Bug 1478441 - Introduce nsIURIWithSpecialOrigin needed for Thunderbird. r=baku
authorJorg K <jorgk@jorgk.com>
Tue, 31 Jul 2018 11:27:00 +0300
changeset 487384 01533e16608569eeb2bbe413cb6cc892e912f12b
parent 487383 857884a8913ec3f3d9a5cc4168c54df42354ea7a
child 487385 0a056e94342d4423077ec83119b5e41eab2e5afe
push id1815
push userffxbld-merge
push dateMon, 15 Oct 2018 10:40:45 +0000
treeherdermozilla-release@18d4c09e9378 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbaku
bugs1478441
milestone63.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1478441 - Introduce nsIURIWithSpecialOrigin needed for Thunderbird. r=baku
caps/BasePrincipal.cpp
caps/ContentPrincipal.cpp
dom/base/nsContentUtils.cpp
netwerk/base/moz.build
netwerk/base/nsIURIWithSpecialOrigin.idl
netwerk/base/nsNetUtil.cpp
--- a/caps/BasePrincipal.cpp
+++ b/caps/BasePrincipal.cpp
@@ -9,16 +9,17 @@
 #include "nsDocShell.h"
 #include "nsIContentSecurityPolicy.h"
 #include "nsIObjectInputStream.h"
 #include "nsIObjectOutputStream.h"
 #include "nsIStandardURL.h"
 
 #include "ExpandedPrincipal.h"
 #include "nsNetUtil.h"
+#include "nsIURIWithSpecialOrigin.h"
 #include "nsScriptSecurityManager.h"
 #include "nsServiceManagerUtils.h"
 
 #include "mozilla/ContentPrincipal.h"
 #include "mozilla/NullPrincipal.h"
 #include "mozilla/dom/BlobURLProtocolHandler.h"
 #include "mozilla/dom/ChromeUtils.h"
 #include "mozilla/dom/CSPDictionariesBinding.h"
@@ -406,16 +407,31 @@ BasePrincipal::CreateCodebasePrincipal(n
   bool inheritsPrincipal;
   nsresult rv = NS_URIChainHasFlags(aURI, nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT,
                                     &inheritsPrincipal);
   if (NS_FAILED(rv) || inheritsPrincipal) {
     return NullPrincipal::Create(aAttrs);
   }
 
   // Check whether the URI knows what its principal is supposed to be.
+#if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE)
+  nsCOMPtr<nsIURIWithSpecialOrigin> uriWithSpecialOrigin = do_QueryInterface(aURI);
+  if (uriWithSpecialOrigin) {
+    nsCOMPtr<nsIURI> origin;
+    rv = uriWithSpecialOrigin->GetOrigin(getter_AddRefs(origin));
+    if (NS_WARN_IF(NS_FAILED(rv))) {
+      return nullptr;
+    }
+    MOZ_ASSERT(origin);
+    OriginAttributes attrs;
+    RefPtr<BasePrincipal> principal = CreateCodebasePrincipal(origin, attrs);
+    return principal.forget();
+  }
+#endif
+
   nsCOMPtr<nsIPrincipal> blobPrincipal;
   if (dom::BlobURLProtocolHandler::GetBlobURLPrincipal(aURI,
                                                        getter_AddRefs(blobPrincipal))) {
     MOZ_ASSERT(blobPrincipal);
     RefPtr<BasePrincipal> principal = Cast(blobPrincipal);
     return principal.forget();
   }
 
--- a/caps/ContentPrincipal.cpp
+++ b/caps/ContentPrincipal.cpp
@@ -11,16 +11,17 @@
 #include "nscore.h"
 #include "nsScriptSecurityManager.h"
 #include "nsString.h"
 #include "nsReadableUtils.h"
 #include "pratom.h"
 #include "nsIURI.h"
 #include "nsIURL.h"
 #include "nsIStandardURL.h"
+#include "nsIURIWithSpecialOrigin.h"
 #include "nsJSPrincipals.h"
 #include "nsIEffectiveTLDService.h"
 #include "nsIClassInfoImpl.h"
 #include "nsIObjectInputStream.h"
 #include "nsIObjectOutputStream.h"
 #include "nsIProtocolHandler.h"
 #include "nsError.h"
 #include "nsIContentSecurityPolicy.h"
@@ -265,16 +266,31 @@ ContentPrincipal::GetURI(nsIURI** aURI)
   return NS_OK;
 }
 
 bool
 ContentPrincipal::MayLoadInternal(nsIURI* aURI)
 {
   MOZ_ASSERT(aURI);
 
+#if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE)
+  nsCOMPtr<nsIURIWithSpecialOrigin> uriWithSpecialOrigin = do_QueryInterface(aURI);
+  if (uriWithSpecialOrigin) {
+    nsCOMPtr<nsIURI> origin;
+    nsresult rv = uriWithSpecialOrigin->GetOrigin(getter_AddRefs(origin));
+    if (NS_WARN_IF(NS_FAILED(rv))) {
+      return false;
+    }
+    MOZ_ASSERT(origin);
+    OriginAttributes attrs;
+    RefPtr<BasePrincipal> principal = BasePrincipal::CreateCodebasePrincipal(origin, attrs);
+    return nsIPrincipal::Subsumes(principal);
+  }
+#endif
+
   nsCOMPtr<nsIPrincipal> blobPrincipal;
   if (dom::BlobURLProtocolHandler::GetBlobURLPrincipal(aURI,
                                                        getter_AddRefs(blobPrincipal))) {
     MOZ_ASSERT(blobPrincipal);
     return nsIPrincipal::Subsumes(blobPrincipal);
   }
 
   // If this principal is associated with an addon, check whether that addon
--- a/dom/base/nsContentUtils.cpp
+++ b/dom/base/nsContentUtils.cpp
@@ -174,16 +174,17 @@
 #include "nsIScriptError.h"
 #include "nsIScriptGlobalObject.h"
 #include "nsIScriptObjectPrincipal.h"
 #include "nsIScriptSecurityManager.h"
 #include "nsIScrollable.h"
 #include "nsIStreamConverterService.h"
 #include "nsIStringBundle.h"
 #include "nsIURI.h"
+#include "nsIURIWithSpecialOrigin.h"
 #include "nsIURL.h"
 #include "nsIWebNavigation.h"
 #include "nsIWindowMediator.h"
 #include "nsIXPConnect.h"
 #include "nsJSUtils.h"
 #include "nsMappedAttributes.h"
 #include "nsNetCID.h"
 #include "nsNetUtil.h"
@@ -6339,19 +6340,32 @@ nsContentUtils::GetUTFOrigin(nsIPrincipa
   return NS_OK;
 }
 
 /* static */
 nsresult
 nsContentUtils::GetUTFOrigin(nsIURI* aURI, nsAString& aOrigin)
 {
   MOZ_ASSERT(aURI, "missing uri");
+  nsresult rv;
+
+#if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE)
+  // Check if either URI has a special origin.
+  nsCOMPtr<nsIURIWithSpecialOrigin> uriWithSpecialOrigin = do_QueryInterface(aURI);
+  if (uriWithSpecialOrigin) {
+    nsCOMPtr<nsIURI> origin;
+    rv = uriWithSpecialOrigin->GetOrigin(getter_AddRefs(origin));
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    return GetUTFOrigin(origin, aOrigin);
+  }
+#endif
 
   bool isBlobURL = false;
-  nsresult rv = aURI->SchemeIs(BLOBURI_SCHEME, &isBlobURL);
+  rv = aURI->SchemeIs(BLOBURI_SCHEME, &isBlobURL);
   NS_ENSURE_SUCCESS(rv, rv);
 
   // For Blob URI, the path is the URL of the owning page.
   if (isBlobURL) {
     nsAutoCString path;
     rv = aURI->GetPathQueryRef(path);
     NS_ENSURE_SUCCESS(rv, rv);
 
--- a/netwerk/base/moz.build
+++ b/netwerk/base/moz.build
@@ -121,16 +121,17 @@ XPIDL_SOURCES += [
     'nsITraceableChannel.idl',
     'nsITransport.idl',
     'nsIUDPSocket.idl',
     'nsIUploadChannel.idl',
     'nsIUploadChannel2.idl',
     'nsIURI.idl',
     'nsIURIClassifier.idl',
     'nsIURIMutator.idl',
+    'nsIURIWithSpecialOrigin.idl',
     'nsIURL.idl',
     'nsIURLParser.idl',
     'nsPILoadGroupInternal.idl',
     'nsPISocketTransportService.idl',
 ]
 
 if CONFIG['MOZ_TOOLKIT_SEARCH']:
     XPIDL_SOURCES += [
new file mode 100644
--- /dev/null
+++ b/netwerk/base/nsIURIWithSpecialOrigin.idl
@@ -0,0 +1,20 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nsISupports.idl"
+
+interface nsIURI;
+
+/**
+ * nsIURIWithSpecialOrigin is implemented by URIs need to supply an origin that
+ * does not match the spec. This is exclusively used in comm-central's Mailnews module.
+ */
+[scriptable, builtinclass, uuid(4f65569b-d6fc-4580-94d9-21e775658a2a)]
+interface nsIURIWithSpecialOrigin : nsISupports
+{
+    /**
+     * Special origin.
+     */
+    readonly attribute nsIURI origin;
+};
--- a/netwerk/base/nsNetUtil.cpp
+++ b/netwerk/base/nsNetUtil.cpp
@@ -56,16 +56,17 @@
 #include "nsISocketProviderService.h"
 #include "nsIStandardURL.h"
 #include "nsIStreamLoader.h"
 #include "nsIIncrementalStreamLoader.h"
 #include "nsIStreamTransportService.h"
 #include "nsStringStream.h"
 #include "nsISyncStreamListener.h"
 #include "nsITransport.h"
+#include "nsIURIWithSpecialOrigin.h"
 #include "nsIURLParser.h"
 #include "nsIUUIDGenerator.h"
 #include "nsIViewSourceChannel.h"
 #include "nsInterfaceRequestorAgg.h"
 #include "plstr.h"
 #include "nsINestedURI.h"
 #include "mozilla/dom/nsCSPUtils.h"
 #include "mozilla/dom/BlobURLProtocolHandler.h"
@@ -2458,16 +2459,18 @@ NS_SecurityHashURI(nsIURI *aURI)
     return mozilla::AddToHash(schemeHash, hostHash, NS_GetRealPort(baseURI));
 }
 
 bool
 NS_SecurityCompareURIs(nsIURI *aSourceURI,
                        nsIURI *aTargetURI,
                        bool    aStrictFileOriginPolicy)
 {
+    nsresult rv;
+
     // Note that this is not an Equals() test on purpose -- for URIs that don't
     // support host/port, we want equality to basically be object identity, for
     // security purposes.  Otherwise, for example, two javascript: URIs that
     // are otherwise unrelated could end up "same origin", which would be
     // unfortunate.
     if (aSourceURI && aSourceURI == aTargetURI)
     {
         return true;
@@ -2477,31 +2480,54 @@ NS_SecurityCompareURIs(nsIURI *aSourceUR
     {
         return false;
     }
 
     // If either URI is a nested URI, get the base URI
     nsCOMPtr<nsIURI> sourceBaseURI = NS_GetInnermostURI(aSourceURI);
     nsCOMPtr<nsIURI> targetBaseURI = NS_GetInnermostURI(aTargetURI);
 
+#if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE)
+    // Check if either URI has a special origin.
+    nsCOMPtr<nsIURI> origin;
+    nsCOMPtr<nsIURIWithSpecialOrigin> uriWithSpecialOrigin = do_QueryInterface(sourceBaseURI);
+    if (uriWithSpecialOrigin) {
+      rv = uriWithSpecialOrigin->GetOrigin(getter_AddRefs(origin));
+      if (NS_WARN_IF(NS_FAILED(rv))) {
+        return false;
+      }
+      MOZ_ASSERT(origin);
+      sourceBaseURI = origin;
+    }
+    uriWithSpecialOrigin = do_QueryInterface(targetBaseURI);
+    if (uriWithSpecialOrigin) {
+      rv = uriWithSpecialOrigin->GetOrigin(getter_AddRefs(origin));
+      if (NS_WARN_IF(NS_FAILED(rv))) {
+        return false;
+      }
+      MOZ_ASSERT(origin);
+      targetBaseURI = origin;
+    }
+#endif
+
     nsCOMPtr<nsIPrincipal> sourceBlobPrincipal;
     if (BlobURLProtocolHandler::GetBlobURLPrincipal(sourceBaseURI,
                                                     getter_AddRefs(sourceBlobPrincipal))) {
       nsCOMPtr<nsIURI> sourceBlobOwnerURI;
-      nsresult rv = sourceBlobPrincipal->GetURI(getter_AddRefs(sourceBlobOwnerURI));
+      rv = sourceBlobPrincipal->GetURI(getter_AddRefs(sourceBlobOwnerURI));
       if (NS_SUCCEEDED(rv)) {
         sourceBaseURI = sourceBlobOwnerURI;
       }
     }
 
     nsCOMPtr<nsIPrincipal> targetBlobPrincipal;
     if (BlobURLProtocolHandler::GetBlobURLPrincipal(targetBaseURI,
                                                     getter_AddRefs(targetBlobPrincipal))) {
       nsCOMPtr<nsIURI> targetBlobOwnerURI;
-      nsresult rv = targetBlobPrincipal->GetURI(getter_AddRefs(targetBlobOwnerURI));
+      rv = targetBlobPrincipal->GetURI(getter_AddRefs(targetBlobOwnerURI));
       if (NS_SUCCEEDED(rv)) {
         targetBaseURI = targetBlobOwnerURI;
       }
     }
 
     if (!sourceBaseURI || !targetBaseURI)
         return false;
 
@@ -2535,17 +2561,17 @@ NS_SecurityCompareURIs(nsIURI *aSourceUR
         sourceFileURL->GetFile(getter_AddRefs(sourceFile));
         targetFileURL->GetFile(getter_AddRefs(targetFile));
 
         if (!sourceFile || !targetFile)
             return false;
 
         // Otherwise they had better match
         bool filesAreEqual = false;
-        nsresult rv = sourceFile->Equals(targetFile, &filesAreEqual);
+        rv = sourceFile->Equals(targetFile, &filesAreEqual);
         return NS_SUCCEEDED(rv) && filesAreEqual;
     }
 
 #if IS_ORIGIN_IS_FULL_SPEC_DEFINED
     bool hasFlag;
     if (NS_FAILED(NS_URIChainHasFlags(targetBaseURI,
         nsIProtocolHandler::ORIGIN_IS_FULL_SPEC, &hasFlag)) ||
         hasFlag)