Backed out changeset 4757e1fd407f (bug 1594781) for failing wpt at iframe_sandbox_popups_escaping-1.html on a CLOSED TREE
authorAndreea Pavel <apavel@mozilla.com>
Wed, 20 Nov 2019 07:26:52 +0200
changeset 502765 92870dfc6e6af378334dcd4c530108664dbe7092
parent 502764 086ad9237960b735c7be2923513a613d5962d339
child 502766 dafab8054c071653c676b4cb7879e72fe40b8737
push id36823
push usermalexandru@mozilla.com
push dateWed, 20 Nov 2019 09:47:58 +0000
treeherdermozilla-central@79821df17239 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
bugs1594781
milestone72.0a1
backs out4757e1fd407f45ec26f80eed77a030919023a66b
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Backed out changeset 4757e1fd407f (bug 1594781) for failing wpt at iframe_sandbox_popups_escaping-1.html on a CLOSED TREE
caps/BasePrincipal.cpp
caps/BasePrincipal.h
caps/nsIPrincipal.idl
dom/base/nsGlobalWindowOuter.cpp
--- a/caps/BasePrincipal.cpp
+++ b/caps/BasePrincipal.cpp
@@ -19,18 +19,16 @@
 #include "nsServiceManagerUtils.h"
 #include "nsAboutProtocolUtils.h"
 #include "ThirdPartyUtil.h"
 #include "mozilla/ContentPrincipal.h"
 #include "mozilla/NullPrincipal.h"
 #include "mozilla/dom/BlobURLProtocolHandler.h"
 #include "mozilla/dom/ChromeUtils.h"
 #include "mozilla/dom/ToJSValue.h"
-#include "mozilla/Components.h"
-#include "nsIURIFixup.h"
 
 #include "json/json.h"
 #include "nsSerializationHelper.h"
 
 namespace mozilla {
 
 BasePrincipal::BasePrincipal(PrincipalKind aKind)
     : mKind(aKind), mHasExplicitDomain(false), mInitialized(false) {}
@@ -307,27 +305,16 @@ BasePrincipal::EqualsConsideringDomain(n
   NS_ENSURE_ARG_POINTER(aOther);
 
   *aResult = FastEqualsConsideringDomain(aOther);
 
   return NS_OK;
 }
 
 NS_IMETHODIMP
-BasePrincipal::EqualsURI(nsIURI* aOtherURI, bool* aResult) {
-  *aResult = false;
-  nsCOMPtr<nsIURI> prinURI;
-  nsresult rv = GetURI(getter_AddRefs(prinURI));
-  if (NS_FAILED(rv) || !prinURI) {
-    return NS_OK;
-  }
-  return prinURI->EqualsExceptRef(aOtherURI, aResult);
-}
-
-NS_IMETHODIMP
 BasePrincipal::Subsumes(nsIPrincipal* aOther, bool* aResult) {
   NS_ENSURE_ARG_POINTER(aOther);
 
   *aResult = FastSubsumes(aOther);
 
   return NS_OK;
 }
 
@@ -443,40 +430,16 @@ BasePrincipal::GetAsciiSpec(nsACString& 
   nsresult rv = GetURI(getter_AddRefs(prinURI));
   if (NS_FAILED(rv) || !prinURI) {
     return NS_OK;
   }
   return prinURI->GetAsciiSpec(aSpec);
 }
 
 NS_IMETHODIMP
-BasePrincipal::GetExposablePrePath(nsACString& aPrepath) {
-  aPrepath.Truncate();
-  nsCOMPtr<nsIURI> prinURI;
-  nsresult rv = GetURI(getter_AddRefs(prinURI));
-  if (NS_FAILED(rv) || !prinURI) {
-    return NS_OK;
-  }
-
-  nsCOMPtr<nsIURIFixup> fixup(components::URIFixup::Service());
-  nsCOMPtr<nsIURIFixup> urifixup = services::GetURIFixup();
-  if (NS_WARN_IF(!urifixup)) {
-    return NS_OK;
-  }
-
-  nsCOMPtr<nsIURI> fixedURI;
-  rv = fixup->CreateExposableURI(prinURI, getter_AddRefs(fixedURI));
-
-  if (NS_FAILED(rv) || NS_WARN_IF(!fixedURI)) {
-    return NS_OK;
-  }
-  return fixedURI->GetDisplayPrePath(aPrepath);
-}
-
-NS_IMETHODIMP
 BasePrincipal::GetIsSystemPrincipal(bool* aResult) {
   *aResult = IsSystemPrincipal();
   return NS_OK;
 }
 
 NS_IMETHODIMP
 BasePrincipal::GetIsAddonOrExpandedAddonPrincipal(bool* aResult) {
   *aResult = AddonPolicy() || ContentScriptAddonPolicy();
--- a/caps/BasePrincipal.h
+++ b/caps/BasePrincipal.h
@@ -99,17 +99,16 @@ class BasePrincipal : public nsJSPrincip
   };
   bool Subsumes(nsIPrincipal* aOther,
                 DocumentDomainConsideration aConsideration);
 
   NS_IMETHOD GetOrigin(nsACString& aOrigin) final;
   NS_IMETHOD GetOriginNoSuffix(nsACString& aOrigin) final;
   NS_IMETHOD Equals(nsIPrincipal* other, bool* _retval) final;
   NS_IMETHOD EqualsConsideringDomain(nsIPrincipal* other, bool* _retval) final;
-  NS_IMETHOD EqualsURI(nsIURI* aOtherURI, bool* _retval) override;
   NS_IMETHOD Subsumes(nsIPrincipal* other, bool* _retval) final;
   NS_IMETHOD SubsumesConsideringDomain(nsIPrincipal* other,
                                        bool* _retval) final;
   NS_IMETHOD SubsumesConsideringDomainIgnoringFPD(nsIPrincipal* other,
                                                   bool* _retval) final;
   NS_IMETHOD CheckMayLoad(nsIURI* uri, bool report,
                           bool allowIfInheritsPrincipal) final;
   NS_IMETHOD GetAddonPolicy(nsISupports** aResult) final;
@@ -119,17 +118,16 @@ class BasePrincipal : public nsJSPrincip
   NS_IMETHOD GetIsSystemPrincipal(bool* aResult) override;
   NS_IMETHOD SchemeIs(const char* aScheme, bool* aResult) override;
   NS_IMETHOD IsURIInPrefList(const char* aPref, bool* aResult) override;
   NS_IMETHOD GetAboutModuleFlags(uint32_t* flags) override;
   NS_IMETHOD GetIsAddonOrExpandedAddonPrincipal(bool* aResult) override;
   NS_IMETHOD GetOriginAttributes(JSContext* aCx,
                                  JS::MutableHandle<JS::Value> aVal) final;
   NS_IMETHOD GetAsciiSpec(nsACString& aSpec) override;
-  NS_IMETHOD GetExposablePrePath(nsACString& aResult) override;
   NS_IMETHOD GetOriginSuffix(nsACString& aOriginSuffix) final;
   NS_IMETHOD GetIsInIsolatedMozBrowserElement(
       bool* aIsInIsolatedMozBrowserElement) final;
   NS_IMETHOD GetUserContextId(uint32_t* aUserContextId) final;
   NS_IMETHOD GetPrivateBrowsingId(uint32_t* aPrivateBrowsingId) final;
   NS_IMETHOD GetSiteOrigin(nsACString& aOrigin) override;
   NS_IMETHOD IsThirdPartyURI(nsIURI* uri, bool* aRes) override;
   NS_IMETHOD IsThirdPartyPrincipal(nsIPrincipal* uri, bool* aRes) override;
--- a/caps/nsIPrincipal.idl
+++ b/caps/nsIPrincipal.idl
@@ -61,21 +61,16 @@ interface nsIPrincipal : nsISerializable
      */
     boolean equalsConsideringDomain(in nsIPrincipal other);
 
     %{C++
       DECL_FAST_INLINE_HELPER(Equals)
       DECL_FAST_INLINE_HELPER(EqualsConsideringDomain)
     %}
 
-    /*
-    * Returns whether the Principals URI is equal to the other URI
-    */
-    boolean EqualsURI(in nsIURI aOtherURI);
-
     /**
      * Returns a hash value for the principal.
      */
     [notxpcom, nostdcall] readonly attribute unsigned long hashValue;
 
     /**
      * The principal URI to which this principal pertains.  This is
      * generally the document URI.
@@ -209,21 +204,16 @@ interface nsIPrincipal : nsISerializable
       * Might return the empty string, e.g. for the case of
       * a SystemPrincipal or an EpxandedPrincipal.
       *
       * WARNING: DO NOT USE FOR SECURITY CHECKS.
       * just for logging purposes!
      */
      readonly attribute ACString AsciiSpec;
 
-    /* Returns the Pre Path of the Principals URI with
-    * user:pass stripped for privacy and spoof prevention
-    */
-    readonly attribute ACString ExposablePrePath;
-
     /**
     * Checks if the Principal's URI Scheme matches with the parameter
     *
     * @param scheme    The scheme to be checked
     */
     boolean schemeIs(in string scheme);
 
     // Nicer, C++ Callable Version of SchemeIs
--- a/dom/base/nsGlobalWindowOuter.cpp
+++ b/dom/base/nsGlobalWindowOuter.cpp
@@ -3617,19 +3617,17 @@ Maybe<CSSIntSize> nsGlobalWindowOuter::G
   // and divide by the full zoom. "Unscaled" in this case means unscaled
   // from device to screen but it has been affected (multipled) by the
   // full zoom and we need to compensate for that.
   MOZ_RELEASE_ASSERT(NS_IsMainThread());
 
   // Bug 1576256: This does not work for cross-process subframes.
   const Document* topInProcessContentDoc =
       aDocument.GetTopLevelContentDocument();
-  BrowsingContext* bc = topInProcessContentDoc
-                            ? topInProcessContentDoc->GetBrowsingContext()
-                            : nullptr;
+  BrowsingContext* bc = topInProcessContentDoc ? topInProcessContentDoc->GetBrowsingContext() : nullptr;
   if (bc && bc->InRDMPane()) {
     nsIDocShell* docShell = topInProcessContentDoc->GetDocShell();
     if (docShell) {
       nsPresContext* presContext = docShell->GetPresContext();
       if (presContext) {
         nsCOMPtr<nsIBrowserChild> child = docShell->GetBrowserChild();
         if (child) {
           // We intentionally use GetFullZoom here instead of
@@ -4581,23 +4579,44 @@ void nsGlobalWindowOuter::MakeScriptDial
     nsAString& aOutTitle, nsIPrincipal* aSubjectPrincipal) {
   MOZ_ASSERT(aSubjectPrincipal);
 
   aOutTitle.Truncate();
 
   // Try to get a host from the running principal -- this will do the
   // right thing for javascript: and data: documents.
 
-  nsAutoCString prepath;
-  nsresult rv = aSubjectPrincipal->GetExposablePrePath(prepath);
-  if (NS_SUCCEEDED(rv) && !prepath.IsEmpty()) {
-    NS_ConvertUTF8toUTF16 ucsPrePath(prepath);
-    nsContentUtils::FormatLocalizedString(
-        aOutTitle, nsContentUtils::eCOMMON_DIALOG_PROPERTIES,
-        "ScriptDlgHeading", ucsPrePath);
+  nsCOMPtr<nsIURI> uri;
+  nsresult rv = aSubjectPrincipal->GetURI(getter_AddRefs(uri));
+  if (NS_SUCCEEDED(rv) && uri) {
+    // remove user:pass for privacy and spoof prevention
+
+    nsCOMPtr<nsIURIFixup> fixup(components::URIFixup::Service());
+    if (fixup) {
+      nsCOMPtr<nsIURI> fixedURI;
+      rv = fixup->CreateExposableURI(uri, getter_AddRefs(fixedURI));
+      if (NS_SUCCEEDED(rv) && fixedURI) {
+        nsAutoCString host;
+        fixedURI->GetHost(host);
+
+        if (!host.IsEmpty()) {
+          // if this URI has a host we'll show it. For other
+          // schemes (e.g. file:) we fall back to the localized
+          // generic string
+
+          nsAutoCString prepath;
+          fixedURI->GetDisplayPrePath(prepath);
+
+          NS_ConvertUTF8toUTF16 ucsPrePath(prepath);
+          nsContentUtils::FormatLocalizedString(
+              aOutTitle, nsContentUtils::eCOMMON_DIALOG_PROPERTIES,
+              "ScriptDlgHeading", ucsPrePath);
+        }
+      }
+    }
   }
 
   if (aOutTitle.IsEmpty()) {
     // We didn't find a host so use the generic heading
     nsContentUtils::GetLocalizedString(
         nsContentUtils::eCOMMON_DIALOG_PROPERTIES, "ScriptDlgGenericHeading",
         aOutTitle);
   }
@@ -5571,19 +5590,23 @@ bool nsGlobalWindowOuter::SameLoadingURI
   nsCOMPtr<nsIPrincipal> channelLoadingPrincipal =
       channelLoadInfo->LoadingPrincipal();
   if (!channelLoadingPrincipal) {
     // TYPE_DOCUMENT loads will not have a channelLoadingPrincipal. But top
     // level loads should not be blocked by Tracking Protection, so we will
     // return false
     return false;
   }
+  nsCOMPtr<nsIURI> channelLoadingURI;
+  channelLoadingPrincipal->GetURI(getter_AddRefs(channelLoadingURI));
+  if (!channelLoadingURI) {
+    return false;
+  }
   bool equals = false;
-  nsresult rv = channelLoadingPrincipal->EqualsURI(docURI, &equals);
-
+  nsresult rv = docURI->EqualsExceptRef(channelLoadingURI, &equals);
   return NS_SUCCEEDED(rv) && equals;
 }
 
 // static
 bool nsGlobalWindowOuter::CanSetProperty(const char* aPrefName) {
   // Chrome can set any property.
   if (nsContentUtils::LegacyIsCallerChromeOrNativeCode()) {
     return true;
@@ -5851,21 +5874,24 @@ bool nsGlobalWindowOuter::GatherPostMess
     nsIGlobalObject* global = GetIncumbentGlobal();
     NS_ASSERTION(global, "Why is there no global object?");
     callerPrin = global->PrincipalOrNull();
   }
   if (!callerPrin) {
     return false;
   }
 
-  if (callerPrin->GetIsContentPrincipal()) {
+  nsCOMPtr<nsIURI> callerOuterURI;
+  if (NS_FAILED(callerPrin->GetURI(getter_AddRefs(callerOuterURI)))) {
+    return false;
+  }
+
+  if (callerOuterURI) {
     // if the principal has a URI, use that to generate the origin
-    nsAutoCString asciiOrigin;
-    callerPrin->GetOrigin(asciiOrigin);
-    aOrigin = NS_ConvertUTF8toUTF16(asciiOrigin);
+    nsContentUtils::GetUTFOrigin(callerPrin, aOrigin);
   } else if (callerInnerWin) {
     if (!*aCallerDocumentURI) {
       return false;
     }
     // otherwise use the URI of the document to generate origin
     nsContentUtils::GetUTFOrigin(*aCallerDocumentURI, aOrigin);
   } else {
     // in case of a sandbox with a system principal origin can be empty
@@ -5932,21 +5958,23 @@ bool nsGlobalWindowOuter::GetPrincipalFo
   }
   // "*" indicates no specific origin is required.
   else if (!aTargetOrigin.EqualsASCII("*")) {
     OriginAttributes attrs = aSubjectPrincipal.OriginAttributesRef();
     if (aSubjectPrincipal.IsSystemPrincipal()) {
       auto principal = BasePrincipal::Cast(GetPrincipal());
 
       if (attrs != principal->OriginAttributesRef()) {
+        nsCOMPtr<nsIURI> targetURI;
         nsAutoCString targetURL;
         nsAutoCString sourceOrigin;
         nsAutoCString targetOrigin;
 
-        if (NS_FAILED(principal->GetAsciiSpec(targetURL)) ||
+        if (NS_FAILED(principal->GetURI(getter_AddRefs(targetURI))) ||
+            NS_FAILED(targetURI->GetAsciiSpec(targetURL)) ||
             NS_FAILED(principal->GetOrigin(targetOrigin)) ||
             NS_FAILED(aSubjectPrincipal.GetOrigin(sourceOrigin))) {
           NS_WARNING("Failed to get source and target origins");
           return false;
         }
 
         nsContentUtils::LogSimpleConsoleError(
             NS_ConvertUTF8toUTF16(nsPrintfCString(