Bug 1233885 - fix up docInfo and permission manager to use default user context. r=sicking
authorDave Huseby <dhuseby@mozilla.com>
Sat, 26 Mar 2016 15:07:00 +0100
changeset 295799 6cd8c193328d7cdae0686d7e5783351a09c773e6
parent 295798 d6cca05b4e9f604666a209b671f2faf10206a4f6
child 295800 83e7a178b8263c3b4dc3ef7fb19c3f29efc6b31a
push id76093
push usercbook@mozilla.com
push dateTue, 03 May 2016 08:38:16 +0000
treeherdermozilla-inbound@6cd8c193328d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerssicking
bugs1233885
milestone49.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1233885 - fix up docInfo and permission manager to use default user context. r=sicking (HEAD -> oa, refs/patches/oa/Bug_1233885) fix up docInfo and permission manager to use default user context
browser/base/content/content.js
browser/base/content/pageinfo/pageInfo.js
browser/base/content/pageinfo/permissions.js
extensions/cookie/nsPermissionManager.cpp
netwerk/base/nsIPermission.idl
--- a/browser/base/content/content.js
+++ b/browser/base/content/content.js
@@ -1014,16 +1014,17 @@ var PageInfoListener = {
     let docInfo = {};
     docInfo.title = document.title;
     docInfo.location = document.location.toString();
     docInfo.referrer = document.referrer;
     docInfo.compatMode = document.compatMode;
     docInfo.contentType = document.contentType;
     docInfo.characterSet = document.characterSet;
     docInfo.lastModified = document.lastModified;
+    docInfo.principal = document.nodePrincipal;
 
     let documentURIObject = {};
     documentURIObject.spec = document.documentURIObject.spec;
     documentURIObject.originCharset = document.documentURIObject.originCharset;
     docInfo.documentURIObject = documentURIObject;
 
     docInfo.isContentWindowPrivate = PrivateBrowsingUtils.isContentWindowPrivate(content);
 
--- a/browser/base/content/pageinfo/pageInfo.js
+++ b/browser/base/content/pageinfo/pageInfo.js
@@ -370,29 +370,30 @@ function loadPageInfo(frameOuterWindowID
   // Get initial pageInfoData needed to display the general, feeds, permission and security tabs.
   mm.addMessageListener("PageInfo:data", function onmessage(message) {
     mm.removeMessageListener("PageInfo:data", onmessage);
     pageInfoData = message.data;
     let docInfo = pageInfoData.docInfo;
     let windowInfo = pageInfoData.windowInfo;
     let uri = makeURI(docInfo.documentURIObject.spec,
                       docInfo.documentURIObject.originCharset);
+    let principal = docInfo.principal;
     gDocInfo = docInfo;
 
     gImageElement = pageInfoData.imageInfo;
 
     var titleFormat = windowInfo.isTopWindow ? "pageInfo.page.title"
                                              : "pageInfo.frame.title";
     document.title = gBundle.getFormattedString(titleFormat, [docInfo.location]);
 
     document.getElementById("main-window").setAttribute("relatedUrl", docInfo.location);
 
     makeGeneralTab(pageInfoData.metaViewRows, docInfo);
     initFeedTab(pageInfoData.feeds);
-    onLoadPermission(uri);
+    onLoadPermission(uri, principal);
     securityOnLoad(uri, windowInfo);
   });
 
   // Get the media elements from content script to setup the media tab.
   mm.addMessageListener("PageInfo:mediaData", function onmessage(message) {
     // Page info window was closed.
     if (window.closed) {
       mm.removeMessageListener("PageInfo:mediaData", onmessage);
--- a/browser/base/content/pageinfo/permissions.js
+++ b/browser/base/content/pageinfo/permissions.js
@@ -3,16 +3,17 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 Components.utils.import("resource:///modules/SitePermissions.jsm");
 Components.utils.import("resource://gre/modules/BrowserUtils.jsm");
 
 const nsIQuotaManagerService = Components.interfaces.nsIQuotaManagerService;
 
 var gPermURI;
+var gPermPrincipal;
 var gUsageRequest;
 
 var gPermissions = SitePermissions.listPermissions();
 gPermissions.push("plugins");
 
 var permissionObserver = {
   observe: function (aSubject, aTopic, aData)
   {
@@ -23,21 +24,22 @@ var permissionObserver = {
           initRow(permission.type);
         else if (permission.type.startsWith("plugin"))
           setPluginsRadioState();
       }
     }
   }
 };
 
-function onLoadPermission(uri)
+function onLoadPermission(uri, principal)
 {
   var permTab = document.getElementById("permTab");
   if (SitePermissions.isSupportedURI(uri)) {
     gPermURI = uri;
+    gPermPrincipal = principal;
     var hostText = document.getElementById("hostText");
     hostText.value = gPermURI.prePath;
 
     for (var i of gPermissions)
       initRow(i);
     var os = Components.classes["@mozilla.org/observer-service;1"]
                        .getService(Components.interfaces.nsIObserverService);
     os.addObserver(permissionObserver, "perm-changed", false);
@@ -184,40 +186,33 @@ function initIndexedDBRow()
   let row = document.getElementById("perm-indexedDB-row");
   let extras = document.getElementById("perm-indexedDB-extras");
 
   row.appendChild(extras);
 
   var quotaManagerService =
     Components.classes["@mozilla.org/dom/quota-manager-service;1"]
               .getService(nsIQuotaManagerService);
-  let principal = Components.classes["@mozilla.org/scriptsecuritymanager;1"]
-                            .getService(Components.interfaces.nsIScriptSecurityManager)
-                            .createCodebasePrincipal(gPermURI, {});
   gUsageRequest =
-    quotaManagerService.getUsageForPrincipal(principal,
+    quotaManagerService.getUsageForPrincipal(gPermPrincipal,
                                              onIndexedDBUsageCallback);
 
   var status = document.getElementById("indexedDBStatus");
   var button = document.getElementById("indexedDBClear");
 
   status.value = "";
   status.setAttribute("hidden", "true");
   button.setAttribute("hidden", "true");
 }
 
 function onIndexedDBClear()
 {
-  let principal = Components.classes["@mozilla.org/scriptsecuritymanager;1"]
-                            .getService(Components.interfaces.nsIScriptSecurityManager)
-                            .createCodebasePrincipal(gPermURI, {});
-
   Components.classes["@mozilla.org/dom/quota-manager-service;1"]
             .getService(nsIQuotaManagerService)
-            .clearStoragesForPrincipal(principal);
+            .clearStoragesForPrincipal(gPermPrincipal);
 
   Components.classes["@mozilla.org/serviceworkers/manager;1"]
             .getService(Components.interfaces.nsIServiceWorkerManager)
             .removeAndPropagate(gPermURI.host);
 
   SitePermissions.remove(gPermURI, "indexedDB");
   initIndexedDBRow();
 }
--- a/extensions/cookie/nsPermissionManager.cpp
+++ b/extensions/cookie/nsPermissionManager.cpp
@@ -107,16 +107,19 @@ nsresult
 GetPrincipalFromOrigin(const nsACString& aOrigin, nsIPrincipal** aPrincipal)
 {
   nsAutoCString originNoSuffix;
   mozilla::PrincipalOriginAttributes attrs;
   if (!attrs.PopulateFromOrigin(aOrigin, originNoSuffix)) {
     return NS_ERROR_FAILURE;
   }
 
+  // set to default to disable user context isolation for permissions
+  attrs.mUserContextId = nsIScriptSecurityManager::DEFAULT_USER_CONTEXT_ID;
+
   nsCOMPtr<nsIURI> uri;
   nsresult rv = NS_NewURI(getter_AddRefs(uri), originNoSuffix);
   NS_ENSURE_SUCCESS(rv, rv);
 
   nsCOMPtr<nsIPrincipal> principal = mozilla::BasePrincipal::CreateCodebasePrincipal(uri, attrs);
   principal.forget(aPrincipal);
   return NS_OK;
 }
@@ -2160,18 +2163,24 @@ nsPermissionManager::GetPermissionHashKe
     }
 
     rv = newURI->SetHost(domain);
     if (NS_FAILED(rv)) {
       return nullptr;
     }
 
     // Copy the attributes over
-    mozilla::PrincipalOriginAttributes attrs = mozilla::BasePrincipal::Cast(aPrincipal)->OriginAttributesRef();
-    nsCOMPtr<nsIPrincipal> principal = mozilla::BasePrincipal::CreateCodebasePrincipal(newURI, attrs);
+    mozilla::PrincipalOriginAttributes attrs =
+      mozilla::BasePrincipal::Cast(aPrincipal)->OriginAttributesRef();
+
+    // ensure that the user context isolation is disabled
+    attrs.mUserContextId = nsIScriptSecurityManager::DEFAULT_USER_CONTEXT_ID;
+
+    nsCOMPtr<nsIPrincipal> principal =
+      mozilla::BasePrincipal::CreateCodebasePrincipal(newURI, attrs);
 
     return GetPermissionHashKey(principal, aType, aExactHostMatch);
   }
 
   // No entry, really...
   return nullptr;
 }
 
--- a/netwerk/base/nsIPermission.idl
+++ b/netwerk/base/nsIPermission.idl
@@ -59,17 +59,17 @@ interface nsIPermission : nsISupports
      *                   If false, subdomains will also be searched,
      *                   @see nsIPermissionManager::testPermission.
      */
     boolean matches(in nsIPrincipal principal,
                     in boolean exactHost);
 
     /**
      * Test whether a URI would be affected by this permission.
-     * This performs a matches with a NO_APP_ID identifier.
+     * NOTE: This performs matches with default origin attribute values.
      *
      * @param uri        the uri to test
      * @param exactHost  If true, only the specific host will be matched,
      *                   @see nsIPermissionManager::testExactPermission.
      *                   If false, subdomains will also be searched,
      *                   @see nsIPermissionManager::testPermission.
      */
     boolean matchesURI(in nsIURI uri,