Bug 1387805 - Remove [deprecated] nsIScriptSecurityManager.getCodebasePrincipal(). r=bz
authorMasatoshi Kimura <VYV03354@nifty.ne.jp>
Sun, 06 Aug 2017 15:31:31 +0900
changeset 374125 42cf6375ccfdaabdbbc3e63dc0c3a658fe32f0f4
parent 374124 16f4c4efa1485881bee689a17e654ac39d8627fa
child 374126 fc357f0e9f40448b0d4c8cf95c4020b29198637a
push id32317
push userkwierso@gmail.com
push dateFri, 11 Aug 2017 19:47:12 +0000
treeherdermozilla-central@e7dc8329e2d4 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbz
bugs1387805
milestone57.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1387805 - Remove [deprecated] nsIScriptSecurityManager.getCodebasePrincipal(). r=bz MozReview-Commit-ID: CY47PBaQ5oy
browser/base/content/abouthealthreport/abouthealth.js
caps/nsIScriptSecurityManager.idl
caps/nsScriptSecurityManager.cpp
dom/push/test/xpcshell/test_permissions.js
dom/security/test/gtest/TestCSPParser.cpp
dom/security/test/unit/test_isOriginPotentiallyTrustworthy.js
toolkit/components/extensions/test/mochitest/test_chrome_ext_trustworthy_origin.html
toolkit/components/passwordmgr/InsecurePasswordUtils.jsm
--- a/browser/base/content/abouthealthreport/abouthealth.js
+++ b/browser/base/content/abouthealthreport/abouthealth.js
@@ -100,17 +100,17 @@ var healthReportWrapper = {
     }
 
     let iframe = document.getElementById("remote-report");
     iframe.contentWindow.postMessage(data, reportUrl);
   },
 
   handleRemoteCommand(evt) {
     // Do an origin check to harden against the frame content being loaded from unexpected locations.
-    let allowedPrincipal = Services.scriptSecurityManager.getCodebasePrincipal(this._getReportURI());
+    let allowedPrincipal = Services.scriptSecurityManager.createCodebasePrincipal(this._getReportURI(), {});
     let targetPrincipal = evt.target.nodePrincipal;
     if (!allowedPrincipal.equals(targetPrincipal)) {
       Cu.reportError(`Origin check failed for message "${evt.detail.command}": ` +
                      `target origin is "${targetPrincipal.origin}", expected "${allowedPrincipal.origin}"`);
       return;
     }
 
     switch (evt.detail.command) {
--- a/caps/nsIScriptSecurityManager.idl
+++ b/caps/nsIScriptSecurityManager.idl
@@ -150,23 +150,16 @@ interface nsIScriptSecurityManager : nsI
     /**
      * Returns a principal that has the OriginAttributes of the docshell.
      * @param docShell to get the OriginAttributes from.
      */
     nsIPrincipal getDocShellCodebasePrincipal(in nsIURI uri,
                                               in nsIDocShell docShell);
 
     /**
-     * Legacy method for getting a principal with no origin attributes.
-     *
-     * @deprecated use createCodebasePrincipal instead.
-     */
-    [deprecated] nsIPrincipal getCodebasePrincipal(in nsIURI uri);
-
-    /**
      * Returns a principal whose origin is composed of |uri| and |originAttributes|.
      * See nsIPrincipal.idl for a description of origin attributes, and
      * ChromeUtils.webidl for a list of origin attributes and their defaults.
      */
     [implicit_jscontext]
     nsIPrincipal createCodebasePrincipal(in nsIURI uri, in jsval originAttributes);
 
     /**
--- a/caps/nsScriptSecurityManager.cpp
+++ b/caps/nsScriptSecurityManager.cpp
@@ -1160,27 +1160,16 @@ NS_IMETHODIMP
 nsScriptSecurityManager::GetSystemPrincipal(nsIPrincipal **result)
 {
     NS_ADDREF(*result = mSystemPrincipal);
 
     return NS_OK;
 }
 
 NS_IMETHODIMP
-nsScriptSecurityManager::GetCodebasePrincipal(nsIURI* aURI,
-                                              nsIPrincipal** aPrincipal)
-{
-  OriginAttributes attrs;
-  nsCOMPtr<nsIPrincipal> prin =
-    BasePrincipal::CreateCodebasePrincipal(aURI, attrs);
-  prin.forget(aPrincipal);
-  return *aPrincipal ? NS_OK : NS_ERROR_FAILURE;
-}
-
-NS_IMETHODIMP
 nsScriptSecurityManager::CreateCodebasePrincipal(nsIURI* aURI, JS::Handle<JS::Value> aOriginAttributes,
                                                  JSContext* aCx, nsIPrincipal** aPrincipal)
 {
   OriginAttributes attrs;
   if (!aOriginAttributes.isObject() || !attrs.Init(aCx, aOriginAttributes)) {
       return NS_ERROR_INVALID_ARG;
   }
   nsCOMPtr<nsIPrincipal> prin = BasePrincipal::CreateCodebasePrincipal(aURI, attrs);
--- a/dom/push/test/xpcshell/test_permissions.js
+++ b/dom/push/test/xpcshell/test_permissions.js
@@ -28,18 +28,18 @@ function promiseUnregister(keyID) {
 }
 
 function makePushPermission(url, capability) {
   return {
     QueryInterface: XPCOMUtils.generateQI([Ci.nsIPermission]),
     capability: Ci.nsIPermissionManager[capability],
     expireTime: 0,
     expireType: Ci.nsIPermissionManager.EXPIRE_NEVER,
-    principal: Services.scriptSecurityManager.getCodebasePrincipal(
-      Services.io.newURI(url)
+    principal: Services.scriptSecurityManager.createCodebasePrincipal(
+      Services.io.newURI(url), {}
     ),
     type: 'desktop-notification',
   };
 }
 
 function promiseObserverNotifications(topic, count) {
   let notifiedScopes = [];
   let subChangePromise = promiseObserverNotification(topic, (subject, data) => {
--- a/dom/security/test/gtest/TestCSPParser.cpp
+++ b/dom/security/test/gtest/TestCSPParser.cpp
@@ -20,17 +20,16 @@ class nsAString;
 class nsString;
 class nsCString;
 class nsXPIDLString;
 template<class T> class nsReadingIterator;
 #endif
 
 #include "nsIContentSecurityPolicy.h"
 #include "nsNetUtil.h"
-#include "nsIScriptSecurityManager.h"
 #include "mozilla/dom/nsCSPContext.h"
 #include "nsIPrefService.h"
 #include "nsIPrefBranch.h"
 
 #ifndef MOZILLA_INTERNAL_API
 #undef nsString_h___
 #undef nsAString_h___
 #undef nsReadableUtils_h___
@@ -87,30 +86,27 @@ struct PolicyTest
   char expectedResult[kMaxPolicyLength];
 };
 
 nsresult runTest(uint32_t aExpectedPolicyCount, // this should be 0 for policies which should fail to parse
                  const char* aPolicy,
                  const char* aExpectedResult) {
 
   nsresult rv;
-  nsCOMPtr<nsIScriptSecurityManager> secman =
-    do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
-  NS_ENSURE_SUCCESS(rv, rv);
 
   // we init the csp with http://www.selfuri.com
   nsCOMPtr<nsIURI> selfURI;
   rv = NS_NewURI(getter_AddRefs(selfURI), "http://www.selfuri.com");
   NS_ENSURE_SUCCESS(rv, rv);
 
   nsCOMPtr<nsIPrincipal> selfURIPrincipal;
-  // Can't use BasePrincipal::CreateCodebasePrincipal here
-  // because the symbol is not visible here
-  rv = secman->GetCodebasePrincipal(selfURI, getter_AddRefs(selfURIPrincipal));
-  NS_ENSURE_SUCCESS(rv, rv);
+  mozilla::OriginAttributes attrs;
+  selfURIPrincipal =
+    mozilla::BasePrincipal::CreateCodebasePrincipal(selfURI, attrs);
+  NS_ENSURE_TRUE(selfURIPrincipal, NS_ERROR_FAILURE);
 
   // create a CSP object
   nsCOMPtr<nsIContentSecurityPolicy> csp =
     do_CreateInstance(NS_CSPCONTEXT_CONTRACTID, &rv);
   NS_ENSURE_SUCCESS(rv, rv);
 
   // for testing the parser we only need to set a principal which is needed
   // to translate the keyword 'self' into an actual URI.
--- a/dom/security/test/unit/test_isOriginPotentiallyTrustworthy.js
+++ b/dom/security/test/unit/test_isOriginPotentiallyTrustworthy.js
@@ -33,13 +33,13 @@ add_task(async function test_isOriginPot
     ["moz-extension://", true],
     ["wss://example.com/", true],
     ["about:config", false],
     ["http://example.net/", true],
     ["ws://example.org/", true],
     ["chrome://example.net/content/messenger.xul", false],
   ]) {
     let uri = NetUtil.newURI(uriSpec);
-    let principal = gScriptSecurityManager.getCodebasePrincipal(uri);
+    let principal = gScriptSecurityManager.createCodebasePrincipal(uri, {});
     Assert.equal(gContentSecurityManager.isOriginPotentiallyTrustworthy(principal),
                  expectedResult);
   }
 });
--- a/toolkit/components/extensions/test/mochitest/test_chrome_ext_trustworthy_origin.html
+++ b/toolkit/components/extensions/test/mochitest/test_chrome_ext_trustworthy_origin.html
@@ -39,17 +39,17 @@ add_task(async function() {
   };
 
   let extension = ExtensionTestUtils.loadExtension(extensionData);
   await extension.startup();
 
   let url = await extension.awaitMessage("ready");
 
   let uri = NetUtil.newURI(url);
-  let principal = Services.scriptSecurityManager.getCodebasePrincipal(uri);
+  let principal = Services.scriptSecurityManager.createCodebasePrincipal(uri, {});
   is(gContentSecurityManager.isOriginPotentiallyTrustworthy(principal), true);
 
   await extension.unload();
 });
 </script>
 
 </body>
 </html>
--- a/toolkit/components/passwordmgr/InsecurePasswordUtils.jsm
+++ b/toolkit/components/passwordmgr/InsecurePasswordUtils.jsm
@@ -78,17 +78,17 @@ this.InsecurePasswordUtils = {
    *  isFormSubmitHTTP: if the submit action is an http:// URL
    *  isFormSubmitSecure: if the submit action URL is secure,
    *    either because it is HTTPS or because its origin is considered trustworthy
    */
   _checkFormSecurity(aForm) {
     let isFormSubmitHTTP = false, isFormSubmitSecure = false;
     if (aForm.rootElement instanceof Ci.nsIDOMHTMLFormElement) {
       let uri = Services.io.newURI(aForm.rootElement.action || aForm.rootElement.baseURI);
-      let principal = gScriptSecurityManager.getCodebasePrincipal(uri);
+      let principal = gScriptSecurityManager.createCodebasePrincipal(uri, {});
 
       if (uri.schemeIs("http")) {
         isFormSubmitHTTP = true;
         if (gContentSecurityManager.isOriginPotentiallyTrustworthy(principal)) {
           isFormSubmitSecure = true;
         }
       } else {
         isFormSubmitSecure = true;