Bug 1119302 - Implement nsIContentPolicy.shouldProcess for plugin subresource loads, r=bz
authorBenjamin Smedberg <benjamin@smedbergs.us>
Thu, 08 Jan 2015 12:23:27 -0500
changeset 249098 621fadc8702b0157080a90cc236be864b44911b0
parent 249097 062050b11b10c12fa54246f3080db4595916e34a
child 249099 9eb7ebdb6f6ec96295fa19a93595934c6aeb2445
push id4489
push userraliiev@mozilla.com
push dateMon, 23 Feb 2015 15:17:55 +0000
treeherdermozilla-beta@fd7c3dc24146 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbz
bugs1119302
milestone37.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1119302 - Implement nsIContentPolicy.shouldProcess for plugin subresource loads, r=bz
dom/plugins/base/nsPluginStreamListenerPeer.cpp
--- a/dom/plugins/base/nsPluginStreamListenerPeer.cpp
+++ b/dom/plugins/base/nsPluginStreamListenerPeer.cpp
@@ -1,22 +1,25 @@
 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "nsPluginStreamListenerPeer.h"
+#include "nsIContentPolicy.h"
+#include "nsContentPolicyUtils.h"
 #include "nsIDOMElement.h"
 #include "nsIStreamConverterService.h"
 #include "nsIHttpChannel.h"
 #include "nsIHttpChannelInternal.h"
 #include "nsIFileChannel.h"
 #include "nsMimeTypes.h"
 #include "nsISupportsPrimitives.h"
 #include "nsNetCID.h"
+#include "nsPluginInstanceOwner.h"
 #include "nsPluginLogging.h"
 #include "nsIURI.h"
 #include "nsIURL.h"
 #include "nsPluginHost.h"
 #include "nsIByteRangeRequest.h"
 #include "nsIMultiPartChannel.h"
 #include "nsIInputStreamTee.h"
 #include "nsPrintfCString.h"
@@ -472,16 +475,47 @@ nsPluginStreamListenerPeer::OnStartReque
 
       if (!wantsAllNetworkStreams) {
         mRequestFailed = true;
         return NS_ERROR_FAILURE;
       }
     }
   }
 
+  nsAutoCString contentType;
+  rv = channel->GetContentType(contentType);
+  if (NS_FAILED(rv))
+    return rv;
+
+  // Check ShouldProcess with content policy
+  nsRefPtr<nsPluginInstanceOwner> owner;
+  if (mPluginInstance) {
+    owner = mPluginInstance->GetOwner();
+  }
+  nsCOMPtr<nsIDOMElement> element;
+  nsCOMPtr<nsIDocument> doc;
+  if (owner) {
+    owner->GetDOMElement(getter_AddRefs(element));
+    owner->GetDocument(getter_AddRefs(doc));
+  }
+  nsCOMPtr<nsIPrincipal> principal = doc ? doc->NodePrincipal() : nullptr;
+
+  int16_t shouldLoad = nsIContentPolicy::ACCEPT;
+  rv = NS_CheckContentProcessPolicy(nsIContentPolicy::TYPE_OBJECT_SUBREQUEST,
+                                    mURL,
+                                    principal,
+                                    element,
+                                    contentType,
+                                    nullptr,
+                                    &shouldLoad);
+  if (NS_FAILED(rv) || NS_CP_REJECTED(shouldLoad)) {
+    mRequestFailed = true;
+    return NS_ERROR_CONTENT_BLOCKED;
+  }
+
   // Get the notification callbacks from the channel and save it as
   // week ref we'll use it in nsPluginStreamInfo::RequestRead() when
   // we'll create channel for byte range request.
   nsCOMPtr<nsIInterfaceRequestor> callbacks;
   channel->GetNotificationCallbacks(getter_AddRefs(callbacks));
   if (callbacks)
     mWeakPtrChannelCallbacks = do_GetWeakReference(callbacks);
 
@@ -504,35 +538,30 @@ nsPluginStreamListenerPeer::OnStartReque
       return NS_ERROR_FAILURE;
     }
     mLength = 0;
   }
   else {
     mLength = uint32_t(length);
   }
 
-  nsAutoCString aContentType; // XXX but we already got the type above!
-  rv = channel->GetContentType(aContentType);
-  if (NS_FAILED(rv))
-    return rv;
-
   nsCOMPtr<nsIURI> aURL;
   rv = channel->GetURI(getter_AddRefs(aURL));
   if (NS_FAILED(rv))
     return rv;
 
   aURL->GetSpec(mURLSpec);
 
-  if (!aContentType.IsEmpty())
-    mContentType = aContentType;
+  if (!contentType.IsEmpty())
+    mContentType = contentType;
 
 #ifdef PLUGIN_LOGGING
   PR_LOG(nsPluginLogging::gPluginLog, PLUGIN_LOG_NOISY,
          ("nsPluginStreamListenerPeer::OnStartRequest this=%p request=%p mime=%s, url=%s\n",
-          this, request, aContentType.get(), mURLSpec.get()));
+          this, request, contentType.get(), mURLSpec.get()));
 
   PR_LogFlush();
 #endif
 
   // Set up the stream listener...
   rv = SetUpStreamListener(request, aURL);
   if (NS_FAILED(rv)) {
     return rv;