Bug 1144270 : Update remaining callers of newChannel to newChannel2 in netwerk/ (r=mcmanus)
authorChristoph Kerschbaumer <mozilla@christophkerschbaumer.com>
Fri, 20 Mar 2015 12:27:34 -0700
changeset 263657 9b47ec7ffe71b8da76d3e3bd0915ce82513bfe78
parent 263656 bf9e8b4096cf72dc9babb8bf4043df52882dfd2b
child 263658 c89f330bf7818b3150efc971e35b5ffe450c835f
push id4718
push userraliiev@mozilla.com
push dateMon, 11 May 2015 18:39:53 +0000
treeherdermozilla-beta@c20c4ef55f08 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmcmanus
bugs1144270
milestone39.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1144270 : Update remaining callers of newChannel to newChannel2 in netwerk/ (r=mcmanus)
netwerk/base/nsIOService.cpp
netwerk/base/nsProtocolProxyService.cpp
--- a/netwerk/base/nsIOService.cpp
+++ b/netwerk/base/nsIOService.cpp
@@ -1556,24 +1556,41 @@ nsIOService::SpeculativeConnect(nsIURI *
                                 nsIInterfaceRequestor *aCallbacks)
 {
     // Check for proxy information. If there is a proxy configured then a
     // speculative connect should not be performed because the potential
     // reward is slim with tcp peers closely located to the browser.
     nsresult rv;
     nsCOMPtr<nsIProtocolProxyService> pps =
             do_GetService(NS_PROTOCOLPROXYSERVICE_CONTRACTID, &rv);
-    if (NS_FAILED(rv))
-        return rv;
+    NS_ENSURE_SUCCESS(rv, rv);
 
+    nsCOMPtr<nsIScriptSecurityManager> secMan(
+        do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv));
+    NS_ENSURE_SUCCESS(rv, rv);
+    nsCOMPtr<nsIPrincipal> systemPrincipal;
+    rv = secMan->GetSystemPrincipal(getter_AddRefs(systemPrincipal));
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    // dummy channel used to create a TCP connection.
+    // we perform security checks on the *real* channel, responsible
+    // for any network loads. this real channel just checks the TCP
+    // pool if there is an available connection created by the
+    // channel we create underneath - hence it's safe to use
+    // the systemPrincipal as the loadingPrincipal for this channel.
     nsCOMPtr<nsIChannel> channel;
-    rv = NewChannelFromURI(aURI, getter_AddRefs(channel));
-    if (NS_FAILED(rv)) {
-        return rv;
-    }
+    rv = NewChannelFromURI2(aURI,
+                            nullptr, // aLoadingNode,
+                            systemPrincipal,
+                            nullptr, //aTriggeringPrincipal,
+                            nsILoadInfo::SEC_NORMAL,
+                            nsIContentPolicy::TYPE_OTHER,
+                            getter_AddRefs(channel));
+
+    NS_ENSURE_SUCCESS(rv, rv);
 
     nsCOMPtr<nsICancelable> cancelable;
     nsRefPtr<IOServiceProxyCallback> callback =
         new IOServiceProxyCallback(aCallbacks, this);
     nsCOMPtr<nsIProtocolProxyService2> pps2 = do_QueryInterface(pps);
     if (pps2) {
         return pps2->AsyncResolve2(channel, 0, callback, getter_AddRefs(cancelable));
     }
--- a/netwerk/base/nsProtocolProxyService.cpp
+++ b/netwerk/base/nsProtocolProxyService.cpp
@@ -13,16 +13,17 @@
 #include "nsIIOService.h"
 #include "nsIObserverService.h"
 #include "nsIProtocolHandler.h"
 #include "nsIProtocolProxyCallback.h"
 #include "nsIChannel.h"
 #include "nsICancelable.h"
 #include "nsIDNSService.h"
 #include "nsPIDNSService.h"
+#include "nsIScriptSecurityManager.h"
 #include "nsIPrefService.h"
 #include "nsIPrefBranch.h"
 #include "nsThreadUtils.h"
 #include "nsString.h"
 #include "nsNetUtil.h"
 #include "nsNetCID.h"
 #include "prnetdb.h"
 #include "nsPACMan.h"
@@ -1280,21 +1281,32 @@ nsProtocolProxyService::AsyncResolve(nsI
     // Check if we got a channel:
     nsCOMPtr<nsIChannel> channel = do_QueryInterface(channelOrURI);
     if (!channel) {
         nsCOMPtr<nsIURI> uri = do_QueryInterface(channelOrURI);
         if (!uri) {
             return NS_ERROR_NO_INTERFACE;
         }
 
-        // make a temporary channel from the URI
-        nsCOMPtr<nsIIOService> ios(do_GetIOService(&rv));
-        if (NS_FAILED(rv)) return rv;
-        rv = ios->NewChannelFromURI(uri, getter_AddRefs(channel));
-        if (NS_FAILED(rv)) return rv;
+        nsCOMPtr<nsIScriptSecurityManager> secMan(
+            do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv));
+        NS_ENSURE_SUCCESS(rv, rv);
+        nsCOMPtr<nsIPrincipal> systemPrincipal;
+        rv = secMan->GetSystemPrincipal(getter_AddRefs(systemPrincipal));
+        NS_ENSURE_SUCCESS(rv, rv);
+
+        // creating a temporary channel from the URI which is not
+        // used to perform any network loads, hence its safe to
+        // use systemPrincipal as the loadingPrincipal.
+        rv = NS_NewChannel(getter_AddRefs(channel),
+                           uri,
+                           systemPrincipal,
+                           nsILoadInfo::SEC_NORMAL,
+                           nsIContentPolicy::TYPE_OTHER);
+        NS_ENSURE_SUCCESS(rv, rv);
     }
 
     return AsyncResolveInternal(channel, flags, callback, result, false);
 }
 
 NS_IMETHODIMP
 nsProtocolProxyService::NewProxyInfo(const nsACString &aType,
                                      const nsACString &aHost,