diff --git a/ipc/testshell/XPCShellEnvironment.cpp b/ipc/testshell/XPCShellEnvironment.cpp index 064c9c7f62e0..e8000d8bdbb6 100644 --- a/ipc/testshell/XPCShellEnvironment.cpp +++ b/ipc/testshell/XPCShellEnvironment.cpp @@ -56,24 +56,6 @@ namespace { static const char kDefaultRuntimeScriptFilename[] = "xpcshell.js"; -class FullTrustSecMan : public nsIScriptSecurityManager -{ -public: - NS_DECL_ISUPPORTS - NS_DECL_NSIXPCSECURITYMANAGER - NS_DECL_NSISCRIPTSECURITYMANAGER - - FullTrustSecMan() { } - virtual ~FullTrustSecMan() { } - - void SetSystemPrincipal(nsIPrincipal *aPrincipal) { - mSystemPrincipal = aPrincipal; - } - -private: - nsCOMPtr mSystemPrincipal; -}; - class XPCShellDirProvider : public nsIDirectoryServiceProvider { public: @@ -638,216 +620,6 @@ ProcessFile(JSContext *cx, } /* anonymous namespace */ -NS_INTERFACE_MAP_BEGIN(FullTrustSecMan) - NS_INTERFACE_MAP_ENTRY(nsIXPCSecurityManager) - NS_INTERFACE_MAP_ENTRY(nsIScriptSecurityManager) - NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIXPCSecurityManager) -NS_INTERFACE_MAP_END - -NS_IMPL_ADDREF(FullTrustSecMan) -NS_IMPL_RELEASE(FullTrustSecMan) - -NS_IMETHODIMP -FullTrustSecMan::CanCreateWrapper(JSContext * aJSContext, - const nsIID & aIID, - nsISupports *aObj, - nsIClassInfo *aClassInfo, - void * *aPolicy) -{ - return NS_OK; -} - -NS_IMETHODIMP -FullTrustSecMan::CanCreateInstance(JSContext * aJSContext, - const nsCID & aCID) -{ - return NS_OK; -} - -NS_IMETHODIMP -FullTrustSecMan::CanGetService(JSContext * aJSContext, - const nsCID & aCID) -{ - return NS_OK; -} - -NS_IMETHODIMP -FullTrustSecMan::CanAccess(uint32_t aAction, - nsAXPCNativeCallContext *aCallContext, - JSContext * aJSContext, - JSObject * aJSObject, - nsISupports *aObj, - nsIClassInfo *aClassInfo, - jsid aName, - void * *aPolicy) -{ - return NS_OK; -} - -NS_IMETHODIMP -FullTrustSecMan::CheckPropertyAccess(JSContext * aJSContext, - JSObject * aJSObject, - const char *aClassName, - jsid aProperty, - uint32_t aAction) -{ - return NS_OK; -} - -NS_IMETHODIMP -FullTrustSecMan::CheckLoadURIFromScript(JSContext * cx, - nsIURI *uri) -{ - return NS_OK; -} - -NS_IMETHODIMP -FullTrustSecMan::CheckLoadURIWithPrincipal(nsIPrincipal *aPrincipal, - nsIURI *uri, - uint32_t flags) -{ - return NS_OK; -} - -NS_IMETHODIMP -FullTrustSecMan::CheckLoadURIStrWithPrincipal(nsIPrincipal *aPrincipal, - const nsACString & uri, - uint32_t flags) -{ - return NS_OK; -} - -NS_IMETHODIMP -FullTrustSecMan::CheckFunctionAccess(JSContext * cx, - void * funObj, - void * targetObj) -{ - return NS_OK; -} - -NS_IMETHODIMP -FullTrustSecMan::CanExecuteScripts(JSContext * cx, - nsIPrincipal *principal, - bool *_retval) -{ - *_retval = true; - return NS_OK; -} - -NS_IMETHODIMP -FullTrustSecMan::GetSubjectPrincipal(nsIPrincipal **_retval) -{ - NS_IF_ADDREF(*_retval = mSystemPrincipal); - return *_retval ? NS_OK : NS_ERROR_FAILURE; -} - -NS_IMETHODIMP -FullTrustSecMan::GetSystemPrincipal(nsIPrincipal **_retval) -{ - NS_IF_ADDREF(*_retval = mSystemPrincipal); - return *_retval ? NS_OK : NS_ERROR_FAILURE; -} - -NS_IMETHODIMP -FullTrustSecMan::GetSimpleCodebasePrincipal(nsIURI *aURI, - nsIPrincipal **_retval) -{ - NS_IF_ADDREF(*_retval = mSystemPrincipal); - return *_retval ? NS_OK : NS_ERROR_FAILURE; -} - -NS_IMETHODIMP -FullTrustSecMan::GetNoAppCodebasePrincipal(nsIURI *aURI, - nsIPrincipal **_retval) -{ - return GetSimpleCodebasePrincipal(aURI, _retval); -} - -NS_IMETHODIMP -FullTrustSecMan::GetCodebasePrincipal(nsIURI *aURI, nsIPrincipal **_retval) -{ - return GetSimpleCodebasePrincipal(aURI, _retval); -} - -NS_IMETHODIMP -FullTrustSecMan::GetAppCodebasePrincipal(nsIURI *aURI, - uint32_t aAppId, - bool aInMozBrowser, - nsIPrincipal **_retval) -{ - return GetSimpleCodebasePrincipal(aURI, _retval); -} - -NS_IMETHODIMP -FullTrustSecMan::GetDocShellCodebasePrincipal(nsIURI *aURI, - nsIDocShell* aDocShell, - nsIPrincipal **_retval) -{ - return GetSimpleCodebasePrincipal(aURI, _retval); -} - -NS_IMETHODIMP -FullTrustSecMan::GetObjectPrincipal(JSContext * cx, - JSObject * obj, - nsIPrincipal **_retval) -{ - NS_IF_ADDREF(*_retval = mSystemPrincipal); - return *_retval ? NS_OK : NS_ERROR_FAILURE; -} - -NS_IMETHODIMP -FullTrustSecMan::SubjectPrincipalIsSystem(bool *_retval) -{ - *_retval = true; - return NS_OK; -} - -NS_IMETHODIMP -FullTrustSecMan::CheckSameOrigin(JSContext * aJSContext, - nsIURI *aTargetURI) -{ - return NS_OK; -} - -NS_IMETHODIMP -FullTrustSecMan::CheckSameOriginURI(nsIURI *aSourceURI, - nsIURI *aTargetURI, - bool reportError) -{ - return NS_OK; -} - -NS_IMETHODIMP -FullTrustSecMan::GetChannelPrincipal(nsIChannel *aChannel, - nsIPrincipal **_retval) -{ - NS_IF_ADDREF(*_retval = mSystemPrincipal); - return *_retval ? NS_OK : NS_ERROR_FAILURE; -} - -NS_IMETHODIMP -FullTrustSecMan::IsSystemPrincipal(nsIPrincipal *aPrincipal, - bool *_retval) -{ - *_retval = aPrincipal == mSystemPrincipal; - return NS_OK; -} - -NS_IMETHODIMP_(nsIPrincipal *) -FullTrustSecMan::GetCxSubjectPrincipal(JSContext *cx) -{ - return mSystemPrincipal; -} - -NS_IMETHODIMP -FullTrustSecMan::GetExtendedOrigin(nsIURI* aURI, uint32_t aAppId, - bool aInMozBrowser, - nsACString& aExtendedOrigin) -{ - aExtendedOrigin.Truncate(); - return NS_OK; -} - NS_IMETHODIMP_(nsrefcnt) XPCShellDirProvider::AddRef() { @@ -985,11 +757,7 @@ XPCShellEnvironment::Init() return false; } - nsRefPtr secman(new FullTrustSecMan()); - xpc->SetSecurityManagerForJSContext(cx, secman, 0xFFFF); - nsCOMPtr principal; - nsCOMPtr securityManager = do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv); if (NS_SUCCEEDED(rv) && securityManager) { @@ -1000,7 +768,6 @@ XPCShellEnvironment::Init() // fetch the JS principals and stick in a global mJSPrincipals = nsJSPrincipals::get(principal); JS_HoldPrincipals(mJSPrincipals); - secman->SetSystemPrincipal(principal); } } else { fprintf(stderr, "+++ Failed to get ScriptSecurityManager service, running without principals"); diff --git a/js/xpconnect/shell/xpcshell.cpp b/js/xpconnect/shell/xpcshell.cpp index 701cc1aaa833..396868c6d246 100644 --- a/js/xpconnect/shell/xpcshell.cpp +++ b/js/xpconnect/shell/xpcshell.cpp @@ -1313,242 +1313,6 @@ ProcessArgs(JSContext *cx, JS::Handle obj, char **argv, int argc, XPC /***************************************************************************/ -class FullTrustSecMan - : public nsIScriptSecurityManager -{ -public: - NS_DECL_ISUPPORTS - NS_DECL_NSIXPCSECURITYMANAGER - NS_DECL_NSISCRIPTSECURITYMANAGER - - FullTrustSecMan(); - virtual ~FullTrustSecMan(); - - void SetSystemPrincipal(nsIPrincipal *aPrincipal) { - mSystemPrincipal = aPrincipal; - } - -private: - nsCOMPtr mSystemPrincipal; -}; - -NS_INTERFACE_MAP_BEGIN(FullTrustSecMan) - NS_INTERFACE_MAP_ENTRY(nsIXPCSecurityManager) - NS_INTERFACE_MAP_ENTRY(nsIScriptSecurityManager) - NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIXPCSecurityManager) -NS_INTERFACE_MAP_END - -NS_IMPL_ADDREF(FullTrustSecMan) -NS_IMPL_RELEASE(FullTrustSecMan) - -FullTrustSecMan::FullTrustSecMan() -{ - mSystemPrincipal = nullptr; -} - -FullTrustSecMan::~FullTrustSecMan() -{ -} - -NS_IMETHODIMP -FullTrustSecMan::CanCreateWrapper(JSContext * aJSContext, const nsIID & aIID, - nsISupports *aObj, nsIClassInfo *aClassInfo, - void * *aPolicy) -{ - return NS_OK; -} - -NS_IMETHODIMP -FullTrustSecMan::CanCreateInstance(JSContext * aJSContext, const nsCID & aCID) -{ - return NS_OK; -} - -NS_IMETHODIMP -FullTrustSecMan::CanGetService(JSContext * aJSContext, const nsCID & aCID) -{ - return NS_OK; -} - -/* void CanAccess (in uint32_t aAction, in nsIXPCNativeCallContext aCallContext, in JSContextPtr aJSContext, in JSObjectPtr aJSObject, in nsISupports aObj, in nsIClassInfo aClassInfo, in jsval aName, inout voidPtr aPolicy); */ -NS_IMETHODIMP -FullTrustSecMan::CanAccess(uint32_t aAction, - nsAXPCNativeCallContext *aCallContext, - JSContext * aJSContext, JSObject * aJSObject, - nsISupports *aObj, nsIClassInfo *aClassInfo, - jsid aName, void * *aPolicy) -{ - return NS_OK; -} - -/* [noscript] void checkPropertyAccess (in JSContextPtr aJSContext, in JSObjectPtr aJSObject, in string aClassName, in jsid aProperty, in uint32_t aAction); */ -NS_IMETHODIMP -FullTrustSecMan::CheckPropertyAccess(JSContext * aJSContext, - JSObject * aJSObject, - const char *aClassName, - jsid aProperty, uint32_t aAction) -{ - return NS_OK; -} - -/* [noscript] void checkLoadURIFromScript (in JSContextPtr cx, in nsIURI uri); */ -NS_IMETHODIMP -FullTrustSecMan::CheckLoadURIFromScript(JSContext * cx, nsIURI *uri) -{ - return NS_OK; -} - -/* void checkLoadURIWithPrincipal (in nsIPrincipal aPrincipal, in nsIURI uri, in unsigned long flags); */ -NS_IMETHODIMP -FullTrustSecMan::CheckLoadURIWithPrincipal(nsIPrincipal *aPrincipal, - nsIURI *uri, uint32_t flags) -{ - return NS_OK; -} - -/* void checkLoadURIStrWithPrincipal (in nsIPrincipal aPrincipal, in AUTF8String uri, in unsigned long flags); */ -NS_IMETHODIMP -FullTrustSecMan::CheckLoadURIStrWithPrincipal(nsIPrincipal *aPrincipal, - const nsACString & uri, - uint32_t flags) -{ - return NS_OK; -} - -/* [noscript] void checkFunctionAccess (in JSContextPtr cx, in voidPtr funObj, in voidPtr targetObj); */ -NS_IMETHODIMP -FullTrustSecMan::CheckFunctionAccess(JSContext * cx, void * funObj, - void * targetObj) -{ - return NS_OK; -} - -/* [noscript] boolean canExecuteScripts (in JSContextPtr cx, in nsIPrincipal principal); */ -NS_IMETHODIMP -FullTrustSecMan::CanExecuteScripts(JSContext * cx, nsIPrincipal *principal, - bool *_retval) -{ - *_retval = true; - return NS_OK; -} - -/* [noscript] nsIPrincipal getSubjectPrincipal (); */ -NS_IMETHODIMP -FullTrustSecMan::GetSubjectPrincipal(nsIPrincipal **_retval) -{ - NS_IF_ADDREF(*_retval = mSystemPrincipal); - return *_retval ? NS_OK : NS_ERROR_FAILURE; -} - -/* [noscript] nsIPrincipal getSystemPrincipal (); */ -NS_IMETHODIMP -FullTrustSecMan::GetSystemPrincipal(nsIPrincipal **_retval) -{ - NS_IF_ADDREF(*_retval = mSystemPrincipal); - return *_retval ? NS_OK : NS_ERROR_FAILURE; -} - -/* [noscript] nsIPrincipal getSimpleCodebasePrincipal (in nsIURI aURI); */ -NS_IMETHODIMP -FullTrustSecMan::GetSimpleCodebasePrincipal(nsIURI *aURI, nsIPrincipal **_retval) -{ - NS_IF_ADDREF(*_retval = mSystemPrincipal); - return *_retval ? NS_OK : NS_ERROR_FAILURE; -} - -/* [noscript] nsIPrincipal getNoAppCodebasePrincipal (in nsIURI aURI); */ -NS_IMETHODIMP -FullTrustSecMan::GetNoAppCodebasePrincipal(nsIURI *aURI, nsIPrincipal **_retval) -{ - return GetSimpleCodebasePrincipal(aURI, _retval); -} - -/* [noscript] nsIPrincipal getCodebasePrincipal (in nsIURI aURI); */ -NS_IMETHODIMP -FullTrustSecMan::GetCodebasePrincipal(nsIURI *aURI, nsIPrincipal **_retval) -{ - return GetSimpleCodebasePrincipal(aURI, _retval); -} - -/* [noscript] nsIPrincipal getAppCodebasePrincipal (in nsIURI aURI, unsigned long appid, bool inMozBrowser); */ -NS_IMETHODIMP -FullTrustSecMan::GetAppCodebasePrincipal(nsIURI *aURI, uint32_t aAppId, bool aInMozBrowser, nsIPrincipal **_retval) -{ - return GetSimpleCodebasePrincipal(aURI, _retval); -} - -/* [noscript] nsIPrincipal getDocShellCodebasePrincipal (in nsIURI aURI, nsIDocShell docShell); */ -NS_IMETHODIMP -FullTrustSecMan::GetDocShellCodebasePrincipal(nsIURI *aURI, nsIDocShell* aDocShell, nsIPrincipal **_retval) -{ - return GetSimpleCodebasePrincipal(aURI, _retval); -} - -/* [noscript] nsIPrincipal getObjectPrincipal (in JSContextPtr cx, in JSObjectPtr obj); */ -NS_IMETHODIMP -FullTrustSecMan::GetObjectPrincipal(JSContext * cx, JSObject * obj, - nsIPrincipal **_retval) -{ - NS_IF_ADDREF(*_retval = mSystemPrincipal); - return *_retval ? NS_OK : NS_ERROR_FAILURE; -} - -/* [noscript] boolean subjectPrincipalIsSystem (); */ -NS_IMETHODIMP -FullTrustSecMan::SubjectPrincipalIsSystem(bool *_retval) -{ - *_retval = true; - return NS_OK; -} - -/* [noscript] void checkSameOrigin (in JSContextPtr aJSContext, in nsIURI aTargetURI); */ -NS_IMETHODIMP -FullTrustSecMan::CheckSameOrigin(JSContext * aJSContext, nsIURI *aTargetURI) -{ - return NS_OK; -} - -/* void checkSameOriginURI (in nsIURI aSourceURI, in nsIURI aTargetURI); */ -NS_IMETHODIMP -FullTrustSecMan::CheckSameOriginURI(nsIURI *aSourceURI, nsIURI *aTargetURI, - bool reportError) -{ - return NS_OK; -} - -/* [noscript] nsIPrincipal getChannelPrincipal (in nsIChannel aChannel); */ -NS_IMETHODIMP -FullTrustSecMan::GetChannelPrincipal(nsIChannel *aChannel, nsIPrincipal **_retval) -{ - NS_IF_ADDREF(*_retval = mSystemPrincipal); - return *_retval ? NS_OK : NS_ERROR_FAILURE; -} - -/* boolean isSystemPrincipal (in nsIPrincipal aPrincipal); */ -NS_IMETHODIMP -FullTrustSecMan::IsSystemPrincipal(nsIPrincipal *aPrincipal, bool *_retval) -{ - *_retval = aPrincipal == mSystemPrincipal; - return NS_OK; -} - -NS_IMETHODIMP_(nsIPrincipal *) -FullTrustSecMan::GetCxSubjectPrincipal(JSContext *cx) -{ - return mSystemPrincipal; -} - -NS_IMETHODIMP -FullTrustSecMan::GetExtendedOrigin(nsIURI* aURI, uint32_t aAppId, - bool aInMozBrowser, - nsACString& aExtendedOrigin) -{ - aExtendedOrigin.Truncate(); - return NS_OK; -} - -/***************************************************************************/ - // #define TEST_InitClassesWithNewWrappedGlobal #ifdef TEST_InitClassesWithNewWrappedGlobal @@ -1829,11 +1593,6 @@ main(int argc, char **argv, char **envp) return 1; } - // Since the caps security system might set a default security manager - // we will be sure that the secman on this context gives full trust. - nsRefPtr secman = new FullTrustSecMan(); - xpc->SetSecurityManagerForJSContext(cx, secman, 0xFFFF); - nsCOMPtr systemprincipal; // Fetch the system principal and store it away in a global, to use for @@ -1851,7 +1610,6 @@ main(int argc, char **argv, char **envp) // fetch the JS principals and stick in a global gJSPrincipals = nsJSPrincipals::get(systemprincipal); JS_HoldPrincipals(gJSPrincipals); - secman->SetSystemPrincipal(systemprincipal); } } else { fprintf(gErrFile, "+++ Failed to get ScriptSecurityManager service, running without principals");