mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-21 17:25:36 +00:00
Bug 1570243 - Make WindowContext CanSet functions check if the WindowContext is owned by the setting process, not the BrowsingContext. r=nika
Differential Revision: https://phabricator.services.mozilla.com/D73997
This commit is contained in:
parent
3799bf96ea
commit
ab7bcd098f
@ -108,22 +108,41 @@ void WindowContext::SendCommitTransaction(ContentChild* aChild,
|
||||
aChild->SendCommitWindowContextTransaction(this, aTxn, aEpoch);
|
||||
}
|
||||
|
||||
bool WindowContext::CheckOnlyOwningProcessCanSet(ContentParent* aSource) {
|
||||
if (mInProcess) {
|
||||
return true;
|
||||
}
|
||||
|
||||
if (XRE_IsParentProcess() && aSource) {
|
||||
return Canonical()->GetContentParent() == aSource;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
bool WindowContext::CanSet(FieldIndex<IDX_AllowMixedContent>,
|
||||
const bool& aAllowMixedContent,
|
||||
ContentParent* aSource) {
|
||||
return mBrowsingContext->CheckOnlyOwningProcessCanSet(aSource);
|
||||
return CheckOnlyOwningProcessCanSet(aSource);
|
||||
}
|
||||
|
||||
bool WindowContext::CanSet(
|
||||
FieldIndex<IDX_CookieJarSettings>,
|
||||
const Maybe<mozilla::net::CookieJarSettingsArgs>& aValue,
|
||||
ContentParent* aSource) {
|
||||
return CheckOnlyOwningProcessCanSet(aSource);
|
||||
}
|
||||
|
||||
bool WindowContext::CanSet(FieldIndex<IDX_IsThirdPartyWindow>,
|
||||
const bool& IsThirdPartyWindow,
|
||||
ContentParent* aSource) {
|
||||
return mBrowsingContext->CheckOnlyOwningProcessCanSet(aSource);
|
||||
return CheckOnlyOwningProcessCanSet(aSource);
|
||||
}
|
||||
|
||||
bool WindowContext::CanSet(FieldIndex<IDX_IsThirdPartyTrackingResourceWindow>,
|
||||
const bool& aIsThirdPartyTrackingResourceWindow,
|
||||
ContentParent* aSource) {
|
||||
return mBrowsingContext->CheckOnlyOwningProcessCanSet(aSource);
|
||||
return CheckOnlyOwningProcessCanSet(aSource);
|
||||
}
|
||||
|
||||
already_AddRefed<WindowContext> WindowContext::Create(
|
||||
@ -133,8 +152,9 @@ already_AddRefed<WindowContext> WindowContext::Create(
|
||||
|
||||
FieldTuple init;
|
||||
mozilla::Get<IDX_OuterWindowId>(init) = aWindow->OuterWindowId();
|
||||
RefPtr<WindowContext> context = new WindowContext(
|
||||
aWindow->BrowsingContext(), aWindow->InnerWindowId(), std::move(init));
|
||||
RefPtr<WindowContext> context =
|
||||
new WindowContext(aWindow->BrowsingContext(), aWindow->InnerWindowId(),
|
||||
/* aInProcess */ true, std::move(init));
|
||||
context->Init();
|
||||
return context.forget();
|
||||
}
|
||||
@ -154,7 +174,8 @@ void WindowContext::CreateFromIPC(IPCInitializer&& aInit) {
|
||||
}
|
||||
|
||||
RefPtr<WindowContext> context =
|
||||
new WindowContext(bc, aInit.mInnerWindowId, std::move(aInit.mFields));
|
||||
new WindowContext(bc, aInit.mInnerWindowId, /* aInProcess */ false,
|
||||
std::move(aInit.mFields));
|
||||
context->Init();
|
||||
}
|
||||
|
||||
@ -192,10 +213,12 @@ void WindowContext::Discard() {
|
||||
}
|
||||
|
||||
WindowContext::WindowContext(BrowsingContext* aBrowsingContext,
|
||||
uint64_t aInnerWindowId, FieldTuple&& aFields)
|
||||
uint64_t aInnerWindowId, bool aInProcess,
|
||||
FieldTuple&& aFields)
|
||||
: mFields(std::move(aFields)),
|
||||
mInnerWindowId(aInnerWindowId),
|
||||
mBrowsingContext(aBrowsingContext) {
|
||||
mBrowsingContext(aBrowsingContext),
|
||||
mInProcess(aInProcess) {
|
||||
MOZ_ASSERT(mBrowsingContext);
|
||||
MOZ_ASSERT(mInnerWindowId);
|
||||
}
|
||||
|
@ -49,6 +49,8 @@ class WindowContext : public nsISupports, public nsWrapperCache {
|
||||
|
||||
bool IsCached() const;
|
||||
|
||||
bool IsInProcess() { return mInProcess; }
|
||||
|
||||
// Get the parent WindowContext of this WindowContext, taking the BFCache into
|
||||
// account. This will not cross chrome/content <browser> boundaries.
|
||||
WindowContext* GetParentWindowContext();
|
||||
@ -86,7 +88,7 @@ class WindowContext : public nsISupports, public nsWrapperCache {
|
||||
|
||||
protected:
|
||||
WindowContext(BrowsingContext* aBrowsingContext, uint64_t aInnerWindowId,
|
||||
FieldTuple&& aFields);
|
||||
bool aInProcess, FieldTuple&& aFields);
|
||||
virtual ~WindowContext();
|
||||
|
||||
void Init();
|
||||
@ -103,6 +105,8 @@ class WindowContext : public nsISupports, public nsWrapperCache {
|
||||
void SendCommitTransaction(ContentChild* aChild, const BaseTransaction& aTxn,
|
||||
uint64_t aEpoch);
|
||||
|
||||
bool CheckOnlyOwningProcessCanSet(ContentParent* aSource);
|
||||
|
||||
// Overload `CanSet` to get notifications for a particular field being set.
|
||||
bool CanSet(FieldIndex<IDX_OuterWindowId>, const uint64_t& aValue,
|
||||
ContentParent* aSource) {
|
||||
@ -114,10 +118,7 @@ class WindowContext : public nsISupports, public nsWrapperCache {
|
||||
|
||||
bool CanSet(FieldIndex<IDX_CookieJarSettings>,
|
||||
const Maybe<mozilla::net::CookieJarSettingsArgs>& aValue,
|
||||
ContentParent* aSource) {
|
||||
return true;
|
||||
}
|
||||
|
||||
ContentParent* aSource);
|
||||
bool CanSet(FieldIndex<IDX_IsThirdPartyWindow>,
|
||||
const bool& IsThirdPartyWindow, ContentParent* aSource);
|
||||
bool CanSet(FieldIndex<IDX_IsThirdPartyTrackingResourceWindow>,
|
||||
@ -142,6 +143,7 @@ class WindowContext : public nsISupports, public nsWrapperCache {
|
||||
nsTArray<RefPtr<BrowsingContext>> mChildren;
|
||||
|
||||
bool mIsDiscarded = false;
|
||||
bool mInProcess = false;
|
||||
};
|
||||
|
||||
using WindowContextTransaction = WindowContext::BaseTransaction;
|
||||
|
@ -54,10 +54,9 @@ namespace dom {
|
||||
WindowGlobalParent::WindowGlobalParent(const WindowGlobalInit& aInit,
|
||||
bool aInProcess)
|
||||
: WindowContext(aInit.browsingContext().GetMaybeDiscarded(),
|
||||
aInit.innerWindowId(), {}),
|
||||
aInit.innerWindowId(), aInProcess, {}),
|
||||
mDocumentPrincipal(aInit.principal()),
|
||||
mDocumentURI(aInit.documentURI()),
|
||||
mInProcess(aInProcess),
|
||||
mIsInitialDocument(false),
|
||||
mHasBeforeUnload(false),
|
||||
mSandboxFlags(0),
|
||||
@ -85,7 +84,7 @@ void WindowGlobalParent::Init(const WindowGlobalInit& aInit) {
|
||||
// Determine which content process the window global is coming from.
|
||||
dom::ContentParentId processId(0);
|
||||
ContentParent* cp = nullptr;
|
||||
if (!mInProcess) {
|
||||
if (!IsInProcess()) {
|
||||
cp = static_cast<ContentParent*>(Manager()->Manager());
|
||||
processId = cp->ChildID();
|
||||
|
||||
@ -644,7 +643,7 @@ void WindowGlobalParent::ActorDestroy(ActorDestroyReason aWhy) {
|
||||
WindowContext::Discard();
|
||||
|
||||
ContentParent* cp = nullptr;
|
||||
if (!mInProcess) {
|
||||
if (!IsInProcess()) {
|
||||
cp = static_cast<ContentParent*>(Manager()->Manager());
|
||||
}
|
||||
|
||||
@ -661,7 +660,7 @@ void WindowGlobalParent::ActorDestroy(ActorDestroyReason aWhy) {
|
||||
// There shouldn't have any content blocking log when a documnet is loaded in
|
||||
// the parent process(See NotifyContentBlockingeEvent), so we could skip
|
||||
// reporting log when it is in-process.
|
||||
if (!mInProcess) {
|
||||
if (!IsInProcess()) {
|
||||
RefPtr<BrowserParent> browserParent =
|
||||
static_cast<BrowserParent*>(Manager());
|
||||
if (browserParent) {
|
||||
|
@ -79,10 +79,6 @@ class WindowGlobalParent final : public WindowContext,
|
||||
// Has this actor been shut down
|
||||
bool IsClosed() { return !CanSend(); }
|
||||
|
||||
// Check if this actor is managed by PInProcess, as-in the document is loaded
|
||||
// in-process.
|
||||
bool IsInProcess() { return mInProcess; }
|
||||
|
||||
// Get the other side of this actor if it is an in-process actor. Returns
|
||||
// |nullptr| if the actor has been torn down, or is not in-process.
|
||||
already_AddRefed<WindowGlobalChild> GetChildActor();
|
||||
@ -248,7 +244,6 @@ class WindowGlobalParent final : public WindowContext,
|
||||
nsString mDocumentTitle;
|
||||
|
||||
nsRefPtrHashtable<nsCStringHashKey, JSWindowActorParent> mWindowActors;
|
||||
bool mInProcess;
|
||||
bool mIsInitialDocument;
|
||||
|
||||
// True if this window has a "beforeunload" event listener.
|
||||
|
Loading…
Reference in New Issue
Block a user