Bug 1088617 - Handle nsIURIWithPrincipal in nsPrincipal::CheckMayLoad. r=bz
☠☠ backed out by d94624ae1684 ☠ ☠
authorBobby Holley <bobbyholley@gmail.com>
Tue, 28 Oct 2014 16:51:25 +0100
changeset 212682 2dbd41ba7717f2889f497159bd60189949800a7e
parent 212681 10dff2924f03af64dcc0c251253189f811cf74b6
child 212683 262df50c7355bca2e1c60f4c93c5573e204f77c7
push id51032
push userbobbyholley@gmail.com
push dateTue, 28 Oct 2014 15:53:33 +0000
treeherdermozilla-inbound@262df50c7355 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbz
bugs1088617
milestone36.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1088617 - Handle nsIURIWithPrincipal in nsPrincipal::CheckMayLoad. r=bz This mimics the logic already inside nsNullPrincipal::CheckMayLoad.
caps/nsPrincipal.cpp
--- a/caps/nsPrincipal.cpp
+++ b/caps/nsPrincipal.cpp
@@ -341,16 +341,28 @@ nsPrincipal::CheckMayLoad(nsIURI* aURI, 
    if (aAllowIfInheritsPrincipal) {
     // If the caller specified to allow loads of URIs that inherit
     // our principal, allow the load if this URI inherits its principal
     if (nsPrincipal::IsPrincipalInherited(aURI)) {
       return NS_OK;
     }
   }
 
+  // See if aURI is something like a Blob URI that is actually associated with
+  // a principal.
+  nsCOMPtr<nsIURIWithPrincipal> uriWithPrin = do_QueryInterface(aURI);
+  if (uriWithPrin) {
+    nsCOMPtr<nsIPrincipal> uriPrin;
+    uriWithPrin->GetPrincipal(getter_AddRefs(uriPrin));
+    MOZ_ASSERT(uriPrin);
+    if (nsIPrincipal::Subsumes(uriPrin)) {
+        return NS_OK;
+    }
+  }
+
   if (nsScriptSecurityManager::SecurityCompareURIs(mCodebase, aURI)) {
     return NS_OK;
   }
 
   // If strict file origin policy is in effect, local files will always fail
   // SecurityCompareURIs unless they are identical. Explicitly check file origin
   // policy, in that case.
   if (nsScriptSecurityManager::GetStrictFileOriginPolicy() &&