Bug 1269254 - Skip CheckLoadURIWithPrincipal checks within ContentSecurityManager on loadingPrincipal if security flag indicates allow cross origin loads (r=sicking)
authorChristoph Kerschbaumer <ckerschb@christophkerschbaumer.com>
Sun, 29 May 2016 20:40:16 +0200
changeset 299439 0c174794580dcc4d40eace91fed1bdbd87491b2e
parent 299438 ea07d83adaf481947c1d980ba74319ca4d1627dd
child 299440 6c71166699568145a890962a4059c4a1628c1967
push id77571
push usermozilla@christophkerschbaumer.com
push dateSun, 29 May 2016 19:16:21 +0000
treeherdermozilla-inbound@0c174794580d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerssicking
bugs1269254
milestone49.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1269254 - Skip CheckLoadURIWithPrincipal checks within ContentSecurityManager on loadingPrincipal if security flag indicates allow cross origin loads (r=sicking)
dom/security/nsContentSecurityManager.cpp
--- a/dom/security/nsContentSecurityManager.cpp
+++ b/dom/security/nsContentSecurityManager.cpp
@@ -80,50 +80,35 @@ static bool IsImageLoadInEditorAppType(n
 static nsresult
 DoCheckLoadURIChecks(nsIURI* aURI, nsILoadInfo* aLoadInfo)
 {
   // Bug 1228117: determine the correct security policy for DTD loads
   if (aLoadInfo->GetExternalContentPolicyType() == nsIContentPolicy::TYPE_DTD) {
     return NS_OK;
   }
 
-  nsresult rv = NS_OK;
+  if (IsImageLoadInEditorAppType(aLoadInfo)) {
+    return NS_OK;
+  }
 
-  nsCOMPtr<nsIPrincipal> loadingPrincipal = aLoadInfo->LoadingPrincipal();
   uint32_t flags = nsIScriptSecurityManager::STANDARD;
   if (aLoadInfo->GetAllowChrome()) {
     flags |= nsIScriptSecurityManager::ALLOW_CHROME;
   }
   if (aLoadInfo->GetDisallowScript()) {
     flags |= nsIScriptSecurityManager::DISALLOW_SCRIPT;
   }
 
-  bool isImageInEditorType = IsImageLoadInEditorAppType(aLoadInfo);
-
-  // We don't have a loadingPrincipal for TYPE_DOCUMENT
-  if (aLoadInfo->GetExternalContentPolicyType() != nsIContentPolicy::TYPE_DOCUMENT &&
-      !isImageInEditorType) {
-    rv = nsContentUtils::GetSecurityManager()->
-      CheckLoadURIWithPrincipal(loadingPrincipal,
-                                aURI,
-                                flags);
-    NS_ENSURE_SUCCESS(rv, rv);
-  }
-
-  // If the loadingPrincipal and the triggeringPrincipal are different, then make
-  // sure the triggeringPrincipal is allowed to access that URI.
-  nsCOMPtr<nsIPrincipal> triggeringPrincipal = aLoadInfo->TriggeringPrincipal();
-  if (loadingPrincipal != triggeringPrincipal && !isImageInEditorType) {
-    rv = nsContentUtils::GetSecurityManager()->
-           CheckLoadURIWithPrincipal(triggeringPrincipal,
+  // Only call CheckLoadURIWithPrincipal() using the TriggeringPrincipal and not
+  // the LoadingPrincipal when SEC_ALLOW_CROSS_ORIGIN_* security flags are set,
+  // to allow, e.g. user stylesheets to load chrome:// URIs.
+  return nsContentUtils::GetSecurityManager()->
+           CheckLoadURIWithPrincipal(aLoadInfo->TriggeringPrincipal(),
                                      aURI,
                                      flags);
-    NS_ENSURE_SUCCESS(rv, rv);
-  }
-  return NS_OK;
 }
 
 static bool
 URIHasFlags(nsIURI* aURI, uint32_t aURIFlags)
 {
   bool hasFlags;
   nsresult rv = NS_URIChainHasFlags(aURI, aURIFlags, &hasFlags);
   NS_ENSURE_SUCCESS(rv, false);