mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-08 02:14:43 +00:00
Bug 1308920: Part 1 - Add an EqualsIgnoringAddonId method to BasePrincipal. r=bholley
This is meant as a temporary stopgap until we can stop using origin attributes to store add-on IDs. MozReview-Commit-ID: DHstOTyu7pR --HG-- extra : rebase_source : adb8fbfaadf6e914b5aa15c2693a35056669506c
This commit is contained in:
parent
ef3f1323fa
commit
8b10d432c1
@ -23,6 +23,7 @@
|
||||
#include "nsScriptSecurityManager.h"
|
||||
#include "nsServiceManagerUtils.h"
|
||||
|
||||
#include "mozilla/dom/ChromeUtils.h"
|
||||
#include "mozilla/dom/CSPDictionariesBinding.h"
|
||||
#include "mozilla/dom/quota/QuotaManager.h"
|
||||
#include "mozilla/dom/ToJSValue.h"
|
||||
@ -395,6 +396,16 @@ bool
|
||||
BasePrincipal::Subsumes(nsIPrincipal* aOther, DocumentDomainConsideration aConsideration)
|
||||
{
|
||||
MOZ_ASSERT(aOther);
|
||||
|
||||
// Expanded principals handle origin attributes for each of their
|
||||
// sub-principals individually, null principals do only simple checks for
|
||||
// pointer equality, and system principals are immune to origin attributes
|
||||
// checks, so only do this check for codebase principals.
|
||||
if (Kind() == eCodebasePrincipal &&
|
||||
OriginAttributesRef() != Cast(aOther)->OriginAttributesRef()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return SubsumesInternal(aOther, aConsideration);
|
||||
}
|
||||
|
||||
@ -416,6 +427,22 @@ BasePrincipal::EqualsConsideringDomain(nsIPrincipal *aOther, bool *aResult)
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
bool
|
||||
BasePrincipal::EqualsIgnoringAddonId(nsIPrincipal *aOther)
|
||||
{
|
||||
MOZ_ASSERT(aOther);
|
||||
|
||||
// Note that this will not work for expanded principals, nor is it intended
|
||||
// to.
|
||||
if (!dom::ChromeUtils::IsOriginAttributesEqualIgnoringAddonId(
|
||||
OriginAttributesRef(), Cast(aOther)->OriginAttributesRef())) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return SubsumesInternal(aOther, DontConsiderDocumentDomain) &&
|
||||
Cast(aOther)->SubsumesInternal(this, DontConsiderDocumentDomain);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
BasePrincipal::Subsumes(nsIPrincipal *aOther, bool *aResult)
|
||||
{
|
||||
|
@ -289,6 +289,8 @@ public:
|
||||
NS_IMETHOD GetUserContextId(uint32_t* aUserContextId) final;
|
||||
NS_IMETHOD GetPrivateBrowsingId(uint32_t* aPrivateBrowsingId) final;
|
||||
|
||||
bool EqualsIgnoringAddonId(nsIPrincipal *aOther);
|
||||
|
||||
virtual bool AddonHasPermission(const nsAString& aPerm);
|
||||
|
||||
virtual bool IsOnCSSUnprefixingWhitelist() override { return false; }
|
||||
@ -321,6 +323,8 @@ protected:
|
||||
virtual ~BasePrincipal();
|
||||
|
||||
virtual nsresult GetOriginInternal(nsACString& aOrigin) = 0;
|
||||
// Note that this does not check OriginAttributes. Callers that depend on
|
||||
// those must call Subsumes instead.
|
||||
virtual bool SubsumesInternal(nsIPrincipal* aOther, DocumentDomainConsideration aConsider) = 0;
|
||||
|
||||
// Internal, side-effect-free check to determine whether the concrete
|
||||
|
@ -197,10 +197,6 @@ nsPrincipal::SubsumesInternal(nsIPrincipal* aOther,
|
||||
return true;
|
||||
}
|
||||
|
||||
if (OriginAttributesRef() != Cast(aOther)->OriginAttributesRef()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// If either the subject or the object has changed its principal by
|
||||
// explicitly setting document.domain then the other must also have
|
||||
// done so in order to be considered the same origin. This prevents
|
||||
@ -731,6 +727,9 @@ nsExpandedPrincipal::SubsumesInternal(nsIPrincipal* aOther,
|
||||
nsTArray< nsCOMPtr<nsIPrincipal> >* otherList;
|
||||
expanded->GetWhiteList(&otherList);
|
||||
for (uint32_t i = 0; i < otherList->Length(); ++i){
|
||||
// Use SubsumesInternal rather than Subsumes here, since OriginAttribute
|
||||
// checks are only done between non-expanded sub-principals, and we don't
|
||||
// need to incur the extra virtual call overhead.
|
||||
if (!SubsumesInternal((*otherList)[i], aConsideration)) {
|
||||
return false;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user