Bug 1165162 - Rework the nsIScriptSecurityManager principal-minting API to be originAttributes-centric. r=gabor,r=bholley,sr=sicking
authorBobby Holley <bobbyholley@gmail.com>
Fri, 15 May 2015 13:43:11 -0700
changeset 265899 5bc2395aa7105f2e8b59242c01671f1584f1f4b3
parent 265898 72f81e3ed9aa3c442938803630b82b668c4725cc
child 265900 61aa80fb79b60da9bc895b69b8138bc803049fef
push id2189
push useratolfsen@mozilla.com
push dateThu, 21 May 2015 13:24:13 +0000
reviewersgabor, bholley, sicking
bugs1165162
milestone41.0a1
Bug 1165162 - Rework the nsIScriptSecurityManager principal-minting API to be originAttributes-centric. r=gabor,r=bholley,sr=sicking
caps/BasePrincipal.cpp
caps/BasePrincipal.h
caps/nsIScriptSecurityManager.idl
caps/nsNullPrincipal.h
caps/nsPrincipal.h
caps/nsScriptSecurityManager.cpp
caps/nsScriptSecurityManager.h
dom/webidl/SystemDictionaries.webidl
--- a/caps/BasePrincipal.cpp
+++ b/caps/BasePrincipal.cpp
@@ -3,48 +3,52 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "mozilla/BasePrincipal.h"
 
 #include "nsIObjectInputStream.h"
 #include "nsIObjectOutputStream.h"
+
+#include "nsPrincipal.h"
+#include "nsNetUtil.h"
+#include "nsNullPrincipal.h"
 #include "nsScriptSecurityManager.h"
 
 #include "mozilla/dom/ToJSValue.h"
 
 namespace mozilla {
 
 void
-BasePrincipal::OriginAttributes::CreateSuffix(nsACString& aStr)
+OriginAttributes::CreateSuffix(nsACString& aStr)
 {
   aStr.Truncate();
   MOZ_RELEASE_ASSERT(mAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID);
   int attrCount = 0;
 
   if (mAppId != nsIScriptSecurityManager::NO_APP_ID) {
     aStr.Append(attrCount++ ? "&appId=" : "!appId=");
     aStr.AppendInt(mAppId);
   }
 
   if (mInBrowser) {
     aStr.Append(attrCount++ ? "&inBrowser=1" : "!inBrowser=1");
   }
 }
 
 void
-BasePrincipal::OriginAttributes::Serialize(nsIObjectOutputStream* aStream) const
+OriginAttributes::Serialize(nsIObjectOutputStream* aStream) const
 {
   aStream->Write32(mAppId);
   aStream->WriteBoolean(mInBrowser);
 }
 
 nsresult
-BasePrincipal::OriginAttributes::Deserialize(nsIObjectInputStream* aStream)
+OriginAttributes::Deserialize(nsIObjectInputStream* aStream)
 {
   nsresult rv = aStream->Read32(&mAppId);
   NS_ENSURE_SUCCESS(rv, rv);
 
   rv = aStream->ReadBoolean(&mInBrowser);
   NS_ENSURE_SUCCESS(rv, rv);
 
   return NS_OK;
@@ -174,9 +178,41 @@ BasePrincipal::GetIsInBrowserElement(boo
 
 NS_IMETHODIMP
 BasePrincipal::GetUnknownAppId(bool* aUnknownAppId)
 {
   *aUnknownAppId = AppId() == nsIScriptSecurityManager::UNKNOWN_APP_ID;
   return NS_OK;
 }
 
+already_AddRefed<BasePrincipal>
+BasePrincipal::CreateCodebasePrincipal(nsIURI* aURI, OriginAttributes& aAttrs)
+{
+  // If the URI is supposed to inherit the security context of whoever loads it,
+  // we shouldn't make a codebase principal for it.
+  bool inheritsPrincipal;
+  nsresult rv = NS_URIChainHasFlags(aURI, nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT,
+                                    &inheritsPrincipal);
+  nsCOMPtr<nsIPrincipal> principal;
+  if (NS_FAILED(rv) || inheritsPrincipal) {
+    return nsNullPrincipal::Create();
+  }
+
+  // Check whether the URI knows what its principal is supposed to be.
+  nsCOMPtr<nsIURIWithPrincipal> uriPrinc = do_QueryInterface(aURI);
+  if (uriPrinc) {
+    nsCOMPtr<nsIPrincipal> principal;
+    uriPrinc->GetPrincipal(getter_AddRefs(principal));
+    if (!principal) {
+      return nsNullPrincipal::Create();
+    }
+    nsRefPtr<BasePrincipal> concrete = Cast(principal);
+    return concrete.forget();
+  }
+
+  // Mint a codebase principal.
+  nsRefPtr<nsPrincipal> codebase = new nsPrincipal();
+  rv = codebase->Init(aURI, aAttrs);
+  NS_ENSURE_SUCCESS(rv, nullptr);
+  return codebase.forget();
+}
+
 } // namespace mozilla
--- a/caps/BasePrincipal.h
+++ b/caps/BasePrincipal.h
@@ -13,16 +13,45 @@
 
 #include "mozilla/dom/SystemDictionariesBinding.h"
 
 class nsIObjectOutputStream;
 class nsIObjectInputStream;
 
 namespace mozilla {
 
+class OriginAttributes : public dom::OriginAttributesDictionary
+{
+public:
+  OriginAttributes() {}
+  OriginAttributes(uint32_t aAppId, bool aInBrowser)
+  {
+    mAppId = aAppId;
+    mInBrowser = aInBrowser;
+  }
+
+  bool operator==(const OriginAttributes& aOther) const
+  {
+    return mAppId == aOther.mAppId &&
+           mInBrowser == aOther.mInBrowser;
+  }
+  bool operator!=(const OriginAttributes& aOther) const
+  {
+    return !(*this == aOther);
+  }
+
+  // Serializes non-default values into the suffix format, i.e.
+  // |!key1=value1&key2=value2|. If there are no non-default attributes, this
+  // returns an empty string.
+  void CreateSuffix(nsACString& aStr);
+
+  void Serialize(nsIObjectOutputStream* aStream) const;
+  nsresult Deserialize(nsIObjectInputStream* aStream);
+};
+
 /*
  * Base class from which all nsIPrincipal implementations inherit. Use this for
  * default implementations and other commonalities between principal
  * implementations.
  *
  * We should merge nsJSPrincipals into this class at some point.
  */
 class BasePrincipal : public nsJSPrincipals
@@ -46,43 +75,17 @@ public:
   NS_IMETHOD GetAppStatus(uint16_t* aAppStatus) final;
   NS_IMETHOD GetAppId(uint32_t* aAppStatus) final;
   NS_IMETHOD GetIsInBrowserElement(bool* aIsInBrowserElement) final;
   NS_IMETHOD GetUnknownAppId(bool* aUnknownAppId) final;
 
   virtual bool IsOnCSSUnprefixingWhitelist() override { return false; }
 
   static BasePrincipal* Cast(nsIPrincipal* aPrin) { return static_cast<BasePrincipal*>(aPrin); }
-
-  struct OriginAttributes : public dom::OriginAttributesDictionary {
-    OriginAttributes() {}
-    OriginAttributes(uint32_t aAppId, bool aInBrowser)
-    {
-      mAppId = aAppId;
-      mInBrowser = aInBrowser;
-    }
-
-    bool operator==(const OriginAttributes& aOther) const
-    {
-      return mAppId == aOther.mAppId &&
-             mInBrowser == aOther.mInBrowser;
-    }
-    bool operator!=(const OriginAttributes& aOther) const
-    {
-      return !(*this == aOther);
-    }
-
-    // Serializes non-default values into the suffix format, i.e.
-    // |!key1=value1&key2=value2|. If there are no non-default attributes, this
-    // returns an empty string.
-    void CreateSuffix(nsACString& aStr);
-
-    void Serialize(nsIObjectOutputStream* aStream) const;
-    nsresult Deserialize(nsIObjectInputStream* aStream);
-  };
+  static already_AddRefed<BasePrincipal> CreateCodebasePrincipal(nsIURI* aURI, OriginAttributes& aAttrs);
 
   const OriginAttributes& OriginAttributesRef() { return mOriginAttributes; }
   uint32_t AppId() const { return mOriginAttributes.mAppId; }
   bool IsInBrowserElement() const { return mOriginAttributes.mInBrowser; }
 
 protected:
   virtual ~BasePrincipal() {}
 
--- a/caps/nsIScriptSecurityManager.idl
+++ b/caps/nsIScriptSecurityManager.idl
@@ -21,17 +21,17 @@ class DomainPolicyClone;
 }
 }
 %}
 
 [ptr] native JSContextPtr(JSContext);
 [ptr] native JSObjectPtr(JSObject);
 [ptr] native DomainPolicyClonePtr(mozilla::dom::DomainPolicyClone);
 
-[scriptable, uuid(ba602ca6-dc7a-457e-a57a-ee5b343fd863)]
+[scriptable, uuid(f4c578b8-5bac-4ba1-9582-f1140e09a3b4)]
 interface nsIScriptSecurityManager : nsISupports
 {
     /**
      * For each of these hooks returning NS_OK means 'let the action continue'.
      * Returning an error code means 'veto the action'. XPConnect will return
      * false to the js engine if the action is vetoed. The implementor of this
      * interface is responsible for setting a JS exception into the JSContext
      * if that is appropriate.
@@ -174,23 +174,39 @@ interface nsIScriptSecurityManager : nsI
     /**
      * Returns a principal with that has the same origin as uri and is not part
      * of an appliction.
      * The returned principal will have appId = NO_APP_ID.
      */
     nsIPrincipal getNoAppCodebasePrincipal(in nsIURI uri);
 
     /**
-     * Legacy name for getNoAppCodebasePrincipal.
+     * Legacy method for getting a principal with no origin attributes.
      *
-     * @deprecated use getNoAppCodebasePrincipal instead.
+     * @deprecated use createCodebasePrincipal instead.
      */
     [deprecated] nsIPrincipal getCodebasePrincipal(in nsIURI uri);
 
     /**
+     * Returns a principal whose origin is composed of |uri| and |originAttributes|.
+     * See nsIPrincipal.h for a description of origin attributes, and
+     * SystemDictionaries.webidl for a list of origin attributes and their defaults.
+     */
+    [implicit_jscontext]
+    nsIPrincipal createCodebasePrincipal(in nsIURI uri, in jsval originAttributes);
+
+    /**
+     * Returns a unique nonce principal with |originAttributes|.
+     * See nsIPrincipal.h for a description of origin attributes, and
+     * SystemDictionaries.webidl for a list of origin attributes and their defaults.
+     */
+    [implicit_jscontext]
+    nsIPrincipal createNullPrincipal(in jsval originAttributes);
+
+    /**
      * Returns OK if aSourceURI and target have the same "origin"
      * (scheme, host, and port).
      * ReportError flag suppresses error reports for functions that
      * don't need reporting.
      */
     void checkSameOriginURI(in nsIURI aSourceURI,
                             in nsIURI aTargetURI,
                             in boolean reportError);
--- a/caps/nsNullPrincipal.h
+++ b/caps/nsNullPrincipal.h
@@ -49,19 +49,19 @@ public:
   NS_IMETHOD GetIsNullPrincipal(bool* aIsNullPrincipal) override;
   NS_IMETHOD GetBaseDomain(nsACString& aBaseDomain) override;
 
   // Returns null on failure.
   static already_AddRefed<nsNullPrincipal> CreateWithInheritedAttributes(nsIPrincipal *aInheritFrom);
 
   // Returns null on failure.
   static already_AddRefed<nsNullPrincipal>
-    Create(const OriginAttributes& aOriginAttributes = OriginAttributes());
+    Create(const mozilla::OriginAttributes& aOriginAttributes = mozilla::OriginAttributes());
 
-  nsresult Init(const OriginAttributes& aOriginAttributes = OriginAttributes());
+  nsresult Init(const mozilla::OriginAttributes& aOriginAttributes = mozilla::OriginAttributes());
 
   virtual void GetScriptLocation(nsACString &aStr) override;
 
  protected:
   virtual ~nsNullPrincipal() {}
 
   bool SubsumesInternal(nsIPrincipal* aOther, DocumentDomainConsideration aConsideration) override
   {
--- a/caps/nsPrincipal.h
+++ b/caps/nsPrincipal.h
@@ -29,17 +29,17 @@ public:
   NS_IMETHOD GetOrigin(nsACString& aOrigin) override;
   NS_IMETHOD CheckMayLoad(nsIURI* uri, bool report, bool allowIfInheritsPrincipal) override;
   NS_IMETHOD GetBaseDomain(nsACString& aBaseDomain) override;
   virtual bool IsOnCSSUnprefixingWhitelist() override;
 
   nsPrincipal();
 
   // Init() must be called before the principal is in a usable state.
-  nsresult Init(nsIURI* aCodebase, const OriginAttributes& aOriginAttributes);
+  nsresult Init(nsIURI* aCodebase, const mozilla::OriginAttributes& aOriginAttributes);
 
   virtual void GetScriptLocation(nsACString& aStr) override;
   void SetURI(nsIURI* aURI);
 
   static bool IsPrincipalInherited(nsIURI* aURI) {
     // return true if the loadee URI has
     // the URI_INHERITS_SECURITY_CONTEXT flag set.
     bool doesInheritSecurityContext;
--- a/caps/nsScriptSecurityManager.cpp
+++ b/caps/nsScriptSecurityManager.cpp
@@ -14,16 +14,17 @@
 #include "nsILoadContext.h"
 #include "nsIServiceManager.h"
 #include "nsIScriptObjectPrincipal.h"
 #include "nsIScriptContext.h"
 #include "nsIURL.h"
 #include "nsINestedURI.h"
 #include "nspr.h"
 #include "nsJSPrincipals.h"
+#include "mozilla/BasePrincipal.h"
 #include "nsSystemPrincipal.h"
 #include "nsPrincipal.h"
 #include "nsNullPrincipal.h"
 #include "DomainPolicy.h"
 #include "nsXPIDLString.h"
 #include "nsCRT.h"
 #include "nsCRTGlue.h"
 #include "nsError.h"
@@ -373,18 +374,20 @@ nsScriptSecurityManager::GetChannelURIPr
 
     nsCOMPtr<nsILoadContext> loadContext;
     NS_QueryNotificationCallbacks(aChannel, loadContext);
 
     if (loadContext) {
         return GetLoadContextCodebasePrincipal(uri, loadContext, aPrincipal);
     }
 
-    return GetCodebasePrincipalInternal(uri, UNKNOWN_APP_ID,
-        /* isInBrowserElement */ false, aPrincipal);
+    OriginAttributes attrs(UNKNOWN_APP_ID, false);
+    nsCOMPtr<nsIPrincipal> prin = BasePrincipal::CreateCodebasePrincipal(uri, attrs);
+    prin.forget(aPrincipal);
+    return *aPrincipal ? NS_OK : NS_ERROR_FAILURE;
 }
 
 NS_IMETHODIMP
 nsScriptSecurityManager::IsSystemPrincipal(nsIPrincipal* aPrincipal,
                                            bool* aIsSystem)
 {
     *aIsSystem = (aPrincipal == mSystemPrincipal);
     return NS_OK;
@@ -974,138 +977,110 @@ nsScriptSecurityManager::ScriptAllowed(J
 NS_IMETHODIMP
 nsScriptSecurityManager::GetSystemPrincipal(nsIPrincipal **result)
 {
     NS_ADDREF(*result = mSystemPrincipal);
 
     return NS_OK;
 }
 
-nsresult
-nsScriptSecurityManager::CreateCodebasePrincipal(nsIURI* aURI, uint32_t aAppId,
-                                                 bool aInMozBrowser,
-                                                 nsIPrincipal **result)
-{
-    // I _think_ it's safe to not create null principals here based on aURI.
-    // At least all the callers would do the right thing in those cases, as far
-    // as I can tell.  --bz
-
-    nsCOMPtr<nsIURIWithPrincipal> uriPrinc = do_QueryInterface(aURI);
-    if (uriPrinc) {
-        nsCOMPtr<nsIPrincipal> principal;
-        uriPrinc->GetPrincipal(getter_AddRefs(principal));
-        if (!principal) {
-            principal = nsNullPrincipal::Create();
-            NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE);
-        }
-
-        principal.forget(result);
-
-        return NS_OK;
-    }
-
-    BasePrincipal::OriginAttributes attrs(aAppId, aInMozBrowser);
-    nsRefPtr<nsPrincipal> codebase = new nsPrincipal();
-    nsresult rv = codebase->Init(aURI, attrs);
-    if (NS_FAILED(rv))
-        return rv;
-
-    NS_ADDREF(*result = codebase);
-
-    return NS_OK;
-}
-
 NS_IMETHODIMP
 nsScriptSecurityManager::GetSimpleCodebasePrincipal(nsIURI* aURI,
                                                     nsIPrincipal** aPrincipal)
 {
-  return GetCodebasePrincipalInternal(aURI,
-                                      nsIScriptSecurityManager::UNKNOWN_APP_ID,
-                                      false, aPrincipal);
+  OriginAttributes attrs(UNKNOWN_APP_ID, false);
+  nsCOMPtr<nsIPrincipal> prin = BasePrincipal::CreateCodebasePrincipal(aURI, attrs);
+  prin.forget(aPrincipal);
+  return *aPrincipal ? NS_OK : NS_ERROR_FAILURE;
 }
 
 NS_IMETHODIMP
 nsScriptSecurityManager::GetNoAppCodebasePrincipal(nsIURI* aURI,
                                                    nsIPrincipal** aPrincipal)
 {
-  return GetCodebasePrincipalInternal(aURI,  nsIScriptSecurityManager::NO_APP_ID,
-                                      false, aPrincipal);
+  OriginAttributes attrs(NO_APP_ID, false);
+  nsCOMPtr<nsIPrincipal> prin = BasePrincipal::CreateCodebasePrincipal(aURI, attrs);
+  prin.forget(aPrincipal);
+  return *aPrincipal ? NS_OK : NS_ERROR_FAILURE;
 }
 
 NS_IMETHODIMP
 nsScriptSecurityManager::GetCodebasePrincipal(nsIURI* aURI,
                                               nsIPrincipal** aPrincipal)
 {
   return GetNoAppCodebasePrincipal(aURI, aPrincipal);
 }
 
 NS_IMETHODIMP
+nsScriptSecurityManager::CreateCodebasePrincipal(nsIURI* aURI, JS::Handle<JS::Value> aOriginAttributes,
+                                                 JSContext* aCx, nsIPrincipal** aPrincipal)
+{
+  OriginAttributes attrs;
+  if (!aOriginAttributes.isObject() || !attrs.Init(aCx, aOriginAttributes)) {
+      return NS_ERROR_INVALID_ARG;
+  }
+  nsCOMPtr<nsIPrincipal> prin = BasePrincipal::CreateCodebasePrincipal(aURI, attrs);
+  prin.forget(aPrincipal);
+  return *aPrincipal ? NS_OK : NS_ERROR_FAILURE;
+}
+
+NS_IMETHODIMP
+nsScriptSecurityManager::CreateNullPrincipal(JS::Handle<JS::Value> aOriginAttributes,
+                                             JSContext* aCx, nsIPrincipal** aPrincipal)
+{
+  OriginAttributes attrs;
+  if (!aOriginAttributes.isObject() || !attrs.Init(aCx, aOriginAttributes)) {
+      return NS_ERROR_INVALID_ARG;
+  }
+  nsCOMPtr<nsIPrincipal> prin = nsNullPrincipal::Create(attrs);
+  NS_ENSURE_TRUE(prin, NS_ERROR_FAILURE);
+  prin.forget(aPrincipal);
+  return NS_OK;
+}
+
+NS_IMETHODIMP
 nsScriptSecurityManager::GetAppCodebasePrincipal(nsIURI* aURI,
                                                  uint32_t aAppId,
                                                  bool aInMozBrowser,
                                                  nsIPrincipal** aPrincipal)
 {
   NS_ENSURE_TRUE(aAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID,
                  NS_ERROR_INVALID_ARG);
 
-  return GetCodebasePrincipalInternal(aURI, aAppId, aInMozBrowser, aPrincipal);
+  OriginAttributes attrs(aAppId, aInMozBrowser);
+  nsCOMPtr<nsIPrincipal> prin = BasePrincipal::CreateCodebasePrincipal(aURI, attrs);
+  prin.forget(aPrincipal);
+  return *aPrincipal ? NS_OK : NS_ERROR_FAILURE;
 }
 
 NS_IMETHODIMP
 nsScriptSecurityManager::
   GetLoadContextCodebasePrincipal(nsIURI* aURI,
                                   nsILoadContext* aLoadContext,
                                   nsIPrincipal** aPrincipal)
 {
-  uint32_t appId;
-  aLoadContext->GetAppId(&appId);
-  bool isInBrowserElement;
-  aLoadContext->GetIsInBrowserElement(&isInBrowserElement);
-  return GetCodebasePrincipalInternal(aURI,
-                                      appId,
-                                      isInBrowserElement,
-                                      aPrincipal);
+  // XXXbholley - Make this more general in bug 1165466.
+  OriginAttributes attrs;
+  aLoadContext->GetAppId(&attrs.mAppId);
+  aLoadContext->GetIsInBrowserElement(&attrs.mInBrowser);
+  nsCOMPtr<nsIPrincipal> prin = BasePrincipal::CreateCodebasePrincipal(aURI, attrs);
+  prin.forget(aPrincipal);
+  return *aPrincipal ? NS_OK : NS_ERROR_FAILURE;
 }
 
 NS_IMETHODIMP
 nsScriptSecurityManager::GetDocShellCodebasePrincipal(nsIURI* aURI,
                                                       nsIDocShell* aDocShell,
                                                       nsIPrincipal** aPrincipal)
 {
-  return GetCodebasePrincipalInternal(aURI,
-                                      aDocShell->GetAppId(),
-                                      aDocShell->GetIsInBrowserElement(),
-                                      aPrincipal);
-}
-
-nsresult
-nsScriptSecurityManager::GetCodebasePrincipalInternal(nsIURI *aURI,
-                                                      uint32_t aAppId,
-                                                      bool aInMozBrowser,
-                                                      nsIPrincipal **result)
-{
-    NS_ENSURE_ARG(aURI);
-
-    bool inheritsPrincipal;
-    nsresult rv =
-        NS_URIChainHasFlags(aURI,
-                            nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT,
-                            &inheritsPrincipal);
-    nsCOMPtr<nsIPrincipal> principal;
-    if (NS_FAILED(rv) || inheritsPrincipal) {
-        principal = nsNullPrincipal::Create();
-        NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE);
-    } else {
-        rv = CreateCodebasePrincipal(aURI, aAppId, aInMozBrowser,
-                                     getter_AddRefs(principal));
-        NS_ENSURE_SUCCESS(rv, rv);
-    }
-    principal.forget(result);
-
-    return NS_OK;
+  // XXXbholley - Make this more general in bug 1165466.
+  OriginAttributes attrs(aDocShell->GetAppId(), aDocShell->GetIsInBrowserElement());
+  nsCOMPtr<nsIPrincipal> prin = BasePrincipal::CreateCodebasePrincipal(aURI, attrs);
+  prin.forget(aPrincipal);
+  return *aPrincipal ? NS_OK : NS_ERROR_FAILURE;
 }
 
 // static
 nsIPrincipal*
 nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj)
 {
     JSCompartment *compartment = js::GetObjectCompartment(aObj);
     JSPrincipals *principals = JS_GetCompartmentPrincipals(compartment);
--- a/caps/nsScriptSecurityManager.h
+++ b/caps/nsScriptSecurityManager.h
@@ -17,16 +17,20 @@
 
 #include <stdint.h>
 
 class nsCString;
 class nsIIOService;
 class nsIStringBundle;
 class nsSystemPrincipal;
 
+namespace mozilla {
+class OriginAttributes;
+}
+
 /////////////////////////////
 // nsScriptSecurityManager //
 /////////////////////////////
 #define NS_SCRIPTSECURITYMANAGER_CID \
 { 0x7ee2a4c0, 0x4b93, 0x17d3, \
 { 0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 }}
 
 class nsScriptSecurityManager final : public nsIScriptSecurityManager,
@@ -95,25 +99,16 @@ private:
     static bool
     JSPrincipalsSubsume(JSPrincipals *first, JSPrincipals *second);
 
     // Returns null if a principal cannot be found; generally callers
     // should error out at that point.
     static nsIPrincipal* doGetObjectPrincipal(JSObject* obj);
 
     nsresult
-    GetCodebasePrincipalInternal(nsIURI* aURI, uint32_t aAppId,
-                                 bool aInMozBrowser,
-                                 nsIPrincipal** result);
-
-    nsresult
-    CreateCodebasePrincipal(nsIURI* aURI, uint32_t aAppId, bool aInMozBrowser,
-                            nsIPrincipal** result);
-
-    nsresult
     Init();
 
     nsresult
     InitPrefs();
 
     inline void
     ScriptSecurityPrefChanged();
 
--- a/dom/webidl/SystemDictionaries.webidl
+++ b/dom/webidl/SystemDictionaries.webidl
@@ -7,16 +7,16 @@
  * liability, trademark and document use rules apply.
  */
 
 /*
  * Used by principals and the script security manager to represent origin
  * attributes.
  *
  * IMPORTANT: If you add any members here, you need to update the
- * CreateSuffix, Serialize, and Deserialize implementations in BasePrincipal,
- * and bump the CIDs of all the principal implementations that invoke those
- * methods.
+ * methods on mozilla::OriginAttributes, and bump the CIDs of all
+ * the principal implementations that use OriginAttributes in their
+ * nsISerializable implementations.
  */
 dictionary OriginAttributesDictionary {
   unsigned long appId = 0;
   boolean inBrowser = false;
 };