gecko-dev/dom/jsurl
Kris Maglione 27c96362b9 Bug 1412345: Downgrade expanded principals before inheriting. r=bz,krizsa
There are several ways that expanded principals can be used as triggering
principals for requests. While that works fine for security checks, it also
sometimes causes them to be inherited, and used as result principals in
contexts where expanded principals aren't allowed.

This patch changes our inheritance behavior so that expanded principals are
downgraded to the most appropriate constituent principal when they would
otherwise be inherited.

The logic for choosing the most appropriate principal is a bit suspect, and
may eventually need to be changed to always select the last whitelist
principal, but I chose it to preserve the current principal downgrade behavior
used by XMLHttpRequest for the time being.

MozReview-Commit-ID: 9fvAKr2e2fa

--HG--
extra : rebase_source : c30df1b3851c11fed5a1d6a7fb158cec14933182
2017-11-02 19:56:27 -07:00
..
crashtests
test
moz.build Bug 1339232 - annotate more dom/* moz.build files with BUG_COMPONENT. r=overholt 2017-03-01 08:20:25 -05:00
nsJSProtocolHandler.cpp Bug 1412345: Downgrade expanded principals before inheriting. r=bz,krizsa 2017-11-02 19:56:27 -07:00
nsJSProtocolHandler.h Bug 1378712 - Remove all trailing whitespaces r=Ehsan 2017-07-06 14:00:35 +02:00