mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-09 03:15:11 +00:00
Bug 1336364 P9 Block storage denied windows from ServiceWorker.postMessage() and clients.matchAll(). r=asuth
This commit is contained in:
parent
aedd9dfac3
commit
4db38f2b20
@ -93,6 +93,12 @@ ServiceWorker::PostMessage(JSContext* aCx, JS::Handle<JS::Value> aMessage,
|
||||
return;
|
||||
}
|
||||
|
||||
auto storageAllowed = nsContentUtils::StorageAllowedForWindow(window);
|
||||
if (storageAllowed != nsContentUtils::StorageAccess::eAllow) {
|
||||
aRv.Throw(NS_ERROR_DOM_SECURITY_ERR);
|
||||
return;
|
||||
}
|
||||
|
||||
UniquePtr<ServiceWorkerClientInfo> clientInfo(new ServiceWorkerClientInfo(window->GetExtantDoc()));
|
||||
ServiceWorkerPrivate* workerPrivate = mInfo->WorkerPrivate();
|
||||
aRv = workerPrivate->SendMessageEvent(aCx, aMessage, aTransferable, Move(clientInfo));
|
||||
|
@ -3310,7 +3310,7 @@ ServiceWorkerManager::GetClient(nsIPrincipal* aPrincipal,
|
||||
nsCOMPtr<nsISupports> ptr;
|
||||
ifptr->GetData(getter_AddRefs(ptr));
|
||||
nsCOMPtr<nsIDocument> doc = do_QueryInterface(ptr);
|
||||
if (NS_WARN_IF(!doc)) {
|
||||
if (NS_WARN_IF(!doc || !doc->GetInnerWindow())) {
|
||||
return clientInfo;
|
||||
}
|
||||
|
||||
@ -3325,6 +3325,14 @@ ServiceWorkerManager::GetClient(nsIPrincipal* aPrincipal,
|
||||
return clientInfo;
|
||||
}
|
||||
|
||||
// Don't let service worker see 3rd party iframes that are denied storage
|
||||
// access. We don't want these to communicate.
|
||||
auto storageAccess =
|
||||
nsContentUtils::StorageAllowedForWindow(doc->GetInnerWindow());
|
||||
if (storageAccess != nsContentUtils::StorageAccess::eAllow) {
|
||||
return clientInfo;
|
||||
}
|
||||
|
||||
clientInfo.reset(new ServiceWorkerClientInfo(doc));
|
||||
return clientInfo;
|
||||
}
|
||||
@ -3369,7 +3377,7 @@ ServiceWorkerManager::GetAllClients(nsIPrincipal* aPrincipal,
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIDocument> doc = do_QueryInterface(ptr);
|
||||
if (!doc || !doc->GetWindow()) {
|
||||
if (!doc || !doc->GetWindow() || !doc->GetInnerWindow()) {
|
||||
continue;
|
||||
}
|
||||
|
||||
@ -3387,6 +3395,14 @@ ServiceWorkerManager::GetAllClients(nsIPrincipal* aPrincipal,
|
||||
continue;
|
||||
}
|
||||
|
||||
// Don't let service worker find 3rd party iframes that are denied storage
|
||||
// access. We don't want these to communicate.
|
||||
auto storageAccess =
|
||||
nsContentUtils::StorageAllowedForWindow(doc->GetInnerWindow());
|
||||
if (storageAccess != nsContentUtils::StorageAccess::eAllow) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// If we are only returning controlled Clients then skip any documents
|
||||
// that are for different registrations. We also skip service workers
|
||||
// that don't match the ID of our calling service worker. We should
|
||||
|
Loading…
Reference in New Issue
Block a user