Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-11 12:25:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1353844 - Part 1: Parse origin strings correctly in SessionStorage::restore, r=mikedeboer

Browse Source 
MozReview-Commit-ID: CL459U1jU3I
This commit is contained in:
Michael Layzell 2017-04-05 15:15:56 -04:00
parent 262bf8b5a6
commit 23b5bdff04
1 changed files with 22 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
browser/components/sessionstore/SessionStorage.jsm
View File

@ -29,9 +29,9 @@ this.SessionStorage = Object.freeze({
* That tab's docshell (containing the sessionStorage)
* @param frameTree
* The docShell's FrameTree instance.
* @return Returns a nested object that will have hosts as keys and per-host
* @return Returns a nested object that will have hosts as keys and per-origin
* session storage data as strings. For example:
* {"example.com": {"key": "value", "my_number": "123"}}
* {"https://example.com^userContextId=1": {"key": "value", "my_number": "123"}}
*/
collect(docShell, frameTree) {
return SessionStorageInternal.collect(docShell, frameTree);
@ -43,8 +43,8 @@ this.SessionStorage = Object.freeze({
* A tab's docshell (containing the sessionStorage)
* @param aStorageData
* A nested object with storage data to be restored that has hosts as
* keys and per-host session storage data as strings. For example:
* {"example.com": {"key": "value", "my_number": "123"}}
* keys and per-origin session storage data as strings. For example:
* {"https://example.com^userContextId=1": {"key": "value", "my_number": "123"}}
*/
restore(aDocShell, aStorageData) {
SessionStorageInternal.restore(aDocShell, aStorageData);
@ -58,9 +58,9 @@ var SessionStorageInternal = {
* A tab's docshell (containing the sessionStorage)
* @param frameTree
* The docShell's FrameTree instance.
* @return Returns a nested object that will have hosts as keys and per-host
* @return Returns a nested object that will have hosts as keys and per-origin
* session storage data as strings. For example:
* {"example.com": {"key": "value", "my_number": "123"}}
* {"https://example.com^userContextId=1": {"key": "value", "my_number": "123"}}
*/
collect(docShell, frameTree) {
let data = {};
@ -105,8 +105,8 @@ var SessionStorageInternal = {
* A tab's docshell (containing the sessionStorage)
* @param aStorageData
* A nested object with storage data to be restored that has hosts as
* keys and per-host session storage data as strings. For example:
* {"example.com": {"key": "value", "my_number": "123"}}
* keys and per-origin session storage data as strings. For example:
* {"https://example.com^userContextId=1": {"key": "value", "my_number": "123"}}
*/
restore(aDocShell, aStorageData) {
for (let origin of Object.keys(aStorageData)) {
@ -115,9 +115,21 @@ var SessionStorageInternal = {
let principal;
try {
// NOTE: In capture() we record the full origin for the URI which the
// sessionStorage is being captured for. As of bug 1235657 this code
// stopped parsing any origins which have originattributes correctly, as
// it decided to use the origin attributes from the docshell, and try to
// interpret the origin as a URI. Since bug 1353844 this code now correctly
// parses the full origin, and then discards the origin attributes, to
// make the behavior line up with the original intentions in bug 1235657
// while preserving the ability to read all session storage from
// previous versions. In the future, if this behavior is desired, we may
// want to use the spec instead of the origin as the key, and avoid
// transmitting origin attribute information which we then discard when
// restoring.
let attrs = aDocShell.getOriginAttributes();
let originURI = Services.io.newURI(origin);
principal = Services.scriptSecurityManager.createCodebasePrincipal(originURI, attrs);
let dataPrincipal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(origin);
principal = Services.scriptSecurityManager.createCodebasePrincipal(dataPrincipal.URI, attrs);
} catch (e) {
console.error(e);
continue;