Commit Graph

41 Commits

Author SHA1 Message Date
Christoph Kerschbaumer
60e3239dee Bug 1490874: Log Principal based Security Errors to the Security pane in the console. r=smaug 2018-09-25 07:25:05 +02:00
shindli
0b6d93ef4d Backed out changeset 510e95767aeb (bug 1490874) for security failures in browser/components/payments/test/mochitest/test_basic_card_form.html CLOSED TREE 2018-09-24 11:43:30 +03:00
Christoph Kerschbaumer
0df81cd9f4 Bug 1490874: Log Principal based Security Errors to the Security pane in the console. r=smaug 2018-09-24 09:34:04 +02:00
Andrea Marchesini
58f78c6f5d Bug 1476306 - Moving NullPrincipal/ContentPrincipal/SystemPrincipal under mozilla namespace - part 2 - SystemPrincipal, r=ckerschb 2018-07-17 21:38:19 +02:00
Kris Maglione
caa1a1228b Bug 1473631: Part 10 - Replace pref observers with callbacks in ScriptSecurityManager. r=njn
MozReview-Commit-ID: COEgATfeEj

--HG--
extra : rebase_source : 8cdd70210041b0140ef951b3899dc324e0a9d74c
2018-07-05 14:53:14 -07:00
Andrea Marchesini
ceea0172b0 Bug 1473587 - CSP Violation events should have the correct sample for inline contexts, r=jorendorff, r=ckerschb 2018-07-16 17:58:04 +02:00
Jan de Mooij
08cef83f24 Bug 1464374 part 4 - Remove unused nsScriptSecurityManager::doGetObjectPrincipal. r=bz 2018-05-31 11:28:49 +02:00
Kris Maglione
257d9118dc Bug 1409249: Require singleton constructors to return explicit already_AddRefed. r=froydnj
Right now, NS_GENERIC_FACTORY_SINGLETON_CONSTRUCTOR expects singleton
constructors to return already-addrefed raw pointers, and while it accepts
constructors that return already_AddRefed, most existing don't do so.

Meanwhile, the convention elsewhere is that a raw pointer return value is
owned by the callee, and that the caller needs to addref it if it wants to
keep its own reference to it.

The difference in convention makes it easy to leak (I've definitely caused
more than one shutdown leak this way), so it would be better if we required
the singleton getters to return an explicit already_AddRefed, which would
behave the same for all callers.


This also cleans up several singleton constructors that left a dangling
pointer to their singletons when their initialization methods failed, when
they released their references without clearing their global raw pointers.

MozReview-Commit-ID: 9peyG4pRYcr

--HG--
extra : rebase_source : 2f5bd89c17cb554541be38444672a827c1392f3f
2017-10-16 21:08:42 -07:00
Kris Maglione
b3ba0520ee Bug 1396449: Part 1 - Use WebExtensionPolicy objects in extension content principals. r=krizsa
Going through the extension policy service rather than using
WebExtensionPolicy objects directly adds a lot of unnecessary overhead to
common operations on extension principals, and also makes the code more
complicated than it needs to be.

We also use weak references to policy objects here, since principals should
ideally lose as much of their elevated privileges as possible once the
extension instance that created them has been destroyed (which is something we
couldn't handle easily when we simply tracked ID strings).

MozReview-Commit-ID: KDNvVdvLkIt

--HG--
extra : rebase_source : 1b567919d2461bd0315d1a7d89f330cbd585f579
2017-09-05 11:04:43 -07:00
Eric Rahm
a33f11e0f5 Bug 1391803 - Use nsStringFwd.h for forward declaring string classes. r=froydnj
We should not be declaring forward declarations for nsString classes directly,
instead we should use nsStringFwd.h. This will make changing the underlying
types easier.

--HG--
extra : rebase_source : b2c7554e8632f078167ff2f609392e63a136c299
2017-08-16 16:48:52 -07:00
Nicholas Nethercote
c86dc10505 Bug 1380227 - Avoid many UTF16toUTF8 and UTF8toUTF16 conversions in nsStringBundle. r=emk.
Most of the names passed to nsIStringBundle::{Get,Format}StringFromUTF8Name
have one of the two following forms:

- a 16-bit C string literal, which is then converted to an 8-bit string in
  order for the lookup to occur;

- an 8-bit C string literal converted to a 16-bit string, which is then
  converted back to an 8-bit string in order for the lookup to occur.

This patch introduces and uses alternative methods that can take an 8-bit C
string literal, which requires changing some signatures in other methods and
functions. It replaces all C++ uses of the old methods.

The patch also changes the existing {Get,Format}StringFromName() methods so
they take an AUTF8String argument for the name instead of a wstring, because
that's nicer for JS code.

Even though there is a method for C++ code and a different one for JS code,
|binaryname| is used so that the existing method names can be used for the
common case in both languages.

The change reduces the number of NS_ConvertUTF8toUTF16 and
NS_ConvertUTF16toUTF8 conversions while running Speedometer v2 from ~270,000 to
~160,000. (Most of these conversions involved the string
"deprecatedReferrerDirective" in nsCSPParser.cpp.)

--HG--
extra : rebase_source : 3bee57a501035f76a81230d95186f8c3f460ff8e
2017-07-12 15:13:37 +10:00
Andrea Marchesini
f91cb666bb Bug 1343933 - Renaming Principal classes - part 3 - SystemPrincipal, r=qdot
--HG--
rename : caps/nsSystemPrincipal.cpp => caps/SystemPrincipal.cpp
rename : caps/nsSystemPrincipal.h => caps/SystemPrincipal.h
2017-03-22 11:39:08 +01:00
Kris Maglione
45dbac3bdd Bug 1314361 - Part 4: Stop setting addonId origin attribute. r=billm 2016-11-04 18:22:45 -07:00
Andrea Marchesini
359ae91eac Bug 1328653 - Merging all the various *OriginAttributes to just one, r=huseby 2017-01-12 17:38:48 +01:00
Ehsan Akhgari
5cc591dc59 Bug 1318209 - Remove mozIApplication; r=baku 2016-11-17 10:12:43 -05:00
Dave Huseby
ce82855c42 Bug 1189086 - Eliminate nsIPrincipal::jarPrefix. r=dveditz 2016-10-24 13:52:00 +02:00
Cameron McCormack
418bfe72a3 Bug 1300720 - Part 2: Lazily initialize nsScriptSecurityManager::mFileURIWhitelist. r=bholley
MozReview-Commit-ID: 8cqHUlOnsEH
2016-10-03 12:43:17 +08:00
Jan de Mooij
0ad12515f4 Bug 1292892 part 1 - Stop using JSRuntime outside SpiderMonkey. r=bz,terrence,fitzgen,kanru 2016-08-11 14:39:22 +02:00
Gijs Kruitbosch
ca0706d1c4 Bug 1281787, r=bz
MozReview-Commit-ID: JLdLD57pF87

--HG--
extra : rebase_source : c656044a8448d2fa70e484e9c126fc1955201579
2016-07-13 12:05:22 +01:00
Boris Zbarsky
4ec7cc4fc1 Bug 1276138. Remove the current/safe JSContext getters from nsScriptSecurityManager. r=mrbkap 2016-05-27 13:28:14 -04:00
Jonathan Watt
73ea9dd190 Bug 1162772, part 3 - Add a getChannelResultPrincipalIfNotSandboxed method to nsIScriptSecurityManager. r=bz
MozReview-Commit-ID: 4QwM1y6wRb
2016-04-28 11:13:09 +01:00
Sebastian Hengst
bec59714da Backed out changeset c32539fd746a (bug 1162772) 2016-04-30 09:54:01 +02:00
Jonathan Watt
c40b7e121f Bug 1162772, part 3 - Add a getChannelResultPrincipalIfNotSandboxed method to nsIScriptSecurityManager. r=bz
MozReview-Commit-ID: 4QwM1y6wRb
2016-04-28 11:13:09 +01:00
J. Ryan Stinnett
2a55d065b7 Bug 1238160 - Rename OriginAttributes.mInBrowser and associated methods. r=bz,mayhemer
This change renames OriginAttributes.mInBrowser to mInIsolatedMozBrowser and
nsIPrincipal::GetIsInBrowserElement to GetIsInIsolatedMozBrowserElement.  Other
methods that pass these values around also have name changes.

Tokens such as "inBrowser" have previously been serialized into cache keys, used
as DB column names, stored in app registries, etc.  No changes are made to any
serialization formats.  Only runtime method and variable names are updated.

No behavior changes are made in this patch, so some renamed methods may have
nonsensical implementations.  These are corrected in subsequent patches
focused on behavior.

MozReview-Commit-ID: 66HfMlsXFLs
2016-03-02 10:35:56 -06:00
Jonas Sicking
6cc5074df0 Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb 2015-12-06 18:33:14 -05:00
Sebastian Hengst
774236075d Backed out changeset 09d64535bcda (bug 1216687), a7f1a289dd78, 4dbf06183e6c, 26318a5e3006, 9ae2af3cf86d (bug 1226909) for M(1,2,5) oranges. r=backout 2015-12-05 16:34:47 +01:00
Jonas Sicking
df33e62850 Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb 2015-12-05 01:46:20 -08:00
Yoshi Huang
4b500464f5 Bug 1209162 - Create OriginAttributes subtypes. IGNORE IDL r=sicking. 2015-11-03 09:50:54 +08:00
Bobby Holley
0ead8c2e5e Bug 1161831 - Associate extension URIs with the appropriate addon ID. r=billm,sr=bz 2015-07-21 12:57:23 -07:00
Bobby Holley
f925835ed9 Bug 1161831 - Implement moz-extension protocol. r=bz,r=billm,sr=mcmanus
The heavy lifting all happened in the previous patch, so this is easy now.
2015-07-21 12:57:22 -07:00
Birunthan Mohanathas
a8939590de Bug 1182996 - Fix and add missing namespace comments. rs=ehsan
The bulk of this commit was generated by running:

  run-clang-tidy.py \
    -checks='-*,llvm-namespace-comment' \
    -header-filter=^/.../mozilla-central/.* \
    -fix
2015-07-13 08:25:42 -07:00
Bobby Holley
91e0c12696 Bug 1165162 - Rework the nsIScriptSecurityManager principal-minting API to be originAttributes-centric. r=gabor,r=bholley,sr=sicking 2015-05-20 17:11:41 -07:00
Bobby Holley
f8d1d0c840 Bug 1164977 - Hoist app attributes into a struct on BasePrincipal and refer to them as 'origin attributes'. r=gabor
This sets the stage for the upcoming work for signed apps.
2015-05-18 15:52:34 -07:00
Andrea Marchesini
cb54385682 Bug 1156632 - Remove unused forward class declarations - patch 4 - netwerk image and dom, r=ehsan 2015-04-22 08:29:20 +02:00
Andrea Marchesini
e6f385fb3d Bug 1148527 - Indentation fix after bug 1145631, r=ehsan 2015-03-27 18:52:19 +00:00
Ehsan Akhgari
883849ee32 Bug 1145631 - Part 1: Replace MOZ_OVERRIDE and MOZ_FINAL with override and final in the tree; r=froydnj
This patch was automatically generated using the following script:

function convert() {
echo "Converting $1 to $2..."
find . \
       ! -wholename "*/.git*" \
       ! -wholename "obj-ff-dbg*" \
         -type f \
      \( -iname "*.cpp" \
         -o -iname "*.h" \
         -o -iname "*.c" \
         -o -iname "*.cc" \
         -o -iname "*.idl" \
         -o -iname "*.ipdl" \
         -o -iname "*.ipdlh" \
         -o -iname "*.mm" \) | \
    xargs -n 1 sed -i -e "s/\b$1\b/$2/g"
}

convert MOZ_OVERRIDE override
convert MOZ_FINAL final
2015-03-21 12:28:04 -04:00
Trevor Saunders
fd5e9d1fcc bug 1047696 - mark a number of classes MOZ_FINAL to get compilers to devirtualize more r=froydnj 2014-08-05 13:33:55 -04:00
Bobby Holley
22b3a5b9bb Bug 1022229 - Hoist GetAppStatus into a static method on nsScriptSecurityManager. r=bz 2014-07-29 08:47:52 -07:00
Ryan VanderMeulen
9a8cfb647e Backed out 5 changesets (bug 1022229) for non-unified bustage.
Backed out changeset d79b991a8d96 (bug 1022229)
Backed out changeset 34f9a0e7dbde (bug 1022229)
Backed out changeset 37fbaf69c6e0 (bug 1022229)
Backed out changeset d6111b0603f5 (bug 1022229)
Backed out changeset 154922edf5fe (bug 1022229)
2014-07-28 15:08:51 -04:00
Bobby Holley
635f27b521 Bug 1022229 - Hoist GetAppStatus into a static method on nsScriptSecurityManager. r=bz 2014-07-28 10:37:54 -07:00
Birunthan Mohanathas
a4ac396211 Bug 1038535 - Flatten caps/{idl,include,src}/ directories. r=bholley,gps
--HG--
rename : caps/src/DomainPolicy.cpp => caps/DomainPolicy.cpp
rename : caps/include/DomainPolicy.h => caps/DomainPolicy.h
rename : caps/idl/nsIDomainPolicy.idl => caps/nsIDomainPolicy.idl
rename : caps/idl/nsIPrincipal.idl => caps/nsIPrincipal.idl
rename : caps/idl/nsIScriptSecurityManager.idl => caps/nsIScriptSecurityManager.idl
rename : caps/src/nsJSPrincipals.cpp => caps/nsJSPrincipals.cpp
rename : caps/include/nsJSPrincipals.h => caps/nsJSPrincipals.h
rename : caps/src/nsNullPrincipal.cpp => caps/nsNullPrincipal.cpp
rename : caps/include/nsNullPrincipal.h => caps/nsNullPrincipal.h
rename : caps/src/nsNullPrincipalURI.cpp => caps/nsNullPrincipalURI.cpp
rename : caps/src/nsNullPrincipalURI.h => caps/nsNullPrincipalURI.h
rename : caps/src/nsPrincipal.cpp => caps/nsPrincipal.cpp
rename : caps/include/nsPrincipal.h => caps/nsPrincipal.h
rename : caps/src/nsScriptSecurityManager.cpp => caps/nsScriptSecurityManager.cpp
rename : caps/include/nsScriptSecurityManager.h => caps/nsScriptSecurityManager.h
rename : caps/src/nsSystemPrincipal.cpp => caps/nsSystemPrincipal.cpp
rename : caps/include/nsSystemPrincipal.h => caps/nsSystemPrincipal.h
2014-07-15 11:12:59 -07:00