Bug 775796 - nsIURIClassifier.classify() should takes a principal. r=bsmith

2024-10-12 04:45:45 +00:00 · 2012-07-20 09:46:59 -07:00 · 2012-07-20 09:46:59 -07:00 · 5747889de3
commit 5747889de3
parent 9a9096c83f
5 changed files with 43 additions and 14 deletions
--- a/netwerk/base/public/nsIURIClassifier.idl
+++ b/netwerk/base/public/nsIURIClassifier.idl
@ -4,7 +4,7 @@

 #include "nsISupports.idl"

-interface nsIURI;
+interface nsIPrincipal;
 interface nsIChannel;

 /**
@ -30,14 +30,14 @@ interface nsIURIClassifierCallback : nsISupports
 * The URI classifier service checks a URI against lists of phishing
 * and malware sites.
 */
-[scriptable, uuid(2de5c563-1203-43dd-a212-f5d56d530b6f)]
+[scriptable, uuid(617f1002-ec55-42c4-a7b0-ebb221ba9fa2)]
 interface nsIURIClassifier : nsISupports
 {
  /**
-   * Classify a URI.
+   * Classify a Principal using it's URI, appId and InBrowserElement state.
   *
-   * @param aURI
-   *        The URI that should be checked by the URI classifier.
+   * @param aPrincipal
+   *        The principal that should be checked by the URI classifier.
   * @param aCallback
   *        The URI classifier will call this callback when the URI has been
   *        classified.
@ -47,6 +47,6 @@ interface nsIURIClassifier : nsISupports
   *         <code>true</code> if classification will be performed.  The
   *         callback will be called.
   */
-  boolean classify(in nsIURI aURI,
+  boolean classify(in nsIPrincipal aPrincipal,
                   in nsIURIClassifierCallback aCallback);
 };
--- a/netwerk/base/src/nsChannelClassifier.cpp
+++ b/netwerk/base/src/nsChannelClassifier.cpp
@ -10,6 +10,7 @@
 #include "nsICachingChannel.h"
 #include "nsICacheEntryDescriptor.h"
 #include "prlog.h"
+#include "nsIScriptSecurityManager.h"

 #if defined(PR_LOGGING)
 //
@ -85,8 +86,17 @@ nsChannelClassifier::Start(nsIChannel *aChannel)
    }
    NS_ENSURE_SUCCESS(rv, rv);

+    nsCOMPtr<nsIScriptSecurityManager> securityManager =
+        do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    nsCOMPtr<nsIPrincipal> principal;
+    rv = securityManager->GetChannelPrincipal(aChannel,
+                                              getter_AddRefs(principal));
+    NS_ENSURE_SUCCESS(rv, rv);
+
    bool expectCallback;
-    rv = uriClassifier->Classify(uri, this, &expectCallback);
+    rv = uriClassifier->Classify(principal, this, &expectCallback);
    if (NS_FAILED(rv)) return rv;

    if (expectCallback) {
--- a/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp
+++ b/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp
@ -42,6 +42,7 @@
 #include "prnetdb.h"
 #include "zlib.h"
 #include "mozilla/Attributes.h"
+#include "nsIPrincipal.h"

 // Needed to interpert mozIStorageConnection::GetLastError
 #include <sqlite3.h>
@ -4238,10 +4239,11 @@ nsUrlClassifierDBService::Init()
 }

 NS_IMETHODIMP
-nsUrlClassifierDBService::Classify(nsIURI *uri,
+nsUrlClassifierDBService::Classify(nsIPrincipal* aPrincipal,
                                   nsIURIClassifierCallback* c,
                                   bool* result)
 {
+  NS_ENSURE_ARG(aPrincipal);
  NS_ENSURE_TRUE(gDbBackgroundThread, NS_ERROR_NOT_INITIALIZED);

  if (!(mCheckMalware || mCheckPhishing)) {
@ -4253,6 +4255,10 @@ nsUrlClassifierDBService::Classify(nsIURI *uri,
    new nsUrlClassifierClassifyCallback(c, mCheckMalware, mCheckPhishing);
  if (!callback) return NS_ERROR_OUT_OF_MEMORY;

+  nsCOMPtr<nsIURI> uri;
+  aPrincipal->GetURI(getter_AddRefs(uri));
+  NS_ENSURE_TRUE(uri, NS_ERROR_FAILURE);
+
  nsresult rv = LookupURI(uri, callback, false, result);
  if (rv == NS_ERROR_MALFORMED_URI) {
    *result = false;
--- a/toolkit/components/url-classifier/nsUrlClassifierDBService.h
+++ b/toolkit/components/url-classifier/nsUrlClassifierDBService.h
@ -31,6 +31,7 @@

 class nsUrlClassifierDBServiceWorker;
 class nsIThread;
+class nsIURI;

 // This is a proxy class that just creates a background thread and delagates
 // calls to the background thread.
--- a/toolkit/components/url-classifier/tests/unit/test_cleankeycache.js
+++ b/toolkit/components/url-classifier/tests/unit/test_cleankeycache.js
@ -14,13 +14,16 @@ function testCleanHostKeys() {

      // Check with a clean host key
      var uri = ios.newURI("http://bar.com/a", null, null);
+      let principal = Components.classes["@mozilla.org/scriptsecuritymanager;1"]
+                        .getService(Components.interfaces.nsIScriptSecurityManager)
+                        .getNoAppCodebasePrincipal(uri);

      // Use the nsIURIClassifier interface (the
      // nsIUrlClassifierDBService will always queue a lookup,
      // nsIURIClassifier won't if the host key is known to be clean.
      var classifier = dbservice.QueryInterface(Ci.nsIURIClassifier);
-      var result = classifier.classify(uri, function(errorCode) {
-          var result2 = classifier.classify(uri, function() {
+      var result = classifier.classify(principal, function(errorCode) {
+          var result2 = classifier.classify(principal, function() {
              do_throw("shouldn't get a callback");
            });
          // second call shouldn't result in a callback.
@ -50,12 +53,15 @@ function testUpdate() {
  doStreamUpdate(preUpdate, function() {
    // First lookup won't happen...
    var uri = ios.newURI("http://foo.com/a", null, null);
+    let principal = Components.classes["@mozilla.org/scriptsecuritymanager;1"]
+                      .getService(Components.interfaces.nsIScriptSecurityManager)
+                      .getNoAppCodebasePrincipal(uri);

    // Use the nsIURIClassifier interface (the
    // nsIUrlClassifierDBService will always queue a lookup,
    // nsIURIClassifier won't if the host key is known to be clean.
    var classifier = dbservice.QueryInterface(Ci.nsIURIClassifier);
-    var result = classifier.classify(uri, function(errorCode) {
+    var result = classifier.classify(principal, function(errorCode) {
      // shouldn't arrive here
      do_check_eq(errorCode, Cr.NS_OK);
      do_throw("shouldn't get a callback");
@ -70,7 +76,7 @@ function testUpdate() {
          "urls" : addUrls
        }]);
    doStreamUpdate(update, function() {
-      var result2 = classifier.classify(uri, function(errorCode) {
+      var result2 = classifier.classify(principal, function(errorCode) {
        do_check_neq(errorCode, Cr.NS_OK);
        runNextTest();
      });
@ -120,8 +126,11 @@ function testResetFullCache() {

      var spec = uris2.pop();
      var uri = ios.newURI("http://" + spec, null, null);
+      let principal = Components.classes["@mozilla.org/scriptsecuritymanager;1"]
+                        .getService(Components.interfaces.nsIScriptSecurityManager)
+                        .getNoAppCodebasePrincipal(uri);

-      var result = classifier.classify(uri, function(errorCode) {
+      var result = classifier.classify(principal, function(errorCode) {
      });
      runSecondLookup();
      // now look up a few more times.
@ -146,7 +155,10 @@ function testResetFullCache() {

      uris2.push(spec);
      var uri = ios.newURI("http://" + spec, null, null);
-      var result = classifier.classify(uri, function(errorCode) {
+      let principal = Components.classes["@mozilla.org/scriptsecuritymanager;1"]
+                        .getService(Components.interfaces.nsIScriptSecurityManager)
+                        .getNoAppCodebasePrincipal(uri);
+      var result = classifier.classify(principal, function(errorCode) {
      });
      runInitialLookup();
      // None of these will generate a callback