Bug 774585: Make about: redirectors reset channel owner to null rather than set an explicit principal so that we'll go through the normal code paths in GetChannelPrincipal. r=bz
authorJonas Sicking <jonas@sicking.cc>
Tue, 17 Jul 2012 22:22:19 -0700
changeset 99633 096a755c48ea881f63dd8a8ff4ab0876b2933fa9
parent 99632 41f4bdd4b6bdadd2c91f9ee75a01ee1229f721ac
child 99634 ebfa4531ca576c06aae15472202578910e2e0aa0
push id1
push userroot
push dateMon, 20 Oct 2014 17:29:22 +0000
reviewersbz
bugs774585
milestone17.0a1
Bug 774585: Make about: redirectors reset channel owner to null rather than set an explicit principal so that we'll go through the normal code paths in GetChannelPrincipal. r=bz
browser/components/about/AboutRedirector.cpp
docshell/base/nsAboutRedirector.cpp
mobile/android/components/AboutRedirector.js
mobile/xul/components/AboutRedirector.js
services/sync/Weave.js
--- a/browser/components/about/AboutRedirector.cpp
+++ b/browser/components/about/AboutRedirector.cpp
@@ -116,25 +116,20 @@ AboutRedirector::NewChannel(nsIURI *aURI
       rv = ioService->NewChannel(nsDependentCString(kRedirMap[i].url),
                                  nsnull, nsnull, getter_AddRefs(tempChannel));
       NS_ENSURE_SUCCESS(rv, rv);
 
       tempChannel->SetOriginalURI(aURI);
 
       // Keep the page from getting unnecessary privileges unless it needs them
       if (kRedirMap[i].flags & nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT) {
-        nsCOMPtr<nsIScriptSecurityManager> securityManager =
-          do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
-        NS_ENSURE_SUCCESS(rv, rv);
-
-        nsCOMPtr<nsIPrincipal> principal;
-        rv = securityManager->GetCodebasePrincipal(aURI, getter_AddRefs(principal));
-        NS_ENSURE_SUCCESS(rv, rv);
-
-        rv = tempChannel->SetOwner(principal);
+        // Setting the owner to null means that we'll go through the normal
+        // path in GetChannelPrincipal and create a codebase principal based
+        // on the channel's originalURI
+        rv = tempChannel->SetOwner(nsnull);
         NS_ENSURE_SUCCESS(rv, rv);
       }
 
       NS_ADDREF(*result = tempChannel);
       return rv;
     }
   }
 
--- a/docshell/base/nsAboutRedirector.cpp
+++ b/docshell/base/nsAboutRedirector.cpp
@@ -96,27 +96,20 @@ nsAboutRedirector::NewChannel(nsIURI *aU
                 return rv;
 
             tempChannel->SetOriginalURI(aURI);
 
             // Keep the page from getting unnecessary privileges unless it needs them
             if (kRedirMap[i].flags &
                 nsIAboutModule::URI_SAFE_FOR_UNTRUSTED_CONTENT)
             {
-                nsCOMPtr<nsIScriptSecurityManager> securityManager = 
-                         do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
-                if (NS_FAILED(rv))
-                    return rv;
-            
-                nsCOMPtr<nsIPrincipal> principal;
-                rv = securityManager->GetCodebasePrincipal(aURI, getter_AddRefs(principal));
-                if (NS_FAILED(rv))
-                    return rv;
-            
-                rv = tempChannel->SetOwner(principal);
+                // Setting the owner to null means that we'll go through the normal
+                // path in GetChannelPrincipal and create a codebase principal based
+                // on the channel's originalURI
+                rv = tempChannel->SetOwner(nsnull);
                 if (NS_FAILED(rv))
                     return rv;
             }
 
             NS_ADDREF(*result = tempChannel);
             return rv;
         }
     }
--- a/mobile/android/components/AboutRedirector.js
+++ b/mobile/android/components/AboutRedirector.js
@@ -89,21 +89,20 @@ AboutRedirector.prototype = {
     let moduleInfo = this._getModuleInfo(aURI);
 
     var ios = Cc["@mozilla.org/network/io-service;1"].
               getService(Ci.nsIIOService);
 
     var channel = ios.newChannel(moduleInfo.uri, null, null);
     
     if (!moduleInfo.privileged) {
-      // drop chrome privileges
-      let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"].
-                   getService(Ci.nsIScriptSecurityManager);
-      let principal = secMan.getCodebasePrincipal(aURI);
-      channel.owner = principal;
+      // Setting the owner to null means that we'll go through the normal
+      // path in GetChannelPrincipal and create a codebase principal based
+      // on the channel's originalURI
+      channel.owner = null;
     }
 
     channel.originalURI = aURI;
 
     return channel;
   }
 };
 
--- a/mobile/xul/components/AboutRedirector.js
+++ b/mobile/xul/components/AboutRedirector.js
@@ -63,20 +63,20 @@ AboutGeneric.prototype = {
     let moduleInfo = this._getModuleInfo(aURI);
 
     var ios = Cc["@mozilla.org/network/io-service;1"].
               getService(Ci.nsIIOService);
 
     var channel = ios.newChannel(moduleInfo.uri, null, null);
     
     if (!moduleInfo.privileged) {
-      let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"].
-                   getService(Ci.nsIScriptSecurityManager);
-      let principal = secMan.getCodebasePrincipal(aURI);
-      channel.owner = principal;
+      // Setting the owner to null means that we'll go through the normal
+      // path in GetChannelPrincipal and create a codebase principal based
+      // on the channel's originalURI
+      channel.owner = null;
     }
 
     channel.originalURI = aURI;
 
     return channel;
   }
 };
 
--- a/services/sync/Weave.js
+++ b/services/sync/Weave.js
@@ -54,20 +54,18 @@ AboutWeaveLog.prototype = {
   },
 
   newChannel: function(aURI) {
     let dir = FileUtils.getDir("ProfD", ["weave", "logs"], true);
     let uri = Services.io.newFileURI(dir);
     let channel = Services.io.newChannelFromURI(uri);
     channel.originalURI = aURI;
 
-    // Ensure that the about page has the same privileges as a regular directory
-    // view. That way links to files can be opened.
-    let ssm = Cc["@mozilla.org/scriptsecuritymanager;1"]
-                .getService(Ci.nsIScriptSecurityManager);
-    let principal = ssm.getCodebasePrincipal(uri);
-    channel.owner = principal;
+    // Setting the owner to null means that we'll go through the normal
+    // path in GetChannelPrincipal and create a codebase principal based
+    // on the channel's originalURI
+    channel.owner = null;
     return channel;
   }
 };
 
 const components = [WeaveService, AboutWeaveLog];
 const NSGetFactory = XPCOMUtils.generateNSGetFactory(components);