Make security manager API more useful from script. Make more things
authorbzbarsky@mit.edu
Mon, 18 Jun 2007 08:12:09 -0700
changeset 2524 a05bdf8965fb15fef68dac89018fbd812c64efde
parent 2523 c91b7d89788c303fd49c5bc565f7c7961b40af59
child 2525 18fcb6c89453e3e68ef299e1e51f466f3d0f0dab
push id1
push userroot
push dateTue, 26 Apr 2011 22:38:44 +0000
treeherdermozilla-beta@bfdb6e623a36 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
bugs383783
milestone1.9a6pre
Make security manager API more useful from script. Make more things scriptable, and add a scriptable method for testing whether a given principal is the system principal. Bug 383783, r=dveditz, sr=jst
caps/idl/nsIScriptSecurityManager.idl
caps/src/nsScriptSecurityManager.cpp
--- a/caps/idl/nsIScriptSecurityManager.idl
+++ b/caps/idl/nsIScriptSecurityManager.idl
@@ -37,17 +37,17 @@
 
 #include "nsISupports.idl"
 #include "nsIPrincipal.idl"
 #include "nsIXPCSecurityManager.idl"
 interface nsIURI;
 interface nsIChannel;
 
 
-[scriptable, uuid(c61d3ad1-00aa-407c-b7d7-de48b3f18662)]
+[scriptable, uuid(0b8a9b32-713f-4c39-bea0-6cacec46f385)]
 interface nsIScriptSecurityManager : nsIXPCSecurityManager
 {
     ///////////////// Security Checks //////////////////
     /**
      * Checks whether the running script is allowed to access aProperty.
      */
     [noscript] void checkPropertyAccess(in JSContextPtr aJSContext,
                                         in JSObjectPtr aJSObject,
@@ -208,17 +208,17 @@ interface nsIScriptSecurityManager : nsI
                                  in AUTF8String aSubjectName,
                                  in AUTF8String aPrettyName,
                                  in nsISupports aCert,
                                  in nsIURI aURI);
 
     /**
      * Return a principal that has the same origin as aURI.
      */
-    [noscript] nsIPrincipal getCodebasePrincipal(in nsIURI aURI);
+    nsIPrincipal getCodebasePrincipal(in nsIURI aURI);
 
     ///////////////// Capabilities API /////////////////////
     /**
      * Request that 'capability' can be enabled by scripts or applets
      * running with 'principal'. Will prompt user if
      * necessary. Returns nsIPrincipal::ENABLE_GRANTED or
      * nsIPrincipal::ENABLE_DENIED based on user's choice.
      */
@@ -301,15 +301,22 @@ interface nsIScriptSecurityManager : nsI
      */
     [noscript] nsIPrincipal getPrincipalFromContext(in JSContextPtr cx);
 
     /**
      * Get the principal for the given channel.  This will typically be the
      * channel owner if there is one, and the codebase principal for the
      * channel's URI otherwise.  aChannel must not be null.
      */
-    [noscript] nsIPrincipal getChannelPrincipal(in nsIChannel aChannel);
+    nsIPrincipal getChannelPrincipal(in nsIChannel aChannel);
+
+    /**
+     * Check whether a given principal is a system principal.  This allows us
+     * to avoid handing back the system principal to script while allowing
+     * script to check whether a given principal is system.
+     */
+    boolean isSystemPrincipal(in nsIPrincipal aPrincipal);
 };
 
 %{C++
 #define NS_SCRIPTSECURITYMANAGER_CONTRACTID "@mozilla.org/scriptsecuritymanager;1"
 #define NS_SCRIPTSECURITYMANAGER_CLASSNAME "scriptsecuritymanager"
 %}
--- a/caps/src/nsScriptSecurityManager.cpp
+++ b/caps/src/nsScriptSecurityManager.cpp
@@ -380,16 +380,24 @@ nsScriptSecurityManager::GetChannelPrinc
       aChannel->GetURI(getter_AddRefs(uri));
     } else {
       aChannel->GetOriginalURI(getter_AddRefs(uri));
     }
 
     return GetCodebasePrincipal(uri, aPrincipal);
 }
 
+NS_IMETHODIMP
+nsScriptSecurityManager::IsSystemPrincipal(nsIPrincipal* aPrincipal,
+                                           PRBool* aIsSystem)
+{
+    *aIsSystem = (aPrincipal == mSystemPrincipal);
+    return NS_OK;
+}
+
 ////////////////////
 // Policy Storage //
 ////////////////////
 
 // Table of security levels
 PR_STATIC_CALLBACK(PRBool)
 DeleteCapability(nsHashKey *aKey, void *aData, void* closure)
 {