summaryrefslogtreecommitdiffstats
path: root/docshell/base
diff options
context:
space:
mode:
authorjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-04-30 22:09:55 +0200
committerjanekptacijarabaci <janekptacijarabaci@seznam.cz>2018-04-30 22:09:55 +0200
commitd45c25971c084ba4afb38cec530f789969d6a338 (patch)
treede43172c006152a74ef7026c77904a5ab1f0d9e3 /docshell/base
parentf799598d65a59660ef67ed965849853c8e5ca1e6 (diff)
downloadUXP-d45c25971c084ba4afb38cec530f789969d6a338.tar
UXP-d45c25971c084ba4afb38cec530f789969d6a338.tar.gz
UXP-d45c25971c084ba4afb38cec530f789969d6a338.tar.lz
UXP-d45c25971c084ba4afb38cec530f789969d6a338.tar.xz
UXP-d45c25971c084ba4afb38cec530f789969d6a338.zip
Bug 1182569 - Skip security check for plugins using newstream attribute
Diffstat (limited to 'docshell/base')
-rw-r--r--docshell/base/nsDocShell.cpp28
-rw-r--r--docshell/base/nsDocShell.h6
-rw-r--r--docshell/base/nsILinkHandler.h10
3 files changed, 32 insertions, 12 deletions
diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp
index de8f79f0a..d67941620 100644
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -13918,7 +13918,8 @@ public:
const nsAString& aFileName,
nsIInputStream* aPostDataStream,
nsIInputStream* aHeadersDataStream,
- bool aIsTrusted);
+ bool aIsTrusted,
+ nsIPrincipal* aTriggeringPrincipal);
NS_IMETHOD Run() override
{
@@ -13934,7 +13935,7 @@ public:
mHandler->OnLinkClickSync(mContent, mURI,
mTargetSpec.get(), mFileName,
mPostDataStream, mHeadersDataStream,
- nullptr, nullptr);
+ nullptr, nullptr, mTriggeringPrincipal);
}
return NS_OK;
}
@@ -13949,6 +13950,7 @@ private:
nsCOMPtr<nsIContent> mContent;
PopupControlState mPopupState;
bool mIsTrusted;
+ nsCOMPtr<nsIPrincipal> mTriggeringPrincipal;
};
OnLinkClickEvent::OnLinkClickEvent(nsDocShell* aHandler,
@@ -13958,7 +13960,8 @@ OnLinkClickEvent::OnLinkClickEvent(nsDocShell* aHandler,
const nsAString& aFileName,
nsIInputStream* aPostDataStream,
nsIInputStream* aHeadersDataStream,
- bool aIsTrusted)
+ bool aIsTrusted,
+ nsIPrincipal* aTriggeringPrincipal)
: mHandler(aHandler)
, mURI(aURI)
, mTargetSpec(aTargetSpec)
@@ -13968,6 +13971,7 @@ OnLinkClickEvent::OnLinkClickEvent(nsDocShell* aHandler,
, mContent(aContent)
, mPopupState(mHandler->mScriptGlobal->GetPopupControlState())
, mIsTrusted(aIsTrusted)
+ , mTriggeringPrincipal(aTriggeringPrincipal)
{
}
@@ -13978,7 +13982,8 @@ nsDocShell::OnLinkClick(nsIContent* aContent,
const nsAString& aFileName,
nsIInputStream* aPostDataStream,
nsIInputStream* aHeadersDataStream,
- bool aIsTrusted)
+ bool aIsTrusted,
+ nsIPrincipal* aTriggeringPrincipal)
{
NS_ASSERTION(NS_IsMainThread(), "wrong thread");
@@ -14017,7 +14022,8 @@ nsDocShell::OnLinkClick(nsIContent* aContent,
nsCOMPtr<nsIRunnable> ev =
new OnLinkClickEvent(this, aContent, aURI, target.get(), aFileName,
- aPostDataStream, aHeadersDataStream, aIsTrusted);
+ aPostDataStream, aHeadersDataStream,
+ aIsTrusted, aTriggeringPrincipal);
return NS_DispatchToCurrentThread(ev);
}
@@ -14029,7 +14035,8 @@ nsDocShell::OnLinkClickSync(nsIContent* aContent,
nsIInputStream* aPostDataStream,
nsIInputStream* aHeadersDataStream,
nsIDocShell** aDocShell,
- nsIRequest** aRequest)
+ nsIRequest** aRequest,
+ nsIPrincipal* aTriggeringPrincipal)
{
// Initialize the DocShell / Request
if (aDocShell) {
@@ -14152,13 +14159,18 @@ nsDocShell::OnLinkClickSync(nsIContent* aContent,
return NS_ERROR_OUT_OF_MEMORY;
}
+ // if the triggeringPrincipal is not passed explicitly, then we
+ // fall back to using doc->NodePrincipal() as the triggeringPrincipal.
+ nsCOMPtr<nsIPrincipal> triggeringPrincipal =
+ aTriggeringPrincipal ? aTriggeringPrincipal
+ : aContent->NodePrincipal();
+
nsresult rv = InternalLoad(clonedURI, // New URI
nullptr, // Original URI
false, // LoadReplace
referer, // Referer URI
refererPolicy, // Referer policy
- aContent->NodePrincipal(), // Triggering is our node's
- // principal
+ triggeringPrincipal,
aContent->NodePrincipal(),
flags,
target, // Window target
diff --git a/docshell/base/nsDocShell.h b/docshell/base/nsDocShell.h
index 63a4e3358..f510a15b0 100644
--- a/docshell/base/nsDocShell.h
+++ b/docshell/base/nsDocShell.h
@@ -201,7 +201,8 @@ public:
const nsAString& aFileName,
nsIInputStream* aPostDataStream,
nsIInputStream* aHeadersDataStream,
- bool aIsTrusted) override;
+ bool aIsTrusted,
+ nsIPrincipal* aTriggeringPrincipal) override;
NS_IMETHOD OnLinkClickSync(nsIContent* aContent,
nsIURI* aURI,
const char16_t* aTargetSpec,
@@ -209,7 +210,8 @@ public:
nsIInputStream* aPostDataStream = 0,
nsIInputStream* aHeadersDataStream = 0,
nsIDocShell** aDocShell = 0,
- nsIRequest** aRequest = 0) override;
+ nsIRequest** aRequest = 0,
+ nsIPrincipal* aTriggeringPrincipal = nullptr) override;
NS_IMETHOD OnOverLink(nsIContent* aContent,
nsIURI* aURI,
const char16_t* aTargetSpec) override;
diff --git a/docshell/base/nsILinkHandler.h b/docshell/base/nsILinkHandler.h
index 7cdcd566d..7069f1f1d 100644
--- a/docshell/base/nsILinkHandler.h
+++ b/docshell/base/nsILinkHandler.h
@@ -37,6 +37,8 @@ public:
* @param aFileName non-null when the link should be downloaded as the given file
* @param aHeadersDataStream ???
* @param aIsTrusted false if the triggerer is an untrusted DOM event.
+ * @param aTriggeringPrincipal, if not passed explicitly we fall back to
+ * the document's principal.
*/
NS_IMETHOD OnLinkClick(nsIContent* aContent,
nsIURI* aURI,
@@ -44,7 +46,8 @@ public:
const nsAString& aFileName,
nsIInputStream* aPostDataStream,
nsIInputStream* aHeadersDataStream,
- bool aIsTrusted) = 0;
+ bool aIsTrusted,
+ nsIPrincipal* aTriggeringPrincipal) = 0;
/**
* Process a click on a link.
@@ -61,6 +64,8 @@ public:
* @param aHeadersDataStream ???
* @param aDocShell (out-param) the DocShell that the request was opened on
* @param aRequest the request that was opened
+ * @param aTriggeringPrincipal, if not passed explicitly we fall back to
+ * the document's principal.
*/
NS_IMETHOD OnLinkClickSync(nsIContent* aContent,
nsIURI* aURI,
@@ -69,7 +74,8 @@ public:
nsIInputStream* aPostDataStream = 0,
nsIInputStream* aHeadersDataStream = 0,
nsIDocShell** aDocShell = 0,
- nsIRequest** aRequest = 0) = 0;
+ nsIRequest** aRequest = 0,
+ nsIPrincipal* aTriggeringPrincipal = nullptr) = 0;
/**
* Process a mouse-over a link.