Bug 1468912 - Don't use system principal for calendar server connections; r=philipp
authorMakeMyDay <makemyday@gmx-topmail.de>
Sun, 20 Jan 2019 16:44:07 +0100
changeset 33407 94a2a4100e98
parent 33406 51560879ea98
child 33408 a0a854d99ee0
push id2368
push userclokep@gmail.com
push dateMon, 28 Jan 2019 21:12:50 +0000
treeherdercomm-beta@56d23c07d815 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersphilipp
bugs1468912
Bug 1468912 - Don't use system principal for calendar server connections; r=philipp
calendar/base/modules/utils/calProviderUtils.jsm
--- a/calendar/base/modules/utils/calProviderUtils.jsm
+++ b/calendar/base/modules/utils/calProviderUtils.jsm
@@ -32,19 +32,23 @@ var calprovider = {
      *                                                            string will be converted to an
      *                                                            input stream.
      * @param {String} aContentType                             Value for Content-Type header, if any
      * @param {nsIInterfaceRequestor} aNotificationCallbacks    Calendar using channel
      * @param {?nsIChannel} aExisting                           An existing channel to modify (optional)
      * @return {nsIChannel}                                     The prepared channel
      */
     prepHttpChannel: function(aUri, aUploadData, aContentType, aNotificationCallbacks, aExisting=null) {
+        // We cannot use a system principal here, since the conncetion setup would fail if
+        // same-site cookie protection is enabled in TB and server-side.
+        let principal = aExisting ? null
+                                  : Services.scriptSecurityManager.createCodebasePrincipal(aUri, {});
         let channel = aExisting || Services.io.newChannelFromURI2(aUri,
                                                                   null,
-                                                                  Services.scriptSecurityManager.getSystemPrincipal(),
+                                                                  principal,
                                                                   null,
                                                                   Ci.nsILoadInfo.SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL,
                                                                   Ci.nsIContentPolicy.TYPE_OTHER);
         let httpchannel = channel.QueryInterface(Ci.nsIHttpChannel);
 
         httpchannel.setRequestHeader("Accept", "text/xml", false);
         httpchannel.setRequestHeader("Accept-Charset", "utf-8,*;q=0.1", false);
         httpchannel.loadFlags |= Ci.nsIRequest.LOAD_BYPASS_CACHE;