Bug 1370263: Don't try to match content scripts for non-codebase principals. r?mixedpuppy
MozReview-Commit-ID: 96lQfKC9PGx
--- a/toolkit/components/extensions/WebExtensionContentScript.h
+++ b/toolkit/components/extensions/WebExtensionContentScript.h
@@ -37,16 +37,18 @@ public:
DocInfo(const URLInfo& aURL, nsILoadInfo* aLoadInfo);
MOZ_IMPLICIT DocInfo(nsPIDOMWindowOuter* aWindow);
const URLInfo& URL() const { return mURL; }
nsIPrincipal* Principal() const;
+ // Returns the URL of the document's principal. Note that this must *only*
+ // be called for codebase principals.
const URLInfo& PrincipalURL() const;
bool IsTopLevel() const;
uint64_t FrameID() const;
nsPIDOMWindowOuter* GetWindow() const
{
--- a/toolkit/components/extensions/WebExtensionPolicy.cpp
+++ b/toolkit/components/extensions/WebExtensionPolicy.cpp
@@ -363,16 +363,23 @@ WebExtensionContentScript::Matches(const
// matchAboutBlank is true and it has the null principal. In all other
// cases, we test the URL of the principal that it inherits.
if (mMatchAboutBlank && aDoc.IsTopLevel() &&
aDoc.URL().Spec().EqualsLiteral("about:blank") &&
aDoc.Principal()->GetIsNullPrincipal()) {
return true;
}
+ // With the exception of top-level about:blank documents with null
+ // principals, we never match documents that have non-codebase principals,
+ // including those with null principals or system principals.
+ if (!aDoc.Principal()->GetIsCodebasePrincipal()) {
+ return false;
+ }
+
return MatchesURI(aDoc.PrincipalURL());
}
bool
WebExtensionContentScript::MatchesURI(const URLInfo& aURL) const
{
if (!mMatches->Matches(aURL)) {
return false;
@@ -471,34 +478,43 @@ DocInfo::Principal() const
if (mPrincipal.isNothing()) {
struct Matcher
{
nsIPrincipal* match(Window aWin)
{
nsCOMPtr<nsIDocument> doc = aWin->GetDoc();
return doc->NodePrincipal();
}
- nsIPrincipal* match(LoadInfo aLoadInfo) { return aLoadInfo->PrincipalToInherit(); }
+ nsIPrincipal* match(LoadInfo aLoadInfo)
+ {
+ if (auto principal = aLoadInfo->PrincipalToInherit()) {
+ return principal;
+ }
+ return aLoadInfo->TriggeringPrincipal();
+ }
};
mPrincipal.emplace(mObj.match(Matcher()));
}
return mPrincipal.ref();
}
const URLInfo&
DocInfo::PrincipalURL() const
{
if (!URL().InheritsPrincipal()) {
return URL();
}
if (mPrincipalURL.isNothing()) {
+ MOZ_ASSERT(Principal()->GetIsCodebasePrincipal());
+
nsIPrincipal* prin = Principal();
nsCOMPtr<nsIURI> uri;
- if (prin && NS_SUCCEEDED(prin->GetURI(getter_AddRefs(uri)))) {
+ if (NS_SUCCEEDED(prin->GetURI(getter_AddRefs(uri)))) {
+ MOZ_DIAGNOSTIC_ASSERT(uri);
mPrincipalURL.emplace(uri);
} else {
mPrincipalURL.emplace(URL());
}
}
return mPrincipalURL.ref();
}