corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1562292: Part 1d - Move OnePermittedSandboxedNavigator to BrowsingContext. r=nika

Browse Source 
We need to be able to check the one-permitted-sandboxed-navigator from
potentially-cross-process access checks in DocShell, which means it needs to
live on BrowsingContext rather than DocShell.

Differential Revision: https://phabricator.services.mozilla.com/D40495
This commit is contained in:
Kris Maglione
2019-08-01 16:22:52 -07:00
parent 313b738aed
commit 7cd2a9581b
6 changed files with 25 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
docshell/base/nsDocShell.cpp
View File

@@ -3054,10 +3054,10 @@ bool nsDocShell::IsSandboxedFrom(nsIDocShell* aTargetDocShell) {
// aTargetDocShell is top level, are we the "one permitted sandboxed
// navigator", i.e. did we open aTargetDocShell?
nsCOMPtr<nsIDocShell> permittedNavigator;
aTargetDocShell->GetOnePermittedSandboxedNavigator(
getter_AddRefs(permittedNavigator));
if (permittedNavigator == this) {
RefPtr<BrowsingContext> permittedNavigator(
aTargetDocShell->GetBrowsingContext()
->GetOnePermittedSandboxedNavigator());
if (permittedNavigator == mBrowsingContext) {
return false;
}
@@ -4967,8 +4967,6 @@ nsDocShell::Destroy() {
mChromeEventHandler = nullptr;
mOnePermittedSandboxedNavigator = nullptr;
// required to break ref cycle
mSecurityUI = nullptr;
@@ -5367,34 +5365,6 @@ nsDocShell::GetSandboxFlags(uint32_t* aSandboxFlags) {
return NS_OK;
}
NS_IMETHODIMP
nsDocShell::SetOnePermittedSandboxedNavigator(
nsIDocShell* aSandboxedNavigator) {
if (mOnePermittedSandboxedNavigator) {
NS_ERROR("One Permitted Sandboxed Navigator should only be set once.");
return NS_OK;
}
MOZ_ASSERT(!mIsBeingDestroyed);
mOnePermittedSandboxedNavigator = do_GetWeakReference(aSandboxedNavigator);
NS_ASSERTION(
mOnePermittedSandboxedNavigator,
"One Permitted Sandboxed Navigator must support weak references.");
return NS_OK;
}
NS_IMETHODIMP
nsDocShell::GetOnePermittedSandboxedNavigator(
nsIDocShell** aSandboxedNavigator) {
NS_ENSURE_ARG_POINTER(aSandboxedNavigator);
nsCOMPtr<nsIDocShell> permittedNavigator =
do_QueryReferent(mOnePermittedSandboxedNavigator);
permittedNavigator.forget(aSandboxedNavigator);
return NS_OK;
}
NS_IMETHODIMP
nsDocShell::SetDefaultLoadFlags(uint32_t aDefaultLoadFlags) {
mDefaultLoadFlags = aDefaultLoadFlags;