Bug 795275 - Clean up isSystemOnlyAccessPermitted. r=mrbkap
authorBobby Holley <bobbyholley@gmail.com>
Wed, 03 Oct 2012 11:44:18 +0200
changeset 109029 00d03da9049aaaf8527e604070109a1e4f36cc3e
parent 109028 dd85a91c7ad69ea8e857668add82dc2307c5e592
child 109030 fb8bb92771523f9a59d125b6775b403ef7a29906
push id23602
push useremorley@mozilla.com
push dateWed, 03 Oct 2012 12:57:12 +0000
treeherdermozilla-central@5ac283a12f02 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmrbkap
bugs795275
milestone18.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 795275 - Clean up isSystemOnlyAccessPermitted. r=mrbkap A lot of this stuff can be simplified now, and we can stop using the deprecated APIs.
js/xpconnect/wrappers/AccessCheck.cpp
--- a/js/xpconnect/wrappers/AccessCheck.cpp
+++ b/js/xpconnect/wrappers/AccessCheck.cpp
@@ -255,50 +255,28 @@ AccessCheck::isCrossOriginAccessPermitte
     }
 
     return IsWindow(name) && IsFrameId(cx, obj, id);
 }
 
 bool
 AccessCheck::isSystemOnlyAccessPermitted(JSContext *cx)
 {
-    nsIScriptSecurityManager *ssm = XPCWrapper::GetSecurityManager();
-    if (!ssm) {
+    MOZ_ASSERT(cx == nsContentUtils::GetCurrentJSContext());
+    if (callerIsChrome())
         return true;
-    }
-
-    JSStackFrame *fp;
-    nsIPrincipal *principal = ssm->GetCxSubjectPrincipalAndFrame(cx, &fp);
-    if (!principal) {
-        return false;
-    }
-
-    JSScript *script = nullptr;
-    if (fp) {
-      script = JS_GetFrameScript(cx, fp);
-    } else {
-        if (!JS_DescribeScriptedCaller(cx, &script, nullptr)) {
-            // No code at all is running. So we must be arriving here as the result
-            // of C++ code asking us to do something. Allow access.
-            return true;
-        }
-    }
-
-    bool privileged;
-    if (NS_SUCCEEDED(ssm->IsSystemPrincipal(principal, &privileged)) &&
-        privileged) {
-        return true;
-    }
 
     // Allow any code loaded from chrome://global/ to touch us, even if it was
     // cloned into a less privileged context.
+    JSScript *script;
+    if (!JS_DescribeScriptedCaller(cx, &script, nullptr) || !script)
+        return false;
     static const char prefix[] = "chrome://global/";
     const char *filename;
-    if (script &&
-        (filename = JS_GetScriptFilename(cx, script)) &&
+    if ((filename = JS_GetScriptFilename(cx, script)) &&
         !strncmp(filename, prefix, ArrayLength(prefix) - 1)) {
         return true;
     }
 
     return false;
 }
 
 bool