Skip to content

Commit

Permalink
Bug 1305237 LoadInfo changes to include all ancestors principals and …
Browse files Browse the repository at this point in the history
…window IDs, r=bz

MozReview-Commit-ID: ADVtxjSQjk5
  • Loading branch information
evilpie committed Oct 2, 2017
1 parent f3c25b7 commit 6bab599
Show file tree
Hide file tree
Showing 9 changed files with 135 additions and 1 deletion.
24 changes: 24 additions & 0 deletions docshell/base/nsDocShell.h
Original file line number Diff line number Diff line change
Expand Up @@ -329,6 +329,28 @@ class nsDocShell final
mAncestorPrincipals = mozilla::Move(aAncestorPrincipals);
}

/**
* Get the list of ancestor outerWindowIDs for this docshell. The list is meant
* to be the list of outer window IDs that correspond to the ancestorPrincipals
* above. For each ancestor principal, we store the parent window ID.
*/
const nsTArray<uint64_t>& AncestorOuterWindowIDs() const
{
return mAncestorOuterWindowIDs;
}

/**
* Set the list of ancestor outer window IDs for this docshell. We call this
* from frameloader as well in order to keep the array matched with the
* ancestor principals.
*
* This method steals the data from the passed-in array.
*/
void SetAncestorOuterWindowIDs(nsTArray<uint64_t>&& aAncestorOuterWindowIDs)
{
mAncestorOuterWindowIDs = mozilla::Move(aAncestorOuterWindowIDs);
}

private:
bool CanSetOriginAttributes();

Expand Down Expand Up @@ -1135,6 +1157,8 @@ class nsDocShell final

// Our list of ancestor principals.
nsTArray<nsCOMPtr<nsIPrincipal>> mAncestorPrincipals;
// Our list of ancestor outerWindowIDs.
nsTArray<uint64_t> mAncestorOuterWindowIDs;

// Separate function to do the actual name (i.e. not _top, _self etc.)
// searching for FindItemWithName.
Expand Down
1 change: 1 addition & 0 deletions dom/base/nsDocument.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -4969,6 +4969,7 @@ nsIDocument::SetContainer(nsDocShell* aContainer)
}

mAncestorPrincipals = aContainer->AncestorPrincipals();
mAncestorOuterWindowIDs = aContainer->AncestorOuterWindowIDs();
}

nsISupports*
Expand Down
12 changes: 11 additions & 1 deletion dom/base/nsFrameLoader.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -2711,14 +2711,24 @@ nsFrameLoader::MaybeCreateDocShell()

nsDocShell::Cast(mDocShell)->SetOriginAttributes(attrs);

// Typically there will be a window, however for some cases such as printing
// the document is cloned with a docshell that has no window. We check
// IsStaticDocument to ensure we don't try to gather ancestors for those cases.
if (!mDocShell->GetIsMozBrowser() &&
parentType == mDocShell->ItemType()) {
parentType == mDocShell->ItemType() &&
!doc->IsStaticDocument()) {
// Propagate through the ancestor principals.
nsTArray<nsCOMPtr<nsIPrincipal>> ancestorPrincipals;
// Make a copy, so we can modify it.
ancestorPrincipals = doc->AncestorPrincipals();
ancestorPrincipals.InsertElementAt(0, doc->NodePrincipal());
nsDocShell::Cast(mDocShell)->SetAncestorPrincipals(Move(ancestorPrincipals));

// Repeat for outer window IDs.
nsTArray<uint64_t> ancestorOuterWindowIDs;
ancestorOuterWindowIDs = doc->AncestorOuterWindowIDs();
ancestorOuterWindowIDs.InsertElementAt(0, doc->GetWindow()->WindowID());
nsDocShell::Cast(mDocShell)->SetAncestorOuterWindowIDs(Move(ancestorOuterWindowIDs));
}

ReallyLoadFrameScripts();
Expand Down
11 changes: 11 additions & 0 deletions dom/base/nsIDocument.h
Original file line number Diff line number Diff line change
Expand Up @@ -464,6 +464,15 @@ class nsIDocument : public nsINode,
return mAncestorPrincipals;
}

/**
* Get the list of ancestor outerWindowIDs for a document that correspond to
* the ancestor principals (see above for more details).
*/
const nsTArray<uint64_t>& AncestorOuterWindowIDs() const
{
return mAncestorOuterWindowIDs;
}

/**
* Return the LoadGroup for the document. May return null.
*/
Expand Down Expand Up @@ -3616,6 +3625,8 @@ class nsIDocument : public nsINode,
// List of ancestor principals. This is set at the point a document
// is connected to a docshell and not mutated thereafter.
nsTArray<nsCOMPtr<nsIPrincipal>> mAncestorPrincipals;
// List of ancestor outerWindowIDs that correspond to the ancestor principals.
nsTArray<uint64_t> mAncestorOuterWindowIDs;

// Restyle root for servo's style system.
//
Expand Down
20 changes: 20 additions & 0 deletions ipc/glue/BackgroundUtils.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -370,6 +370,13 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo,
NS_ENSURE_SUCCESS(rv, rv);
}

nsTArray<PrincipalInfo> ancestorPrincipals;
ancestorPrincipals.SetCapacity(aLoadInfo->AncestorPrincipals().Length());
for (const auto& principal : aLoadInfo->AncestorPrincipals()) {
rv = PrincipalToPrincipalInfo(principal, ancestorPrincipals.AppendElement());
NS_ENSURE_SUCCESS(rv, rv);
}

*aOptionalLoadInfoArgs =
LoadInfoArgs(
loadingPrincipalInfo,
Expand All @@ -395,6 +402,8 @@ LoadInfoToLoadInfoArgs(nsILoadInfo *aLoadInfo,
aLoadInfo->GetOriginAttributes(),
redirectChainIncludingInternalRedirects,
redirectChain,
ancestorPrincipals,
aLoadInfo->AncestorOuterWindowIDs(),
aLoadInfo->CorsUnsafeHeaders(),
aLoadInfo->GetForcePreflight(),
aLoadInfo->GetIsPreflight(),
Expand Down Expand Up @@ -467,6 +476,15 @@ LoadInfoArgsToLoadInfo(const OptionalLoadInfoArgs& aOptionalLoadInfoArgs,
redirectChain.AppendElement(redirectHistoryEntry.forget());
}

nsTArray<nsCOMPtr<nsIPrincipal>> ancestorPrincipals;
ancestorPrincipals.SetCapacity(loadInfoArgs.ancestorPrincipals().Length());
for (const PrincipalInfo& principalInfo : loadInfoArgs.ancestorPrincipals()) {
nsCOMPtr<nsIPrincipal> ancestorPrincipal =
PrincipalInfoToPrincipal(principalInfo, &rv);
NS_ENSURE_SUCCESS(rv, rv);
ancestorPrincipals.AppendElement(ancestorPrincipal.forget());
}

nsCOMPtr<nsILoadInfo> loadInfo =
new mozilla::LoadInfo(loadingPrincipal,
triggeringPrincipal,
Expand All @@ -491,6 +509,8 @@ LoadInfoArgsToLoadInfo(const OptionalLoadInfoArgs& aOptionalLoadInfoArgs,
loadInfoArgs.originAttributes(),
redirectChainIncludingInternalRedirects,
redirectChain,
Move(ancestorPrincipals),
loadInfoArgs.ancestorOuterWindowIDs(),
loadInfoArgs.corsUnsafeHeaders(),
loadInfoArgs.forcePreflight(),
loadInfoArgs.isPreflight(),
Expand Down
24 changes: 24 additions & 0 deletions netwerk/base/LoadInfo.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,9 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
}

mInnerWindowID = aLoadingContext->OwnerDoc()->InnerWindowID();
mAncestorPrincipals = aLoadingContext->OwnerDoc()->AncestorPrincipals();
mAncestorOuterWindowIDs = aLoadingContext->OwnerDoc()->AncestorOuterWindowIDs();
MOZ_DIAGNOSTIC_ASSERT(mAncestorPrincipals.Length() == mAncestorOuterWindowIDs.Length());

// When the element being loaded is a frame, we choose the frame's window
// for the window ID and the frame element's window as the parent
Expand Down Expand Up @@ -277,6 +280,9 @@ LoadInfo::LoadInfo(nsPIDOMWindowOuter* aOuterWindow,
nsCOMPtr<nsIDocShell> docShell = aOuterWindow->GetDocShell();
MOZ_ASSERT(docShell);
mOriginAttributes = nsDocShell::Cast(docShell)->GetOriginAttributes();
mAncestorPrincipals = nsDocShell::Cast(docShell)->AncestorPrincipals();
mAncestorOuterWindowIDs = nsDocShell::Cast(docShell)->AncestorOuterWindowIDs();
MOZ_DIAGNOSTIC_ASSERT(mAncestorPrincipals.Length() == mAncestorOuterWindowIDs.Length());

#ifdef DEBUG
if (docShell->ItemType() == nsIDocShellTreeItem::typeChrome) {
Expand Down Expand Up @@ -313,6 +319,8 @@ LoadInfo::LoadInfo(const LoadInfo& rhs)
, mRedirectChainIncludingInternalRedirects(
rhs.mRedirectChainIncludingInternalRedirects)
, mRedirectChain(rhs.mRedirectChain)
, mAncestorPrincipals(rhs.mAncestorPrincipals)
, mAncestorOuterWindowIDs(rhs.mAncestorOuterWindowIDs)
, mCorsUnsafeHeaders(rhs.mCorsUnsafeHeaders)
, mForcePreflight(rhs.mForcePreflight)
, mIsPreflight(rhs.mIsPreflight)
Expand Down Expand Up @@ -346,6 +354,8 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
const OriginAttributes& aOriginAttributes,
RedirectHistoryArray& aRedirectChainIncludingInternalRedirects,
RedirectHistoryArray& aRedirectChain,
nsTArray<nsCOMPtr<nsIPrincipal>>&& aAncestorPrincipals,
const nsTArray<uint64_t>& aAncestorOuterWindowIDs,
const nsTArray<nsCString>& aCorsUnsafeHeaders,
bool aForcePreflight,
bool aIsPreflight,
Expand Down Expand Up @@ -373,6 +383,8 @@ LoadInfo::LoadInfo(nsIPrincipal* aLoadingPrincipal,
, mInitialSecurityCheckDone(aInitialSecurityCheckDone)
, mIsThirdPartyContext(aIsThirdPartyContext)
, mOriginAttributes(aOriginAttributes)
, mAncestorPrincipals(Move(aAncestorPrincipals))
, mAncestorOuterWindowIDs(aAncestorOuterWindowIDs)
, mCorsUnsafeHeaders(aCorsUnsafeHeaders)
, mForcePreflight(aForcePreflight)
, mIsPreflight(aIsPreflight)
Expand Down Expand Up @@ -914,6 +926,18 @@ LoadInfo::RedirectChain()
return mRedirectChain;
}

const nsTArray<nsCOMPtr<nsIPrincipal>>&
LoadInfo::AncestorPrincipals()
{
return mAncestorPrincipals;
}

const nsTArray<uint64_t>&
LoadInfo::AncestorOuterWindowIDs()
{
return mAncestorOuterWindowIDs;
}

void
LoadInfo::SetCorsPreflightInfo(const nsTArray<nsCString>& aHeaders,
bool aForcePreflight)
Expand Down
4 changes: 4 additions & 0 deletions netwerk/base/LoadInfo.h
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,8 @@ class LoadInfo final : public nsILoadInfo
const OriginAttributes& aOriginAttributes,
RedirectHistoryArray& aRedirectChainIncludingInternalRedirects,
RedirectHistoryArray& aRedirectChain,
nsTArray<nsCOMPtr<nsIPrincipal>>&& aAncestorPrincipals,
const nsTArray<uint64_t>& aAncestorOuterWindowIDs,
const nsTArray<nsCString>& aUnsafeHeaders,
bool aForcePreflight,
bool aIsPreflight,
Expand Down Expand Up @@ -168,6 +170,8 @@ class LoadInfo final : public nsILoadInfo
OriginAttributes mOriginAttributes;
RedirectHistoryArray mRedirectChainIncludingInternalRedirects;
RedirectHistoryArray mRedirectChain;
nsTArray<nsCOMPtr<nsIPrincipal>> mAncestorPrincipals;
nsTArray<uint64_t> mAncestorOuterWindowIDs;
nsTArray<nsCString> mCorsUnsafeHeaders;
bool mForcePreflight;
bool mIsPreflight;
Expand Down
32 changes: 32 additions & 0 deletions netwerk/base/nsILoadInfo.idl
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,8 @@ interface nsIURI;
native OriginAttributes(mozilla::OriginAttributes);
[ref] native const_OriginAttributesRef(const mozilla::OriginAttributes);
[ref] native StringArrayRef(const nsTArray<nsCString>);
[ref] native Uint64ArrayRef(const nsTArray<uint64_t>);
[ref] native PrincipalArrayRef(const nsTArray<nsCOMPtr<nsIPrincipal>>);

typedef unsigned long nsSecurityFlags;

Expand Down Expand Up @@ -642,6 +644,36 @@ interface nsILoadInfo : nsISupports
[noscript, notxpcom, nostdcall, binaryname(RedirectChain)]
nsIRedirectHistoryEntryArray binaryRedirectChain();

/**
* An array of nsIPrincipals which stores the principals of the parent frames,
* not including the frame loading this request. The closest ancestor is at
* index zero and the top level ancestor is at the last index.
*
* The ancestorPrincipals[0] entry for an iframe load will be the principal of
* the iframe element's owner document.
* The ancestorPrincipals[0] entry for an image loaded in an iframe will be the
* principal of the iframe element's owner document.
*
* See nsIDocument::AncestorPrincipals for more information.
*
* Please note that this array has the same lifetime as the
* loadInfo object - use with caution!
*/
[noscript, notxpcom, nostdcall]
PrincipalArrayRef AncestorPrincipals();


/**
* An array of outerWindowIDs which correspond to nsILoadInfo::AncestorPrincipals
* above. AncestorOuterWindowIDs[0] is the outerWindowID of the frame
* associated with the principal at ancestorPrincipals[0], and so forth.
*
* Please note that this array has the same lifetime as the
* loadInfo object - use with caution!
*/
[noscript, notxpcom, nostdcall]
Uint64ArrayRef AncestorOuterWindowIDs();

/**
* Sets the list of unsafe headers according to CORS spec, as well as
* potentially forces a preflight.
Expand Down
8 changes: 8 additions & 0 deletions netwerk/ipc/NeckoChannelParams.ipdlh
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,14 @@ struct LoadInfoArgs
OriginAttributes originAttributes;
RedirectHistoryEntryInfo[] redirectChainIncludingInternalRedirects;
RedirectHistoryEntryInfo[] redirectChain;

/**
* Ancestor data for use with the WebRequest API.
* See nsILoadInfo.idl for details.
*/
PrincipalInfo[] ancestorPrincipals;
uint64_t[] ancestorOuterWindowIDs;

nsCString[] corsUnsafeHeaders;
bool forcePreflight;
bool isPreflight;
Expand Down

0 comments on commit 6bab599

Please sign in to comment.