Bug 1318565 - Allow extensions with permission to read from tainted Canvas
MozReview-Commit-ID: 1tMHynv9FBO
--- a/dom/canvas/CanvasRenderingContext2D.cpp
+++ b/dom/canvas/CanvasRenderingContext2D.cpp
@@ -5393,17 +5393,17 @@ CanvasRenderingContext2D::GetImageData(J
// Check only if we have a canvas element; if we were created with a docshell,
// then it's special internal use.
if (mCanvasElement && mCanvasElement->IsWriteOnly() &&
// We could ask bindings for the caller type, but they already hand us a
// JSContext, and we're at least _somewhat_ perf-sensitive (so may not
// want to compute the caller type in the common non-write-only case), so
// let's just use what we have.
- !nsContentUtils::IsSystemCaller(aCx))
+ !nsContentUtils::CallerHasPermission(aCx, NS_LITERAL_STRING("<all_urls>")))
{
// XXX ERRMSG we need to report an error to developers here! (bug 329026)
aError.Throw(NS_ERROR_DOM_SECURITY_ERR);
return nullptr;
}
if (!IsFinite(aSx) || !IsFinite(aSy) ||
!IsFinite(aSw) || !IsFinite(aSh)) {
--- a/dom/html/HTMLCanvasElement.cpp
+++ b/dom/html/HTMLCanvasElement.cpp
@@ -639,21 +639,21 @@ HTMLCanvasElement::ParseAttribute(int32_
}
void
HTMLCanvasElement::ToDataURL(JSContext* aCx, const nsAString& aType,
JS::Handle<JS::Value> aParams,
nsAString& aDataURL,
- CallerType aCallerType,
ErrorResult& aRv)
{
// do a trust check if this is a write-only canvas
- if (mWriteOnly && aCallerType != CallerType::System) {
+ if (mWriteOnly &&
+ !nsContentUtils::CallerHasPermission(aCx, NS_LITERAL_STRING("<all_urls>"))) {
aRv.Throw(NS_ERROR_DOM_SECURITY_ERR);
return;
}
aRv = ToDataURLImpl(aCx, aType, aParams, aDataURL);
}
void
@@ -822,21 +822,21 @@ HTMLCanvasElement::ToDataURLImpl(JSConte
return Base64EncodeInputStream(stream, aDataURL, (uint32_t)count, aDataURL.Length());
}
void
HTMLCanvasElement::ToBlob(JSContext* aCx,
BlobCallback& aCallback,
const nsAString& aType,
JS::Handle<JS::Value> aParams,
- CallerType aCallerType,
ErrorResult& aRv)
{
// do a trust check if this is a write-only canvas
- if (mWriteOnly && aCallerType != CallerType::System) {
+ if (mWriteOnly &&
+ !nsContentUtils::CallerHasPermission(aCx, NS_LITERAL_STRING("<all_urls>"))) {
aRv.Throw(NS_ERROR_DOM_SECURITY_ERR);
return;
}
nsCOMPtr<nsIGlobalObject> global = OwnerDoc()->GetScopeObject();
MOZ_ASSERT(global);
nsIntSize elemSize = GetWidthHeight();
--- a/dom/html/HTMLCanvasElement.h
+++ b/dom/html/HTMLCanvasElement.h
@@ -173,24 +173,23 @@ public:
virtual already_AddRefed<nsISupports>
GetContext(JSContext* aCx, const nsAString& aContextId,
JS::Handle<JS::Value> aContextOptions,
ErrorResult& aRv) override;
void ToDataURL(JSContext* aCx, const nsAString& aType,
JS::Handle<JS::Value> aParams,
- nsAString& aDataURL, CallerType aCallerType,
+ nsAString& aDataURL,
ErrorResult& aRv);
void ToBlob(JSContext* aCx,
BlobCallback& aCallback,
const nsAString& aType,
JS::Handle<JS::Value> aParams,
- CallerType aCallerType,
ErrorResult& aRv);
OffscreenCanvas* TransferControlToOffscreen(ErrorResult& aRv);
bool MozOpaque() const
{
return GetBoolAttr(nsGkAtoms::moz_opaque);
}
--- a/dom/webidl/HTMLCanvasElement.webidl
+++ b/dom/webidl/HTMLCanvasElement.webidl
@@ -18,20 +18,20 @@ interface HTMLCanvasElement : HTMLElemen
[Pure, SetterThrows]
attribute unsigned long width;
[Pure, SetterThrows]
attribute unsigned long height;
[Throws]
nsISupports? getContext(DOMString contextId, optional any contextOptions = null);
- [Throws, NeedsCallerType]
+ [Throws]
DOMString toDataURL(optional DOMString type = "",
optional any encoderOptions);
- [Throws, NeedsCallerType]
+ [Throws]
void toBlob(BlobCallback _callback,
optional DOMString type = "",
optional any encoderOptions);
};
// Mozilla specific bits
partial interface HTMLCanvasElement {
[Pure, SetterThrows]