| author | Mounir Lamouri <mounir.lamouri@gmail.com> |
| Thu, 23 Aug 2012 11:35:54 -0700 | |
| changeset 103226 | 4e0bd449dcb19b9b12bb8c42a0fe2d0f4684ed89 |
| parent 103225 | ebe6e3330f6384dec428eecc7950ea72e0790d2f |
| child 103227 | 13c586b3c010fc9ddfce4e19a7b26e07e73eccc9 |
| push id | 13890 |
| push user | ryanvm@gmail.com |
| push date | Thu, 23 Aug 2012 23:50:55 +0000 |
| treeherder | mozilla-inbound@e137f28dfe70 [default view] [failures only] |
| perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
| reviewers | sicking |
| bugs | 777072 |
| milestone | 17.0a1 |
| first release with | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
| last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
--- a/extensions/cookie/nsPermissionManager.cpp +++ b/extensions/cookie/nsPermissionManager.cpp @@ -18,16 +18,17 @@ #include "nsIIDNService.h" #include "nsAppDirectoryServiceDefs.h" #include "prprf.h" #include "mozilla/storage.h" #include "mozilla/Attributes.h" #include "nsXULAppAPI.h" #include "nsIPrincipal.h" #include "nsContentUtils.h" +#include "nsIScriptSecurityManager.h" static nsPermissionManager *gPermissionManager = nullptr; using mozilla::dom::ContentParent; using mozilla::dom::ContentChild; using mozilla::unused; // ha! static bool @@ -478,57 +479,63 @@ nsPermissionManager::CreateTable() NS_IMETHODIMP nsPermissionManager::Add(nsIURI *aURI, const char *aType, uint32_t aPermission, uint32_t aExpireType, int64_t aExpireTime) { - ENSURE_NOT_CHILD_PROCESS; - NS_ENSURE_ARG_POINTER(aURI); - NS_ENSURE_ARG_POINTER(aType); - NS_ENSURE_TRUE(aExpireType == nsIPermissionManager::EXPIRE_NEVER || - aExpireType == nsIPermissionManager::EXPIRE_TIME || - aExpireType == nsIPermissionManager::EXPIRE_SESSION, - NS_ERROR_INVALID_ARG); - nsresult rv; + nsCOMPtr<nsIPrincipal> principal; + nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); + MOZ_ASSERT(secMan, "No security manager!?"); - // Skip addition if the permission is already expired. - if (aExpireType == nsIPermissionManager::EXPIRE_TIME && - aExpireTime <= PR_Now() / 1000) - return NS_OK; - - nsCAutoString host; - rv = GetHost(aURI, host); + nsresult rv = secMan->GetNoAppCodebasePrincipal(aURI, getter_AddRefs(principal)); NS_ENSURE_SUCCESS(rv, rv); - return AddInternal(host, nsDependentCString(aType), aPermission, 0, - aExpireType, aExpireTime, eNotify, eWriteToDB); + return AddFromPrincipal(principal, aType, aPermission, aExpireType, aExpireTime); } NS_IMETHODIMP nsPermissionManager::AddFromPrincipal(nsIPrincipal* aPrincipal, const char* aType, uint32_t aPermission, uint32_t aExpireType, int64_t aExpireTime) { + ENSURE_NOT_CHILD_PROCESS; NS_ENSURE_ARG_POINTER(aPrincipal); + NS_ENSURE_ARG_POINTER(aType); + NS_ENSURE_TRUE(aExpireType == nsIPermissionManager::EXPIRE_NEVER || + aExpireType == nsIPermissionManager::EXPIRE_TIME || + aExpireType == nsIPermissionManager::EXPIRE_SESSION, + NS_ERROR_INVALID_ARG); + + // Skip addition if the permission is already expired. + if (aExpireType == nsIPermissionManager::EXPIRE_TIME && + aExpireTime <= (PR_Now() / 1000)) { + return NS_OK; + } // We don't add the system principal because it actually has no URI and we // always allow action for them. if (nsContentUtils::IsSystemPrincipal(aPrincipal)) { return NS_OK; } nsCOMPtr<nsIURI> uri; - aPrincipal->GetURI(getter_AddRefs(uri)); + nsresult rv = aPrincipal->GetURI(getter_AddRefs(uri)); + NS_ENSURE_SUCCESS(rv, rv); - return Add(uri, aType, aPermission, aExpireType, aExpireTime); + nsCAutoString host; + rv = GetHost(uri, host); + NS_ENSURE_SUCCESS(rv, rv); + + return AddInternal(host, nsDependentCString(aType), aPermission, 0, + aExpireType, aExpireTime, eNotify, eWriteToDB); } nsresult nsPermissionManager::AddInternal(const nsAFlatCString &aHost, const nsAFlatCString &aType, uint32_t aPermission, int64_t aID, uint32_t aExpireType, @@ -684,53 +691,64 @@ nsPermissionManager::AddInternal(const n return NS_OK; } NS_IMETHODIMP nsPermissionManager::Remove(const nsACString &aHost, const char *aType) { + nsCOMPtr<nsIPrincipal> principal; + nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); + MOZ_ASSERT(secMan, "No security manager!?"); + + nsCOMPtr<nsIURI> uri; + // NOTE: we use "http://" as a protocal but we will just use the host so it + // doesn't really matter. + NS_NewURI(getter_AddRefs(uri), NS_LITERAL_CSTRING("http://") + aHost); + + nsresult rv = secMan->GetNoAppCodebasePrincipal(uri, getter_AddRefs(principal)); + NS_ENSURE_SUCCESS(rv, rv); + + return RemoveFromPrincipal(principal, aType); +} + +NS_IMETHODIMP +nsPermissionManager::RemoveFromPrincipal(nsIPrincipal* aPrincipal, + const char* aType) +{ ENSURE_NOT_CHILD_PROCESS; - + NS_ENSURE_ARG_POINTER(aPrincipal); NS_ENSURE_ARG_POINTER(aType); + // System principals are never added to the database, no need to remove them. + if (nsContentUtils::IsSystemPrincipal(aPrincipal)) { + return NS_OK; + } + + nsCOMPtr<nsIURI> uri; + nsresult rv = aPrincipal->GetURI(getter_AddRefs(uri)); + NS_ENSURE_SUCCESS(rv, rv); + + nsCAutoString host; + rv = GetHost(uri, host); + NS_ENSURE_SUCCESS(rv, rv); + // AddInternal() handles removal, just let it do the work - return AddInternal(PromiseFlatCString(aHost), + return AddInternal(PromiseFlatCString(host), nsDependentCString(aType), nsIPermissionManager::UNKNOWN_ACTION, 0, nsIPermissionManager::EXPIRE_NEVER, 0, eNotify, eWriteToDB); } NS_IMETHODIMP -nsPermissionManager::RemoveFromPrincipal(nsIPrincipal* aPrincipal, - const char* aType) -{ - NS_ENSURE_ARG_POINTER(aPrincipal); - - // System principals are never added to the database, no need to remove them. - if (nsContentUtils::IsSystemPrincipal(aPrincipal)) { - return NS_OK; - } - - nsCOMPtr<nsIURI> uri; - aPrincipal->GetURI(getter_AddRefs(uri)); - NS_ENSURE_TRUE(uri, NS_ERROR_FAILURE); - - nsCAutoString host; - uri->GetHost(host); - - return Remove(host, aType); -} - -NS_IMETHODIMP nsPermissionManager::RemoveAll() { ENSURE_NOT_CHILD_PROCESS; return RemoveAllInternal(true); } void nsPermissionManager::CloseDB(bool aRebuildOnSuccess) @@ -781,25 +799,59 @@ nsPermissionManager::RemoveAllInternal(b return NS_OK; } NS_IMETHODIMP nsPermissionManager::TestExactPermission(nsIURI *aURI, const char *aType, uint32_t *aPermission) { - return CommonTestPermission(aURI, aType, aPermission, true); + nsCOMPtr<nsIPrincipal> principal; + nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); + MOZ_ASSERT(secMan, "No security manager!?"); + + nsresult rv = secMan->GetNoAppCodebasePrincipal(aURI, getter_AddRefs(principal)); + NS_ENSURE_SUCCESS(rv, rv); + + return TestExactPermissionFromPrincipal(principal, aType, aPermission); +} + +NS_IMETHODIMP +nsPermissionManager::TestExactPermissionFromPrincipal(nsIPrincipal* aPrincipal, + const char* aType, + uint32_t* aPermission) +{ + NS_ENSURE_ARG_POINTER(aPrincipal); + + // System principals do not have URI so we can't try to get + // retro-compatibility here. + if (nsContentUtils::IsSystemPrincipal(aPrincipal)) { + *aPermission = nsIPermissionManager::ALLOW_ACTION; + return NS_OK; + } + + nsCOMPtr<nsIURI> uri; + aPrincipal->GetURI(getter_AddRefs(uri)); + + return CommonTestPermission(uri, aType, aPermission, true); } NS_IMETHODIMP nsPermissionManager::TestPermission(nsIURI *aURI, const char *aType, uint32_t *aPermission) { - return CommonTestPermission(aURI, aType, aPermission, false); + nsCOMPtr<nsIPrincipal> principal; + nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); + MOZ_ASSERT(secMan, "No security manager!?"); + + nsresult rv = secMan->GetNoAppCodebasePrincipal(aURI, getter_AddRefs(principal)); + NS_ENSURE_SUCCESS(rv, rv); + + return TestPermissionFromPrincipal(principal, aType, aPermission); } NS_IMETHODIMP nsPermissionManager::TestPermissionFromPrincipal(nsIPrincipal* aPrincipal, const char* aType, uint32_t* aPermission) { NS_ENSURE_ARG_POINTER(aPrincipal); @@ -809,37 +861,17 @@ nsPermissionManager::TestPermissionFromP if (nsContentUtils::IsSystemPrincipal(aPrincipal)) { *aPermission = nsIPermissionManager::ALLOW_ACTION; return NS_OK; } nsCOMPtr<nsIURI> uri; aPrincipal->GetURI(getter_AddRefs(uri)); - return TestPermission(uri, aType, aPermission); -} - -NS_IMETHODIMP -nsPermissionManager::TestExactPermissionFromPrincipal(nsIPrincipal* aPrincipal, - const char* aType, - uint32_t* aPermission) -{ - NS_ENSURE_ARG_POINTER(aPrincipal); - - // System principals do not have URI so we can't try to get - // retro-compatibility here. - if (nsContentUtils::IsSystemPrincipal(aPrincipal)) { - *aPermission = nsIPermissionManager::ALLOW_ACTION; - return NS_OK; - } - - nsCOMPtr<nsIURI> uri; - aPrincipal->GetURI(getter_AddRefs(uri)); - - return TestExactPermission(uri, aType, aPermission); + return CommonTestPermission(uri, aType, aPermission, false); } nsresult nsPermissionManager::CommonTestPermission(nsIURI *aURI, const char *aType, uint32_t *aPermission, bool aExactHostMatch) {