Bug 656815: make loading javascript: URIs in a docshell work for DISALLOW_INHERIT_OWNER loads, r=bz

--HG-- extra : rebase_source : 6b0e289ac80ffab967813b06e2e28f2842921b70
2024-10-10 11:55:49 +00:00 · 2011-05-13 10:40:22 -07:00 · 2011-05-13 10:40:22 -07:00 · 479d8a0b0c
commit 479d8a0b0c
parent 0a1ed803a8
3 changed files with 44 additions and 30 deletions
--- a/browser/base/content/test/browser_locationBarExternalLoad.js
+++ b/browser/base/content/test/browser_locationBarExternalLoad.js
@ -7,21 +7,15 @@ function test() {
  nextTest();
 }

-let gTests = [
-// XXX bug 656815: javascript: URIs can't currently execute without inheriting
-// the page principal
-//  {
-//    url: "javascript:document.domain;"
-//  },
-  {
-    url: "data:text/html,<script>document.write(document.domain);</script>"
-  },
+let urls = [
+  "javascript:'foopy';",
+  "data:text/html,<script>document.write(document.domain);</script>"
 ];

 function nextTest() {
-  let test = gTests.shift();
-  if (test)
-    testURL(test.url, nextTest);
+  let url = urls.shift();
+  if (url)
+    testURL(url, nextTest);
  else
    finish();
 }
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@ -1389,9 +1389,14 @@ nsDocShell::LoadURI(nsIURI * aURI,
        }
    }

+    if (aLoadFlags & LOAD_FLAGS_DISALLOW_INHERIT_OWNER) {
+        inheritOwner = PR_FALSE;
+        owner = do_CreateInstance("@mozilla.org/nullprincipal;1");
+    }
+
    PRUint32 flags = 0;

-    if (inheritOwner && !(aLoadFlags & LOAD_FLAGS_DISALLOW_INHERIT_OWNER))
+    if (inheritOwner)
        flags |= INTERNAL_LOAD_FLAGS_INHERIT_OWNER;

    if (!sendReferrer)
--- a/docshell/test/browser/browser_loadDisallowInherit.js
+++ b/docshell/test/browser/browser_loadDisallowInherit.js
@ -22,27 +22,42 @@ function test() {
  }

  // Load a normal http URL
-  loadURL("http://example.com/", 0, function () {
-    let pagePrincipal = browser.contentPrincipal;
+  function testURL(url, func) {
+    loadURL("http://example.com/", 0, function () {
+      let pagePrincipal = browser.contentPrincipal;
+      ok(pagePrincipal, "got principal for http:// page");

-    // Now load a data URI normally
-    loadURL("data:text/html,<body>inherit", 0, function () {
-      let dataPrincipal = browser.contentPrincipal;
-      ok(dataPrincipal.equals(pagePrincipal), "data URI should inherit principal");
+      // Now load the URL normally
+      loadURL(url, 0, function () {
+        ok(browser.contentPrincipal.equals(pagePrincipal), url + " should inherit principal");

-      // Load a normal http URL
-      loadURL("http://example.com/", 0, function () {
-        let innerPagePrincipal = browser.contentPrincipal;
-
-        // Now load a data URI and disallow inheriting the principal
+        // Now load the URL and disallow inheriting the principal
        let webNav = Components.interfaces.nsIWebNavigation;
-        loadURL("data:text/html,<body>noinherit", webNav.LOAD_FLAGS_DISALLOW_INHERIT_OWNER, function () {
-          let innerDataPrincipal = browser.contentPrincipal;
-          ok(!innerDataPrincipal.equals(innerPagePrincipal), "data URI should not inherit principal");
-
-          finish();
+        loadURL(url, webNav.LOAD_FLAGS_DISALLOW_INHERIT_OWNER, function () {
+          let newPrincipal = browser.contentPrincipal;
+          ok(newPrincipal, "got inner principal");
+          ok(!newPrincipal.equals(pagePrincipal),
+             url + " should not inherit principal when loaded with DISALLOW_INHERIT_OWNER");
+  
+          func();
        });
      });
    });
-  });
+  }
+
+  let urls = [
+    "data:text/html,<body>hi",
+    "javascript:1;"
+  ];
+
+  function nextTest() {
+    let url = urls.shift();
+    if (url)
+      testURL(url, nextTest);
+    else
+      finish();
+  }
+  
+  nextTest();
 }
+