Bug 777705 - Default policy for expanded principals. r=mrbkap
authorGabor Krizsanits <gkrizsanits@mozilla.com>
Mon, 20 Aug 2012 11:22:34 -0700
changeset 102827 b48a2499872cb194b54d8b7fc91b8e495396c9a1
parent 102826 f11e42f6678bcb9c0c77c931b437226bd126c6be
child 102828 63a4ad84d4c8e9f8f32bc765a52152dec1200c23
push id23312
push useremorley@mozilla.com
push dateTue, 21 Aug 2012 13:23:13 +0000
treeherdermozilla-central@f9a8fdb08193 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmrbkap
bugs777705
milestone17.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 777705 - Default policy for expanded principals. r=mrbkap
caps/src/nsScriptSecurityManager.cpp
js/xpconnect/tests/unit/test_allowedDomains.js
--- a/caps/src/nsScriptSecurityManager.cpp
+++ b/caps/src/nsScriptSecurityManager.cpp
@@ -841,20 +841,19 @@ nsScriptSecurityManager::CheckPropertyAc
         objectPrincipal = nullptr;
 
         NS_ConvertUTF8toUTF16 className(classInfoData.GetName());
         nsCAutoString subjectOrigin;
         nsCAutoString subjectDomain;
         if (!nsAutoInPrincipalDomainOriginSetter::sInPrincipalDomainOrigin) {
             nsCOMPtr<nsIURI> uri, domain;
             subjectPrincipal->GetURI(getter_AddRefs(uri));
-            // Subject can't be system if we failed the security
-            // check, so |uri| is non-null.
-            NS_ASSERTION(uri, "How did that happen?");
-            GetOriginFromURI(uri, subjectOrigin);
+            if (uri) { // Object principal might be expanded
+                GetOriginFromURI(uri, subjectOrigin);
+            }
             subjectPrincipal->GetDomain(getter_AddRefs(domain));
             if (domain) {
                 GetOriginFromURI(domain, subjectDomain);
             }
         } else {
             subjectOrigin.AssignLiteral("the security manager");
         }
         NS_ConvertUTF8toUTF16 subjectOriginUnicode(subjectOrigin);
@@ -1064,66 +1063,74 @@ nsScriptSecurityManager::LookupPolicy(ns
     }
 
     if (!dpolicy && mOriginToPolicyMap)
     {
         //-- Look up the relevant domain policy, if any
 #ifdef DEBUG_CAPS_LookupPolicy
         printf("DomainLookup ");
 #endif
-
-        nsCAutoString origin;
-        rv = GetPrincipalDomainOrigin(aPrincipal, origin);
-        NS_ENSURE_SUCCESS(rv, rv);
+        if (nsCOMPtr<nsIExpandedPrincipal> exp = do_QueryInterface(aPrincipal)) 
+        {
+            // For expanded principals domain origin is not defined so let's just
+            // use the default policy
+            dpolicy = mDefaultPolicy;
+        }
+        else
+        {
+            nsCAutoString origin;
+            rv = GetPrincipalDomainOrigin(aPrincipal, origin);
+            NS_ENSURE_SUCCESS(rv, rv);
  
-        char *start = origin.BeginWriting();
-        const char *nextToLastDot = nullptr;
-        const char *lastDot = nullptr;
-        const char *colon = nullptr;
-        char *p = start;
-
-        //-- search domain (stop at the end of the string or at the 3rd slash)
-        for (PRUint32 slashes=0; *p; p++)
-        {
-            if (*p == '/' && ++slashes == 3) 
-            {
-                *p = '\0'; // truncate at 3rd slash
-                break;
-            }
-            if (*p == '.')
+            char *start = origin.BeginWriting();
+            const char *nextToLastDot = nullptr;
+            const char *lastDot = nullptr;
+            const char *colon = nullptr;
+            char *p = start;
+
+            //-- search domain (stop at the end of the string or at the 3rd slash)
+            for (PRUint32 slashes=0; *p; p++)
             {
-                nextToLastDot = lastDot;
-                lastDot = p;
-            } 
-            else if (!colon && *p == ':')
-                colon = p;
+                if (*p == '/' && ++slashes == 3) 
+                {
+                    *p = '\0'; // truncate at 3rd slash
+                    break;
+                }
+                if (*p == '.')
+                {
+                    nextToLastDot = lastDot;
+                    lastDot = p;
+                } 
+                else if (!colon && *p == ':')
+                    colon = p;
+            }
+
+            nsCStringKey key(nextToLastDot ? nextToLastDot+1 : start);
+            DomainEntry *de = (DomainEntry*) mOriginToPolicyMap->Get(&key);
+            if (!de)
+            {
+                nsCAutoString scheme(start, colon-start+1);
+                nsCStringKey schemeKey(scheme);
+                de = (DomainEntry*) mOriginToPolicyMap->Get(&schemeKey);
+            }
+
+            while (de)
+            {
+                if (de->Matches(start))
+                {
+                    dpolicy = de->mDomainPolicy;
+                    break;
+                }
+                de = de->mNext;
+            }
+
+            if (!dpolicy)
+                dpolicy = mDefaultPolicy;
         }
 
-        nsCStringKey key(nextToLastDot ? nextToLastDot+1 : start);
-        DomainEntry *de = (DomainEntry*) mOriginToPolicyMap->Get(&key);
-        if (!de)
-        {
-            nsCAutoString scheme(start, colon-start+1);
-            nsCStringKey schemeKey(scheme);
-            de = (DomainEntry*) mOriginToPolicyMap->Get(&schemeKey);
-        }
-
-        while (de)
-        {
-            if (de->Matches(start))
-            {
-                dpolicy = de->mDomainPolicy;
-                break;
-            }
-            de = de->mNext;
-        }
-
-        if (!dpolicy)
-            dpolicy = mDefaultPolicy;
-
         aPrincipal->SetSecurityPolicy((void*)dpolicy);
     }
 
     ClassPolicy* cpolicy = nullptr;
 
     if ((dpolicy == mDefaultPolicy) && aCachedClassPolicy)
     {
         // No per-domain policy for this principal (the more common case)
--- a/js/xpconnect/tests/unit/test_allowedDomains.js
+++ b/js/xpconnect/tests/unit/test_allowedDomains.js
@@ -34,9 +34,13 @@ function run_test() {
     } catch (e) {    
       do_check_true(e.message && e.message.indexOf("Permission denied to access property") != -1);
     }  
   }
   
   evalAndCatch("objC.prop1", sbMaster);
   evalAndCatch("objMaster.prop1", sbA);
   evalAndCatch("objMaster.prop1", sbSubset);
+  
+  // Bug 777705:
+  Components.utils.evalInSandbox("Components.interfaces", sbMaster);
+  do_check_true(true);
 }