Bug 1391994 Part 3: Make SystemPrincipals override all other principals in BasePrincipal::OverridesCSP.
MozReview-Commit-ID: 4YiEwTrt7om
--- a/caps/BasePrincipal.h
+++ b/caps/BasePrincipal.h
@@ -129,23 +129,29 @@ public:
// the given URI.
//
// For most principal types, this returns the principal itself. For expanded
// principals, it returns the first sub-principal which subsumes the given URI
// (or, if no URI is given, the last whitelist principal).
nsIPrincipal* PrincipalToInherit(nsIURI* aRequestedURI = nullptr);
/**
- * Returns true if this principal's CSP should override a document's CSP for
- * loads that it triggers. Currently true only for expanded principals which
- * subsume the document principal, and add-on codebase principals regardless
- * of whether they subsume the document principal.
+ * Returns true if this principal's CSP should override a document's
+ * CSP for loads that it triggers. Currently true for system
+ * principals and for expanded principals which subsume the document
+ * principal, and add-on codebase principals regardless of whether
+ * they subsume the document principal.
*/
bool OverridesCSP(nsIPrincipal* aDocumentPrincipal)
{
+ // System principals override everything by definition.
+ if (mKind == eSystemPrincipal) {
+ return true;
+ }
+
// Expanded principals override CSP if and only if they subsume the document
// principal.
if (mKind == eExpandedPrincipal) {
return FastSubsumes(aDocumentPrincipal);
}
// Extension principals always override the CSP non-extension principals.
// This is primarily for the sake of their stylesheets, which are usually
// loaded from channels and cannot have expanded principals.