Bug 1647454 - Check popup permission on window context in DoURILoad. r=nika
authorAndreas Farre <farre@mozilla.com>
Tue, 18 Aug 2020 16:16:32 +0000
changeset 609854 2bd6606d7ec8241ba75f32e7fc875b30bf69cdd4
parent 609853 acbc5700a6a8eaf8e1e4f7702e58eeec8da84e27
child 609855 d9ee9a2a6fec3f70db60046cb5f29a219589afa9
push id13553
push userffxbld-merge
push dateMon, 24 Aug 2020 12:51:36 +0000
treeherdermozilla-beta@a54f8b5d0977 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersnika
bugs1647454
milestone81.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1647454 - Check popup permission on window context in DoURILoad. r=nika Depends on D86808 Differential Revision: https://phabricator.services.mozilla.com/D86828
docshell/base/nsDocShell.cpp
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -9517,30 +9517,33 @@ nsresult nsDocShell::DoURILoad(nsDocShel
                           &doesNotReturnData);
       if (doesNotReturnData) {
         bool popupBlocked = true;
 
         // Let's consider external protocols as popups and let's check if the
         // page is allowed to open them without abuse regardless of allowed
         // events
         if (PopupBlocker::GetPopupControlState() <= PopupBlocker::openBlocked) {
+          // This use-case of GetFrameElementInternal is fission safe,
+          // because PopupBlocker::TryUsePopupOpeningToken only uses
+          // the principal if it is the system principal, otherwise it
+          // only considers the popup token.
           nsCOMPtr<nsINode> loadingNode =
               mScriptGlobal->GetFrameElementInternal();
           popupBlocked = !PopupBlocker::TryUsePopupOpeningToken(
               loadingNode ? loadingNode->NodePrincipal() : nullptr);
         } else if (mBrowsingContext->GetIsActive() &&
                    PopupBlocker::ConsumeTimerTokenForExternalProtocolIframe()) {
           popupBlocked = false;
         } else {
-          nsCOMPtr<nsINode> loadingNode =
-              mScriptGlobal->GetFrameElementInternal();
-          if (loadingNode) {
-            popupBlocked = !PopupBlocker::CanShowPopupByPermission(
-                loadingNode->NodePrincipal());
-          }
+          // Check if the parent context of the frame allows popups.
+          WindowContext* parentContext =
+              mBrowsingContext->GetParentWindowContext();
+          MOZ_ASSERT(parentContext);
+          popupBlocked = !parentContext->CanShowPopup();
         }
 
         // No error must be returned when iframes are blocked.
         if (popupBlocked) {
           return NS_OK;
         }
       }
     }