Bug 1022229 - Hoist GetAppStatus into a static method on nsScriptSecurityManager. r=bz
authorBobby Holley <bobbyholley@gmail.com>
Tue, 29 Jul 2014 08:47:52 -0700
changeset 219524 f163c6ca88ee4c080e56533326e42e10be637143
parent 219523 e8a6a7a2212502f15564c671a363601b7dcd5a19
child 219525 36fe477bcbcf4588cb767003da7155f8091e3cc2
push id583
push userbhearsum@mozilla.com
push dateMon, 24 Nov 2014 19:04:58 +0000
treeherdermozilla-release@c107e74250f4 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbz
bugs1022229
milestone34.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1022229 - Hoist GetAppStatus into a static method on nsScriptSecurityManager. r=bz
caps/nsPrincipal.cpp
caps/nsScriptSecurityManager.cpp
caps/nsScriptSecurityManager.h
--- a/caps/nsPrincipal.cpp
+++ b/caps/nsPrincipal.cpp
@@ -572,58 +572,21 @@ nsPrincipal::Write(nsIObjectOutputStream
   // on the deserialized URIs in Read().
 
   return NS_OK;
 }
 
 uint16_t
 nsPrincipal::GetAppStatus()
 {
-  NS_WARN_IF_FALSE(mAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID,
-                   "Asking for app status on a principal with an unknown app id");
-  // Installed apps have a valid app id (not NO_APP_ID or UNKNOWN_APP_ID)
-  // and they are not inside a mozbrowser.
-  if (mAppId == nsIScriptSecurityManager::NO_APP_ID ||
-      mAppId == nsIScriptSecurityManager::UNKNOWN_APP_ID || mInMozBrowser) {
+  if (mAppId == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
+    NS_WARNING("Asking for app status on a principal with an unknown app id");
     return nsIPrincipal::APP_STATUS_NOT_INSTALLED;
   }
-
-  nsCOMPtr<nsIAppsService> appsService = do_GetService(APPS_SERVICE_CONTRACTID);
-  NS_ENSURE_TRUE(appsService, nsIPrincipal::APP_STATUS_NOT_INSTALLED);
-
-  nsCOMPtr<mozIApplication> app;
-  appsService->GetAppByLocalId(mAppId, getter_AddRefs(app));
-  NS_ENSURE_TRUE(app, nsIPrincipal::APP_STATUS_NOT_INSTALLED);
-
-  uint16_t status = nsIPrincipal::APP_STATUS_INSTALLED;
-  NS_ENSURE_SUCCESS(app->GetAppStatus(&status),
-                    nsIPrincipal::APP_STATUS_NOT_INSTALLED);
-
-  nsAutoCString origin;
-  NS_ENSURE_SUCCESS(GetOrigin(getter_Copies(origin)),
-                    nsIPrincipal::APP_STATUS_NOT_INSTALLED);
-  nsString appOrigin;
-  NS_ENSURE_SUCCESS(app->GetOrigin(appOrigin),
-                    nsIPrincipal::APP_STATUS_NOT_INSTALLED);
-
-  // We go from string -> nsIURI -> origin to be sure we
-  // compare two punny-encoded origins.
-  nsCOMPtr<nsIURI> appURI;
-  NS_ENSURE_SUCCESS(NS_NewURI(getter_AddRefs(appURI), appOrigin),
-                    nsIPrincipal::APP_STATUS_NOT_INSTALLED);
-
-  nsAutoCString appOriginPunned;
-  NS_ENSURE_SUCCESS(GetOriginForURI(appURI, getter_Copies(appOriginPunned)),
-                    nsIPrincipal::APP_STATUS_NOT_INSTALLED);
-
-  if (!appOriginPunned.Equals(origin)) {
-    return nsIPrincipal::APP_STATUS_NOT_INSTALLED;
-  }
-
-  return status;
+  return nsScriptSecurityManager::AppStatusForPrincipal(this);
 }
 
 /************************************************************************************************************************/
 
 static const char EXPANDED_PRINCIPAL_SPEC[] = "[Expanded Principal]";
 
 NS_IMPL_CLASSINFO(nsExpandedPrincipal, nullptr, nsIClassInfo::MAIN_THREAD_ONLY,
                   NS_EXPANDEDPRINCIPAL_CID)
--- a/caps/nsScriptSecurityManager.cpp
+++ b/caps/nsScriptSecurityManager.cpp
@@ -6,16 +6,17 @@
 
 #include "nsScriptSecurityManager.h"
 
 #include "mozilla/ArrayUtils.h"
 
 #include "js/OldDebugAPI.h"
 #include "xpcprivate.h"
 #include "XPCWrapper.h"
+#include "nsIAppsService.h"
 #include "nsILoadContext.h"
 #include "nsIServiceManager.h"
 #include "nsIScriptObjectPrincipal.h"
 #include "nsIScriptContext.h"
 #include "nsIURL.h"
 #include "nsINestedURI.h"
 #include "nspr.h"
 #include "nsJSPrincipals.h"
@@ -51,16 +52,17 @@
 #include "nsDOMJSUtils.h"
 #include "nsAboutProtocolUtils.h"
 #include "nsIClassInfo.h"
 #include "nsIURIFixup.h"
 #include "nsCDefaultURIFixup.h"
 #include "nsIChromeRegistry.h"
 #include "nsIContentSecurityPolicy.h"
 #include "nsIAsyncVerifyRedirectCallback.h"
+#include "mozIApplication.h"
 #include "mozilla/Preferences.h"
 #include "mozilla/dom/BindingUtils.h"
 #include <stdint.h>
 #include "mozilla/ClearOnShutdown.h"
 #include "mozilla/StaticPtr.h"
 #include "nsContentUtils.h"
 #include "nsCxPusher.h"
 #include "nsJSUtils.h"
@@ -247,16 +249,67 @@ nsScriptSecurityManager::SecurityCompare
 // SecurityHashURI is consistent with SecurityCompareURIs because NS_SecurityHashURI
 // is consistent with NS_SecurityCompareURIs.  See nsNetUtil.h.
 uint32_t
 nsScriptSecurityManager::SecurityHashURI(nsIURI* aURI)
 {
     return NS_SecurityHashURI(aURI);
 }
 
+uint16_t
+nsScriptSecurityManager::AppStatusForPrincipal(nsIPrincipal *aPrin)
+{
+    uint32_t appId = aPrin->GetAppId();
+    bool inMozBrowser = aPrin->GetIsInBrowserElement();
+    NS_WARN_IF_FALSE(appId != nsIScriptSecurityManager::UNKNOWN_APP_ID,
+                     "Asking for app status on a principal with an unknown app id");
+    // Installed apps have a valid app id (not NO_APP_ID or UNKNOWN_APP_ID)
+    // and they are not inside a mozbrowser.
+    if (appId == nsIScriptSecurityManager::NO_APP_ID ||
+        appId == nsIScriptSecurityManager::UNKNOWN_APP_ID || inMozBrowser)
+    {
+        return nsIPrincipal::APP_STATUS_NOT_INSTALLED;
+    }
+
+    nsCOMPtr<nsIAppsService> appsService = do_GetService(APPS_SERVICE_CONTRACTID);
+    NS_ENSURE_TRUE(appsService, nsIPrincipal::APP_STATUS_NOT_INSTALLED);
+
+    nsCOMPtr<mozIApplication> app;
+    appsService->GetAppByLocalId(appId, getter_AddRefs(app));
+    NS_ENSURE_TRUE(app, nsIPrincipal::APP_STATUS_NOT_INSTALLED);
+
+    uint16_t status = nsIPrincipal::APP_STATUS_INSTALLED;
+    NS_ENSURE_SUCCESS(app->GetAppStatus(&status),
+                      nsIPrincipal::APP_STATUS_NOT_INSTALLED);
+
+    nsAutoCString origin;
+    NS_ENSURE_SUCCESS(aPrin->GetOrigin(getter_Copies(origin)),
+                      nsIPrincipal::APP_STATUS_NOT_INSTALLED);
+    nsString appOrigin;
+    NS_ENSURE_SUCCESS(app->GetOrigin(appOrigin),
+                      nsIPrincipal::APP_STATUS_NOT_INSTALLED);
+
+    // We go from string -> nsIURI -> origin to be sure we
+    // compare two punny-encoded origins.
+    nsCOMPtr<nsIURI> appURI;
+    NS_ENSURE_SUCCESS(NS_NewURI(getter_AddRefs(appURI), appOrigin),
+                      nsIPrincipal::APP_STATUS_NOT_INSTALLED);
+
+    nsAutoCString appOriginPunned;
+    NS_ENSURE_SUCCESS(nsPrincipal::GetOriginForURI(appURI, getter_Copies(appOriginPunned)),
+                      nsIPrincipal::APP_STATUS_NOT_INSTALLED);
+
+    if (!appOriginPunned.Equals(origin)) {
+        return nsIPrincipal::APP_STATUS_NOT_INSTALLED;
+    }
+
+    return status;
+
+}
+
 NS_IMETHODIMP
 nsScriptSecurityManager::GetChannelPrincipal(nsIChannel* aChannel,
                                              nsIPrincipal** aPrincipal)
 {
     NS_PRECONDITION(aChannel, "Must have channel!");
     nsCOMPtr<nsISupports> owner;
     aChannel->GetOwner(getter_AddRefs(owner));
     if (owner) {
--- a/caps/nsScriptSecurityManager.h
+++ b/caps/nsScriptSecurityManager.h
@@ -63,16 +63,18 @@ public:
      * Utility method for comparing two URIs.  For security purposes, two URIs
      * are equivalent if their schemes, hosts, and ports (if any) match.  This
      * method returns true if aSubjectURI and aObjectURI have the same origin,
      * false otherwise.
      */
     static bool SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI);
     static uint32_t SecurityHashURI(nsIURI* aURI);
 
+    static uint16_t AppStatusForPrincipal(nsIPrincipal *aPrin);
+
     static nsresult 
     ReportError(JSContext* cx, const nsAString& messageTag,
                 nsIURI* aSource, nsIURI* aTarget);
 
     static uint32_t
     HashPrincipalByOrigin(nsIPrincipal* aPrincipal);
 
     static bool