Bug 1143922 - Add AsyncOpen2 to nsIChannel and perform security checks when opening a channel - scriptSecurityManager changes (r=sicking,bholley)

2024-10-09 03:15:11 +00:00 · 2015-07-19 19:12:26 -07:00 · 2015-07-19 19:12:26 -07:00 · d79403aa15
commit d79403aa15
parent bab1940d4a
1 changed files with 20 additions and 0 deletions
--- a/caps/nsScriptSecurityManager.cpp
+++ b/caps/nsScriptSecurityManager.cpp
@ -336,6 +336,26 @@ nsScriptSecurityManager::GetChannelResultPrincipal(nsIChannel* aChannel,
            NS_ADDREF(*aPrincipal = loadInfo->TriggeringPrincipal());
            return NS_OK;
        }
+
+        nsSecurityFlags securityFlags = loadInfo->GetSecurityMode();
+        if (securityFlags == nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS ||
+            securityFlags == nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS ||
+            securityFlags == nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS) {
+
+            nsCOMPtr<nsIURI> uri;
+            nsresult rv = NS_GetFinalChannelURI(aChannel, getter_AddRefs(uri));
+            NS_ENSURE_SUCCESS(rv, rv);
+            nsCOMPtr<nsIPrincipal> triggeringPrincipal = loadInfo->TriggeringPrincipal();
+            bool inheritForAboutBlank = loadInfo->GetAboutBlankInherits();
+
+            if (nsContentUtils::ChannelShouldInheritPrincipal(triggeringPrincipal,
+                                                               uri,
+                                                               inheritForAboutBlank,
+                                                               false)) {
+                triggeringPrincipal.forget(aPrincipal);
+                return NS_OK;
+            }
+        }
    }
    return GetChannelURIPrincipal(aChannel, aPrincipal);
 }