Bug 774633 - Wean SetInitialPrincipalToSubject off some parameters and clean it up. r=jst
authorBobby Holley <bobbyholley@gmail.com>
Thu, 06 Sep 2012 08:46:13 -0700
changeset 106761 75e352cedc4ba79b5bed573ad3c8eaf27ae8b1a1
parent 106760 04baa824177ce5ee7e6bba1e4631d7f0a3d25459
child 106762 b2caffff9aee32b41f597f01f19363a65c40b4f7
push id2041
push userbobbyholley@gmail.com
push dateThu, 06 Sep 2012 17:17:44 +0000
treeherdermozilla-aurora@b8ed43695721 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjst
bugs774633
milestone17.0a2
Bug 774633 - Wean SetInitialPrincipalToSubject off some parameters and clean it up. r=jst We can remove the fallback to the principal of aParent because we already push the cx for aParent (callerContextGuard) whenever we're concerned about using its principal.
dom/base/nsGlobalWindow.cpp
dom/base/nsGlobalWindow.h
dom/base/nsPIDOMWindow.h
embedding/components/windowwatcher/src/nsWindowWatcher.cpp
--- a/dom/base/nsGlobalWindow.cpp
+++ b/dom/base/nsGlobalWindow.cpp
@@ -1542,45 +1542,39 @@ nsGlobalWindow::SetOpenerScriptPrincipal
       // layout happening.
       nsRect r = shell->GetPresContext()->GetVisibleArea();
       shell->InitialReflow(r.width, r.height);
     }
   }
 }
 
 void
-nsGlobalWindow::SetInitialPrincipalToSubject(nsIDocShellTreeItem* aItem,
-                                             nsIDOMWindow* aParent)
-{
+nsGlobalWindow::SetInitialPrincipalToSubject()
+{
+  // First, grab the subject principal. These methods never fail.
   nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
-  MOZ_ASSERT(ssm);
-
-  nsresult rv;
-  nsCOMPtr<nsIPrincipal> newWindowPrincipal;
-  rv = ssm->GetSubjectPrincipal(getter_AddRefs(newWindowPrincipal));
-  MOZ_ASSERT(NS_SUCCEEDED(rv));
-
-  if (!newWindowPrincipal && aParent) {
-    nsCOMPtr<nsIScriptObjectPrincipal> sop(do_QueryInterface(aParent));
-    if (sop) {
-      newWindowPrincipal = sop->GetPrincipal();
-    }
-  }
-
-  bool isSystem;
-  rv = ssm->IsSystemPrincipal(newWindowPrincipal, &isSystem);
-  if (NS_FAILED(rv) || isSystem) {
-    // Don't pass this principal along to content windows
+  nsCOMPtr<nsIPrincipal> newWindowPrincipal, systemPrincipal;
+  ssm->GetSubjectPrincipal(getter_AddRefs(newWindowPrincipal));
+  ssm->GetSystemPrincipal(getter_AddRefs(systemPrincipal));
+  if (!newWindowPrincipal) {
+    newWindowPrincipal = systemPrincipal;
+  }
+
+  // Now, if we're about to use the system principal, make sure we're not using
+  // it for a content docshell.
+  if (newWindowPrincipal == systemPrincipal) {
     int32_t itemType;
-    rv = aItem->GetItemType(&itemType);
+    nsCOMPtr<nsIDocShellTreeItem> item = do_QueryInterface(GetDocShell());
+    nsresult rv = item->GetItemType(&itemType);
     if (NS_FAILED(rv) || itemType != nsIDocShellTreeItem::typeChrome) {
       newWindowPrincipal = nullptr;
     }
   }
 
+  // Set the initial about:blank document up with the correct principal.
   SetOpenerScriptPrincipal(newWindowPrincipal);
 }
 
 nsIPrincipal*
 nsGlobalWindow::GetOpenerScriptPrincipal()
 {
   FORWARD_TO_OUTER(GetOpenerScriptPrincipal, (), nullptr);
 
--- a/dom/base/nsGlobalWindow.h
+++ b/dom/base/nsGlobalWindow.h
@@ -338,18 +338,17 @@ public:
   // nsPIDOMWindow
   virtual NS_HIDDEN_(nsPIDOMWindow*) GetPrivateRoot();
   virtual NS_HIDDEN_(void) ActivateOrDeactivate(bool aActivate);
   virtual NS_HIDDEN_(void) SetActive(bool aActive);
   virtual NS_HIDDEN_(void) SetIsBackground(bool aIsBackground);
   virtual NS_HIDDEN_(void) SetChromeEventHandler(nsIDOMEventTarget* aChromeEventHandler);
 
   virtual NS_HIDDEN_(void) SetOpenerScriptPrincipal(nsIPrincipal* aPrincipal);
-  virtual NS_HIDDEN_(void) SetInitialPrincipalToSubject(nsIDocShellTreeItem* aItem,
-                                                        nsIDOMWindow* aParent);
+  virtual NS_HIDDEN_(void) SetInitialPrincipalToSubject();
   virtual NS_HIDDEN_(nsIPrincipal*) GetOpenerScriptPrincipal();
 
   virtual NS_HIDDEN_(PopupControlState) PushPopupControlState(PopupControlState state, bool aForce) const;
   virtual NS_HIDDEN_(void) PopPopupControlState(PopupControlState state) const;
   virtual NS_HIDDEN_(PopupControlState) GetPopupControlState() const;
 
   virtual NS_HIDDEN_(nsresult) SaveWindowState(nsISupports **aState);
   virtual NS_HIDDEN_(nsresult) RestoreWindowState(nsISupports *aState);
--- a/dom/base/nsPIDOMWindow.h
+++ b/dom/base/nsPIDOMWindow.h
@@ -19,17 +19,16 @@
 #include "nsIURI.h"
 
 #define DOM_WINDOW_DESTROYED_TOPIC "dom-window-destroyed"
 #define DOM_WINDOW_FROZEN_TOPIC "dom-window-frozen"
 #define DOM_WINDOW_THAWED_TOPIC "dom-window-thawed"
 
 class nsIIdleObserver;
 class nsIPrincipal;
-class nsIDocShellTreeItem; // XXX - Temporary! Goes away in the next patch
 
 // Popup control state enum. The values in this enum must go from most
 // permissive to least permissive so that it's safe to push state in
 // all situations. Pushing popup state onto the stack never makes the
 // current popup state less permissive (see
 // nsGlobalWindow::PushPopupControlState()).
 enum PopupControlState {
   openAllowed = 0,  // open that window without worries
@@ -282,18 +281,17 @@ public:
   }
 
   // Tell this window who opened it.  This only has an effect if there is
   // either no document currently in the window or if the document is the
   // original document this window came with (an about:blank document either
   // preloaded into it when it was created, or created by
   // CreateAboutBlankContentViewer()).
   virtual void SetOpenerScriptPrincipal(nsIPrincipal* aPrincipal) = 0;
-  virtual void SetInitialPrincipalToSubject(nsIDocShellTreeItem* aItem,
-                                            nsIDOMWindow* aParent) = 0;
+  virtual void SetInitialPrincipalToSubject() = 0;
 
   // Ask this window who opened it.
   virtual nsIPrincipal* GetOpenerScriptPrincipal() = 0;
 
   virtual PopupControlState PushPopupControlState(PopupControlState aState,
                                                   bool aForce) const = 0;
   virtual void PopPopupControlState(PopupControlState state) const = 0;
   virtual PopupControlState GetPopupControlState() const = 0;
--- a/embedding/components/windowwatcher/src/nsWindowWatcher.cpp
+++ b/embedding/components/windowwatcher/src/nsWindowWatcher.cpp
@@ -874,17 +874,17 @@ nsWindowWatcher::OpenWindowInternal(nsID
     // cases we do _not_ set the parent window principal as the owner of the
     // load--since we really don't know who the owner is, just leave it null.
     nsCOMPtr<nsPIDOMWindow> newWindow = do_QueryInterface(*_retval);
 #ifdef DEBUG
     nsCOMPtr<nsPIDOMWindow> newDebugWindow = do_GetInterface(newDocShell);
     NS_ASSERTION(newWindow == newDebugWindow, "Different windows??");
 #endif
     if (newWindow) {
-      newWindow->SetInitialPrincipalToSubject(newDocShellItem, aParent);
+      newWindow->SetInitialPrincipalToSubject();
     }
   }
 
   if (uriToLoad && aNavigate) { // get the script principal and pass it to docshell
     JSContextAutoPopper contextGuard;
 
     cx = GetJSContextFromCallStack();