Bug 758258 - Part 2 - Add GetExtendedOrigin(), NO_APP_ID and UNKNOWN_APP_ID. r=sicking

2024-10-09 19:35:51 +00:00 · 2012-07-18 21:25:19 -07:00 · 2012-07-18 21:25:19 -07:00 · 49af88332c
commit 49af88332c
parent 59be621600
6 changed files with 77 additions and 4 deletions
--- a/caps/idl/nsIScriptSecurityManager.idl
+++ b/caps/idl/nsIScriptSecurityManager.idl
@ -9,7 +9,7 @@
 interface nsIURI;
 interface nsIChannel;

-[scriptable, uuid(cdb27711-492b-4973-938b-de81ac124658)]
+[scriptable, uuid(bd94820d-4fd5-4d57-a40e-406ee72d27b7)]
 interface nsIScriptSecurityManager : nsIXPCSecurityManager
 {
    ///////////////// Security Checks //////////////////
@ -236,6 +236,18 @@ interface nsIScriptSecurityManager : nsIXPCSecurityManager
    [noscript,notxpcom] nsIPrincipal getCxSubjectPrincipal(in JSContextPtr cx);
    [noscript,notxpcom] nsIPrincipal getCxSubjectPrincipalAndFrame(in JSContextPtr cx,
                                                                   out JSStackFramePtr fp);
+
+
+    const unsigned long NO_APP_ID = 0;
+    const unsigned long UNKNOWN_APP_ID = 4294967295; // PR_UINT32_MAX
+
+    /**
+     * Returns the extended origin for the uri.
+     * appId can be NO_APP_ID, UNKWOWN_APP_ID or a valid app id.
+     * inMozBrowser has to be true if the uri is inside a mozbrowser iframe.
+     */
+    AUTF8String getExtendedOrigin(in nsIURI uri, in unsigned long appId,
+                                  in boolean inMozBrowser);
 };

 %{C++
--- a/caps/src/nsScriptSecurityManager.cpp
+++ b/caps/src/nsScriptSecurityManager.cpp
@ -60,6 +60,7 @@
 #include "mozilla/dom/BindingUtils.h"
 #include "mozilla/StandardInteger.h"
 #include "mozilla/ClearOnShutdown.h"
+#include "nsIAppsService.h"

 using namespace mozilla;
 using namespace mozilla::dom;
@ -3551,6 +3552,40 @@ nsScriptSecurityManager::InitPrefs()
    return NS_OK;
 }

+NS_IMETHODIMP
+nsScriptSecurityManager::GetExtendedOrigin(nsIURI* aURI,
+                                           PRUint32 aAppId,
+                                           bool aInMozBrowser,
+                                           nsACString& aExtendedOrigin)
+{
+  MOZ_ASSERT(aURI);
+
+  if (aAppId == UNKNOWN_APP_ID) {
+    aExtendedOrigin.Truncate();
+    return NS_OK;
+  }
+
+  // Fallback.
+  if (aAppId == nsIScriptSecurityManager::NO_APP_ID && !aInMozBrowser) {
+    nsCAutoString origin;
+    nsPrincipal::GetOriginForURI(aURI, getter_Copies(origin));
+
+    aExtendedOrigin.Assign(origin);
+    return NS_OK;
+  }
+
+  nsCAutoString origin;
+  nsPrincipal::GetOriginForURI(aURI, getter_Copies(origin));
+
+  // aExtendedOrigin = origin + " " + aAppId + " " + int(aInMozBrowser)
+  aExtendedOrigin.Assign(origin + NS_LITERAL_CSTRING("@"));
+  aExtendedOrigin.AppendInt(aAppId);
+  aExtendedOrigin.Append(aInMozBrowser ? NS_LITERAL_CSTRING("t")
+                                       : NS_LITERAL_CSTRING("f"));
+
+  return NS_OK;
+}
+
 ///////////////////////////////////////////////////////////////////////////////
 // The following code prints the contents of the policy DB to the console.
 #ifdef DEBUG_CAPS_HACKER
--- a/dom/apps/src/Webapps.jsm
+++ b/dom/apps/src/Webapps.jsm
@ -317,7 +317,8 @@ let DOMApplicationRegistry = {
  },

  _nextLocalId: function() {
-    let maxLocalId = 0;
+    let maxLocalId = Ci.nsIScriptSecurityManager.NO_APP_ID;
+
    for (let id in this.webapps) {
      if (this.webapps[id].localId > maxLocalId) {
        maxLocalId = this.webapps[id].localId;
@ -635,7 +636,7 @@ let DOMApplicationRegistry = {
      }
    }

-    return 0;
+    return Ci.nsIScriptSecurityManager.NO_APP_ID;
  },

  getAllWithoutManifests: function(aCallback) {
--- a/dom/interfaces/apps/nsIAppsService.idl
+++ b/dom/interfaces/apps/nsIAppsService.idl
@ -15,9 +15,16 @@ interface mozIDOMApplication;
 * This service allows accessing some DOMApplicationRegistry methods from
 * non-javascript code.
 */
-[scriptable, uuid(40e580e7-8891-4eb8-b514-0b5796af4df1)]
+[scriptable, uuid(1210a0f3-add3-4381-b892-9c102e3afc42)]
 interface nsIAppsService : nsISupports
 {
  mozIDOMApplication getAppByManifestURL(in DOMString manifestURL);
+
+  /**
+   * Returns the |localId| of the app associated with the |manifestURL| passed
+   * in parameter.
+   * Returns nsIScriptSecurityManager::NO_APP_ID if |manifestURL| isn't a valid
+   * installed manifest URL.
+   */
  unsigned long getAppLocalIdByManifestURL(in DOMString manifestURL);
 };
--- a/ipc/testshell/XPCShellEnvironment.cpp
+++ b/ipc/testshell/XPCShellEnvironment.cpp
@ -864,6 +864,15 @@ FullTrustSecMan::GetCxSubjectPrincipalAndFrame(JSContext *cx,
    return mSystemPrincipal;
 }

+NS_IMETHODIMP
+FullTrustSecMan::GetExtendedOrigin(nsIURI* aURI, PRUint32 aAppId,
+                                   bool aInMozBrowser,
+                                   nsACString& aExtendedOrigin)
+{
+  aExtendedOrigin.Truncate();
+  return NS_OK;
+}
+
 NS_IMETHODIMP_(nsrefcnt)
 XPCShellDirProvider::AddRef()
 {
--- a/js/xpconnect/shell/xpcshell.cpp
+++ b/js/xpconnect/shell/xpcshell.cpp
@ -1487,6 +1487,15 @@ FullTrustSecMan::GetCxSubjectPrincipalAndFrame(JSContext *cx, JSStackFrame **fp)
    return mSystemPrincipal;
 }

+NS_IMETHODIMP
+FullTrustSecMan::GetExtendedOrigin(nsIURI* aURI, PRUint32 aAppId,
+                                   bool aInMozBrowser,
+                                   nsACString& aExtendedOrigin)
+{
+  aExtendedOrigin.Truncate();
+  return NS_OK;
+}
+
 /***************************************************************************/

 // #define TEST_InitClassesWithNewWrappedGlobal