Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-09 03:15:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1292432 part 5 - Unify completeness check and security check to StyleSheet. r=heycam

Browse Source 
MozReview-Commit-ID: CmQ2Q9UrLAA

--HG--
extra : source : cb459bc28ecf5ee409374a715247b788831afd88
This commit is contained in:
Xidorn Quan 2016-10-14 22:25:38 +11:00
parent 727c0552af
commit 73c9f14ff1
3 changed files with 29 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
layout/style/CSSStyleSheet.cpp
View File

@ -1685,16 +1685,7 @@ CSSRuleList*
CSSStyleSheet::GetCssRules(nsIPrincipal& aSubjectPrincipal,
ErrorResult& aRv)
{
// No doing this on incomplete sheets!
if (!mInner->mComplete) {
aRv.Throw(NS_ERROR_DOM_INVALID_ACCESS_ERR);
return nullptr;
}
//-- Security check: Only scripts whose principal subsumes that of the
// style sheet can access rule collections.
SubjectSubsumesInnerPrincipal(aSubjectPrincipal, aRv);
if (NS_WARN_IF(aRv.Failed())) {
if (!AreRulesAvailable(aSubjectPrincipal, aRv)) {
return nullptr;
}
@ -1722,13 +1713,9 @@ CSSStyleSheet::InsertRule(const nsAString& aRule, uint32_t aIndex,
nsIPrincipal& aSubjectPrincipal,
ErrorResult& aRv)
{
//-- Security check: Only scripts whose principal subsumes that of the
// style sheet can modify rule collections.
SubjectSubsumesInnerPrincipal(aSubjectPrincipal, aRv);
if (NS_WARN_IF(aRv.Failed())) {
if (!AreRulesAvailable(aSubjectPrincipal, aRv)) {
return 0;
}
return InsertRuleInternal(aRule, aIndex, aRv);
}
@ -1748,11 +1735,7 @@ CSSStyleSheet::InsertRuleInternal(const nsAString& aRule,
uint32_t aIndex,
ErrorResult& aRv)
{
// No doing this if the sheet is not complete!
if (!mInner->mComplete) {
aRv.Throw(NS_ERROR_DOM_INVALID_ACCESS_ERR);
return 0;
}
MOZ_ASSERT(mInner->mComplete);
WillDirty();
@ -1880,16 +1863,7 @@ CSSStyleSheet::DeleteRule(uint32_t aIndex,
nsIPrincipal& aSubjectPrincipal,
ErrorResult& aRv)
{
// No doing this if the sheet is not complete!
if (!mInner->mComplete) {
aRv.Throw(NS_ERROR_DOM_INVALID_ACCESS_ERR);
return;
}
//-- Security check: Only scripts whose principal subsumes that of the
// style sheet can modify rule collections.
SubjectSubsumesInnerPrincipal(aSubjectPrincipal, aRv);
if (NS_WARN_IF(aRv.Failed())) {
if (!AreRulesAvailable(aSubjectPrincipal, aRv)) {
return;
}

18
layout/style/StyleSheet.cpp
View File

@ -193,4 +193,22 @@ StyleSheet::SubjectSubsumesInnerPrincipal(nsIPrincipal& aSubjectPrincipal,
DidDirty();
}
bool
StyleSheet::AreRulesAvailable(const Maybe<nsIPrincipal*>& aSubjectPrincipal,
ErrorResult& aRv)
{
// Rules are not available on incomplete sheets.
if (!SheetInfo().mComplete) {
aRv.Throw(NS_ERROR_DOM_INVALID_ACCESS_ERR);
return false;
}
//-- Security check: Only scripts whose principal subsumes that of the
// style sheet can access rule collections.
SubjectSubsumesInnerPrincipal(aSubjectPrincipal, aRv);
if (NS_WARN_IF(aRv.Failed())) {
return false;
}
return true;
}
} // namespace mozilla

7
layout/style/StyleSheet.h
View File

@ -145,6 +145,13 @@ private:
inline StyleSheetInfo& SheetInfo();
inline const StyleSheetInfo& SheetInfo() const;
// Check if the rules are available for read and write.
// It does the security check as well as whether the rules have been
// completely loaded. aRv will have an exception set if this function
// returns false.
bool AreRulesAvailable(const Maybe<nsIPrincipal*>& aSubjectPrincipal,
ErrorResult& aRv);
protected:
// Return success if the subject principal subsumes the principal of our
// inner, error otherwise. This will also succeed if the subject has