,7 +1777,7 @@ CSSLoaderImpl::LoadStyleLink(nsIContent* aElement,
if (!context) {
context = mDocument;
}
nsresult rv = CheckLoadAllowed(docURI, principal, aURL, context);
nsresult rv = CheckLoadAllowed(principal, aURL, context);
if (NS_FAILED(rv)) return rv;
LOG((" Passed load check"));
@ -1865,17 +1859,12 @@ CSSLoaderImpl::LoadChildSheet(nsICSSStyleSheet* aParentSheet,
LOG_URI(" Child uri: '%s'", aURL);
// Check whether we should even load
nsCOMPtr<nsIURI> sheetURI;
nsresult rv = aParentSheet->GetSheetURI(getter_AddRefs(sheetURI));
if (NS_FAILED(rv) || !sheetURI) return NS_ERROR_FAILURE;
nsCOMPtr<nsIDOMNode> owningNode;
// check for an owning document: if none, don't bother walking up the parent
// sheets
nsCOMPtr<nsIDocument> owningDoc;
rv = aParentSheet->GetOwningDocument(*getter_AddRefs(owningDoc));
nsresult rv = aParentSheet->GetOwningDocument(*getter_AddRefs(owningDoc));
if (NS_SUCCEEDED(rv) && owningDoc) {
nsCOMPtr<nsIDOMStyleSheet> nextParentSheet(do_QueryInterface(aParentSheet));
NS_ENSURE_TRUE(nextParentSheet, NS_ERROR_FAILURE); //Not a stylesheet!?
@ -1896,7 +1885,7 @@ CSSLoaderImpl::LoadChildSheet(nsICSSStyleSheet* aParentSheet,
}
nsIPrincipal* principal = aParentSheet->Principal();
rv = CheckLoadAllowed(sheetURI, principal, aURL, context);
rv = CheckLoadAllowed(principal, aURL, context);
if (NS_FAILED(rv)) return rv;
LOG((" Passed load check"));
@ -1984,37 +1973,34 @@ CSSLoaderImpl::LoadSheetSync(nsIURI* aURL, PRBool aAllowUnsafeRules,
{
LOG(("CSSLoaderImpl::LoadSheetSync"));
return InternalLoadNonDocumentSheet(aURL, aAllowUnsafeRules, nsnull,
nsnull, aSheet, nsnull);
aSheet, nsnull);
}
NS_IMETHODIMP
CSSLoaderImpl::LoadSheet(nsIURI* aURL,
nsIURI* aOriginURI,
nsIPrincipal* aOriginPrincipal,
nsICSSLoaderObserver* aObserver,
nsICSSStyleSheet** aSheet)
{
LOG(("CSSLoaderImpl::LoadSheet(aURL, aObserver, aSheet) api call"));
NS_PRECONDITION(aSheet, "aSheet is null");
return InternalLoadNonDocumentSheet(aURL, PR_FALSE, aOriginURI,
aOriginPrincipal, aSheet, aObserver);
return InternalLoadNonDocumentSheet(aURL, PR_FALSE, aOriginPrincipal,
aSheet, aObserver);
}
NS_IMETHODIMP
CSSLoaderImpl::LoadSheet(nsIURI* aURL,
nsIURI* aOriginURI,
nsIPrincipal* aOriginPrincipal,
nsICSSLoaderObserver* aObserver)
{
LOG(("CSSLoaderImpl::LoadSheet(aURL, aObserver) api call"));
return InternalLoadNonDocumentSheet(aURL, PR_FALSE, aOriginURI,
aOriginPrincipal, nsnull, aObserver);
return InternalLoadNonDocumentSheet(aURL, PR_FALSE, aOriginPrincipal,
nsnull, aObserver);
}
nsresult
CSSLoaderImpl::InternalLoadNonDocumentSheet(nsIURI* aURL,
PRBool aAllowUnsafeRules,
nsIURI* aOriginURI,
nsIPrincipal* aOriginPrincipal,
nsICSSStyleSheet** aSheet,
nsICSSLoaderObserver* aObserver)
@ -2034,7 +2020,7 @@ CSSLoaderImpl::InternalLoadNonDocumentSheet(nsIURI* aURL,
return NS_ERROR_NOT_AVAILABLE;
}
nsresult rv = CheckLoadAllowed(aOriginURI, aOriginPrincipal, aURL, mDocument);
nsresult rv = CheckLoadAllowed(aOriginPrincipal, aURL, mDocument);
if (NS_FAILED(rv)) {
return rv;
}

View File

@ -342,13 +342,11 @@ public:
nsICSSStyleSheet** aSheet);
NS_IMETHOD LoadSheet(nsIURI* aURL,
nsIURI* aOriginURI,
nsIPrincipal* aOriginPrincipal,
nsICSSLoaderObserver* aObserver,
nsICSSStyleSheet** aSheet);
NS_IMETHOD LoadSheet(nsIURI* aURL,
nsIURI* aOriginURI,
nsIPrincipal* aOriginPrincipal,
nsICSSLoaderObserver* aObserver);
@ -379,10 +377,9 @@ public:
PRBool IsAlternate(const nsAString& aTitle, PRBool aHasAlternateRel);
private:
// Note: null aSourceURI or aSourcePrincipal indicates that the content
// policy or CheckLoadURI checks (respectively) should be skipped.
nsresult CheckLoadAllowed(nsIURI* aSourceURI,
nsIPrincipal* aSourcePrincipal,
// Note: null aSourcePrincipal indicates that the content policy and
// CheckLoadURI checks should be skipped.
nsresult CheckLoadAllowed(nsIPrincipal* aSourcePrincipal,
nsIURI* aTargetURI,
nsISupports* aContext);
@ -418,7 +415,6 @@ private:
nsresult InternalLoadNonDocumentSheet(nsIURI* aURL,
PRBool aAllowUnsafeRules,
nsIURI* aOriginURI,
nsIPrincipal* aOriginPrincipal,
nsICSSStyleSheet** aSheet,
nsICSSLoaderObserver* aObserver);

View File

@ -58,10 +58,10 @@ class nsICSSImportRule;
class nsIPrincipal;
// IID for the nsICSSLoader interface
// eed4ac28-0add-43a7-84bf-fb53109ae40c
// 0c6d7e76-dddc-4727-b557-7ef531127e11
#define NS_ICSS_LOADER_IID \
{ 0xeed4ac28, 0x0add, 0x43a7, \
{ 0x84, 0xbf, 0xfb, 0x53, 0x10, 0x9a, 0xe4, 0x0c } }
{ 0x0c6d7e76, 0xdddc, 0x4727, \
{ 0xb5, 0x57, 0x7e, 0xf5, 0x31, 0x12, 0x7e, 0x11 } }
typedef void (*nsCSSLoaderCallbackFunc)(nsICSSStyleSheet* aSheet, void *aData, PRBool aDidNotify);
@ -203,9 +203,6 @@ public:
* sheets not associated with a document.
*
* @param aURL the URL of the sheet to load
* @param aOriginURI the URI the load originated from, for content policy
* checks. This can be null to indicate that these checks
* should be skipped.
* @param aOriginPrincipal the principal to use for security checks. This
* can be null to indicate that these checks should
* be skipped.
@ -215,7 +212,6 @@ public:
* not be loaded by the time this method returns.
*/
NS_IMETHOD LoadSheet(nsIURI* aURL,
nsIURI* aOriginURI,
nsIPrincipal* aOriginPrincipal,
nsICSSLoaderObserver* aObserver,
nsICSSStyleSheet** aSheet) = 0;
@ -225,7 +221,6 @@ public:
* not-yet-loaded sheet.
*/
NS_IMETHOD LoadSheet(nsIURI* aURL,
nsIURI* aOriginURI,
nsIPrincipal* aOriginPrincipal,
nsICSSLoaderObserver* aObserver) = 0;

View File

@ -3457,7 +3457,8 @@ NS_IMETHODIMP nsPluginHostImpl::InstantiateEmbeddedPlugin(const char *aMimeType,
nsresult rv =
NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_OBJECT,
aURL,
doc->GetDocumentURI(),
nsnull,
doc->NodePrincipal(),
elem,
nsDependentCString(aMimeType ? aMimeType : ""),
nsnull, //extra
@ -5909,7 +5910,8 @@ NS_IMETHODIMP nsPluginHostImpl::NewPluginURLStream(const nsString& aURL,
PRInt16 shouldLoad = nsIContentPolicy::ACCEPT;
rv = NS_CheckContentLoadPolicy(nsIContentPolicy::TYPE_OBJECT_SUBREQUEST,
url,
(doc ? doc->GetDocumentURI() : nsnull),
nsnull,
(doc ? doc->NodePrincipal() : nsnull),
element,
EmptyCString(), //mime guess
nsnull, //extra