Remove MailNews special casing from nsScriptSecurityManager (bug 374577), r+sr=bzbarsky
authorDan Mosedale <dmose@mozilla.org>
Tue, 17 Feb 2009 20:32:57 -0800
changeset 25119 503b36e90c422f1adbd5f89c4517d5208d7e8f97
parent 25118 c48d57480a46df6289ed77af67d90f485cf14b70
child 25120 90d9e594332487dc5151653e88ba20856d414a2f
push idunknown
push userunknown
push dateunknown
bugs374577
milestone1.9.2a1pre
Remove MailNews special casing from nsScriptSecurityManager (bug 374577), r+sr=bzbarsky
caps/include/nsScriptSecurityManager.h
caps/src/nsScriptSecurityManager.cpp
content/base/public/nsContentPolicyUtils.h
--- a/caps/include/nsScriptSecurityManager.h
+++ b/caps/include/nsScriptSecurityManager.h
@@ -570,30 +570,28 @@ private:
 
     // JS strings we need to clean up on shutdown
     static jsval sEnabledID;
 
     inline void
     ScriptSecurityPrefChanged();
 
     static const char sJSEnabledPrefName[];
-    static const char sJSMailEnabledPrefName[];
     static const char sFileOriginPolicyPrefName[];
 
     nsObjectHashtable* mOriginToPolicyMap;
     DomainPolicy* mDefaultPolicy;
     nsObjectHashtable* mCapabilities;
 
     nsCOMPtr<nsIPrefBranch> mPrefBranch;
     nsCOMPtr<nsISecurityPref> mSecurityPref;
     nsCOMPtr<nsIPrincipal> mSystemPrincipal;
     nsCOMPtr<nsIPrincipal> mSystemCertificate;
     nsInterfaceHashtable<PrincipalKey, nsIPrincipal> mPrincipals;
     PRPackedBool mIsJavaScriptEnabled;
-    PRPackedBool mIsMailJavaScriptEnabled;
     PRPackedBool mIsWritingPrefs;
     PRPackedBool mPolicyPrefsChanged;
 #ifdef XPC_IDISPATCH_SUPPORT    
     PRPackedBool mXPCDefaultGrantAll;
     static const char sXPCDefaultGrantAllName[];
 #endif
 
     static PRBool sStrictFileOriginPolicy;
--- a/caps/src/nsScriptSecurityManager.cpp
+++ b/caps/src/nsScriptSecurityManager.cpp
@@ -1747,36 +1747,17 @@ nsScriptSecurityManager::CanExecuteScrip
             if (NS_SUCCEEDED(rv) &&
                 (flags & nsIAboutModule::ALLOW_SCRIPT)) {
                 *result = PR_TRUE;
                 return NS_OK;              
             }
         }
     }
 
-    //-- See if JS is disabled globally (via prefs)
     *result = mIsJavaScriptEnabled;
-    if (mIsJavaScriptEnabled != mIsMailJavaScriptEnabled && globalObjTreeItem) 
-    {
-        nsCOMPtr<nsIDocShellTreeItem> rootItem;
-        globalObjTreeItem->GetRootTreeItem(getter_AddRefs(rootItem));
-        docshell = do_QueryInterface(rootItem);
-        if (docshell) 
-        {
-            // Is this script running from mail?
-            PRUint32 appType;
-            rv = docshell->GetAppType(&appType);
-            if (NS_FAILED(rv)) return rv;
-            if (appType == nsIDocShell::APP_TYPE_MAIL) 
-            {
-                *result = mIsMailJavaScriptEnabled;
-            }
-        }
-    }
-
     if (!*result)
         return NS_OK; // Do not run scripts
 
     //-- Check for a per-site policy
     static const char jsPrefGroupName[] = "javascript";
     ClassInfoData nameData(nsnull, jsPrefGroupName);
 
     SecurityLevel secLevel;
@@ -3209,17 +3190,16 @@ nsScriptSecurityManager::Observe(nsISupp
 /////////////////////////////////////////////
 // Constructor, Destructor, Initialization //
 /////////////////////////////////////////////
 nsScriptSecurityManager::nsScriptSecurityManager(void)
     : mOriginToPolicyMap(nsnull),
       mDefaultPolicy(nsnull),
       mCapabilities(nsnull),
       mIsJavaScriptEnabled(PR_FALSE),
-      mIsMailJavaScriptEnabled(PR_FALSE),
       mIsWritingPrefs(PR_FALSE),
       mPolicyPrefsChanged(PR_TRUE)
 #ifdef XPC_IDISPATCH_SUPPORT
       , mXPCDefaultGrantAll(PR_FALSE)
 #endif
 {
     NS_ASSERTION(sizeof(long) == sizeof(void*), "long and void* have different lengths on this platform. This may cause a security failure.");
     mPrincipals.Init(31);
@@ -3809,34 +3789,29 @@ nsScriptSecurityManager::InitPrincipals(
         if (NS_SUCCEEDED(rv))
             mPrincipals.Put(newPrincipal, newPrincipal);
     }
     return NS_OK;
 }
 
 const char nsScriptSecurityManager::sJSEnabledPrefName[] =
     "javascript.enabled";
-const char nsScriptSecurityManager::sJSMailEnabledPrefName[] =
-    "javascript.allow.mailnews";
 const char nsScriptSecurityManager::sFileOriginPolicyPrefName[] =
     "security.fileuri.strict_origin_policy";
 #ifdef XPC_IDISPATCH_SUPPORT
 const char nsScriptSecurityManager::sXPCDefaultGrantAllName[] =
     "security.classID.allowByDefault";
 #endif
 
 inline void
 nsScriptSecurityManager::ScriptSecurityPrefChanged()
 {
     // JavaScript defaults to enabled in failure cases.
     mIsJavaScriptEnabled = PR_TRUE;
 
-    // JavaScript in Mail defaults to disabled in failure cases.
-    mIsMailJavaScriptEnabled = PR_FALSE;
-
     sStrictFileOriginPolicy = PR_TRUE;
 
 #ifdef XPC_IDISPATCH_SUPPORT
     // Granting XPC Priveleges defaults to disabled in failure cases.
     mXPCDefaultGrantAll = PR_FALSE;
 #endif
 
     nsresult rv;
@@ -3846,23 +3821,16 @@ nsScriptSecurityManager::ScriptSecurityP
             return;
     }
 
     PRBool temp;
     rv = mSecurityPref->SecurityGetBoolPref(sJSEnabledPrefName, &temp);
     if (NS_SUCCEEDED(rv))
         mIsJavaScriptEnabled = temp;
 
-    // JavaScript in mailnews is disabled until quickstubs and CAPS work
-    // together or we find an alternative to CAPS: see bug 374577 or
-    // bug 453928 or bug 453943.
-    // rv = mSecurityPref->SecurityGetBoolPref(sJSMailEnabledPrefName, &temp);
-    // if (NS_SUCCEEDED(rv))
-    //     mIsMailJavaScriptEnabled = temp;
-
     rv = mSecurityPref->SecurityGetBoolPref(sFileOriginPolicyPrefName, &temp);
     if (NS_SUCCEEDED(rv))
         sStrictFileOriginPolicy = NS_SUCCEEDED(rv) && temp;
 
 #ifdef XPC_IDISPATCH_SUPPORT
     rv = mSecurityPref->SecurityGetBoolPref(sXPCDefaultGrantAllName, &temp);
     if (NS_SUCCEEDED(rv))
         mXPCDefaultGrantAll = temp;
@@ -3881,17 +3849,16 @@ nsScriptSecurityManager::InitPrefs()
     NS_ENSURE_SUCCESS(rv, rv);
     mSecurityPref = do_QueryInterface(mPrefBranch, &rv);
     NS_ENSURE_SUCCESS(rv, rv);
 
     // Set the initial value of the "javascript.enabled" prefs
     ScriptSecurityPrefChanged();
     // set observer callbacks in case the value of the prefs change
     prefBranchInternal->AddObserver(sJSEnabledPrefName, this, PR_FALSE);
-    prefBranchInternal->AddObserver(sJSMailEnabledPrefName, this, PR_FALSE);
     prefBranchInternal->AddObserver(sFileOriginPolicyPrefName, this, PR_FALSE);
 #ifdef XPC_IDISPATCH_SUPPORT
     prefBranchInternal->AddObserver(sXPCDefaultGrantAllName, this, PR_FALSE);
 #endif
     PRUint32 prefCount;
     char** prefNames;
 
     // Set a callback for policy pref changes
--- a/content/base/public/nsContentPolicyUtils.h
+++ b/content/base/public/nsContentPolicyUtils.h
@@ -256,18 +256,30 @@ NS_CheckContentProcessPolicy(PRUint32   
 /**
  * Helper function to get an nsIDocShell given a context.
  * If the context is a document or window, the corresponding docshell will be
  * returned.
  * If the context is a non-document DOM node, the docshell of its ownerDocument
  * will be returned.
  *
  * @param aContext the context to find a docshell for (can be null)
+ *
  * @return a WEAK pointer to the docshell, or nsnull if it could
  *     not be obtained
+ *     
+ * @note  As of this writing, calls to nsIContentPolicy::Should{Load,Process}
+ * for TYPE_DOCUMENT and TYPE_SUBDOCUMENT pass in an aContext that either
+ * points to the frameElement of the window the load is happening in
+ * (in which case NS_CP_GetDocShellFromContext will return the parent of the
+ * docshell the load is happening in), or points to the window the load is
+ * happening in (in which case NS_CP_GetDocShellFromContext will return
+ * the docshell the load is happening in).  It's up to callers to QI aContext
+ * and handle things accordingly if they want the docshell the load is
+ * happening in.  These are somewhat odd semantics, and bug 466687 has been
+ * filed to consider improving them.
  */
 inline nsIDocShell*
 NS_CP_GetDocShellFromContext(nsISupports *aContext)
 {
     if (!aContext) {
         return nsnull;
     }