summaryrefslogtreecommitdiffstats
path: root/dom/canvas/ImageBitmap.cpp
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@wolfbeast.com>2019-06-04 23:58:47 +0200
committerwolfbeast <mcwerewolf@wolfbeast.com>2019-06-04 23:58:47 +0200
commitf47d45be4b6c8a1fc758d50497a964fc7a75154b (patch)
tree497657ef7d2d3dc2e2c752146a524a2c725dd26a /dom/canvas/ImageBitmap.cpp
parent363bfeb2c06e5f57136ebdab8da1ebeba0591520 (diff)
downloadUXP-f47d45be4b6c8a1fc758d50497a964fc7a75154b.tar
UXP-f47d45be4b6c8a1fc758d50497a964fc7a75154b.tar.gz
UXP-f47d45be4b6c8a1fc758d50497a964fc7a75154b.tar.lz
UXP-f47d45be4b6c8a1fc758d50497a964fc7a75154b.tar.xz
UXP-f47d45be4b6c8a1fc758d50497a964fc7a75154b.zip
Revert "Improve origin-clean algorithm"
This reverts commit e69b3f567c4b8957cc09ba4359e84939f77781c5.
Diffstat (limited to 'dom/canvas/ImageBitmap.cpp')
-rw-r--r--dom/canvas/ImageBitmap.cpp34
1 files changed, 32 insertions, 2 deletions
diff --git a/dom/canvas/ImageBitmap.cpp b/dom/canvas/ImageBitmap.cpp
index 4a1b6e3c2..6efe1b318 100644
--- a/dom/canvas/ImageBitmap.cpp
+++ b/dom/canvas/ImageBitmap.cpp
@@ -315,6 +315,36 @@ private:
const Maybe<IntRect>& mCropRect;
};
+static bool
+CheckSecurityForHTMLElements(bool aIsWriteOnly, bool aCORSUsed, nsIPrincipal* aPrincipal)
+{
+ MOZ_ASSERT(aPrincipal);
+
+ if (aIsWriteOnly) {
+ return false;
+ }
+
+ if (!aCORSUsed) {
+ nsIGlobalObject* incumbentSettingsObject = GetIncumbentGlobal();
+ if (NS_WARN_IF(!incumbentSettingsObject)) {
+ return false;
+ }
+
+ nsIPrincipal* principal = incumbentSettingsObject->PrincipalOrNull();
+ if (NS_WARN_IF(!principal) || !(principal->Subsumes(aPrincipal))) {
+ return false;
+ }
+ }
+
+ return true;
+}
+
+static bool
+CheckSecurityForHTMLElements(const nsLayoutUtils::SurfaceFromElementResult& aRes)
+{
+ return CheckSecurityForHTMLElements(aRes.mIsWriteOnly, aRes.mCORSUsed, aRes.mPrincipal);
+}
+
/*
* A wrapper to the nsLayoutUtils::SurfaceFromElement() function followed by the
* security checking.
@@ -335,7 +365,7 @@ GetSurfaceFromElement(nsIGlobalObject* aGlobal, HTMLElementType& aElement,
}
// Check origin-clean and pass back
- *aWriteOnly = res.mIsWriteOnly;
+ *aWriteOnly = !CheckSecurityForHTMLElements(res);
return surface.forget();
}
@@ -788,7 +818,7 @@ ImageBitmap::CreateInternal(nsIGlobalObject* aGlobal, HTMLVideoElement& aVideoEl
nsCOMPtr<nsIPrincipal> principal = aVideoEl.GetCurrentVideoPrincipal();
bool CORSUsed = aVideoEl.GetCORSMode() != CORS_NONE;
- writeOnly = CheckWriteOnlySecurity(CORSUsed, principal);
+ writeOnly = !CheckSecurityForHTMLElements(false, CORSUsed, principal);
// Create ImageBitmap.
ImageContainer *container = aVideoEl.GetImageContainer();