From 48993ddce1ff787d6543eb3cba40cd63c30cf129 Mon Sep 17 00:00:00 2001 From: Bogdan Tara Date: Tue, 16 Oct 2018 00:30:00 +0300 Subject: [PATCH] Backed out 2 changesets (bug 1497301) for /url/failure.html failures CLOSED TREE Backed out changeset 45ba0943d666 (bug 1497301) Backed out changeset 0bd7470927d2 (bug 1497301) --- dom/base/Location.cpp | 207 ++++++++++++++++++------------------- dom/base/Location.h | 21 +--- dom/bindings/Errors.msg | 1 - dom/webidl/Location.webidl | 2 +- 4 files changed, 106 insertions(+), 125 deletions(-) diff --git a/dom/base/Location.cpp b/dom/base/Location.cpp index d18782ab652b..82183c7a516e 100644 --- a/dom/base/Location.cpp +++ b/dom/base/Location.cpp @@ -61,94 +61,92 @@ NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(Location, mInnerWindow) NS_IMPL_CYCLE_COLLECTING_ADDREF(Location) NS_IMPL_CYCLE_COLLECTING_RELEASE(Location) -already_AddRefed -Location::CheckURL(nsIURI* aURI, nsIPrincipal& aSubjectPrincipal, - ErrorResult& aRv) +nsresult +Location::CheckURL(nsIURI* aURI, nsDocShellLoadInfo** aLoadInfo) { + *aLoadInfo = nullptr; + nsCOMPtr docShell(do_QueryReferent(mDocShell)); - if (NS_WARN_IF(!docShell)) { - aRv.Throw(NS_ERROR_NOT_AVAILABLE); - return nullptr; - } + NS_ENSURE_TRUE(docShell, NS_ERROR_NOT_AVAILABLE); nsCOMPtr triggeringPrincipal; nsCOMPtr sourceURI; net::ReferrerPolicy referrerPolicy = net::RP_Unset; - // Get security manager. - nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager(); - if (NS_WARN_IF(!ssm)) { - aRv.Throw(NS_ERROR_UNEXPECTED); - return nullptr; - } + if (JSContext *cx = nsContentUtils::GetCurrentJSContext()) { + // No cx means that there's no JS running, or at least no JS that + // was run through code that properly pushed a context onto the + // context stack (as all code that runs JS off of web pages + // does). We won't bother with security checks in this case, but + // we need to create the loadinfo etc. - // Check to see if URI is allowed. - nsresult rv = ssm->CheckLoadURIWithPrincipal(&aSubjectPrincipal, aURI, - nsIScriptSecurityManager::STANDARD); - if (NS_WARN_IF(NS_FAILED(rv))) { - nsAutoCString spec; - aURI->GetSpec(spec); - aRv.ThrowTypeError(NS_ConvertUTF8toUTF16(spec)); - return nullptr; - } + // Get security manager. + nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager(); + NS_ENSURE_STATE(ssm); - // Make the load's referrer reflect changes to the document's URI caused by - // push/replaceState, if possible. First, get the document corresponding to - // fp. If the document's original URI (i.e. its URI before - // push/replaceState) matches the principal's URI, use the document's - // current URI as the referrer. If they don't match, use the principal's - // URI. - // - // The triggering principal for this load should be the principal of the - // incumbent document (which matches where the referrer information is - // coming from) when there is an incumbent document, and the subject - // principal otherwise. Note that the URI in the triggering principal - // may not match the referrer URI in various cases, notably including - // the cases when the incumbent document's document URI was modified - // after the document was loaded. + // Check to see if URI is allowed. + nsresult rv = ssm->CheckLoadURIFromScript(cx, aURI); + NS_ENSURE_SUCCESS(rv, rv); - nsCOMPtr incumbent = - do_QueryInterface(mozilla::dom::GetIncumbentGlobal()); - nsCOMPtr doc = incumbent ? incumbent->GetDoc() : nullptr; + // Make the load's referrer reflect changes to the document's URI caused by + // push/replaceState, if possible. First, get the document corresponding to + // fp. If the document's original URI (i.e. its URI before + // push/replaceState) matches the principal's URI, use the document's + // current URI as the referrer. If they don't match, use the principal's + // URI. + // + // The triggering principal for this load should be the principal of the + // incumbent document (which matches where the referrer information is + // coming from) when there is an incumbent document, and the subject + // principal otherwise. Note that the URI in the triggering principal + // may not match the referrer URI in various cases, notably including + // the cases when the incumbent document's document URI was modified + // after the document was loaded. - if (doc) { - nsCOMPtr docOriginalURI, docCurrentURI, principalURI; - docOriginalURI = doc->GetOriginalURI(); - docCurrentURI = doc->GetDocumentURI(); - rv = doc->NodePrincipal()->GetURI(getter_AddRefs(principalURI)); - if (NS_WARN_IF(NS_FAILED(rv))) { - aRv.Throw(rv); - return nullptr; - } + nsCOMPtr incumbent = + do_QueryInterface(mozilla::dom::GetIncumbentGlobal()); + nsCOMPtr doc = incumbent ? incumbent->GetDoc() : nullptr; - triggeringPrincipal = doc->NodePrincipal(); - referrerPolicy = doc->GetReferrerPolicy(); + if (doc) { + nsCOMPtr docOriginalURI, docCurrentURI, principalURI; + docOriginalURI = doc->GetOriginalURI(); + docCurrentURI = doc->GetDocumentURI(); + rv = doc->NodePrincipal()->GetURI(getter_AddRefs(principalURI)); + NS_ENSURE_SUCCESS(rv, rv); - bool urisEqual = false; - if (docOriginalURI && docCurrentURI && principalURI) { - principalURI->Equals(docOriginalURI, &urisEqual); - } - if (urisEqual) { - sourceURI = docCurrentURI; - } - else { - // Use principalURI as long as it is not an NullPrincipalURI. We - // could add a method such as GetReferrerURI to principals to make this - // cleaner, but given that we need to start using Source Browsing - // Context for referrer (see Bug 960639) this may be wasted effort at - // this stage. - if (principalURI) { - bool isNullPrincipalScheme; - rv = principalURI->SchemeIs(NS_NULLPRINCIPAL_SCHEME, - &isNullPrincipalScheme); - if (NS_SUCCEEDED(rv) && !isNullPrincipalScheme) { - sourceURI = principalURI; + triggeringPrincipal = doc->NodePrincipal(); + referrerPolicy = doc->GetReferrerPolicy(); + + bool urisEqual = false; + if (docOriginalURI && docCurrentURI && principalURI) { + principalURI->Equals(docOriginalURI, &urisEqual); + } + if (urisEqual) { + sourceURI = docCurrentURI; + } + else { + // Use principalURI as long as it is not an NullPrincipalURI. We + // could add a method such as GetReferrerURI to principals to make this + // cleaner, but given that we need to start using Source Browsing + // Context for referrer (see Bug 960639) this may be wasted effort at + // this stage. + if (principalURI) { + bool isNullPrincipalScheme; + rv = principalURI->SchemeIs(NS_NULLPRINCIPAL_SCHEME, + &isNullPrincipalScheme); + if (NS_SUCCEEDED(rv) && !isNullPrincipalScheme) { + sourceURI = principalURI; + } } } } - } else { - // No document; just use our subject principal as the triggering principal. - triggeringPrincipal = &aSubjectPrincipal; + else { + // No document; determine triggeringPrincipal by quering the + // subjectPrincipal, wich is the principal of the current JS + // compartment, or a null principal in case there is no + // compartment yet. + triggeringPrincipal = nsContentUtils::SubjectPrincipal(); + } } // Create load info @@ -161,7 +159,9 @@ Location::CheckURL(nsIURI* aURI, nsIPrincipal& aSubjectPrincipal, loadInfo->SetReferrerPolicy(referrerPolicy); } - return loadInfo.forget(); + loadInfo.swap(*aLoadInfo); + + return NS_OK; } nsresult @@ -206,17 +206,15 @@ Location::GetURI(nsIURI** aURI, bool aGetInnermostURI) return urifixup->CreateExposableURI(uri, aURI); } -void -Location::SetURI(nsIURI* aURI, nsIPrincipal& aSubjectPrincipal, - ErrorResult& aRv, bool aReplace) +nsresult +Location::SetURI(nsIURI* aURI, bool aReplace) { nsCOMPtr docShell(do_QueryReferent(mDocShell)); if (docShell) { - RefPtr loadInfo = - CheckURL(aURI, aSubjectPrincipal, aRv); - if (aRv.Failed()) { - return; - } + RefPtr loadInfo; + + if(NS_FAILED(CheckURL(aURI, getter_AddRefs(loadInfo)))) + return NS_ERROR_FAILURE; if (aReplace) { loadInfo->SetLoadType(LOAD_STOP_CONTENT_AND_REPLACE); @@ -231,12 +229,11 @@ Location::SetURI(nsIURI* aURI, nsIPrincipal& aSubjectPrincipal, loadInfo->SetSourceDocShell(sourceWindow->GetDocShell()); } - nsresult rv = docShell->LoadURI(aURI, loadInfo, - nsIWebNavigation::LOAD_FLAGS_NONE, true); - if (NS_WARN_IF(NS_FAILED(rv))) { - aRv.Throw(rv); - } + return docShell->LoadURI(aURI, loadInfo, + nsIWebNavigation::LOAD_FLAGS_NONE, true); } + + return NS_OK; } void @@ -308,7 +305,7 @@ Location::SetHash(const nsAString& aHash, return; } - SetURI(uri, aSubjectPrincipal, aRv); + aRv = SetURI(uri); } void @@ -362,7 +359,7 @@ Location::SetHost(const nsAString& aHost, return; } - SetURI(uri, aSubjectPrincipal, aRv); + aRv = SetURI(uri); } void @@ -407,7 +404,7 @@ Location::SetHostname(const nsAString& aHostname, return; } - SetURI(uri, aSubjectPrincipal, aRv); + aRv = SetURI(uri); } nsresult @@ -433,25 +430,23 @@ Location::GetHref(nsAString& aHref) void Location::SetHref(const nsAString& aHref, - nsIPrincipal& aSubjectPrincipal, ErrorResult& aRv) { - DoSetHref(aHref, aSubjectPrincipal, false, aRv); + DoSetHref(aHref, false, aRv); } void -Location::DoSetHref(const nsAString& aHref, nsIPrincipal& aSubjectPrincipal, - bool aReplace, ErrorResult& aRv) +Location::DoSetHref(const nsAString& aHref, bool aReplace, ErrorResult& aRv) { // Get the source of the caller nsCOMPtr base = GetSourceBaseURL(); - SetHrefWithBase(aHref, base, aSubjectPrincipal, aReplace, aRv); + + aRv = SetHrefWithBase(aHref, base, aReplace); } -void +nsresult Location::SetHrefWithBase(const nsAString& aHref, nsIURI* aBase, - nsIPrincipal& aSubjectPrincipal, - bool aReplace, ErrorResult& aRv) + bool aReplace) { nsresult result; nsCOMPtr newUri; @@ -493,11 +488,9 @@ Location::SetHrefWithBase(const nsAString& aHref, nsIURI* aBase, } } - SetURI(newUri, aSubjectPrincipal, aRv, aReplace || inScriptTag); - return; + return SetURI(newUri, aReplace || inScriptTag); } - - aRv.Throw(result); + return result; } void @@ -578,7 +571,7 @@ Location::SetPathname(const nsAString& aPathname, return; } - SetURI(uri, aSubjectPrincipal, aRv); + aRv = SetURI(uri); } void @@ -647,7 +640,7 @@ Location::SetPort(const nsAString& aPort, return; } - SetURI(uri, aSubjectPrincipal, aRv); + aRv = SetURI(uri); } void @@ -744,7 +737,7 @@ Location::SetProtocol(const nsAString& aProtocol, return; } - SetURI(uri, aSubjectPrincipal, aRv); + aRv = SetURI(uri); } void @@ -809,7 +802,7 @@ Location::SetSearch(const nsAString& aSearch, return; } - SetURI(uri, aSubjectPrincipal, aRv); + aRv = SetURI(uri); } nsresult @@ -865,7 +858,7 @@ Location::Replace(const nsAString& aUrl, nsIPrincipal& aSubjectPrincipal, ErrorResult& aRv) { - DoSetHref(aUrl, aSubjectPrincipal, true, aRv); + DoSetHref(aUrl, true, aRv); } void @@ -878,7 +871,7 @@ Location::Assign(const nsAString& aUrl, return; } - DoSetHref(aUrl, aSubjectPrincipal, false, aRv); + DoSetHref(aUrl, false, aRv); } already_AddRefed diff --git a/dom/base/Location.h b/dom/base/Location.h index 6382778b53d7..d1cf19050239 100644 --- a/dom/base/Location.h +++ b/dom/base/Location.h @@ -68,7 +68,6 @@ public: } void SetHref(const nsAString& aHref, - nsIPrincipal& aSubjectPrincipal, ErrorResult& aError); void GetOrigin(nsAString& aOrigin, @@ -167,27 +166,17 @@ protected: // Note, this method can return NS_OK with a null value for aURL. This happens // if the docShell is null. nsresult GetURI(nsIURI** aURL, bool aGetInnermostURI = false); - void SetURI(nsIURI* aURL, nsIPrincipal& aSubjectPrincipal, - ErrorResult& aRv, bool aReplace = false); - void SetHrefWithBase(const nsAString& aHref, nsIURI* aBase, - nsIPrincipal& aSubjectPrincipal, - bool aReplace, ErrorResult& aRv); + nsresult SetURI(nsIURI* aURL, bool aReplace = false); + nsresult SetHrefWithBase(const nsAString& aHref, nsIURI* aBase, + bool aReplace); // Helper for Assign/SetHref/Replace - void DoSetHref(const nsAString& aHref, nsIPrincipal& aSubjectPrincipal, - bool aReplace, ErrorResult& aRv); + void DoSetHref(const nsAString& aHref, bool aReplace, ErrorResult& aRv); // Get the base URL we should be using for our relative URL // resolution for SetHref/Assign/Replace. already_AddRefed GetSourceBaseURL(); - - // Check whether it's OK to load the given url with the given subject - // principal, and if so construct the right nsDocShellLoadInfo for the load - // and return it. - already_AddRefed CheckURL(nsIURI *url, - nsIPrincipal& aSubjectPrincipal, - ErrorResult& aRv); - + nsresult CheckURL(nsIURI *url, nsDocShellLoadInfo** aLoadInfo); bool CallerSubsumes(nsIPrincipal* aSubjectPrincipal); nsString mCachedHash; diff --git a/dom/bindings/Errors.msg b/dom/bindings/Errors.msg index 1d7e5a07b88c..26dee8593cdf 100644 --- a/dom/bindings/Errors.msg +++ b/dom/bindings/Errors.msg @@ -116,4 +116,3 @@ MSG_DEF(MSG_INVALID_PANNERNODE_REFDISTANCE_ERROR, 0, JSEXN_RANGEERR, "The refDis MSG_DEF(MSG_INVALID_PANNERNODE_MAXDISTANCE_ERROR, 0, JSEXN_RANGEERR, "The maxDistance value passed to PannerNode must be positive.") MSG_DEF(MSG_INVALID_PANNERNODE_ROLLOFF_ERROR, 0, JSEXN_RANGEERR, "The rolloffFactor value passed to PannerNode must not be negative.") MSG_DEF(MSG_NOT_ARRAY_NOR_UNDEFINED, 1, JSEXN_TYPEERR, "{0} is neither an array nor undefined.") -MSG_DEF(MSG_URL_NOT_LOADABLE, 1, JSEXN_TYPEERR, "Access to '{0}' from script denied.") diff --git a/dom/webidl/Location.webidl b/dom/webidl/Location.webidl index b802d32b5cc3..7381f6d1c434 100644 --- a/dom/webidl/Location.webidl +++ b/dom/webidl/Location.webidl @@ -20,7 +20,7 @@ interface Location { [Throws, NeedsSubjectPrincipal] stringifier; - [Throws, CrossOriginWritable, NeedsSubjectPrincipal] + [Throws, CrossOriginWritable, GetterNeedsSubjectPrincipal] attribute USVString href; [Throws, NeedsSubjectPrincipal] readonly attribute USVString origin;