Bug 1371741 - Disallow getUserMedia on nullprincipals (sandboxed iframes, top-level data urls).
MozReview-Commit-ID: 7VWpTFa2kMm
--- a/dom/media/MediaManager.cpp
+++ b/dom/media/MediaManager.cpp
@@ -2164,16 +2164,24 @@ MediaManager::GetUserMedia(nsPIDOMWindow
// This principal needs to be sent to different threads and so via IPC.
// For this reason it's better to convert it to PrincipalInfo right now.
ipc::PrincipalInfo principalInfo;
rv = PrincipalToPrincipalInfo(principal, &principalInfo);
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}
+ if (principalInfo.type() == ipc::PrincipalInfo::TNullPrincipalInfo) {
+ RefPtr<MediaStreamError> error =
+ new MediaStreamError(aWindow,
+ NS_LITERAL_STRING("SecurityError"));
+ onFailure->OnError(error);
+ return NS_OK;
+ }
+
if (!Preferences::GetBool("media.navigator.video.enabled", true)) {
c.mVideo.SetAsBoolean() = false;
}
MediaSourceEnum videoType = MediaSourceEnum::Other; // none
MediaSourceEnum audioType = MediaSourceEnum::Other; // none
if (c.mVideo.IsMediaTrackConstraints()) {