Bug 1404910 - WebSocket should consider the corrent top-level window principal, r=smaug

dom/base/WebSocket.cpp

@@ -1666,18 +1666,17 @@ WebSocketImpl::Init(JSContext* aCx,
       nsCOMPtr<nsPIDOMWindowInner> innerWindow;
 
       while (true) {
-        if (principal) {
-          bool isNullPrincipal = true;
-          isNullPrincipal = principal->GetIsNullPrincipal();
-          if (isNullPrincipal || nsContentUtils::IsSystemPrincipal(principal)) {
-            break;
-          }
+        if (principal && !principal->GetIsNullPrincipal()) {
+          break;
         }
 
         if (!innerWindow) {
           innerWindow = do_QueryInterface(globalObject);
-          if (NS_WARN_IF(!innerWindow)) {
-            return NS_ERROR_DOM_SECURITY_ERR;
+          if (!innerWindow) {
+            // If we are in a XPConnect sandbox or in a JS component,
+            // innerWindow will be null. There is nothing on top of this to be
+            // considered.
+            break;
           }
         }
 

dom/base/test/iframe_webSocket_sandbox.html

@@ -0,0 +1,62 @@
+<html><body>
+<iframe id="frame" sandbox="allow-scripts allow-popups"></iframe>
+<script type="application/javascript;version=1.8">
+onmessage = function(e) {
+  parent.postMessage(e.data, '*');
+}
+
+var ifr = document.getElementById('frame');
+
+if (location.search == '?nested') {
+  var url = new URL(location);
+  url.search = "";
+  ifr.src = url.href;
+} else if (location.search == '?popup') {
+  var url = new URL(location);
+  url.search = "?opener";
+
+  ifr.srcdoc = "<html><script>" +
+    "window.open('" + url.href + "', 'foobar');" +
+    "onmessage = function(e) { " +
+    "  parent.postMessage(e.data, '*'); " +
+    "}" +
+  "</scr" + "ipt></html>";
+} else if (location.search == '?opener') {
+  try{
+    var socket = new WebSocket('ws://mochi.test:8888/tests/dom/base/test/file_websocket_basic');
+    socket.onerror = function(e) {
+      opener.postMessage('WS onerror', '*');
+    };
+    socket.onopen = function(event) {
+      opener.postMessage('WS onopen', '*');
+    };
+  } catch(e) {
+    if (e.name == 'SecurityError') {
+      opener.postMessage('WS Throws!', '*');
+    } else {
+      opener.postMessage('WS Throws something else!', '*');
+    }
+  }
+} else {
+  ifr.srcdoc = `
+  <html><script>
+  try{
+    var socket = new WebSocket('ws://mochi.test:8888/tests/dom/base/test/file_websocket_basic');
+    socket.onerror = function(e) {
+      parent.postMessage('WS onerror', '*');
+    };
+    socket.onopen = function(event) {
+      parent.postMessage('WS onopen', '*');
+    };
+  } catch(e) {
+    if (e.name == 'SecurityError') {
+      parent.postMessage('WS Throws!', '*');
+    } else {
+      parent.postMessage('WS Throws something else!', '*');
+    }
+  }
+  </scr`+`ipt>
+  </html>`;
+}
+</script>
+</body></html>

dom/base/test/mochitest.ini

@@ -804,6 +804,9 @@ skip-if = toolkit == 'android'
 skip-if = toolkit == 'android'
 [test_websocket_permessage_deflate.html]
 skip-if = toolkit == 'android'
+[test_webSocket_sandbox.html]
+skip-if = toolkit == 'android'
+support-files = iframe_webSocket_sandbox.html
 [test_websocket1.html]
 skip-if = toolkit == 'android'
 [test_websocket2.html]

dom/base/test/test_webSocket_sandbox.html

@@ -0,0 +1,34 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <title>Bug 1252751</title>
+  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<div id="container"></div>
+<iframe id="frame"></iframe>
+<script type="application/javascript;version=1.8">
+var urls = [ "https://example.com/tests/dom/base/test/iframe_webSocket_sandbox.html",
+             "https://example.com/tests/dom/base/test/iframe_webSocket_sandbox.html?nested",
+             "https://example.com/tests/dom/base/test/iframe_webSocket_sandbox.html?popup" ];
+
+onmessage = function(e) {
+  is(e.data, "WS Throws!", "ws://URI cannot be used by a https iframe");
+  runTest();
+}
+
+function runTest() {
+  if (!urls.length) {
+    SimpleTest.finish();
+    return;
+  }
+
+  document.getElementById("frame").src = urls.shift();
+}
+
+SimpleTest.waitForExplicitFinish();
+runTest();
+</script>
+</body>
+</html>