From 13f3978a14cb90eb01fc7f185f62b2ee2ac9f466 Mon Sep 17 00:00:00 2001
From: janekptacijarabaci <janekptacijarabaci@seznam.cz>
Date: Sun, 22 Apr 2018 22:16:58 +0200
Subject: Revert "Bug 1182569 - Skip security check for plugins using newstream
 attribute"

This reverts commit 5b0f4649b3fee771379af60ec04d43b8a525cf80.
---
 dom/base/nsContentUtils.cpp                |  2 +-
 dom/plugins/base/nsPluginInstanceOwner.cpp | 25 +++++++++++--------------
 2 files changed, 12 insertions(+), 15 deletions(-)

(limited to 'dom')

diff --git a/dom/base/nsContentUtils.cpp b/dom/base/nsContentUtils.cpp
index c3ff2b4d8..ef87a250e 100644
--- a/dom/base/nsContentUtils.cpp
+++ b/dom/base/nsContentUtils.cpp
@@ -5100,7 +5100,7 @@ nsContentUtils::TriggerLink(nsIContent *aContent, nsPresContext *aPresContext,
 
     handler->OnLinkClick(aContent, aLinkURI,
                          fileName.IsVoid() ? aTargetSpec.get() : EmptyString().get(),
-                         fileName, nullptr, nullptr, aIsTrusted, aContent->NodePrincipal());
+                         fileName, nullptr, nullptr, aIsTrusted);
   }
 }
 
diff --git a/dom/plugins/base/nsPluginInstanceOwner.cpp b/dom/plugins/base/nsPluginInstanceOwner.cpp
index 7de6c2b73..b7651be1a 100644
--- a/dom/plugins/base/nsPluginInstanceOwner.cpp
+++ b/dom/plugins/base/nsPluginInstanceOwner.cpp
@@ -535,6 +535,16 @@ NS_IMETHODIMP nsPluginInstanceOwner::GetURL(const char *aURL,
   nsresult rv = NS_NewURI(getter_AddRefs(uri), aURL, baseURI);
   NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE);
 
+  if (aDoCheckLoadURIChecks) {
+    nsCOMPtr<nsIScriptSecurityManager> secMan(
+      do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv));
+    NS_ENSURE_TRUE(secMan, NS_ERROR_FAILURE);
+
+    rv = secMan->CheckLoadURIWithPrincipal(content->NodePrincipal(), uri,
+                                           nsIScriptSecurityManager::STANDARD);
+    NS_ENSURE_SUCCESS(rv, rv);
+  }
+
   nsCOMPtr<nsIInputStream> headersDataStream;
   if (aPostStream && aHeadersData) {
     if (!aHeadersDataLen)
@@ -553,21 +563,8 @@ NS_IMETHODIMP nsPluginInstanceOwner::GetURL(const char *aURL,
     Preferences::GetInt("privacy.popups.disable_from_plugins");
   nsAutoPopupStatePusher popupStatePusher((PopupControlState)blockPopups);
 
-
-  // if security checks (in particular CheckLoadURIWithPrincipal) needs
-  // to be skipped we are creating a codebasePrincipal to make sure
-  // that security check succeeds. Please note that we do not want to
-  // fall back to using the systemPrincipal, because that would also
-  // bypass ContentPolicy checks which should still be enforced.
-  nsCOMPtr<nsIPrincipal> triggeringPrincipal;
-  if (!aDoCheckLoadURIChecks) {
-    mozilla::PrincipalOriginAttributes attrs =
-      BasePrincipal::Cast(content->NodePrincipal())->OriginAttributesRef();
-    triggeringPrincipal = BasePrincipal::CreateCodebasePrincipal(uri, attrs);
-  }
-
   rv = lh->OnLinkClick(content, uri, unitarget.get(), NullString(),
-                       aPostStream, headersDataStream, true, triggeringPrincipal);
+                       aPostStream, headersDataStream, true);
 
   return rv;
 }
-- 
cgit v1.2.3