Bug 923625 - DataStore sends the principal as argument in sendAsyncMessage, r=ehsan
☠☠ backed out by db2f368bf999 ☠ ☠
authorAndrea Marchesini <amarchesini@mozilla.com>
Fri, 08 Nov 2013 23:05:39 +0000
changeset 169792 6da206d64b498094eabf05cb71140023ff843a52
parent 169791 2590f19a00463f138c9a59458ad913c3d6593bce
child 169793 593f1ea908dcaca6fabc4bae6c14b7934a100eb2
push id445
push userffxbld
push dateMon, 10 Mar 2014 22:05:19 +0000
treeherdermozilla-release@dc38b741b04e [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersehsan
bugs923625
milestone28.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 923625 - DataStore sends the principal as argument in sendAsyncMessage, r=ehsan
dom/datastore/DataStoreService.js
dom/datastore/DataStoreServiceInternal.jsm
--- a/dom/datastore/DataStoreService.js
+++ b/dom/datastore/DataStoreService.js
@@ -231,18 +231,21 @@ DataStoreService.prototype = {
       // window, so we can skip the ipc communication.
       if (self.inParent) {
         let stores = self.getDataStoresInfo(aName, aWindow.document.nodePrincipal.appId);
         self.getDataStoreCreate(aWindow, resolve, stores);
       } else {
         // This method can be called in the child so we need to send a request
         // to the parent and create DataStore object here.
         new DataStoreServiceChild(aWindow, aName, function(aStores) {
-          debug("DataStoreServiceChild callback!");
+          debug("DataStoreServiceChild success callback!");
           self.getDataStoreCreate(aWindow, resolve, aStores);
+        }, function() {
+          debug("DataStoreServiceChild error callback!");
+          reject(new aWindow.DOMError("SecurityError", "Access denied"));
         });
       }
     });
   },
 
   getDataStoresInfo: function(aName, aAppId) {
     debug('GetDataStoresInfo');
 
@@ -420,38 +423,45 @@ DataStoreService.prototype = {
     contractID: '@mozilla.org/datastore-service;1',
     interfaces: [Ci.nsIDataStoreService, Ci.nsIObserver],
     flags: Ci.nsIClassInfo.SINGLETON
   })
 };
 
 /* DataStoreServiceChild */
 
-function DataStoreServiceChild(aWindow, aName, aCallback) {
+function DataStoreServiceChild(aWindow, aName, aSuccessCb, aErrorCb) {
   debug("DataStoreServiceChild created");
-  this.init(aWindow, aName, aCallback);
+  this.init(aWindow, aName, aSuccessCb, aErrorCb);
 }
 
 DataStoreServiceChild.prototype = {
   __proto__: DOMRequestIpcHelper.prototype,
 
-  init: function(aWindow, aName, aCallback) {
+  init: function(aWindow, aName, aSuccessCb, aErrorCb) {
     debug("DataStoreServiceChild init");
-    this._callback = aCallback;
+    this._successCb = aSuccessCb;
+    this._errorCb = aErrorCb;
 
-    this.initDOMRequestHelper(aWindow, [ "DataStore:Get:Return" ]);
+    this.initDOMRequestHelper(aWindow, [ "DataStore:Get:Return:OK",
+                                         "DataStore:Get:Return:KO" ]);
 
     // This is a security issue and it will be fixed by Bug 916091
     cpmm.sendAsyncMessage("DataStore:Get",
-                          { name: aName, appId: aWindow.document.nodePrincipal.appId });
+                          { name: aName }, null, aWindow.document.nodePrincipal );
   },
 
   receiveMessage: function(aMessage) {
     debug("DataStoreServiceChild receiveMessage");
-    if (aMessage.name != 'DataStore:Get:Return') {
-      return;
+
+    switch (aMessage.name) {
+      case 'DataStore:Get:Return:OK':
+        this._successCb(aMessage.data.stores);
+        break;
+
+      case 'DataStore:Get:Return:KO':
+        this._errorCb();
+        break;
     }
-
-    this._callback(aMessage.data.stores);
   }
 }
 
 this.NSGetFactory = XPCOMUtils.generateNSGetFactory([DataStoreService]);
--- a/dom/datastore/DataStoreServiceInternal.jsm
+++ b/dom/datastore/DataStoreServiceInternal.jsm
@@ -37,15 +37,20 @@ this.DataStoreServiceInternal = {
     debug("receiveMessage");
 
     if (aMessage.name != 'DataStore:Get') {
       return;
     }
 
     let msg = aMessage.data;
 
-    // This is a security issue and it will be fixed by Bug 916091
-    msg.stores = dataStoreService.getDataStoresInfo(msg.name, msg.appId);
-    aMessage.target.sendAsyncMessage("DataStore:Get:Return", msg);
+    if (!aMessage.principal ||
+        aMessage.principal.appId == Ci.nsIScriptSecurityManager.UNKNOWN_APP_ID) {
+      aMessage.target.sendAsyncMessage("DataStore:Get:Return:KO");
+      return;
+    }
+
+    msg.stores = dataStoreService.getDataStoresInfo(msg.name, aMessage.principal.appId);
+    aMessage.target.sendAsyncMessage("DataStore:Get:Return:OK", msg);
   }
 }
 
 DataStoreServiceInternal.init();