Bug 1182610 - Check for UNKNOWN_APP_ID in nsIPrincipal::GetOrigin. r=gabor, a=ritu
authorBobby Holley <bobbyholley@gmail.com>
Wed, 15 Jul 2015 14:50:12 -0700
changeset 283146 adf1daf281fd1c9496d41b67707c2d323c65b566
parent 283145 4fcca0b037e16753ad0c751232a43d5794c0a514
child 283147 b78ac90e74900431363797e632157101638c3ec5
push id897
push userjlund@mozilla.com
push dateMon, 14 Sep 2015 18:56:12 +0000
treeherdermozilla-release@9411e2d2b214 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgabor, ritu
bugs1182610
milestone41.0a2
Bug 1182610 - Check for UNKNOWN_APP_ID in nsIPrincipal::GetOrigin. r=gabor, a=ritu
caps/BasePrincipal.cpp
caps/tests/unit/test_origin.js
--- a/caps/BasePrincipal.cpp
+++ b/caps/BasePrincipal.cpp
@@ -144,16 +144,25 @@ BasePrincipal::BasePrincipal()
 BasePrincipal::~BasePrincipal()
 {}
 
 NS_IMETHODIMP
 BasePrincipal::GetOrigin(nsACString& aOrigin)
 {
   nsresult rv = GetOriginInternal(aOrigin);
   NS_ENSURE_SUCCESS(rv, rv);
+
+  // OriginAttributes::CreateSuffix asserts against UNKNOWN_APP_ID. It's trivial
+  // to trigger this getter from script on such a principal, so we handle it
+  // here at the API entry point.
+  if (mOriginAttributes.mAppId == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
+    NS_WARNING("Refusing to provide canonical origin string to principal with UNKNOWN_APP_ID");
+    return NS_ERROR_FAILURE;
+  }
+
   nsAutoCString suffix;
   mOriginAttributes.CreateSuffix(suffix);
   aOrigin.Append(suffix);
   return NS_OK;
 }
 
 NS_IMETHODIMP
 BasePrincipal::GetOriginNoSuffix(nsACString& aOrigin)
--- a/caps/tests/unit/test_origin.js
+++ b/caps/tests/unit/test_origin.js
@@ -85,16 +85,20 @@ function run_test() {
   checkOriginAttributes(nullPrin_appBrowser, 42, true, '!appId=42&inBrowser=1');
   do_check_eq(exampleOrg_appBrowser.origin, 'http://example.org!appId=42&inBrowser=1');
 
   // App and browser, different domain.
   var exampleCom_appBrowser = ssm.createCodebasePrincipal(makeURI('https://www.example.com:123'), {appId: 42, inBrowser: true});
   checkOriginAttributes(exampleCom_appBrowser, 42, true, '!appId=42&inBrowser=1');
   do_check_eq(exampleCom_appBrowser.origin, 'https://www.example.com:123!appId=42&inBrowser=1');
 
+  // Make sure that we refuse to create .origin for principals with UNKNOWN_APP_ID.
+  var simplePrin = ssm.getSimpleCodebasePrincipal(makeURI('http://example.com'));
+  try { simplePrin.origin; do_check_true(false); } catch (e) { do_check_true(true); }
+
   // Check that all of the above are cross-origin.
   checkCrossOrigin(exampleOrg_app, exampleOrg);
   checkCrossOrigin(exampleOrg_app, nullPrin_app);
   checkCrossOrigin(exampleOrg_browser, exampleOrg_app);
   checkCrossOrigin(exampleOrg_browser, nullPrin_browser);
   checkCrossOrigin(exampleOrg_appBrowser, exampleOrg_app);
   checkCrossOrigin(exampleOrg_appBrowser, nullPrin_appBrowser);
   checkCrossOrigin(exampleOrg_appBrowser, exampleCom_appBrowser);