Bug 1305237 LoadInfo changes to include all ancestors principals and window IDs, r=bz

MozReview-Commit-ID: ADVtxjSQjk5

--HG--
extra : rebase_source : 6e0ddf49328d7ae71937b7bbe5e5bea736c49bef
This commit is contained in:
evilpies@gmail.com 2017-10-02 11:05:33 -07:00
parent fa37753064
commit 8d8e27a06f
9 changed files with 135 additions and 1 deletions

View File

@ -329,6 +329,28 @@ public:
mAncestorPrincipals = mozilla::Move(aAncestorPrincipals);
}
/**
* Get the list of ancestor outerWindowIDs for this docshell. The list is meant
* to be the list of outer window IDs that correspond to the ancestorPrincipals
* above. For each ancestor principal, we store the parent window ID.
*/
const nsTArray<uint64_t>& AncestorOuterWindowIDs() const
{
return mAncestorOuterWindowIDs;
}
/**
* Set the list of ancestor outer window IDs for this docshell. We call this
* from frameloader as well in order to keep the array matched with the
* ancestor principals.
*
* This method steals the data from the passed-in array.
*/
void SetAncestorOuterWindowIDs(nsTArray<uint64_t>&& aAncestorOuterWindowIDs)
{
mAncestorOuterWindowIDs = mozilla::Move(aAncestorOuterWindowIDs);
}
private:
bool CanSetOriginAttributes();
@ -1135,6 +1157,8 @@ private:
// Our list of ancestor principals.
nsTArray<nsCOMPtr<nsIPrincipal>> mAncestorPrincipals;
// Our list of ancestor outerWindowIDs.
nsTArray<uint64_t> mAncestorOuterWindowIDs;
// Separate function to do the actual name (i.e. not _top, _self etc.)
// searching for FindItemWithName.

View File

@ -4969,6 +4969,7 @@ nsIDocument::SetContainer(nsDocShell* aContainer)
}
mAncestorPrincipals = aContainer->AncestorPrincipals();
mAncestorOuterWindowIDs = aContainer->AncestorOuterWindowIDs();
}
nsISupports*

View File

@ -2711,14 +2711,24 @@ nsFrameLoader::MaybeCreateDocShell()
nsDocShell::Cast(mDocShell)->SetOriginAttributes(attrs);
// Typically there will be a window, however for some cases such as printing
// the document is cloned with a docshell that has no window. We check
// IsStaticDocument to ensure we don't try to gather ancestors for those cases.
if (!mDocShell->GetIsMozBrowser() &&
parentType == mDocShell->ItemType()) {
parentType == mDocShell->ItemType() &&
!doc->IsStaticDocument()) {
// Propagate through the ancestor principals.
nsTArray<nsCOMPtr<nsIPrincipal>> ancestorPrincipals;
// Make a copy, so we can modify it.
ancestorPrincipals = doc->AncestorPrincipals();
ancestorPrincipals.InsertElementAt(0, doc->NodePrincipal());
nsDocShell::Cast(mDocShell)->SetAncestorPrincipals(Move(ancestorPrincipals));
// Repeat for outer window IDs.
nsTArray<uint64_t> ancestorOuterWindowIDs;
ancestorOuterWindowIDs = doc->AncestorOuterWindowIDs();
ancestorOuterWindowIDs.InsertElementAt(0, doc->GetWindow()->WindowID());
nsDocShell::Cast(mDocShell)->SetAncestorOuterWindowIDs(Move(ancestorOuterWindowIDs));
}
ReallyLoadFrameScripts();

View File

@ -464,6 +464,15 @@ public:
return mAncestorPrincipals;
}
/**
* Get the list of ancestor outerWindowIDs for a document that correspond to
* the ancestor principals (see above for more details).
*/
const nsTArray<uint64_t>& AncestorOuterWindowIDs() const
{
return mAncestorOuterWindowIDs;
}
/**
* Return the LoadGroup for the document. May return null.
*/
@ -3615,6 +3624,8 @@ protected:
// List of ancestor principals. This is set at the point a document
// is connected to a docshell and not mutated thereafter.
nsTArray<nsCOMPtr<nsIPrincipal>> mAncestorPrincipals;
// List of ancestor outerWindowIDs that correspond to the ancestor principals.
nsTArray<uint64_t> mAncestorOuterWindowIDs;
// Restyle root for servo's style system.
//

View File

@ -370,6 +370,13 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo,
NS_ENSURE_SUCCESS(rv, rv);
}
nsTArray<PrincipalInfo> ancestorPrincipals;
ancestorPrincipals.SetCapacity(aLoadInfo->AncestorPrincipals().Length());
for (const auto& principal : aLoadInfo->AncestorPrincipals()) {
rv = PrincipalToPrincipalInfo(principal, ancestorPrincipals.AppendElement());
NS_ENSURE_SUCCESS(rv, rv);
}
*aOptionalLoadInfoArgs =
LoadInfoArgs(
loadingPrincipalInfo,
@ -395,6 +402,8 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo,
aLoadInfo->GetOriginAttributes(),
redirectChainIncludingInternalRedirects,
redirectChain,
ancestorPrincipals,
aLoadInfo->AncestorOuterWindowIDs(),
aLoadInfo->CorsUnsafeHeaders(),
aLoadInfo->GetForcePreflight(),
aLoadInfo->GetIsPreflight(),
@ -467,6 +476,15 @@ LoadInfoArgsToLoadInfo(const OptionalLoadInfoArgs& aOptionalLoadInfoArgs,
redirectChain.AppendElement(redirectHistoryEntry.forget());
}
nsTArray<nsCOMPtr<nsIPrincipal>> ancestorPrincipals;
ancestorPrincipals.SetCapacity(loadInfoArgs.ancestorPrincipals().Length());
for (const PrincipalInfo& principalInfo : loadInfoArgs.ancestorPrincipals()) {
nsCOMPtr<nsIPrincipal> ancestorPrincipal =
PrincipalInfoToPrincipal(principalInfo, &rv);
NS_ENSURE_SUCCESS(rv, rv);
ancestorPrincipals.AppendElement(ancestorPrincipal.forget());
}
nsCOMPtr<nsILoadInfo> loadInfo =
new mozilla::LoadInfo(loadingPrincipal,
triggeringPrincipal,
@ -491,6 +509,8 @@ LoadInfoArgsToLoadInfo(const OptionalLoadInfoArgs& aOptionalLoadInfoArgs,
loadInfoArgs.originAttributes(),
redirectChainIncludingInternalRedirects,
redirectChain,
Move(ancestorPrincipals),
loadInfoArgs.ancestorOuterWindowIDs(),
loadInfoArgs.corsUnsafeHeaders(),
loadInfoArgs.forcePreflight(),
loadInfoArgs.isPreflight(),

View File

@ -118,6 +118,9 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
}
mInnerWindowID = aLoadingContext->OwnerDoc()->InnerWindowID();
mAncestorPrincipals = aLoadingContext->OwnerDoc()->AncestorPrincipals();
mAncestorOuterWindowIDs = aLoadingContext->OwnerDoc()->AncestorOuterWindowIDs();
MOZ_DIAGNOSTIC_ASSERT(mAncestorPrincipals.Length() == mAncestorOuterWindowIDs.Length());
// When the element being loaded is a frame, we choose the frame's window
// for the window ID and the frame element's window as the parent
@ -277,6 +280,9 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow,
nsCOMPtr<nsIDocShell> docShell = aOuterWindow->GetDocShell();
MOZ_ASSERT(docShell);
mOriginAttributes = nsDocShell::Cast(docShell)->GetOriginAttributes();
mAncestorPrincipals = nsDocShell::Cast(docShell)->AncestorPrincipals();
mAncestorOuterWindowIDs = nsDocShell::Cast(docShell)->AncestorOuterWindowIDs();
MOZ_DIAGNOSTIC_ASSERT(mAncestorPrincipals.Length() == mAncestorOuterWindowIDs.Length());
#ifdef DEBUG
if (docShell->ItemType() == nsIDocShellTreeItem::typeChrome) {
@ -313,6 +319,8 @@ LoadInfo::LoadInfo(const LoadInfo& rhs)
, mRedirectChainIncludingInternalRedirects(
rhs.mRedirectChainIncludingInternalRedirects)
, mRedirectChain(rhs.mRedirectChain)
, mAncestorPrincipals(rhs.mAncestorPrincipals)
, mAncestorOuterWindowIDs(rhs.mAncestorOuterWindowIDs)
, mCorsUnsafeHeaders(rhs.mCorsUnsafeHeaders)
, mForcePreflight(rhs.mForcePreflight)
, mIsPreflight(rhs.mIsPreflight)
@ -346,6 +354,8 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
const OriginAttributes& aOriginAttributes,
RedirectHistoryArray& aRedirectChainIncludingInternalRedirects,
RedirectHistoryArray& aRedirectChain,
nsTArray<nsCOMPtr<nsIPrincipal>>&& aAncestorPrincipals,
const nsTArray<uint64_t>& aAncestorOuterWindowIDs,
const nsTArray<nsCString>& aCorsUnsafeHeaders,
bool aForcePreflight,
bool aIsPreflight,
@ -373,6 +383,8 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
, mInitialSecurityCheckDone(aInitialSecurityCheckDone)
, mIsThirdPartyContext(aIsThirdPartyContext)
, mOriginAttributes(aOriginAttributes)
, mAncestorPrincipals(Move(aAncestorPrincipals))
, mAncestorOuterWindowIDs(aAncestorOuterWindowIDs)
, mCorsUnsafeHeaders(aCorsUnsafeHeaders)
, mForcePreflight(aForcePreflight)
, mIsPreflight(aIsPreflight)
@ -914,6 +926,18 @@ LoadInfo::RedirectChain()
return mRedirectChain;
}
const nsTArray<nsCOMPtr<nsIPrincipal>>&
LoadInfo::AncestorPrincipals()
{
return mAncestorPrincipals;
}
const nsTArray<uint64_t>&
LoadInfo::AncestorOuterWindowIDs()
{
return mAncestorOuterWindowIDs;
}
void
LoadInfo::SetCorsPreflightInfo(const nsTArray<nsCString>& aHeaders,
bool aForcePreflight)

View File

@ -115,6 +115,8 @@ private:
const OriginAttributes& aOriginAttributes,
RedirectHistoryArray& aRedirectChainIncludingInternalRedirects,
RedirectHistoryArray& aRedirectChain,
nsTArray<nsCOMPtr<nsIPrincipal>>&& aAncestorPrincipals,
const nsTArray<uint64_t>& aAncestorOuterWindowIDs,
const nsTArray<nsCString>& aUnsafeHeaders,
bool aForcePreflight,
bool aIsPreflight,
@ -168,6 +170,8 @@ private:
OriginAttributes mOriginAttributes;
RedirectHistoryArray mRedirectChainIncludingInternalRedirects;
RedirectHistoryArray mRedirectChain;
nsTArray<nsCOMPtr<nsIPrincipal>> mAncestorPrincipals;
nsTArray<uint64_t> mAncestorOuterWindowIDs;
nsTArray<nsCString> mCorsUnsafeHeaders;
bool mForcePreflight;
bool mIsPreflight;

View File

@ -23,6 +23,8 @@ interface nsIURI;
native OriginAttributes(mozilla::OriginAttributes);
[ref] native const_OriginAttributesRef(const mozilla::OriginAttributes);
[ref] native StringArrayRef(const nsTArray<nsCString>);
[ref] native Uint64ArrayRef(const nsTArray<uint64_t>);
[ref] native PrincipalArrayRef(const nsTArray<nsCOMPtr<nsIPrincipal>>);
typedef unsigned long nsSecurityFlags;
@ -642,6 +644,36 @@ interface nsILoadInfo : nsISupports
[noscript, notxpcom, nostdcall, binaryname(RedirectChain)]
nsIRedirectHistoryEntryArray binaryRedirectChain();
/**
* An array of nsIPrincipals which stores the principals of the parent frames,
* not including the frame loading this request. The closest ancestor is at
* index zero and the top level ancestor is at the last index.
*
* The ancestorPrincipals[0] entry for an iframe load will be the principal of
* the iframe element's owner document.
* The ancestorPrincipals[0] entry for an image loaded in an iframe will be the
* principal of the iframe element's owner document.
*
* See nsIDocument::AncestorPrincipals for more information.
*
* Please note that this array has the same lifetime as the
* loadInfo object - use with caution!
*/
[noscript, notxpcom, nostdcall]
PrincipalArrayRef AncestorPrincipals();
/**
* An array of outerWindowIDs which correspond to nsILoadInfo::AncestorPrincipals
* above. AncestorOuterWindowIDs[0] is the outerWindowID of the frame
* associated with the principal at ancestorPrincipals[0], and so forth.
*
* Please note that this array has the same lifetime as the
* loadInfo object - use with caution!
*/
[noscript, notxpcom, nostdcall]
Uint64ArrayRef AncestorOuterWindowIDs();
/**
* Sets the list of unsafe headers according to CORS spec, as well as
* potentially forces a preflight.

View File

@ -59,6 +59,14 @@ struct LoadInfoArgs
OriginAttributes originAttributes;
RedirectHistoryEntryInfo[] redirectChainIncludingInternalRedirects;
RedirectHistoryEntryInfo[] redirectChain;
/**
* Ancestor data for use with the WebRequest API.
* See nsILoadInfo.idl for details.
*/
PrincipalInfo[] ancestorPrincipals;
uint64_t[] ancestorOuterWindowIDs;
nsCString[] corsUnsafeHeaders;
bool forcePreflight;
bool isPreflight;