Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-08 10:44:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1560455 - rename CodebasePrincipal to ContentPrincipal. r=ckerschb

Browse Source 
Differential Revision: https://phabricator.services.mozilla.com/D35504

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Jonathan Kingston 2019-07-08 16:37:45 +00:00
parent 3fda739793
commit 31441f82ea
256 changed files with 651 additions and 657 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
browser/base/content/browser-contentblocking.js
View File

@ -728,7 +728,7 @@ var ThirdPartyCookies = {
}
}
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
origin
);
// Cookie exceptions get "inherited" from parent- to sub-domain, so we need to

2
browser/base/content/browser.js
View File

@ -8314,7 +8314,7 @@ var CanvasPermissionPromptHelper = {
1
);
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
aData
);

2
browser/base/content/pageinfo/pageInfo.js
View File

@ -410,7 +410,7 @@ function loadPageInfo(frameOuterWindowID, imageElement, browser) {
uri.spec.startsWith("about:certerror")
) {
uri = browser.currentURI;
principal = Services.scriptSecurityManager.createCodebasePrincipal(
principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
browser.contentPrincipal.originAttributes
);

6
browser/base/content/tabbrowser.js
View File

@ -6395,7 +6395,7 @@ var TabContextMenu = {
}
/* Create a triggering principal that is able to load the new tab
For codebase principals that are about: chrome: or resource: we need system to load them.
For content principals that are about: chrome: or resource: we need system to load them.
Anything other than system principal needs to have the new userContextId.
*/
let triggeringPrincipal;
@ -6422,8 +6422,8 @@ var TabContextMenu = {
triggeringPrincipal = Services.scriptSecurityManager.createNullPrincipal(
{ userContextId }
);
} else if (triggeringPrincipal.isCodebasePrincipal) {
triggeringPrincipal = Services.scriptSecurityManager.createCodebasePrincipal(
} else if (triggeringPrincipal.isContentPrincipal) {
triggeringPrincipal = Services.scriptSecurityManager.createContentPrincipal(
triggeringPrincipal.URI,
{ userContextId }
);

2
browser/base/content/test/alerts/browser_notification_open_settings.js
View File

@ -22,7 +22,7 @@ add_task(async function test_settingsOpen_observer() {
let tabPromise = BrowserTestUtils.waitForNewTab(gBrowser, expectedURL);
info("simulate a notifications-open-settings notification");
let uri = NetUtil.newURI("https://example.com");
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);

16
browser/base/content/test/caps/browser_principalSerialization_json.js
View File

@ -76,7 +76,7 @@ add_task(async function test_nullPrincipal() {
add_task(async function test_contentPrincipal() {
const contentId = "1";
// fields
const codebase = 0;
const content = 0;
// const domain = 1;
const suffix = 2;
// const csp = 3;
@ -88,33 +88,33 @@ add_task(async function test_contentPrincipal() {
let tests = [
{
input: { uri: "http://example.com/", OA: {} },
expected: `{"${contentId}":{"${codebase}":"http://example.com/"}}`,
expected: `{"${contentId}":{"${content}":"http://example.com/"}}`,
},
{
input: { uri: "http://mozilla1.com/", OA: {} },
expected: `{"${contentId}":{"${codebase}":"http://mozilla1.com/"}}`,
expected: `{"${contentId}":{"${content}":"http://mozilla1.com/"}}`,
},
{
input: { uri: "http://mozilla2.com/", OA: { userContextId: 0 } },
expected: `{"${contentId}":{"${codebase}":"http://mozilla2.com/"}}`,
expected: `{"${contentId}":{"${content}":"http://mozilla2.com/"}}`,
},
{
input: { uri: "http://mozilla3.com/", OA: { userContextId: 2 } },
expected: `{"${contentId}":{"${codebase}":"http://mozilla3.com/","${suffix}":"^userContextId=2"}}`,
expected: `{"${contentId}":{"${content}":"http://mozilla3.com/","${suffix}":"^userContextId=2"}}`,
},
{
input: { uri: "http://mozilla4.com/", OA: { privateBrowsingId: 1 } },
expected: `{"${contentId}":{"${codebase}":"http://mozilla4.com/","${suffix}":"^privateBrowsingId=1"}}`,
expected: `{"${contentId}":{"${content}":"http://mozilla4.com/","${suffix}":"^privateBrowsingId=1"}}`,
},
{
input: { uri: "http://mozilla5.com/", OA: { privateBrowsingId: 0 } },
expected: `{"${contentId}":{"${codebase}":"http://mozilla5.com/"}}`,
expected: `{"${contentId}":{"${content}":"http://mozilla5.com/"}}`,
},
];
for (let test of tests) {
let uri = Services.io.newURI(test.input.uri);
let p = Services.scriptSecurityManager.createCodebasePrincipal(
let p = Services.scriptSecurityManager.createContentPrincipal(
uri,
test.input.OA
);

2
browser/base/content/test/contextMenu/browser_utilityOverlayPrincipal.js
View File

@ -47,7 +47,7 @@ function test_openUILink_checkPrincipal() {
"sanity: correct principalToInherit"
);
ok(
content.document.nodePrincipal.isCodebasePrincipal,
content.document.nodePrincipal.isContentPrincipal,
"sanity: correct doc.nodePrincipal"
);
is(

2
browser/base/content/test/general/browser_gZipOfflineChild.js
View File

@ -9,7 +9,7 @@ const URL =
registerCleanupFunction(function() {
// Clean up after ourself
let uri = Services.io.newURI(URL);
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);

2
browser/base/content/test/general/browser_offlineQuotaNotification.js
View File

@ -12,7 +12,7 @@ const URL =
registerCleanupFunction(function() {
// Clean up after ourself
let uri = Services.io.newURI(URL);
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);

6
browser/base/content/test/general/browser_web_channel.js
View File

@ -303,7 +303,7 @@ var gTests = [
{ command: "unsolicited" },
{
browser: targetBrowser,
principal: Services.scriptSecurityManager.createCodebasePrincipal(
principal: Services.scriptSecurityManager.createContentPrincipal(
targetURI,
{}
),
@ -345,7 +345,7 @@ var gTests = [
},
async function(targetBrowser) {
let mismatchURI = Services.io.newURI(HTTP_MISMATCH_PATH);
let mismatchPrincipal = Services.scriptSecurityManager.createCodebasePrincipal(
let mismatchPrincipal = Services.scriptSecurityManager.createContentPrincipal(
mismatchURI,
{}
);
@ -360,7 +360,7 @@ var gTests = [
}
);
let targetPrincipal = Services.scriptSecurityManager.createCodebasePrincipal(
let targetPrincipal = Services.scriptSecurityManager.createContentPrincipal(
targetURI,
{}
);

2
browser/base/content/test/permissions/browser_canvas_fingerprinting_resistance.js
View File

@ -7,7 +7,7 @@
"use strict";
const kUrl = "https://example.com/";
const kPrincipal = Services.scriptSecurityManager.createCodebasePrincipal(
const kPrincipal = Services.scriptSecurityManager.createContentPrincipal(
Services.io.newURI(kUrl),
{}
);

2
browser/base/content/test/plugins/browser_subframe_access_hidden_plugins.js
View File

@ -32,7 +32,7 @@ add_task(async function test_plugin_accessible_in_subframe() {
// be activated. This permission will be cleaned up inside
// our registerCleanupFunction when the test ends.
let ssm = Services.scriptSecurityManager;
let principal = ssm.createCodebasePrincipalFromOrigin(DOMAIN_1);
let principal = ssm.createContentPrincipalFromOrigin(DOMAIN_1);
let pluginHost = Cc["@mozilla.org/plugin/host;1"].getService(
Ci.nsIPluginHost
);

6
browser/base/content/test/sanitize/browser_cookiePermission_aboutURL.js
View File

@ -7,7 +7,7 @@ function checkDataForAboutURL() {
return new Promise(resolve => {
let data = true;
let uri = Services.io.newURI("about:newtab");
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);
@ -49,7 +49,7 @@ add_task(async function deleteStorageInAboutURL() {
// Clean up.
await Sanitizer.sanitize(["cookies", "offlineApps"]);
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
"about:newtab"
);
await new Promise(aResolve => {
@ -92,7 +92,7 @@ add_task(async function deleteStorageOnlyCustomPermissionInAboutURL() {
// Clean up.
await Sanitizer.sanitize(["cookies", "offlineApps"]);
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
"about:newtab"
);
await new Promise(aResolve => {

2
browser/base/content/test/sanitize/browser_sanitize-offlineData.js
View File

@ -30,7 +30,7 @@ function hasIndexedDB(origin) {
return new Promise(resolve => {
let hasData = true;
let uri = Services.io.newURI(origin);
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);

4
browser/base/content/test/sanitize/browser_sanitizeDialog.js
View File

@ -493,7 +493,7 @@ add_task(async function test_offline_cache() {
// Prepare stuff, we will work with www.example.com
var URL = "http://www.example.com";
var URI = makeURI(URL);
var principal = Services.scriptSecurityManager.createCodebasePrincipal(
var principal = Services.scriptSecurityManager.createContentPrincipal(
URI,
{}
);
@ -575,7 +575,7 @@ add_task(async function test_offline_apps_permissions() {
// Prepare stuff, we will work with www.example.com
var URL = "http://www.example.com";
var URI = makeURI(URL);
var principal = Services.scriptSecurityManager.createCodebasePrincipal(
var principal = Services.scriptSecurityManager.createContentPrincipal(
URI,
{}
);

4
browser/base/content/test/sanitize/head.js
View File

@ -12,7 +12,7 @@ XPCOMUtils.defineLazyModuleGetters(this, {
function createIndexedDB(host, originAttributes) {
let uri = Services.io.newURI("https://" + host);
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
originAttributes
);
@ -23,7 +23,7 @@ function checkIndexedDB(host, originAttributes) {
return new Promise(resolve => {
let data = true;
let uri = Services.io.newURI("https://" + host);
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
originAttributes
);

6
browser/base/content/test/trackingUI/browser_trackingUI_cookies_subview.js
View File

@ -290,7 +290,7 @@ add_task(async function testCookiesSubViewAllowed() {
TPC_PREF,
Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER
);
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
"http://trackertest.org/"
);
Services.perms.addFromPrincipal(
@ -374,12 +374,12 @@ add_task(async function testCookiesSubViewAllowedHeuristic() {
TPC_PREF,
Ci.nsICookieService.BEHAVIOR_REJECT_TRACKER
);
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
"http://not-tracking.example.com/"
);
// Pretend that the tracker has already been interacted with
let trackerPrincipal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let trackerPrincipal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
"http://trackertest.org/"
);
Services.perms.addFromPrincipal(

2
browser/base/content/utilityOverlay.js
View File

@ -446,7 +446,7 @@ function openLinkIn(url, where, params) {
// can not do it for NullPrincipals since NullPrincipals are only
// identical if they actually are the same object (See Bug: 1346759)
function useOAForPrincipal(principal) {
if (principal && principal.isCodebasePrincipal) {
if (principal && principal.isContentPrincipal) {
let attrs = {
userContextId: aUserContextId,
privateBrowsingId:

2
browser/base/content/webext-panels.js
View File

@ -148,7 +148,7 @@ function loadPanel(extensionId, extensionUrl, browserStyle) {
getBrowser(sidebar).then(browser => {
let uri = Services.io.newURI(policy.getURL());
let triggeringPrincipal = Services.scriptSecurityManager.createCodebasePrincipal(
let triggeringPrincipal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);

2
browser/components/contextualidentity/test/browser/browser_forgetAPI_quota_clearStoragesForPrincipal.js
View File

@ -136,7 +136,7 @@ add_task(async function test_quota_clearStoragesForPrincipal() {
caUtils
);
let httpURI = caUtils.makeURI("http://" + TEST_HOST);
let httpPrincipal = Services.scriptSecurityManager.createCodebasePrincipal(
let httpPrincipal = Services.scriptSecurityManager.createContentPrincipal(
httpURI,
{}
);

4
browser/components/extensions/parent/ext-browsingData.js
View File

@ -113,7 +113,7 @@ const clearIndexedDB = async function(options) {
}
for (let item of request.result) {
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
item.origin
);
let scheme = principal.URI.scheme;
@ -182,7 +182,7 @@ const clearLocalStorage = async function(options) {
}
for (let item of request.result) {
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
item.origin
);
let host = principal.URI.hostPort;

4
browser/components/extensions/parent/ext-tabs.js
View File

@ -674,8 +674,8 @@ this.tabs = class extends ExtensionAPI {
// Make sure things like about:blank and data: URIs never inherit,
// and instead always get a NullPrincipal.
options.allowInheritPrincipal = false;
// Falling back to codebase here as about: requires it, however is safe.
principal = Services.scriptSecurityManager.createCodebasePrincipal(
// Falling back to content here as about: requires it, however is safe.
principal = Services.scriptSecurityManager.createContentPrincipal(
Services.io.newURI(url),
{
userContextId: options.userContextId,

2
browser/components/originattributes/test/browser/browser_favicon_firstParty.js
View File

@ -68,7 +68,7 @@ function clearAllPlacesFavicons() {
}
function observeFavicon(aFirstPartyDomain, aExpectedCookie, aPageURI) {
let expectedPrincipal = Services.scriptSecurityManager.createCodebasePrincipal(
let expectedPrincipal = Services.scriptSecurityManager.createContentPrincipal(
aPageURI,
{ firstPartyDomain: aFirstPartyDomain }
);

2
browser/components/originattributes/test/browser/browser_favicon_userContextId.js
View File

@ -139,7 +139,7 @@ FaviconObserver.prototype = {
reset(aUserContextId, aExpectedCookie, aPageURI, aFaviconURL) {
this._curUserContextId = aUserContextId;
this._expectedCookie = aExpectedCookie;
this._expectedPrincipal = Services.scriptSecurityManager.createCodebasePrincipal(
this._expectedPrincipal = Services.scriptSecurityManager.createContentPrincipal(
aPageURI,
{ userContextId: aUserContextId }
);

6
browser/components/originattributes/test/browser/browser_firstPartyIsolation_aboutPages.js
View File

@ -186,7 +186,7 @@ add_task(async function test_aboutURL() {
let flags = am.getURIFlags(uri);
// We load pages with URI_SAFE_FOR_UNTRUSTED_CONTENT set, this means they
// are not loaded with System Principal but with codebase principal.
// are not loaded with System Principal but with content principal.
// Also we skip pages with HIDE_FROM_ABOUTABOUT, some of them may have
// errors while loading.
if (
@ -227,8 +227,8 @@ add_task(async function test_aboutURL() {
"The about page should have firstPartyDomain set"
);
Assert.ok(
content.document.nodePrincipal.isCodebasePrincipal,
"The principal should be a codebase principal."
content.document.nodePrincipal.isContentPrincipal,
"The principal should be a content principal."
);
});

4
browser/components/originattributes/test/browser/browser_firstPartyIsolation_about_newtab.js
View File

@ -38,8 +38,8 @@ add_task(async function test_aboutNewTab() {
"about:newtab should have firstPartyDomain set"
);
Assert.ok(
content.document.nodePrincipal.isCodebasePrincipal,
"The principal should be a codebase principal."
content.document.nodePrincipal.isContentPrincipal,
"The principal should be a content principal."
);
});

2
browser/components/originattributes/test/browser/head.js
View File

@ -39,7 +39,7 @@ async function openTabInUserContext(aURL, aUserContextId) {
let originAttributes = {
userContextId: aUserContextId,
};
let triggeringPrincipal = Services.scriptSecurityManager.createCodebasePrincipal(
let triggeringPrincipal = Services.scriptSecurityManager.createContentPrincipal(
makeURI(aURL),
originAttributes
);

2
browser/components/preferences/in-content/tests/browser_bug795764_cachedisabled.js
View File

@ -6,7 +6,7 @@ function test() {
// Adding one fake site so that the SiteDataManager would run.
// Otherwise, without any site then it would just return so we would end up in not testing SiteDataManager.
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
"https://www.foo.com"
);
Services.perms.addFromPrincipal(

4
browser/components/preferences/in-content/tests/siteData/browser_siteData.js
View File

@ -5,7 +5,7 @@
function getPersistentStoragePermStatus(origin) {
let uri = Services.io.newURI(origin);
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);
@ -57,7 +57,7 @@ add_task(async function() {
// Always remember to clean up
OfflineAppCacheHelper.clear();
await new Promise(resolve => {
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
TEST_QUOTA_USAGE_ORIGIN
);
let request = Services.qms.clearStoragesForPrincipal(

4
browser/components/preferences/in-content/tests/siteData/head.js
View File

@ -229,7 +229,7 @@ async function addTestData(data) {
SiteDataTestUtils.addToCookies(site.origin, Cu.now());
}
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
site.origin
);
hosts.push(principal.URI.host);
@ -273,7 +273,7 @@ function promiseServiceWorkersCleared() {
function promiseServiceWorkerRegisteredFor(url) {
return BrowserTestUtils.waitForCondition(() => {
try {
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
url
);
let sw = serviceWorkerManager.getRegistrationByPrincipal(

4
browser/components/preferences/permissions.js
View File

@ -211,7 +211,7 @@ var gPermissionManager = {
},
_addNewPrincipalToList(list, uri) {
list.push(Services.scriptSecurityManager.createCodebasePrincipal(uri, {}));
list.push(Services.scriptSecurityManager.createContentPrincipal(uri, {}));
// If we have ended up with an unknown scheme, the following will throw.
list[list.length - 1].origin;
},
@ -230,7 +230,7 @@ var gPermissionManager = {
// permissions from being entered by the user.
try {
let uri = Services.io.newURI(input_url);
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);

4
browser/components/preferences/translation.js
View File

@ -214,7 +214,7 @@ var gTranslationExceptions = {
onSiteDeleted() {
let removedSites = this._siteTree.getSelectedItems();
for (let origin of removedSites) {
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
origin
);
Services.perms.removeFromPrincipal(principal, kPermissionType);
@ -230,7 +230,7 @@ var gTranslationExceptions = {
this._siteTree.tree.rowCountChanged(0, -removedSites.length);
for (let origin of removedSites) {
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
origin
);
Services.perms.removeFromPrincipal(principal, kPermissionType);

4
browser/components/privatebrowsing/test/browser/browser_oa_private_browsing_window.js
View File

@ -38,8 +38,8 @@ add_task(
let triggeringPrincipal = channel.loadInfo.triggeringPrincipal;
ok(
triggeringPrincipal.isCodebasePrincipal,
"sanity check to ensure principal is a codebasePrincipal"
triggeringPrincipal.isContentPrincipal,
"sanity check to ensure principal is a contentPrincipal"
);
is(
triggeringPrincipal.URI.spec,

2
browser/components/privatebrowsing/test/browser/browser_privatebrowsing_favicon.js
View File

@ -54,7 +54,7 @@ function observeFavicon(aIsPrivate, aExpectedCookie, aPageURI) {
attr.privateBrowsingId = 1;
}
let expectedPrincipal = Services.scriptSecurityManager.createCodebasePrincipal(
let expectedPrincipal = Services.scriptSecurityManager.createContentPrincipal(
aPageURI,
attr
);

2
browser/components/safebrowsing/content/test/head.js
View File

@ -79,7 +79,7 @@ function waitForDBInit(callback) {
// The second part: we might have missed the event. Just do
// an internal database lookup to confirm if the url has been
// added.
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
Services.io.newURI(PHISH_URL),
{}
);

4
browser/components/sessionstore/SessionStore.jsm
View File

@ -5814,10 +5814,10 @@ var SessionStoreInternal = {
let { frameLoader } = browser;
if (frameLoader.remoteTab) {
let attrs = browser.contentPrincipal.originAttributes;
let dataPrincipal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let dataPrincipal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
origin
);
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
dataPrincipal.URI,
attrs
);

2
browser/components/uitour/UITour.jsm
View File

@ -1630,7 +1630,7 @@ var UITour = {
let url = "about:newtab";
aWindow.openLinkIn(url, "current", {
targetBrowser: aBrowser,
triggeringPrincipal: Services.scriptSecurityManager.createCodebasePrincipal(
triggeringPrincipal: Services.scriptSecurityManager.createContentPrincipal(
Services.io.newURI(url),
{}
),

2
browser/extensions/pdfjs/content/PdfStreamConverter.jsm
View File

@ -1129,7 +1129,7 @@ PdfStreamConverter.prototype = {
// e.g. useful for NoScript. Make make sure we reuse the origin attributes
// from the request channel to keep isolation consistent.
var uri = NetUtil.newURI(PDF_VIEWER_WEB_PAGE);
var resourcePrincipal = Services.scriptSecurityManager.createCodebasePrincipal(
var resourcePrincipal = Services.scriptSecurityManager.createContentPrincipal(
uri,
aRequest.loadInfo.originAttributes
);

2
browser/extensions/webcompat/AboutCompat.jsm
View File

@ -27,7 +27,7 @@ AboutCompat.prototype = {
const channel = Services.io.newChannelFromURIWithLoadInfo(uri, aLoadInfo);
channel.originalURI = aURI;
channel.owner = Services.scriptSecurityManager.createCodebasePrincipal(
channel.owner = Services.scriptSecurityManager.createContentPrincipal(
uri,
aLoadInfo.originAttributes
);

4
browser/modules/Sanitizer.jsm
View File

@ -780,7 +780,7 @@ class PrincipalsCollector {
let list = [];
for (let item of request.result) {
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
item.origin
);
let uri = principal.URI;
@ -824,7 +824,7 @@ class PrincipalsCollector {
// Cookies and permissions are handled by origin/host. Doesn't matter if we
// use http: or https: schema here.
principals.push(
Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
Services.scriptSecurityManager.createContentPrincipalFromOrigin(
"https://" + host
)
);

6
browser/modules/SiteDataManager.jsm
View File

@ -142,7 +142,7 @@ var SiteDataManager = {
// An non-persistent-storage site with 0 byte quota usage is redundant for us so skip it.
continue;
}
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
item.origin
);
let uri = principal.URI;
@ -212,7 +212,7 @@ var SiteDataManager = {
// A site with 0 byte appcache usage is redundant for us so skip it.
continue;
}
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
group
);
let uri = principal.URI;
@ -309,7 +309,7 @@ var SiteDataManager = {
new Promise(resolve => {
// We are clearing *All* across OAs so need to ensure a principal without suffix here,
// or the call of `clearStoragesForPrincipal` would fail.
principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
originNoSuffix
);
let request = this._qms.clearStoragesForPrincipal(

8
browser/modules/SitePermissions.jsm
View File

@ -292,7 +292,7 @@ var SitePermissions = {
}
let principal = uri
? Services.scriptSecurityManager.createCodebasePrincipal(uri, {})
? Services.scriptSecurityManager.createContentPrincipal(uri, {})
: null;
return this.getAllByPrincipal(principal);
},
@ -572,7 +572,7 @@ var SitePermissions = {
}
let principal = uri
? Services.scriptSecurityManager.createCodebasePrincipal(uri, {})
? Services.scriptSecurityManager.createContentPrincipal(uri, {})
: null;
return this.getForPrincipal(principal, permissionID, browser);
},
@ -669,7 +669,7 @@ var SitePermissions = {
}
let principal = uri
? Services.scriptSecurityManager.createCodebasePrincipal(uri, {})
? Services.scriptSecurityManager.createContentPrincipal(uri, {})
: null;
return this.setForPrincipal(principal, permissionID, state, scope, browser);
},
@ -788,7 +788,7 @@ var SitePermissions = {
}
let principal = uri
? Services.scriptSecurityManager.createCodebasePrincipal(uri, {})
? Services.scriptSecurityManager.createContentPrincipal(uri, {})
: null;
return this.removeFromPrincipal(principal, permissionID, browser);
},

2
browser/modules/webrtcUI.jsm
View File

@ -475,7 +475,7 @@ function prompt(aBrowser, aRequest) {
requestTypes,
} = aRequest;
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
aRequest.origin
);

16
build/win32/orderfile.txt
View File

@ -3700,15 +3700,15 @@ NS_NewWindowsRegKey
?Construct_nsIScriptSecurityManager@@YA?AW4nsresult@@PAVnsISupports@@ABUnsID@@PAPAX@Z
?QueryInterface@nsScriptSecurityManager@@UAG?AW4nsresult@@ABUnsID@@PAPAX@Z
?Release@nsScriptSecurityManager@@UAGKXZ
?CreateCodebasePrincipal@nsScriptSecurityManager@@UAG?AW4nsresult@@PAVnsIURI@@V?$Handle@TValue@JS@@@JS@@PAUJSContext@@PAPAVnsIPrincipal@@@Z
?CreateContentPrincipal@nsScriptSecurityManager@@UAG?AW4nsresult@@PAVnsIURI@@V?$Handle@TValue@JS@@@JS@@PAUJSContext@@PAPAVnsIPrincipal@@@Z
?InitIds@OriginAttributesDictionary@dom@mozilla@@CA_NPAUJSContext@@PAUOriginAttributesDictionaryAtoms@23@@Z
??$emplace@AAPAUJSContext@@PAVJSObject@@@?$Maybe@V?$Rooted@PAVJSObject@@@JS@@@mozilla@@QAEXAAPAUJSContext@@$$QAPAVJSObject@@@Z
??$emplace@AAPAUJSContext@@@?$Maybe@V?$Rooted@TValue@JS@@@JS@@@mozilla@@QAEXAAPAUJSContext@@@Z
?CreateCodebasePrincipal@BasePrincipal@mozilla@@SA?AU?$already_AddRefed@VBasePrincipal@mozilla@@@@PAVnsIURI@@ABVOriginAttributes@2@@Z
?CreateContentPrincipal@BasePrincipal@mozilla@@SA?AU?$already_AddRefed@VBasePrincipal@mozilla@@@@PAVnsIURI@@ABVOriginAttributes@2@@Z
?GenerateOriginNoSuffixFromURI@ContentPrincipal@mozilla@@SA?AW4nsresult@@PAVnsIURI@@AAV?$nsTSubstring@D@@@Z
?NS_GetInnermostURI@@YA?AU?$already_AddRefed@VnsIURI@@@@PAVnsIURI@@@Z
?GetBlobURLPrincipal@BlobURLProtocolHandler@dom@mozilla@@SA_NPAVnsIURI@@PAPAVnsIPrincipal@@@Z
?CreateCodebasePrincipal@BasePrincipal@mozilla@@CA?AU?$already_AddRefed@VBasePrincipal@mozilla@@@@PAVnsIURI@@ABVOriginAttributes@2@ABV?$nsTSubstring@D@@@Z
?CreateContentPrincipal@BasePrincipal@mozilla@@CA?AU?$already_AddRefed@VBasePrincipal@mozilla@@@@PAVnsIURI@@ABVOriginAttributes@2@ABV?$nsTSubstring@D@@@Z
?GetFlagsForURI@ExtensionProtocolHandler@net@mozilla@@UAG?AW4nsresult@@PAVnsIURI@@PAI@Z
??0URLInfo@extensions@mozilla@@QAE@PAVnsIURI@@@Z
?GetByURL@ExtensionPolicyService@mozilla@@QAEPAVWebExtensionPolicy@extensions@2@ABVURLInfo@42@@Z
@ -15479,7 +15479,7 @@ Gecko_DestroyAnonymousContentList
?SendRpcMessage@nsFrameMessageManager@@QAEXPAUJSContext@@ABV?$nsTSubstring@_S@@V?$Handle@TValue@JS@@@JS@@V?$Handle@PAVJSObject@@@5@PAVnsIPrincipal@@AAV?$nsTArray@TValue@JS@@@@AAVErrorResult@mozilla@@@Z
?GetContent@InProcessTabChildMessageManager@dom@mozilla@@UAE?AU?$Nullable@VWindowProxyHolder@dom@mozilla@@@23@AAVErrorResult@3@@Z
?MaybeCreateDoc@nsPIDOMWindowOuter@@IAEXXZ
?GetLoadContextCodebasePrincipal@nsScriptSecurityManager@@UAG?AW4nsresult@@PAVnsIURI@@PAVnsILoadContext@@PAPAVnsIPrincipal@@@Z
?GetLoadContextContentPrincipal@nsScriptSecurityManager@@UAG?AW4nsresult@@PAVnsIURI@@PAVnsILoadContext@@PAPAVnsIPrincipal@@@Z
?GetNearestWidget@nsView@@QBEPAVnsIWidget@@PAUnsPoint@@@Z
?GetNearestWidget@nsView@@QBEPAVnsIWidget@@PAUnsPoint@@H@Z
?InvalidateHierarchy@nsView@@AAEXXZ
@ -19217,7 +19217,7 @@ Gecko_BeginWritingCString
?UpdateAggregateCallbacks@nsHttpChannel@net@mozilla@@AAEXXZ
?SetLoadFlags@HttpBaseChannel@net@mozilla@@UAG?AW4nsresult@@I@Z
?SetInheritApplicationCache@nsHttpChannel@net@mozilla@@UAG?AW4nsresult@@_N@Z
?GetDocShellCodebasePrincipal@nsScriptSecurityManager@@UAG?AW4nsresult@@PAVnsIURI@@PAVnsIDocShell@@PAPAVnsIPrincipal@@@Z
?GetDocShellContentPrincipal@nsScriptSecurityManager@@UAG?AW4nsresult@@PAVnsIURI@@PAVnsIDocShell@@PAPAVnsIPrincipal@@@Z
?NS_ShouldCheckAppCache@@YA_NPAVnsIPrincipal@@@Z
?GetInstance@nsOfflineCacheUpdateService@@SA?AU?$already_AddRefed@VnsOfflineCacheUpdateService@@@@XZ
??0nsOfflineCacheUpdateService@@QAE@XZ
@ -19550,7 +19550,7 @@ XPCOMService_GetThirdPartyUtil
?GetTopLevelPrincipal@LoadInfo@net@mozilla@@UAEPAVnsIPrincipal@@XZ
?GetIsMainDocumentChannel@HttpBaseChannel@net@mozilla@@UAG?AW4nsresult@@PA_N@Z
?GetAddrInfo@net@mozilla@@YA?AW4nsresult@@ABV?$nsTSubstring@D@@GGPAPAVAddrInfo@12@_N@Z
?GetIsCodebasePrincipal@BasePrincipal@mozilla@@UAG?AW4nsresult@@PA_N@Z
?GetIsContentPrincipal@BasePrincipal@mozilla@@UAG?AW4nsresult@@PA_N@Z
?CookiePermission@CookieSettings@net@mozilla@@UAG?AW4nsresult@@PAVnsIPrincipal@@PAI@Z
?GetInstance@nsPermissionManager@@SAPAV1@XZ
?Create@nsPermission@@SA?AU?$already_AddRefed@VnsPermission@@@@PAVnsIPrincipal@@ABV?$nsTSubstring@D@@II_J@Z
@ -20982,7 +20982,7 @@ nsEscape
?ParseUserInfo@nsAuthURLParser@@UAG?AW4nsresult@@PBDHPAIPAH12@Z
?SetPort@?$TemplatedMutator@VSubstitutingURL@net@mozilla@@@nsStandardURL@net@mozilla@@EAG?AW4nsresult@@HPAPAVnsIURIMutator@@@Z
?SetPort@nsStandardURL@net@mozilla@@MAE?AW4nsresult@@H@Z
?CreateCodebasePrincipal@BasePrincipal@mozilla@@SA?AU?$already_AddRefed@VBasePrincipal@mozilla@@@@ABV?$nsTSubstring@D@@@Z
?CreateContentPrincipal@BasePrincipal@mozilla@@SA?AU?$already_AddRefed@VBasePrincipal@mozilla@@@@ABV?$nsTSubstring@D@@@Z
??0?$nsCOMPtr@VnsIBinaryInputStream@@@@QAE@XZ
?QueryInterface@nsBinaryInputStream@@UAG?AW4nsresult@@ABUnsID@@PAPAX@Z
?SetInputStream@nsBinaryInputStream@@UAG?AW4nsresult@@PAVnsIInputStream@@@Z
@ -21156,7 +21156,7 @@ nsEscape
?ShouldPrepareForIntercept@ServiceWorkerInterceptController@dom@mozilla@@UAG?AW4nsresult@@PAVnsIURI@@PAVnsIChannel@@PA_N@Z
?IsAvailable@ServiceWorkerManager@dom@mozilla@@QAE_NPAVnsIPrincipal@@PAVnsIURI@@@Z
?GetServiceWorkerRegistrationInfo@ServiceWorkerManager@dom@mozilla@@ABE?AU?$already_AddRefed@VServiceWorkerRegistrationInfo@dom@mozilla@@@@PAVnsIPrincipal@@PAVnsIURI@@@Z
?IsCodebasePrincipal@ContentPrincipal@mozilla@@UBE_NXZ
?IsContentPrincipal@ContentPrincipal@mozilla@@UBE_NXZ
??$?0$0BGL@@?$nsTLiteralString@D@@QAE@AAY0BGL@$$CBD@Z
?SetSchemaVersion@Connection@storage@mozilla@@UAG?AW4nsresult@@H@Z
?BindStringByName@Statement@storage@mozilla@@UAG?AW4nsresult@@ABV?$nsTSubstring@D@@ABV?$nsTSubstring@_S@@@Z

16
build/win64/orderfile.txt
View File

@ -3665,15 +3665,15 @@ NS_NewWindowsRegKey
?Construct_nsIScriptSecurityManager@@YA?AW4nsresult@@PEAVnsISupports@@AEBUnsID@@PEAPEAX@Z
?QueryInterface@nsScriptSecurityManager@@UEAA?AW4nsresult@@AEBUnsID@@PEAPEAX@Z
?Release@nsScriptSecurityManager@@UEAAKXZ
?CreateCodebasePrincipal@nsScriptSecurityManager@@UEAA?AW4nsresult@@PEAVnsIURI@@V?$Handle@TValue@JS@@@JS@@PEAUJSContext@@PEAPEAVnsIPrincipal@@@Z
?CreateContentPrincipal@nsScriptSecurityManager@@UEAA?AW4nsresult@@PEAVnsIURI@@V?$Handle@TValue@JS@@@JS@@PEAUJSContext@@PEAPEAVnsIPrincipal@@@Z
?InitIds@OriginAttributesDictionary@dom@mozilla@@CA_NPEAUJSContext@@PEAUOriginAttributesDictionaryAtoms@23@@Z
??$emplace@AEAPEAUJSContext@@PEAVJSObject@@@?$Maybe@V?$Rooted@PEAVJSObject@@@JS@@@mozilla@@QEAAXAEAPEAUJSContext@@$$QEAPEAVJSObject@@@Z
??$emplace@AEAPEAUJSContext@@@?$Maybe@V?$Rooted@TValue@JS@@@JS@@@mozilla@@QEAAXAEAPEAUJSContext@@@Z
?CreateCodebasePrincipal@BasePrincipal@mozilla@@SA?AU?$already_AddRefed@VBasePrincipal@mozilla@@@@PEAVnsIURI@@AEBVOriginAttributes@2@@Z
?CreateContentPrincipal@BasePrincipal@mozilla@@SA?AU?$already_AddRefed@VBasePrincipal@mozilla@@@@PEAVnsIURI@@AEBVOriginAttributes@2@@Z
?GenerateOriginNoSuffixFromURI@ContentPrincipal@mozilla@@SA?AW4nsresult@@PEAVnsIURI@@AEAV?$nsTSubstring@D@@@Z
?NS_GetInnermostURI@@YA?AU?$already_AddRefed@VnsIURI@@@@PEAVnsIURI@@@Z
?GetBlobURLPrincipal@BlobURLProtocolHandler@dom@mozilla@@SA_NPEAVnsIURI@@PEAPEAVnsIPrincipal@@@Z
?CreateCodebasePrincipal@BasePrincipal@mozilla@@CA?AU?$already_AddRefed@VBasePrincipal@mozilla@@@@PEAVnsIURI@@AEBVOriginAttributes@2@AEBV?$nsTSubstring@D@@@Z
?CreateContentPrincipal@BasePrincipal@mozilla@@CA?AU?$already_AddRefed@VBasePrincipal@mozilla@@@@PEAVnsIURI@@AEBVOriginAttributes@2@AEBV?$nsTSubstring@D@@@Z
?GetFlagsForURI@ExtensionProtocolHandler@net@mozilla@@UEAA?AW4nsresult@@PEAVnsIURI@@PEAI@Z
??0URLInfo@extensions@mozilla@@QEAA@PEAVnsIURI@@@Z
?GetByURL@ExtensionPolicyService@mozilla@@QEAAPEAVWebExtensionPolicy@extensions@2@AEBVURLInfo@42@@Z
@ -15412,7 +15412,7 @@ Gecko_DestroyAnonymousContentList
?SendRpcMessage@nsFrameMessageManager@@QEAAXPEAUJSContext@@AEBV?$nsTSubstring@_S@@V?$Handle@TValue@JS@@@JS@@V?$Handle@PEAVJSObject@@@5@PEAVnsIPrincipal@@AEAV?$nsTArray@TValue@JS@@@@AEAVErrorResult@mozilla@@@Z
?GetContent@InProcessTabChildMessageManager@dom@mozilla@@UEAA?AU?$Nullable@VWindowProxyHolder@dom@mozilla@@@23@AEAVErrorResult@3@@Z
?MaybeCreateDoc@nsPIDOMWindowOuter@@IEAAXXZ
?GetLoadContextCodebasePrincipal@nsScriptSecurityManager@@UEAA?AW4nsresult@@PEAVnsIURI@@PEAVnsILoadContext@@PEAPEAVnsIPrincipal@@@Z
?GetLoadContextContentPrincipal@nsScriptSecurityManager@@UEAA?AW4nsresult@@PEAVnsIURI@@PEAVnsILoadContext@@PEAPEAVnsIPrincipal@@@Z
?GetNearestWidget@nsView@@QEBAPEAVnsIWidget@@PEAUnsPoint@@@Z
?GetNearestWidget@nsView@@QEBAPEAVnsIWidget@@PEAUnsPoint@@H@Z
?InvalidateHierarchy@nsView@@AEAAXXZ
@ -19135,7 +19135,7 @@ Gecko_BeginWritingCString
?UpdateAggregateCallbacks@nsHttpChannel@net@mozilla@@AEAAXXZ
?SetLoadFlags@HttpBaseChannel@net@mozilla@@UEAA?AW4nsresult@@I@Z
?SetInheritApplicationCache@nsHttpChannel@net@mozilla@@UEAA?AW4nsresult@@_N@Z
?GetDocShellCodebasePrincipal@nsScriptSecurityManager@@UEAA?AW4nsresult@@PEAVnsIURI@@PEAVnsIDocShell@@PEAPEAVnsIPrincipal@@@Z
?GetDocShellContentPrincipal@nsScriptSecurityManager@@UEAA?AW4nsresult@@PEAVnsIURI@@PEAVnsIDocShell@@PEAPEAVnsIPrincipal@@@Z
?NS_ShouldCheckAppCache@@YA_NPEAVnsIPrincipal@@@Z
?GetInstance@nsOfflineCacheUpdateService@@SA?AU?$already_AddRefed@VnsOfflineCacheUpdateService@@@@XZ
??0nsOfflineCacheUpdateService@@QEAA@XZ
@ -19460,7 +19460,7 @@ XPCOMService_GetThirdPartyUtil
?IsFirstPartyStorageAccessGrantedFor@AntiTrackingCommon@mozilla@@SA_NPEAVnsIHttpChannel@@PEAVnsIURI@@PEAI@Z
?GetTopLevelPrincipal@LoadInfo@net@mozilla@@UEAAPEAVnsIPrincipal@@XZ
?GetIsMainDocumentChannel@HttpBaseChannel@net@mozilla@@UEAA?AW4nsresult@@PEA_N@Z
?GetIsCodebasePrincipal@BasePrincipal@mozilla@@UEAA?AW4nsresult@@PEA_N@Z
?GetIsContentPrincipal@BasePrincipal@mozilla@@UEAA?AW4nsresult@@PEA_N@Z
?CookiePermission@CookieSettings@net@mozilla@@UEAA?AW4nsresult@@PEAVnsIPrincipal@@PEAI@Z
?GetInstance@nsPermissionManager@@SAPEAV1@XZ
?Run@?$RunnableMethodImpl@PEAVnsHostResolver@@P81@EAAXXZ$00$0A@$$V@detail@mozilla@@UEAA?AW4nsresult@@XZ
@ -20797,7 +20797,7 @@ nsEscape
?ParseUserInfo@nsAuthURLParser@@UEAA?AW4nsresult@@PEBDHPEAIPEAH12@Z
?SetPort@?$TemplatedMutator@VSubstitutingURL@net@mozilla@@@nsStandardURL@net@mozilla@@EEAA?AW4nsresult@@HPEAPEAVnsIURIMutator@@@Z
?SetPort@nsStandardURL@net@mozilla@@MEAA?AW4nsresult@@H@Z
?CreateCodebasePrincipal@BasePrincipal@mozilla@@SA?AU?$already_AddRefed@VBasePrincipal@mozilla@@@@AEBV?$nsTSubstring@D@@@Z
?CreateContentPrincipal@BasePrincipal@mozilla@@SA?AU?$already_AddRefed@VBasePrincipal@mozilla@@@@AEBV?$nsTSubstring@D@@@Z
?flushConsoleMessages@nsCSPContext@@QEAAXXZ
?ClearAndRetainStorage@?$nsTArray_Impl@UConsoleMsgQueueElem@@UnsTArrayInfallibleAllocator@@@@QEAAXXZ
?PopulateContentSecurityPolicies@ipc@mozilla@@YA?AW4nsresult@@PEAVnsIContentSecurityPolicy@@AEAV?$nsTArray@VContentSecurityPolicy@ipc@mozilla@@@@@Z
@ -21054,7 +21054,7 @@ nsEscape
?ShouldPrepareForIntercept@ServiceWorkerInterceptController@dom@mozilla@@UEAA?AW4nsresult@@PEAVnsIURI@@PEAVnsIChannel@@PEA_N@Z
?IsAvailable@ServiceWorkerManager@dom@mozilla@@QEAA_NPEAVnsIPrincipal@@PEAVnsIURI@@@Z
?GetServiceWorkerRegistrationInfo@ServiceWorkerManager@dom@mozilla@@AEBA?AU?$already_AddRefed@VServiceWorkerRegistrationInfo@dom@mozilla@@@@PEAVnsIPrincipal@@PEAVnsIURI@@@Z
?IsCodebasePrincipal@ContentPrincipal@mozilla@@UEBA_NXZ
?IsContentPrincipal@ContentPrincipal@mozilla@@UEBA_NXZ
?GetServiceWorkerRegistrationInfo@ServiceWorkerManager@dom@mozilla@@AEBA?AU?$already_AddRefed@VServiceWorkerRegistrationInfo@dom@mozilla@@@@AEBV?$nsTSubstring@D@@PEAVnsIURI@@@Z
?FindScopeForPath@ServiceWorkerManager@dom@mozilla@@CA_NAEBV?$nsTSubstring@D@@0PEAPEAURegistrationDataPerPrincipal@123@AEAV4@@Z
?CacheQueueSize@CacheStorageService@net@mozilla@@SAI_N@Z

50
caps/BasePrincipal.cpp
View File

@ -67,7 +67,7 @@ BasePrincipal::GetSiteOrigin(nsACString& aSiteOrigin) {
// {"0":{"0":"moz-nullprincipal:{56cac540-864d-47e7-8e25-1614eab5155e}"}} ->
// {"0":"moz-nullprincipal:{56cac540-864d-47e7-8e25-1614eab5155e}"}
//
// Codebase principal:
// Content principal:
// {"1":{"0":"https://mozilla.com"}} -> {"0":"https://mozilla.com"}
//
// Expanded principal:
@ -102,7 +102,7 @@ static const Json::Value* GetPrincipalObject(const Json::Value& aRoot,
return nullptr;
}
MOZ_ASSERT(principalKind == BasePrincipal::eNullPrincipal ||
principalKind == BasePrincipal::eCodebasePrincipal ||
principalKind == BasePrincipal::eContentPrincipal ||
principalKind == BasePrincipal::eExpandedPrincipal ||
principalKind == BasePrincipal::eSystemPrincipal);
aOutPrincipalKind = principalKind;
@ -130,7 +130,7 @@ static const Json::Value* GetPrincipalObject(const Json::Value& aRoot,
// value
// - value: The string that was serialized for this key
// - key: an SerializableKeys enum value specific to the principal.
// For example content principal is an enum of: eCodebase, eDomain,
// For example content principal is an enum of: eURI, eDomain,
// eSuffix, eCSP
//
//
@ -143,7 +143,7 @@ static const Json::Value* GetPrincipalObject(const Json::Value& aRoot,
// |
// Value
//
// They Key "0" corresponds to ContentPrincipal::eCodebase
// They Key "0" corresponds to ContentPrincipal::eURI
// They Key "1" corresponds to ContentPrincipal::eSuffix
template <typename T>
static nsTArray<typename T::KeyVal> GetJSONKeys(const Json::Value* aInput) {
@ -228,7 +228,7 @@ already_AddRefed<BasePrincipal> BasePrincipal::FromJSON(
return NullPrincipal::FromProperties(res);
}
if (principalKind == eCodebasePrincipal) {
if (principalKind == eContentPrincipal) {
nsTArray<ContentPrincipal::KeyVal> res =
GetJSONKeys<ContentPrincipal>(value);
return ContentPrincipal::FromProperties(res);
@ -276,13 +276,13 @@ nsresult BasePrincipal::ToJSON(nsACString& aResult) {
bool BasePrincipal::Subsumes(nsIPrincipal* aOther,
DocumentDomainConsideration aConsideration) {
MOZ_ASSERT(aOther);
MOZ_ASSERT_IF(Kind() == eCodebasePrincipal, mOriginSuffix);
MOZ_ASSERT_IF(Kind() == eContentPrincipal, mOriginSuffix);
// Expanded principals handle origin attributes for each of their
// sub-principals individually, null principals do only simple checks for
// pointer equality, and system principals are immune to origin attributes
// checks, so only do this check for codebase principals.
if (Kind() == eCodebasePrincipal &&
// checks, so only do this check for content principals.
if (Kind() == eContentPrincipal &&
mOriginSuffix != Cast(aOther)->mOriginSuffix) {
return false;
}
@ -385,8 +385,8 @@ BasePrincipal::GetIsNullPrincipal(bool* aResult) {
}
NS_IMETHODIMP
BasePrincipal::GetIsCodebasePrincipal(bool* aResult) {
*aResult = Kind() == eCodebasePrincipal;
BasePrincipal::GetIsContentPrincipal(bool* aResult) {
*aResult = Kind() == eContentPrincipal;
return NS_OK;
}
@ -470,7 +470,7 @@ nsIPrincipal* BasePrincipal::PrincipalToInherit(nsIURI* aRequestedURI) {
return this;
}
already_AddRefed<BasePrincipal> BasePrincipal::CreateCodebasePrincipal(
already_AddRefed<BasePrincipal> BasePrincipal::CreateContentPrincipal(
nsIURI* aURI, const OriginAttributes& aAttrs) {
MOZ_ASSERT(aURI);
@ -483,17 +483,17 @@ already_AddRefed<BasePrincipal> BasePrincipal::CreateCodebasePrincipal(
return NullPrincipal::Create(aAttrs);
}
return CreateCodebasePrincipal(aURI, aAttrs, originNoSuffix);
return CreateContentPrincipal(aURI, aAttrs, originNoSuffix);
}
already_AddRefed<BasePrincipal> BasePrincipal::CreateCodebasePrincipal(
already_AddRefed<BasePrincipal> BasePrincipal::CreateContentPrincipal(
nsIURI* aURI, const OriginAttributes& aAttrs,
const nsACString& aOriginNoSuffix) {
MOZ_ASSERT(aURI);
MOZ_ASSERT(!aOriginNoSuffix.IsEmpty());
// If the URI is supposed to inherit the security context of whoever loads it,
// we shouldn't make a codebase principal for it.
// we shouldn't make a content principal for it.
bool inheritsPrincipal;
nsresult rv = NS_URIChainHasFlags(
aURI, nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT,
@ -514,7 +514,7 @@ already_AddRefed<BasePrincipal> BasePrincipal::CreateCodebasePrincipal(
}
MOZ_ASSERT(origin);
OriginAttributes attrs;
RefPtr<BasePrincipal> principal = CreateCodebasePrincipal(origin, attrs);
RefPtr<BasePrincipal> principal = CreateContentPrincipal(origin, attrs);
return principal.forget();
}
#endif
@ -527,22 +527,22 @@ already_AddRefed<BasePrincipal> BasePrincipal::CreateCodebasePrincipal(
return principal.forget();
}
// Mint a codebase principal.
RefPtr<ContentPrincipal> codebase = new ContentPrincipal();
rv = codebase->Init(aURI, aAttrs, aOriginNoSuffix);
// Mint a content principal.
RefPtr<ContentPrincipal> principal = new ContentPrincipal();
rv = principal->Init(aURI, aAttrs, aOriginNoSuffix);
NS_ENSURE_SUCCESS(rv, nullptr);
return codebase.forget();
return principal.forget();
}
already_AddRefed<BasePrincipal> BasePrincipal::CreateCodebasePrincipal(
already_AddRefed<BasePrincipal> BasePrincipal::CreateContentPrincipal(
const nsACString& aOrigin) {
MOZ_ASSERT(!StringBeginsWith(aOrigin, NS_LITERAL_CSTRING("[")),
"CreateCodebasePrincipal does not support System and Expanded "
"CreateContentPrincipal does not support System and Expanded "
"principals");
MOZ_ASSERT(!StringBeginsWith(aOrigin,
NS_LITERAL_CSTRING(NS_NULLPRINCIPAL_SCHEME ":")),
"CreateCodebasePrincipal does not support NullPrincipal");
"CreateContentPrincipal does not support NullPrincipal");
nsAutoCString originNoSuffix;
OriginAttributes attrs;
@ -554,12 +554,12 @@ already_AddRefed<BasePrincipal> BasePrincipal::CreateCodebasePrincipal(
nsresult rv = NS_NewURI(getter_AddRefs(uri), originNoSuffix);
NS_ENSURE_SUCCESS(rv, nullptr);
return BasePrincipal::CreateCodebasePrincipal(uri, attrs);
return BasePrincipal::CreateContentPrincipal(uri, attrs);
}
already_AddRefed<BasePrincipal> BasePrincipal::CloneForcingOriginAttributes(
const OriginAttributes& aOriginAttributes) {
if (NS_WARN_IF(!IsCodebasePrincipal())) {
if (NS_WARN_IF(!IsContentPrincipal())) {
return nullptr;
}
@ -567,7 +567,7 @@ already_AddRefed<BasePrincipal> BasePrincipal::CloneForcingOriginAttributes(
nsresult rv = GetOriginNoSuffix(originNoSuffix);
NS_ENSURE_SUCCESS(rv, nullptr);
nsIURI* uri = static_cast<ContentPrincipal*>(this)->mCodebase;
nsIURI* uri = static_cast<ContentPrincipal*>(this)->mURI;
RefPtr<ContentPrincipal> copy = new ContentPrincipal();
rv = copy->Init(uri, aOriginAttributes, originNoSuffix);
NS_ENSURE_SUCCESS(rv, nullptr);

24
caps/BasePrincipal.h
View File

@ -33,7 +33,7 @@ class WebExtensionPolicy;
class BasePrincipal;
// Codebase principals (and codebase principals embedded within expanded
// Content principals (and content principals embedded within expanded
// principals) stored in SiteIdentifier are guaranteed to contain only the
// eTLD+1 part of the original domain. This is used to determine whether two
// origins are same-site: if it's possible for two origins to access each other
@ -74,7 +74,7 @@ class BasePrincipal : public nsJSPrincipals {
// Only update if you know exactly what you are doing
enum PrincipalKind {
eNullPrincipal = 0,
eCodebasePrincipal,
eContentPrincipal,
eExpandedPrincipal,
eSystemPrincipal,
eKindMax = eSystemPrincipal
@ -113,7 +113,7 @@ class BasePrincipal : public nsJSPrincipals {
bool allowIfInheritsPrincipal) final;
NS_IMETHOD GetAddonPolicy(nsISupports** aResult) final;
NS_IMETHOD GetIsNullPrincipal(bool* aResult) override;
NS_IMETHOD GetIsCodebasePrincipal(bool* aResult) override;
NS_IMETHOD GetIsContentPrincipal(bool* aResult) override;
NS_IMETHOD GetIsExpandedPrincipal(bool* aResult) override;
NS_IMETHOD GetIsSystemPrincipal(bool* aResult) override;
NS_IMETHOD GetIsAddonOrExpandedAddonPrincipal(bool* aResult) override;
@ -134,7 +134,7 @@ class BasePrincipal : public nsJSPrincipals {
virtual bool AddonHasPermission(const nsAtom* aPerm);
virtual bool IsCodebasePrincipal() const { return false; };
virtual bool IsContentPrincipal() const { return false; };
static BasePrincipal* Cast(nsIPrincipal* aPrin) {
return static_cast<BasePrincipal*>(aPrin);
@ -144,14 +144,14 @@ class BasePrincipal : public nsJSPrincipals {
return static_cast<const BasePrincipal*>(aPrin);
}
static already_AddRefed<BasePrincipal> CreateCodebasePrincipal(
static already_AddRefed<BasePrincipal> CreateContentPrincipal(
const nsACString& aOrigin);
// These following method may not create a codebase principal in case it's
// These following method may not create a content principal in case it's
// not possible to generate a correct origin from the passed URI. If this
// happens, a NullPrincipal is returned.
static already_AddRefed<BasePrincipal> CreateCodebasePrincipal(
static already_AddRefed<BasePrincipal> CreateContentPrincipal(
nsIURI* aURI, const OriginAttributes& aAttrs);
const OriginAttributes& OriginAttributesRef() final {
@ -201,7 +201,7 @@ class BasePrincipal : public nsJSPrincipals {
/* Returns true if this principal's CSP should override a document's CSP for
* loads that it triggers. Currently true for expanded principals which
* subsume the document principal, and add-on codebase principals regardless
* subsume the document principal, and add-on content principals regardless
* of whether they subsume the document principal.
*/
bool OverridesCSP(nsIPrincipal* aDocumentPrincipal) {
@ -246,7 +246,7 @@ class BasePrincipal : public nsJSPrincipals {
const OriginAttributes& aOriginAttributes);
private:
static already_AddRefed<BasePrincipal> CreateCodebasePrincipal(
static already_AddRefed<BasePrincipal> CreateContentPrincipal(
nsIURI* aURI, const OriginAttributes& aAttrs,
const nsACString& aOriginNoSuffix);
@ -270,13 +270,13 @@ inline bool BasePrincipal::FastEquals(nsIPrincipal* aOther) {
}
// Two principals are considered to be equal if their origins are the same.
// If the two principals are codebase principals, their origin attributes
// If the two principals are content principals, their origin attributes
// (aka the origin suffix) must also match.
if (Kind() == eSystemPrincipal) {
return this == other;
}
if (Kind() == eCodebasePrincipal || Kind() == eNullPrincipal) {
if (Kind() == eContentPrincipal || Kind() == eNullPrincipal) {
return mOriginNoSuffix == other->mOriginNoSuffix &&
mOriginSuffix == other->mOriginSuffix;
}
@ -320,7 +320,7 @@ inline bool BasePrincipal::FastSubsumesConsideringDomain(nsIPrincipal* aOther) {
inline bool BasePrincipal::FastSubsumesIgnoringFPD(
nsIPrincipal* aOther, DocumentDomainConsideration aConsideration) {
if (Kind() == eCodebasePrincipal &&
if (Kind() == eContentPrincipal &&
!dom::ChromeUtils::IsOriginAttributesEqualIgnoringFPD(
mOriginAttributes, Cast(aOther)->mOriginAttributes)) {
return false;

118
caps/ContentPrincipal.cpp
View File

@ -53,14 +53,14 @@ NS_IMPL_CLASSINFO(ContentPrincipal, nullptr, nsIClassInfo::MAIN_THREAD_ONLY,
NS_IMPL_QUERY_INTERFACE_CI(ContentPrincipal, nsIPrincipal, nsISerializable)
NS_IMPL_CI_INTERFACE_GETTER(ContentPrincipal, nsIPrincipal, nsISerializable)
ContentPrincipal::ContentPrincipal() : BasePrincipal(eCodebasePrincipal) {}
ContentPrincipal::ContentPrincipal() : BasePrincipal(eContentPrincipal) {}
ContentPrincipal::~ContentPrincipal() {}
nsresult ContentPrincipal::Init(nsIURI* aCodebase,
nsresult ContentPrincipal::Init(nsIURI* aURI,
const OriginAttributes& aOriginAttributes,
const nsACString& aOriginNoSuffix) {
NS_ENSURE_ARG(aCodebase);
NS_ENSURE_ARG(aURI);
// Assert that the URI we get here isn't any of the schemes that we know we
// should not get here. These schemes always either inherit their principal
@ -71,11 +71,10 @@ nsresult ContentPrincipal::Init(nsIURI* aCodebase,
Unused << hasFlag; // silence possible compiler warnings.
MOZ_DIAGNOSTIC_ASSERT(
NS_SUCCEEDED(NS_URIChainHasFlags(
aCodebase, nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT,
&hasFlag)) &&
aURI, nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT, &hasFlag)) &&
!hasFlag);
mCodebase = aCodebase;
mURI = aURI;
FinishInit(aOriginNoSuffix, aOriginAttributes);
return NS_OK;
@ -85,7 +84,7 @@ nsresult ContentPrincipal::Init(ContentPrincipal* aOther,
const OriginAttributes& aOriginAttributes) {
NS_ENSURE_ARG(aOther);
mCodebase = aOther->mCodebase;
mURI = aOther->mURI;
FinishInit(aOther, aOriginAttributes);
mDomain = aOther->mDomain;
@ -94,7 +93,7 @@ nsresult ContentPrincipal::Init(ContentPrincipal* aOther,
}
nsresult ContentPrincipal::GetScriptLocation(nsACString& aStr) {
return mCodebase->GetSpec(aStr);
return mURI->GetSpec(aStr);
}
/* static */
@ -278,13 +277,13 @@ bool ContentPrincipal::SubsumesInternal(
rv = aOther->GetURI(getter_AddRefs(otherURI));
NS_ENSURE_SUCCESS(rv, false);
// Compare codebases.
return nsScriptSecurityManager::SecurityCompareURIs(mCodebase, otherURI);
// Compare uris.
return nsScriptSecurityManager::SecurityCompareURIs(mURI, otherURI);
}
NS_IMETHODIMP
ContentPrincipal::GetURI(nsIURI** aURI) {
NS_ADDREF(*aURI = mCodebase);
NS_ADDREF(*aURI = mURI);
return NS_OK;
}
@ -303,7 +302,7 @@ bool ContentPrincipal::MayLoadInternal(nsIURI* aURI) {
MOZ_ASSERT(origin);
OriginAttributes attrs;
RefPtr<BasePrincipal> principal =
BasePrincipal::CreateCodebasePrincipal(origin, attrs);
BasePrincipal::CreateContentPrincipal(origin, attrs);
return nsIPrincipal::Subsumes(principal);
}
#endif
@ -321,7 +320,7 @@ bool ContentPrincipal::MayLoadInternal(nsIURI* aURI) {
return true;
}
if (nsScriptSecurityManager::SecurityCompareURIs(mCodebase, aURI)) {
if (nsScriptSecurityManager::SecurityCompareURIs(mURI, aURI)) {
return true;
}
@ -329,8 +328,7 @@ bool ContentPrincipal::MayLoadInternal(nsIURI* aURI) {
// SecurityCompareURIs unless they are identical. Explicitly check file origin
// policy, in that case.
if (nsScriptSecurityManager::GetStrictFileOriginPolicy() &&
NS_URIIsLocalFile(aURI) &&
NS_RelaxStrictFileOriginPolicy(aURI, mCodebase)) {
NS_URIIsLocalFile(aURI) && NS_RelaxStrictFileOriginPolicy(aURI, mURI)) {
return true;
}
@ -338,7 +336,7 @@ bool ContentPrincipal::MayLoadInternal(nsIURI* aURI) {
}
uint32_t ContentPrincipal::GetHashValue() {
MOZ_ASSERT(mCodebase, "Need a codebase");
MOZ_ASSERT(mURI, "Need a principal URI");
return nsScriptSecurityManager::HashPrincipalByOrigin(this);
}
@ -375,12 +373,12 @@ ContentPrincipal::SetDomain(nsIURI* aDomain) {
return NS_OK;
}
static nsresult GetSpecialBaseDomain(const nsCOMPtr<nsIURI>& aCodebase,
static nsresult GetSpecialBaseDomain(const nsCOMPtr<nsIURI>& aURI,
bool* aHandled, nsACString& aBaseDomain) {
*aHandled = false;
// Special handling for a file URI.
if (NS_URIIsLocalFile(aCodebase)) {
if (NS_URIIsLocalFile(aURI)) {
// If strict file origin policy is not in effect, all local files are
// considered to be same-origin, so return a known dummy domain here.
if (!nsScriptSecurityManager::GetStrictFileOriginPolicy()) {
@ -390,7 +388,7 @@ static nsresult GetSpecialBaseDomain(const nsCOMPtr<nsIURI>& aCodebase,
}
// Otherwise, we return the file path.
nsCOMPtr<nsIURL> url = do_QueryInterface(aCodebase);
nsCOMPtr<nsIURL> url = do_QueryInterface(aURI);
if (url) {
*aHandled = true;
@ -399,21 +397,21 @@ static nsresult GetSpecialBaseDomain(const nsCOMPtr<nsIURI>& aCodebase,
}
bool hasNoRelativeFlag;
nsresult rv = NS_URIChainHasFlags(
aCodebase, nsIProtocolHandler::URI_NORELATIVE, &hasNoRelativeFlag);
nsresult rv = NS_URIChainHasFlags(aURI, nsIProtocolHandler::URI_NORELATIVE,
&hasNoRelativeFlag);
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}
if (hasNoRelativeFlag) {
*aHandled = true;
return aCodebase->GetSpec(aBaseDomain);
return aURI->GetSpec(aBaseDomain);
}
bool isBehaved;
if (NS_SUCCEEDED(aCodebase->SchemeIs("indexeddb", &isBehaved)) && isBehaved) {
if (NS_SUCCEEDED(aURI->SchemeIs("indexeddb", &isBehaved)) && isBehaved) {
*aHandled = true;
return aCodebase->GetSpec(aBaseDomain);
return aURI->GetSpec(aBaseDomain);
}
return NS_OK;
@ -423,7 +421,7 @@ NS_IMETHODIMP
ContentPrincipal::GetBaseDomain(nsACString& aBaseDomain) {
// Handle some special URIs first.
bool handled;
nsresult rv = GetSpecialBaseDomain(mCodebase, &handled, aBaseDomain);
nsresult rv = GetSpecialBaseDomain(mURI, &handled, aBaseDomain);
NS_ENSURE_SUCCESS(rv, rv);
if (handled) {
@ -437,7 +435,7 @@ ContentPrincipal::GetBaseDomain(nsACString& aBaseDomain) {
return NS_ERROR_FAILURE;
}
return thirdPartyUtil->GetBaseDomain(mCodebase, aBaseDomain);
return thirdPartyUtil->GetBaseDomain(mURI, aBaseDomain);
}
NS_IMETHODIMP
@ -445,7 +443,7 @@ ContentPrincipal::GetSiteOrigin(nsACString& aSiteOrigin) {
// Handle some special URIs first.
nsAutoCString baseDomain;
bool handled;
nsresult rv = GetSpecialBaseDomain(mCodebase, &handled, baseDomain);
nsresult rv = GetSpecialBaseDomain(mURI, &handled, baseDomain);
NS_ENSURE_SUCCESS(rv, rv);
if (handled) {
@ -466,7 +464,7 @@ ContentPrincipal::GetSiteOrigin(nsACString& aSiteOrigin) {
}
bool gotBaseDomain = false;
rv = tldService->GetBaseDomain(mCodebase, 0, baseDomain);
rv = tldService->GetBaseDomain(mURI, 0, baseDomain);
if (NS_SUCCEEDED(rv)) {
gotBaseDomain = true;
} else {
@ -481,7 +479,7 @@ ContentPrincipal::GetSiteOrigin(nsACString& aSiteOrigin) {
// NOTE: Calling `SetHostPort` with a portless domain is insufficient to clear
// the port, so an extra `SetPort` call has to be made.
nsCOMPtr<nsIURI> siteUri;
NS_MutateURI mutator(mCodebase);
NS_MutateURI mutator(mURI);
mutator.SetUserPass(EmptyCString()).SetPort(-1);
if (gotBaseDomain) {
mutator.SetHost(baseDomain);
@ -508,9 +506,9 @@ nsresult ContentPrincipal::GetSiteIdentifier(SiteIdentifier& aSite) {
nsresult rv = GetSiteOrigin(siteOrigin);
NS_ENSURE_SUCCESS(rv, rv);
RefPtr<BasePrincipal> principal = CreateCodebasePrincipal(siteOrigin);
RefPtr<BasePrincipal> principal = CreateContentPrincipal(siteOrigin);
if (!principal) {
NS_WARNING("could not instantiate codebase principal");
NS_WARNING("could not instantiate content principal");
return NS_ERROR_FAILURE;
}
@ -520,12 +518,11 @@ nsresult ContentPrincipal::GetSiteIdentifier(SiteIdentifier& aSite) {
WebExtensionPolicy* ContentPrincipal::AddonPolicy() {
if (!mAddon.isSome()) {
NS_ENSURE_TRUE(mCodebase, nullptr);
NS_ENSURE_TRUE(mURI, nullptr);
bool isMozExt;
if (NS_SUCCEEDED(mCodebase->SchemeIs("moz-extension", &isMozExt)) &&
isMozExt) {
mAddon.emplace(EPS().GetByURL(mCodebase.get()));
if (NS_SUCCEEDED(mURI->SchemeIs("moz-extension", &isMozExt)) && isMozExt) {
mAddon.emplace(EPS().GetByURL(mURI.get()));
} else {
mAddon.emplace(nullptr);
}
@ -548,20 +545,20 @@ ContentPrincipal::GetAddonId(nsAString& aAddonId) {
NS_IMETHODIMP
ContentPrincipal::Read(nsIObjectInputStream* aStream) {
nsCOMPtr<nsISupports> supports;
nsCOMPtr<nsIURI> codebase;
nsCOMPtr<nsIURI> principalURI;
nsresult rv = NS_ReadOptionalObject(aStream, true, getter_AddRefs(supports));
if (NS_FAILED(rv)) {
return rv;
}
codebase = do_QueryInterface(supports);
principalURI = do_QueryInterface(supports);
// Enforce re-parsing about: URIs so that if they change, we continue to use
// their new principals correctly.
bool isAbout = false;
if (NS_SUCCEEDED(codebase->SchemeIs("about", &isAbout)) && isAbout) {
if (NS_SUCCEEDED(principalURI->SchemeIs("about", &isAbout)) && isAbout) {
nsAutoCString spec;
codebase->GetSpec(spec);
NS_ENSURE_SUCCESS(NS_NewURI(getter_AddRefs(codebase), spec),
principalURI->GetSpec(spec);
NS_ENSURE_SUCCESS(NS_NewURI(getter_AddRefs(principalURI), spec),
NS_ERROR_FAILURE);
}
@ -595,10 +592,10 @@ ContentPrincipal::Read(nsIObjectInputStream* aStream) {
Unused << NS_ReadOptionalObject(aStream, true, getter_AddRefs(supports));
nsAutoCString originNoSuffix;
rv = GenerateOriginNoSuffixFromURI(codebase, originNoSuffix);
rv = GenerateOriginNoSuffixFromURI(principalURI, originNoSuffix);
NS_ENSURE_SUCCESS(rv, rv);
rv = Init(codebase, attrs, originNoSuffix);
rv = Init(principalURI, attrs, originNoSuffix);
NS_ENSURE_SUCCESS(rv, rv);
// Note: we don't call SetDomain here because we don't need the wrapper
@ -619,15 +616,15 @@ ContentPrincipal::Write(nsIObjectOutputStream* aStream) {
}
nsresult ContentPrincipal::PopulateJSONObject(Json::Value& aObject) {
nsAutoCString codebase;
nsresult rv = mCodebase->GetSpec(codebase);
nsAutoCString principalURI;
nsresult rv = mURI->GetSpec(principalURI);
NS_ENSURE_SUCCESS(rv, rv);
// We turn each int enum field into a JSON string key of the object
// aObject is the inner JSON object that has stringified enum keys
// An example aObject might be:
//
// eCodebase eSuffix
// eURI eSuffix
// | |
// {"0": "https://mozilla.com", "2": "^privateBrowsingId=1"}
// | | | |
@ -636,7 +633,7 @@ nsresult ContentPrincipal::PopulateJSONObject(Json::Value& aObject) {
// Key ----------------------
// |
// Value
aObject[std::to_string(eCodebase)] = codebase.get();
aObject[std::to_string(eURI)] = principalURI.get();
if (mDomain) {
nsAutoCString domainStr;
@ -658,7 +655,7 @@ already_AddRefed<BasePrincipal> ContentPrincipal::FromProperties(
nsTArray<ContentPrincipal::KeyVal>& aFields) {
MOZ_ASSERT(aFields.Length() == eMax + 1, "Must have all the keys");
nsresult rv;
nsCOMPtr<nsIURI> codebaseURI;
nsCOMPtr<nsIURI> principalURI;
nsCOMPtr<nsIURI> domain;
nsCOMPtr<nsIContentSecurityPolicy> csp;
OriginAttributes attrs;
@ -667,25 +664,26 @@ already_AddRefed<BasePrincipal> ContentPrincipal::FromProperties(
// if all the switch enum cases haven't been codified
for (const auto& field : aFields) {
switch (field.key) {
case ContentPrincipal::eCodebase:
case ContentPrincipal::eURI:
if (!field.valueWasSerialized) {
MOZ_ASSERT(
false,
"Content principals require a codebase URI in serialized JSON");
"Content principals require a principal URI in serialized JSON");
return nullptr;
}
rv = NS_NewURI(getter_AddRefs(codebaseURI), field.value.get());
rv = NS_NewURI(getter_AddRefs(principalURI), field.value.get());
NS_ENSURE_SUCCESS(rv, nullptr);
{
// Enforce re-parsing about: URIs so that if they change, we
// continue to use their new principals correctly.
bool isAbout =
NS_SUCCEEDED(codebaseURI->SchemeIs("about", &isAbout)) && isAbout;
NS_SUCCEEDED(principalURI->SchemeIs("about", &isAbout)) &&
isAbout;
if (isAbout) {
nsAutoCString spec;
codebaseURI->GetSpec(spec);
if (NS_FAILED(NS_NewURI(getter_AddRefs(codebaseURI), spec))) {
principalURI->GetSpec(spec);
if (NS_FAILED(NS_NewURI(getter_AddRefs(principalURI), spec))) {
return nullptr;
}
}
@ -708,22 +706,22 @@ already_AddRefed<BasePrincipal> ContentPrincipal::FromProperties(
}
}
nsAutoCString originNoSuffix;
rv = ContentPrincipal::GenerateOriginNoSuffixFromURI(codebaseURI,
rv = ContentPrincipal::GenerateOriginNoSuffixFromURI(principalURI,
originNoSuffix);
if (NS_FAILED(rv)) {
return nullptr;
}
RefPtr<ContentPrincipal> codebase = new ContentPrincipal();
rv = codebase->Init(codebaseURI, attrs, originNoSuffix);
RefPtr<ContentPrincipal> principal = new ContentPrincipal();
rv = principal->Init(principalURI, attrs, originNoSuffix);
if (NS_FAILED(rv)) {
return nullptr;
}
codebase->mDomain = domain;
if (codebase->mDomain) {
codebase->SetHasExplicitDomain();
principal->mDomain = domain;
if (principal->mDomain) {
principal->SetHasExplicitDomain();
}
return codebase.forget();
return principal.forget();
}

10
caps/ContentPrincipal.h
View File

@ -33,14 +33,14 @@ class ContentPrincipal final : public BasePrincipal {
NS_IMETHOD GetBaseDomain(nsACString& aBaseDomain) override;
NS_IMETHOD GetAddonId(nsAString& aAddonId) override;
NS_IMETHOD GetSiteOrigin(nsACString& aSiteOrigin) override;
bool IsCodebasePrincipal() const override { return true; }
bool IsContentPrincipal() const override { return true; }
ContentPrincipal();
static PrincipalKind Kind() { return eCodebasePrincipal; }
static PrincipalKind Kind() { return eContentPrincipal; }
// Init() must be called before the principal is in a usable state.
nsresult Init(nsIURI* aCodebase, const OriginAttributes& aOriginAttributes,
nsresult Init(nsIURI* aURI, const OriginAttributes& aOriginAttributes,
const nsACString& aOriginNoSuffix);
nsresult Init(ContentPrincipal* aOther,
const OriginAttributes& aOriginAttributes);
@ -55,11 +55,11 @@ class ContentPrincipal final : public BasePrincipal {
extensions::WebExtensionPolicy* AddonPolicy();
nsCOMPtr<nsIURI> mDomain;
nsCOMPtr<nsIURI> mCodebase;
nsCOMPtr<nsIURI> mURI;
virtual nsresult PopulateJSONObject(Json::Value& aObject) override;
// Serializable keys are the valid enum fields the serialization supports
enum SerializableKeys { eCodebase = 0, eDomain, eSuffix, eMax = eSuffix };
enum SerializableKeys { eURI = 0, eDomain, eSuffix, eMax = eSuffix };
// KeyVal is a lightweight storage that passes
// SerializableKeys and values after JSON parsing in the BasePrincipal to
// FromProperties

8
caps/NullPrincipal.cpp
View File

@ -219,14 +219,14 @@ NullPrincipal::Write(nsIObjectOutputStream* aStream) {
}
nsresult NullPrincipal::PopulateJSONObject(Json::Value& aObject) {
nsAutoCString codebase;
nsresult rv = mURI->GetSpec(codebase);
nsAutoCString principalURI;
nsresult rv = mURI->GetSpec(principalURI);
NS_ENSURE_SUCCESS(rv, rv);
MOZ_ASSERT(codebase.Length() ==
MOZ_ASSERT(principalURI.Length() ==
NS_LITERAL_CSTRING(NS_NULLPRINCIPAL_SCHEME ":").Length() +
NSID_LENGTH - 1,
"Length of the URI should be: (scheme, uuid, - nullptr)");
aObject[std::to_string(eSpec)] = codebase.get();
aObject[std::to_string(eSpec)] = principalURI.get();
nsAutoCString suffix;
OriginAttributesRef().CreateSuffix(suffix);

12
caps/nsIPrincipal.idl
View File

@ -70,7 +70,7 @@ interface nsIPrincipal : nsISerializable
[notxpcom, nostdcall] readonly attribute unsigned long hashValue;
/**
* The codebase URI to which this principal pertains. This is
* The principal URI to which this principal pertains. This is
* generally the document URI.
*/
[infallible] readonly attribute nsIURI URI;
@ -122,7 +122,7 @@ interface nsIPrincipal : nsISerializable
/**
* Checks whether this principal is allowed to load the network resource
* located at the given URI under the same-origin policy. This means that
* codebase principals are only allowed to load resources from the same
* content principals are only allowed to load resources from the same
* domain, the system principal is allowed to load anything, and null
* principals can only load URIs where they are the principal. This is
* changed by the optional flag allowIfInheritsPrincipal (which defaults to
@ -170,7 +170,7 @@ interface nsIPrincipal : nsISerializable
/**
* A canonical representation of the origin for this principal. This
* consists of a base string (which, for codebase principals, is of the
* consists of a base string (which, for content principals, is of the
* format scheme://host:port), concatenated with |originAttributes| (see
* below).
*
@ -212,7 +212,7 @@ interface nsIPrincipal : nsISerializable
readonly attribute ACString siteOrigin;
/**
* The base domain of the codebase URI to which this principal pertains
* The base domain of the principal URI to which this principal pertains
* (generally the document URI), handling null principals and
* non-hierarchical schemes correctly.
*/
@ -255,9 +255,9 @@ interface nsIPrincipal : nsISerializable
[infallible] readonly attribute boolean isNullPrincipal;
/**
* Returns true iff this principal corresponds to a codebase origin.
* Returns true iff this principal corresponds to a principal origin.
*/
[infallible] readonly attribute boolean isCodebasePrincipal;
[infallible] readonly attribute boolean isContentPrincipal;
/**
* Returns true iff this is an expanded principal.

14
caps/nsIScriptSecurityManager.idl
View File

@ -144,18 +144,18 @@ interface nsIScriptSecurityManager : nsISupports
* Returns a principal that has the OriginAttributes of the load context.
* @param loadContext to get the OriginAttributes from.
*/
nsIPrincipal getLoadContextCodebasePrincipal(in nsIURI uri,
nsIPrincipal getLoadContextContentPrincipal(in nsIURI uri,
in nsILoadContext loadContext);
/**
* Returns a principal that has the OriginAttributes of the docshell.
* @param docShell to get the OriginAttributes from.
*/
nsIPrincipal getDocShellCodebasePrincipal(in nsIURI uri,
nsIPrincipal getDocShellContentPrincipal(in nsIURI uri,
in nsIDocShell docShell);
/**
* If this is a codebase principal, return a copy with different
* If this is a content principal, return a copy with different
* origin attributes.
*/
[implicit_jscontext]
@ -168,14 +168,14 @@ interface nsIScriptSecurityManager : nsISupports
* ChromeUtils.webidl for a list of origin attributes and their defaults.
*/
[implicit_jscontext]
nsIPrincipal createCodebasePrincipal(in nsIURI uri, in jsval originAttributes);
nsIPrincipal createContentPrincipal(in nsIURI uri, in jsval originAttributes);
/**
* Returns a principal whose origin is the one we pass in.
* See nsIPrincipal.idl for a description of origin attributes, and
* ChromeUtils.webidl for a list of origin attributes and their defaults.
*/
nsIPrincipal createCodebasePrincipalFromOrigin(in ACString origin);
nsIPrincipal createContentPrincipalFromOrigin(in ACString origin);
/**
* Takes a principal and returns a string representation of it or a nullptr if it can't be serialized.
@ -213,7 +213,7 @@ interface nsIScriptSecurityManager : nsISupports
/**
* Get the principal for the given channel. This will typically be the
* channel owner if there is one, and the codebase principal for the
* channel owner if there is one, and the content principal for the
* channel's URI otherwise. aChannel must not be null.
*/
nsIPrincipal getChannelResultPrincipal(in nsIChannel aChannel);
@ -254,7 +254,7 @@ interface nsIScriptSecurityManager : nsISupports
nsIPrincipal getChannelResultPrincipalIfNotSandboxed(in nsIChannel aChannel);
/**
* Get the codebase principal for the channel's URI.
* Get the content principal for the channel's URI.
* aChannel must not be null.
*/
nsIPrincipal getChannelURIPrincipal(in nsIChannel aChannel);

20
caps/nsScriptSecurityManager.cpp
View File

@ -376,7 +376,7 @@ nsScriptSecurityManager::GetChannelURIPrincipal(nsIChannel* aChannel,
OriginAttributes attrs = loadInfo->GetOriginAttributes();
nsCOMPtr<nsIPrincipal> prin =
BasePrincipal::CreateCodebasePrincipal(uri, attrs);
BasePrincipal::CreateContentPrincipal(uri, attrs);
prin.forget(aPrincipal);
return *aPrincipal ? NS_OK : NS_ERROR_FAILURE;
}
@ -1121,7 +1121,7 @@ nsScriptSecurityManager::GetSystemPrincipal(nsIPrincipal** result) {
}
NS_IMETHODIMP
nsScriptSecurityManager::CreateCodebasePrincipal(
nsScriptSecurityManager::CreateContentPrincipal(
nsIURI* aURI, JS::Handle<JS::Value> aOriginAttributes, JSContext* aCx,
nsIPrincipal** aPrincipal) {
OriginAttributes attrs;
@ -1129,13 +1129,13 @@ nsScriptSecurityManager::CreateCodebasePrincipal(
return NS_ERROR_INVALID_ARG;
}
nsCOMPtr<nsIPrincipal> prin =
BasePrincipal::CreateCodebasePrincipal(aURI, attrs);
BasePrincipal::CreateContentPrincipal(aURI, attrs);
prin.forget(aPrincipal);
return *aPrincipal ? NS_OK : NS_ERROR_FAILURE;
}
NS_IMETHODIMP
nsScriptSecurityManager::CreateCodebasePrincipalFromOrigin(
nsScriptSecurityManager::CreateContentPrincipalFromOrigin(
const nsACString& aOrigin, nsIPrincipal** aPrincipal) {
if (StringBeginsWith(aOrigin, NS_LITERAL_CSTRING("["))) {
return NS_ERROR_INVALID_ARG;
@ -1146,7 +1146,7 @@ nsScriptSecurityManager::CreateCodebasePrincipalFromOrigin(
return NS_ERROR_INVALID_ARG;
}
nsCOMPtr<nsIPrincipal> prin = BasePrincipal::CreateCodebasePrincipal(aOrigin);
nsCOMPtr<nsIPrincipal> prin = BasePrincipal::CreateContentPrincipal(aOrigin);
prin.forget(aPrincipal);
return *aPrincipal ? NS_OK : NS_ERROR_FAILURE;
}
@ -1199,22 +1199,22 @@ nsScriptSecurityManager::CreateNullPrincipal(
}
NS_IMETHODIMP
nsScriptSecurityManager::GetLoadContextCodebasePrincipal(
nsScriptSecurityManager::GetLoadContextContentPrincipal(
nsIURI* aURI, nsILoadContext* aLoadContext, nsIPrincipal** aPrincipal) {
NS_ENSURE_STATE(aLoadContext);
OriginAttributes docShellAttrs;
aLoadContext->GetOriginAttributes(docShellAttrs);
nsCOMPtr<nsIPrincipal> prin =
BasePrincipal::CreateCodebasePrincipal(aURI, docShellAttrs);
BasePrincipal::CreateContentPrincipal(aURI, docShellAttrs);
prin.forget(aPrincipal);
return *aPrincipal ? NS_OK : NS_ERROR_FAILURE;
}
NS_IMETHODIMP
nsScriptSecurityManager::GetDocShellCodebasePrincipal(
nsScriptSecurityManager::GetDocShellContentPrincipal(
nsIURI* aURI, nsIDocShell* aDocShell, nsIPrincipal** aPrincipal) {
nsCOMPtr<nsIPrincipal> prin = BasePrincipal::CreateCodebasePrincipal(
nsCOMPtr<nsIPrincipal> prin = BasePrincipal::CreateContentPrincipal(
aURI, nsDocShell::Cast(aDocShell)->GetOriginAttributes());
prin.forget(aPrincipal);
return *aPrincipal ? NS_OK : NS_ERROR_FAILURE;
@ -1227,7 +1227,7 @@ nsScriptSecurityManager::PrincipalWithOA(
if (!aPrincipal) {
return NS_OK;
}
if (aPrincipal->GetIsCodebasePrincipal()) {
if (aPrincipal->GetIsContentPrincipal()) {
OriginAttributes attrs;
if (!aOriginAttributes.isObject() || !attrs.Init(aCx, aOriginAttributes)) {
return NS_ERROR_INVALID_ARG;

31
caps/tests/gtest/TestPrincipalSerialization.cpp
View File

@ -26,7 +26,7 @@ TEST(PrincipalSerialization, ReusedJSONArgument)
nsAutoCString spec("https://mozilla.com");
nsCOMPtr<nsIPrincipal> principal;
nsresult rv =
ssm->CreateCodebasePrincipalFromOrigin(spec, getter_AddRefs(principal));
ssm->CreateContentPrincipalFromOrigin(spec, getter_AddRefs(principal));
ASSERT_EQ(rv, NS_OK);
nsAutoCString JSON;
@ -36,8 +36,7 @@ TEST(PrincipalSerialization, ReusedJSONArgument)
nsAutoCString spec2("https://example.com");
nsCOMPtr<nsIPrincipal> principal2;
rv =
ssm->CreateCodebasePrincipalFromOrigin(spec2, getter_AddRefs(principal2));
rv = ssm->CreateContentPrincipalFromOrigin(spec2, getter_AddRefs(principal2));
ASSERT_EQ(rv, NS_OK);
// Reuse JSON without truncation to check the code is doing this
@ -82,7 +81,7 @@ TEST(PrincipalSerialization, TwoKeys)
nsCOMPtr<nsIPrincipal> contentPrincipal = BasePrincipal::FromJSON(
NS_LITERAL_CSTRING("{\"1\":{\"0\":\"https://mozilla.com\"}}"));
ASSERT_EQ(BasePrincipal::Cast(contentPrincipal)->Kind(),
BasePrincipal::eCodebasePrincipal);
BasePrincipal::eContentPrincipal);
// Check both combined don't return a principal
nsCOMPtr<nsIPrincipal> combinedPrincipal = BasePrincipal::FromJSON(
@ -105,19 +104,19 @@ TEST(PrincipalSerialization, ExpandedPrincipal)
nsAutoCString spec("https://mozilla.com");
nsCOMPtr<nsIPrincipal> principal;
nsresult rv =
ssm->CreateCodebasePrincipalFromOrigin(spec, getter_AddRefs(principal));
ssm->CreateContentPrincipalFromOrigin(spec, getter_AddRefs(principal));
ASSERT_EQ(rv, NS_OK);
ASSERT_EQ(BasePrincipal::Cast(principal)->Kind(),
BasePrincipal::eCodebasePrincipal);
BasePrincipal::eContentPrincipal);
allowedDomains[0] = principal;
nsAutoCString spec2("https://mozilla.org");
nsCOMPtr<nsIPrincipal> principal2;
rv =
ssm->CreateCodebasePrincipalFromOrigin(spec2, getter_AddRefs(principal2));
ssm->CreateContentPrincipalFromOrigin(spec2, getter_AddRefs(principal2));
ASSERT_EQ(rv, NS_OK);
ASSERT_EQ(BasePrincipal::Cast(principal2)->Kind(),
BasePrincipal::eCodebasePrincipal);
BasePrincipal::eContentPrincipal);
allowedDomains[1] = principal2;
OriginAttributes attrs;
@ -142,11 +141,11 @@ TEST(PrincipalSerialization, ExpandedPrincipal)
nsAutoCString specDev("https://mozilla.dev");
nsCOMPtr<nsIPrincipal> principalDev;
rv = ssm->CreateCodebasePrincipalFromOrigin(specDev,
rv = ssm->CreateContentPrincipalFromOrigin(specDev,
getter_AddRefs(principalDev));
ASSERT_EQ(rv, NS_OK);
ASSERT_EQ(BasePrincipal::Cast(principalDev)->Kind(),
BasePrincipal::eCodebasePrincipal);
BasePrincipal::eContentPrincipal);
ASSERT_FALSE(outPrincipal->FastSubsumesIgnoringFPD(principalDev));
}
@ -164,19 +163,19 @@ TEST(PrincipalSerialization, ExpandedPrincipalOA)
nsAutoCString spec("https://mozilla.com");
nsCOMPtr<nsIPrincipal> principal;
nsresult rv =
ssm->CreateCodebasePrincipalFromOrigin(spec, getter_AddRefs(principal));
ssm->CreateContentPrincipalFromOrigin(spec, getter_AddRefs(principal));
ASSERT_EQ(rv, NS_OK);
ASSERT_EQ(BasePrincipal::Cast(principal)->Kind(),
BasePrincipal::eCodebasePrincipal);
BasePrincipal::eContentPrincipal);
allowedDomains[0] = principal;
nsAutoCString spec2("https://mozilla.org");
nsCOMPtr<nsIPrincipal> principal2;
rv =
ssm->CreateCodebasePrincipalFromOrigin(spec2, getter_AddRefs(principal2));
ssm->CreateContentPrincipalFromOrigin(spec2, getter_AddRefs(principal2));
ASSERT_EQ(rv, NS_OK);
ASSERT_EQ(BasePrincipal::Cast(principal2)->Kind(),
BasePrincipal::eCodebasePrincipal);
BasePrincipal::eContentPrincipal);
allowedDomains[1] = principal2;
OriginAttributes attrs;
@ -206,11 +205,11 @@ TEST(PrincipalSerialization, ExpandedPrincipalOA)
nsAutoCString specDev("https://mozilla.dev");
nsCOMPtr<nsIPrincipal> principalDev;
rv = ssm->CreateCodebasePrincipalFromOrigin(specDev,
rv = ssm->CreateContentPrincipalFromOrigin(specDev,
getter_AddRefs(principalDev));
ASSERT_EQ(rv, NS_OK);
ASSERT_EQ(BasePrincipal::Cast(principalDev)->Kind(),
BasePrincipal::eCodebasePrincipal);
BasePrincipal::eContentPrincipal);
ASSERT_FALSE(outPrincipal->FastSubsumesIgnoringFPD(principalDev));
}

2
caps/tests/mochitest/browser_checkloaduri.js
View File

@ -300,7 +300,7 @@ add_task(async function() {
if (sourceString.startsWith("about:test-chrome-privs")) {
source = ssm.getSystemPrincipal();
} else {
source = ssm.createCodebasePrincipal(makeURI(sourceString), {});
source = ssm.createContentPrincipal(makeURI(sourceString), {});
}
for (let [
target,

4
caps/tests/mochitest/test_addonMayLoad.html
View File

@ -53,9 +53,9 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1180921
return p;
}
let addonA = new Cu.Sandbox(ssm.createCodebasePrincipal(Services.io.newURI("moz-extension://addonA/"), {}),
let addonA = new Cu.Sandbox(ssm.createContentPrincipal(Services.io.newURI("moz-extension://addonA/"), {}),
{wantGlobalProperties: ["XMLHttpRequest"]});
let addonB = new Cu.Sandbox(ssm.createCodebasePrincipal(Services.io.newURI("moz-extension://addonB/"), {}),
let addonB = new Cu.Sandbox(ssm.createContentPrincipal(Services.io.newURI("moz-extension://addonB/"), {}),
{wantGlobalProperties: ["XMLHttpRequest"]});
function uriForDomain(d) { return d + "/tests/caps/tests/mochitest/file_data.txt"; }

32
caps/tests/unit/test_origin.js
View File

@ -35,9 +35,9 @@ function checkOriginAttributes(prin, attrs, suffix) {
ChromeUtils.originAttributesMatchPattern(prin.originAttributes, attrs)
);
if (!prin.isNullPrincipal && !prin.origin.startsWith("[")) {
Assert.ok(ssm.createCodebasePrincipalFromOrigin(prin.origin).equals(prin));
Assert.ok(ssm.createContentPrincipalFromOrigin(prin.origin).equals(prin));
} else {
checkThrows(() => ssm.createCodebasePrincipalFromOrigin(prin.origin));
checkThrows(() => ssm.createContentPrincipalFromOrigin(prin.origin));
}
}
@ -88,13 +88,13 @@ function run_test() {
// Attributeless origins.
Assert.equal(ssm.getSystemPrincipal().origin, "[System Principal]");
checkOriginAttributes(ssm.getSystemPrincipal());
var exampleOrg = ssm.createCodebasePrincipal(
var exampleOrg = ssm.createContentPrincipal(
makeURI("http://example.org"),
{}
);
Assert.equal(exampleOrg.origin, "http://example.org");
checkOriginAttributes(exampleOrg);
var exampleCom = ssm.createCodebasePrincipal(
var exampleCom = ssm.createContentPrincipal(
makeURI("https://www.example.com:123"),
{}
);
@ -105,13 +105,13 @@ function run_test() {
/^moz-nullprincipal:\{([0-9]|[a-z]|\-){36}\}$/.test(nullPrin.origin)
);
checkOriginAttributes(nullPrin);
var ipv6Prin = ssm.createCodebasePrincipal(
var ipv6Prin = ssm.createContentPrincipal(
makeURI("https://[2001:db8::ff00:42:8329]:123"),
{}
);
Assert.equal(ipv6Prin.origin, "https://[2001:db8::ff00:42:8329]:123");
checkOriginAttributes(ipv6Prin);
var ipv6NPPrin = ssm.createCodebasePrincipal(
var ipv6NPPrin = ssm.createContentPrincipal(
makeURI("https://[2001:db8::ff00:42:8329]"),
{}
);
@ -132,7 +132,7 @@ function run_test() {
}]]`
);
// Make sure createCodebasePrincipal does what the rest of gecko does.
// Make sure createContentPrincipal does what the rest of gecko does.
Assert.ok(
exampleOrg.equals(
Cu.getObjectPrincipal(new Cu.Sandbox("http://example.org"))
@ -144,7 +144,7 @@ function run_test() {
//
// Just browser.
var exampleOrg_browser = ssm.createCodebasePrincipal(
var exampleOrg_browser = ssm.createContentPrincipal(
makeURI("http://example.org"),
{ inIsolatedMozBrowser: true }
);
@ -164,7 +164,7 @@ function run_test() {
Assert.equal(exampleOrg_browser.origin, "http://example.org^inBrowser=1");
// First party Uri
var exampleOrg_firstPartyDomain = ssm.createCodebasePrincipal(
var exampleOrg_firstPartyDomain = ssm.createContentPrincipal(
makeURI("http://example.org"),
{ firstPartyDomain: "example.org" }
);
@ -179,7 +179,7 @@ function run_test() {
);
// Just userContext.
var exampleOrg_userContext = ssm.createCodebasePrincipal(
var exampleOrg_userContext = ssm.createContentPrincipal(
makeURI("http://example.org"),
{ userContextId: 42 }
);
@ -215,19 +215,19 @@ function run_test() {
// Check Principal kinds.
function checkKind(prin, kind) {
Assert.equal(prin.isNullPrincipal, kind == "nullPrincipal");
Assert.equal(prin.isCodebasePrincipal, kind == "codebasePrincipal");
Assert.equal(prin.isContentPrincipal, kind == "contentPrincipal");
Assert.equal(prin.isExpandedPrincipal, kind == "expandedPrincipal");
Assert.equal(prin.isSystemPrincipal, kind == "systemPrincipal");
}
checkKind(ssm.createNullPrincipal({}), "nullPrincipal");
checkKind(
ssm.createCodebasePrincipal(makeURI("http://www.example.com"), {}),
"codebasePrincipal"
ssm.createContentPrincipal(makeURI("http://www.example.com"), {}),
"contentPrincipal"
);
checkKind(
Cu.getObjectPrincipal(
Cu.Sandbox([
ssm.createCodebasePrincipal(makeURI("http://www.example.com"), {}),
ssm.createContentPrincipal(makeURI("http://www.example.com"), {}),
])
),
"expandedPrincipal"
@ -312,13 +312,13 @@ function run_test() {
];
fileTests.forEach(t => {
Services.prefs.setBoolPref("security.fileuri.strict_origin_policy", t[0]);
var filePrin = ssm.createCodebasePrincipal(fileURI, {});
var filePrin = ssm.createContentPrincipal(fileURI, {});
Assert.equal(filePrin.origin, t[1]);
});
Services.prefs.clearUserPref("security.fileuri.strict_origin_policy");
var aboutBlankURI = makeURI("about:blank");
var aboutBlankPrin = ssm.createCodebasePrincipal(aboutBlankURI, {});
var aboutBlankPrin = ssm.createContentPrincipal(aboutBlankURI, {});
Assert.ok(
/^moz-nullprincipal:\{([0-9]|[a-z]|\-){36}\}$/.test(aboutBlankPrin.origin)
);

2
devtools/client/inspector/shared/test/browser_styleinspector_csslogic-content-stylesheets.js
View File

@ -14,7 +14,7 @@ const TEST_URI_HTML = TEST_URL_ROOT + "doc_content_stylesheet.html";
const TEST_URI_AUTHOR = TEST_URL_ROOT + "doc_author-sheet.html";
const TEST_URI_XUL = TEST_URL_ROOT + "doc_content_stylesheet.xul";
const XUL_URI = Services.io.newURI(TEST_URI_XUL);
const XUL_PRINCIPAL = Services.scriptSecurityManager.createCodebasePrincipal(
const XUL_PRINCIPAL = Services.scriptSecurityManager.createContentPrincipal(
XUL_URI,
{}
);

2
devtools/client/storage/test/head.js
View File

@ -1003,7 +1003,7 @@ function setPermission(url, permission) {
const nsIPermissionManager = Ci.nsIPermissionManager;
const uri = Services.io.newURI(url);
const principal = Services.scriptSecurityManager.createCodebasePrincipal(
const principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);

2
devtools/client/webconsole/test/mochitest/browser_webconsole_trackingprotection_errors.js
View File

@ -151,7 +151,7 @@ add_task(async function testCookieBlockedByPermissionMessage() {
info("Test cookie blocked by permission message");
// Turn off tracking protection and add a block permission on the URL.
await pushPref("privacy.trackingprotection.enabled", false);
const p = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
const p = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
TRACKER_URL
);
Services.perms.addFromPrincipal(

2
devtools/client/webconsole/test/mochitest/browser_webconsole_warning_group_content_blocking.js
View File

@ -139,7 +139,7 @@ add_task(async function testCookieBlockedByPermissionMessage() {
info("Test cookie blocked by permission message");
// Turn off tracking protection and add a block permission on the URL.
await pushPref("privacy.trackingprotection.enabled", false);
const p = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(
const p = Services.scriptSecurityManager.createContentPrincipalFromOrigin(
"http://tracking.example.org/"
);
Services.perms.addFromPrincipal(

2
devtools/server/actors/storage.js
View File

@ -1386,7 +1386,7 @@ StorageActors.createActor(
async getCachesForHost(host) {
const uri = Services.io.newURI(host);
const attrs = this.storageActor.document.nodePrincipal.originAttributes;
const principal = Services.scriptSecurityManager.createCodebasePrincipal(
const principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
attrs
);

4
devtools/shared/DevToolsUtils.js
View File

@ -496,7 +496,7 @@ DevToolsUtils.defineLazyGetter(this, "NetworkHelper", () => {
* - window: the window to get the loadGroup from
* - charset: the charset to use if the channel doesn't provide one
* - principal: the principal to use, if omitted, the request is loaded
* with a codebase principal corresponding to the url being
* with a content principal corresponding to the url being
* loaded, using the origin attributes of the window, if any.
* - cacheKey: when loading from cache, use this key to retrieve a cache
* specific to a given SHEntry. (Allows loading POST
@ -713,7 +713,7 @@ function newChannelForURL(
// and it may not be correct.
let prin = principal;
if (!prin) {
prin = Services.scriptSecurityManager.createCodebasePrincipal(uri, {});
prin = Services.scriptSecurityManager.createContentPrincipal(uri, {});
}
channelOptions.loadingPrincipal = prin;

2
devtools/shared/indexed-db.js
View File

@ -13,7 +13,7 @@ const Services = require("Services");
const PSEUDOURI = "indexeddb://fx-devtools";
const principaluri = Services.io.newURI(PSEUDOURI);
const principal = Services.scriptSecurityManager.createCodebasePrincipal(
const principal = Services.scriptSecurityManager.createContentPrincipal(
principaluri,
{}
);

2
devtools/shared/tests/unit/test_console_filtering.js
View File

@ -55,7 +55,7 @@ function createFakeAddonWindow({ addonId } = {}) {
policy.active = true;
const baseURI = Services.io.newURI(`moz-extension://${uuid}/`);
const principal = Services.scriptSecurityManager.createCodebasePrincipal(
const principal = Services.scriptSecurityManager.createContentPrincipal(
baseURI,
{}
);

14
docshell/base/nsDocShell.cpp
View File

@ -6584,8 +6584,8 @@ void nsDocShell::OnRedirectStateChange(nsIChannel* aOldChannel,
if (secMan) {
nsCOMPtr<nsIPrincipal> principal;
secMan->GetDocShellCodebasePrincipal(newURI, this,
getter_AddRefs(principal));
secMan->GetDocShellContentPrincipal(newURI, this,
getter_AddRefs(principal));
appCacheChannel->SetChooseApplicationCache(
NS_ShouldCheckAppCache(principal));
}
@ -9766,13 +9766,13 @@ static bool IsConsideredSameOriginForUIR(nsIPrincipal* aTriggeringPrincipal,
return true;
}
if (!aResultPrincipal->GetIsCodebasePrincipal()) {
if (!aResultPrincipal->GetIsContentPrincipal()) {
return false;
}
nsCOMPtr<nsIURI> resultURI = aResultPrincipal->GetURI();
// We know this is a codebase principal, and codebase principals require valid
// We know this is a content principal, and content principals require valid
// URIs, so we shouldn't need to check non-null here.
if (!SchemeIsHTTP(resultURI)) {
return false;
@ -9793,7 +9793,7 @@ static bool IsConsideredSameOriginForUIR(nsIPrincipal* aTriggeringPrincipal,
BasePrincipal::Cast(aResultPrincipal)->OriginAttributesRef();
nsCOMPtr<nsIPrincipal> tmpResultPrincipal =
BasePrincipal::CreateCodebasePrincipal(tmpResultURI, tmpOA);
BasePrincipal::CreateContentPrincipal(tmpResultURI, tmpOA);
return aTriggeringPrincipal->Equals(tmpResultPrincipal);
}
@ -10172,8 +10172,8 @@ nsresult nsDocShell::DoURILoad(nsDocShellLoadState* aLoadState,
if (secMan) {
nsCOMPtr<nsIPrincipal> principal;
secMan->GetDocShellCodebasePrincipal(aLoadState->URI(), this,
getter_AddRefs(principal));
secMan->GetDocShellContentPrincipal(aLoadState->URI(), this,
getter_AddRefs(principal));
appCacheChannel->SetChooseApplicationCache(
NS_ShouldCheckAppCache(principal));
}

2
docshell/base/nsDocShellLoadState.cpp
View File

@ -388,7 +388,7 @@ nsresult nsDocShellLoadState::SetupTriggeringPrincipal(
if (mReferrerInfo) {
nsCOMPtr<nsIURI> referrer = mReferrerInfo->GetOriginalReferrer();
mTriggeringPrincipal =
BasePrincipal::CreateCodebasePrincipal(referrer, aOriginAttributes);
BasePrincipal::CreateContentPrincipal(referrer, aOriginAttributes);
if (!mTriggeringPrincipal) {
return NS_ERROR_FAILURE;

2
docshell/test/browser/browser_loadDisallowInherit.js
View File

@ -38,7 +38,7 @@ function startTest() {
function testURL(url, func) {
let secMan = Services.scriptSecurityManager;
let ios = Services.io;
let artificialPrincipal = secMan.createCodebasePrincipal(
let artificialPrincipal = secMan.createContentPrincipal(
ios.newURI("http://example.com/"),
{}
);

2
dom/base/ContentAreaDropListener.jsm
View File

@ -190,7 +190,7 @@ ContentAreaDropListener.prototype =
.getService(Ci.nsIIOService);
let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"].
getService(Ci.nsIScriptSecurityManager);
return secMan.createCodebasePrincipal(ioService.newURI(principalURISpec), {});
return secMan.createContentPrincipal(ioService.newURI(principalURISpec), {});
},
getTriggeringPrincipal: function(aEvent)

32
dom/base/Document.cpp
View File

@ -2424,7 +2424,7 @@ void Document::ResetToURI(nsIURI* aURI, nsILoadGroup* aLoadGroup,
"must have a load context or pass in an explicit principal");
nsCOMPtr<nsIPrincipal> principal;
nsresult rv = securityManager->GetLoadContextCodebasePrincipal(
nsresult rv = securityManager->GetLoadContextContentPrincipal(
mDocumentURI, loadContext, getter_AddRefs(principal));
if (NS_SUCCEEDED(rv)) {
SetPrincipals(principal, principal);
@ -5429,12 +5429,12 @@ void Document::GetCookie(nsAString& aCookie, ErrorResult& rv) {
do_GetService(NS_COOKIESERVICE_CONTRACTID);
if (service) {
// Get a URI from the document principal. We use the original
// codebase in case the codebase was changed by SetDomain
nsCOMPtr<nsIURI> codebaseURI;
NodePrincipal()->GetURI(getter_AddRefs(codebaseURI));
// content URI in case the domain was changed by SetDomain
nsCOMPtr<nsIURI> principalURI;
NodePrincipal()->GetURI(getter_AddRefs(principalURI));
if (!codebaseURI) {
// Document's principal is not a codebase (may be system), so
if (!principalURI) {
// Document's principal is not a content or null (may be system), so
// can't set cookies
return;
@ -5442,14 +5442,14 @@ void Document::GetCookie(nsAString& aCookie, ErrorResult& rv) {
nsCOMPtr<nsIChannel> channel(mChannel);
if (!channel) {
channel = CreateDummyChannelForCookies(codebaseURI);
channel = CreateDummyChannelForCookies(principalURI);
if (!channel) {
return;
}
}
nsAutoCString cookie;
service->GetCookieString(codebaseURI, channel, cookie);
service->GetCookieString(principalURI, channel, cookie);
// CopyUTF8toUTF16 doesn't handle error
// because it assumes that the input is valid.
UTF_8_ENCODING->DecodeWithoutBOMHandling(cookie, aCookie);
@ -5488,11 +5488,11 @@ void Document::SetCookie(const nsAString& aCookie, ErrorResult& rv) {
do_GetService(NS_COOKIESERVICE_CONTRACTID);
if (service && mDocumentURI) {
// The code for getting the URI matches Navigator::CookieEnabled
nsCOMPtr<nsIURI> codebaseURI;
NodePrincipal()->GetURI(getter_AddRefs(codebaseURI));
nsCOMPtr<nsIURI> principalURI;
NodePrincipal()->GetURI(getter_AddRefs(principalURI));
if (!codebaseURI) {
// Document's principal is not a codebase (may be system), so
if (!principalURI) {
// Document's principal is not a content or null (may be system), so
// can't set cookies
return;
@ -5500,19 +5500,19 @@ void Document::SetCookie(const nsAString& aCookie, ErrorResult& rv) {
nsCOMPtr<nsIChannel> channel(mChannel);
if (!channel) {
channel = CreateDummyChannelForCookies(codebaseURI);
channel = CreateDummyChannelForCookies(principalURI);
if (!channel) {
return;
}
}
NS_ConvertUTF16toUTF8 cookie(aCookie);
service->SetCookieString(codebaseURI, nullptr, cookie, channel);
service->SetCookieString(principalURI, nullptr, cookie, channel);
}
}
already_AddRefed<nsIChannel> Document::CreateDummyChannelForCookies(
nsIURI* aCodebaseURI) {
nsIURI* aContentURI) {
// The cookie service reads the privacy status of the channel we pass to it in
// order to determine which cookie database to query. In some cases we don't
// have a proper channel to hand it to the cookie service though. This
@ -5524,7 +5524,7 @@ already_AddRefed<nsIChannel> Document::CreateDummyChannelForCookies(
// The following channel is never openend, so it does not matter what
// securityFlags we pass; let's follow the principle of least privilege.
nsCOMPtr<nsIChannel> channel;
NS_NewChannel(getter_AddRefs(channel), aCodebaseURI, this,
NS_NewChannel(getter_AddRefs(channel), aContentURI, this,
nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED,
nsIContentPolicy::TYPE_INVALID);
nsCOMPtr<nsIPrivateBrowsingChannel> pbChannel = do_QueryInterface(channel);

12
dom/base/Document.h
View File

@ -2319,7 +2319,7 @@ class Document : public nsINode,
/**
* Reset this document to aURI, aLoadGroup, aPrincipal and aStoragePrincipal.
* aURI must not be null. If aPrincipal is null, a codebase principal based
* aURI must not be null. If aPrincipal is null, a content principal based
* on aURI will be used.
*/
virtual void ResetToURI(nsIURI* aURI, nsILoadGroup* aLoadGroup,
@ -2691,15 +2691,15 @@ class Document : public nsINode,
// If we are a document "whose URL's scheme is not a network scheme."
// NB: Explicitly allow file: URIs to store cookies.
nsCOMPtr<nsIURI> codebaseURI;
NodePrincipal()->GetURI(getter_AddRefs(codebaseURI));
nsCOMPtr<nsIURI> contentURI;
NodePrincipal()->GetURI(getter_AddRefs(contentURI));
if (!codebaseURI) {
if (!contentURI) {
return true;
}
nsAutoCString scheme;
codebaseURI->GetScheme(scheme);
contentURI->GetScheme(scheme);
return !scheme.EqualsLiteral("http") && !scheme.EqualsLiteral("https") &&
!scheme.EqualsLiteral("ftp") && !scheme.EqualsLiteral("file");
}
@ -4367,7 +4367,7 @@ class Document : public nsINode,
// This should *ONLY* be used in GetCookie/SetCookie.
already_AddRefed<nsIChannel> CreateDummyChannelForCookies(
nsIURI* aCodebaseURI);
nsIURI* aContentURI);
nsCOMPtr<nsIReferrerInfo> mPreloadReferrerInfo;
nsCOMPtr<nsIReferrerInfo> mReferrerInfo;

10
dom/base/Navigator.cpp
View File

@ -498,18 +498,18 @@ bool Navigator::CookieEnabled() {
return cookieEnabled;
}
nsCOMPtr<nsIURI> codebaseURI;
doc->NodePrincipal()->GetURI(getter_AddRefs(codebaseURI));
nsCOMPtr<nsIURI> contentURI;
doc->NodePrincipal()->GetURI(getter_AddRefs(contentURI));
if (!codebaseURI) {
// Not a codebase, so technically can't set cookies, but let's
if (!contentURI) {
// Not a content, so technically can't set cookies, but let's
// just return the default value.
return cookieEnabled;
}
uint32_t rejectedReason = 0;
bool granted = AntiTrackingCommon::IsFirstPartyStorageAccessGrantedFor(
mWindow, codebaseURI, &rejectedReason);
mWindow, contentURI, &rejectedReason);
AntiTrackingCommon::NotifyBlockingDecision(
mWindow,

12
dom/base/nsContentSink.cpp
View File

@ -310,21 +310,21 @@ nsresult nsContentSink::ProcessHeaderData(nsAtom* aHeader,
// Get a URI from the document principal
// We use the original codebase in case the codebase was changed
// We use the original content URI in case the principal was changed
// by SetDomain
// Note that a non-codebase principal (eg the system principal) will return
// Note that a non-content principal (eg the system principal) will return
// a null URI.
nsCOMPtr<nsIURI> codebaseURI;
rv = mDocument->NodePrincipal()->GetURI(getter_AddRefs(codebaseURI));
NS_ENSURE_TRUE(codebaseURI, rv);
nsCOMPtr<nsIURI> contentURI;
rv = mDocument->NodePrincipal()->GetURI(getter_AddRefs(contentURI));
NS_ENSURE_TRUE(contentURI, rv);
nsCOMPtr<nsIChannel> channel;
if (mParser) {
mParser->GetChannel(getter_AddRefs(channel));
}
rv = cookieServ->SetCookieString(codebaseURI, nullptr,
rv = cookieServ->SetCookieString(contentURI, nullptr,
NS_ConvertUTF16toUTF8(aValue), channel);
if (NS_FAILED(rv)) {
return rv;

2
dom/base/nsContentUtils.cpp
View File

@ -8991,7 +8991,7 @@ bool nsContentUtils::HttpsStateIsModern(Document* aDocument) {
return false;
}
MOZ_ASSERT(principal->GetIsCodebasePrincipal());
MOZ_ASSERT(principal->GetIsContentPrincipal());
nsCOMPtr<nsIContentSecurityManager> csm =
do_GetService(NS_CONTENTSECURITYMANAGER_CONTRACTID);

8
dom/base/nsGlobalWindowOuter.cpp
View File

@ -1681,9 +1681,9 @@ bool nsGlobalWindowOuter::ComputeIsSecureContext(Document* aDocument,
// it doesn't actually matter what we use here, but reusing the document
// principal's attributes is convenient.
const OriginAttributes& attrs = principal->OriginAttributesRef();
// CreateCodebasePrincipal correctly gets a useful principal for blob: and
// CreateContentPrincipal correctly gets a useful principal for blob: and
// other URI_INHERITS_SECURITY_CONTEXT URIs.
principal = BasePrincipal::CreateCodebasePrincipal(uri, attrs);
principal = BasePrincipal::CreateContentPrincipal(uri, attrs);
if (NS_WARN_IF(!principal)) {
return false;
}
@ -5973,7 +5973,7 @@ bool nsGlobalWindowOuter::GetPrincipalForPostMessage(
// Create a nsIPrincipal inheriting the app/browser attributes from the
// caller.
providedPrincipal =
BasePrincipal::CreateCodebasePrincipal(aTargetOriginURI, attrs);
BasePrincipal::CreateContentPrincipal(aTargetOriginURI, attrs);
if (NS_WARN_IF(!providedPrincipal)) {
return false;
}
@ -7291,7 +7291,7 @@ void nsGlobalWindowOuter::MaybeAllowStorageForOpenedWindow(nsIURI* aURI) {
if (!doc) {
return;
}
nsCOMPtr<nsIPrincipal> principal = BasePrincipal::CreateCodebasePrincipal(
nsCOMPtr<nsIPrincipal> principal = BasePrincipal::CreateContentPrincipal(
aURI, doc->NodePrincipal()->OriginAttributesRef());
// We don't care when the asynchronous work finishes here.

6
dom/base/test/browser_multiple_popups.js
View File

@ -75,7 +75,7 @@ add_task(async _ => {
});
const uri = Services.io.newURI(TEST_DOMAIN);
const principal = Services.scriptSecurityManager.createCodebasePrincipal(
const principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);
@ -138,7 +138,7 @@ add_task(async _ => {
});
const uri = Services.io.newURI(TEST_DOMAIN);
const principal = Services.scriptSecurityManager.createCodebasePrincipal(
const principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);
@ -356,7 +356,7 @@ add_task(async _ => {
});
const uri = Services.io.newURI(TEST_DOMAIN);
const principal = Services.scriptSecurityManager.createCodebasePrincipal(
const principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);

4
dom/base/test/unit/test_structuredcloneholder.js
View File

@ -3,7 +3,7 @@
const global = this;
add_task(async function test_structuredCloneHolder() {
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
Services.io.newURI("http://example.com/"),
{}
);
@ -113,7 +113,7 @@ add_task(async function test_structuredCloneHolder() {
// Test that X-rays passed to an exported function are serialized
// through their exported wrappers.
add_task(async function test_structuredCloneHolder_xray() {
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
Services.io.newURI("http://example.com/"),
{}
);

8
dom/browser-element/mochitest/browserElement_Auth.js
View File

@ -224,7 +224,7 @@ function testAuthJarNoInterfere(e) {
// Set a bunch of auth data that should not conflict with the correct auth data already
// stored in the cache.
var attrs = { userContextId: 1 };
var principal = secMan.createCodebasePrincipal(uri, attrs);
var principal = secMan.createContentPrincipal(uri, attrs);
authMgr.setAuthIdentity(
"http",
"test",
@ -239,7 +239,7 @@ function testAuthJarNoInterfere(e) {
principal
);
attrs = { userContextId: 1, inIsolatedMozBrowser: true };
principal = secMan.createCodebasePrincipal(uri, attrs);
principal = secMan.createContentPrincipal(uri, attrs);
authMgr.setAuthIdentity(
"http",
"test",
@ -253,7 +253,7 @@ function testAuthJarNoInterfere(e) {
false,
principal
);
principal = secMan.createCodebasePrincipal(uri, {});
principal = secMan.createContentPrincipal(uri, {});
authMgr.setAuthIdentity(
"http",
"test",
@ -301,7 +301,7 @@ function testAuthJarInterfere(e) {
);
// Set some auth data that should overwrite the successful stored details.
var principal = secMan.createCodebasePrincipal(uri, {
var principal = secMan.createContentPrincipal(uri, {
inIsolatedMozBrowser: true,
});
authMgr.setAuthIdentity(

2
dom/html/HTMLIFrameElement.cpp
View File

@ -239,7 +239,7 @@ HTMLIFrameElement::GetFeaturePolicyDefaultOrigin() const {
nsCOMPtr<nsIURI> nodeURI;
if (GetURIAttr(nsGkAtoms::src, nullptr, getter_AddRefs(nodeURI)) && nodeURI) {
principal = BasePrincipal::CreateCodebasePrincipal(
principal = BasePrincipal::CreateContentPrincipal(
nodeURI, BasePrincipal::Cast(NodePrincipal())->OriginAttributesRef());
}

2
dom/indexedDB/test/bug839193.js
View File

@ -14,7 +14,7 @@ function onLoad() {
var quotaManagerService = Cc[
"@mozilla.org/dom/quota-manager-service;1"
].getService(nsIQuotaManagerService);
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
gURI,
{}
);

6
dom/indexedDB/test/head.js
View File

@ -124,7 +124,7 @@ function dispatchEvent(eventName) {
function setPermission(url, permission) {
let uri = Services.io.newURI(url);
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);
@ -138,7 +138,7 @@ function setPermission(url, permission) {
function removePermission(url, permission) {
let uri = Services.io.newURI(url);
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);
@ -148,7 +148,7 @@ function removePermission(url, permission) {
function getPermission(url, permission) {
let uri = Services.io.newURI(url);
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);

2
dom/indexedDB/test/unit/test_bad_origin_directory.js
View File

@ -11,7 +11,7 @@ function* testSteps() {
let uri = Services.io.newURI(url);
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);

2
dom/indexedDB/test/unit/test_idle_maintenance.js
View File

@ -8,7 +8,7 @@ var testGenerator = testSteps();
function* testSteps() {
let uri = Services.io.newURI("https://www.example.com");
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);

2
dom/indexedDB/test/unit/test_metadata2Restore.js
View File

@ -298,7 +298,7 @@ function* testSteps() {
let request;
if ("url" in params) {
let uri = Services.io.newURI(params.url);
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
params.attrs || {}
);

2
dom/indexedDB/test/unit/test_metadataRestore.js
View File

@ -97,7 +97,7 @@ function* testSteps() {
let request;
if ("url" in params) {
let uri = Services.io.newURI(params.url);
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);

2
dom/indexedDB/test/unit/test_oldDirectories.js
View File

@ -13,7 +13,7 @@ function* testSteps() {
function openDatabase() {
let uri = Services.io.newURI(url);
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);

2
dom/indexedDB/test/unit/test_open_for_principal.js
View File

@ -46,7 +46,7 @@ function* testSteps() {
is(event.target.result, data.key, "Got correct key");
let uri = Services.io.newURI("http://appdata.example.com");
let principal = Services.scriptSecurityManager.createCodebasePrincipal(
let principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
{}
);

2
dom/indexedDB/test/unit/xpcshell-head-parent-process.js
View File

@ -519,7 +519,7 @@ function setMaxSerializedMsgSize(aSize) {
function getPrincipal(url) {
let uri = Services.io.newURI(url);
return Services.scriptSecurityManager.createCodebasePrincipal(uri, {});
return Services.scriptSecurityManager.createContentPrincipal(uri, {});
}
function expectingSuccess(request) {

2
dom/interfaces/storage/nsIStorageActivityService.idl
View File

@ -24,7 +24,7 @@ interface nsIStorageActivityService : nsISupports
// This returns an array of nsIPrincipals, active between |from| and |to|
// timestamps. Note activities older than 1 day are forgotten.
// Activity details are not persisted, so this only covers activity since
// Firefox was started. All codebase principals are logged, which includes
// Firefox was started. All content principals are logged, which includes
// non-system principals like "moz-extension://ID", "moz-safe-about:home",
// "about:newtab", so principals may need to be filtered before being used.
nsIArray getActiveOrigins(in PRTime from, in PRTime to);

2
dom/ipc/ContentChild.cpp
View File

@ -2660,7 +2660,7 @@ mozilla::ipc::IPCResult ContentChild::RecvAddPermission(
NS_ENSURE_SUCCESS(rv, IPC_OK());
nsCOMPtr<nsIPrincipal> principal =
mozilla::BasePrincipal::CreateCodebasePrincipal(uri, attrs);
mozilla::BasePrincipal::CreateContentPrincipal(uri, attrs);
// child processes don't care about modification time.
int64_t modificationTime = 0;

2
dom/ipc/ContentParent.cpp
View File

@ -5410,7 +5410,7 @@ nsresult ContentParent::AboutToLoadHttpFtpDocumentForChild(
return NS_OK;
}
if (principal->GetIsCodebasePrincipal()) {
if (principal->GetIsContentPrincipal()) {
nsCOMPtr<nsILocalStorageManager> lsm =
do_GetService("@mozilla.org/dom/localStorage-manager;1");
if (NS_WARN_IF(!lsm)) {

8
dom/localstorage/test/gtest/TestLocalStorage.cpp
View File

@ -27,7 +27,7 @@ struct OriginKeyTest {
const char* mOriginKey;
};
already_AddRefed<nsIPrincipal> GetCodebasePrincipal(const char* aSpec) {
already_AddRefed<nsIPrincipal> GetContentPrincipal(const char* aSpec) {
nsCOMPtr<nsIURI> uri;
nsresult rv = NS_NewURI(getter_AddRefs(uri), nsDependentCString(aSpec));
if (NS_WARN_IF(NS_FAILED(rv))) {
@ -37,7 +37,7 @@ already_AddRefed<nsIPrincipal> GetCodebasePrincipal(const char* aSpec) {
OriginAttributes attrs;
nsCOMPtr<nsIPrincipal> principal =
BasePrincipal::CreateCodebasePrincipal(uri, attrs);
BasePrincipal::CreateContentPrincipal(uri, attrs);
return principal.forget();
}
@ -109,9 +109,9 @@ TEST(LocalStorage, OriginKey)
};
for (const auto& test : tests) {
principal = GetCodebasePrincipal(test.mSpec);
principal = GetContentPrincipal(test.mSpec);
ASSERT_TRUE(principal)
<< "GetCodebasePrincipal() should not fail";
<< "GetContentPrincipal() should not fail";
CheckGeneratedOriginKey(principal, test.mOriginKey);
}

2
dom/localstorage/test/unit/head.js
View File

@ -261,7 +261,7 @@ function getPrincipal(url, attrs) {
if (!attrs) {
attrs = {};
}
return Services.scriptSecurityManager.createCodebasePrincipal(uri, attrs);
return Services.scriptSecurityManager.createContentPrincipal(uri, attrs);
}
function getCurrentPrincipal() {

2
dom/media/DOMMediaStream.cpp
View File

@ -732,7 +732,7 @@ void DOMMediaStream::NotifyPrincipalChanged() {
LOG(LogLevel::Info, ("DOMMediaStream %p Principal changed. Now: "
"null=%d, codebase=%d, expanded=%d, system=%d",
this, mPrincipal->GetIsNullPrincipal(),
mPrincipal->GetIsCodebasePrincipal(),
mPrincipal->GetIsContentPrincipal(),
mPrincipal->GetIsExpandedPrincipal(),
mPrincipal->IsSystemPrincipal()));
}

2
dom/media/MediaStreamTrack.cpp
View File

@ -402,7 +402,7 @@ void MediaStreamTrack::SetPrincipal(nsIPrincipal* aPrincipal) {
("MediaStreamTrack %p principal changed to %p. Now: "
"null=%d, codebase=%d, expanded=%d, system=%d",
this, mPrincipal.get(), mPrincipal->GetIsNullPrincipal(),
mPrincipal->GetIsCodebasePrincipal(),
mPrincipal->GetIsContentPrincipal(),
mPrincipal->GetIsExpandedPrincipal(), mPrincipal->IsSystemPrincipal()));
for (PrincipalChangeObserver<MediaStreamTrack>* observer :
mPrincipalChangeObservers) {

2
dom/notification/test/mochitest/test_notification_insecure_context.html
View File

@ -20,7 +20,7 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=1429432
// Add an allow permission for the mochitest origin to test this.
let script = SpecialPowers.loadChromeScript(function() {
let {Services} = ChromeUtils.import("resource://gre/modules/Services.jsm");
let principal = Services.scriptSecurityManager.createCodebasePrincipalFromOrigin("http://mochi.test:8888");
let principal = Services.scriptSecurityManager.createContentPrincipalFromOrigin("http://mochi.test:8888");
Services.perms.addFromPrincipal(principal, "desktop-notification", Services.perms.ALLOW_ACTION);
/* global addMessageListener */
addMessageListener("destroy", function() {

4
dom/plugins/base/nsPluginInstanceOwner.cpp
View File

@ -430,7 +430,7 @@ NS_IMETHODIMP nsPluginInstanceOwner::GetURL(
(PopupBlocker::PopupControlState)blockPopups);
// if security checks (in particular CheckLoadURIWithPrincipal) needs
// to be skipped we are creating a codebasePrincipal to make sure
// to be skipped we are creating a contentPrincipal to make sure
// that security check succeeds. Please note that we do not want to
// fall back to using the systemPrincipal, because that would also
// bypass ContentPolicy checks which should still be enforced.
@ -438,7 +438,7 @@ NS_IMETHODIMP nsPluginInstanceOwner::GetURL(
if (!aDoCheckLoadURIChecks) {
mozilla::OriginAttributes attrs =
BasePrincipal::Cast(content->NodePrincipal())->OriginAttributesRef();
triggeringPrincipal = BasePrincipal::CreateCodebasePrincipal(uri, attrs);
triggeringPrincipal = BasePrincipal::CreateContentPrincipal(uri, attrs);
} else {
triggeringPrincipal =
NullPrincipal::CreateWithInheritedAttributes(content->NodePrincipal());

2
dom/presentation/PresentationRequest.cpp
View File

@ -504,7 +504,7 @@ bool PresentationRequest::IsPrioriAuthenticatedURL(const nsAString& aUrl) {
OriginAttributes attrs;
nsCOMPtr<nsIPrincipal> principal =
BasePrincipal::CreateCodebasePrincipal(uri, attrs);
BasePrincipal::CreateContentPrincipal(uri, attrs);
if (NS_WARN_IF(!principal)) {
return false;
}

2
dom/push/PushRecord.jsm
View File

@ -306,7 +306,7 @@ Object.defineProperties(PushRecord.prototype, {
let uri = Services.io.newURI(this.scope);
// Allow tests to omit origin attributes.
let originSuffix = this.originAttributes || "";
principal = Services.scriptSecurityManager.createCodebasePrincipal(
principal = Services.scriptSecurityManager.createContentPrincipal(
uri,
ChromeUtils.createOriginAttributesFromOrigin(originSuffix)
);

2
dom/push/test/xpcshell/test_permissions.js
View File

@ -35,7 +35,7 @@ function makePushPermission(url, capability) {
capability: Ci.nsIPermissionManager[capability],
expireTime: 0,
expireType: Ci.nsIPermissionManager.EXPIRE_NEVER,
principal: Services.scriptSecurityManager.createCodebasePrincipal(
principal: Services.scriptSecurityManager.createContentPrincipal(
Services.io.newURI(url),
{}
),

Some files were not shown because too many files have changed in this diff Show More