Bug 1297687 - Part 1: Remove nsIScriptSecurityManager.createExpandedPrincipal(); r=bholley
authorEhsan Akhgari <ehsan@mozilla.com>
Wed, 21 Sep 2016 15:37:04 -0400
changeset 314984 adad6bddaa18ff27be6b461a917d2129de8f2f1a
parent 314983 30a689e356c9751258a5ee8fd6b758e43951dd3a
child 314985 52bc3ac33f86732512b547552e12360aa221007c
push id30739
push usercbook@mozilla.com
push dateFri, 23 Sep 2016 10:07:02 +0000
treeherdermozilla-central@9eae36f83dba [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbholley
bugs1297687
milestone52.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1297687 - Part 1: Remove nsIScriptSecurityManager.createExpandedPrincipal(); r=bholley
caps/nsIScriptSecurityManager.idl
caps/nsScriptSecurityManager.cpp
caps/tests/unit/test_origin.js
toolkit/components/extensions/test/xpcshell/test_ext_contexts.js
--- a/caps/nsIScriptSecurityManager.idl
+++ b/caps/nsIScriptSecurityManager.idl
@@ -196,30 +196,16 @@ interface nsIScriptSecurityManager : nsI
      * Returns a unique nonce principal with |originAttributes|.
      * See nsIPrincipal.idl for a description of origin attributes, and
      * ChromeUtils.webidl for a list of origin attributes and their defaults.
      */
     [implicit_jscontext]
     nsIPrincipal createNullPrincipal(in jsval originAttributes);
 
     /**
-     * Creates an expanded principal whose capabilities are the union of the
-     * given principals. An expanded principal has an asymmetric privilege
-     * relationship with its sub-principals (that is to say, it subsumes the
-     * sub-principals, but the sub-principals do not subsume it), even if
-     * there's only one. This presents a legitimate use-case for making an
-     * expanded principal around a single sub-principal, which we do frequently.
-     *
-     * Expanded principals cannot have origin attributes themselves, but rather
-     * have them through their sub-principals - so we don't accept them here.
-     */
-    nsIPrincipal createExpandedPrincipal([array, size_is(aLength)] in nsIPrincipal aPrincipalArray,
-                                         [optional] in unsigned long aLength);
-
-    /**
      * Returns OK if aSourceURI and target have the same "origin"
      * (scheme, host, and port).
      * ReportError flag suppresses error reports for functions that
      * don't need reporting.
      */
     void checkSameOriginURI(in nsIURI aSourceURI,
                             in nsIURI aTargetURI,
                             in boolean reportError);
--- a/caps/nsScriptSecurityManager.cpp
+++ b/caps/nsScriptSecurityManager.cpp
@@ -1177,31 +1177,16 @@ nsScriptSecurityManager::CreateNullPrinc
       return NS_ERROR_INVALID_ARG;
   }
   nsCOMPtr<nsIPrincipal> prin = nsNullPrincipal::Create(attrs);
   prin.forget(aPrincipal);
   return NS_OK;
 }
 
 NS_IMETHODIMP
-nsScriptSecurityManager::CreateExpandedPrincipal(nsIPrincipal** aPrincipalArray, uint32_t aLength,
-                                                 nsIPrincipal** aResult)
-{
-  nsTArray<nsCOMPtr<nsIPrincipal>> principals;
-  principals.SetCapacity(aLength);
-  for (uint32_t i = 0; i < aLength; ++i) {
-    principals.AppendElement(aPrincipalArray[i]);
-  }
-
-  nsCOMPtr<nsIPrincipal> p = new nsExpandedPrincipal(principals);
-  p.forget(aResult);
-  return NS_OK;
-}
-
-NS_IMETHODIMP
 nsScriptSecurityManager::GetAppCodebasePrincipal(nsIURI* aURI,
                                                  uint32_t aAppId,
                                                  bool aInIsolatedMozBrowser,
                                                  nsIPrincipal** aPrincipal)
 {
   NS_ENSURE_TRUE(aAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID,
                  NS_ERROR_INVALID_ARG);
 
--- a/caps/tests/unit/test_origin.js
+++ b/caps/tests/unit/test_origin.js
@@ -75,17 +75,17 @@ function run_test() {
   do_check_true(/^moz-nullprincipal:\{([0-9]|[a-z]|\-){36}\}$/.test(nullPrin.origin));
   checkOriginAttributes(nullPrin);
   var ipv6Prin = ssm.createCodebasePrincipal(makeURI('https://[2001:db8::ff00:42:8329]:123'), {});
   do_check_eq(ipv6Prin.origin, 'https://[2001:db8::ff00:42:8329]:123');
   checkOriginAttributes(ipv6Prin);
   var ipv6NPPrin = ssm.createCodebasePrincipal(makeURI('https://[2001:db8::ff00:42:8329]'), {});
   do_check_eq(ipv6NPPrin.origin, 'https://[2001:db8::ff00:42:8329]');
   checkOriginAttributes(ipv6NPPrin);
-  var ep = ssm.createExpandedPrincipal([exampleCom, nullPrin, exampleOrg]);
+  var ep = Cu.getObjectPrincipal(Cu.Sandbox([exampleCom, nullPrin, exampleOrg]));
   checkOriginAttributes(ep);
   checkCrossOrigin(exampleCom, exampleOrg);
   checkCrossOrigin(exampleOrg, nullPrin);
 
   // nsEP origins should be in lexical order.
   do_check_eq(ep.origin, `[Expanded Principal [${exampleOrg.origin}, ${exampleCom.origin}, ${nullPrin.origin}]]`);
 
   // Make sure createCodebasePrincipal does what the rest of gecko does.
@@ -199,17 +199,17 @@ function run_test() {
   function checkKind(prin, kind) {
     do_check_eq(prin.isNullPrincipal, kind == 'nullPrincipal');
     do_check_eq(prin.isCodebasePrincipal, kind == 'codebasePrincipal');
     do_check_eq(prin.isExpandedPrincipal, kind == 'expandedPrincipal');
     do_check_eq(prin.isSystemPrincipal, kind == 'systemPrincipal');
   }
   checkKind(ssm.createNullPrincipal({}), 'nullPrincipal');
   checkKind(ssm.createCodebasePrincipal(makeURI('http://www.example.com'), {}), 'codebasePrincipal');
-  checkKind(ssm.createExpandedPrincipal([ssm.createCodebasePrincipal(makeURI('http://www.example.com'), {})]), 'expandedPrincipal');
+  checkKind(Cu.getObjectPrincipal(Cu.Sandbox([ssm.createCodebasePrincipal(makeURI('http://www.example.com'), {})])), 'expandedPrincipal');
   checkKind(ssm.getSystemPrincipal(), 'systemPrincipal');
 
   //
   // Test Origin Attribute Manipulation
   //
 
   // check that we can create an empty origin attributes dict with default
   // members and values.
--- a/toolkit/components/extensions/test/xpcshell/test_ext_contexts.js
+++ b/toolkit/components/extensions/test/xpcshell/test_ext_contexts.js
@@ -165,17 +165,17 @@ add_task(function* test_stringify_inacce
   let obj = Cu.evalInSandbox("({ local: true, nested: subobj })", sandbox);
   Assert.throws(() => {
     context.jsonStringify(obj);
   });
 });
 
 add_task(function* test_stringify_accessible() {
   // Test that an accessible property from another global is included
-  let principal = ssm.createExpandedPrincipal([PRINCIPAL1, PRINCIPAL2]);
+  let principal = Cu.getObjectPrincipal(Cu.Sandbox([PRINCIPAL1, PRINCIPAL2]));
   let context = new Context(principal);
   let sandbox = context.sandbox;
   let sandbox2 = Cu.Sandbox(PRINCIPAL2);
 
   Cu.waiveXrays(sandbox).subobj = Cu.evalInSandbox("({ subobject: true })", sandbox2);
   let obj = Cu.evalInSandbox("({ local: true, nested: subobj })", sandbox);
   let stringified = context.jsonStringify(obj);