Bug 1490257 - Add triggeringPrincipal to missing cpp loads. r=ckerschb
authorJonathan Kingston <jkt@mozilla.com>
Mon, 05 Nov 2018 14:03:47 +0000
changeset 444440 37a86a55e3a841c50d9e05fbf29e2aa3ed040a2e
parent 444439 2ba386c0e0818739b4a7145b74f9343e4d978e7c
child 444441 a97a8001f82a602dffba5b758618a4f9a84bbd75
push id109593
push usernbeleuzu@mozilla.com
push dateMon, 05 Nov 2018 21:54:22 +0000
treeherdermozilla-inbound@c58b8835f297 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1490257 - Add triggeringPrincipal to missing cpp loads. r=ckerschb Depends on D10883 Differential Revision: https://phabricator.services.mozilla.com/D10884
--- a/dom/plugins/base/nsPluginInstanceOwner.cpp
+++ b/dom/plugins/base/nsPluginInstanceOwner.cpp
@@ -45,16 +45,17 @@ using mozilla::DefaultXDisplay;
 #include "nsIScrollableFrame.h"
 #include "nsIDocShell.h"
 #include "ImageContainer.h"
 #include "GLContext.h"
 #include "EGLUtils.h"
 #include "nsIContentInlines.h"
 #include "mozilla/MiscEvents.h"
 #include "mozilla/MouseEvents.h"
+#include "mozilla/NullPrincipal.h"
 #include "mozilla/TextEvents.h"
 #include "mozilla/dom/DragEvent.h"
 #include "mozilla/dom/Element.h"
 #include "mozilla/dom/Event.h"
 #include "mozilla/dom/HTMLObjectElementBinding.h"
 #include "mozilla/dom/TabChild.h"
 #include "mozilla/dom/WheelEventBinding.h"
 #include "nsFrameSelection.h"
@@ -477,16 +478,18 @@ NS_IMETHODIMP nsPluginInstanceOwner::Get
   // that security check succeeds. Please note that we do not want to
   // fall back to using the systemPrincipal, because that would also
   // bypass ContentPolicy checks which should still be enforced.
   nsCOMPtr<nsIPrincipal> triggeringPrincipal;
   if (!aDoCheckLoadURIChecks) {
     mozilla::OriginAttributes attrs =
     triggeringPrincipal = BasePrincipal::CreateCodebasePrincipal(uri, attrs);
+  } else {
+    triggeringPrincipal = NullPrincipal::CreateWithInheritedAttributes(content->NodePrincipal());
   rv = lh->OnLinkClick(content, uri, unitarget.get(), VoidString(),
                        aPostStream, headersDataStream,
                        /* isUserTriggered */ false,
                        /* isTrusted */ true, triggeringPrincipal);
   return rv;
--- a/toolkit/components/windowwatcher/nsWindowWatcher.cpp
+++ b/toolkit/components/windowwatcher/nsWindowWatcher.cpp
@@ -55,16 +55,17 @@
 #include "nsIPresShell.h"
 #include "nsPresContext.h"
 #include "nsContentUtils.h"
 #include "nsIPrefBranch.h"
 #include "nsIPrefService.h"
 #include "nsSandboxFlags.h"
 #include "nsSimpleEnumerator.h"
 #include "mozilla/CheckedInt.h"
+#include "mozilla/NullPrincipal.h"
 #include "mozilla/Preferences.h"
 #include "mozilla/dom/Element.h"
 #include "mozilla/dom/Storage.h"
 #include "mozilla/dom/ScriptSettings.h"
 #include "mozilla/dom/TabParent.h"
 #include "mozilla/dom/DocGroup.h"
 #include "mozilla/dom/TabGroup.h"
 #include "nsIXULWindow.h"
@@ -1028,19 +1029,20 @@ nsWindowWatcher::OpenWindowInternal(mozI
   // Now we have to set the right opener principal on the new window.  Note
   // that we have to do this _before_ starting any URI loads, thanks to the
   // sync nature of javascript: loads.
   // Note: The check for the current JSContext isn't necessarily sensical.
   // It's just designed to preserve old semantics during a mass-conversion
   // patch.
+  // Bug 1498605 verify usages of systemPrincipal here
   nsCOMPtr<nsIPrincipal> subjectPrincipal =
     nsContentUtils::GetCurrentJSContext() ? nsContentUtils::SubjectPrincipal() :
-                                            nullptr;
+                                            nsContentUtils::GetSystemPrincipal();
   bool isPrivateBrowsingWindow = false;
   if (windowIsNew) {
     auto* docShell = static_cast<nsDocShell*>(newDocShell.get());
     // If this is not a chrome docShell, we apply originAttributes from the
     // subjectPrincipal unless if it's an expanded or system principal.