Bug 1315233: Allow window.postMessage from system principal with mismatched origin attributes. r?baku
MozReview-Commit-ID: 1QlSjnrhlrG
--- a/dom/base/nsGlobalWindow.cpp
+++ b/dom/base/nsGlobalWindow.cpp
@@ -46,16 +46,17 @@
#include "nsIController.h"
#include "nsScriptNameSpaceManager.h"
#include "nsISlowScriptDebug.h"
#include "nsWindowMemoryReporter.h"
#include "WindowNamedPropertiesHandler.h"
#include "nsFrameSelection.h"
#include "nsNetUtil.h"
#include "nsVariant.h"
+#include "nsPrintfCString.h"
// Helper Classes
#include "nsJSUtils.h"
#include "jsapi.h" // for JSAutoRequest
#include "jswrapper.h"
#include "nsCharSeparatedTokenizer.h"
#include "nsReadableUtils.h"
#include "nsDOMClassInfo.h"
@@ -8488,16 +8489,45 @@ nsGlobalWindow::PostMessageMozOuter(JSCo
if (NS_FAILED(originURI->SetUserPass(EmptyCString())) ||
NS_FAILED(originURI->SetPath(EmptyCString()))) {
return;
}
PrincipalOriginAttributes attrs =
BasePrincipal::Cast(&aSubjectPrincipal)->OriginAttributesRef();
+ if (aSubjectPrincipal.GetIsSystemPrincipal()) {
+ auto principal = BasePrincipal::Cast(GetPrincipal());
+
+ if (attrs != principal->OriginAttributesRef()) {
+ nsCOMPtr<nsIURI> targetURI;
+ nsAutoCString targetURL;
+ nsAutoCString sourceOrigin;
+ nsAutoCString targetOrigin;
+
+ if (NS_FAILED(principal->GetURI(getter_AddRefs(targetURI))) ||
+ NS_FAILED(targetURI->GetAsciiSpec(targetURL)) ||
+ NS_FAILED(principal->GetOrigin(targetOrigin)) ||
+ NS_FAILED(aSubjectPrincipal.GetOrigin(sourceOrigin))) {
+ NS_WARNING("Failed to get source and target origins");
+ return;
+ }
+
+ nsContentUtils::LogSimpleConsoleError(
+ NS_ConvertUTF8toUTF16(nsPrintfCString(
+ "Attempting to post a message to window with url \"%s\" and "
+ "origin \"%s\" from a system principal scope with mismatched "
+ "origin \"%s\".",
+ targetURL.get(), targetOrigin.get(), sourceOrigin.get())),
+ "DOM");
+
+ attrs = principal->OriginAttributesRef();
+ }
+ }
+
// Create a nsIPrincipal inheriting the app/browser attributes from the
// caller.
providedPrincipal = BasePrincipal::CreateCodebasePrincipal(originURI, attrs);
if (NS_WARN_IF(!providedPrincipal)) {
return;
}
}