Bug 1300831 - Avoid creating about:blank windows with expanded principals; r=bholley
authorEhsan Akhgari <ehsan@mozilla.com>
Tue, 06 Sep 2016 16:05:16 -0400
changeset 313033 4c763f86c46269e4ed00835cb3e083432b3abe13
parent 313032 1aa180309dacc3f0f8fe622839b86ef405ef0d99
child 313034 da216b2fc7dc009f228f0cf078b74b3b59008da0
push id20479
push userkwierso@gmail.com
push dateThu, 08 Sep 2016 01:08:46 +0000
treeherderfx-team@fb7c6b034329 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbholley
bugs1300831
milestone51.0a1
Bug 1300831 - Avoid creating about:blank windows with expanded principals; r=bholley
dom/base/nsGlobalWindow.cpp
--- a/dom/base/nsGlobalWindow.cpp
+++ b/dom/base/nsGlobalWindow.cpp
@@ -2154,20 +2154,22 @@ nsGlobalWindow::WouldReuseInnerWindow(ns
 void
 nsGlobalWindow::SetInitialPrincipalToSubject()
 {
   MOZ_ASSERT(IsOuterWindow());
 
   // First, grab the subject principal.
   nsCOMPtr<nsIPrincipal> newWindowPrincipal = nsContentUtils::SubjectPrincipalOrSystemIfNativeCaller();
 
-  // Now, if we're about to use the system principal or an nsExpandedPrincipal,
-  // make sure we're not using it for a content docshell.
-  if (nsContentUtils::IsSystemOrExpandedPrincipal(newWindowPrincipal) &&
-      GetDocShell()->ItemType() != nsIDocShellTreeItem::typeChrome) {
+  // We should never create windows with an expanded principal.
+  // If we have a system principal, make sure we're not using it for a content
+  // docshell.
+  if (nsContentUtils::IsExpandedPrincipal(newWindowPrincipal) ||
+      (nsContentUtils::IsSystemPrincipal(newWindowPrincipal) &&
+       GetDocShell()->ItemType() != nsIDocShellTreeItem::typeChrome)) {
     newWindowPrincipal = nullptr;
   }
 
   // If there's an existing document, bail if it either:
   if (mDoc) {
     // (a) is not an initial about:blank document, or
     if (!mDoc->IsInitialDocument())
       return;