From aa29b444fd43b39c8be51a5ac4f631dd353fb8d5 Mon Sep 17 00:00:00 2001
From: "bzbarsky%mit.edu"
 <bzbarsky%mit.edu@18797224-902f-48f8-a5cc-f745e15eee43>
Date: Fri, 12 Sep 2008 13:34:20 +0000
Subject: [PATCH] Bug 447579. Be a little more careful about inheriting
 principals for file URIs. r=dveditz, sr=jst, a=dveditz

git-svn-id: svn://10.0.0.236/trunk@254179 18797224-902f-48f8-a5cc-f745e15eee43
---
 mozilla/docshell/base/nsDocShell.cpp | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/mozilla/docshell/base/nsDocShell.cpp b/mozilla/docshell/base/nsDocShell.cpp
index c07ee7d8bf9..e6c3286daa1 100644
--- a/mozilla/docshell/base/nsDocShell.cpp
+++ b/mozilla/docshell/base/nsDocShell.cpp
@@ -7462,7 +7462,17 @@ nsDocShell::DoURILoad(nsIURI * aURI,
     nsCOMPtr<nsIPrincipal> ownerPrincipal(do_QueryInterface(aOwner));
     if (URIIsLocalFile(aURI) && ownerPrincipal &&
         NS_SUCCEEDED(ownerPrincipal->CheckMayLoad(aURI, PR_FALSE))) {
-        channel->SetOwner(aOwner);
+        // One more check here.  CheckMayLoad will always return true for the
+        // system principal, but we do NOT want to inherit in that case.
+        PRBool isSystem;
+        nsCOMPtr<nsIScriptSecurityManager> secMan =
+            do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID);
+        if (secMan &&
+            NS_SUCCEEDED(secMan->IsSystemPrincipal(ownerPrincipal,
+                                                   &isSystem)) &&
+            !isSystem) {
+            channel->SetOwner(aOwner);
+        }
     }
 
     nsCOMPtr<nsIScriptChannel> scriptChannel = do_QueryInterface(channel);