From f35bf8b65d25f88c7e34263337b05619a78868f6 Mon Sep 17 00:00:00 2001
From: Andrea Marchesini <amarchesini@mozilla.com>
Date: Thu, 10 May 2018 11:24:25 +0200
Subject: Bug 1459206 - Use FileSystemSecurity in
 ContentParent::RecvGetFilesRequest. r=ehsan, a=jcristau

--HG--
extra : rebase_source : 542dca7fe46dd965ecde4c8387685beaf20ec3de
---
 dom/filesystem/tests/test_webkitdirectory.html | 1 +
 dom/ipc/ContentParent.cpp                      | 8 ++++++++
 2 files changed, 9 insertions(+)

(limited to 'dom')

diff --git a/dom/filesystem/tests/test_webkitdirectory.html b/dom/filesystem/tests/test_webkitdirectory.html
index 825f5e8fb..591619e45 100644
--- a/dom/filesystem/tests/test_webkitdirectory.html
+++ b/dom/filesystem/tests/test_webkitdirectory.html
@@ -152,6 +152,7 @@ function test_changeDataWhileWorking() {
 
 function test_setup() {
   SpecialPowers.pushPrefEnv({"set": [["dom.input.dirpicker", true],
+                                     ["dom.filesystem.pathcheck.disabled", true],
                                      ["dom.webkitBlink.dirPicker.enabled", true]]}, next);
 }
 
diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp
index 3488e26bd..fb97adc42 100644
--- a/dom/ipc/ContentParent.cpp
+++ b/dom/ipc/ContentParent.cpp
@@ -4721,6 +4721,14 @@ ContentParent::RecvGetFilesRequest(const nsID& aUUID,
 {
   MOZ_ASSERT(!mGetFilesPendingRequests.GetWeak(aUUID));
 
+  if (!mozilla::Preferences::GetBool("dom.filesystem.pathcheck.disabled", false)) {
+    RefPtr<FileSystemSecurity> fss = FileSystemSecurity::Get();
+    if (NS_WARN_IF(!fss ||
+                   !fss->ContentProcessHasAccessTo(ChildID(), aDirectoryPath))) {
+      return IPC_FAIL_NO_REASON(this);
+    }
+  }
+
   ErrorResult rv;
   RefPtr<GetFilesHelper> helper =
     GetFilesHelperParent::Create(aUUID, aDirectoryPath, aRecursiveFlag, this,
-- 
cgit v1.2.3