Bug 1308688 Expose mozAddonManager allowed hosts to chrome r=bkelly
authorAndrew Swan <aswan@mozilla.com>
Fri, 28 Oct 2016 14:39:18 -0700
changeset 324669 dfb42f181ef9ada2ebce56d4f1beb0eb857b5487
parent 324668 e03405f37349a36b8329d63c48e5c9815be20c32
child 324670 72ff2080ca120c16fd3b035c54b9ae8957fe83ed
push id84467
push useraswan@mozilla.com
push dateTue, 29 Nov 2016 19:55:39 +0000
treeherdermozilla-inbound@72ff2080ca12 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbkelly
bugs1308688
milestone53.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1308688 Expose mozAddonManager allowed hosts to chrome r=bkelly MozReview-Commit-ID: JI3qMmCtYFT
dom/bindings/Bindings.conf
dom/webidl/AddonManager.webidl
toolkit/mozapps/extensions/AddonManagerWebAPI.cpp
toolkit/mozapps/extensions/AddonManagerWebAPI.h
--- a/dom/bindings/Bindings.conf
+++ b/dom/bindings/Bindings.conf
@@ -48,16 +48,21 @@
 # descriptor to use when generating that interface's binding.
 
 DOMInterfaces = {
 
 'AbstractWorker': {
     'concrete': False
 },
 
+'AddonManagerPermissions': {
+    'wrapperCache': False,
+    'concrete': False
+},
+
 'AnimationEffectReadOnly': {
     'concrete': False
 },
 
 'AnimationTimeline': {
     'concrete': False
 },
 
--- a/dom/webidl/AddonManager.webidl
+++ b/dom/webidl/AddonManager.webidl
@@ -78,8 +78,14 @@ interface AddonManager : EventTarget {
   Promise<AddonInstall> createInstall(optional addonInstallOptions options);
 
   /* Hooks for managing event listeners */
   [ChromeOnly]
   void eventListenerWasAdded(DOMString type);
   [ChromeOnly]
   void eventListenerWasRemoved(DOMString type);
 };
+
+[ChromeOnly,Exposed=System,HeaderFile="mozilla/AddonManagerWebAPI.h"]
+interface AddonManagerPermissions {
+  static boolean isHostPermitted(DOMString host);
+};
+
--- a/toolkit/mozapps/extensions/AddonManagerWebAPI.cpp
+++ b/toolkit/mozapps/extensions/AddonManagerWebAPI.cpp
@@ -13,57 +13,62 @@
 #include "nsGlobalWindow.h"
 
 #include "nsIDocShell.h"
 #include "nsIScriptObjectPrincipal.h"
 
 namespace mozilla {
 using namespace mozilla::dom;
 
+static bool
+IsValidHost(const nsACString& host) {
+  if (host.Equals("addons.mozilla.org") ||
+      host.Equals("discovery.addons.mozilla.org") ||
+      host.Equals("testpilot.firefox.com")) {
+    return true;
+  }
+
+  // When testing allow access to the developer sites.
+  if (Preferences::GetBool("extensions.webapi.testing", false)) {
+    if (host.LowerCaseEqualsLiteral("addons.allizom.org") ||
+        host.LowerCaseEqualsLiteral("discovery.addons.allizom.org") ||
+        host.LowerCaseEqualsLiteral("addons-dev.allizom.org") ||
+        host.LowerCaseEqualsLiteral("discovery.addons-dev.allizom.org") ||
+        host.LowerCaseEqualsLiteral("testpilot.stage.mozaws.net") ||
+        host.LowerCaseEqualsLiteral("testpilot.dev.mozaws.net") ||
+        host.LowerCaseEqualsLiteral("example.com")) {
+      return true;
+    }
+  }
+
+  return false;
+}
+
 // Checks if the given uri is secure and matches one of the hosts allowed to
 // access the API.
 bool
 AddonManagerWebAPI::IsValidSite(nsIURI* uri)
 {
   if (!uri) {
     return false;
   }
 
   bool isSecure;
   nsresult rv = uri->SchemeIs("https", &isSecure);
   if (NS_FAILED(rv) || !isSecure) {
     return false;
   }
 
-  nsCString host;
+  nsAutoCString host;
   rv = uri->GetHost(host);
   if (NS_FAILED(rv)) {
     return false;
   }
 
-  if (host.Equals("addons.mozilla.org") ||
-      host.Equals("discovery.addons.mozilla.org") ||
-      host.Equals("testpilot.firefox.com")) {
-    return true;
-  }
-
-  // When testing allow access to the developer sites.
-  if (Preferences::GetBool("extensions.webapi.testing", false)) {
-    if (host.Equals("addons.allizom.org") ||
-        host.Equals("discovery.addons.allizom.org") ||
-        host.Equals("addons-dev.allizom.org") ||
-        host.Equals("discovery.addons-dev.allizom.org") ||
-        host.Equals("testpilot.stage.mozaws.net") ||
-        host.Equals("testpilot.dev.mozaws.net") ||
-        host.Equals("example.com")) {
-      return true;
-    }
-  }
-
-  return false;
+  return IsValidHost(host);
 }
 
 bool
 AddonManagerWebAPI::IsAPIEnabled(JSContext* cx, JSObject* obj)
 {
   nsGlobalWindow* global = xpc::WindowGlobalOrNull(obj);
   if (!global) {
     return false;
@@ -131,9 +136,20 @@ AddonManagerWebAPI::IsAPIEnabled(JSConte
 
     win = doc->GetInnerWindow();
   }
 
   // Found a document with no inner window, don't grant access to the API.
   return false;
 }
 
+namespace dom {
+
+bool
+AddonManagerPermissions::IsHostPermitted(const GlobalObject& /*unused*/, const nsAString& host)
+{
+  return IsValidHost(NS_ConvertUTF16toUTF8(host));
+}
+
+} // namespace mozilla::dom
+
+
 } // namespace mozilla
--- a/toolkit/mozapps/extensions/AddonManagerWebAPI.h
+++ b/toolkit/mozapps/extensions/AddonManagerWebAPI.h
@@ -14,11 +14,20 @@ namespace mozilla {
 class AddonManagerWebAPI {
 public:
   static bool IsAPIEnabled(JSContext* cx, JSObject* obj);
 
 private:
   static bool IsValidSite(nsIURI* uri);
 };
 
+namespace dom {
+
+class AddonManagerPermissions {
+public:
+  static bool IsHostPermitted(const GlobalObject&, const nsAString& host);
+};
+
+} // namespace mozilla::dom
+
 } // namespace mozilla
 
 #endif // addonmanagerwebapi_h_