Bug 952192 - getObjectPrincipal should be script callable. r=bholley
☠☠ backed out by 00d284a3a05a ☠ ☠
authorGabor Krizsanits <gkrizsanits@mozilla.com>
Thu, 09 Jan 2014 11:31:33 +0100
changeset 178699 18eeafedd18015db046f4b9a910e85f1e1e5c173
parent 178698 8287550616eeaba31d963e09605c89359dc08d95
child 178700 b76b2eb15da36f9fb0f3b1754bd28d6f349ca92a
push id3343
push userffxbld
push dateMon, 17 Mar 2014 21:55:32 +0000
treeherdermozilla-beta@2f7d3415f79f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbholley
bugs952192
milestone29.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 952192 - getObjectPrincipal should be script callable. r=bholley
caps/idl/nsIScriptSecurityManager.idl
caps/src/nsScriptSecurityManager.cpp
js/xpconnect/loader/mozJSSubScriptLoader.cpp
js/xpconnect/src/XPCWrappedJSClass.cpp
js/xpconnect/tests/unit/test_getObjectPrincipal.js
js/xpconnect/tests/unit/xpcshell.ini
--- a/caps/idl/nsIScriptSecurityManager.idl
+++ b/caps/idl/nsIScriptSecurityManager.idl
@@ -6,17 +6,17 @@
 #include "nsISupports.idl"
 #include "nsIPrincipal.idl"
 #include "nsIXPCSecurityManager.idl"
 interface nsIURI;
 interface nsIChannel;
 interface nsIDocShell;
 interface nsIDomainPolicy;
 
-[scriptable, uuid(2911ae60-1b5f-47e6-941e-1bb7b53a167d)]
+[scriptable, uuid(712aa338-50a1-497b-be6f-dc3d97867c01)]
 interface nsIScriptSecurityManager : nsIXPCSecurityManager
 {
     ///////////////// Security Checks //////////////////
     /**
      * Checks whether the running script is allowed to access aProperty.
      */
     [noscript] void checkPropertyAccess(in JSContextPtr aJSContext,
                                         in JSObjectPtr aJSObject,
@@ -155,22 +155,20 @@ interface nsIScriptSecurityManager : nsI
 
     /**
      * Legacy name for getNoAppCodebasePrincipal.
      *
      * @deprecated use getNoAppCodebasePrincipal instead.
      */
     [deprecated] nsIPrincipal getCodebasePrincipal(in nsIURI uri);
 
-    ///////////////////////
     /**
      * Return the principal of the specified object in the specified context.
      */
-    [noscript] nsIPrincipal getObjectPrincipal(in JSContextPtr cx,
-                                               in JSObjectPtr obj);
+    [implicit_jscontext] nsIPrincipal getObjectPrincipal(in jsval aObject);
 
     /**
      * Returns true if the principal of the currently running script is the
      * system principal, false otherwise.
      */
     [noscript] boolean subjectPrincipalIsSystem();
 
     /**
--- a/caps/src/nsScriptSecurityManager.cpp
+++ b/caps/src/nsScriptSecurityManager.cpp
@@ -1482,24 +1482,24 @@ nsScriptSecurityManager::GetSubjectPrinc
     // or the one associated with its global.
     MOZ_ASSERT(!!compartment);
 
     JSPrincipals *principals = JS_GetCompartmentPrincipals(compartment);
     return nsJSPrincipals::get(principals);
 }
 
 NS_IMETHODIMP
-nsScriptSecurityManager::GetObjectPrincipal(JSContext *aCx, JSObject *aObj,
+nsScriptSecurityManager::GetObjectPrincipal(const JS::Value &aObjectVal,
+                                            JSContext *aCx,
                                             nsIPrincipal **result)
 {
-    JS::Rooted<JSObject*> obj(aCx, aObj);
-    *result = doGetObjectPrincipal(obj);
-    if (!*result)
-        return NS_ERROR_FAILURE;
-    NS_ADDREF(*result);
+    NS_ENSURE_TRUE(aObjectVal.isObject(), NS_ERROR_FAILURE);
+    JS::RootedObject obj(aCx, &aObjectVal.toObject());
+    nsCOMPtr<nsIPrincipal> principal = doGetObjectPrincipal(obj);
+    principal.forget(result);
     return NS_OK;
 }
 
 // static
 nsIPrincipal*
 nsScriptSecurityManager::doGetObjectPrincipal(JSObject *aObj)
 {
     JSCompartment *compartment = js::GetObjectCompartment(aObj);
--- a/js/xpconnect/loader/mozJSSubScriptLoader.cpp
+++ b/js/xpconnect/loader/mozJSSubScriptLoader.cpp
@@ -253,25 +253,18 @@ mozJSSubScriptLoader::DoLoadSubScriptWit
     // Remember an object out of the calling compartment so that we
     // can properly wrap the result later.
     nsCOMPtr<nsIPrincipal> principal = mSystemPrincipal;
     RootedObject result_obj(cx, targetObj);
     targetObj = JS_FindCompilationScope(cx, targetObj);
     if (!targetObj)
         return NS_ERROR_FAILURE;
 
-    if (targetObj != result_obj) {
-        nsCOMPtr<nsIScriptSecurityManager> secman =
-            do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID);
-        if (!secman)
-            return NS_ERROR_FAILURE;
-
-        rv = secman->GetObjectPrincipal(cx, targetObj, getter_AddRefs(principal));
-        NS_ENSURE_SUCCESS(rv, rv);
-    }
+    if (targetObj != result_obj)
+        principal = GetObjectPrincipal(targetObj);
 
     JSAutoCompartment ac(cx, targetObj);
 
     /* load up the url.  From here on, failures are reflected as ``custom''
      * js exceptions */
     nsCOMPtr<nsIURI> uri;
     nsAutoCString uriStr;
     nsAutoCString scheme;
--- a/js/xpconnect/src/XPCWrappedJSClass.cpp
+++ b/js/xpconnect/src/XPCWrappedJSClass.cpp
@@ -647,24 +647,19 @@ nsXPCWrappedJSClass::DelegatedQueryInter
 
         nsXPConnect *xpc = nsXPConnect::XPConnect();
         nsCOMPtr<nsIScriptSecurityManager> secMan =
             do_QueryInterface(xpc->GetDefaultSecurityManager());
         if (!secMan)
             return NS_NOINTERFACE;
 
         RootedObject selfObj(ccx, self->GetJSObject());
-        nsCOMPtr<nsIPrincipal> objPrin;
-        nsresult rv = secMan->GetObjectPrincipal(ccx, selfObj,
-                                                 getter_AddRefs(objPrin));
-        if (NS_FAILED(rv))
-            return rv;
-
+        nsCOMPtr<nsIPrincipal> objPrin = GetObjectPrincipal(selfObj);
         bool isSystem;
-        rv = secMan->IsSystemPrincipal(objPrin, &isSystem);
+        nsresult rv = secMan->IsSystemPrincipal(objPrin, &isSystem);
         if ((NS_FAILED(rv) || !isSystem) && !IS_WN_REFLECTOR(selfObj)) {
             // A content object.
             nsRefPtr<SameOriginCheckedComponent> checked =
                 new SameOriginCheckedComponent(self);
             if (!checked)
                 return NS_ERROR_OUT_OF_MEMORY;
             *aInstancePtr = checked.forget().get();
             return NS_OK;
new file mode 100644
--- /dev/null
+++ b/js/xpconnect/tests/unit/test_getObjectPrincipal.js
@@ -0,0 +1,4 @@
+function run_test() {
+  var secMan = Cc["@mozilla.org/scriptsecuritymanager;1"].getService(Ci.nsIScriptSecurityManager);
+  do_check_true(secMan.isSystemPrincipal(secMan.getObjectPrincipal({})));
+}
--- a/js/xpconnect/tests/unit/xpcshell.ini
+++ b/js/xpconnect/tests/unit/xpcshell.ini
@@ -68,16 +68,17 @@ fail-if = os == "android"
 [test_nuke_sandbox.js]
 [test_sandbox_metadata.js]
 [test_exportFunction.js]
 [test_textDecoder.js]
 [test_url.js]
 [test_sandbox_atob.js]
 [test_isProxy.js]
 [test_watchdog_enable.js]
+[test_getObjectPrincipal.js]
 head = head_watchdog.js
 [test_watchdog_disable.js]
 head = head_watchdog.js
 [test_watchdog_toggle.js]
 head = head_watchdog.js
 [test_watchdog_default.js]
 head = head_watchdog.js
 [test_watchdog_hibernate.js]