Bug 1352778 - Do not reset triggeringPrincipal but only principalToInherit within loadInfo when forced to. r=gijs a=gchang
authorChristoph Kerschbaumer <ckerschb@christophkerschbaumer.com>
Mon, 03 Apr 2017 20:06:53 +0200
changeset 395773 fbe4c41963bca7dc5d9267cb14550ab8aa6b229b
parent 395772 6a0c50ce045d9b25e3fd38a947a4b87297047166
child 395774 0ba57c64105bafdf76f29842abffefec853e3bb3
push id1468
push userasasaki@mozilla.com
push dateMon, 05 Jun 2017 19:31:07 +0000
treeherdermozilla-release@0641fc6ee9d1 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgijs, gchang
bugs1352778
milestone54.0a2
Bug 1352778 - Do not reset triggeringPrincipal but only principalToInherit within loadInfo when forced to. r=gijs a=gchang
devtools/client/jsonview/converter-child.js
docshell/test/test_forceinheritprincipal_overrule_owner.html
netwerk/base/LoadInfo.cpp
netwerk/base/nsILoadInfo.idl
--- a/devtools/client/jsonview/converter-child.js
+++ b/devtools/client/jsonview/converter-child.js
@@ -108,17 +108,17 @@ Converter.prototype = {
       request.QueryInterface(Ci.nsIChannel).contentCharset || "UTF-8";
 
     this.channel = request;
     this.channel.contentType = "text/html";
     this.channel.contentCharset = "UTF-8";
     // Because content might still have a reference to this window,
     // force setting it to a null principal to avoid it being same-
     // origin with (other) content.
-    this.channel.loadInfo.resetPrincipalsToNullPrincipal();
+    this.channel.loadInfo.resetPrincipalToInheritToNullPrincipal();
 
     this.listener.onStartRequest(this.channel, context);
   },
 
   /**
    * This should go something like this:
    * 1. Make sure we have a unicode string.
    * 2. Convert it to a Javascript object.
--- a/docshell/test/test_forceinheritprincipal_overrule_owner.html
+++ b/docshell/test/test_forceinheritprincipal_overrule_owner.html
@@ -19,28 +19,28 @@ var principalToInherit = channel.loadInf
 ok(triggeringPrincipal.startsWith("http://mochi.test:8888/"),
    "initial triggeringPrincipal correct");
 ok(loadingPrincipal.startsWith("http://mochi.test:8888/"),
    "initial loadingPrincipal correct");
 ok(principalToInherit.startsWith("http://mochi.test:8888/"),
    "initial principalToInherit correct");
 
 // reset principals on the loadinfo
-loadInfo.resetPrincipalsToNullPrincipal();
+loadInfo.resetPrincipalToInheritToNullPrincipal();
 
 // 2) verify loadInfo contains the correct principals
-var triggeringPrincipal = channel.loadInfo.triggeringPrincipal;
-var loadingPrincipal = channel.loadInfo.loadingPrincipal;
-var principalToInherit = channel.loadInfo.principalToInherit;
+triggeringPrincipal = channel.loadInfo.triggeringPrincipal.URI.asciiSpec;
+loadingPrincipal = channel.loadInfo.loadingPrincipal.URI.asciiSpec;
+principalToInherit = channel.loadInfo.principalToInherit;
 
-ok(triggeringPrincipal.isNullPrincipal,
+ok(triggeringPrincipal.startsWith("http://mochi.test:8888/"),
    "triggeringPrincipal after resetting correct");
-ok(loadingPrincipal.isNullPrincipal,
-   "triggeringPrincipal after resetting correct");
-ok(triggeringPrincipal.isNullPrincipal,
+ok(loadingPrincipal.startsWith("http://mochi.test:8888/"),
+   "loadingPrincipal after resetting correct");
+ok(principalToInherit.isNullPrincipal,
    "principalToInherit after resetting correct");
 
 // 3) verify that getChannelResultPrincipal returns right principal
 var resultPrincipal = SpecialPowers.Services.scriptSecurityManager
                                    .getChannelResultPrincipal(channel);
 
 ok(resultPrincipal.isNullPrincipal,
    "resultPrincipal after resetting correct");
--- a/netwerk/base/LoadInfo.cpp
+++ b/netwerk/base/LoadInfo.cpp
@@ -716,33 +716,24 @@ LoadInfo::GetScriptableOriginAttributes(
 {
   if (NS_WARN_IF(!ToJSValue(aCx, mOriginAttributes, aOriginAttributes))) {
     return NS_ERROR_FAILURE;
   }
   return NS_OK;
 }
 
 NS_IMETHODIMP
-LoadInfo::ResetPrincipalsToNullPrincipal()
+LoadInfo::ResetPrincipalToInheritToNullPrincipal()
 {
   // take the originAttributes from the LoadInfo and create
   // a new NullPrincipal using those origin attributes.
   OriginAttributes attrs;
   attrs.Inherit(mOriginAttributes);
   nsCOMPtr<nsIPrincipal> newNullPrincipal = nsNullPrincipal::Create(attrs);
 
-  MOZ_ASSERT(mInternalContentPolicyType != nsIContentPolicy::TYPE_DOCUMENT ||
-             !mLoadingPrincipal,
-             "LoadingPrincipal should be null for toplevel loads");
-
-  // the loadingPrincipal for toplevel loads is always a nullptr;
-  if (mInternalContentPolicyType != nsIContentPolicy::TYPE_DOCUMENT) {
-    mLoadingPrincipal = newNullPrincipal;
-  }
-  mTriggeringPrincipal = newNullPrincipal;
   mPrincipalToInherit = newNullPrincipal;
 
   // setting SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER will overrule
   // any non null owner set on the channel and will return the principal
   // form the loadinfo instead.
   mSecurityFlags |= SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER;
 
   return NS_OK;
--- a/netwerk/base/nsILoadInfo.idl
+++ b/netwerk/base/nsILoadInfo.idl
@@ -513,30 +513,23 @@ interface nsILoadInfo : nsISupports
    * the frameOuterWindowID is the outer window containing the
    * foo.html document.
    *
    * Note: For other cases, frameOuterWindowID is 0.
    */
   [infallible] readonly attribute unsigned long long frameOuterWindowID;
 
   /**
-   * For all loads of type other than TYPE_DOCUMENT this function resets the
-   * loadingPrincipal, the triggeringPrincipal and the
-   * principalToInherit to a freshly created NullPrincipal which inherits
-   * the current origin attributes from the loadinfo.
-   * For loads of TYPE_DOCUMENT this function resets only the
-   * TriggeringPrincipal as well as the PrincipalToInherit to a freshly
-   * created NullPrincipal which inherits the origin attributes from
-   * the loadInfo. (Please note that the loadingPrincipal for TYPE_DOCUMENT
-   * loads is always null.)
+   * Resets the PrincipalToInherit to a freshly created NullPrincipal
+   * which inherits the origin attributes from the loadInfo.
    *
    * WARNING: Please only use that function if you know exactly what
    * you are doing!!!
    */
-  void resetPrincipalsToNullPrincipal();
+  void resetPrincipalToInheritToNullPrincipal();
 
   /**
    * Customized OriginAttributes within LoadInfo to allow overwriting of the
    * default originAttributes from the loadingPrincipal.
    *
    * In chrome side, originAttributes.privateBrowsingId will always be 0 even if
    * the usePrivateBrowsing is true, because chrome docshell won't set
    * privateBrowsingId on origin attributes (See bug 1278664). This is to make