Bug 952192 - getObjectPrincipal should be script callable. r=bholley
authorGabor Krizsanits <gkrizsanits@mozilla.com>
Thu, 09 Jan 2014 15:28:46 +0100
changeset 162705 595fd5dfbb5af57801b27ae3ea475aa21d146991
parent 162704 fdc99101203985da7abef6679591a6997836dfa6
child 162706 22c11c35d1a341d85af0e8925ff371f7b95401c3
push id38278
push usergkrizsanits@mozilla.com
push dateThu, 09 Jan 2014 14:31:56 +0000
treeherdermozilla-inbound@595fd5dfbb5a [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbholley
bugs952192
milestone29.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 952192 - getObjectPrincipal should be script callable. r=bholley
caps/idl/nsIScriptSecurityManager.idl
caps/src/nsScriptSecurityManager.cpp
js/xpconnect/loader/mozJSSubScriptLoader.cpp
js/xpconnect/src/XPCWrappedJSClass.cpp
js/xpconnect/tests/unit/test_getObjectPrincipal.js
js/xpconnect/tests/unit/xpcshell.ini
--- a/caps/idl/nsIScriptSecurityManager.idl
+++ b/caps/idl/nsIScriptSecurityManager.idl
@@ -6,17 +6,17 @@
 #include "nsISupports.idl"
 #include "nsIPrincipal.idl"
 #include "nsIXPCSecurityManager.idl"
 interface nsIURI;
 interface nsIChannel;
 interface nsIDocShell;
 interface nsIDomainPolicy;
 
-[scriptable, uuid(2911ae60-1b5f-47e6-941e-1bb7b53a167d)]
+[scriptable, uuid(712aa338-50a1-497b-be6f-dc3d97867c01)]
 interface nsIScriptSecurityManager : nsIXPCSecurityManager
 {
     ///////////////// Security Checks //////////////////
     /**
      * Checks whether the running script is allowed to access aProperty.
      */
     [noscript] void checkPropertyAccess(in JSContextPtr aJSContext,
                                         in JSObjectPtr aJSObject,
@@ -155,22 +155,20 @@ interface nsIScriptSecurityManager : nsI
 
     /**
      * Legacy name for getNoAppCodebasePrincipal.
      *
      * @deprecated use getNoAppCodebasePrincipal instead.
      */
     [deprecated] nsIPrincipal getCodebasePrincipal(in nsIURI uri);
 
-    ///////////////////////
     /**
      * Return the principal of the specified object in the specified context.
      */
-    [noscript] nsIPrincipal getObjectPrincipal(in JSContextPtr cx,
-                                               in JSObjectPtr obj);
+    [implicit_jscontext] nsIPrincipal getObjectPrincipal(in jsval aObject);
 
     /**
      * Returns true if the principal of the currently running script is the
      * system principal, false otherwise.
      */
     [noscript] boolean subjectPrincipalIsSystem();
 
     /**
--- a/caps/src/nsScriptSecurityManager.cpp
+++ b/caps/src/nsScriptSecurityManager.cpp
@@ -1482,24 +1482,24 @@ nsScriptSecurityManager::GetSubjectPrinc
     // or the one associated with its global.
     MOZ_ASSERT(!!compartment);
 
     JSPrincipals *principals = JS_GetCompartmentPrincipals(compartment);
     return nsJSPrincipals::get(principals);
 }
 
 NS_IMETHODIMP
-nsScriptSecurityManager::GetObjectPrincipal(JSContext *aCx, JSObject *aObj,
+nsScriptSecurityManager::GetObjectPrincipal(const JS::Value &aObjectVal,
+                                            JSContext *aCx,
                                             nsIPrincipal **result)
 {
-    JS::Rooted<JSObject*> obj(aCx, aObj);
-    *result = doGetObjectPrincipal(obj);
-    if (!*result)
-        return NS_ERROR_FAILURE;
-    NS_ADDREF(*result);
+    NS_ENSURE_TRUE(aObjectVal.isObject(), NS_ERROR_FAILURE);
+    JS::RootedObject obj(aCx, &aObjectVal.toObject());
+    nsCOMPtr<nsIPrincipal> principal = doGetObjectPrincipal(obj);
+    principal.forget(result);
     return NS_OK;
 }
 
 // static
 nsIPrincipal*
 nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj)
 {
     JSCompartment *compartment = js::GetObjectCompartment(aObj);
--- a/js/xpconnect/loader/mozJSSubScriptLoader.cpp
+++ b/js/xpconnect/loader/mozJSSubScriptLoader.cpp
@@ -253,25 +253,18 @@ mozJSSubScriptLoader::DoLoadSubScriptWit
     // Remember an object out of the calling compartment so that we
     // can properly wrap the result later.
     nsCOMPtr<nsIPrincipal> principal = mSystemPrincipal;
     RootedObject result_obj(cx, targetObj);
     targetObj = JS_FindCompilationScope(cx, targetObj);
     if (!targetObj)
         return NS_ERROR_FAILURE;
 
-    if (targetObj != result_obj) {
-        nsCOMPtr<nsIScriptSecurityManager> secman =
-            do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID);
-        if (!secman)
-            return NS_ERROR_FAILURE;
-
-        rv = secman->GetObjectPrincipal(cx, targetObj, getter_AddRefs(principal));
-        NS_ENSURE_SUCCESS(rv, rv);
-    }
+    if (targetObj != result_obj)
+        principal = GetObjectPrincipal(targetObj);
 
     JSAutoCompartment ac(cx, targetObj);
 
     /* load up the url.  From here on, failures are reflected as ``custom''
      * js exceptions */
     nsCOMPtr<nsIURI> uri;
     nsAutoCString uriStr;
     nsAutoCString scheme;
--- a/js/xpconnect/src/XPCWrappedJSClass.cpp
+++ b/js/xpconnect/src/XPCWrappedJSClass.cpp
@@ -647,24 +647,19 @@ nsXPCWrappedJSClass::DelegatedQueryInter
 
         nsXPConnect *xpc = nsXPConnect::XPConnect();
         nsCOMPtr<nsIScriptSecurityManager> secMan =
             do_QueryInterface(xpc->GetDefaultSecurityManager());
         if (!secMan)
             return NS_NOINTERFACE;
 
         RootedObject selfObj(ccx, self->GetJSObject());
-        nsCOMPtr<nsIPrincipal> objPrin;
-        nsresult rv = secMan->GetObjectPrincipal(ccx, selfObj,
-                                                 getter_AddRefs(objPrin));
-        if (NS_FAILED(rv))
-            return rv;
-
+        nsCOMPtr<nsIPrincipal> objPrin = GetObjectPrincipal(selfObj);
         bool isSystem;
-        rv = secMan->IsSystemPrincipal(objPrin, &isSystem);
+        nsresult rv = secMan->IsSystemPrincipal(objPrin, &isSystem);
         if ((NS_FAILED(rv) || !isSystem) && !IS_WN_REFLECTOR(selfObj)) {
             // A content object.
             nsRefPtr<SameOriginCheckedComponent> checked =
                 new SameOriginCheckedComponent(self);
             if (!checked)
                 return NS_ERROR_OUT_OF_MEMORY;
             *aInstancePtr = checked.forget().get();
             return NS_OK;
new file mode 100644
--- /dev/null
+++ b/js/xpconnect/tests/unit/test_getObjectPrincipal.js
@@ -0,0 +1,6 @@
+function run_test() {
+  var secMan = Components.classes["@mozilla.org/scriptsecuritymanager;1"].getService(
+    Components.interfaces.nsIScriptSecurityManager);
+
+  do_check_true(secMan.isSystemPrincipal(secMan.getObjectPrincipal({})));
+}
--- a/js/xpconnect/tests/unit/xpcshell.ini
+++ b/js/xpconnect/tests/unit/xpcshell.ini
@@ -67,16 +67,17 @@ fail-if = os == "android"
 [test_allowedDomainsXHR.js]
 [test_nuke_sandbox.js]
 [test_sandbox_metadata.js]
 [test_exportFunction.js]
 [test_textDecoder.js]
 [test_url.js]
 [test_sandbox_atob.js]
 [test_isProxy.js]
+[test_getObjectPrincipal.js]
 [test_watchdog_enable.js]
 head = head_watchdog.js
 [test_watchdog_disable.js]
 head = head_watchdog.js
 [test_watchdog_toggle.js]
 head = head_watchdog.js
 [test_watchdog_default.js]
 head = head_watchdog.js