Bug 1371741 - Disallow getUserMedia on null principals. r=jib
MozReview-Commit-ID: Bo9FbFXITyz
--- a/dom/media/MediaManager.cpp
+++ b/dom/media/MediaManager.cpp
@@ -2271,16 +2271,24 @@ MediaManager::GetUserMedia(nsPIDOMWindow
}
nsCOMPtr<nsIPrincipal> principal =
nsGlobalWindowInner::Cast(aWindow)->GetPrincipal();
if (NS_WARN_IF(!principal)) {
return NS_ERROR_FAILURE;
}
+ // Disallow access to null principal pages.
+ if (principal->GetIsNullPrincipal()) {
+ RefPtr<MediaStreamError> error =
+ new MediaStreamError(aWindow, NS_LITERAL_STRING("SecurityError"));
+ onFailure->OnError(error);
+ return NS_OK;
+ }
+
// This principal needs to be sent to different threads and so via IPC.
// For this reason it's better to convert it to PrincipalInfo right now.
ipc::PrincipalInfo principalInfo;
rv = PrincipalToPrincipalInfo(principal, &principalInfo);
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}