Mercurial > mozreview > gecko / changeset / bddcff58415d0eaf25bcdbdb6754fa8e6b93120b
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1370263: Don't try to match content scripts for non-codebase principals. r?mixedpuppy draft
authorKris Maglione <maglione.k@gmail.com>
Tue, 06 Jun 2017 14:18:49 -0700
changeset 589793 bddcff58415d0eaf25bcdbdb6754fa8e6b93120b
parent 589785 78aa5a83314a9d35fe03c8f7ab552ccfa81e1190
child 632016 d7eb754a8bc791b1cbbd53667d5eba67def81350
push id62517
push usermaglione.k@gmail.com
push dateTue, 06 Jun 2017 21:20:11 +0000
reviewersmixedpuppy
bugs1370263
milestone55.0a1
Bug 1370263: Don't try to match content scripts for non-codebase principals. r?mixedpuppy MozReview-Commit-ID: 96lQfKC9PGx
toolkit/components/extensions/WebExtensionContentScript.h file | annotate | diff | comparison | revisions
toolkit/components/extensions/WebExtensionPolicy.cpp file | annotate | diff | comparison | revisions 
--- a/toolkit/components/extensions/WebExtensionContentScript.h
+++ b/toolkit/components/extensions/WebExtensionContentScript.h
@@ -37,16 +37,18 @@ public:
   DocInfo(const URLInfo& aURL, nsILoadInfo* aLoadInfo);
 
   MOZ_IMPLICIT DocInfo(nsPIDOMWindowOuter* aWindow);
 
   const URLInfo& URL() const { return mURL; }
 
   nsIPrincipal* Principal() const;
 
+  // Returns the URL of the document's principal. Note that this must *only*
+  // be called for codebase principals.
   const URLInfo& PrincipalURL() const;
 
   bool IsTopLevel() const;
 
   uint64_t FrameID() const;
 
   nsPIDOMWindowOuter* GetWindow() const
   {
--- a/toolkit/components/extensions/WebExtensionPolicy.cpp
+++ b/toolkit/components/extensions/WebExtensionPolicy.cpp
@@ -363,16 +363,23 @@ WebExtensionContentScript::Matches(const
   // matchAboutBlank is true and it has the null principal. In all other
   // cases, we test the URL of the principal that it inherits.
   if (mMatchAboutBlank && aDoc.IsTopLevel() &&
       aDoc.URL().Spec().EqualsLiteral("about:blank") &&
       aDoc.Principal()->GetIsNullPrincipal()) {
     return true;
   }
 
+  // With the exception of top-level about:blank documents with null
+  // principals, we never match documents that have non-codebase principals,
+  // including those with null principals or system principals.
+  if (!aDoc.Principal()->GetIsCodebasePrincipal()) {
+    return false;
+  }
+
   return MatchesURI(aDoc.PrincipalURL());
 }
 
 bool
 WebExtensionContentScript::MatchesURI(const URLInfo& aURL) const
 {
   if (!mMatches->Matches(aURL)) {
     return false;
@@ -471,34 +478,43 @@ DocInfo::Principal() const
   if (mPrincipal.isNothing()) {
     struct Matcher
     {
       nsIPrincipal* match(Window aWin)
       {
         nsCOMPtr<nsIDocument> doc = aWin->GetDoc();
         return doc->NodePrincipal();
       }
-      nsIPrincipal* match(LoadInfo aLoadInfo) { return aLoadInfo->PrincipalToInherit(); }
+      nsIPrincipal* match(LoadInfo aLoadInfo)
+      {
+        if (auto principal = aLoadInfo->PrincipalToInherit()) {
+          return principal;
+        }
+        return aLoadInfo->TriggeringPrincipal();
+      }
     };
     mPrincipal.emplace(mObj.match(Matcher()));
   }
   return mPrincipal.ref();
 }
 
 const URLInfo&
 DocInfo::PrincipalURL() const
 {
   if (!URL().InheritsPrincipal()) {
     return URL();
   }
 
   if (mPrincipalURL.isNothing()) {
+    MOZ_ASSERT(Principal()->GetIsCodebasePrincipal());
+
     nsIPrincipal* prin = Principal();
     nsCOMPtr<nsIURI> uri;
-    if (prin && NS_SUCCEEDED(prin->GetURI(getter_AddRefs(uri)))) {
+    if (NS_SUCCEEDED(prin->GetURI(getter_AddRefs(uri)))) {
+      MOZ_DIAGNOSTIC_ASSERT(uri);
       mPrincipalURL.emplace(uri);
     } else {
       mPrincipalURL.emplace(URL());
     }
   }
 
   return mPrincipalURL.ref();
 }
gecko
Deployed from 4e825768105f at 2024-04-08T16:23:59Z.