Bug 604368 - Share some code so that bug fixes fix both parts. r=peterv a=blocking beta7
authorBlake Kaplan <mrbkap@gmail.com>
Sat, 16 Oct 2010 15:26:14 -0700
changeset 56042 47a8311cf0bbd3cb9926da17e62a6d0d19cd34b8
parent 56041 b4b5641fa789adabfc0fa45728d28d417b5100e3
child 56043 627850a036c36aa5c6254b1526452802796b2a90
child 56169 11b2f7a76d0f510ec25434ba64cafa2821fd2cce
push id16371
push userrsayre@mozilla.com
push dateMon, 18 Oct 2010 17:04:27 +0000
treeherderautoland@eae6bdacf6d2 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerspeterv, blocking
bugs604368
milestone2.0b8pre
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 604368 - Share some code so that bug fixes fix both parts. r=peterv a=blocking beta7
js/src/xpconnect/wrappers/AccessCheck.cpp
js/src/xpconnect/wrappers/AccessCheck.h
js/src/xpconnect/wrappers/XrayWrapper.cpp
--- a/js/src/xpconnect/wrappers/AccessCheck.cpp
+++ b/js/src/xpconnect/wrappers/AccessCheck.cpp
@@ -212,16 +212,60 @@ GetPrincipal(JSObject *obj)
         return objPrin->GetPrincipal();
     }
 
     nsIXPConnect *xpc = nsXPConnect::GetRuntimeInstance()->GetXPConnect();
     return xpc->GetPrincipal(obj, PR_TRUE);
 }
 
 bool
+AccessCheck::documentDomainMakesSameOrigin(JSContext *cx, JSObject *obj)
+{
+    JSObject *scope = nsnull;
+    JSStackFrame *fp = nsnull;
+    JS_FrameIterator(cx, &fp);
+    if (fp) {
+        while (fp->isDummyFrame()) {
+            if (!JS_FrameIterator(cx, &fp))
+                break;
+        }
+
+        if (fp)
+            scope = &fp->scopeChain();
+    }
+
+    if (!scope)
+        scope = JS_GetScopeChain(cx);
+
+    nsIPrincipal *subject;
+    nsIPrincipal *object;
+
+    {
+        JSAutoEnterCompartment ac;
+
+        if (!ac.enter(cx, scope))
+            return false;
+
+        subject = GetPrincipal(JS_GetGlobalForObject(cx, scope));
+    }
+
+    {
+        JSAutoEnterCompartment ac;
+
+        if (!ac.enter(cx, obj))
+            return false;
+
+        object = GetPrincipal(JS_GetGlobalForObject(cx, obj));
+    }
+
+    PRBool subsumes;
+    return NS_SUCCEEDED(subject->Subsumes(object, &subsumes)) && subsumes;
+}
+
+bool
 AccessCheck::isCrossOriginAccessPermitted(JSContext *cx, JSObject *wrapper, jsid id,
                                           JSWrapper::Action act)
 {
     if (!XPCWrapper::GetSecurityManager())
         return true;
 
     if (act == JSWrapper::CALL)
         return true;
@@ -243,58 +287,18 @@ AccessCheck::isCrossOriginAccessPermitte
             return true;
     }
 
     if (IsWindow(name) && IsFrameId(cx, obj, id))
         return true;
 
     // We only reach this point for cross origin location objects (see
     // SameOriginOrCrossOriginAccessiblePropertiesOnly::check).
-    if (!IsLocation(name)) {
-        JSObject *scope = nsnull;
-        JSStackFrame *fp = nsnull;
-        JS_FrameIterator(cx, &fp);
-        if (fp) {
-            while (fp->isDummyFrame()) {
-                if (!JS_FrameIterator(cx, &fp))
-                    break;
-            }
-
-            if (fp)
-                scope = &fp->scopeChain();
-        }
-
-        if (!scope)
-            scope = JS_GetScopeChain(cx);
-
-        nsIPrincipal *subject;
-        nsIPrincipal *object;
-
-        {
-            JSAutoEnterCompartment ac;
-
-            if (!ac.enter(cx, scope))
-                return false;
-
-            subject = GetPrincipal(JS_GetGlobalForObject(cx, scope));
-        }
-
-        {
-            JSAutoEnterCompartment ac;
-
-            if (!ac.enter(cx, obj))
-                return false;
-
-            object = GetPrincipal(JS_GetGlobalForObject(cx, obj));
-        }
-
-        PRBool subsumes;
-        if (NS_SUCCEEDED(subject->Subsumes(object, &subsumes)) && subsumes)
-            return true;
-    }
+    if (!IsLocation(name) && documentDomainMakesSameOrigin(cx, obj))
+        return true;
 
     return (act == JSWrapper::SET)
            ? nsContentUtils::IsCallerTrustedForWrite()
            : nsContentUtils::IsCallerTrustedForRead();
 }
 
 bool
 AccessCheck::isSystemOnlyAccessPermitted(JSContext *cx)
--- a/js/src/xpconnect/wrappers/AccessCheck.h
+++ b/js/src/xpconnect/wrappers/AccessCheck.h
@@ -48,16 +48,17 @@ class AccessCheck {
   public:
     static bool isSameOrigin(JSCompartment *a, JSCompartment *b);
     static bool isChrome(JSCompartment *compartment);
     static nsIPrincipal *getPrincipal(JSCompartment *compartment);
     static bool isCrossOriginAccessPermitted(JSContext *cx, JSObject *obj, jsid id,
                                              JSWrapper::Action act);
     static bool isSystemOnlyAccessPermitted(JSContext *cx);
     static bool isLocationObjectSameOrigin(JSContext *cx, JSObject *wrapper);
+    static bool documentDomainMakesSameOrigin(JSContext *cx, JSObject *obj);
 
     static bool needsSystemOnlyWrapper(JSObject *obj);
 
     static bool isScriptAccessOnly(JSContext *cx, JSObject *wrapper);
 
     static void deny(JSContext *cx, jsid id);
 };
 
--- a/js/src/xpconnect/wrappers/XrayWrapper.cpp
+++ b/js/src/xpconnect/wrappers/XrayWrapper.cpp
@@ -410,59 +410,17 @@ Transparent(JSContext *cx, JSObject *wra
     // Redirect access straight to the wrapper if UniversalXPConnect is enabled.
     nsIScriptSecurityManager *ssm = XPCWrapper::GetSecurityManager();
     if (ssm) {
         PRBool privileged;
         if (NS_SUCCEEDED(ssm->IsCapabilityEnabled("UniversalXPConnect", &privileged)) && privileged)
             return true;
     }
 
-    JSObject *scope = nsnull;
-    JSStackFrame *fp = nsnull;
-    JS_FrameIterator(cx, &fp);
-    if (fp) {
-        while (fp->isDummyFrame()) {
-            if (!JS_FrameIterator(cx, &fp))
-                break;
-        }
-
-        if (fp)
-            scope = &fp->scopeChain();
-    }
-
-    if (!scope)
-        scope = JS_GetScopeChain(cx);
-
-    nsIPrincipal *subject;
-    nsIPrincipal *object;
-
-    nsIXPConnect *xpc = nsXPConnect::GetXPConnect();
-    {
-        JSAutoEnterCompartment ac;
-
-        if (!ac.enter(cx, scope))
-            return false;
-
-        subject = xpc->GetPrincipal(JS_GetGlobalForObject(cx, scope), PR_TRUE);
-    }
-
-    {
-        JSAutoEnterCompartment ac;
-
-        JSObject *obj = wrapper->unwrap();
-        if (!ac.enter(cx, obj))
-            return false;
-
-        object = xpc->GetPrincipal(JS_GetGlobalForObject(cx, obj), PR_TRUE);
-    }
-
-    PRBool subsumes;
-    if (NS_SUCCEEDED(subject->Subsumes(object, &subsumes)) && subsumes)
-        return true;
-    return false;
+    return AccessCheck::documentDomainMakesSameOrigin(cx, wrapper->unwrap());
 }
 
 namespace XrayUtils {
 
 bool
 IsTransparent(JSContext *cx, JSObject *wrapper)
 {
     return Transparent(cx, wrapper);