mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-24 21:31:04 +00:00
Make the redirect check get principals the same way we get them elsewhere.
Clean up some code to use the new security manager method. Bug 354693, r=dveditz, sr=sicking
This commit is contained in:
bzbarsky%mit.edu
parent
1d842a82b4
commit
8a1b6c5e34
@ -39,9 +39,10 @@
|
||||
#include "nsIPrincipal.idl"
|
||||
#include "nsIXPCSecurityManager.idl"
|
||||
interface nsIURI;
|
||||
interface nsIChannel;
|
||||
|
||||
|
||||
[scriptable, uuid(b9024f88-9ad2-491c-9777-ce5191033d3d)]
|
||||
[scriptable, uuid(c61d3ad1-00aa-407c-b7d7-de48b3f18662)]
|
||||
interface nsIScriptSecurityManager : nsIXPCSecurityManager
|
||||
{
|
||||
///////////////// Security Checks //////////////////
|
||||
@ -299,6 +300,13 @@ interface nsIScriptSecurityManager : nsIXPCSecurityManager
|
||||
* if no global or no principal.
|
||||
*/
|
||||
[noscript] nsIPrincipal getPrincipalFromContext(in JSContextPtr cx);
|
||||
|
||||
/**
|
||||
* Get the principal for the given channel. This will typically be the
|
||||
* channel owner if there is one, and the codebase principal for the
|
||||
* channel's URI otherwise. aChannel must not be null.
|
||||
*/
|
||||
[noscript] nsIPrincipal getChannelPrincipal(in nsIChannel aChannel);
|
||||
};
|
||||
|
||||
%{C++
|
||||
|
||||
@ -357,6 +357,34 @@ nsScriptSecurityManager::SecurityCompareURIs(nsIURI* aSourceURI,
|
||||
return result;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsScriptSecurityManager::GetChannelPrincipal(nsIChannel* aChannel,
|
||||
nsIPrincipal** aPrincipal)
|
||||
{
|
||||
NS_PRECONDITION(aChannel, "Must have channel!");
|
||||
nsCOMPtr<nsISupports> owner;
|
||||
aChannel->GetOwner(getter_AddRefs(owner));
|
||||
if (owner) {
|
||||
CallQueryInterface(owner, aPrincipal);
|
||||
if (*aPrincipal) {
|
||||
return NS_OK;
|
||||
}
|
||||
}
|
||||
|
||||
// OK, get the principal from the URI. Make sure this does the same thing
|
||||
// as nsDocument::Reset and nsXULDocument::StartDocumentLoad.
|
||||
nsCOMPtr<nsIURI> uri;
|
||||
nsLoadFlags loadFlags = 0;
|
||||
nsresult rv = aChannel->GetLoadFlags(&loadFlags);
|
||||
if (NS_SUCCEEDED(rv) && (loadFlags & nsIChannel::LOAD_REPLACE)) {
|
||||
aChannel->GetURI(getter_AddRefs(uri));
|
||||
} else {
|
||||
aChannel->GetOriginalURI(getter_AddRefs(uri));
|
||||
}
|
||||
|
||||
return GetCodebasePrincipal(uri, aPrincipal);
|
||||
}
|
||||
|
||||
////////////////////
|
||||
// Policy Storage //
|
||||
////////////////////
|
||||
@ -2948,16 +2976,18 @@ nsScriptSecurityManager::OnChannelRedirect(nsIChannel* oldChannel,
|
||||
nsIChannel* newChannel,
|
||||
PRUint32 redirFlags)
|
||||
{
|
||||
nsCOMPtr<nsIURI> oldURI, newURI;
|
||||
oldChannel->GetURI(getter_AddRefs(oldURI));
|
||||
nsCOMPtr<nsIPrincipal> oldPrincipal;
|
||||
GetChannelPrincipal(oldChannel, getter_AddRefs(oldPrincipal));
|
||||
|
||||
nsCOMPtr<nsIURI> newURI;
|
||||
newChannel->GetURI(getter_AddRefs(newURI));
|
||||
|
||||
NS_ENSURE_STATE(oldURI && newURI);
|
||||
NS_ENSURE_STATE(oldPrincipal && newURI);
|
||||
|
||||
const PRUint32 flags =
|
||||
nsIScriptSecurityManager::LOAD_IS_AUTOMATIC_DOCUMENT_REPLACEMENT |
|
||||
nsIScriptSecurityManager::DISALLOW_SCRIPT;
|
||||
return CheckLoadURI(oldURI, newURI, flags);
|
||||
return CheckLoadURIWithPrincipal(oldPrincipal, newURI, flags);
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -91,8 +91,8 @@ class nsIDocumentObserver;
|
||||
|
||||
// IID for the nsIDocument interface
|
||||
#define NS_IDOCUMENT_IID \
|
||||
{ 0x1ae3a9cc, 0x3c05, 0x4215, \
|
||||
{ 0xad, 0xed, 0xe7, 0x89, 0xc4, 0x08, 0x00, 0x91 } }
|
||||
{ 0xb138a9aa, 0x3d0d, 0x4d0b, \
|
||||
{ 0x98, 0x02, 0x72, 0x15, 0x54, 0x27, 0xe0, 0x2e } }
|
||||
|
||||
// Flag for AddStyleSheet().
|
||||
#define NS_STYLESHEET_FROM_CATALOG (1 << 0)
|
||||
@ -595,13 +595,17 @@ public:
|
||||
/**
|
||||
* Reset the document using the given channel and loadgroup. This works
|
||||
* like ResetToURI, but also sets the document's channel to aChannel.
|
||||
* The principal of the document will be set from the channel.
|
||||
*/
|
||||
virtual void Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup) = 0;
|
||||
|
||||
/**
|
||||
* Reset this document to aURI and aLoadGroup. aURI must not be null.
|
||||
* Reset this document to aURI, aLoadGroup, and aPrincipal. aURI must not be
|
||||
* null. If aPrincipal is null, a codebase principal based on aURI will be
|
||||
* used.
|
||||
*/
|
||||
virtual void ResetToURI(nsIURI *aURI, nsILoadGroup* aLoadGroup) = 0;
|
||||
virtual void ResetToURI(nsIURI *aURI, nsILoadGroup* aLoadGroup,
|
||||
nsIPrincipal* aPrincipal) = 0;
|
||||
|
||||
/**
|
||||
* Set the container (docshell) for this document.
|
||||
|
||||
@ -882,8 +882,10 @@ void
|
||||
nsDocument::Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup)
|
||||
{
|
||||
nsCOMPtr<nsIURI> uri;
|
||||
nsCOMPtr<nsIPrincipal> principal;
|
||||
if (aChannel) {
|
||||
// Note: this code is duplicated in nsXULDocument::StartDocumentLoad.
|
||||
// Note: this code is duplicated in nsXULDocument::StartDocumentLoad and
|
||||
// nsScriptSecurityManager::GetChannelPrincipal.
|
||||
// Note: this should match nsDocShell::OnLoadingSite
|
||||
nsLoadFlags loadFlags = 0;
|
||||
nsresult rv = aChannel->GetLoadFlags(&loadFlags);
|
||||
@ -892,25 +894,23 @@ nsDocument::Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup)
|
||||
} else {
|
||||
aChannel->GetOriginalURI(getter_AddRefs(uri));
|
||||
}
|
||||
}
|
||||
|
||||
ResetToURI(uri, aLoadGroup);
|
||||
|
||||
if (aChannel) {
|
||||
nsCOMPtr<nsISupports> owner;
|
||||
if (NS_SUCCEEDED(aChannel->GetOwner(getter_AddRefs(owner)))) {
|
||||
nsCOMPtr<nsIPrincipal> principal = do_QueryInterface(owner);
|
||||
if (principal) {
|
||||
SetPrincipal(principal);
|
||||
}
|
||||
nsIScriptSecurityManager *securityManager =
|
||||
nsContentUtils::GetSecurityManager();
|
||||
if (securityManager) {
|
||||
securityManager->GetChannelPrincipal(aChannel,
|
||||
getter_AddRefs(principal));
|
||||
}
|
||||
}
|
||||
|
||||
ResetToURI(uri, aLoadGroup, principal);
|
||||
|
||||
mChannel = aChannel;
|
||||
}
|
||||
|
||||
void
|
||||
nsDocument::ResetToURI(nsIURI *aURI, nsILoadGroup *aLoadGroup)
|
||||
nsDocument::ResetToURI(nsIURI *aURI, nsILoadGroup *aLoadGroup,
|
||||
nsIPrincipal* aPrincipal)
|
||||
{
|
||||
NS_PRECONDITION(aURI, "Null URI passed to ResetToURI");
|
||||
|
||||
@ -984,15 +984,19 @@ nsDocument::ResetToURI(nsIURI *aURI, nsILoadGroup *aLoadGroup)
|
||||
mXMLDeclarationBits = 0;
|
||||
|
||||
// Now get our new principal
|
||||
nsIScriptSecurityManager *securityManager =
|
||||
nsContentUtils::GetSecurityManager();
|
||||
if (securityManager) {
|
||||
nsCOMPtr<nsIPrincipal> principal;
|
||||
nsresult rv =
|
||||
securityManager->GetCodebasePrincipal(mDocumentURI,
|
||||
getter_AddRefs(principal));
|
||||
if (NS_SUCCEEDED(rv)) {
|
||||
SetPrincipal(principal);
|
||||
if (aPrincipal) {
|
||||
SetPrincipal(aPrincipal);
|
||||
} else {
|
||||
nsIScriptSecurityManager *securityManager =
|
||||
nsContentUtils::GetSecurityManager();
|
||||
if (securityManager) {
|
||||
nsCOMPtr<nsIPrincipal> principal;
|
||||
nsresult rv =
|
||||
securityManager->GetCodebasePrincipal(mDocumentURI,
|
||||
getter_AddRefs(principal));
|
||||
if (NS_SUCCEEDED(rv)) {
|
||||
SetPrincipal(principal);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -298,7 +298,8 @@ public:
|
||||
NS_DECL_ISUPPORTS
|
||||
|
||||
virtual void Reset(nsIChannel *aChannel, nsILoadGroup *aLoadGroup);
|
||||
virtual void ResetToURI(nsIURI *aURI, nsILoadGroup *aLoadGroup);
|
||||
virtual void ResetToURI(nsIURI *aURI, nsILoadGroup *aLoadGroup,
|
||||
nsIPrincipal* aPrincipal);
|
||||
|
||||
// StartDocumentLoad is pure virtual so that subclasses must override it.
|
||||
// The nsDocument StartDocumentLoad does some setup, but does NOT set
|
||||
|
||||
@ -404,11 +404,12 @@ nsHTMLDocument::Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup)
|
||||
}
|
||||
|
||||
void
|
||||
nsHTMLDocument::ResetToURI(nsIURI *aURI, nsILoadGroup *aLoadGroup)
|
||||
nsHTMLDocument::ResetToURI(nsIURI *aURI, nsILoadGroup *aLoadGroup,
|
||||
nsIPrincipal* aPrincipal)
|
||||
{
|
||||
mLoadFlags = nsIRequest::LOAD_NORMAL;
|
||||
|
||||
nsDocument::ResetToURI(aURI, aLoadGroup);
|
||||
nsDocument::ResetToURI(aURI, aLoadGroup, aPrincipal);
|
||||
|
||||
InvalidateHashTables();
|
||||
PrePopulateHashTables();
|
||||
|
||||
@ -81,7 +81,8 @@ public:
|
||||
NS_IMETHOD_(nsrefcnt) Release(void);
|
||||
|
||||
virtual void Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup);
|
||||
virtual void ResetToURI(nsIURI* aURI, nsILoadGroup* aLoadGroup);
|
||||
virtual void ResetToURI(nsIURI* aURI, nsILoadGroup* aLoadGroup,
|
||||
nsIPrincipal* aPrincipal);
|
||||
virtual nsStyleSet::sheetType GetAttrSheetType();
|
||||
|
||||
virtual nsresult CreateShell(nsPresContext* aContext,
|
||||
@ -286,8 +287,10 @@ protected:
|
||||
nsIChannel* aChannel,
|
||||
PRInt32& aCharsetSource,
|
||||
nsACString& aCharset);
|
||||
static PRBool TryParentCharset(nsIDocumentCharsetInfo* aDocInfo,
|
||||
PRInt32& charsetSource, nsACString& aCharset);
|
||||
// aParentDocument could be null.
|
||||
PRBool TryParentCharset(nsIDocumentCharsetInfo* aDocInfo,
|
||||
nsIDocument* aParentDocument,
|
||||
PRInt32& charsetSource, nsACString& aCharset);
|
||||
static PRBool UseWeakDocTypeDefault(PRInt32& aCharsetSource,
|
||||
nsACString& aCharset);
|
||||
static PRBool TryDefaultCharset(nsIMarkupDocumentViewer* aMarkupDV,
|
||||
|
||||
@ -224,7 +224,8 @@ nsXMLDocument::Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup)
|
||||
}
|
||||
|
||||
void
|
||||
nsXMLDocument::ResetToURI(nsIURI *aURI, nsILoadGroup *aLoadGroup)
|
||||
nsXMLDocument::ResetToURI(nsIURI *aURI, nsILoadGroup *aLoadGroup,
|
||||
nsIPrincipal* aPrincipal)
|
||||
{
|
||||
if (mChannelIsPending) {
|
||||
StopDocumentLoad();
|
||||
@ -232,7 +233,7 @@ nsXMLDocument::ResetToURI(nsIURI *aURI, nsILoadGroup *aLoadGroup)
|
||||
mChannelIsPending = nsnull;
|
||||
}
|
||||
|
||||
nsDocument::ResetToURI(aURI, aLoadGroup);
|
||||
nsDocument::ResetToURI(aURI, aLoadGroup, aPrincipal);
|
||||
}
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
@ -418,14 +419,15 @@ nsXMLDocument::Load(const nsAString& aUrl, PRBool *aReturn)
|
||||
// event listener manager so that load listeners etc. will
|
||||
// remain. This should be done before the security check is done to
|
||||
// ensure that the document is reset even if the new document can't
|
||||
// be loaded.
|
||||
// be loaded. Note that we need to hold a strong ref to |principal|
|
||||
// here, because ResetToURI will null out our node principal before
|
||||
// setting the new one.
|
||||
nsCOMPtr<nsIPrincipal> principal = NodePrincipal();
|
||||
nsCOMPtr<nsIEventListenerManager> elm(mListenerManager);
|
||||
mListenerManager = nsnull;
|
||||
|
||||
ResetToURI(uri, nsnull);
|
||||
ResetToURI(uri, nsnull, principal);
|
||||
|
||||
SetPrincipal(principal);
|
||||
mListenerManager = elm;
|
||||
|
||||
// Get security manager, check to see if we're allowed to load this URI
|
||||
|
||||
@ -63,7 +63,8 @@ public:
|
||||
NS_DECL_ISUPPORTS_INHERITED
|
||||
|
||||
virtual void Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup);
|
||||
virtual void ResetToURI(nsIURI *aURI, nsILoadGroup *aLoadGroup);
|
||||
virtual void ResetToURI(nsIURI *aURI, nsILoadGroup *aLoadGroup,
|
||||
nsIPrincipal* aPrincipal);
|
||||
|
||||
virtual nsresult StartDocumentLoad(const char* aCommand, nsIChannel* channel,
|
||||
nsILoadGroup* aLoadGroup,
|
||||
|
||||
@ -130,7 +130,7 @@ const char XUL_FASTLOAD_FILE_BASENAME[] = "XUL";
|
||||
// (opaque to XPCOM FastLoad code) format of XUL-specific XDR serializations.
|
||||
// See also JSXDR_BYTECODE_VERSION in jsxdrapi.h, which tracks incompatible JS
|
||||
// bytecode version changes.
|
||||
#define XUL_FASTLOAD_FILE_VERSION (0xfeedbeef - 21)
|
||||
#define XUL_FASTLOAD_FILE_VERSION (0xfeedbeef - 22)
|
||||
|
||||
#define XUL_SERIALIZATION_BUFFER_SIZE (64 * 1024)
|
||||
#define XUL_DESERIALIZATION_BUFFER_SIZE (8 * 1024)
|
||||
|
||||
@ -52,7 +52,8 @@ class nsNodeInfoManager;
|
||||
class nsISupportsArray;
|
||||
|
||||
#define NS_IXULPROTOTYPEDOCUMENT_IID \
|
||||
{0xfc69c0c7,0xd101,0x4830,{0xa1,0x3e,0x3a,0x65,0xbc,0xc8,0xee,0xf2}}
|
||||
{ 0x054a0bfe, 0xe7bc, 0x44b0, \
|
||||
{ 0x90, 0x97, 0x6c, 0x95, 0xe4, 0xd6, 0x5f, 0xa3 } }
|
||||
|
||||
/**
|
||||
* A "prototype" document that stores shared document information
|
||||
@ -64,9 +65,17 @@ public:
|
||||
NS_DECLARE_STATIC_IID_ACCESSOR(NS_IXULPROTOTYPEDOCUMENT_IID)
|
||||
|
||||
/**
|
||||
* Access the URI of the document
|
||||
* Method to initialize a prototype document's principal. Either this
|
||||
* method or Read() must be called immediately after the prototype document
|
||||
* is created. aURI must be non-null. aPrincipal is allowed to be null;
|
||||
* in this case the prototype will get a null principal object. If this
|
||||
* method returns error, do NOT use the prototype document for anything.
|
||||
*/
|
||||
NS_IMETHOD InitPrincipal(nsIURI* aURI, nsIPrincipal* aPrincipal) = 0;
|
||||
|
||||
/**
|
||||
* Retrieve the URI of the document
|
||||
*/
|
||||
NS_IMETHOD SetURI(nsIURI* aURI) = 0;
|
||||
NS_IMETHOD GetURI(nsIURI** aResult) = 0;
|
||||
|
||||
/**
|
||||
@ -107,8 +116,9 @@ public:
|
||||
NS_IMETHOD GetHeaderData(nsIAtom* aField, nsAString& aData) const = 0;
|
||||
NS_IMETHOD SetHeaderData(nsIAtom* aField, const nsAString& aData) = 0;
|
||||
|
||||
virtual nsIPrincipal *GetDocumentPrincipal() = 0;
|
||||
virtual void SetDocumentPrincipal(nsIPrincipal *aPrincipal) = 0;
|
||||
// Guaranteed to return non-null for a properly-initialized prototype
|
||||
// document.
|
||||
virtual nsIPrincipal *DocumentPrincipal() = 0;
|
||||
|
||||
virtual nsNodeInfoManager *GetNodeInfoManager() = 0;
|
||||
|
||||
|
||||
@ -321,7 +321,8 @@ nsXULDocument::Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup)
|
||||
}
|
||||
|
||||
void
|
||||
nsXULDocument::ResetToURI(nsIURI* aURI, nsILoadGroup* aLoadGroup)
|
||||
nsXULDocument::ResetToURI(nsIURI* aURI, nsILoadGroup* aLoadGroup,
|
||||
nsIPrincipal* aPrincipal)
|
||||
{
|
||||
NS_NOTREACHED("ResetToURI");
|
||||
}
|
||||
@ -364,8 +365,9 @@ nsXULDocument::StartDocumentLoad(const char* aCommand, nsIChannel* aChannel,
|
||||
mChannel = aChannel;
|
||||
|
||||
// Get the URI. Note that this should match nsDocShell::OnLoadingSite
|
||||
// XXXbz this code is repeated from nsDocument::Reset; we
|
||||
// really need to refactor this part better.
|
||||
// XXXbz this code is repeated from nsDocument::Reset and
|
||||
// nsScriptSecurityManager::GetChannelPrincipal; we really need to refactor
|
||||
// this part better.
|
||||
nsLoadFlags loadFlags = 0;
|
||||
nsresult rv = aChannel->GetLoadFlags(&loadFlags);
|
||||
if (NS_SUCCEEDED(rv)) {
|
||||
@ -417,7 +419,7 @@ nsXULDocument::StartDocumentLoad(const char* aCommand, nsIChannel* aChannel,
|
||||
mMasterPrototype = mCurrentPrototype = proto;
|
||||
|
||||
// Set up the right principal on ourselves.
|
||||
SetPrincipal(proto->GetDocumentPrincipal());
|
||||
SetPrincipal(proto->DocumentPrincipal());
|
||||
|
||||
// We need a listener, even if proto is not yet loaded, in which
|
||||
// event the listener's OnStopRequest method does nothing, and all
|
||||
@ -2051,12 +2053,9 @@ nsXULDocument::PrepareToLoad(nsISupports* aContainer,
|
||||
nsresult rv;
|
||||
|
||||
// Get the document's principal
|
||||
nsCOMPtr<nsISupports> owner;
|
||||
rv = aChannel->GetOwner(getter_AddRefs(owner));
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
|
||||
nsCOMPtr<nsIPrincipal> principal = do_QueryInterface(owner);
|
||||
|
||||
nsCOMPtr<nsIPrincipal> principal;
|
||||
nsContentUtils::GetSecurityManager()->
|
||||
GetChannelPrincipal(aChannel, getter_AddRefs(principal));
|
||||
return PrepareToLoadPrototype(mDocumentURI, aCommand, principal, aResult);
|
||||
}
|
||||
|
||||
@ -2074,21 +2073,17 @@ nsXULDocument::PrepareToLoadPrototype(nsIURI* aURI, const char* aCommand,
|
||||
getter_AddRefs(mCurrentPrototype));
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
|
||||
rv = mCurrentPrototype->InitPrincipal(aURI, aDocumentPrincipal);
|
||||
if (NS_FAILED(rv)) {
|
||||
mCurrentPrototype = nsnull;
|
||||
return rv;
|
||||
}
|
||||
|
||||
// Bootstrap the master document prototype.
|
||||
PRBool isMasterProto = PR_FALSE;
|
||||
if (! mMasterPrototype) {
|
||||
mMasterPrototype = mCurrentPrototype;
|
||||
mMasterPrototype->SetDocumentPrincipal(aDocumentPrincipal);
|
||||
isMasterProto = PR_TRUE;
|
||||
}
|
||||
|
||||
rv = mCurrentPrototype->SetURI(aURI);
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
|
||||
if (isMasterProto) {
|
||||
// Set our principal based on the master proto. Note that this MUST
|
||||
// come after the SetURI and SetDocumentPrincipal calls above.
|
||||
SetPrincipal(mMasterPrototype->GetDocumentPrincipal());
|
||||
// Set our principal based on the master proto.
|
||||
SetPrincipal(aDocumentPrincipal);
|
||||
}
|
||||
|
||||
// Create a XUL content sink, a parser, and kick off a load for
|
||||
@ -2742,6 +2737,10 @@ nsXULDocument::LoadOverlayInternal(nsIURI* aURI, PRBool aIsDynamic,
|
||||
// Not there. Initiate a load.
|
||||
PR_LOG(gXULLog, PR_LOG_DEBUG, ("xul: overlay was not cached"));
|
||||
|
||||
// No one ever uses overlay principals for anything, so it's OK to give
|
||||
// them the null principal. Too bad this code insists on the sort of
|
||||
// syncloading that can't provide us the right principal from the
|
||||
// channel...
|
||||
nsCOMPtr<nsIParser> parser;
|
||||
rv = PrepareToLoadPrototype(aURI, "view", nsnull, getter_AddRefs(parser));
|
||||
if (NS_FAILED(rv)) return rv;
|
||||
|
||||
@ -97,7 +97,8 @@ public:
|
||||
|
||||
// nsIDocument interface
|
||||
virtual void Reset(nsIChannel* aChannel, nsILoadGroup* aLoadGroup);
|
||||
virtual void ResetToURI(nsIURI *aURI, nsILoadGroup* aLoadGroup);
|
||||
virtual void ResetToURI(nsIURI *aURI, nsILoadGroup* aLoadGroup,
|
||||
nsIPrincipal* aPrincipal);
|
||||
|
||||
virtual nsresult StartDocumentLoad(const char* aCommand,
|
||||
nsIChannel *channel,
|
||||
|
||||
@ -126,8 +126,9 @@ public:
|
||||
NS_DECL_NSISERIALIZABLE
|
||||
|
||||
// nsIXULPrototypeDocument interface
|
||||
NS_IMETHOD InitPrincipal(nsIURI* aURI, nsIPrincipal* aPrincipal);
|
||||
|
||||
NS_IMETHOD GetURI(nsIURI** aResult);
|
||||
NS_IMETHOD SetURI(nsIURI* aURI);
|
||||
|
||||
NS_IMETHOD GetRootElement(nsXULPrototypeElement** aResult);
|
||||
NS_IMETHOD SetRootElement(nsXULPrototypeElement* aElement);
|
||||
@ -141,8 +142,7 @@ public:
|
||||
NS_IMETHOD GetHeaderData(nsIAtom* aField, nsAString& aData) const;
|
||||
NS_IMETHOD SetHeaderData(nsIAtom* aField, const nsAString& aData);
|
||||
|
||||
virtual nsIPrincipal *GetDocumentPrincipal();
|
||||
void SetDocumentPrincipal(nsIPrincipal *aPrincipal);
|
||||
virtual nsIPrincipal *DocumentPrincipal();
|
||||
|
||||
NS_IMETHOD AwaitLoadDone(nsIXULDocument* aDocument, PRBool* aResult);
|
||||
NS_IMETHOD NotifyLoadDone();
|
||||
@ -159,7 +159,6 @@ protected:
|
||||
nsXULPrototypeElement* mRoot;
|
||||
nsTArray<nsXULPrototypePI*> mProcessingInstructions;
|
||||
nsCOMPtr<nsISupportsArray> mStyleSheetReferences;
|
||||
nsCOMPtr<nsIPrincipal> mDocumentPrincipal;
|
||||
|
||||
nsCOMPtr<nsIScriptGlobalObject> mGlobalObject;
|
||||
|
||||
@ -314,15 +313,11 @@ NS_NewXULPrototypeDocument(nsISupports* aOuter, REFNSIID aIID, void** aResult)
|
||||
nsresult
|
||||
nsXULPrototypeDocument::NewXULPDGlobalObject(nsIScriptGlobalObject** aResult)
|
||||
{
|
||||
nsIPrincipal *principal = GetDocumentPrincipal();
|
||||
if (!principal)
|
||||
return NS_ERROR_FAILURE;
|
||||
|
||||
// Now that GetDocumentPrincipal has succeeded, we can safely compare its
|
||||
// result to gSystemPrincipal, in order to create gSystemGlobal if the two
|
||||
// pointers are equal. Thus, gSystemGlobal implies gSystemPrincipal.
|
||||
// Now compare DocumentPrincipal() to gSystemPrincipal, in order to create
|
||||
// gSystemGlobal if the two pointers are equal. Thus, gSystemGlobal
|
||||
// implies gSystemPrincipal.
|
||||
nsCOMPtr<nsIScriptGlobalObject> global;
|
||||
if (principal == gSystemPrincipal) {
|
||||
if (DocumentPrincipal() == gSystemPrincipal) {
|
||||
if (!gSystemGlobal) {
|
||||
gSystemGlobal = new nsXULPDGlobalObject();
|
||||
if (! gSystemGlobal)
|
||||
@ -366,17 +361,12 @@ nsXULPrototypeDocument::Read(nsIObjectInputStream* aStream)
|
||||
mStyleSheetReferences->AppendElement(referenceURI);
|
||||
}
|
||||
|
||||
// nsIPrincipal mDocumentPrincipal
|
||||
|
||||
// nsIPrincipal mNodeInfoManager->mPrincipal
|
||||
nsCOMPtr<nsIPrincipal> principal;
|
||||
rv |= NS_ReadOptionalObject(aStream, PR_TRUE, getter_AddRefs(principal));
|
||||
if (! principal) {
|
||||
principal = GetDocumentPrincipal();
|
||||
if (!principal)
|
||||
rv |= NS_ERROR_FAILURE;
|
||||
} else {
|
||||
mNodeInfoManager->SetDocumentPrincipal(principal);
|
||||
mDocumentPrincipal = principal;
|
||||
}
|
||||
rv |= aStream->ReadObject(PR_TRUE, getter_AddRefs(principal));
|
||||
// Better safe than sorry....
|
||||
mNodeInfoManager->SetDocumentPrincipal(principal);
|
||||
|
||||
// nsIScriptGlobalObject mGlobalObject
|
||||
NewXULPDGlobalObject(getter_AddRefs(mGlobalObject));
|
||||
@ -498,8 +488,9 @@ nsXULPrototypeDocument::Write(nsIObjectOutputStream* aStream)
|
||||
rv |= aStream->WriteCompoundObject(referenceURI, NS_GET_IID(nsIURI), PR_TRUE);
|
||||
}
|
||||
|
||||
// nsIPrincipal mDocumentPrincipal
|
||||
rv |= NS_WriteOptionalObject(aStream, mDocumentPrincipal, PR_TRUE);
|
||||
// nsIPrincipal mNodeInfoManager->mPrincipal
|
||||
rv |= aStream->WriteObject(mNodeInfoManager->DocumentPrincipal(),
|
||||
PR_TRUE);
|
||||
|
||||
// nsINodeInfo table
|
||||
nsCOMArray<nsINodeInfo> nodeInfos;
|
||||
@ -543,6 +534,17 @@ nsXULPrototypeDocument::Write(nsIObjectOutputStream* aStream)
|
||||
// nsIXULPrototypeDocument methods
|
||||
//
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsXULPrototypeDocument::InitPrincipal(nsIURI* aURI, nsIPrincipal* aPrincipal)
|
||||
{
|
||||
NS_ENSURE_ARG_POINTER(aURI);
|
||||
|
||||
mURI = aURI;
|
||||
mNodeInfoManager->SetDocumentPrincipal(aPrincipal);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsXULPrototypeDocument::GetURI(nsIURI** aResult)
|
||||
{
|
||||
@ -552,23 +554,6 @@ nsXULPrototypeDocument::GetURI(nsIURI** aResult)
|
||||
}
|
||||
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsXULPrototypeDocument::SetURI(nsIURI* aURI)
|
||||
{
|
||||
NS_ASSERTION(!mURI, "Can't change the uri of a xul prototype document");
|
||||
if (mURI)
|
||||
return NS_ERROR_ALREADY_INITIALIZED;
|
||||
|
||||
mURI = aURI;
|
||||
if (!mDocumentPrincipal) {
|
||||
// If the document doesn't have a principal yet we'll force the creation of one
|
||||
// so that mNodeInfoManager properly gets one.
|
||||
GetDocumentPrincipal();
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsXULPrototypeDocument::GetRootElement(nsXULPrototypeElement** aResult)
|
||||
{
|
||||
@ -638,47 +623,13 @@ nsXULPrototypeDocument::SetHeaderData(nsIAtom* aField, const nsAString& aData)
|
||||
|
||||
|
||||
nsIPrincipal*
|
||||
nsXULPrototypeDocument::GetDocumentPrincipal()
|
||||
nsXULPrototypeDocument::DocumentPrincipal()
|
||||
{
|
||||
NS_PRECONDITION(mNodeInfoManager, "missing nodeInfoManager");
|
||||
if (!mDocumentPrincipal) {
|
||||
nsIScriptSecurityManager *securityManager =
|
||||
nsContentUtils::GetSecurityManager();
|
||||
nsresult rv = NS_OK;
|
||||
|
||||
// XXX This should be handled by the security manager, see bug 160042
|
||||
PRBool isChrome = PR_FALSE;
|
||||
if (NS_SUCCEEDED(mURI->SchemeIs("chrome", &isChrome)) && isChrome) {
|
||||
if (gSystemPrincipal) {
|
||||
mDocumentPrincipal = gSystemPrincipal;
|
||||
} else {
|
||||
rv = securityManager->
|
||||
GetSystemPrincipal(getter_AddRefs(mDocumentPrincipal));
|
||||
NS_IF_ADDREF(gSystemPrincipal = mDocumentPrincipal);
|
||||
}
|
||||
} else {
|
||||
rv = securityManager->
|
||||
GetCodebasePrincipal(mURI, getter_AddRefs(mDocumentPrincipal));
|
||||
}
|
||||
|
||||
if (NS_FAILED(rv))
|
||||
return nsnull;
|
||||
|
||||
mNodeInfoManager->SetDocumentPrincipal(mDocumentPrincipal);
|
||||
}
|
||||
|
||||
return mDocumentPrincipal;
|
||||
return mNodeInfoManager->DocumentPrincipal();
|
||||
}
|
||||
|
||||
|
||||
void
|
||||
nsXULPrototypeDocument::SetDocumentPrincipal(nsIPrincipal *aPrincipal)
|
||||
{
|
||||
NS_PRECONDITION(mNodeInfoManager, "missing nodeInfoManager");
|
||||
mDocumentPrincipal = aPrincipal;
|
||||
mNodeInfoManager->SetDocumentPrincipal(aPrincipal);
|
||||
}
|
||||
|
||||
nsNodeInfoManager*
|
||||
nsXULPrototypeDocument::GetNodeInfoManager()
|
||||
{
|
||||
@ -962,6 +913,6 @@ nsXULPDGlobalObject::GetPrincipal()
|
||||
nsCOMPtr<nsIXULPrototypeDocument> protoDoc
|
||||
= do_QueryInterface(mGlobalObjectOwner);
|
||||
|
||||
return protoDoc->GetDocumentPrincipal();
|
||||
return protoDoc->DocumentPrincipal();
|
||||
}
|
||||
|
||||
|
||||
@ -4808,7 +4808,7 @@ nsDocShell::EnsureContentViewer()
|
||||
principal = GetInheritedPrincipal(PR_FALSE);
|
||||
}
|
||||
|
||||
nsresult rv = CreateAboutBlankContentViewer();
|
||||
nsresult rv = CreateAboutBlankContentViewer(principal);
|
||||
|
||||
if (NS_SUCCEEDED(rv)) {
|
||||
nsCOMPtr<nsIDOMDocument> domDoc;
|
||||
@ -4819,10 +4819,6 @@ nsDocShell::EnsureContentViewer()
|
||||
"succeeded!");
|
||||
|
||||
doc->SetIsInitialDocument(PR_TRUE);
|
||||
|
||||
if (principal) {
|
||||
doc->SetPrincipal(principal);
|
||||
}
|
||||
}
|
||||
|
||||
return rv;
|
||||
@ -4853,7 +4849,7 @@ nsDocShell::EnsureDeviceContext()
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsDocShell::CreateAboutBlankContentViewer()
|
||||
nsDocShell::CreateAboutBlankContentViewer(nsIPrincipal* aPrincipal)
|
||||
{
|
||||
nsCOMPtr<nsIDocument> blankDoc;
|
||||
nsCOMPtr<nsIContentViewer> viewer;
|
||||
@ -4909,7 +4905,8 @@ nsDocShell::CreateAboutBlankContentViewer()
|
||||
nsCOMPtr<nsIDocumentLoaderFactory> docFactory(do_GetService(contractId));
|
||||
if (docFactory) {
|
||||
// generate (about:blank) document to load
|
||||
docFactory->CreateBlankDocument(mLoadGroup, getter_AddRefs(blankDoc));
|
||||
docFactory->CreateBlankDocument(mLoadGroup, aPrincipal,
|
||||
getter_AddRefs(blankDoc));
|
||||
if (blankDoc) {
|
||||
blankDoc->SetContainer(NS_STATIC_CAST(nsIDocShell *, this));
|
||||
|
||||
@ -6409,7 +6406,7 @@ nsDocShell::InternalLoad(nsIURI * aURI,
|
||||
}
|
||||
|
||||
// clear the decks to prevent context bleed-through (bug 298255)
|
||||
rv = CreateAboutBlankContentViewer();
|
||||
rv = CreateAboutBlankContentViewer(nsnull);
|
||||
if (NS_FAILED(rv))
|
||||
return NS_ERROR_FAILURE;
|
||||
|
||||
@ -7691,7 +7688,7 @@ nsDocShell::LoadHistoryEntry(nsISHEntry * aEntry, PRUint32 aLoadType)
|
||||
// Replace the current document with about:blank now to prevent
|
||||
// anything from the current document from leaking into any JavaScript
|
||||
// code in the URL.
|
||||
rv = CreateAboutBlankContentViewer();
|
||||
rv = CreateAboutBlankContentViewer(nsnull);
|
||||
|
||||
if (NS_FAILED(rv)) {
|
||||
// The creation of the intermittent about:blank content
|
||||
|
||||
@ -220,7 +220,9 @@ protected:
|
||||
// Content Viewer Management
|
||||
NS_IMETHOD EnsureContentViewer();
|
||||
NS_IMETHOD EnsureDeviceContext();
|
||||
nsresult CreateAboutBlankContentViewer();
|
||||
// aPrincipal can be passed in if the caller wants. If null is
|
||||
// passed in, the about:blank principal will end up being used.
|
||||
nsresult CreateAboutBlankContentViewer(nsIPrincipal* aPrincipal);
|
||||
NS_IMETHOD CreateContentViewer(const char * aContentType,
|
||||
nsIRequest * request, nsIStreamListener ** aContentHandler);
|
||||
NS_IMETHOD NewContentViewerObj(const char * aContentType,
|
||||
|
||||
@ -319,7 +319,9 @@ nsContentDLF::CreateInstanceForDocument(nsISupports* aContainer,
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsContentDLF::CreateBlankDocument(nsILoadGroup *aLoadGroup, nsIDocument **aDocument)
|
||||
nsContentDLF::CreateBlankDocument(nsILoadGroup *aLoadGroup,
|
||||
nsIPrincipal* aPrincipal,
|
||||
nsIDocument **aDocument)
|
||||
{
|
||||
*aDocument = nsnull;
|
||||
|
||||
@ -333,7 +335,7 @@ nsContentDLF::CreateBlankDocument(nsILoadGroup *aLoadGroup, nsIDocument **aDocum
|
||||
nsCOMPtr<nsIURI> uri;
|
||||
NS_NewURI(getter_AddRefs(uri), NS_LITERAL_CSTRING("about:blank"));
|
||||
if (uri) {
|
||||
blankDoc->ResetToURI(uri, aLoadGroup);
|
||||
blankDoc->ResetToURI(uri, aLoadGroup, aPrincipal);
|
||||
rv = NS_OK;
|
||||
}
|
||||
}
|
||||
|
||||
@ -43,6 +43,7 @@ interface nsIContentViewer;
|
||||
interface nsIStreamListener;
|
||||
interface nsIDocument;
|
||||
interface nsILoadGroup;
|
||||
interface nsIPrincipal;
|
||||
|
||||
/**
|
||||
* To get a component that implements nsIDocumentLoaderFactory
|
||||
@ -52,7 +53,7 @@ interface nsILoadGroup;
|
||||
* The component is a service, so use GetService, not CreateInstance to get it.
|
||||
*/
|
||||
|
||||
[scriptable, uuid(df15f850-5d98-11d4-9f4d-0010a4053fd0)]
|
||||
[scriptable, uuid(5e7d2967-5a07-444f-95d5-25b533252d38)]
|
||||
interface nsIDocumentLoaderFactory : nsISupports {
|
||||
nsIContentViewer createInstance(in string aCommand,
|
||||
in nsIChannel aChannel,
|
||||
@ -66,5 +67,11 @@ interface nsIDocumentLoaderFactory : nsISupports {
|
||||
in nsIDocument aDocument,
|
||||
in string aCommand);
|
||||
|
||||
nsIDocument createBlankDocument(in nsILoadGroup aLoadGroup);
|
||||
/**
|
||||
* Create a blank document using the given loadgroup and given
|
||||
* principal. aPrincipal is allowed to be null, in which case the
|
||||
* new document will get the about:blank codebase principal.
|
||||
*/
|
||||
nsIDocument createBlankDocument(in nsILoadGroup aLoadGroup,
|
||||
in nsIPrincipal aPrincipal);
|
||||
};
|
||||
|
||||
@ -1508,6 +1508,7 @@ nsDirectoryViewerFactory::CreateInstanceForDocument(nsISupports* aContainer,
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsDirectoryViewerFactory::CreateBlankDocument(nsILoadGroup *aLoadGroup,
|
||||
nsIPrincipal *aPrincipal,
|
||||
nsIDocument **_retval) {
|
||||
|
||||
NS_NOTYETIMPLEMENTED("didn't expect to get here");
|
||||
|
||||
Loading…
Reference in New Issue
Block a user