diff --git a/mozilla/caps/idl/nsIScriptSecurityManager.idl b/mozilla/caps/idl/nsIScriptSecurityManager.idl index 49b6f159076..148e95d54dc 100644 --- a/mozilla/caps/idl/nsIScriptSecurityManager.idl +++ b/mozilla/caps/idl/nsIScriptSecurityManager.idl @@ -58,10 +58,11 @@ interface nsIScriptSecurityManager : nsISupports */ void CheckLoadURI(in nsIURI from, in nsIURI uri); - void CheckCanListenTo(in nsIPrincipal principal); - - boolean HasSubjectPrincipal(); - + /** + * Return the principal of the innermost frame of the currently + * executing script. Will return null if there is no script + * currently executing. + */ nsIPrincipal GetSubjectPrincipal(); nsIPrincipal GetSystemPrincipal(); diff --git a/mozilla/caps/src/nsScriptSecurityManager.cpp b/mozilla/caps/src/nsScriptSecurityManager.cpp index 79d6a24a096..2eb24e6f024 100644 --- a/mozilla/caps/src/nsScriptSecurityManager.cpp +++ b/mozilla/caps/src/nsScriptSecurityManager.cpp @@ -390,8 +390,12 @@ nsScriptSecurityManager::CheckLoadURIFromScript(nsIScriptContext *aContext, return NS_ERROR_FAILURE; } + // Native code can load all URIs. + if (!principal) + return NS_OK; + // The system principal can load all URIs. - PRBool equals; + PRBool equals = PR_FALSE; if (NS_FAILED(principal->Equals(mSystemPrincipal, &equals))) return NS_ERROR_FAILURE; if (equals) @@ -477,50 +481,15 @@ nsScriptSecurityManager::CheckLoadURI(nsIURI *aFromURI, return NS_ERROR_DOM_BAD_URI; } -NS_IMETHODIMP -nsScriptSecurityManager::CheckCanListenTo(nsIPrincipal *principal) -{ - nsCOMPtr subject; - nsresult rv; - PRBool hasSubject; - if (NS_FAILED(rv = HasSubjectPrincipal(&hasSubject))) - return rv; - if (!hasSubject) - return NS_OK; // No script code, so native code has access. - if (NS_FAILED(rv = GetSubjectPrincipal(getter_AddRefs(subject)))) - return rv; - nsCOMPtr codebase = do_QueryInterface(subject); - PRBool equals; - if (codebase && NS_SUCCEEDED(codebase->SameOrigin(principal, &equals))) { - if (equals) - return NS_OK; // Listener and Listened-to have same origin - } - - PRBool enabled; - if (NS_SUCCEEDED(IsCapabilityEnabled("UniversalBrowserRead", &enabled))) { - if (enabled) - return NS_OK; // Capability allows access - } - - // Report error - JSContext *cx = GetCurrentContext(); - JS_ReportError(cx, "Access denied to listen to events across origins"); - return NS_ERROR_DOM_PROP_ACCESS_DENIED; -} - -NS_IMETHODIMP -nsScriptSecurityManager::HasSubjectPrincipal(PRBool *result) -{ - *result = GetCurrentContext() != nsnull; - return NS_OK; -} NS_IMETHODIMP nsScriptSecurityManager::GetSubjectPrincipal(nsIPrincipal **result) { JSContext *cx = GetCurrentContext(); - if (!cx) - return NS_ERROR_FAILURE; + if (!cx) { + *result = nsnull; + return NS_OK; + } return GetSubjectPrincipal(cx, result); } @@ -889,13 +858,7 @@ nsScriptSecurityManager::GetSubjectPrincipal(JSContext *cx, nsIPrincipal **result) { JSStackFrame *fp; - if (NS_FAILED(GetPrincipalAndFrame(cx, result, &fp))) - return NS_ERROR_FAILURE; - if (*result) - return NS_OK; - // Couldn't find principals: no mobile code on stack. - // Use system principal. - return GetSystemPrincipal(result); + return GetPrincipalAndFrame(cx, result, &fp); } @@ -946,6 +909,15 @@ nsScriptSecurityManager::CheckPermissions(JSContext *aCx, JSObject *aObj, if (NS_FAILED(GetSubjectPrincipal(aCx, getter_AddRefs(subject)))) return NS_ERROR_FAILURE; + // If native code or system principal, allow access + PRBool equals; + if (!subject || + (NS_SUCCEEDED(subject->Equals(mSystemPrincipal, &equals)) && equals)) + { + *aResult = PR_TRUE; + return NS_OK; + } + nsCOMPtr object; if (NS_FAILED(GetObjectPrincipal(aCx, aObj, getter_AddRefs(object)))) return NS_ERROR_FAILURE; @@ -1951,8 +1923,8 @@ nsScriptSecurityManager::GetPrefName(JSContext *cx, nsDOMProp domProp, if (NS_FAILED(GetSubjectPrincipal(cx, getter_AddRefs(principal)))) { return NS_ERROR_FAILURE; } - PRBool equals; - if (NS_FAILED(principal->Equals(mSystemPrincipal, &equals))) + PRBool equals = PR_TRUE; + if (principal && NS_FAILED(principal->Equals(mSystemPrincipal, &equals))) return NS_ERROR_FAILURE; if (equals) { s += defaultStr; diff --git a/mozilla/content/base/src/nsDocument.cpp b/mozilla/content/base/src/nsDocument.cpp index b711969d582..fd6e19ea001 100644 --- a/mozilla/content/base/src/nsDocument.cpp +++ b/mozilla/content/base/src/nsDocument.cpp @@ -2381,15 +2381,7 @@ nsresult nsDocument::GetListenerManager(nsIEventListenerManager **aInstancePtrRe nsresult nsDocument::GetNewListenerManager(nsIEventListenerManager **aInstancePtrResult) { - nsresult rv = NS_NewEventListenerManager(aInstancePtrResult); - if (NS_FAILED(rv)) - return rv; - nsIPrincipal *principal = GetDocumentPrincipal(); - if (principal) { - (*aInstancePtrResult)->SetPrincipal(principal); - NS_RELEASE(principal); - } - return NS_OK; + return NS_NewEventListenerManager(aInstancePtrResult); } nsresult nsDocument::HandleDOMEvent(nsIPresContext* aPresContext, diff --git a/mozilla/content/events/public/nsIEventListenerManager.h b/mozilla/content/events/public/nsIEventListenerManager.h index ad866d37409..b40f2cb03bc 100644 --- a/mozilla/content/events/public/nsIEventListenerManager.h +++ b/mozilla/content/events/public/nsIEventListenerManager.h @@ -134,18 +134,6 @@ public: */ virtual nsresult RemoveAllListeners(PRBool aScriptOnly) = 0; - /** - * Sets the principal of the entity being listened to. - * - * Used for security checks that ensure that events can't propagate past - * trust boundaries. - */ - virtual nsresult SetPrincipal(nsIPrincipal *aListenedToPrincipal) = 0; - - /** - * Gets the principal of the entity being listened to. - */ - virtual nsresult GetPrincipal(nsIPrincipal **aListenedToPrincipal) = 0; }; extern NS_HTML nsresult NS_NewEventListenerManager(nsIEventListenerManager** aInstancePtrResult); diff --git a/mozilla/content/events/src/nsEventListenerManager.cpp b/mozilla/content/events/src/nsEventListenerManager.cpp index 5c32e040634..c96aa2f2608 100644 --- a/mozilla/content/events/src/nsEventListenerManager.cpp +++ b/mozilla/content/events/src/nsEventListenerManager.cpp @@ -51,7 +51,6 @@ #include "nsIContent.h" #include "nsCOMPtr.h" #include "nsIServiceManager.h" -#include "nsIScriptSecurityManager.h" static NS_DEFINE_IID(kIEventListenerManagerIID, NS_IEVENTLISTENERMANAGER_IID); static NS_DEFINE_IID(kIDOMEventListenerIID, NS_IDOMEVENTLISTENER_IID); @@ -237,15 +236,6 @@ nsresult nsEventListenerManager::AddEventListener(nsIDOMEventListener *aListener NS_IF_RELEASE(sel); if (!found) { - // Check to see if we can add a new listener. - nsresult rv; - NS_WITH_SERVICE(nsIScriptSecurityManager, securityManager, - NS_SCRIPTSECURITYMANAGER_PROGID, &rv); - if (NS_FAILED(rv)) - return NS_ERROR_FAILURE; - rv = securityManager->CheckCanListenTo(mPrincipal); - if (NS_FAILED(rv)) - return rv; ls = PR_NEW(nsListenerStruct); if (ls) { ls->mListener = aListener; @@ -1427,20 +1417,6 @@ nsresult nsEventListenerManager::RemoveAllListeners(PRBool aScriptOnly) return NS_OK; } -nsresult nsEventListenerManager::GetPrincipal(nsIPrincipal **aListenedToPrincipal) -{ - *aListenedToPrincipal = mPrincipal; - if (*aListenedToPrincipal) - NS_ADDREF(*aListenedToPrincipal); - return NS_OK; -} - -nsresult nsEventListenerManager::SetPrincipal(nsIPrincipal *aListenedToPrincipal) -{ - mPrincipal = aListenedToPrincipal; - return NS_OK; -} - NS_HTML nsresult NS_NewEventListenerManager(nsIEventListenerManager** aInstancePtrResult) { nsIEventListenerManager* l = new nsEventListenerManager(); diff --git a/mozilla/content/events/src/nsEventListenerManager.h b/mozilla/content/events/src/nsEventListenerManager.h index fc89e832fa2..c47d9307fe1 100644 --- a/mozilla/content/events/src/nsEventListenerManager.h +++ b/mozilla/content/events/src/nsEventListenerManager.h @@ -99,9 +99,6 @@ public: virtual nsresult RemoveAllListeners(PRBool aScriptOnly); - virtual nsresult SetPrincipal(nsIPrincipal *aListenedToPrincipal); - virtual nsresult GetPrincipal(nsIPrincipal **aListenedToPrincipal); - static nsresult GetIdentifiersForType(nsIAtom* aType, nsIID& aIID, PRInt32* aSubType); protected: diff --git a/mozilla/dom/src/jsurl/nsJSProtocolHandler.cpp b/mozilla/dom/src/jsurl/nsJSProtocolHandler.cpp index b6c96e94ccc..8a095f01d2b 100644 --- a/mozilla/dom/src/jsurl/nsJSProtocolHandler.cpp +++ b/mozilla/dom/src/jsurl/nsJSProtocolHandler.cpp @@ -223,15 +223,11 @@ nsJSProtocolHandler::NewChannel(const char* verb, if (NS_FAILED(rv)) return NS_ERROR_FAILURE; - PRBool hasPrincipal; - if (NS_FAILED(securityManager->HasSubjectPrincipal(&hasPrincipal))) - return NS_ERROR_FAILURE; nsCOMPtr principal; - if (hasPrincipal) { - // script is currently executing; get principal from that script - if (NS_FAILED(securityManager->GetSubjectPrincipal(getter_AddRefs(principal)))) - return NS_ERROR_FAILURE; - } else { + // script is currently executing; get principal from that script + if (NS_FAILED(securityManager->GetSubjectPrincipal(getter_AddRefs(principal)))) + return NS_ERROR_FAILURE; + if (!principal) { // No scripts currently executing; get principal from referrer of link nsCOMPtr webShell; webShell = do_QueryInterface(owner); diff --git a/mozilla/layout/base/src/nsDocument.cpp b/mozilla/layout/base/src/nsDocument.cpp index b711969d582..fd6e19ea001 100644 --- a/mozilla/layout/base/src/nsDocument.cpp +++ b/mozilla/layout/base/src/nsDocument.cpp @@ -2381,15 +2381,7 @@ nsresult nsDocument::GetListenerManager(nsIEventListenerManager **aInstancePtrRe nsresult nsDocument::GetNewListenerManager(nsIEventListenerManager **aInstancePtrResult) { - nsresult rv = NS_NewEventListenerManager(aInstancePtrResult); - if (NS_FAILED(rv)) - return rv; - nsIPrincipal *principal = GetDocumentPrincipal(); - if (principal) { - (*aInstancePtrResult)->SetPrincipal(principal); - NS_RELEASE(principal); - } - return NS_OK; + return NS_NewEventListenerManager(aInstancePtrResult); } nsresult nsDocument::HandleDOMEvent(nsIPresContext* aPresContext, diff --git a/mozilla/layout/events/public/nsIEventListenerManager.h b/mozilla/layout/events/public/nsIEventListenerManager.h index ad866d37409..b40f2cb03bc 100644 --- a/mozilla/layout/events/public/nsIEventListenerManager.h +++ b/mozilla/layout/events/public/nsIEventListenerManager.h @@ -134,18 +134,6 @@ public: */ virtual nsresult RemoveAllListeners(PRBool aScriptOnly) = 0; - /** - * Sets the principal of the entity being listened to. - * - * Used for security checks that ensure that events can't propagate past - * trust boundaries. - */ - virtual nsresult SetPrincipal(nsIPrincipal *aListenedToPrincipal) = 0; - - /** - * Gets the principal of the entity being listened to. - */ - virtual nsresult GetPrincipal(nsIPrincipal **aListenedToPrincipal) = 0; }; extern NS_HTML nsresult NS_NewEventListenerManager(nsIEventListenerManager** aInstancePtrResult); diff --git a/mozilla/layout/events/src/nsEventListenerManager.cpp b/mozilla/layout/events/src/nsEventListenerManager.cpp index 5c32e040634..c96aa2f2608 100644 --- a/mozilla/layout/events/src/nsEventListenerManager.cpp +++ b/mozilla/layout/events/src/nsEventListenerManager.cpp @@ -51,7 +51,6 @@ #include "nsIContent.h" #include "nsCOMPtr.h" #include "nsIServiceManager.h" -#include "nsIScriptSecurityManager.h" static NS_DEFINE_IID(kIEventListenerManagerIID, NS_IEVENTLISTENERMANAGER_IID); static NS_DEFINE_IID(kIDOMEventListenerIID, NS_IDOMEVENTLISTENER_IID); @@ -237,15 +236,6 @@ nsresult nsEventListenerManager::AddEventListener(nsIDOMEventListener *aListener NS_IF_RELEASE(sel); if (!found) { - // Check to see if we can add a new listener. - nsresult rv; - NS_WITH_SERVICE(nsIScriptSecurityManager, securityManager, - NS_SCRIPTSECURITYMANAGER_PROGID, &rv); - if (NS_FAILED(rv)) - return NS_ERROR_FAILURE; - rv = securityManager->CheckCanListenTo(mPrincipal); - if (NS_FAILED(rv)) - return rv; ls = PR_NEW(nsListenerStruct); if (ls) { ls->mListener = aListener; @@ -1427,20 +1417,6 @@ nsresult nsEventListenerManager::RemoveAllListeners(PRBool aScriptOnly) return NS_OK; } -nsresult nsEventListenerManager::GetPrincipal(nsIPrincipal **aListenedToPrincipal) -{ - *aListenedToPrincipal = mPrincipal; - if (*aListenedToPrincipal) - NS_ADDREF(*aListenedToPrincipal); - return NS_OK; -} - -nsresult nsEventListenerManager::SetPrincipal(nsIPrincipal *aListenedToPrincipal) -{ - mPrincipal = aListenedToPrincipal; - return NS_OK; -} - NS_HTML nsresult NS_NewEventListenerManager(nsIEventListenerManager** aInstancePtrResult) { nsIEventListenerManager* l = new nsEventListenerManager(); diff --git a/mozilla/layout/events/src/nsEventListenerManager.h b/mozilla/layout/events/src/nsEventListenerManager.h index fc89e832fa2..c47d9307fe1 100644 --- a/mozilla/layout/events/src/nsEventListenerManager.h +++ b/mozilla/layout/events/src/nsEventListenerManager.h @@ -99,9 +99,6 @@ public: virtual nsresult RemoveAllListeners(PRBool aScriptOnly); - virtual nsresult SetPrincipal(nsIPrincipal *aListenedToPrincipal); - virtual nsresult GetPrincipal(nsIPrincipal **aListenedToPrincipal); - static nsresult GetIdentifiersForType(nsIAtom* aType, nsIID& aIID, PRInt32* aSubType); protected: diff --git a/mozilla/modules/libpref/src/init/all.js b/mozilla/modules/libpref/src/init/all.js index 339193cd423..f6334400a6b 100644 --- a/mozilla/modules/libpref/src/init/all.js +++ b/mozilla/modules/libpref/src/init/all.js @@ -384,6 +384,8 @@ pref("security.policy.default.nshtmldocument.vlinkcolor.write", "sameOrigin"); pref("security.policy.default.nshtmldocument.write", "sameOrigin"); pref("security.policy.default.nshtmldocument.writeln", "sameOrigin"); +pref("security.policy.default.eventtarget.addeventlistener", "sameOrigin"); + pref("security.policy.default.navigator.preference.read", "UniversalPreferencesRead"); pref("security.policy.default.navigator.preference.write", "UniversalPreferencesWrite");