mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-11 20:35:50 +00:00
Bug 764618: Remove IsOnPrefWhitelist and URIIsChromeOrInPref; r=gwagner
This commit is contained in:
parent
c14c8ad7e4
commit
4c7e61dce0
@ -1988,18 +1988,6 @@ public:
|
||||
*/
|
||||
static bool IsAutocompleteEnabled(nsIDOMHTMLInputElement* aInput);
|
||||
|
||||
/**
|
||||
* If the URI is chrome, return true unconditionarlly.
|
||||
*
|
||||
* Otherwise, get the contents of the given pref, and treat it as a
|
||||
* comma-separated list of URIs. Return true if the given URI's prepath is
|
||||
* in the list, and false otherwise.
|
||||
*
|
||||
* Comparisons are case-insensitive, and whitespace between elements of the
|
||||
* comma-separated list is ignored.
|
||||
*/
|
||||
static bool URIIsChromeOrInPref(nsIURI *aURI, const char *aPref);
|
||||
|
||||
/**
|
||||
* This will parse aSource, to extract the value of the pseudo attribute
|
||||
* with the name specified in aName. See
|
||||
@ -2077,24 +2065,6 @@ public:
|
||||
*/
|
||||
static nsresult IsUserIdle(uint32_t aRequestedIdleTimeInMS, bool* aUserIsIdle);
|
||||
|
||||
/**
|
||||
* Takes a window and a string to check prefs against. Assumes that
|
||||
* the window is an app window, and that the pref is a comma
|
||||
* seperated list of app urls that have permission to use whatever
|
||||
* the preference refers to (for example, does the current window
|
||||
* have access to mozTelephony). Chrome is always given permissions
|
||||
* for the requested preference. Sets aAllowed based on preference.
|
||||
*
|
||||
* @param aWindow Current window asking for preference permission
|
||||
* @param aPrefURL Preference name
|
||||
* @param aAllowed [out] outparam on whether or not window is allowed
|
||||
* to access pref
|
||||
*
|
||||
* @return NS_OK on successful preference lookup, error code otherwise
|
||||
*/
|
||||
static nsresult IsOnPrefWhitelist(nsPIDOMWindow* aWindow,
|
||||
const char* aPrefURL, bool *aAllowed);
|
||||
|
||||
/**
|
||||
* Takes a selection, and a text control element (<input> or <textarea>), and
|
||||
* returns the offsets in the text content corresponding to the selection.
|
||||
|
@ -658,40 +658,6 @@ nsContentUtils::IsAutocompleteEnabled(nsIDOMHTMLInputElement* aInput)
|
||||
return autocomplete.EqualsLiteral("on");
|
||||
}
|
||||
|
||||
bool
|
||||
nsContentUtils::URIIsChromeOrInPref(nsIURI *aURI, const char *aPref)
|
||||
{
|
||||
if (!aURI) {
|
||||
return false;
|
||||
}
|
||||
|
||||
nsAutoCString scheme;
|
||||
aURI->GetScheme(scheme);
|
||||
if (scheme.EqualsLiteral("chrome")) {
|
||||
return true;
|
||||
}
|
||||
|
||||
nsAutoCString prePathUTF8;
|
||||
aURI->GetPrePath(prePathUTF8);
|
||||
NS_ConvertUTF8toUTF16 prePath(prePathUTF8);
|
||||
|
||||
const nsAdoptingString& whitelist = Preferences::GetString(aPref);
|
||||
|
||||
// This tokenizer also strips off whitespace around tokens, as desired.
|
||||
nsCharSeparatedTokenizer tokenizer(whitelist, ',',
|
||||
nsCharSeparatedTokenizerTemplate<>::SEPARATOR_OPTIONAL);
|
||||
|
||||
while (tokenizer.hasMoreTokens()) {
|
||||
const nsSubstring& whitelistItem = tokenizer.nextToken();
|
||||
|
||||
if (whitelistItem.Equals(prePath, nsCaseInsensitiveStringComparator())) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
#define SKIP_WHITESPACE(iter, end_iter, end_res) \
|
||||
while ((iter) != (end_iter) && nsCRT::IsAsciiSpace(*(iter))) { \
|
||||
++(iter); \
|
||||
@ -6961,80 +6927,6 @@ nsContentUtils::JSArrayToAtomArray(JSContext* aCx, const JS::Value& aJSArray,
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// static
|
||||
nsresult
|
||||
nsContentUtils::IsOnPrefWhitelist(nsPIDOMWindow* aWindow,
|
||||
const char* aPrefURL, bool* aAllowed)
|
||||
{
|
||||
// Make sure we're dealing with an inner window.
|
||||
nsPIDOMWindow* innerWindow = aWindow->IsInnerWindow() ?
|
||||
aWindow :
|
||||
aWindow->GetCurrentInnerWindow();
|
||||
NS_ENSURE_TRUE(innerWindow, NS_ERROR_FAILURE);
|
||||
|
||||
// Make sure we're being called from a window that we have permission to
|
||||
// access.
|
||||
if (!nsContentUtils::CanCallerAccess(innerWindow)) {
|
||||
return NS_ERROR_DOM_SECURITY_ERR;
|
||||
}
|
||||
|
||||
// Need the document in order to make security decisions.
|
||||
nsCOMPtr<nsIDocument> document =
|
||||
do_QueryInterface(innerWindow->GetExtantDocument());
|
||||
NS_ENSURE_TRUE(document, NS_NOINTERFACE);
|
||||
|
||||
// Do security checks. We assume that chrome is always allowed.
|
||||
if (nsContentUtils::IsSystemPrincipal(document->NodePrincipal())) {
|
||||
*aAllowed = true;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// We also allow a comma seperated list of pages specified by
|
||||
// preferences.
|
||||
nsCOMPtr<nsIURI> originalURI;
|
||||
nsresult rv =
|
||||
document->NodePrincipal()->GetURI(getter_AddRefs(originalURI));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
nsCOMPtr<nsIURI> documentURI;
|
||||
rv = originalURI->Clone(getter_AddRefs(documentURI));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Strip the query string (if there is one) before comparing.
|
||||
nsCOMPtr<nsIURL> documentURL = do_QueryInterface(documentURI);
|
||||
if (documentURL) {
|
||||
rv = documentURL->SetQuery(EmptyCString());
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
}
|
||||
|
||||
bool allowed = false;
|
||||
|
||||
// The pref may not exist but in that case we deny access just as we do if
|
||||
// the url doesn't match.
|
||||
nsCString whitelist;
|
||||
if (NS_SUCCEEDED(Preferences::GetCString(aPrefURL,
|
||||
&whitelist))) {
|
||||
nsCOMPtr<nsIIOService> ios = do_GetIOService();
|
||||
NS_ENSURE_TRUE(ios, NS_ERROR_FAILURE);
|
||||
|
||||
nsCCharSeparatedTokenizer tokenizer(whitelist, ',');
|
||||
while (tokenizer.hasMoreTokens()) {
|
||||
nsCOMPtr<nsIURI> uri;
|
||||
if (NS_SUCCEEDED(NS_NewURI(getter_AddRefs(uri), tokenizer.nextToken(),
|
||||
nullptr, nullptr, ios))) {
|
||||
rv = documentURI->EqualsExceptRef(uri, &allowed);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
if (allowed) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
*aAllowed = allowed;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// static
|
||||
void
|
||||
nsContentUtils::GetSelectionInTextControl(Selection* aSelection,
|
||||
|
Loading…
Reference in New Issue
Block a user