Bug 1596843 - Part 4: Remove some native only methods from nsIPermissionManager; r=baku
☠☠ backed out by 7553b88698cb ☠ ☠
authorEhsan Akhgari <ehsan@mozilla.com>
Sun, 17 Nov 2019 20:06:11 +0000
changeset 502368 48577632f4b3af48fc3a29b85d395d5e50ce9357
parent 502367 b9061f93d0457fb2672fb466c9611aa464f71dd5
child 502369 06248120ae60f264025c41a0cf6c62967b659b34
push id100793
push usereakhgari@mozilla.com
push dateSun, 17 Nov 2019 20:07:01 +0000
treeherderautoland@48577632f4b3 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbaku
bugs1596843
milestone72.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1596843 - Part 4: Remove some native only methods from nsIPermissionManager; r=baku Differential Revision: https://phabricator.services.mozilla.com/D53240
dom/ipc/ContentChild.cpp
dom/ipc/ContentParent.cpp
dom/serviceworkers/ServiceWorkerManager.cpp
dom/workers/remoteworkers/RemoteWorkerChild.cpp
dom/workers/remoteworkers/moz.build
extensions/permissions/nsContentBlocker.cpp
extensions/permissions/nsPermissionManager.cpp
extensions/permissions/nsPermissionManager.h
netwerk/base/nsIPermissionManager.idl
--- a/dom/ipc/ContentChild.cpp
+++ b/dom/ipc/ContentChild.cpp
@@ -3555,19 +3555,21 @@ nsresult ContentChild::AsyncOpenAnonymou
   // Remember the association with the callback.
   MOZ_ASSERT(!mPendingAnonymousTemporaryFiles.Get(newID));
   mPendingAnonymousTemporaryFiles.LookupOrAdd(newID, aCallback);
   return NS_OK;
 }
 
 mozilla::ipc::IPCResult ContentChild::RecvSetPermissionsWithKey(
     const nsCString& aPermissionKey, nsTArray<IPC::Permission>&& aPerms) {
-  nsCOMPtr<nsIPermissionManager> permissionManager =
-      services::GetPermissionManager();
-  permissionManager->SetPermissionsWithKey(aPermissionKey, aPerms);
+  RefPtr<nsPermissionManager> permManager = nsPermissionManager::GetInstance();
+  if (permManager) {
+    permManager->SetPermissionsWithKey(aPermissionKey, aPerms);
+  }
+
   return IPC_OK();
 }
 
 mozilla::ipc::IPCResult ContentChild::RecvRefreshScreens(
     nsTArray<ScreenDetails>&& aScreens) {
   ScreenManager& screenManager = ScreenManager::GetSingleton();
   screenManager.Refresh(std::move(aScreens));
   return IPC_OK();
--- a/dom/ipc/ContentParent.cpp
+++ b/dom/ipc/ContentParent.cpp
@@ -5495,30 +5495,30 @@ nsresult ContentParent::TransmitPermissi
 }
 
 void ContentParent::EnsurePermissionsByKey(const nsCString& aKey) {
   // NOTE: Make sure to initialize the permission manager before updating the
   // mActivePermissionKeys list. If the permission manager is being initialized
   // by this call to GetPermissionManager, and we've added the key to
   // mActivePermissionKeys, then the permission manager will send down a
   // SendAddPermission before receiving the SendSetPermissionsWithKey message.
-  nsCOMPtr<nsIPermissionManager> permManager = services::GetPermissionManager();
+  RefPtr<nsPermissionManager> permManager = nsPermissionManager::GetInstance();
+  if (!permManager) {
+    return;
+  }
 
   if (mActivePermissionKeys.Contains(aKey)) {
     return;
   }
   mActivePermissionKeys.PutEntry(aKey);
 
   nsTArray<IPC::Permission> perms;
-  nsresult rv = permManager->GetPermissionsWithKey(aKey, perms);
-  if (NS_WARN_IF(NS_FAILED(rv))) {
-    return;
-  }
-
-  Unused << SendSetPermissionsWithKey(aKey, perms);
+  if (permManager->GetPermissionsWithKey(aKey, perms)) {
+    Unused << SendSetPermissionsWithKey(aKey, perms);
+  }
 }
 
 bool ContentParent::NeedsPermissionsUpdate(
     const nsACString& aPermissionKey) const {
   return mActivePermissionKeys.Contains(aPermissionKey);
 }
 
 mozilla::ipc::IPCResult ContentParent::RecvAccumulateChildHistograms(
--- a/dom/serviceworkers/ServiceWorkerManager.cpp
+++ b/dom/serviceworkers/ServiceWorkerManager.cpp
@@ -58,16 +58,17 @@
 #include "mozilla/ipc/PBackgroundChild.h"
 #include "mozilla/ipc/PBackgroundSharedTypes.h"
 #include "mozilla/dom/ScriptLoader.h"
 #include "mozilla/Unused.h"
 #include "mozilla/EnumSet.h"
 
 #include "nsContentUtils.h"
 #include "nsNetUtil.h"
+#include "nsPermissionManager.h"
 #include "nsProxyRelease.h"
 #include "nsQueryObject.h"
 #include "nsTArray.h"
 
 #include "ServiceWorker.h"
 #include "ServiceWorkerContainer.h"
 #include "ServiceWorkerInfo.h"
 #include "ServiceWorkerJobQueue.h"
@@ -2126,30 +2127,34 @@ void ServiceWorkerManager::DispatchFetch
     // ClientSource to be updated immediately after the nsIChannel starts.
     // This is necessary to have the correct controller in place for immediate
     // follow-on requests.
     loadInfo->SetController(serviceWorker->Descriptor());
   }
 
   MOZ_DIAGNOSTIC_ASSERT(serviceWorker);
 
-  nsCOMPtr<nsIRunnable> continueRunnable =
+  RefPtr<ContinueDispatchFetchEventRunnable> continueRunnable =
       new ContinueDispatchFetchEventRunnable(serviceWorker->WorkerPrivate(),
                                              aChannel, loadGroup,
                                              loadInfo->GetIsDocshellReload());
 
   // When this service worker was registered, we also sent down the permissions
   // for the runnable. They should have arrived by now, but we still need to
   // wait for them if they have not.
   nsCOMPtr<nsIRunnable> permissionsRunnable = NS_NewRunnableFunction(
       "dom::ServiceWorkerManager::DispatchFetchEvent", [=]() {
-        nsCOMPtr<nsIPermissionManager> permMgr =
-            services::GetPermissionManager();
-        MOZ_ALWAYS_SUCCEEDS(permMgr->WhenPermissionsAvailable(
-            serviceWorker->Principal(), continueRunnable));
+        RefPtr<nsPermissionManager> permMgr =
+            nsPermissionManager::GetInstance();
+        if (permMgr) {
+          permMgr->WhenPermissionsAvailable(serviceWorker->Principal(),
+                                            continueRunnable);
+        } else {
+          continueRunnable->HandleError();
+        }
       });
 
   nsCOMPtr<nsIUploadChannel2> uploadChannel =
       do_QueryInterface(internalChannel);
 
   // If there is no upload stream, then continue immediately
   if (!uploadChannel) {
     MOZ_ALWAYS_SUCCEEDS(permissionsRunnable->Run());
--- a/dom/workers/remoteworkers/RemoteWorkerChild.cpp
+++ b/dom/workers/remoteworkers/RemoteWorkerChild.cpp
@@ -9,18 +9,18 @@
 #include <utility>
 
 #include "MainThreadUtils.h"
 #include "nsDebug.h"
 #include "nsError.h"
 #include "nsIConsoleReportCollector.h"
 #include "nsIInterfaceRequestor.h"
 #include "nsIPrincipal.h"
-#include "nsIPermissionManager.h"
 #include "nsNetUtil.h"
+#include "nsPermissionManager.h"
 #include "nsProxyRelease.h"
 #include "nsThreadUtils.h"
 #include "nsXULAppAPI.h"
 
 #include "RemoteWorkerService.h"
 #include "mozilla/Assertions.h"
 #include "mozilla/Attributes.h"
 #include "mozilla/BasePrincipal.h"
@@ -469,20 +469,22 @@ nsresult RemoteWorkerChild::ExecWorkerOn
         __func__, [initializeWorkerRunnable = std::move(runnable),
                    self = std::move(self)] {
           if (NS_WARN_IF(!initializeWorkerRunnable->Dispatch())) {
             self->TransitionStateToTerminated();
             self->CreationFailedOnAnyThread();
           }
         });
 
-    nsCOMPtr<nsIPermissionManager> permissionManager =
-        services::GetPermissionManager();
-    MOZ_ALWAYS_SUCCEEDS(
-        permissionManager->WhenPermissionsAvailable(principal, r));
+    RefPtr<nsPermissionManager> permissionManager =
+        nsPermissionManager::GetInstance();
+    if (!permissionManager) {
+      return NS_ERROR_FAILURE;
+    }
+    permissionManager->WhenPermissionsAvailable(principal, r);
   } else {
     if (NS_WARN_IF(!runnable->Dispatch())) {
       rv = NS_ERROR_FAILURE;
       return rv;
     }
   }
 
   scopeExit.release();
--- a/dom/workers/remoteworkers/moz.build
+++ b/dom/workers/remoteworkers/moz.build
@@ -24,16 +24,17 @@ UNIFIED_SOURCES += [
     'RemoteWorkerParent.cpp',
     'RemoteWorkerService.cpp',
     'RemoteWorkerServiceChild.cpp',
     'RemoteWorkerServiceParent.cpp',
 ]
 
 LOCAL_INCLUDES += [
     '/dom/serviceworkers',
+    '/extensions/permissions',
     '/xpcom/build',
 ]
 
 IPDL_SOURCES += [
     'PRemoteWorker.ipdl',
     'PRemoteWorkerController.ipdl',
     'PRemoteWorkerService.ipdl',
     'RemoteWorkerTypes.ipdlh',
--- a/extensions/permissions/nsContentBlocker.cpp
+++ b/extensions/permissions/nsContentBlocker.cpp
@@ -288,17 +288,17 @@ nsresult nsContentBlocker::TestPermissio
   // check the permission list first; if we find an entry, it overrides
   // default prefs.
   // Don't forget the aContentType ranges from 1..8, while the
   // array is indexed 0..7
   // All permissions tested by this method are preload permissions, so don't
   // bother actually checking with the permission manager unless we have a
   // preload permission.
   uint32_t permission = nsIPermissionManager::UNKNOWN_ACTION;
-  if (mPermissionManager->GetHasPreloadPermissions()) {
+  if (mPermissionManager->HasPreloadPermissions()) {
     rv = mPermissionManager->LegacyTestPermissionFromURI(
         aCurrentURI, nullptr, kTypeString[aContentType - 1], &permission);
     NS_ENSURE_SUCCESS(rv, rv);
   }
 
   // If there is nothing on the list, use the default.
   if (!permission) {
     permission = mBehaviorPref[aContentType - 1];
--- a/extensions/permissions/nsPermissionManager.cpp
+++ b/extensions/permissions/nsPermissionManager.cpp
@@ -2992,22 +2992,21 @@ void nsPermissionManager::UpdateDB(
     return;
   }
 
   nsCOMPtr<mozIStoragePendingStatement> pending;
   rv = aStmt->ExecuteAsync(nullptr, getter_AddRefs(pending));
   MOZ_ASSERT(NS_SUCCEEDED(rv));
 }
 
-NS_IMETHODIMP
-nsPermissionManager::GetPermissionsWithKey(const nsACString& aPermissionKey,
-                                           nsTArray<IPC::Permission>& aPerms) {
+bool nsPermissionManager::GetPermissionsWithKey(
+    const nsACString& aPermissionKey, nsTArray<IPC::Permission>& aPerms) {
   aPerms.Clear();
   if (NS_WARN_IF(XRE_IsContentProcess())) {
-    return NS_ERROR_NOT_AVAILABLE;
+    return false;
   }
 
   for (auto iter = mPermissionTable.Iter(); !iter.Done(); iter.Next()) {
     PermissionHashKey* entry = iter.Get();
 
     nsAutoCString permissionKey;
     GetKeyForOrigin(entry->GetKey()->mOrigin, permissionKey);
 
@@ -3032,39 +3031,38 @@ nsPermissionManager::GetPermissionsWithK
         aPerms.AppendElement(
             IPC::Permission(entry->GetKey()->mOrigin,
                             mTypeArray[permEntry.mType], permEntry.mPermission,
                             permEntry.mExpireType, permEntry.mExpireTime));
       }
     }
   }
 
-  return NS_OK;
+  return true;
 }
 
-NS_IMETHODIMP
-nsPermissionManager::SetPermissionsWithKey(const nsACString& aPermissionKey,
-                                           nsTArray<IPC::Permission>& aPerms) {
-  if (NS_WARN_IF(XRE_IsParentProcess())) {
-    return NS_ERROR_NOT_AVAILABLE;
+void nsPermissionManager::SetPermissionsWithKey(
+    const nsACString& aPermissionKey, nsTArray<IPC::Permission>& aPerms) {
+  if (NS_WARN_IF(XRE_IsContentProcess())) {
+    return;
   }
 
   RefPtr<GenericNonExclusivePromise::Private> promise;
   bool foundKey =
       mPermissionKeyPromiseMap.Get(aPermissionKey, getter_AddRefs(promise));
   if (promise) {
     MOZ_ASSERT(foundKey);
     // NOTE: This will resolve asynchronously, so we can mark it as resolved
     // now, and be confident that we will have filled in the database before any
     // callbacks run.
     promise->Resolve(true, __func__);
   } else if (foundKey) {
     // NOTE: We shouldn't be sent two InitializePermissionsWithKey for the same
     // key, but it's possible.
-    return NS_OK;
+    return;
   }
   mPermissionKeyPromiseMap.Put(aPermissionKey, nullptr);
 
   // Add the permissions locally to our process
   for (IPC::Permission& perm : aPerms) {
     nsCOMPtr<nsIPrincipal> principal;
     nsresult rv =
         GetPrincipalFromOrigin(perm.origin, getter_AddRefs(principal));
@@ -3082,17 +3080,16 @@ nsPermissionManager::SetPermissionsWithK
     // The child process doesn't care about modification times - it neither
     // reads nor writes, nor removes them based on the date - so 0 (which
     // will end up as now()) is fine.
     uint64_t modificationTime = 0;
     AddInternal(principal, perm.type, perm.capability, 0, perm.expireType,
                 perm.expireTime, modificationTime, eNotify, eNoDBOperation,
                 true /* ignoreSessionPermissions */);
   }
-  return NS_OK;
 }
 
 /* static */
 void nsPermissionManager::GetKeyForOrigin(const nsACString& aOrigin,
                                           nsACString& aKey) {
   aKey.Truncate();
 
   // We only key origins for http, https, and ftp URIs. All origins begin with
@@ -3212,24 +3209,23 @@ bool nsPermissionManager::PermissionAvai
                                  permissionKey.get())
                      .get());
       return false;
     }
   }
   return true;
 }
 
-NS_IMETHODIMP
-nsPermissionManager::WhenPermissionsAvailable(nsIPrincipal* aPrincipal,
-                                              nsIRunnable* aRunnable) {
+void nsPermissionManager::WhenPermissionsAvailable(nsIPrincipal* aPrincipal,
+                                                   nsIRunnable* aRunnable) {
   MOZ_ASSERT(aRunnable);
 
   if (!XRE_IsContentProcess()) {
     aRunnable->Run();
-    return NS_OK;
+    return;
   }
 
   nsTArray<RefPtr<GenericNonExclusivePromise>> promises;
   for (auto& key : GetAllKeysForPrincipal(aPrincipal)) {
     RefPtr<GenericNonExclusivePromise::Private> promise;
     if (!mPermissionKeyPromiseMap.Get(key, getter_AddRefs(promise))) {
       // In this case we have found a permission which isn't available in the
       // content process and hasn't been requested yet. We need to create a new
@@ -3245,30 +3241,27 @@ nsPermissionManager::WhenPermissionsAvai
     }
   }
 
   // If all of our permissions are available, immediately run the runnable. This
   // avoids any extra overhead during fetch interception which is performance
   // sensitive.
   if (promises.IsEmpty()) {
     aRunnable->Run();
-    return NS_OK;
+    return;
   }
 
   auto* thread = SystemGroup::AbstractMainThreadFor(TaskCategory::Other);
 
   RefPtr<nsIRunnable> runnable = aRunnable;
   GenericNonExclusivePromise::All(thread, promises)
       ->Then(
           thread, __func__, [runnable]() { runnable->Run(); },
           []() {
             NS_WARNING(
                 "nsPermissionManager permission promise rejected. We're "
                 "probably shutting down.");
           });
-  return NS_OK;
 }
 
-NS_IMETHODIMP
-nsPermissionManager::GetHasPreloadPermissions(bool* aResult) {
-  *aResult = sPreloadPermissionCount > 0;
-  return NS_OK;
+bool nsPermissionManager::HasPreloadPermissions() {
+  return sPreloadPermissionCount > 0;
 }
--- a/extensions/permissions/nsPermissionManager.h
+++ b/extensions/permissions/nsPermissionManager.h
@@ -24,16 +24,20 @@
 #include "nsRefPtrHashtable.h"
 #include "mozilla/BasePrincipal.h"
 #include "mozilla/ExpandedPrincipal.h"
 #include "mozilla/MozPromise.h"
 #include "mozilla/Unused.h"
 #include "mozilla/Variant.h"
 #include "mozilla/Vector.h"
 
+namespace IPC {
+struct Permission;
+}
+
 namespace mozilla {
 class OriginAttributesPattern;
 }
 
 class nsIPermission;
 class mozIStorageConnection;
 class mozIStorageAsyncStatement;
 
@@ -285,16 +289,78 @@ class nsPermissionManager final : public
    * Returns false if this permission manager wouldn't have the permission
    * requested available.
    *
    * If aType is empty, checks that the permission manager would have all
    * permissions available for the given principal.
    */
   bool PermissionAvailable(nsIPrincipal* aPrincipal, const nsACString& aType);
 
+  /**
+   * The content process doesn't have access to every permission. Instead, when
+   * LOAD_DOCUMENT_URI channels for http://, https://, and ftp:// URIs are
+   * opened, the permissions for those channels are sent down to the content
+   * process before the OnStartRequest message. Permissions for principals with
+   * other schemes are sent down at process startup.
+   *
+   * Permissions are keyed and grouped by "Permission Key"s.
+   * `nsPermissionManager::GetKeyForPrincipal` provides the mechanism for
+   * determining the permission key for a given principal.
+   *
+   * This method may only be called in the parent process. It fills the nsTArray
+   * argument with the IPC::Permission objects which have a matching permission
+   * key.
+   *
+   * @param permissionKey  The key to use to find the permissions of interest.
+   * @param perms  An array which will be filled with the permissions which
+   *               match the given permission key.
+   */
+  bool GetPermissionsWithKey(const nsACString& aPermissionKey,
+                             nsTArray<IPC::Permission>& aPerms);
+
+  /**
+   * See `nsPermissionManager::GetPermissionsWithKey` for more info on
+   * Permission keys.
+   *
+   * `SetPermissionsWithKey` may only be called in the Child process, and
+   * initializes the permission manager with the permissions for a given
+   * Permission key. marking permissions with that key as available.
+   *
+   * @param permissionKey  The key for the permissions which have been sent
+   * over.
+   * @param perms  An array with the permissions which match the given key.
+   */
+  void SetPermissionsWithKey(const nsACString& aPermissionKey,
+                             nsTArray<IPC::Permission>& aPerms);
+
+  /**
+   * Add a callback which should be run when all permissions are available for
+   * the given nsIPrincipal. This method invokes the callback runnable
+   * synchronously when the permissions are already available. Otherwise the
+   * callback will be run asynchronously in SystemGroup when all permissions
+   * are available in the future.
+   *
+   * NOTE: This method will not request the permissions be sent by the parent
+   * process. This should only be used to wait for permissions which may not
+   * have arrived yet in order to ensure they are present.
+   *
+   * @param aPrincipal The principal to wait for permissions to be available
+   * for.
+   * @param aRunnable  The runnable to run when permissions are available for
+   * the given principal.
+   */
+  void WhenPermissionsAvailable(nsIPrincipal* aPrincipal,
+                                nsIRunnable* aRunnable);
+
+  /**
+   * True if any "preload" permissions are present. This is used to avoid making
+   * potentially expensive permissions checks in nsContentBlocker.
+   */
+  bool HasPreloadPermissions();
+
  private:
   virtual ~nsPermissionManager();
 
   // NOTE: nullptr can be passed as aType - if it is this function will return
   // "false" unconditionally.
   static bool HasDefaultPref(const nsACString& aType) {
     // A list of permissions that can have a fallback default permission
     // set under the permissions.default.* pref.
--- a/netwerk/base/nsIPermissionManager.idl
+++ b/netwerk/base/nsIPermissionManager.idl
@@ -25,28 +25,18 @@
  *          "changed"
  *          a permission was changed. the subject is the new permission.
  *          "cleared"
  *          the entire permission list was cleared. the subject is null.
  */
 
 #include "nsISupports.idl"
 
-interface nsIObserver;
 interface nsIPrincipal;
 interface nsIPermission;
-interface nsIRunnable;
-
-%{ C++
-namespace IPC {
-struct Permission;
-}
-#include "nsTArrayForwardDeclare.h"
-%}
-[ref] native IPCPermissionArrayRef(nsTArray<IPC::Permission>);
 
 [scriptable, builtinclass, uuid(4dcb3851-eba2-4e42-b236-82d2596fca22)]
 interface nsIPermissionManager : nsISupports
 {
   /**
    * Predefined return values for the testPermission method and for
    * the permission param of the add method
    * NOTE: UNKNOWN_ACTION (0) is reserved to represent the
@@ -194,82 +184,24 @@ interface nsIPermissionManager : nsISupp
 
   /**
    * Returns all stored permissions.
    * @return an array of nsIPermission objects
    */
   readonly attribute Array<nsIPermission> all;
 
   /**
-   * The content process doesn't have access to every permission. Instead, when
-   * LOAD_DOCUMENT_URI channels for http://, https://, and ftp:// URIs are
-   * opened, the permissions for those channels are sent down to the content
-   * process before the OnStartRequest message. Permissions for principals with
-   * other schemes are sent down at process startup.
-   *
-   * Permissions are keyed and grouped by "Permission Key"s.
-   * `nsPermissionManager::GetKeyForPrincipal` provides the mechanism for
-   * determining the permission key for a given principal.
-   *
-   * This method may only be called in the parent process. It fills the nsTArray
-   * argument with the IPC::Permission objects which have a matching permission
-   * key.
-   *
-   * @param permissionKey  The key to use to find the permissions of interest.
-   * @param perms  An array which will be filled with the permissions which
-   *               match the given permission key.
-   */
-  void getPermissionsWithKey(in ACString permissionKey, out IPCPermissionArrayRef perms);
-
-  /**
-   * See `nsIPermissionManager::GetPermissionsWithKey` for more info on
-   * Permission keys.
-   *
-   * `SetPermissionsWithKey` may only be called in the Child process, and
-   * initializes the permission manager with the permissions for a given
-   * Permission key. marking permissions with that key as available.
-   *
-   * @param permissionKey  The key for the permissions which have been sent over.
-   * @param perms  An array with the permissions which match the given key.
-   */
-  void setPermissionsWithKey(in ACString permissionKey, in IPCPermissionArrayRef perms);
-
-  /**
    * Broadcasts permissions for the given principal to all content processes.
    *
    * DO NOT USE THIS METHOD if you can avoid it. It was added in bug XXX to
    * handle the current temporary implementation of ServiceWorker debugging. It
    * will be removed when service worker debugging is fixed.
    *
    * @param aPrincipal The principal to broadcast permissions for.
    */
   void broadcastPermissionsForPrincipalToAllContentProcesses(in nsIPrincipal aPrincipal);
-
-  /**
-   * Add a callback which should be run when all permissions are available for
-   * the given nsIPrincipal. This method invokes the callback runnable
-   * synchronously when the permissions are already available. Otherwise the
-   * callback will be run asynchronously in SystemGroup when all permissions
-   * are available in the future.
-   *
-   * NOTE: This method will not request the permissions be sent by the parent
-   * process. This should only be used to wait for permissions which may not
-   * have arrived yet in order to ensure they are present.
-   *
-   * @param aPrincipal The principal to wait for permissions to be available for.
-   * @param aRunnable  The runnable to run when permissions are available for the
-   *                   given principal.
-   */
-  void whenPermissionsAvailable(in nsIPrincipal aPrincipal,
-                                in nsIRunnable aRunnable);
-
-  /**
-   * True if any "preload" permissions are present. This is used to avoid making
-   * potentially expensive permissions checks in nsContentBlocker.
-   */
-  [infallible] readonly attribute boolean hasPreloadPermissions;
 };
 
 %{ C++
 #define NS_PERMISSIONMANAGER_CONTRACTID "@mozilla.org/permissionmanager;1"
 
 #define PERM_CHANGE_NOTIFICATION "perm-changed"
 %}