Bug 13871: Frameset spoofing - cleanup unneeded DOM interface. r=jst, sr=vidur

content/html/document/src/nsHTMLDocument.cpp

@@ -286,7 +286,7 @@ nsHTMLDocument::nsHTMLDocument()
     //NS_WITH_SERVICE(nsIRDFService, gRDF, kRDFServiceCID, &rv);
   }
 
-  mDomainSet = PR_FALSE; // Bug 13871: Frameset spoofing
+  mDomainWasSet = PR_FALSE; // Bug 13871: Frameset spoofing
 }
 
 nsHTMLDocument::~nsHTMLDocument()
@@ -1815,16 +1815,16 @@ nsHTMLDocument::SetDomain(const nsAReadableString& aDomain)
 
   // Bug 13871: Frameset spoofing - note that document.domain was set
   if (NS_SUCCEEDED(rv))
-    mDomainSet = PR_TRUE;
+    mDomainWasSet = PR_TRUE;
 
   return rv;
 }
 
 NS_IMETHODIMP
-nsHTMLDocument::GetDomainSet(PRBool* aValue)
+nsHTMLDocument::WasDomainSet(PRBool* aDomainWasSet)
 {
-  NS_ENSURE_ARG_POINTER(aValue);
-  *aValue = mDomainSet;
+  NS_ENSURE_ARG_POINTER(aDomainWasSet);
+  *aDomainWasSet = mDomainWasSet;
   return NS_OK;
 }
 

content/html/document/src/nsHTMLDocument.h

@@ -149,6 +149,11 @@ public:
   virtual PRBool IsInSelection(nsISelection* aSelection, const nsIContent *aContent) const;
 
   virtual nsresult Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup);
+
+  /*
+   * Returns true if document.domain was set for this document
+   */
+  NS_IMETHOD WasDomainSet(PRBool* aDomainWasSet);
 protected:
   nsresult GetPixelDimensions(nsIPresShell* aShell,
                               PRInt32* aWidth,
@@ -196,7 +201,7 @@ protected:
   /*
    * Bug 13871: Frameset spoofing - find out if document.domain was set
    */
-  PRBool       mDomainSet;
+  PRBool       mDomainWasSet;
 
 protected:
   void RegisterNamedItems(nsIContent *aContent, PRBool aInForm);

content/html/document/src/nsIHTMLDocument.h

@@ -71,6 +71,10 @@ public:
   NS_IMETHOD GetDTDMode(nsDTDMode& aMode) = 0;
   NS_IMETHOD SetDTDMode(nsDTDMode aMode) = 0;
 
+  /*
+   * Returns true if document.domain was set for this document
+   */
+  NS_IMETHOD WasDomainSet(PRBool* aDomainWasSet) = 0;
 };
 
 #endif /* nsIHTMLDocument_h___ */

dom/public/html/nsIDOMNSHTMLDocument.h

@@ -63,8 +63,6 @@ public:
 
   NS_IMETHOD    GetEmbeds(nsIDOMHTMLCollection** aEmbeds)=0;
 
-  NS_IMETHOD    GetDomainSet(PRBool* aDomainSet)=0;
-
   NS_IMETHOD    GetSelection(nsAWritableString& aReturn)=0;
 
   NS_IMETHOD    NamedItem(JSContext* cx, jsval* argv, PRUint32 argc, jsval* aReturn)=0;
@@ -100,7 +98,6 @@ public:
   NS_IMETHOD    SetFgColor(const nsAReadableString& aFgColor);  \
   NS_IMETHOD    GetLastModified(nsAWritableString& aLastModified);  \
   NS_IMETHOD    GetEmbeds(nsIDOMHTMLCollection** aEmbeds);  \
-  NS_IMETHOD    GetDomainSet(PRBool* aDomainSet);  \
   NS_IMETHOD    GetSelection(nsAWritableString& aReturn);  \
   NS_IMETHOD    NamedItem(JSContext* cx, jsval* argv, PRUint32 argc, jsval* aReturn);  \
   NS_IMETHOD    Open(JSContext* cx, jsval* argv, PRUint32 argc);  \
@@ -128,7 +125,6 @@ public:
   NS_IMETHOD    SetFgColor(const nsAReadableString& aFgColor) { return _to SetFgColor(aFgColor); } \
   NS_IMETHOD    GetLastModified(nsAWritableString& aLastModified) { return _to GetLastModified(aLastModified); } \
   NS_IMETHOD    GetEmbeds(nsIDOMHTMLCollection** aEmbeds) { return _to GetEmbeds(aEmbeds); } \
-  NS_IMETHOD    GetDomainSet(PRBool* aDomainSet) { return _to GetDomainSet(aDomainSet); } \
   NS_IMETHOD    GetSelection(nsAWritableString& aReturn) { return _to GetSelection(aReturn); }  \
   NS_IMETHOD    NamedItem(JSContext* cx, jsval* argv, PRUint32 argc, jsval* aReturn) { return _to NamedItem(cx, argv, argc, aReturn); }  \
   NS_IMETHOD    Open(JSContext* cx, jsval* argv, PRUint32 argc) { return _to Open(cx, argv, argc); }  \

dom/public/idl/html/HTMLDocument.idl

@@ -47,6 +47,4 @@
      void captureEvents(in long eventFlags);
      void releaseEvents(in long eventFlags);
      void routeEvent(in Event evt);
-
-     readonly attribute boolean domainSet;
    };

dom/public/nsDOMPropEnums.h

@@ -785,7 +785,6 @@ enum nsDOMProp {
     NS_DOM_PROP_NSHTMLDOCUMENT_BGCOLOR, 
     NS_DOM_PROP_NSHTMLDOCUMENT_CAPTUREEVENTS, 
     NS_DOM_PROP_NSHTMLDOCUMENT_CLEAR, 
-    NS_DOM_PROP_NSHTMLDOCUMENT_DOMAINSET, 
     NS_DOM_PROP_NSHTMLDOCUMENT_EMBEDS, 
     NS_DOM_PROP_NSHTMLDOCUMENT_FGCOLOR, 
     NS_DOM_PROP_NSHTMLDOCUMENT_GETSELECTION, 

dom/public/nsDOMPropNames.h

@@ -783,7 +783,6 @@
     "nshtmldocument.bgcolor", \
     "nshtmldocument.captureevents", \
     "nshtmldocument.clear", \
-    "nshtmldocument.domainset", \
     "nshtmldocument.embeds", \
     "nshtmldocument.fgcolor", \
     "nshtmldocument.getselection", \

dom/src/html/nsJSHTMLDocument.cpp

@@ -75,8 +75,7 @@ enum HTMLDocument_slots {
   NSHTMLDOCUMENT_BGCOLOR = -17,
   NSHTMLDOCUMENT_FGCOLOR = -18,
   NSHTMLDOCUMENT_LASTMODIFIED = -19,
-  NSHTMLDOCUMENT_EMBEDS = -20,
-  NSHTMLDOCUMENT_DOMAINSET = -21
+  NSHTMLDOCUMENT_EMBEDS = -20
 };
 
 /***********************************************************************/
@@ -411,25 +410,6 @@ GetHTMLDocumentProperty(JSContext *cx, JSObject *obj, jsval id, jsval *vp)
         }
         break;
       }
-      case NSHTMLDOCUMENT_DOMAINSET:
-      {
-        rv = secMan->CheckScriptAccess(cx, obj, NS_DOM_PROP_NSHTMLDOCUMENT_DOMAINSET, PR_FALSE);
-        if (NS_SUCCEEDED(rv)) {
-          PRBool prop;
-          nsIDOMNSHTMLDocument* b;
-          if (NS_OK == a->QueryInterface(kINSHTMLDocumentIID, (void **)&b)) {
-            rv = b->GetDomainSet(&prop);
-            if(NS_SUCCEEDED(rv)) {
-            *vp = BOOLEAN_TO_JSVAL(prop);
-            }
-            NS_RELEASE(b);
-          }
-          else {
-            rv = NS_ERROR_DOM_WRONG_TYPE_ERR;
-          }
-        }
-        break;
-      }
       default:
         checkNamedItem = PR_TRUE;
     }
@@ -672,7 +652,6 @@ static JSPropertySpec HTMLDocumentProperties[] =
   {"fgColor",    NSHTMLDOCUMENT_FGCOLOR,    JSPROP_ENUMERATE},
   {"lastModified",    NSHTMLDOCUMENT_LASTMODIFIED,    JSPROP_ENUMERATE | JSPROP_READONLY},
   {"embeds",    NSHTMLDOCUMENT_EMBEDS,    JSPROP_ENUMERATE | JSPROP_READONLY},
-  {"domainSet",    NSHTMLDOCUMENT_DOMAINSET,    JSPROP_ENUMERATE | JSPROP_READONLY},
   {0}
 };
 

layout/html/document/src/nsHTMLDocument.cpp

@@ -286,7 +286,7 @@ nsHTMLDocument::nsHTMLDocument()
     //NS_WITH_SERVICE(nsIRDFService, gRDF, kRDFServiceCID, &rv);
   }
 
-  mDomainSet = PR_FALSE; // Bug 13871: Frameset spoofing
+  mDomainWasSet = PR_FALSE; // Bug 13871: Frameset spoofing
 }
 
 nsHTMLDocument::~nsHTMLDocument()
@@ -1815,16 +1815,16 @@ nsHTMLDocument::SetDomain(const nsAReadableString& aDomain)
 
   // Bug 13871: Frameset spoofing - note that document.domain was set
   if (NS_SUCCEEDED(rv))
-    mDomainSet = PR_TRUE;
+    mDomainWasSet = PR_TRUE;
 
   return rv;
 }
 
 NS_IMETHODIMP
-nsHTMLDocument::GetDomainSet(PRBool* aValue)
+nsHTMLDocument::WasDomainSet(PRBool* aDomainWasSet)
 {
-  NS_ENSURE_ARG_POINTER(aValue);
-  *aValue = mDomainSet;
+  NS_ENSURE_ARG_POINTER(aDomainWasSet);
+  *aDomainWasSet = mDomainWasSet;
   return NS_OK;
 }
 

layout/html/document/src/nsHTMLDocument.h

@@ -149,6 +149,11 @@ public:
   virtual PRBool IsInSelection(nsISelection* aSelection, const nsIContent *aContent) const;
 
   virtual nsresult Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup);
+
+  /*
+   * Returns true if document.domain was set for this document
+   */
+  NS_IMETHOD WasDomainSet(PRBool* aDomainWasSet);
 protected:
   nsresult GetPixelDimensions(nsIPresShell* aShell,
                               PRInt32* aWidth,
@@ -196,7 +201,7 @@ protected:
   /*
    * Bug 13871: Frameset spoofing - find out if document.domain was set
    */
-  PRBool       mDomainSet;
+  PRBool       mDomainWasSet;
 
 protected:
   void RegisterNamedItems(nsIContent *aContent, PRBool aInForm);

layout/html/document/src/nsIHTMLDocument.h

@@ -71,6 +71,10 @@ public:
   NS_IMETHOD GetDTDMode(nsDTDMode& aMode) = 0;
   NS_IMETHOD SetDTDMode(nsDTDMode aMode) = 0;
 
+  /*
+   * Returns true if document.domain was set for this document
+   */
+  NS_IMETHOD WasDomainSet(PRBool* aDomainWasSet) = 0;
 };
 
 #endif /* nsIHTMLDocument_h___ */

uriloader/base/nsURILoader.cpp

@@ -59,7 +59,7 @@
 #include "nsIDocument.h"
 #include "nsIDOMDocument.h"
 #include "nsICodebasePrincipal.h"
-#include "nsIDOMNSHTMLDocument.h"
+#include "nsIHTMLDocument.h"
 
 static NS_DEFINE_CID(kURILoaderCID, NS_URI_LOADER_CID);
 static NS_DEFINE_CID(kStreamConverterServiceCID, NS_STREAMCONVERTERSERVICE_CID);
@@ -644,13 +644,14 @@ PRBool ValidateOrigin(nsIDocShellTreeItem* aOriginTreeItem, nsIDocShellTreeItem*
   rv = targetCodebasePrincipal->GetURI(getter_AddRefs(targetPrincipalURI));
   NS_ENSURE_TRUE(NS_SUCCEEDED(rv) && targetPrincipalURI, PR_TRUE);
 
-  // Find out if document.domain was set
-  nsCOMPtr<nsIDOMNSHTMLDocument> targetDOMNSHTMLDocument(do_QueryInterface(targetDocument));
-  NS_ENSURE_TRUE(targetDOMNSHTMLDocument, NS_ERROR_FAILURE);
+  // Find out if document.domain was set for HTML documents
+  PRBool documentDomainSet = PR_FALSE;
+  nsCOMPtr<nsIHTMLDocument> targetHTMLDocument(do_QueryInterface(targetDocument));
 
-  PRBool documentDomainSet;
-  rv = targetDOMNSHTMLDocument->GetDomainSet(&documentDomainSet);
-  NS_ENSURE_SUCCESS(rv, rv);
+  // If we don't have an HTML document, fall through with documentDomainSet false
+  if (targetHTMLDocument) {
+    targetHTMLDocument->WasDomainSet(&documentDomainSet);
+  }
 
   // Is origin same principal or a subdomain of target's document.domain
   // Compare actual URI of origin document, not origin principal's URI. (Per Nav 4.x)