| author | Mounir Lamouri <mounir.lamouri@gmail.com> |
| Thu, 23 Aug 2012 11:38:26 -0700 | |
| changeset 103231 | 212b861d4d223c49ff68215645912040e0dfb352 |
| parent 103230 | a050027d1520f3868af8a90eb3e4823f2afed662 |
| child 103232 | 41f9eeefbee7a6fd9ba4be0d199a6758edba5456 |
| push id | 13890 |
| push user | ryanvm@gmail.com |
| push date | Thu, 23 Aug 2012 23:50:55 +0000 |
| treeherder | mozilla-inbound@e137f28dfe70 [default view] [failures only] |
| perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
| reviewers | sicking |
| bugs | 777072 |
| milestone | 17.0a1 |
| first release with | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
| last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
--- a/build/automation.py.in +++ b/build/automation.py.in @@ -266,24 +266,26 @@ class Automation(object): cursor = permDB.cursor(); # SQL copied from nsPermissionManager.cpp cursor.execute("""CREATE TABLE moz_hosts ( id INTEGER PRIMARY KEY, host TEXT, type TEXT, permission INTEGER, expireType INTEGER, - expireTime INTEGER)""") + expireTime INTEGER, + appId INTEGER, + isInBrowserElement INTEGER)""") # Insert desired permissions c = 0 for perm in permissions.keys(): for host,allow in permissions[perm]: c += 1 - cursor.execute("INSERT INTO moz_hosts values(?, ?, ?, ?, 0, 0)", + cursor.execute("INSERT INTO moz_hosts values(?, ?, ?, ?, 0, 0, 0, 0)", (c, host, perm, 1 if allow else 2)) # Commit and close permDB.commit() cursor.close() def setupTestApps(self, profileDir, apps): webappJSONTemplate = Template(""""$name": {
--- a/extensions/cookie/nsPermissionManager.cpp +++ b/extensions/cookie/nsPermissionManager.cpp @@ -69,27 +69,43 @@ ChildProcess() #define ENSURE_NOT_CHILD_PROCESS_NORET \ ENSURE_NOT_CHILD_PROCESS_() //////////////////////////////////////////////////////////////////////////////// namespace { nsresult -GetPrincipalForHost(const nsACString& aHost, nsIPrincipal** aPrincipal) +GetPrincipal(const nsACString& aHost, uint32_t aAppId, bool aIsInBrowserElement, + nsIPrincipal** aPrincipal) { nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); NS_ENSURE_TRUE(secMan, NS_ERROR_FAILURE); nsCOMPtr<nsIURI> uri; // NOTE: we use "http://" as a protocal but we will just use the host so it // doesn't really matter. NS_NewURI(getter_AddRefs(uri), NS_LITERAL_CSTRING("http://") + aHost); - return secMan->GetNoAppCodebasePrincipal(uri, aPrincipal); + return secMan->GetAppCodebasePrincipal(uri, aAppId, aIsInBrowserElement, aPrincipal); +} + +nsresult +GetPrincipal(nsIURI* aURI, nsIPrincipal** aPrincipal) +{ + nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); + NS_ENSURE_TRUE(secMan, NS_ERROR_FAILURE); + + return secMan->GetNoAppCodebasePrincipal(aURI, aPrincipal); +} + +nsresult +GetPrincipal(const nsACString& aHost, nsIPrincipal** aPrincipal) +{ + return GetPrincipal(aHost, nsIScriptSecurityManager::NO_APP_ID, false, aPrincipal); } nsresult GetHostForPrincipal(nsIPrincipal* aPrincipal, nsACString& aHost) { nsCOMPtr<nsIURI> uri; nsresult rv = aPrincipal->GetURI(getter_AddRefs(uri)); NS_ENSURE_SUCCESS(rv, rv); @@ -221,17 +237,17 @@ NS_IMETHODIMP DeleteFromMozHostListener: return NS_OK; } //////////////////////////////////////////////////////////////////////////////// // nsPermissionManager Implementation static const char kPermissionsFileName[] = "permissions.sqlite"; -#define HOSTS_SCHEMA_VERSION 2 +#define HOSTS_SCHEMA_VERSION 3 static const char kHostpermFileName[] = "hostperm.1"; static const char kPermissionChangeNotification[] = PERM_CHANGE_NOTIFICATION; NS_IMPL_ISUPPORTS3(nsPermissionManager, nsIPermissionManager, nsIObserver, nsISupportsWeakReference) nsPermissionManager::nsPermissionManager() @@ -289,23 +305,17 @@ nsPermissionManager::Init() // Get the permissions from the parent process InfallibleTArray<IPC::Permission> perms; ChildProcess()->SendReadPermissions(&perms); for (uint32_t i = 0; i < perms.Length(); i++) { const IPC::Permission &perm = perms[i]; nsCOMPtr<nsIPrincipal> principal; - nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); - MOZ_ASSERT(secMan, "No security manager!?"); - - nsCOMPtr<nsIURI> uri; - NS_NewURI(getter_AddRefs(uri), NS_LITERAL_CSTRING("http://") + perm.host); - - rv = secMan->GetAppCodebasePrincipal(uri, perm.appId, perm.isInBrowserElement, getter_AddRefs(principal)); + rv = GetPrincipal(perm.host, perm.appId, perm.isInBrowserElement, getter_AddRefs(principal)); NS_ENSURE_SUCCESS(rv, rv); AddInternal(principal, perm.type, perm.capability, 0, perm.expireType, perm.expireTime, eNotify, eNoDBOperation); } // Stop here; we don't need the DB in the child process return NS_OK; @@ -389,23 +399,37 @@ nsPermissionManager::InitDB(bool aRemove // expiration columns rv = mDBConn->ExecuteSimpleSQL(NS_LITERAL_CSTRING( "ALTER TABLE moz_hosts ADD expireType INTEGER")); NS_ENSURE_SUCCESS(rv, rv); rv = mDBConn->ExecuteSimpleSQL(NS_LITERAL_CSTRING( "ALTER TABLE moz_hosts ADD expireTime INTEGER")); NS_ENSURE_SUCCESS(rv, rv); + } + + // fall through to the next upgrade + + case 2: + { + // Add appId/isInBrowserElement fields. + rv = mDBConn->ExecuteSimpleSQL(NS_LITERAL_CSTRING( + "ALTER TABLE moz_hosts ADD appId INTEGER")); + NS_ENSURE_SUCCESS(rv, rv); + + rv = mDBConn->ExecuteSimpleSQL(NS_LITERAL_CSTRING( + "ALTER TABLE moz_hosts ADD isInBrowserElement INTEGER")); + NS_ENSURE_SUCCESS(rv, rv); rv = mDBConn->SetSchemaVersion(HOSTS_SCHEMA_VERSION); NS_ENSURE_SUCCESS(rv, rv); } // fall through to the next upgrade - + // current version. case HOSTS_SCHEMA_VERSION: break; case 0: { NS_WARNING("couldn't get schema version!"); @@ -425,17 +449,17 @@ nsPermissionManager::InitDB(bool aRemove // blow away the table and start from scratch! if you change the way // a column is interpreted, make sure you also change its name so this // check will catch it. default: { // check if all the expected columns exist nsCOMPtr<mozIStorageStatement> stmt; rv = mDBConn->CreateStatement(NS_LITERAL_CSTRING( - "SELECT host, type, permission, expireType, expireTime FROM moz_hosts"), + "SELECT host, type, permission, expireType, expireTime, appId, isInBrowserElement FROM moz_hosts"), getter_AddRefs(stmt)); if (NS_SUCCEEDED(rv)) break; // our columns aren't there - drop the table! rv = mDBConn->ExecuteSimpleSQL(NS_LITERAL_CSTRING("DROP TABLE moz_hosts")); NS_ENSURE_SUCCESS(rv, rv); @@ -447,18 +471,18 @@ nsPermissionManager::InitDB(bool aRemove } // make operations on the table asynchronous, for performance mDBConn->ExecuteSimpleSQL(NS_LITERAL_CSTRING("PRAGMA synchronous = OFF")); // cache frequently used statements (for insertion, deletion, and updating) rv = mDBConn->CreateStatement(NS_LITERAL_CSTRING( "INSERT INTO moz_hosts " - "(id, host, type, permission, expireType, expireTime) " - "VALUES (?1, ?2, ?3, ?4, ?5, ?6)"), getter_AddRefs(mStmtInsert)); + "(id, host, type, permission, expireType, expireTime, appId, isInBrowserElement) " + "VALUES (?1, ?2, ?3, ?4, ?5, ?6, ?7, ?8)"), getter_AddRefs(mStmtInsert)); NS_ENSURE_SUCCESS(rv, rv); rv = mDBConn->CreateStatement(NS_LITERAL_CSTRING( "DELETE FROM moz_hosts " "WHERE id = ?1"), getter_AddRefs(mStmtDelete)); NS_ENSURE_SUCCESS(rv, rv); rv = mDBConn->CreateStatement(NS_LITERAL_CSTRING( @@ -488,33 +512,32 @@ nsPermissionManager::CreateTable() return mDBConn->ExecuteSimpleSQL(NS_LITERAL_CSTRING( "CREATE TABLE moz_hosts (" " id INTEGER PRIMARY KEY" ",host TEXT" ",type TEXT" ",permission INTEGER" ",expireType INTEGER" ",expireTime INTEGER" + ",appId INTEGER" + ",isInBrowserElement INTEGER" ")")); } NS_IMETHODIMP nsPermissionManager::Add(nsIURI *aURI, const char *aType, uint32_t aPermission, uint32_t aExpireType, int64_t aExpireTime) { NS_ENSURE_ARG_POINTER(aURI); nsCOMPtr<nsIPrincipal> principal; - nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); - MOZ_ASSERT(secMan, "No security manager!?"); - - nsresult rv = secMan->GetNoAppCodebasePrincipal(aURI, getter_AddRefs(principal)); + nsresult rv = GetPrincipal(aURI, getter_AddRefs(principal)); NS_ENSURE_SUCCESS(rv, rv); return AddFromPrincipal(principal, aType, aPermission, aExpireType, aExpireTime); } NS_IMETHODIMP nsPermissionManager::AddFromPrincipal(nsIPrincipal* aPrincipal, const char* aType, uint32_t aPermission, @@ -638,18 +661,27 @@ nsPermissionManager::AddInternal(nsIPrin id = ++mLargestID; } else { // we're reading from the database - use the id already assigned id = aID; } entry->GetPermissions().AppendElement(PermissionEntry(id, typeIndex, aPermission, aExpireType, aExpireTime)); - if (aDBOperation == eWriteToDB && aExpireType != nsIPermissionManager::EXPIRE_SESSION) - UpdateDB(op, mStmtInsert, id, host, aType, aPermission, aExpireType, aExpireTime); + if (aDBOperation == eWriteToDB && aExpireType != nsIPermissionManager::EXPIRE_SESSION) { + uint32_t appId; + rv = aPrincipal->GetAppId(&appId); + NS_ENSURE_SUCCESS(rv, rv); + + bool isInBrowserElement; + rv = aPrincipal->GetIsInBrowserElement(&isInBrowserElement); + NS_ENSURE_SUCCESS(rv, rv); + + UpdateDB(op, mStmtInsert, id, host, aType, aPermission, aExpireType, aExpireTime, appId, isInBrowserElement); + } if (aNotifyOperation == eNotify) { NotifyObserversWithPermission(host, entry->GetKey()->mAppId, entry->GetKey()->mIsInBrowserElement, mTypeArray[typeIndex], aPermission, aExpireType, @@ -666,18 +698,20 @@ nsPermissionManager::AddInternal(nsIPrin id = oldPermissionEntry.mID; entry->GetPermissions().RemoveElementAt(index); // If no more types are present, remove the entry if (entry->GetPermissions().IsEmpty()) mPermissionTable.RawRemoveEntry(entry); if (aDBOperation == eWriteToDB) - UpdateDB(op, mStmtDelete, id, EmptyCString(), EmptyCString(), 0, - nsIPermissionManager::EXPIRE_NEVER, 0); + // We care only about the id here so we pass dummy values for all other + // parameters. + UpdateDB(op, mStmtDelete, id, EmptyCString(), EmptyCString(), 0, + nsIPermissionManager::EXPIRE_NEVER, 0, 0, false); if (aNotifyOperation == eNotify) { NotifyObserversWithPermission(host, entry->GetKey()->mAppId, entry->GetKey()->mIsInBrowserElement, mTypeArray[typeIndex], oldPermissionEntry.mPermission, oldPermissionEntry.mExpireType, @@ -689,17 +723,20 @@ nsPermissionManager::AddInternal(nsIPrin } case eOperationChanging: { id = entry->GetPermissions()[index].mID; entry->GetPermissions()[index].mPermission = aPermission; if (aDBOperation == eWriteToDB && aExpireType != nsIPermissionManager::EXPIRE_SESSION) - UpdateDB(op, mStmtUpdate, id, EmptyCString(), EmptyCString(), aPermission, aExpireType, aExpireTime); + // We care only about the id, the permission and expireType/expireTime here. + // We pass dummy values for all other parameters. + UpdateDB(op, mStmtUpdate, id, EmptyCString(), EmptyCString(), + aPermission, aExpireType, aExpireTime, 0, false); if (aNotifyOperation == eNotify) { NotifyObserversWithPermission(host, entry->GetKey()->mAppId, entry->GetKey()->mIsInBrowserElement, mTypeArray[typeIndex], aPermission, aExpireType, @@ -714,18 +751,17 @@ nsPermissionManager::AddInternal(nsIPrin return NS_OK; } NS_IMETHODIMP nsPermissionManager::Remove(const nsACString &aHost, const char *aType) { nsCOMPtr<nsIPrincipal> principal; - - nsresult rv = GetPrincipalForHost(aHost, getter_AddRefs(principal)); + nsresult rv = GetPrincipal(aHost, getter_AddRefs(principal)); NS_ENSURE_SUCCESS(rv, rv); return RemoveFromPrincipal(principal, aType); } NS_IMETHODIMP nsPermissionManager::RemoveFromPrincipal(nsIPrincipal* aPrincipal, const char* aType) @@ -807,20 +843,17 @@ nsPermissionManager::RemoveAllInternal(b } NS_IMETHODIMP nsPermissionManager::TestExactPermission(nsIURI *aURI, const char *aType, uint32_t *aPermission) { nsCOMPtr<nsIPrincipal> principal; - nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); - MOZ_ASSERT(secMan, "No security manager!?"); - - nsresult rv = secMan->GetNoAppCodebasePrincipal(aURI, getter_AddRefs(principal)); + nsresult rv = GetPrincipal(aURI, getter_AddRefs(principal)); NS_ENSURE_SUCCESS(rv, rv); return TestExactPermissionFromPrincipal(principal, aType, aPermission); } NS_IMETHODIMP nsPermissionManager::TestExactPermissionFromPrincipal(nsIPrincipal* aPrincipal, const char* aType, @@ -839,20 +872,17 @@ nsPermissionManager::TestExactPermission } NS_IMETHODIMP nsPermissionManager::TestPermission(nsIURI *aURI, const char *aType, uint32_t *aPermission) { nsCOMPtr<nsIPrincipal> principal; - nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); - MOZ_ASSERT(secMan, "No security manager!?"); - - nsresult rv = secMan->GetNoAppCodebasePrincipal(aURI, getter_AddRefs(principal)); + nsresult rv = GetPrincipal(aURI, getter_AddRefs(principal)); NS_ENSURE_SUCCESS(rv, rv); return TestPermissionFromPrincipal(principal, aType, aPermission); } NS_IMETHODIMP nsPermissionManager::TestPermissionFromPrincipal(nsIPrincipal* aPrincipal, const char* aType, @@ -947,23 +977,17 @@ nsPermissionManager::GetPermissionHashKe entry = mPermissionTable.GetEntry(key); if (entry) { PermissionEntry permEntry = entry->GetPermission(aType); // if the entry is expired, remove and keep looking for others. if (permEntry.mExpireType == nsIPermissionManager::EXPIRE_TIME && permEntry.mExpireTime <= now) { nsCOMPtr<nsIPrincipal> principal; - nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); - MOZ_ASSERT(secMan, "No security manager!?"); - - nsCOMPtr<nsIURI> uri; - NS_NewURI(getter_AddRefs(uri), NS_LITERAL_CSTRING("http://") + aHost); - - if (NS_FAILED(secMan->GetAppCodebasePrincipal(uri, aAppId, aIsInBrowserElement, getter_AddRefs(principal)))) { + if (NS_FAILED(GetPrincipal(aHost, aAppId, aIsInBrowserElement, getter_AddRefs(principal)))) { return nullptr; } RemoveFromPrincipal(principal, mTypeArray[aType].get()); } else if (permEntry.mPermission != nsIPermissionManager::UNKNOWN_ACTION) { break; } @@ -1146,25 +1170,27 @@ nsPermissionManager::Read() bool hasResult; rv = stmtDeleteExpired->ExecuteStep(&hasResult); NS_ENSURE_SUCCESS(rv, rv); } nsCOMPtr<mozIStorageStatement> stmt; rv = mDBConn->CreateStatement(NS_LITERAL_CSTRING( - "SELECT id, host, type, permission, expireType, expireTime " + "SELECT id, host, type, permission, expireType, expireTime, appId, isInBrowserElement " "FROM moz_hosts"), getter_AddRefs(stmt)); NS_ENSURE_SUCCESS(rv, rv); int64_t id; nsCAutoString host, type; uint32_t permission; uint32_t expireType; int64_t expireTime; + uint32_t appId; + bool isInBrowserElement; bool hasResult; while (NS_SUCCEEDED(stmt->ExecuteStep(&hasResult)) && hasResult) { // explicitly set our entry id counter for use in AddInternal(), // and keep track of the largest id so we know where to pick up. id = stmt->AsInt64(0); if (id > mLargestID) mLargestID = id; @@ -1175,18 +1201,22 @@ nsPermissionManager::Read() NS_ENSURE_SUCCESS(rv, rv); permission = stmt->AsInt32(3); expireType = stmt->AsInt32(4); // convert into int64_t value (milliseconds) expireTime = stmt->AsInt64(5); + MOZ_ASSERT(stmt->AsInt64(6) >= 0); + appId = static_cast<uint32_t>(stmt->AsInt64(6)); + isInBrowserElement = static_cast<bool>(stmt->AsInt32(7)); + nsCOMPtr<nsIPrincipal> principal; - nsresult rv = GetPrincipalForHost(host, getter_AddRefs(principal)); + nsresult rv = GetPrincipal(host, appId, isInBrowserElement, getter_AddRefs(principal)); NS_ENSURE_SUCCESS(rv, rv); rv = AddInternal(principal, type, permission, id, expireType, expireTime, eDontNotify, eNoDBOperation); NS_ENSURE_SUCCESS(rv, rv); } return NS_OK; @@ -1250,17 +1280,17 @@ nsPermissionManager::Import() // hosts might be encoded in UTF8; switch them to ACE to be consistent if (!IsASCII(lineArray[3])) { rv = NormalizeToACE(lineArray[3]); if (NS_FAILED(rv)) continue; } nsCOMPtr<nsIPrincipal> principal; - nsresult rv = GetPrincipalForHost(lineArray[3], getter_AddRefs(principal)); + nsresult rv = GetPrincipal(lineArray[3], getter_AddRefs(principal)); NS_ENSURE_SUCCESS(rv, rv); rv = AddInternal(principal, lineArray[1], permission, 0, nsIPermissionManager::EXPIRE_NEVER, 0, eDontNotify, eWriteToDB); NS_ENSURE_SUCCESS(rv, rv); } } @@ -1286,17 +1316,19 @@ nsPermissionManager::NormalizeToACE(nsCS void nsPermissionManager::UpdateDB(OperationType aOp, mozIStorageStatement* aStmt, int64_t aID, const nsACString &aHost, const nsACString &aType, uint32_t aPermission, uint32_t aExpireType, - int64_t aExpireTime) + int64_t aExpireTime, + uint32_t aAppId, + bool aIsInBrowserElement) { ENSURE_NOT_CHILD_PROCESS_NORET; nsresult rv; // no statement is ok - just means we don't have a profile if (!aStmt) return; @@ -1315,16 +1347,22 @@ nsPermissionManager::UpdateDB(OperationT rv = aStmt->BindInt32ByIndex(3, aPermission); if (NS_FAILED(rv)) break; rv = aStmt->BindInt32ByIndex(4, aExpireType); if (NS_FAILED(rv)) break; rv = aStmt->BindInt64ByIndex(5, aExpireTime); + if (NS_FAILED(rv)) break; + + rv = aStmt->BindInt64ByIndex(6, aAppId); + if (NS_FAILED(rv)) break; + + rv = aStmt->BindInt64ByIndex(7, aIsInBrowserElement); break; } case eOperationRemoving: { rv = aStmt->BindInt64ByIndex(0, aID); break; }
--- a/extensions/cookie/nsPermissionManager.h +++ b/extensions/cookie/nsPermissionManager.h @@ -228,17 +228,19 @@ private: nsresult NormalizeToACE(nsCString &aHost); static void UpdateDB(OperationType aOp, mozIStorageStatement* aStmt, int64_t aID, const nsACString &aHost, const nsACString &aType, uint32_t aPermission, uint32_t aExpireType, - int64_t aExpireTime); + int64_t aExpireTime, + uint32_t aAppId, + bool aIsInBrowserElement); nsCOMPtr<nsIObserverService> mObserverService; nsCOMPtr<nsIIDNService> mIDNService; nsCOMPtr<mozIStorageConnection> mDBConn; nsCOMPtr<mozIStorageStatement> mStmtInsert; nsCOMPtr<mozIStorageStatement> mStmtDelete; nsCOMPtr<mozIStorageStatement> mStmtUpdate;
--- a/testing/mozbase/mozprofile/mozprofile/permissions.py +++ b/testing/mozbase/mozprofile/mozprofile/permissions.py @@ -234,28 +234,30 @@ class Permissions(object): # SQL copied from # http://mxr.mozilla.org/mozilla-central/source/extensions/cookie/nsPermissionManager.cpp cursor.execute("""CREATE TABLE IF NOT EXISTS moz_hosts ( id INTEGER PRIMARY KEY, host TEXT, type TEXT, permission INTEGER, expireType INTEGER, - expireTime INTEGER)""") + expireTime INTEGER, + appId INTEGER, + isInBrowserElement INTEGER)""") for location in locations: # set the permissions permissions = { 'allowXULXBL': 'noxul' not in location.options } for perm, allow in permissions.iteritems(): self._num_permissions += 1 if allow: permission_type = 1 else: permission_type = 2 - cursor.execute("INSERT INTO moz_hosts values(?, ?, ?, ?, 0, 0)", + cursor.execute("INSERT INTO moz_hosts values(?, ?, ?, ?, 0, 0, 0, 0)", (self._num_permissions, location.host, perm, permission_type)) # Commit and close permDB.commit() cursor.close() def network_prefs(self, proxy=False):