Bug 1314361: Part 6 - Remove the addonId origin attribute. r=bholley
MozReview-Commit-ID: DO1Jpcx9RJG
--- a/caps/BasePrincipal.cpp
+++ b/caps/BasePrincipal.cpp
@@ -51,17 +51,16 @@ OriginAttributes::InitPrefs()
}
void
OriginAttributes::Inherit(const OriginAttributes& aAttrs)
{
mAppId = aAttrs.mAppId;
mInIsolatedMozBrowser = aAttrs.mInIsolatedMozBrowser;
- StripAttributes(STRIP_ADDON_ID);
mUserContextId = aAttrs.mUserContextId;
mPrivateBrowsingId = aAttrs.mPrivateBrowsingId;
mFirstPartyDomain = aAttrs.mFirstPartyDomain;
}
void
@@ -91,39 +90,28 @@ OriginAttributes::CreateSuffix(nsACStrin
{
UniquePtr<URLParams> params(new URLParams());
nsAutoString value;
//
// Important: While serializing any string-valued attributes, perform a
// release-mode assertion to make sure that they don't contain characters that
// will break the quota manager when it uses the serialization for file
- // naming (see addonId below).
+ // naming.
//
if (mAppId != nsIScriptSecurityManager::NO_APP_ID) {
value.AppendInt(mAppId);
params->Set(NS_LITERAL_STRING("appId"), value);
}
if (mInIsolatedMozBrowser) {
params->Set(NS_LITERAL_STRING("inBrowser"), NS_LITERAL_STRING("1"));
}
- if (!mAddonId.IsEmpty()) {
- if (mAddonId.FindCharInSet(dom::quota::QuotaManager::kReplaceChars) != kNotFound) {
-#ifdef MOZ_CRASHREPORTER
- CrashReporter::AnnotateCrashReport(NS_LITERAL_CSTRING("Crash_AddonId"),
- NS_ConvertUTF16toUTF8(mAddonId));
-#endif
- MOZ_CRASH();
- }
- params->Set(NS_LITERAL_STRING("addonId"), mAddonId);
- }
-
if (mUserContextId != nsIScriptSecurityManager::DEFAULT_USER_CONTEXT_ID) {
value.Truncate();
value.AppendInt(mUserContextId);
params->Set(NS_LITERAL_STRING("userContextId"), value);
}
if (mPrivateBrowsingId) {
@@ -199,18 +187,18 @@ public:
return false;
}
mOriginAttributes->mInIsolatedMozBrowser = true;
return true;
}
if (aName.EqualsLiteral("addonId")) {
- MOZ_RELEASE_ASSERT(mOriginAttributes->mAddonId.IsEmpty());
- mOriginAttributes->mAddonId.Assign(aValue);
+ // No longer supported. Silently ignore so that legacy origin strings
+ // don't cause failures.
return true;
}
if (aName.EqualsLiteral("userContextId")) {
nsresult rv;
int64_t val = aValue.ToInteger64(&rv);
NS_ENSURE_SUCCESS(rv, false);
NS_ENSURE_TRUE(val <= UINT32_MAX, false);
--- a/caps/BasePrincipal.h
+++ b/caps/BasePrincipal.h
@@ -42,40 +42,34 @@ public:
// This method 'clones' the OriginAttributes ignoring the addonId value becaue
// this is computed from the principal URI and never propagated.
void Inherit(const OriginAttributes& aAttrs);
void SetFirstPartyDomain(const bool aIsTopLevelDocument, nsIURI* aURI);
enum {
STRIP_FIRST_PARTY_DOMAIN = 0x01,
- STRIP_ADDON_ID = 0x02,
- STRIP_USER_CONTEXT_ID = 0x04,
+ STRIP_USER_CONTEXT_ID = 0x02,
};
inline void StripAttributes(uint32_t aFlags)
{
if (aFlags & STRIP_FIRST_PARTY_DOMAIN) {
mFirstPartyDomain.Truncate();
}
- if (aFlags & STRIP_ADDON_ID) {
- mAddonId.Truncate();
- }
-
if (aFlags & STRIP_USER_CONTEXT_ID) {
mUserContextId = nsIScriptSecurityManager::DEFAULT_USER_CONTEXT_ID;
}
}
bool operator==(const OriginAttributes& aOther) const
{
return mAppId == aOther.mAppId &&
mInIsolatedMozBrowser == aOther.mInIsolatedMozBrowser &&
- mAddonId == aOther.mAddonId &&
mUserContextId == aOther.mUserContextId &&
mPrivateBrowsingId == aOther.mPrivateBrowsingId &&
mFirstPartyDomain == aOther.mFirstPartyDomain;
}
bool operator!=(const OriginAttributes& aOther) const
{
return !(*this == aOther);
@@ -147,20 +141,16 @@ public:
if (mAppId.WasPassed() && mAppId.Value() != aAttrs.mAppId) {
return false;
}
if (mInIsolatedMozBrowser.WasPassed() && mInIsolatedMozBrowser.Value() != aAttrs.mInIsolatedMozBrowser) {
return false;
}
- if (mAddonId.WasPassed() && mAddonId.Value() != aAttrs.mAddonId) {
- return false;
- }
-
if (mUserContextId.WasPassed() && mUserContextId.Value() != aAttrs.mUserContextId) {
return false;
}
if (mPrivateBrowsingId.WasPassed() && mPrivateBrowsingId.Value() != aAttrs.mPrivateBrowsingId) {
return false;
}
@@ -179,21 +169,16 @@ public:
}
if (mInIsolatedMozBrowser.WasPassed() &&
aOther.mInIsolatedMozBrowser.WasPassed() &&
mInIsolatedMozBrowser.Value() != aOther.mInIsolatedMozBrowser.Value()) {
return false;
}
- if (mAddonId.WasPassed() && aOther.mAddonId.WasPassed() &&
- mAddonId.Value() != aOther.mAddonId.Value()) {
- return false;
- }
-
if (mUserContextId.WasPassed() && aOther.mUserContextId.WasPassed() &&
mUserContextId.Value() != aOther.mUserContextId.Value()) {
return false;
}
if (mPrivateBrowsingId.WasPassed() && aOther.mPrivateBrowsingId.WasPassed() &&
mPrivateBrowsingId.Value() != aOther.mPrivateBrowsingId.Value()) {
return false;
--- a/caps/tests/unit/test_origin.js
+++ b/caps/tests/unit/test_origin.js
@@ -43,30 +43,28 @@ function checkSandboxOriginAttributes(ar
}
// utility function useful for debugging
function printAttrs(name, attrs) {
do_print(name + " {\n" +
"\tappId: " + attrs.appId + ",\n" +
"\tuserContextId: " + attrs.userContextId + ",\n" +
"\tinIsolatedMozBrowser: " + attrs.inIsolatedMozBrowser + ",\n" +
- "\taddonId: '" + attrs.addonId + "',\n" +
"\tprivateBrowsingId: '" + attrs.privateBrowsingId + "',\n" +
"\tfirstPartyDomain: '" + attrs.firstPartyDomain + "'\n}");
}
function checkValues(attrs, values) {
values = values || {};
//printAttrs("attrs", attrs);
//printAttrs("values", values);
do_check_eq(attrs.appId, values.appId || 0);
do_check_eq(attrs.userContextId, values.userContextId || 0);
do_check_eq(attrs.inIsolatedMozBrowser, values.inIsolatedMozBrowser || false);
- do_check_eq(attrs.addonId, values.addonId || '');
do_check_eq(attrs.privateBrowsingId, values.privateBrowsingId || '');
do_check_eq(attrs.firstPartyDomain, values.firstPartyDomain || '');
}
function run_test() {
// Attributeless origins.
do_check_eq(ssm.getSystemPrincipal().origin, '[System Principal]');
checkOriginAttributes(ssm.getSystemPrincipal());
@@ -121,21 +119,16 @@ function run_test() {
checkOriginAttributes(nullPrin_appBrowser, {appId: 42, inIsolatedMozBrowser: true}, '^appId=42&inBrowser=1');
do_check_eq(exampleOrg_appBrowser.origin, 'http://example.org^appId=42&inBrowser=1');
// App and browser, different domain.
var exampleCom_appBrowser = ssm.createCodebasePrincipal(makeURI('https://www.example.com:123'), {appId: 42, inIsolatedMozBrowser: true});
checkOriginAttributes(exampleCom_appBrowser, {appId: 42, inIsolatedMozBrowser: true}, '^appId=42&inBrowser=1');
do_check_eq(exampleCom_appBrowser.origin, 'https://www.example.com:123^appId=42&inBrowser=1');
- // Addon.
- var exampleOrg_addon = ssm.createCodebasePrincipal(makeURI('http://example.org'), {addonId: 'dummy'});
- checkOriginAttributes(exampleOrg_addon, { addonId: "dummy" }, '^addonId=dummy');
- do_check_eq(exampleOrg_addon.origin, 'http://example.org^addonId=dummy');
-
// First party Uri
var exampleOrg_firstPartyDomain = ssm.createCodebasePrincipal(makeURI('http://example.org'), {firstPartyDomain: 'example.org'});
checkOriginAttributes(exampleOrg_firstPartyDomain, { firstPartyDomain: "example.org" }, '^firstPartyDomain=example.org');
do_check_eq(exampleOrg_firstPartyDomain.origin, 'http://example.org^firstPartyDomain=example.org');
// Make sure we don't crash when serializing principals with UNKNOWN_APP_ID.
try {
let binaryStream = Cc["@mozilla.org/binaryoutputstream;1"].
@@ -150,23 +143,16 @@ function run_test() {
}
// Just userContext.
var exampleOrg_userContext = ssm.createCodebasePrincipal(makeURI('http://example.org'), {userContextId: 42});
checkOriginAttributes(exampleOrg_userContext, { userContextId: 42 }, '^userContextId=42');
do_check_eq(exampleOrg_userContext.origin, 'http://example.org^userContextId=42');
- // UserContext and Addon.
- var exampleOrg_userContextAddon = ssm.createCodebasePrincipal(makeURI('http://example.org'), {addonId: 'dummy', userContextId: 42});
- var nullPrin_userContextAddon = ssm.createNullPrincipal({addonId: 'dummy', userContextId: 42});
- checkOriginAttributes(exampleOrg_userContextAddon, {addonId: 'dummy', userContextId: 42}, '^addonId=dummy&userContextId=42');
- checkOriginAttributes(nullPrin_userContextAddon, {addonId: 'dummy', userContextId: 42}, '^addonId=dummy&userContextId=42');
- do_check_eq(exampleOrg_userContextAddon.origin, 'http://example.org^addonId=dummy&userContextId=42');
-
// UserContext and App.
var exampleOrg_userContextApp = ssm.createCodebasePrincipal(makeURI('http://example.org'), {appId: 24, userContextId: 42});
var nullPrin_userContextApp = ssm.createNullPrincipal({appId: 24, userContextId: 42});
checkOriginAttributes(exampleOrg_userContextApp, {appId: 24, userContextId: 42}, '^appId=24&userContextId=42');
checkOriginAttributes(nullPrin_userContextApp, {appId: 24, userContextId: 42}, '^appId=24&userContextId=42');
do_check_eq(exampleOrg_userContextApp.origin, 'http://example.org^appId=24&userContextId=42');
checkSandboxOriginAttributes(null, {});
@@ -180,21 +166,18 @@ function run_test() {
// Check that all of the above are cross-origin.
checkCrossOrigin(exampleOrg_app, exampleOrg);
checkCrossOrigin(exampleOrg_app, nullPrin_app);
checkCrossOrigin(exampleOrg_browser, exampleOrg_app);
checkCrossOrigin(exampleOrg_browser, nullPrin_browser);
checkCrossOrigin(exampleOrg_appBrowser, exampleOrg_app);
checkCrossOrigin(exampleOrg_appBrowser, nullPrin_appBrowser);
checkCrossOrigin(exampleOrg_appBrowser, exampleCom_appBrowser);
- checkCrossOrigin(exampleOrg_addon, exampleOrg);
checkCrossOrigin(exampleOrg_firstPartyDomain, exampleOrg);
checkCrossOrigin(exampleOrg_userContext, exampleOrg);
- checkCrossOrigin(exampleOrg_userContextAddon, exampleOrg);
- checkCrossOrigin(exampleOrg_userContext, exampleOrg_userContextAddon);
checkCrossOrigin(exampleOrg_userContext, exampleOrg_userContextApp);
// Check Principal kinds.
function checkKind(prin, kind) {
do_check_eq(prin.isNullPrincipal, kind == 'nullPrincipal');
do_check_eq(prin.isCodebasePrincipal, kind == 'codebasePrincipal');
do_check_eq(prin.isExpandedPrincipal, kind == 'expandedPrincipal');
do_check_eq(prin.isSystemPrincipal, kind == 'systemPrincipal');
@@ -213,17 +196,16 @@ function run_test() {
var emptyAttrs = ChromeUtils.fillNonDefaultOriginAttributes({});
checkValues(emptyAttrs);
var uri = "http://example.org";
var tests = [
[ "", {} ],
[ "^appId=5", {appId: 5} ],
[ "^userContextId=3", {userContextId: 3} ],
- [ "^addonId=fooBar", {addonId: "fooBar"} ],
[ "^inBrowser=1", {inIsolatedMozBrowser: true} ],
[ "^firstPartyDomain=example.org", {firstPartyDomain: "example.org"} ],
[ "^appId=3&inBrowser=1&userContextId=6",
{appId: 3, userContextId: 6, inIsolatedMozBrowser: true} ] ];
// check that we can create an origin attributes from an origin properly
tests.forEach(t => {
let attrs = ChromeUtils.createOriginAttributesFromOrigin(uri + t[0]);
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -12393,17 +12393,16 @@ nsDocShell::AddToSessionHistory(nsIURI*
if (loadInfo->GetLoadingSandboxed()) {
if (loadInfo->LoadingPrincipal()) {
principalToInherit = nsNullPrincipal::CreateWithInheritedAttributes(
loadInfo->LoadingPrincipal());
} else {
// get the OriginAttributes
OriginAttributes attrs;
loadInfo->GetOriginAttributes(&attrs);
- attrs.StripAttributes(OriginAttributes::STRIP_ADDON_ID);
principalToInherit = nsNullPrincipal::Create(attrs);
}
} else {
principalToInherit = loadInfo->PrincipalToInherit();
}
}
}
}
--- a/dom/base/ChromeUtils.cpp
+++ b/dom/base/ChromeUtils.cpp
@@ -177,18 +177,17 @@ ChromeUtils::IsOriginAttributesEqual(dom
{
return IsOriginAttributesEqual(aA, aB);
}
/* static */ bool
ChromeUtils::IsOriginAttributesEqual(const dom::OriginAttributesDictionary& aA,
const dom::OriginAttributesDictionary& aB)
{
- return aA.mAddonId == aB.mAddonId &&
- aA.mAppId == aB.mAppId &&
+ return aA.mAppId == aB.mAppId &&
aA.mInIsolatedMozBrowser == aB.mInIsolatedMozBrowser &&
aA.mUserContextId == aB.mUserContextId &&
aA.mPrivateBrowsingId == aB.mPrivateBrowsingId;
}
/* static */ bool
ChromeUtils::IsOriginAttributesEqualIgnoringFPD(const dom::OriginAttributesDictionary& aA,
const dom::OriginAttributesDictionary& aB)
--- a/dom/base/nsContentUtils.cpp
+++ b/dom/base/nsContentUtils.cpp
@@ -3187,36 +3187,36 @@ nsContentUtils::GetOriginAttributes(nsID
nsCOMPtr<nsILoadGroup> loadGroup = aDocument->GetDocumentLoadGroup();
if (loadGroup) {
return GetOriginAttributes(loadGroup);
}
mozilla::OriginAttributes attrs;
nsCOMPtr<nsIChannel> channel = aDocument->GetChannel();
- if (channel && NS_GetOriginAttributes(channel, attrs)) {
- attrs.StripAttributes(OriginAttributes::STRIP_ADDON_ID);
+ if (channel) {
+ NS_GetOriginAttributes(channel, attrs);
}
return attrs;
}
// static
mozilla::OriginAttributes
nsContentUtils::GetOriginAttributes(nsILoadGroup* aLoadGroup)
{
if (!aLoadGroup) {
return mozilla::OriginAttributes();
}
mozilla::OriginAttributes attrs;
nsCOMPtr<nsIInterfaceRequestor> callbacks;
aLoadGroup->GetNotificationCallbacks(getter_AddRefs(callbacks));
if (callbacks) {
nsCOMPtr<nsILoadContext> loadContext = do_GetInterface(callbacks);
- if (loadContext && loadContext->GetOriginAttributes(attrs)) {
- attrs.StripAttributes(OriginAttributes::STRIP_ADDON_ID);
+ if (loadContext) {
+ loadContext->GetOriginAttributes(attrs);
}
}
return attrs;
}
// static
bool
nsContentUtils::IsInPrivateBrowsing(nsIDocument* aDoc)
--- a/dom/webidl/ChromeUtils.webidl
+++ b/dom/webidl/ChromeUtils.webidl
@@ -73,20 +73,18 @@ interface ChromeUtils : ThreadSafeChrome
* (2) Update the methods on mozilla::OriginAttributes, including equality,
* serialization, deserialization, and inheritance.
* (3) Update the methods on mozilla::OriginAttributesPattern, including matching.
*/
dictionary OriginAttributesDictionary {
unsigned long appId = 0;
unsigned long userContextId = 0;
boolean inIsolatedMozBrowser = false;
- DOMString addonId = "";
unsigned long privateBrowsingId = 0;
DOMString firstPartyDomain = "";
};
dictionary OriginAttributesPatternDictionary {
unsigned long appId;
unsigned long userContextId;
boolean inIsolatedMozBrowser;
- DOMString addonId;
unsigned long privateBrowsingId;
DOMString firstPartyDomain;
};
--- a/netwerk/base/LoadContextInfo.cpp
+++ b/netwerk/base/LoadContextInfo.cpp
@@ -141,17 +141,16 @@ LoadContextInfo *
GetLoadContextInfo(nsILoadContext *aLoadContext, bool aIsAnonymous)
{
if (!aLoadContext) {
return new LoadContextInfo(aIsAnonymous, OriginAttributes());
}
OriginAttributes oa;
aLoadContext->GetOriginAttributes(oa);
- oa.StripAttributes(OriginAttributes::STRIP_ADDON_ID);
#ifdef DEBUG
nsCOMPtr<nsIDocShellTreeItem> docShell = do_QueryInterface(aLoadContext);
if (!docShell || docShell->ItemType() != nsIDocShellTreeItem::typeChrome) {
MOZ_ASSERT(aLoadContext->UsePrivateBrowsing() == (oa.mPrivateBrowsingId > 0));
}
#endif
--- a/netwerk/base/LoadInfo.cpp
+++ b/netwerk/base/LoadInfo.cpp
@@ -471,17 +471,16 @@ LoadInfo::GetSandboxedLoadingPrincipal(n
}
if (!mSandboxedLoadingPrincipal) {
if (mLoadingPrincipal) {
mSandboxedLoadingPrincipal =
nsNullPrincipal::CreateWithInheritedAttributes(mLoadingPrincipal);
} else {
OriginAttributes attrs(mOriginAttributes);
- attrs.StripAttributes(OriginAttributes::STRIP_ADDON_ID);
mSandboxedLoadingPrincipal = nsNullPrincipal::Create(attrs);
}
}
MOZ_ASSERT(mSandboxedLoadingPrincipal);
nsCOMPtr<nsIPrincipal> copy(mSandboxedLoadingPrincipal);
copy.forget(aPrincipal);
return NS_OK;
--- a/netwerk/protocol/http/HttpChannelParent.cpp
+++ b/netwerk/protocol/http/HttpChannelParent.cpp
@@ -554,17 +554,16 @@ HttpChannelParent::DoAsyncOpen( const U
appCacheChan->SetApplicationCache(appCache);
setChooseApplicationCache = false;
}
}
if (setChooseApplicationCache) {
OriginAttributes attrs;
NS_GetOriginAttributes(mChannel, attrs);
- attrs.StripAttributes(OriginAttributes::STRIP_ADDON_ID);
nsCOMPtr<nsIPrincipal> principal =
BasePrincipal::CreateCodebasePrincipal(uri, attrs);
bool chooseAppCache = false;
// This works because we've already called SetNotificationCallbacks and
// done mPBOverride logic by this point.
chooseAppCache = NS_ShouldCheckAppCache(principal, NS_UsePrivateBrowsing(mChannel));
--- a/netwerk/protocol/http/nsHttpHandler.cpp
+++ b/netwerk/protocol/http/nsHttpHandler.cpp
@@ -2281,17 +2281,16 @@ nsHttpHandler::SpeculativeConnectInterna
OriginAttributes originAttributes;
// If the principal is given, we use the originAttributes from this
// principal. Otherwise, we use the originAttributes from the
// loadContext.
if (aPrincipal) {
originAttributes.Inherit(aPrincipal->OriginAttributesRef());
} else if (loadContext) {
loadContext->GetOriginAttributes(originAttributes);
- originAttributes.StripAttributes(OriginAttributes::STRIP_ADDON_ID);
}
nsCOMPtr<nsIURI> clone;
if (NS_SUCCEEDED(sss->IsSecureURI(nsISiteSecurityService::HEADER_HSTS,
aURI, flags, originAttributes,
nullptr, &isStsHost)) &&
isStsHost) {
if (NS_SUCCEEDED(NS_GetSecureUpgradedURI(aURI,