Bug 127938 - chrome scripts should be exempt from the security check put in for

bug 105050, on access to the opener property when the opener is a mail window.
r=pavlov, sr=jst, a=leaf.
This commit is contained in:
mstoltz%netscape.com 2002-02-28 00:22:59 +00:00
parent 3b2cd6327b
commit 18c8067fae
3 changed files with 43 additions and 1 deletions

View File

@ -198,6 +198,12 @@ interface nsIScriptSecurityManager : nsIXPCSecurityManager
[noscript] nsIPrincipal getObjectPrincipal(in JSContextPtr cx,
in JSObjectPtr obj);
/**
* Returns true if the principal of the currently running script is the
* system principal, false otherwise.
*/
boolean subjectPrincipalIsSystem();
/**
* Forget all currently stored security policies and reread from prefs.
* This must be called after any capability.policy prefs have changed.

View File

@ -1248,6 +1248,31 @@ nsScriptSecurityManager::GetSystemPrincipal(nsIPrincipal **result)
return NS_OK;
}
NS_IMETHODIMP
nsScriptSecurityManager::SubjectPrincipalIsSystem(PRBool* aIsSystem)
{
NS_ENSURE_ARG_POINTER(aIsSystem);
*aIsSystem = PR_FALSE;
if (!mSystemPrincipal)
return NS_OK;
nsCOMPtr<nsIPrincipal> subject;
nsresult rv = GetSubjectPrincipal(getter_AddRefs(subject));
if (NS_FAILED(rv))
return rv;
if(!subject)
{
// No subject principal means no JS is running;
// this is the equivalent of system principal code
*aIsSystem = PR_TRUE;
return NS_OK;
}
return mSystemPrincipal->Equals(subject, aIsSystem);
}
NS_IMETHODIMP
nsScriptSecurityManager::GetCertificatePrincipal(const char* aCertID,
nsIPrincipal **result)
@ -2708,7 +2733,6 @@ nsScriptSecurityManager::InitPrefs()
PRUint32 prefCount;
char** prefNames;
//-- Set a callback for policy changes
// Registering the security manager as an observer to the
// profile-after-change topic. We will build up the policy table
// after the initial profile loads and after profile switches.

View File

@ -1194,6 +1194,18 @@ NS_IMETHODIMP
GlobalWindowImpl::GetOpener(nsIDOMWindowInternal** aOpener)
{
*aOpener = nsnull;
// First, check if we were called from a privileged chrome script
nsCOMPtr<nsIScriptSecurityManager> secMan(
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID));
NS_ENSURE_TRUE(secMan, NS_ERROR_FAILURE);
PRBool inChrome;
nsresult rv = secMan->SubjectPrincipalIsSystem(&inChrome);
if (NS_SUCCEEDED(rv) && inChrome) {
*aOpener = mOpener;
NS_IF_ADDREF(*aOpener);
return NS_OK;
}
// We don't want to reveal the opener if the opener is a mail window,
// because opener can be used to spoof the contents of a message (bug 105050).
// So, we look in the opener's root docshell to see if it's a mail window.