corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1956954 - ValidatePrincipal in CreateAboutBlankDocumentViewer calls, r=smaug

Browse Source 
This should avoid the content crash by blocking the initial
createAboutBlankDocumentViewer call and throwing an exception instead of
crashing the content process.

This also adds a call to LogAndAssertFailedPrincipalValidationInfo which
should help us collect telemetry to detect when these failures happen.

Differential Revision: https://phabricator.services.mozilla.com/D247350
This commit is contained in:
Nika Layzell
2025-05-02 19:53:14 +00:00
committed by nlayzell@mozilla.com
parent 411d05a2ac
commit 262cc4223d
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
dom/ipc/BrowserHost.cpp
View File

@@ -254,6 +254,14 @@ BrowserHost::CreateAboutBlankDocumentViewer(
return NS_OK; return NS_OK;
} }
// Before creating the viewer in-content, ensure that the process is allowed
// to load this principal.
if (NS_WARN_IF(!mRoot->Manager()->ValidatePrincipal(aPrincipal))) {
ContentParent::LogAndAssertFailedPrincipalValidationInfo(
aPrincipal, "BrowserHost::CreateAboutBlankDocumentViewer");
return NS_ERROR_DOM_SECURITY_ERR;
}
// Ensure the content process has permisisons for the new document we're about // Ensure the content process has permisisons for the new document we're about
// to create in it. // to create in it.
nsresult rv = GetContentParent()->TransmitPermissionsForPrincipal(aPrincipal); nsresult rv = GetContentParent()->TransmitPermissionsForPrincipal(aPrincipal);