diff options
author | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-05-01 00:22:01 +0200 |
---|---|---|
committer | janekptacijarabaci <janekptacijarabaci@seznam.cz> | 2018-05-01 00:22:01 +0200 |
commit | cc4036a9cd56d504667c07fe215e61b22ab0e1f4 (patch) | |
tree | 5c7dea17ce684c1cce57011ef487370c22d0e677 | |
parent | 855f11d8f6789bcf10442f8e426bfc1f66bf834d (diff) | |
download | UXP-cc4036a9cd56d504667c07fe215e61b22ab0e1f4.tar UXP-cc4036a9cd56d504667c07fe215e61b22ab0e1f4.tar.gz UXP-cc4036a9cd56d504667c07fe215e61b22ab0e1f4.tar.lz UXP-cc4036a9cd56d504667c07fe215e61b22ab0e1f4.tar.xz UXP-cc4036a9cd56d504667c07fe215e61b22ab0e1f4.zip |
Bug 1344706 - Do not reuse originPrincipal as triggeringPrincipal within utilityOverlay.js
-rwxr-xr-x | browser/base/content/browser.js | 8 | ||||
-rw-r--r-- | browser/base/content/content.js | 1 | ||||
-rw-r--r-- | browser/base/content/nsContextMenu.js | 3 | ||||
-rw-r--r-- | browser/base/content/utilityOverlay.js | 23 | ||||
-rw-r--r-- | browser/modules/ContentClick.jsm | 1 |
5 files changed, 25 insertions, 11 deletions
diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index 0349ce401..2380f5d21 100755 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -1172,6 +1172,7 @@ var gBrowserInit = { // [5]: referrerPolicy (int) // [6]: userContextId (int) // [7]: originPrincipal (nsIPrincipal) + // [8]: triggeringPrincipal (nsIPrincipal) else if (window.arguments.length >= 3) { let referrerURI = window.arguments[2]; if (typeof(referrerURI) == "string") { @@ -1189,7 +1190,7 @@ var gBrowserInit = { window.arguments[4] || false, referrerPolicy, userContextId, // pass the origin principal (if any) and force its use to create // an initial about:blank viewer if present: - window.arguments[7], !!window.arguments[7]); + window.arguments[7], !!window.arguments[7], window.arguments[8]); window.focus(); } // Note: loadOneOrMoreURIs *must not* be called if window.arguments.length >= 3. @@ -2075,7 +2076,8 @@ function BrowserTryToCloseWindow() } function loadURI(uri, referrer, postData, allowThirdPartyFixup, referrerPolicy, - userContextId, originPrincipal, forceAboutBlankViewerInCurrent) { + userContextId, originPrincipal, forceAboutBlankViewerInCurrent, + triggeringPrincipal) { try { openLinkIn(uri, "current", { referrerURI: referrer, @@ -2084,6 +2086,7 @@ function loadURI(uri, referrer, postData, allowThirdPartyFixup, referrerPolicy, allowThirdPartyFixup: allowThirdPartyFixup, userContextId: userContextId, originPrincipal, + triggeringPrincipal, forceAboutBlankViewerInCurrent, }); } catch (e) {} @@ -5551,6 +5554,7 @@ function handleLinkClick(event, href, linkNode) { referrerPolicy: referrerPolicy, noReferrer: BrowserUtils.linkHasNoReferrer(linkNode), originPrincipal: doc.nodePrincipal, + triggeringPrincipal: doc.nodePrincipal, }; // The new tab/window must use the same userContextId diff --git a/browser/base/content/content.js b/browser/base/content/content.js index 2298d29c7..46e9b45d6 100644 --- a/browser/base/content/content.js +++ b/browser/base/content/content.js @@ -522,6 +522,7 @@ var ClickEventHandler = { } catch (e) {} } json.originPrincipal = ownerDoc.nodePrincipal; + json.triggeringPrincipal = ownerDoc.nodePrincipal; sendAsyncMessage("Content:Click", json); return; diff --git a/browser/base/content/nsContextMenu.js b/browser/base/content/nsContextMenu.js index cd93a803c..955184f64 100644 --- a/browser/base/content/nsContextMenu.js +++ b/browser/base/content/nsContextMenu.js @@ -968,6 +968,7 @@ nsContextMenu.prototype = { _openLinkInParameters : function (extra) { let params = { charset: gContextMenuContentData.charSet, originPrincipal: this.principal, + triggeringPrincipal: this.principal, referrerURI: gContextMenuContentData.documentURIObject, referrerPolicy: gContextMenuContentData.referrerPolicy, noReferrer: this.linkHasNoReferrer }; @@ -1152,7 +1153,7 @@ nsContextMenu.prototype = { this._canvasToBlobURL(this.target).then(function(blobURL) { openUILink(blobURL, e, { disallowInheritPrincipal: true, referrerURI: referrerURI, - originPrincipal: systemPrincipal}); + triggeringPrincipal: systemPrincipal}); }, Cu.reportError); } else { diff --git a/browser/base/content/utilityOverlay.js b/browser/base/content/utilityOverlay.js index 4b6f78bf3..b041915a7 100644 --- a/browser/base/content/utilityOverlay.js +++ b/browser/base/content/utilityOverlay.js @@ -225,6 +225,7 @@ function openLinkIn(url, where, params) { var aUserContextId = params.userContextId; var aIndicateErrorPageLoad = params.indicateErrorPageLoad; var aPrincipal = params.originPrincipal; + var aTriggeringPrincipal = params.triggeringPrincipal; var aForceAboutBlankViewerInCurrent = params.forceAboutBlankViewerInCurrent; @@ -264,13 +265,18 @@ function openLinkIn(url, where, params) { // Please note we do not have to do that for SystemPrincipals and we // can not do it for NullPrincipals since NullPrincipals are only // identical if they actually are the same object (See Bug: 1346759) - if (aPrincipal && aPrincipal.isCodebasePrincipal) { - let attrs = { - userContextId: aUserContextId, - privateBrowsingId: aIsPrivate || (w && PrivateBrowsingUtils.isWindowPrivate(w)), - }; - aPrincipal = Services.scriptSecurityManager.createCodebasePrincipal(aPrincipal.URI, attrs); + function useOAForPrincipal(principal) { + if (principal && principal.isCodebasePrincipal) { + let attrs = { + userContextId: aUserContextId, + privateBrowsingId: aIsPrivate || (w && PrivateBrowsingUtils.isWindowPrivate(w)), + }; + return Services.scriptSecurityManager.createCodebasePrincipal(principal.URI, attrs); + } + return principal; } + aPrincipal = useOAForPrincipal(aPrincipal); + aTriggeringPrincipal = useOAForPrincipal(aTriggeringPrincipal); if (!w || where == "window") { // Strip referrer data when opening a new private window, to prevent @@ -321,6 +327,7 @@ function openLinkIn(url, where, params) { sa.appendElement(referrerPolicySupports, /* weak =*/ false); sa.appendElement(userContextIdSupports, /* weak =*/ false); sa.appendElement(aPrincipal, /* weak =*/ false); + sa.appendElement(aTriggeringPrincipal, /* weak =*/ false); let features = "chrome,dialog=no,all"; if (aIsPrivate) { @@ -407,7 +414,7 @@ function openLinkIn(url, where, params) { } aCurrentBrowser.loadURIWithFlags(url, { - triggeringPrincipal: aPrincipal, + triggeringPrincipal: aTriggeringPrincipal, flags: flags, referrerURI: aNoReferrer ? null : aReferrerURI, referrerPolicy: aReferrerPolicy, @@ -433,7 +440,7 @@ function openLinkIn(url, where, params) { noReferrer: aNoReferrer, userContextId: aUserContextId, originPrincipal: aPrincipal, - triggeringPrincipal: aPrincipal, + triggeringPrincipal: aTriggeringPrincipal, }); browserUsedForLoad = tabUsedForLoad.linkedBrowser; break; diff --git a/browser/modules/ContentClick.jsm b/browser/modules/ContentClick.jsm index 8abc32525..40101d5d3 100644 --- a/browser/modules/ContentClick.jsm +++ b/browser/modules/ContentClick.jsm @@ -85,6 +85,7 @@ var ContentClick = { allowMixedContent: json.allowMixedContent, isContentWindowPrivate: json.isContentWindowPrivate, originPrincipal: json.originPrincipal, + triggeringPrincipal: json.triggeringPrincipal, }; // The new tab/window must use the same userContextId. |