Bug 1587062 - Move SandboxFlags from DocShell to BrowsingContext; r=smaug

Differential Revision: https://phabricator.services.mozilla.com/D50663
2019-10-28 11:48:30 +00:00
parent 497af1e8da
commit 3dc70dd58e
11 changed files with 45 additions and 49 deletions
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -328,7 +328,6 @@ nsDocShell::nsDocShell(BrowsingContext* aBrowsingContext,
      mPreviousEntryIndex(-1),
      mLoadedEntryIndex(-1),
      mChildOffset(0),
-      mSandboxFlags(0),
      mBusyFlags(BUSY_FLAGS_NONE),
      mAppType(nsIDocShell::APP_TYPE_UNKNOWN),
      mLoadType(0),
@@ -2545,7 +2544,7 @@ void nsDocShell::MaybeCreateInitialClientSource(nsIPrincipal* aPrincipal) {
  // Don't pre-allocate the client when we are sandboxed.  The inherited
  // principal does not take sandboxing into account.
  // TODO: Refactor sandboxing principal code out so we can use it here.
-  if (!aPrincipal && mSandboxFlags) {
+  if (!aPrincipal && mBrowsingContext->GetSandboxFlags()) {
    return;
  }

@@ -2937,7 +2936,7 @@ bool nsDocShell::IsSandboxedFrom(BrowsingContext* aTargetBC) {

  // Default the sandbox flags to our flags, so that if we can't retrieve the
  // active document, we will still enforce our own.
-  uint32_t sandboxFlags = mSandboxFlags;
+  uint32_t sandboxFlags = mBrowsingContext->GetSandboxFlags();
  if (mContentViewer) {
    RefPtr<Document> doc = mContentViewer->GetDocument();
    if (doc) {
@@ -5160,18 +5159,6 @@ nsDocShell::GetIsAppTab(bool* aIsAppTab) {
  return NS_OK;
 }

-NS_IMETHODIMP
-nsDocShell::SetSandboxFlags(uint32_t aSandboxFlags) {
-  mSandboxFlags = aSandboxFlags;
-  return NS_OK;
-}
-
-NS_IMETHODIMP
-nsDocShell::GetSandboxFlags(uint32_t* aSandboxFlags) {
-  *aSandboxFlags = mSandboxFlags;
-  return NS_OK;
-}
-
 NS_IMETHODIMP
 nsDocShell::SetDefaultLoadFlags(uint32_t aDefaultLoadFlags) {
  mDefaultLoadFlags = aDefaultLoadFlags;
@@ -6827,7 +6814,8 @@ nsresult nsDocShell::CreateAboutBlankContentViewer(

  if (docFactory) {
    nsCOMPtr<nsIPrincipal> principal, storagePrincipal;
-    if (mSandboxFlags & SANDBOXED_ORIGIN) {
+    uint32_t sandboxFlags = mBrowsingContext->GetSandboxFlags();
+    if (sandboxFlags & SANDBOXED_ORIGIN) {
      if (aPrincipal) {
        principal = NullPrincipal::CreateWithInheritedAttributes(aPrincipal);
      } else {
@@ -6861,7 +6849,7 @@ nsresult nsDocShell::CreateAboutBlankContentViewer(

      // Copy our sandbox flags to the document. These are immutable
      // after being set here.
-      blankDoc->SetSandboxFlags(mSandboxFlags);
+      blankDoc->SetSandboxFlags(sandboxFlags);

      // create a content viewer for us and the new document
      docFactory->CreateInstanceForDocument(
@@ -8006,7 +7994,7 @@ nsresult nsDocShell::CreateContentViewer(const nsACString& aContentType,
    // Mark the channel as being a document URI...
    aOpenedChannel->GetLoadFlags(&loadFlags);
    loadFlags |= nsIChannel::LOAD_DOCUMENT_URI;
-    if (SandboxFlagsImplyCookies(mSandboxFlags)) {
+    if (SandboxFlagsImplyCookies(mBrowsingContext->GetSandboxFlags())) {
      loadFlags |= nsIRequest::LOAD_DOCUMENT_NEEDS_COOKIE;
    }

@@ -10145,7 +10133,7 @@ nsresult nsDocShell::DoURILoad(nsDocShellLoadState* aLoadState,
    return NS_ERROR_FAILURE;
  }

-  bool isSandBoxed = mSandboxFlags & SANDBOXED_ORIGIN;
+  bool isSandBoxed = mBrowsingContext->GetSandboxFlags() & SANDBOXED_ORIGIN;

  // We want to inherit aLoadState->PrincipalToInherit() when:
  // 1. ChannelShouldInheritPrincipal returns true.
@@ -10267,7 +10255,7 @@ nsresult nsDocShell::DoURILoad(nsDocShellLoadState* aLoadState,
      mIsActive || (mLoadType & (LOAD_CMD_NORMAL | LOAD_CMD_HISTORY));
  if (!CreateChannelForLoadState(aLoadState, loadInfo, this, this,
                                 initiatorType, loadFlags, mLoadType, cacheKey,
-                                 isActive, isTopLevelDoc, mSandboxFlags, rv,
+                                 isActive, isTopLevelDoc, mBrowsingContext->GetSandboxFlags(), rv,
                                 getter_AddRefs(channel))) {
    return rv;
  }
@@ -10279,7 +10267,7 @@ nsresult nsDocShell::DoURILoad(nsDocShellLoadState* aLoadState,
  }

  rv = ConfigureChannel(channel, aLoadState, initiatorType, mLoadType, cacheKey,
-                        mSandboxFlags);
+                        mBrowsingContext->GetSandboxFlags());
  NS_ENSURE_SUCCESS(rv, rv);

  const nsACString& typeHint = aLoadState->TypeHint();
@@ -10407,7 +10395,8 @@ nsresult nsDocShell::DoChannelLoad(nsIChannel* aChannel,
  loadFlags |=
      nsIChannel::LOAD_DOCUMENT_URI | nsIChannel::LOAD_CALL_CONTENT_SNIFFERS;

-  if (SandboxFlagsImplyCookies(mSandboxFlags)) {
+  uint32_t sandboxFlags = mBrowsingContext->GetSandboxFlags();
+  if (SandboxFlagsImplyCookies(sandboxFlags)) {
    loadFlags |= nsIRequest::LOAD_DOCUMENT_NEEDS_COOKIE;
  }

@@ -13064,7 +13053,7 @@ bool nsDocShell::ServiceWorkerAllowedToControlWindow(nsIPrincipal* aPrincipal,
  MOZ_ASSERT(aPrincipal);
  MOZ_ASSERT(aURI);

-  if (UsePrivateBrowsing() || mSandboxFlags) {
+  if (UsePrivateBrowsing() || mBrowsingContext->GetSandboxFlags()) {
    return false;
  }