diff options
Diffstat (limited to 'browser/base/content/browser.js')
| -rwxr-xr-x | browser/base/content/browser.js | 83 |
1 files changed, 27 insertions, 56 deletions
diff --git a/browser/base/content/browser.js b/browser/base/content/browser.js index 696a2871a..2380f5d21 100755 --- a/browser/base/content/browser.js +++ b/browser/base/content/browser.js @@ -71,6 +71,10 @@ XPCOMUtils.defineLazyModuleGetter(this, "SafeBrowsing", ["gDNSService", "@mozilla.org/network/dns-service;1", "nsIDNSService"], ].forEach(([name, cc, ci]) => XPCOMUtils.defineLazyServiceGetter(this, name, cc, ci)); +XPCOMUtils.defineLazyServiceGetter(this, "gSerializationHelper", + "@mozilla.org/network/serialization-helper;1", + "nsISerializationHelper"); + XPCOMUtils.defineLazyGetter(this, "BrowserToolboxProcess", function() { let tmp = {}; Cu.import("resource://devtools/client/framework/ToolboxProcess.jsm", tmp); @@ -807,6 +811,7 @@ function _loadURIWithFlags(browser, uri, params) { if (!uri) { uri = "about:blank"; } + let triggeringPrincipal = params.triggeringPrincipal || null; let flags = params.flags || 0; let referrer = params.referrerURI; let referrerPolicy = ('referrerPolicy' in params ? params.referrerPolicy : @@ -831,7 +836,7 @@ function _loadURIWithFlags(browser, uri, params) { browser.webNavigation.loadURIWithOptions(uri, flags, referrer, referrerPolicy, - postData, null, null); + postData, null, null, triggeringPrincipal); } else { // Check if the current browser is allowed to unload. let {permitUnload, timedOut} = browser.permitUnload(); @@ -845,6 +850,9 @@ function _loadURIWithFlags(browser, uri, params) { let loadParams = { uri: uri, + triggeringPrincipal: triggeringPrincipal + ? gSerializationHelper.serializeToString(triggeringPrincipal) + : null, flags: flags, referrer: referrer ? referrer.spec : null, referrerPolicy: referrerPolicy, @@ -872,7 +880,7 @@ function _loadURIWithFlags(browser, uri, params) { } browser.webNavigation.loadURIWithOptions(uri, flags, referrer, referrerPolicy, - postData, null, null); + postData, null, null, triggeringPrincipal); } else { throw e; } @@ -1164,6 +1172,7 @@ var gBrowserInit = { // [5]: referrerPolicy (int) // [6]: userContextId (int) // [7]: originPrincipal (nsIPrincipal) + // [8]: triggeringPrincipal (nsIPrincipal) else if (window.arguments.length >= 3) { let referrerURI = window.arguments[2]; if (typeof(referrerURI) == "string") { @@ -1181,7 +1190,7 @@ var gBrowserInit = { window.arguments[4] || false, referrerPolicy, userContextId, // pass the origin principal (if any) and force its use to create // an initial about:blank viewer if present: - window.arguments[7], !!window.arguments[7]); + window.arguments[7], !!window.arguments[7], window.arguments[8]); window.focus(); } // Note: loadOneOrMoreURIs *must not* be called if window.arguments.length >= 3. @@ -2067,7 +2076,8 @@ function BrowserTryToCloseWindow() } function loadURI(uri, referrer, postData, allowThirdPartyFixup, referrerPolicy, - userContextId, originPrincipal, forceAboutBlankViewerInCurrent) { + userContextId, originPrincipal, forceAboutBlankViewerInCurrent, + triggeringPrincipal) { try { openLinkIn(uri, "current", { referrerURI: referrer, @@ -2076,6 +2086,7 @@ function loadURI(uri, referrer, postData, allowThirdPartyFixup, referrerPolicy, allowThirdPartyFixup: allowThirdPartyFixup, userContextId: userContextId, originPrincipal, + triggeringPrincipal, forceAboutBlankViewerInCurrent, }); } catch (e) {} @@ -2779,24 +2790,6 @@ var BrowserOnClick = { } }, - handleEvent: function (event) { - if (!event.isTrusted || // Don't trust synthetic events - event.button == 2) { - return; - } - - let originalTarget = event.originalTarget; - let ownerDoc = originalTarget.ownerDocument; - if (!ownerDoc) { - return; - } - - if (gMultiProcessBrowser && - ownerDoc.documentURI.toLowerCase() == "about:newtab") { - this.onE10sAboutNewTab(event, ownerDoc); - } - }, - receiveMessage: function (msg) { switch (msg.name) { case "Browser:CertExceptionError": @@ -2990,28 +2983,6 @@ var BrowserOnClick = { } }, - /** - * This functions prevents navigation from happening directly through the <a> - * link in about:newtab (which is loaded in the parent and therefore would load - * the next page also in the parent) and instructs the browser to open the url - * in the current tab which will make it update the remoteness of the tab. - */ - onE10sAboutNewTab: function(event, ownerDoc) { - let isTopFrame = (ownerDoc.defaultView.parent === ownerDoc.defaultView); - if (!isTopFrame) { - return; - } - - let anchorTarget = event.originalTarget.parentNode; - - if (anchorTarget instanceof HTMLAnchorElement && - anchorTarget.classList.contains("newtab-link")) { - event.preventDefault(); - let where = whereToOpenLink(event, false, false); - openLinkIn(anchorTarget.href, where, { charset: ownerDoc.characterSet, referrerURI: ownerDoc.documentURIObject }); - } - }, - ignoreWarningButton: function (reason) { // Allow users to override and continue through to the site, // but add a notify bar as a reminder, so that they don't lose @@ -4809,13 +4780,9 @@ var TabsProgressListener = { } } - // Attach a listener to watch for "click" events bubbling up from error - // pages and other similar pages (like about:newtab). This lets us fix bugs - // like 401575 which require error page UI to do privileged things, without - // letting error pages have any privilege themselves. - // We can't look for this during onLocationChange since at that point the - // document URI is not yet the about:-uri of the error page. - + // We used to listen for clicks in the browser here, but when that + // became unnecessary, removing the code below caused focus issues. + // This code should be removed. Tracked in bug 1337794. let isRemoteBrowser = aBrowser.isRemoteBrowser; // We check isRemoteBrowser here to avoid requesting the doc CPOW let doc = isRemoteBrowser ? null : aWebProgress.DOMWindow.document; @@ -4830,11 +4797,9 @@ var TabsProgressListener = { // STATE_STOP may be received twice for documents, thus store an // attribute to ensure handling it just once. doc.documentElement.setAttribute("hasBrowserHandlers", "true"); - aBrowser.addEventListener("click", BrowserOnClick, true); aBrowser.addEventListener("pagehide", function onPageHide(event) { if (event.target.defaultView.frameElement) return; - aBrowser.removeEventListener("click", BrowserOnClick, true); aBrowser.removeEventListener("pagehide", onPageHide, true); if (event.target.documentElement) event.target.documentElement.removeAttribute("hasBrowserHandlers"); @@ -4883,7 +4848,7 @@ nsBrowserAccess.prototype = { _openURIInNewTab: function(aURI, aReferrer, aReferrerPolicy, aIsPrivate, aIsExternal, aForceNotRemote=false, aUserContextId=Ci.nsIScriptSecurityManager.DEFAULT_USER_CONTEXT_ID, - aOpener=null) { + aOpener = null, aTriggeringPrincipal = null) { let win, needToFocusWin; // try the current window. if we're in a popup, fall back on the most recent browser window @@ -4908,6 +4873,7 @@ nsBrowserAccess.prototype = { let loadInBackground = gPrefService.getBoolPref("browser.tabs.loadDivertedInBackground"); let tab = win.gBrowser.loadOneTab(aURI ? aURI.spec : "about:blank", { + triggeringPrincipal: aTriggeringPrincipal, referrerURI: aReferrer, referrerPolicy: aReferrerPolicy, userContextId: aUserContextId, @@ -4956,9 +4922,11 @@ nsBrowserAccess.prototype = { } let referrer = aOpener ? makeURI(aOpener.location.href) : null; + let triggeringPrincipal = null; let referrerPolicy = Ci.nsIHttpChannel.REFERRER_POLICY_DEFAULT; if (aOpener && aOpener.document) { referrerPolicy = aOpener.document.referrerPolicy; + triggeringPrincipal = aOpener.document.nodePrincipal; } let isPrivate = aOpener ? PrivateBrowsingUtils.isContentWindowPrivate(aOpener) @@ -4992,7 +4960,7 @@ nsBrowserAccess.prototype = { let browser = this._openURIInNewTab(aURI, referrer, referrerPolicy, isPrivate, isExternal, forceNotRemote, userContextId, - openerWindow); + openerWindow, triggeringPrincipal); if (browser) newWindow = browser.contentWindow; break; @@ -5003,6 +4971,7 @@ nsBrowserAccess.prototype = { Ci.nsIWebNavigation.LOAD_FLAGS_FROM_EXTERNAL : Ci.nsIWebNavigation.LOAD_FLAGS_NONE; gBrowser.loadURIWithFlags(aURI.spec, { + triggeringPrincipal, flags: loadflags, referrerURI: referrer, referrerPolicy: referrerPolicy, @@ -5031,7 +5000,8 @@ nsBrowserAccess.prototype = { aParams.referrerPolicy, aParams.isPrivate, isExternal, false, - userContextId); + userContextId, null, + aParams.triggeringPrincipal); if (browser) return browser.QueryInterface(Ci.nsIFrameLoaderOwner); @@ -5584,6 +5554,7 @@ function handleLinkClick(event, href, linkNode) { referrerPolicy: referrerPolicy, noReferrer: BrowserUtils.linkHasNoReferrer(linkNode), originPrincipal: doc.nodePrincipal, + triggeringPrincipal: doc.nodePrincipal, }; // The new tab/window must use the same userContextId |