Bug 1415352: Part 4a - Capture subject principal in innerHTML setters. r?bz
This is necessary in order to capture the correct triggering principal for
inline <style> nodes.
MozReview-Commit-ID: 9EaD40vRNkH
--- a/dom/base/Element.cpp
+++ b/dom/base/Element.cpp
@@ -3916,17 +3916,17 @@ Element::GetAnimationsUnsorted(Element*
NS_IMETHODIMP
Element::GetInnerHTML(nsAString& aInnerHTML)
{
GetMarkup(false, aInnerHTML);
return NS_OK;
}
void
-Element::SetInnerHTML(const nsAString& aInnerHTML, ErrorResult& aError)
+Element::SetInnerHTML(const nsAString& aInnerHTML, nsIPrincipal& aSubjectPrincipal, ErrorResult& aError)
{
SetInnerHTMLInternal(aInnerHTML, aError);
}
void
Element::GetOuterHTML(nsAString& aOuterHTML)
{
GetMarkup(true, aOuterHTML);
--- a/dom/base/Element.h
+++ b/dom/base/Element.h
@@ -1192,17 +1192,21 @@ public:
// this element.
void GetAnimations(const AnimationFilter& filter,
nsTArray<RefPtr<Animation>>& aAnimations);
static void GetAnimationsUnsorted(Element* aElement,
CSSPseudoElementType aPseudoType,
nsTArray<RefPtr<Animation>>& aAnimations);
NS_IMETHOD GetInnerHTML(nsAString& aInnerHTML);
- virtual void SetInnerHTML(const nsAString& aInnerHTML, ErrorResult& aError);
+ void GetInnerHTML(nsAString& aInnerHTML, nsIPrincipal& aSubjectPrincipal)
+ {
+ GetInnerHTML(aInnerHTML);
+ }
+ virtual void SetInnerHTML(const nsAString& aInnerHTML, nsIPrincipal& aSubjectPrincipal, ErrorResult& aError);
void GetOuterHTML(nsAString& aOuterHTML);
void SetOuterHTML(const nsAString& aOuterHTML, ErrorResult& aError);
void InsertAdjacentHTML(const nsAString& aPosition, const nsAString& aText,
ErrorResult& aError);
//----------------------------------------
/**
--- a/dom/html/HTMLScriptElement.cpp
+++ b/dom/html/HTMLScriptElement.cpp
@@ -260,16 +260,17 @@ HTMLScriptElement::GetInnerHTML(nsAStrin
if (!nsContentUtils::GetNodeTextContent(this, false, aInnerHTML, fallible)) {
return NS_ERROR_OUT_OF_MEMORY;
}
return NS_OK;
}
void
HTMLScriptElement::SetInnerHTML(const nsAString& aInnerHTML,
+ nsIPrincipal& aScriptedPrincipal,
ErrorResult& aError)
{
aError = nsContentUtils::SetNodeTextContent(this, aInnerHTML, true);
}
// variation of this code in nsSVGScriptElement - check if changes
// need to be transfered when modifying
--- a/dom/html/HTMLScriptElement.h
+++ b/dom/html/HTMLScriptElement.h
@@ -26,16 +26,17 @@ public:
HTMLScriptElement(already_AddRefed<mozilla::dom::NodeInfo>& aNodeInfo,
FromParser aFromParser);
// nsISupports
NS_DECL_ISUPPORTS_INHERITED
NS_IMETHOD GetInnerHTML(nsAString& aInnerHTML) override;
virtual void SetInnerHTML(const nsAString& aInnerHTML,
+ nsIPrincipal& aSubjectPrincipal,
mozilla::ErrorResult& aError) override;
// nsIDOMHTMLScriptElement
NS_DECL_NSIDOMHTMLSCRIPTELEMENT
// nsIScriptElement
virtual bool GetScriptType(nsAString& type) override;
virtual void GetScriptText(nsAString& text) override;
--- a/dom/html/HTMLStyleElement.cpp
+++ b/dom/html/HTMLStyleElement.cpp
@@ -169,16 +169,17 @@ HTMLStyleElement::GetInnerHTML(nsAString
if (!nsContentUtils::GetNodeTextContent(this, false, aInnerHTML, fallible)) {
return NS_ERROR_OUT_OF_MEMORY;
}
return NS_OK;
}
void
HTMLStyleElement::SetInnerHTML(const nsAString& aInnerHTML,
+ nsIPrincipal& aScriptedPrincipal,
ErrorResult& aError)
{
SetEnableUpdates(false);
aError = nsContentUtils::SetNodeTextContent(this, aInnerHTML, true);
SetEnableUpdates(true);
--- a/dom/html/HTMLStyleElement.h
+++ b/dom/html/HTMLStyleElement.h
@@ -29,16 +29,17 @@ public:
// CC
NS_DECL_CYCLE_COLLECTION_CLASS_INHERITED(HTMLStyleElement,
nsGenericHTMLElement)
NS_IMETHOD GetInnerHTML(nsAString& aInnerHTML) override;
using nsGenericHTMLElement::SetInnerHTML;
virtual void SetInnerHTML(const nsAString& aInnerHTML,
+ nsIPrincipal& aSubjectPrincipal,
mozilla::ErrorResult& aError) override;
virtual nsresult BindToTree(nsIDocument* aDocument, nsIContent* aParent,
nsIContent* aBindingParent,
bool aCompileEventHandlers) override;
virtual void UnbindFromTree(bool aDeep = true,
bool aNullParent = true) override;
virtual nsresult AfterSetAttr(int32_t aNameSpaceID, nsAtom* aName,
--- a/dom/webidl/Element.webidl
+++ b/dom/webidl/Element.webidl
@@ -214,17 +214,17 @@ partial interface Element {
[ChromeOnly] readonly attribute long scrollTopMin;
readonly attribute long scrollTopMax;
[ChromeOnly] readonly attribute long scrollLeftMin;
readonly attribute long scrollLeftMax;
};
// http://domparsing.spec.whatwg.org/#extensions-to-the-element-interface
partial interface Element {
- [CEReactions, Pure,SetterThrows,TreatNullAs=EmptyString]
+ [CEReactions, NeedsSubjectPrincipal, Pure,SetterThrows,TreatNullAs=EmptyString]
attribute DOMString innerHTML;
[CEReactions, Pure,SetterThrows,TreatNullAs=EmptyString]
attribute DOMString outerHTML;
[CEReactions, Throws]
void insertAdjacentHTML(DOMString position, DOMString text);
};
// http://www.w3.org/TR/selectors-api/#interface-definitions