Bug 1148033 - BroadcastChannel API should rispect the B2G app sandbox…

…es, r=ehsan

dom/broadcastchannel/BroadcastChannel.cpp

@@ -56,53 +56,68 @@ GetOrigin(nsIPrincipal* aPrincipal, nsAString& aOrigin, ErrorResult& aRv)
 {
   MOZ_ASSERT(aPrincipal);
 
-  uint16_t appStatus = aPrincipal->GetAppStatus();
+  bool unknownAppId;
+  aRv = aPrincipal->GetUnknownAppId(&unknownAppId);
+  if (NS_WARN_IF(aRv.Failed())) {
+    return;
+  }
 
-  if (appStatus == nsIPrincipal::APP_STATUS_NOT_INSTALLED) {
-    nsAutoString tmp;
-    aRv = nsContentUtils::GetUTFOrigin(aPrincipal, tmp);
+  if (!unknownAppId) {
+    uint32_t appId;
+    aRv = aPrincipal->GetAppId(&appId);
     if (NS_WARN_IF(aRv.Failed())) {
       return;
     }
 
-    aOrigin = tmp;
-    if (aOrigin.EqualsASCII("null")) {
-      nsCOMPtr<nsIURI> uri;
-      aRv = aPrincipal->GetURI(getter_AddRefs(uri));
-      if (NS_WARN_IF(aRv.Failed())) {
+    if (appId != nsIScriptSecurityManager::NO_APP_ID) {
+      // If we are in "app code", use manifest URL as unique origin since
+      // multiple apps can share the same origin but not same broadcast
+      // messages.
+      nsresult rv;
+      nsCOMPtr<nsIAppsService> appsService =
+        do_GetService("@mozilla.org/AppsService;1", &rv);
+      if (NS_WARN_IF(NS_FAILED(rv))) {
+        aRv.Throw(rv);
         return;
       }
 
-      if (NS_WARN_IF(!uri)) {
-        aRv.Throw(NS_ERROR_FAILURE);
-        return;
-      }
+      appsService->GetManifestURLByLocalId(appId, aOrigin);
+      return;
+    }
+  }
 
-      nsAutoCString spec;
-      aRv = uri->GetSpec(spec);
-      if (NS_WARN_IF(aRv.Failed())) {
-        return;
-      }
+  nsAutoString tmp;
+  aRv = nsContentUtils::GetUTFOrigin(aPrincipal, tmp);
+  if (NS_WARN_IF(aRv.Failed())) {
+    return;
+  }
 
-      aOrigin = NS_ConvertUTF8toUTF16(spec);
-    }
+  // 'null' means an unknown origin (it can be chrome code or it can be some
+  // about: page).
 
+  aOrigin = tmp;
+  if (!aOrigin.EqualsASCII("null")) {
     return;
   }
 
-  uint32_t appId = aPrincipal->GetAppId();
+  nsCOMPtr<nsIURI> uri;
+  aRv = aPrincipal->GetURI(getter_AddRefs(uri));
+  if (NS_WARN_IF(aRv.Failed())) {
+    return;
+  }
+
+  if (NS_WARN_IF(!uri)) {
+    aRv.Throw(NS_ERROR_FAILURE);
+    return;
+  }
 
-  // If we are in "app code", use manifest URL as unique origin since
-  // multiple apps can share the same origin but not same broadcast messages.
-  nsresult rv;
-  nsCOMPtr<nsIAppsService> appsService =
-    do_GetService("@mozilla.org/AppsService;1", &rv);
-  if (NS_WARN_IF(NS_FAILED(rv))) {
-    aRv.Throw(rv);
+  nsAutoCString spec;
+  aRv = uri->GetSpec(spec);
+  if (NS_WARN_IF(aRv.Failed())) {
     return;
   }
 
-  appsService->GetManifestURLByLocalId(appId, aOrigin);
+  aOrigin = NS_ConvertUTF8toUTF16(spec);
 }
 
 nsIPrincipal*

dom/broadcastchannel/tests/chrome.ini

@@ -1,5 +1,5 @@
 [DEFAULT]
-skip-if = buildapp == 'b2g'
+skip-if = e10s || buildapp == 'b2g'
 support-files =
   blank.html
 

dom/broadcastchannel/tests/file_mozbrowser.html

@@ -0,0 +1,20 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>MozBrowser iframe</title>
+</head>
+<body>
+<div id="container"></div>
+  <script type="application/javascript;version=1.7">
+
+  var ifr = document.createElement('iframe');
+  ifr.src = 'http://mochi.test:8888/tests/dom/broadcastchannel/tests/iframe_mozbrowser.html';
+  ifr.onload = function() { alert('DONE'); }
+
+  var domParent = document.getElementById('container');
+  domParent.appendChild(ifr);
+
+  </script>
+</body>
+</html>

dom/broadcastchannel/tests/file_mozbrowser2.html

@@ -0,0 +1,21 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>MozBrowser iframe</title>
+</head>
+<body>
+<div id="container"></div>
+  <script type="application/javascript;version=1.7">
+
+  var ifr = document.createElement('iframe');
+  ifr.setAttribute('mozbrowser', true);
+  ifr.src = 'http://mochi.test:8888/tests/dom/broadcastchannel/tests/iframe_mozbrowser2.html';
+  ifr.onload = function() { alert('DONE'); }
+
+  var domParent = document.getElementById('container');
+  domParent.appendChild(ifr);
+
+  </script>
+</body>
+</html>

dom/broadcastchannel/tests/iframe_mozbrowser.html

@@ -0,0 +1,15 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>MozBrowser iframe</title>
+</head>
+<body>
+  <script type="application/javascript;version=1.7">
+
+var bc = new BroadcastChannel('foobar');
+bc.postMessage('This is wrong!');
+
+  </script>
+</body>
+</html>

dom/broadcastchannel/tests/iframe_mozbrowser2.html

@@ -0,0 +1,15 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+  <meta charset="utf-8">
+  <title>MozBrowser iframe</title>
+</head>
+<body>
+  <script type="application/javascript;version=1.7">
+
+var bc = new BroadcastChannel('foobar');
+bc.postMessage('This is wrong!');
+
+  </script>
+</body>
+</html>

dom/broadcastchannel/tests/manifest.webapp

@@ -0,0 +1,6 @@
+{
+  "name": "BroadcastChannel",
+  "description": "BroadcastChannel app",
+  "launch_path": "/tests/dom/broadcastchannel/tests/TESTTOKEN",
+  "icons": { "128": "default_icon" }
+}

dom/broadcastchannel/tests/mochitest.ini

@@ -6,6 +6,12 @@ support-files =
   broadcastchannel_worker.js
   broadcastchannel_worker_alive.js
   broadcastchannel_worker_any.js
+  file_mozbrowser.html
+  file_mozbrowser2.html
+  iframe_mozbrowser.html
+  iframe_mozbrowser2.html
+  server.sjs
+  manifest.webapp
 
 [test_broadcastchannel_any.html]
 [test_broadcastchannel_basic.html]
@@ -15,3 +21,7 @@ support-files =
 [test_broadcastchannel_sharedWorker.html]
 [test_broadcastchannel_worker.html]
 [test_broadcastchannel_worker_alive.html]
+[test_broadcastchannel_mozbrowser.html]
+skip-if = e10s || buildapp == 'b2g'
+[test_broadcastchannel_mozbrowser2.html]
+skip-if = e10s || buildapp == 'b2g'

dom/broadcastchannel/tests/server.sjs

@@ -0,0 +1,56 @@
+var gBasePath = "tests/dom/broadcastchannel/tests/";
+
+function handleRequest(request, response) {
+  var query = getQuery(request);
+
+  var testToken = '';
+  if ('testToken' in query) {
+    testToken = query.testToken;
+  }
+
+  var template = 'manifest.webapp';
+  if ('template' in query) {
+    template = query.template;
+  }
+  var template = gBasePath + template;
+  response.setHeader("Content-Type", "application/x-web-app-manifest+json", false);
+  response.write(readTemplate(template).replace(/TESTTOKEN/g, testToken));
+}
+
+// Copy-pasted incantations. There ought to be a better way to synchronously read
+// a file into a string, but I guess we're trying to discourage that.
+function readTemplate(path) {
+  var file = Components.classes["@mozilla.org/file/directory_service;1"].
+                        getService(Components.interfaces.nsIProperties).
+                        get("CurWorkD", Components.interfaces.nsILocalFile);
+  var fis  = Components.classes['@mozilla.org/network/file-input-stream;1'].
+                        createInstance(Components.interfaces.nsIFileInputStream);
+  var cis = Components.classes["@mozilla.org/intl/converter-input-stream;1"].
+                       createInstance(Components.interfaces.nsIConverterInputStream);
+  var split = path.split("/");
+  for(var i = 0; i < split.length; ++i) {
+    file.append(split[i]);
+  }
+  fis.init(file, -1, -1, false);
+  cis.init(fis, "UTF-8", 0, 0);
+
+  var data = "";
+  let str = {};
+  let read = 0;
+  do {
+    read = cis.readString(0xffffffff, str); // read as much as we can and put it in str.value
+    data += str.value;
+  } while (read != 0);
+  cis.close();
+  return data;
+}
+
+function getQuery(request) {
+  var query = {};
+  request.queryString.split('&').forEach(function (val) {
+    var [name, value] = val.split('=');
+    query[name] = unescape(value);
+  });
+  return query;
+}
+