Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-28 15:23:51 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1622042 - Refactor NsContentUtils:Allowsl10n r=ckerschb

Browse Source 
Differential Revision: https://phabricator.services.mozilla.com/D66633

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Sebastian Streich 2020-03-26 13:18:40 +00:00
parent c556351cd0
commit f7280c333b
7 changed files with 68 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
caps/BasePrincipal.cpp
View File

@ -488,6 +488,51 @@ BasePrincipal::IsSameOrigin(nsIURI* aURI, bool aIsPrivateWin, bool* aRes) {
ssm->CheckSameOriginURI(prinURI, aURI, false, aIsPrivateWin));
return NS_OK;
}
NS_IMETHODIMP
BasePrincipal::IsL10nAllowed(nsIURI* aURI, bool* aRes) {
*aRes = false;
if (nsContentUtils::IsErrorPage(aURI)) {
*aRes = true;
return NS_OK;
}
// The system principal is always allowed.
if (IsSystemPrincipal()) {
*aRes = true;
return NS_OK;
}
nsCOMPtr<nsIURI> uri;
nsresult rv = GetURI(getter_AddRefs(uri));
NS_ENSURE_SUCCESS(rv, NS_OK);
bool hasFlags;
// Allow access to uris that cannot be loaded by web content.
rv = NS_URIChainHasFlags(uri, nsIProtocolHandler::URI_DANGEROUS_TO_LOAD,
&hasFlags);
NS_ENSURE_SUCCESS(rv, NS_OK);
if (hasFlags) {
*aRes = true;
return NS_OK;
}
// UI resources also get access.
rv = NS_URIChainHasFlags(uri, nsIProtocolHandler::URI_IS_UI_RESOURCE,
&hasFlags);
NS_ENSURE_SUCCESS(rv, NS_OK);
if (hasFlags) {
*aRes = true;
return NS_OK;
}
auto policy = AddonPolicy();
*aRes = (policy && policy->IsPrivileged());
return NS_OK;
}
NS_IMETHODIMP
BasePrincipal::AllowsRelaxStrictFileOriginPolicy(nsIURI* aURI, bool* aRes) {
*aRes = false;

1
caps/BasePrincipal.h
View File

@ -122,6 +122,7 @@ class BasePrincipal : public nsJSPrincipals {
NS_IMETHOD GetIsSystemPrincipal(bool* aResult) override;
NS_IMETHOD SchemeIs(const char* aScheme, bool* aResult) override;
NS_IMETHOD IsURIInPrefList(const char* aPref, bool* aResult) override;
NS_IMETHOD IsL10nAllowed(nsIURI* aURI, bool* aResult) override;
NS_IMETHOD GetAboutModuleFlags(uint32_t* flags) override;
NS_IMETHOD GetIsAddonOrExpandedAddonPrincipal(bool* aResult) override;
NS_IMETHOD GetOriginAttributes(JSContext* aCx,

7
caps/nsIPrincipal.idl
View File

@ -462,6 +462,13 @@ interface nsIPrincipal : nsISerializable
*/
readonly attribute boolean isScriptAllowedByPolicy;
/*
* Returns true if the Principal can acess l10n
* features for the Provided DocumentURI
*/
boolean isL10nAllowed(in nsIURI aDocumentURI);
/**
* Returns if the principal is for an IP address.
*/

11
dom/base/Document.cpp
View File

@ -3874,8 +3874,10 @@ bool Document::DocumentSupportsL10n(JSContext* aCx, JSObject* aObject) {
nsCOMPtr<nsIPrincipal> callerPrincipal =
nsContentUtils::SubjectPrincipal(aCx);
nsGlobalWindowInner* win = xpc::WindowOrNull(aObject);
return nsContentUtils::PrincipalAllowsL10n(
*callerPrincipal, win ? win->GetDocumentURI() : nullptr);
bool allowed = false;
callerPrincipal->IsL10nAllowed(win ? win->GetDocumentURI() : nullptr,
&allowed);
return allowed;
}
void Document::LocalizationLinkAdded(Element* aLinkElement) {
@ -3984,8 +3986,9 @@ void Document::InitialDocumentTranslationCompleted() {
}
bool Document::AllowsL10n() const {
return nsContentUtils::PrincipalAllowsL10n(*NodePrincipal(),
GetDocumentURI());
bool allowed = false;
NodePrincipal()->IsL10nAllowed(GetDocumentURI(), &allowed);
return allowed;
}
bool Document::IsWebAnimationsEnabled(JSContext* aCx, JSObject* /*unused*/) {

43
dom/base/nsContentUtils.cpp
View File

@ -1719,8 +1719,8 @@ bool nsContentUtils::OfflineAppAllowed(nsIPrincipal* aPrincipal) {
nsresult rv = updateService->OfflineAppAllowed(aPrincipal, &allowed);
return NS_SUCCEEDED(rv) && allowed;
}
static bool IsErrorPage(nsIURI* aURI) {
// Static
bool nsContentUtils::IsErrorPage(nsIURI* aURI) {
if (!aURI) {
return false;
}
@ -1737,45 +1737,6 @@ static bool IsErrorPage(nsIURI* aURI) {
name.EqualsLiteral("blocked");
}
/* static */
bool nsContentUtils::PrincipalAllowsL10n(nsIPrincipal& aPrincipal,
nsIURI* aDocumentURI) {
if (IsErrorPage(aDocumentURI)) {
return true;
}
// The system principal is always allowed.
if (aPrincipal.IsSystemPrincipal()) {
return true;
}
nsCOMPtr<nsIURI> uri;
nsresult rv = aPrincipal.GetURI(getter_AddRefs(uri));
NS_ENSURE_SUCCESS(rv, false);
bool hasFlags;
// Allow access to uris that cannot be loaded by web content.
rv = NS_URIChainHasFlags(uri, nsIProtocolHandler::URI_DANGEROUS_TO_LOAD,
&hasFlags);
NS_ENSURE_SUCCESS(rv, false);
if (hasFlags) {
return true;
}
// UI resources also get access.
rv = NS_URIChainHasFlags(uri, nsIProtocolHandler::URI_IS_UI_RESOURCE,
&hasFlags);
NS_ENSURE_SUCCESS(rv, false);
if (hasFlags) {
return true;
}
auto& principal = BasePrincipal::Cast(aPrincipal);
auto policy = principal.AddonPolicy();
return (policy && policy->IsPrivileged());
}
// static
void nsContentUtils::Shutdown() {
sInitialized = false;

1
dom/base/nsContentUtils.h
View File

@ -237,6 +237,7 @@ class nsContentUtils {
#else
;
#endif
static bool IsErrorPage(nsIURI* aURI);
static bool IsCallerChromeOrFuzzingEnabled(JSContext* aCx, JSObject*) {
return ThreadsafeIsSystemCaller(aCx) || IsFuzzingEnabled();

10
dom/security/nsContentSecurityManager.cpp
View File

@ -287,11 +287,11 @@ static nsresult DoCheckLoadURIChecks(nsIURI* aURI, nsILoadInfo* aLoadInfo) {
nsIContentPolicy::TYPE_INTERNAL_DTD) {
RefPtr<Document> doc;
aLoadInfo->GetLoadingDocument(getter_AddRefs(doc));
return nsContentUtils::PrincipalAllowsL10n(
*aLoadInfo->TriggeringPrincipal(),
doc ? doc->GetDocumentURI() : nullptr)
? NS_OK
: NS_ERROR_DOM_BAD_URI;
bool allowed = false;
aLoadInfo->TriggeringPrincipal()->IsL10nAllowed(
doc ? doc->GetDocumentURI() : nullptr, &allowed);
return allowed ? NS_OK : NS_ERROR_DOM_BAD_URI;
}
// This is used in order to allow a privileged DOMParser to parse documents