Bug 1182610 - Check for UNKNOWN_APP_ID in nsIPrincipal::GetOrigin. r=gabor
authorBobby Holley <bobbyholley@gmail.com>
Wed, 15 Jul 2015 14:50:12 -0700
changeset 253306 806ec30c5992b87c5ae9c26849935361debfd062
parent 253305 3a1822dd5a487dfc9fb71d1fcc3484fbf4419df2
child 253307 eb26fd0f023c45111cb73966d3e1fafb6f74ee75
push id29065
push userryanvm@gmail.com
push dateFri, 17 Jul 2015 14:26:32 +0000
treeherdermozilla-central@911935404233 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgabor
bugs1182610
milestone42.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1182610 - Check for UNKNOWN_APP_ID in nsIPrincipal::GetOrigin. r=gabor
caps/BasePrincipal.cpp
caps/tests/unit/test_origin.js
--- a/caps/BasePrincipal.cpp
+++ b/caps/BasePrincipal.cpp
@@ -151,16 +151,25 @@ BasePrincipal::BasePrincipal()
 BasePrincipal::~BasePrincipal()
 {}
 
 NS_IMETHODIMP
 BasePrincipal::GetOrigin(nsACString& aOrigin)
 {
   nsresult rv = GetOriginInternal(aOrigin);
   NS_ENSURE_SUCCESS(rv, rv);
+
+  // OriginAttributes::CreateSuffix asserts against UNKNOWN_APP_ID. It's trivial
+  // to trigger this getter from script on such a principal, so we handle it
+  // here at the API entry point.
+  if (mOriginAttributes.mAppId == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
+    NS_WARNING("Refusing to provide canonical origin string to principal with UNKNOWN_APP_ID");
+    return NS_ERROR_FAILURE;
+  }
+
   nsAutoCString suffix;
   mOriginAttributes.CreateSuffix(suffix);
   aOrigin.Append(suffix);
   return NS_OK;
 }
 
 NS_IMETHODIMP
 BasePrincipal::GetOriginNoSuffix(nsACString& aOrigin)
--- a/caps/tests/unit/test_origin.js
+++ b/caps/tests/unit/test_origin.js
@@ -88,16 +88,20 @@ function run_test() {
   checkOriginAttributes(exampleCom_appBrowser, {appId: 42, inBrowser: true}, '!appId=42&inBrowser=1');
   do_check_eq(exampleCom_appBrowser.origin, 'https://www.example.com:123!appId=42&inBrowser=1');
 
   // Addon.
   var exampleOrg_addon = ssm.createCodebasePrincipal(makeURI('http://example.org'), {addonId: 'dummy'});
   checkOriginAttributes(exampleOrg_addon, { addonId: "dummy" }, '!addonId=dummy');
   do_check_eq(exampleOrg_addon.origin, 'http://example.org!addonId=dummy');
 
+  // Make sure that we refuse to create .origin for principals with UNKNOWN_APP_ID.
+  var simplePrin = ssm.getSimpleCodebasePrincipal(makeURI('http://example.com'));
+  try { simplePrin.origin; do_check_true(false); } catch (e) { do_check_true(true); }
+
   // Check that all of the above are cross-origin.
   checkCrossOrigin(exampleOrg_app, exampleOrg);
   checkCrossOrigin(exampleOrg_app, nullPrin_app);
   checkCrossOrigin(exampleOrg_browser, exampleOrg_app);
   checkCrossOrigin(exampleOrg_browser, nullPrin_browser);
   checkCrossOrigin(exampleOrg_appBrowser, exampleOrg_app);
   checkCrossOrigin(exampleOrg_appBrowser, nullPrin_appBrowser);
   checkCrossOrigin(exampleOrg_appBrowser, exampleCom_appBrowser);