Bug 1319773 - Part 1: Add a SubsumesConsideringDomainIgnoringFPD in BasePrincipal. r?baku
--- a/caps/BasePrincipal.cpp
+++ b/caps/BasePrincipal.cpp
@@ -384,16 +384,34 @@ NS_IMETHODIMP
BasePrincipal::SubsumesConsideringDomain(nsIPrincipal *aOther, bool *aResult)
{
NS_ENSURE_TRUE(aOther, NS_ERROR_INVALID_ARG);
*aResult = Subsumes(aOther, ConsiderDocumentDomain);
return NS_OK;
}
NS_IMETHODIMP
+BasePrincipal::SubsumesConsideringDomainIgnoringFPD(nsIPrincipal *aOther,
+ bool *aResult)
+{
+ NS_ENSURE_TRUE(aOther, NS_ERROR_INVALID_ARG);
+
+ if (Kind() == eCodebasePrincipal &&
+ !dom::ChromeUtils::IsOriginAttributesEqualIgnoringFPD(
+ OriginAttributesRef(), aOther->OriginAttributesRef())) {
+ *aResult = false;
+ return NS_OK;
+ }
+
+ *aResult = SubsumesInternal(aOther, ConsiderDocumentDomain);
+
+ return NS_OK;
+}
+
+NS_IMETHODIMP
BasePrincipal::CheckMayLoad(nsIURI* aURI, bool aReport, bool aAllowIfInheritsPrincipal)
{
// Check the internal method first, which allows us to quickly approve loads
// for the System Principal.
if (MayLoadInternal(aURI)) {
return NS_OK;
}
--- a/caps/BasePrincipal.h
+++ b/caps/BasePrincipal.h
@@ -205,16 +205,17 @@ public:
bool Subsumes(nsIPrincipal* aOther, DocumentDomainConsideration aConsideration);
NS_IMETHOD GetOrigin(nsACString& aOrigin) final;
NS_IMETHOD GetOriginNoSuffix(nsACString& aOrigin) final;
NS_IMETHOD Equals(nsIPrincipal* other, bool* _retval) final;
NS_IMETHOD EqualsConsideringDomain(nsIPrincipal* other, bool* _retval) final;
NS_IMETHOD Subsumes(nsIPrincipal* other, bool* _retval) final;
NS_IMETHOD SubsumesConsideringDomain(nsIPrincipal* other, bool* _retval) final;
+ NS_IMETHOD SubsumesConsideringDomainIgnoringFPD(nsIPrincipal* other, bool* _retval) final;
NS_IMETHOD CheckMayLoad(nsIURI* uri, bool report, bool allowIfInheritsPrincipal) final;
NS_IMETHOD GetCsp(nsIContentSecurityPolicy** aCsp) override;
NS_IMETHOD EnsureCSP(nsIDOMDocument* aDocument, nsIContentSecurityPolicy** aCSP) override;
NS_IMETHOD GetPreloadCsp(nsIContentSecurityPolicy** aPreloadCSP) override;
NS_IMETHOD EnsurePreloadCSP(nsIDOMDocument* aDocument, nsIContentSecurityPolicy** aCSP) override;
NS_IMETHOD GetCspJSON(nsAString& outCSPinJSON) override;
NS_IMETHOD GetIsNullPrincipal(bool* aResult) override;
NS_IMETHOD GetIsCodebasePrincipal(bool* aResult) override;
--- a/caps/nsIPrincipal.idl
+++ b/caps/nsIPrincipal.idl
@@ -89,26 +89,37 @@ interface nsIPrincipal : nsISerializable
boolean subsumes(in nsIPrincipal other);
/**
* Same as the previous method, subsumes(), but takes document.domain into
* account.
*/
boolean subsumesConsideringDomain(in nsIPrincipal other);
+ /**
+ * Same as the subsumesConsideringDomain(), but ignores the first party
+ * domain in its originAttributes.
+ */
+ boolean subsumesConsideringDomainIgnoringFPD(in nsIPrincipal other);
+
%{C++
inline bool Subsumes(nsIPrincipal* aOther) {
bool subsumes = false;
return NS_SUCCEEDED(Subsumes(aOther, &subsumes)) && subsumes;
}
inline bool SubsumesConsideringDomain(nsIPrincipal* aOther) {
bool subsumes = false;
return NS_SUCCEEDED(SubsumesConsideringDomain(aOther, &subsumes)) && subsumes;
}
+
+ inline bool SubsumesConsideringDomainIgnoringFPD(nsIPrincipal* aOther) {
+ bool subsumes = false;
+ return NS_SUCCEEDED(SubsumesConsideringDomainIgnoringFPD(aOther, &subsumes)) && subsumes;
+ }
%}
/**
* Checks whether this principal is allowed to load the network resource
* located at the given URI under the same-origin policy. This means that
* codebase principals are only allowed to load resources from the same
* domain, the system principal is allowed to load anything, and null
* principals can only load URIs where they are the principal. This is
--- a/dom/base/ChromeUtils.cpp
+++ b/dom/base/ChromeUtils.cpp
@@ -194,10 +194,21 @@ ChromeUtils::IsOriginAttributesEqualIgno
const dom::OriginAttributesDictionary& aB)
{
return aA.mAppId == aB.mAppId &&
aA.mInIsolatedMozBrowser == aB.mInIsolatedMozBrowser &&
aA.mUserContextId == aB.mUserContextId &&
aA.mPrivateBrowsingId == aB.mPrivateBrowsingId;
}
+/* static */ bool
+ChromeUtils::IsOriginAttributesEqualIgnoringFPD(const dom::OriginAttributesDictionary& aA,
+ const dom::OriginAttributesDictionary& aB)
+{
+ return aA.mAddonId == aB.mAddonId &&
+ aA.mAppId == aB.mAppId &&
+ aA.mInIsolatedMozBrowser == aB.mInIsolatedMozBrowser &&
+ aA.mUserContextId == aB.mUserContextId &&
+ aA.mPrivateBrowsingId == aB.mPrivateBrowsingId;
+}
+
} // namespace dom
} // namespace mozilla
--- a/dom/base/ChromeUtils.h
+++ b/dom/base/ChromeUtils.h
@@ -90,14 +90,18 @@ public:
static bool
IsOriginAttributesEqual(const dom::OriginAttributesDictionary& aA,
const dom::OriginAttributesDictionary& aB);
static bool
IsOriginAttributesEqualIgnoringAddonId(const dom::OriginAttributesDictionary& aA,
const dom::OriginAttributesDictionary& aB);
+
+ static bool
+ IsOriginAttributesEqualIgnoringFPD(const dom::OriginAttributesDictionary& aA,
+ const dom::OriginAttributesDictionary& aB);
};
} // namespace dom
} // namespace mozilla
#endif // mozilla_dom_ChromeUtils__