Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-29 15:52:07 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 877478 - Remove FullTrustSecMan junk. r=mrbkap

Browse Source 
This stuff shouldn't be necessary anymore. The default security manager should
do the right thing given for script running in the scope of a BackstagePass.
This commit is contained in:
Bobby Holley 2013-06-04 19:56:42 -07:00
parent f06e741959
commit 4a91b8a55b
2 changed files with 0 additions and 475 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

233
ipc/testshell/XPCShellEnvironment.cpp
View File

@ -56,24 +56,6 @@ namespace {
static const char kDefaultRuntimeScriptFilename[] = "xpcshell.js";
class FullTrustSecMan : public nsIScriptSecurityManager
{
public:
NS_DECL_ISUPPORTS
NS_DECL_NSIXPCSECURITYMANAGER
NS_DECL_NSISCRIPTSECURITYMANAGER
FullTrustSecMan() { }
virtual ~FullTrustSecMan() { }
void SetSystemPrincipal(nsIPrincipal *aPrincipal) {
mSystemPrincipal = aPrincipal;
}
private:
nsCOMPtr<nsIPrincipal> mSystemPrincipal;
};
class XPCShellDirProvider : public nsIDirectoryServiceProvider
{
public:
@ -638,216 +620,6 @@ ProcessFile(JSContext *cx,
} /* anonymous namespace */
NS_INTERFACE_MAP_BEGIN(FullTrustSecMan)
NS_INTERFACE_MAP_ENTRY(nsIXPCSecurityManager)
NS_INTERFACE_MAP_ENTRY(nsIScriptSecurityManager)
NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIXPCSecurityManager)
NS_INTERFACE_MAP_END
NS_IMPL_ADDREF(FullTrustSecMan)
NS_IMPL_RELEASE(FullTrustSecMan)
NS_IMETHODIMP
FullTrustSecMan::CanCreateWrapper(JSContext * aJSContext,
const nsIID & aIID,
nsISupports *aObj,
nsIClassInfo *aClassInfo,
void * *aPolicy)
{
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::CanCreateInstance(JSContext * aJSContext,
const nsCID & aCID)
{
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::CanGetService(JSContext * aJSContext,
const nsCID & aCID)
{
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::CanAccess(uint32_t aAction,
nsAXPCNativeCallContext *aCallContext,
JSContext * aJSContext,
JSObject * aJSObject,
nsISupports *aObj,
nsIClassInfo *aClassInfo,
jsid aName,
void * *aPolicy)
{
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::CheckPropertyAccess(JSContext * aJSContext,
JSObject * aJSObject,
const char *aClassName,
jsid aProperty,
uint32_t aAction)
{
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::CheckLoadURIFromScript(JSContext * cx,
nsIURI *uri)
{
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::CheckLoadURIWithPrincipal(nsIPrincipal *aPrincipal,
nsIURI *uri,
uint32_t flags)
{
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::CheckLoadURIStrWithPrincipal(nsIPrincipal *aPrincipal,
const nsACString & uri,
uint32_t flags)
{
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::CheckFunctionAccess(JSContext * cx,
void * funObj,
void * targetObj)
{
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::CanExecuteScripts(JSContext * cx,
nsIPrincipal *principal,
bool *_retval)
{
*_retval = true;
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::GetSubjectPrincipal(nsIPrincipal **_retval)
{
NS_IF_ADDREF(*_retval = mSystemPrincipal);
return *_retval ? NS_OK : NS_ERROR_FAILURE;
}
NS_IMETHODIMP
FullTrustSecMan::GetSystemPrincipal(nsIPrincipal **_retval)
{
NS_IF_ADDREF(*_retval = mSystemPrincipal);
return *_retval ? NS_OK : NS_ERROR_FAILURE;
}
NS_IMETHODIMP
FullTrustSecMan::GetSimpleCodebasePrincipal(nsIURI *aURI,
nsIPrincipal **_retval)
{
NS_IF_ADDREF(*_retval = mSystemPrincipal);
return *_retval ? NS_OK : NS_ERROR_FAILURE;
}
NS_IMETHODIMP
FullTrustSecMan::GetNoAppCodebasePrincipal(nsIURI *aURI,
nsIPrincipal **_retval)
{
return GetSimpleCodebasePrincipal(aURI, _retval);
}
NS_IMETHODIMP
FullTrustSecMan::GetCodebasePrincipal(nsIURI *aURI, nsIPrincipal **_retval)
{
return GetSimpleCodebasePrincipal(aURI, _retval);
}
NS_IMETHODIMP
FullTrustSecMan::GetAppCodebasePrincipal(nsIURI *aURI,
uint32_t aAppId,
bool aInMozBrowser,
nsIPrincipal **_retval)
{
return GetSimpleCodebasePrincipal(aURI, _retval);
}
NS_IMETHODIMP
FullTrustSecMan::GetDocShellCodebasePrincipal(nsIURI *aURI,
nsIDocShell* aDocShell,
nsIPrincipal **_retval)
{
return GetSimpleCodebasePrincipal(aURI, _retval);
}
NS_IMETHODIMP
FullTrustSecMan::GetObjectPrincipal(JSContext * cx,
JSObject * obj,
nsIPrincipal **_retval)
{
NS_IF_ADDREF(*_retval = mSystemPrincipal);
return *_retval ? NS_OK : NS_ERROR_FAILURE;
}
NS_IMETHODIMP
FullTrustSecMan::SubjectPrincipalIsSystem(bool *_retval)
{
*_retval = true;
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::CheckSameOrigin(JSContext * aJSContext,
nsIURI *aTargetURI)
{
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::CheckSameOriginURI(nsIURI *aSourceURI,
nsIURI *aTargetURI,
bool reportError)
{
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::GetChannelPrincipal(nsIChannel *aChannel,
nsIPrincipal **_retval)
{
NS_IF_ADDREF(*_retval = mSystemPrincipal);
return *_retval ? NS_OK : NS_ERROR_FAILURE;
}
NS_IMETHODIMP
FullTrustSecMan::IsSystemPrincipal(nsIPrincipal *aPrincipal,
bool *_retval)
{
*_retval = aPrincipal == mSystemPrincipal;
return NS_OK;
}
NS_IMETHODIMP_(nsIPrincipal *)
FullTrustSecMan::GetCxSubjectPrincipal(JSContext *cx)
{
return mSystemPrincipal;
}
NS_IMETHODIMP
FullTrustSecMan::GetExtendedOrigin(nsIURI* aURI, uint32_t aAppId,
bool aInMozBrowser,
nsACString& aExtendedOrigin)
{
aExtendedOrigin.Truncate();
return NS_OK;
}
NS_IMETHODIMP_(nsrefcnt)
XPCShellDirProvider::AddRef()
{
@ -985,11 +757,7 @@ XPCShellEnvironment::Init()
return false;
}
nsRefPtr<FullTrustSecMan> secman(new FullTrustSecMan());
xpc->SetSecurityManagerForJSContext(cx, secman, 0xFFFF);
nsCOMPtr<nsIPrincipal> principal;
nsCOMPtr<nsIScriptSecurityManager> securityManager =
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
if (NS_SUCCEEDED(rv) && securityManager) {
@ -1000,7 +768,6 @@ XPCShellEnvironment::Init()
// fetch the JS principals and stick in a global
mJSPrincipals = nsJSPrincipals::get(principal);
JS_HoldPrincipals(mJSPrincipals);
secman->SetSystemPrincipal(principal);
}
} else {
fprintf(stderr, "+++ Failed to get ScriptSecurityManager service, running without principals");

242
js/xpconnect/shell/xpcshell.cpp
View File

@ -1313,242 +1313,6 @@ ProcessArgs(JSContext *cx, JS::Handle<JSObject*> obj, char **argv, int argc, XPC
/***************************************************************************/
class FullTrustSecMan
: public nsIScriptSecurityManager
{
public:
NS_DECL_ISUPPORTS
NS_DECL_NSIXPCSECURITYMANAGER
NS_DECL_NSISCRIPTSECURITYMANAGER
FullTrustSecMan();
virtual ~FullTrustSecMan();
void SetSystemPrincipal(nsIPrincipal *aPrincipal) {
mSystemPrincipal = aPrincipal;
}
private:
nsCOMPtr<nsIPrincipal> mSystemPrincipal;
};
NS_INTERFACE_MAP_BEGIN(FullTrustSecMan)
NS_INTERFACE_MAP_ENTRY(nsIXPCSecurityManager)
NS_INTERFACE_MAP_ENTRY(nsIScriptSecurityManager)
NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIXPCSecurityManager)
NS_INTERFACE_MAP_END
NS_IMPL_ADDREF(FullTrustSecMan)
NS_IMPL_RELEASE(FullTrustSecMan)
FullTrustSecMan::FullTrustSecMan()
{
mSystemPrincipal = nullptr;
}
FullTrustSecMan::~FullTrustSecMan()
{
}
NS_IMETHODIMP
FullTrustSecMan::CanCreateWrapper(JSContext * aJSContext, const nsIID & aIID,
nsISupports *aObj, nsIClassInfo *aClassInfo,
void * *aPolicy)
{
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::CanCreateInstance(JSContext * aJSContext, const nsCID & aCID)
{
return NS_OK;
}
NS_IMETHODIMP
FullTrustSecMan::CanGetService(JSContext * aJSContext, const nsCID & aCID)
{
return NS_OK;
}
/* void CanAccess (in uint32_t aAction, in nsIXPCNativeCallContext aCallContext, in JSContextPtr aJSContext, in JSObjectPtr aJSObject, in nsISupports aObj, in nsIClassInfo aClassInfo, in jsval aName, inout voidPtr aPolicy); */
NS_IMETHODIMP
FullTrustSecMan::CanAccess(uint32_t aAction,
nsAXPCNativeCallContext *aCallContext,
JSContext * aJSContext, JSObject * aJSObject,
nsISupports *aObj, nsIClassInfo *aClassInfo,
jsid aName, void * *aPolicy)
{
return NS_OK;
}
/* [noscript] void checkPropertyAccess (in JSContextPtr aJSContext, in JSObjectPtr aJSObject, in string aClassName, in jsid aProperty, in uint32_t aAction); */
NS_IMETHODIMP
FullTrustSecMan::CheckPropertyAccess(JSContext * aJSContext,
JSObject * aJSObject,
const char *aClassName,
jsid aProperty, uint32_t aAction)
{
return NS_OK;
}
/* [noscript] void checkLoadURIFromScript (in JSContextPtr cx, in nsIURI uri); */
NS_IMETHODIMP
FullTrustSecMan::CheckLoadURIFromScript(JSContext * cx, nsIURI *uri)
{
return NS_OK;
}
/* void checkLoadURIWithPrincipal (in nsIPrincipal aPrincipal, in nsIURI uri, in unsigned long flags); */
NS_IMETHODIMP
FullTrustSecMan::CheckLoadURIWithPrincipal(nsIPrincipal *aPrincipal,
nsIURI *uri, uint32_t flags)
{
return NS_OK;
}
/* void checkLoadURIStrWithPrincipal (in nsIPrincipal aPrincipal, in AUTF8String uri, in unsigned long flags); */
NS_IMETHODIMP
FullTrustSecMan::CheckLoadURIStrWithPrincipal(nsIPrincipal *aPrincipal,
const nsACString & uri,
uint32_t flags)
{
return NS_OK;
}
/* [noscript] void checkFunctionAccess (in JSContextPtr cx, in voidPtr funObj, in voidPtr targetObj); */
NS_IMETHODIMP
FullTrustSecMan::CheckFunctionAccess(JSContext * cx, void * funObj,
void * targetObj)
{
return NS_OK;
}
/* [noscript] boolean canExecuteScripts (in JSContextPtr cx, in nsIPrincipal principal); */
NS_IMETHODIMP
FullTrustSecMan::CanExecuteScripts(JSContext * cx, nsIPrincipal *principal,
bool *_retval)
{
*_retval = true;
return NS_OK;
}
/* [noscript] nsIPrincipal getSubjectPrincipal (); */
NS_IMETHODIMP
FullTrustSecMan::GetSubjectPrincipal(nsIPrincipal **_retval)
{
NS_IF_ADDREF(*_retval = mSystemPrincipal);
return *_retval ? NS_OK : NS_ERROR_FAILURE;
}
/* [noscript] nsIPrincipal getSystemPrincipal (); */
NS_IMETHODIMP
FullTrustSecMan::GetSystemPrincipal(nsIPrincipal **_retval)
{
NS_IF_ADDREF(*_retval = mSystemPrincipal);
return *_retval ? NS_OK : NS_ERROR_FAILURE;
}
/* [noscript] nsIPrincipal getSimpleCodebasePrincipal (in nsIURI aURI); */
NS_IMETHODIMP
FullTrustSecMan::GetSimpleCodebasePrincipal(nsIURI *aURI, nsIPrincipal **_retval)
{
NS_IF_ADDREF(*_retval = mSystemPrincipal);
return *_retval ? NS_OK : NS_ERROR_FAILURE;
}
/* [noscript] nsIPrincipal getNoAppCodebasePrincipal (in nsIURI aURI); */
NS_IMETHODIMP
FullTrustSecMan::GetNoAppCodebasePrincipal(nsIURI *aURI, nsIPrincipal **_retval)
{
return GetSimpleCodebasePrincipal(aURI, _retval);
}
/* [noscript] nsIPrincipal getCodebasePrincipal (in nsIURI aURI); */
NS_IMETHODIMP
FullTrustSecMan::GetCodebasePrincipal(nsIURI *aURI, nsIPrincipal **_retval)
{
return GetSimpleCodebasePrincipal(aURI, _retval);
}
/* [noscript] nsIPrincipal getAppCodebasePrincipal (in nsIURI aURI, unsigned long appid, bool inMozBrowser); */
NS_IMETHODIMP
FullTrustSecMan::GetAppCodebasePrincipal(nsIURI *aURI, uint32_t aAppId, bool aInMozBrowser, nsIPrincipal **_retval)
{
return GetSimpleCodebasePrincipal(aURI, _retval);
}
/* [noscript] nsIPrincipal getDocShellCodebasePrincipal (in nsIURI aURI, nsIDocShell docShell); */
NS_IMETHODIMP
FullTrustSecMan::GetDocShellCodebasePrincipal(nsIURI *aURI, nsIDocShell* aDocShell, nsIPrincipal **_retval)
{
return GetSimpleCodebasePrincipal(aURI, _retval);
}
/* [noscript] nsIPrincipal getObjectPrincipal (in JSContextPtr cx, in JSObjectPtr obj); */
NS_IMETHODIMP
FullTrustSecMan::GetObjectPrincipal(JSContext * cx, JSObject * obj,
nsIPrincipal **_retval)
{
NS_IF_ADDREF(*_retval = mSystemPrincipal);
return *_retval ? NS_OK : NS_ERROR_FAILURE;
}
/* [noscript] boolean subjectPrincipalIsSystem (); */
NS_IMETHODIMP
FullTrustSecMan::SubjectPrincipalIsSystem(bool *_retval)
{
*_retval = true;
return NS_OK;
}
/* [noscript] void checkSameOrigin (in JSContextPtr aJSContext, in nsIURI aTargetURI); */
NS_IMETHODIMP
FullTrustSecMan::CheckSameOrigin(JSContext * aJSContext, nsIURI *aTargetURI)
{
return NS_OK;
}
/* void checkSameOriginURI (in nsIURI aSourceURI, in nsIURI aTargetURI); */
NS_IMETHODIMP
FullTrustSecMan::CheckSameOriginURI(nsIURI *aSourceURI, nsIURI *aTargetURI,
bool reportError)
{
return NS_OK;
}
/* [noscript] nsIPrincipal getChannelPrincipal (in nsIChannel aChannel); */
NS_IMETHODIMP
FullTrustSecMan::GetChannelPrincipal(nsIChannel *aChannel, nsIPrincipal **_retval)
{
NS_IF_ADDREF(*_retval = mSystemPrincipal);
return *_retval ? NS_OK : NS_ERROR_FAILURE;
}
/* boolean isSystemPrincipal (in nsIPrincipal aPrincipal); */
NS_IMETHODIMP
FullTrustSecMan::IsSystemPrincipal(nsIPrincipal *aPrincipal, bool *_retval)
{
*_retval = aPrincipal == mSystemPrincipal;
return NS_OK;
}
NS_IMETHODIMP_(nsIPrincipal *)
FullTrustSecMan::GetCxSubjectPrincipal(JSContext *cx)
{
return mSystemPrincipal;
}
NS_IMETHODIMP
FullTrustSecMan::GetExtendedOrigin(nsIURI* aURI, uint32_t aAppId,
bool aInMozBrowser,
nsACString& aExtendedOrigin)
{
aExtendedOrigin.Truncate();
return NS_OK;
}
/***************************************************************************/
// #define TEST_InitClassesWithNewWrappedGlobal
#ifdef TEST_InitClassesWithNewWrappedGlobal
@ -1829,11 +1593,6 @@ main(int argc, char **argv, char **envp)
return 1;
}
// Since the caps security system might set a default security manager
// we will be sure that the secman on this context gives full trust.
nsRefPtr<FullTrustSecMan> secman = new FullTrustSecMan();
xpc->SetSecurityManagerForJSContext(cx, secman, 0xFFFF);
nsCOMPtr<nsIPrincipal> systemprincipal;
// Fetch the system principal and store it away in a global, to use for
@ -1851,7 +1610,6 @@ main(int argc, char **argv, char **envp)
// fetch the JS principals and stick in a global
gJSPrincipals = nsJSPrincipals::get(systemprincipal);
JS_HoldPrincipals(gJSPrincipals);
secman->SetSystemPrincipal(systemprincipal);
}
} else {
fprintf(gErrFile, "+++ Failed to get ScriptSecurityManager service, running without principals");