corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Backout Bug 406451 for regressions

Browse Source
This commit is contained in:
John Schoenick
2012-06-19 16:25:56 -07:00
parent 9540d0cae7
commit 7eb1a7a15e
4 changed files with 23 additions and 144 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
content/base/public/nsIObjectLoadingContent.idl
View File

@@ -20,7 +20,8 @@ interface nsIURI;
/**
* This interface represents a content node that loads objects.
*/
[scriptable, uuid(fd56fda8-d3c3-4368-8cf3-67dbc992aec9)]
[scriptable, uuid(e3e284a3-b4a8-49ef-af6b-c8c4a158db86)]
interface nsIObjectLoadingContent : nsISupports
{
const unsigned long TYPE_LOADING = 0;
@@ -48,14 +49,6 @@ interface nsIObjectLoadingContent : nsISupports
*/
unsigned long getContentTypeForMIMEType(in AUTF8String aMimeType);
/**
* Gets the base URI to be used for this object. This differs from
* nsIContent::GetBaseURI in that it takes codebase attributes into
* account. The MIME type is required as some plugins (java) calculate
* this differently.
*/
nsIURI getObjectBaseURI(in ACString aMimeType);
/**
* Returns the plugin instance if it has already been instantiated. This
* will never instantiate the plugin and so is safe to call even when

106
content/base/src/nsObjectLoadingContent.cpp
View File

@@ -643,7 +643,7 @@ nsObjectLoadingContent::InstantiatePluginInstance(const char* aMimeType, nsIURI*
if (!aURI) {
// We need some URI. If we have nothing else, use the base URI.
// XXX(biesi): The code used to do this. Not sure why this is correct...
GetObjectBaseURI(nsCString(aMimeType), getter_AddRefs(baseURI));
GetObjectBaseURI(thisContent, getter_AddRefs(baseURI));
aURI = baseURI;
}
@@ -1232,7 +1232,7 @@ nsObjectLoadingContent::LoadObject(const nsAString& aURI,
nsIDocument* doc = thisContent->OwnerDoc();
nsCOMPtr<nsIURI> baseURI;
GetObjectBaseURI(aTypeHint, getter_AddRefs(baseURI));
GetObjectBaseURI(thisContent, getter_AddRefs(baseURI));
nsCOMPtr<nsIURI> uri;
nsContentUtils::NewURIWithDocumentCharset(getter_AddRefs(uri),
@@ -1263,51 +1263,6 @@ nsObjectLoadingContent::UpdateFallbackState(nsIContent* aContent,
}
}
bool
nsObjectLoadingContent::IsFileCodebaseAllowable(nsIURI* aBaseURI, nsIURI* aOriginURI)
{
nsCOMPtr<nsIFileURL> baseFileURL(do_QueryInterface(aBaseURI));
nsCOMPtr<nsIFileURL> originFileURL(do_QueryInterface(aOriginURI));
// get IFile handles and normalize
nsCOMPtr<nsIFile> originFile;
nsCOMPtr<nsIFile> baseFile;
if (!originFileURL || !baseFileURL ||
NS_FAILED(originFileURL->GetFile(getter_AddRefs(originFile))) ||
NS_FAILED(baseFileURL->GetFile(getter_AddRefs(baseFile))) ||
NS_FAILED(baseFile->Normalize()) ||
NS_FAILED(originFile->Normalize())) {
return false;
}
// If the origin is a directory, it should contain/equal baseURI
// Otherwise, its parent directory should contain/equal baseURI
bool origin_is_dir;
bool contained = false;
nsresult rv = originFile->IsDirectory(&origin_is_dir);
NS_ENSURE_SUCCESS(rv, false);
if (origin_is_dir) {
// originURI is a directory, ensure it contains the baseURI
rv = originFile->Contains(baseFile, true, &contained);
if (NS_SUCCEEDED(rv) && !contained) {
rv = originFile->Equals(baseFile, &contained);
}
} else {
// originURI is a file, ensure its parent contains the baseURI
nsCOMPtr<nsIFile> originParent;
rv = originFile->GetParent(getter_AddRefs(originParent));
if (NS_SUCCEEDED(rv) && originParent) {
rv = originParent->Contains(baseFile, true, &contained);
if (NS_SUCCEEDED(rv) && !contained) {
rv = originParent->Equals(baseFile, &contained);
}
}
}
return NS_SUCCEEDED(rv) && contained;
}
nsresult
nsObjectLoadingContent::LoadObject(nsIURI* aURI,
bool aNotify,
@@ -1406,28 +1361,6 @@ nsObjectLoadingContent::LoadObject(nsIURI* aURI,
HandleBeingBlockedByContentPolicy(rv, shouldLoad);
return NS_OK;
}
// If this is a file:// URI, require that the codebase (baseURI)
// is contained within the same folder as the document origin (originURI)
// or within the document origin, if it is a folder.
// No originURI implies chrome, which bypasses the check
// -- bug 406541
nsCOMPtr<nsIURI> originURI;
nsCOMPtr<nsIURI> baseURI;
GetObjectBaseURI(aTypeHint, getter_AddRefs(baseURI));
rv = thisContent->NodePrincipal()->GetURI(getter_AddRefs(originURI));
if (NS_FAILED(rv)) {
Fallback(aNotify);
return NS_OK;
}
if (originURI) {
bool isfile;
if (NS_FAILED(originURI->SchemeIs("file", &isfile)) ||
(isfile && !IsFileCodebaseAllowable(baseURI, originURI))) {
Fallback(aNotify);
return NS_OK;
}
}
}
nsresult rv = NS_ERROR_UNEXPECTED;
@@ -1545,7 +1478,7 @@ nsObjectLoadingContent::LoadObject(nsIURI* aURI,
// XXX(biesi). The plugin instantiation code used to pass the base URI
// here instead of the plugin URI for instantiation via class ID, so I
// continue to do so. Why that is, no idea...
GetObjectBaseURI(mContentType, getter_AddRefs(mURI));
GetObjectBaseURI(thisContent, getter_AddRefs(mURI));
if (!mURI) {
mURI = aURI;
}
@@ -1922,38 +1855,25 @@ nsObjectLoadingContent::TypeForClassID(const nsAString& aClassID,
return NS_ERROR_NOT_AVAILABLE;
}
NS_IMETHODIMP
nsObjectLoadingContent::GetObjectBaseURI(const nsACString & aMimeType, nsIURI** aURI)
void
nsObjectLoadingContent::GetObjectBaseURI(nsIContent* thisContent, nsIURI** aURI)
{
nsCOMPtr<nsIContent> thisContent =
do_QueryInterface(static_cast<nsIImageLoadingContent*>(this));
// We want to use swap(); since this is just called from this file,
// we can assert this (callers use comptrs)
NS_PRECONDITION(*aURI == nsnull, "URI must be inited to zero");
// For plugins, the codebase attribute is the base URI
nsCOMPtr<nsIURI> baseURI = thisContent->GetBaseURI();
nsAutoString codebase;
thisContent->GetAttr(kNameSpaceID_None, nsGkAtoms::codebase,
codebase);
if (codebase.IsEmpty() && aMimeType.Equals("application/x-java-vm")) {
// bug 406541
// Java resolves codebase="" as "/" -- so we replicate that quirk, to ensure
// we run security checks against the same path.
codebase.AssignLiteral("/");
}
if (!codebase.IsEmpty()) {
nsresult rv = nsContentUtils::NewURIWithDocumentCharset(aURI, codebase,
thisContent->OwnerDoc(),
baseURI);
if (NS_SUCCEEDED(rv))
return rv;
NS_WARNING("GetObjectBaseURI: Could not resolve plugin's codebase to a URI, using baseURI instead");
nsContentUtils::NewURIWithDocumentCharset(aURI, codebase,
thisContent->OwnerDoc(),
baseURI);
} else {
baseURI.swap(*aURI);
}
// Codebase empty or build URI failed, just use baseURI
*aURI = NULL;
baseURI.swap(*aURI);
return NS_OK;
}
nsObjectFrame*

14
content/base/src/nsObjectLoadingContent.h
View File

@@ -228,12 +228,6 @@ class nsObjectLoadingContent : public nsImageLoadingContent
*/
static bool IsSuccessfulRequest(nsIRequest* aRequest);
/**
* Check if the given baseURI is contained in the same directory as the
* aOriginURI (or a child thereof)
*/
static bool IsFileCodebaseAllowable(nsIURI* aBaseURI, nsIURI* aOriginURI);
/**
* Check whether the URI can be handled internally.
*/
@@ -280,6 +274,14 @@ class nsObjectLoadingContent : public nsImageLoadingContent
*/
nsresult TypeForClassID(const nsAString& aClassID, nsACString& aType);
/**
* Gets the base URI to be used for this object. This differs from
* nsIContent::GetBaseURI in that it takes codebase attributes into
* account.
*/
void GetObjectBaseURI(nsIContent* thisContent, nsIURI** aURI);
/**
* Gets the frame that's associated with this content node.
* Does not flush.

36
dom/plugins/base/nsPluginInstanceOwner.cpp
View File

@@ -58,7 +58,6 @@ using mozilla::DefaultXDisplay;
#include "nsIDOMDragEvent.h"
#include "nsIScrollableFrame.h"
#include "nsIImageLoadingContent.h"
#include "nsIObjectLoadingContent.h"
#include "nsIDocShell.h"
#include "nsContentCID.h"
@@ -1195,31 +1194,6 @@ nsresult nsPluginInstanceOwner::EnsureCachedAttrParamArrays()
mNumCachedAttrs++;
}
// Some plugins (java, bug 406541) don't canonicalize the 'codebase' attribute
// in a standard way - codebase="" results in / (domain root), but
// codebase="blah" results in ./blah; codebase="file:" results in "file:///".
// We canonicalize codebase here to ensure the codebase we run security checks
// against is the same codebase java uses.
// Note that GetObjectBaseURI mimics some of java's quirks for maximal
// compatibility.
const char* mime = nsnull;
bool addCodebase = false;
nsCAutoString codebaseSpec;
if (mInstance && NS_SUCCEEDED(mInstance->GetMIMEType(&mime)) && mime &&
strcmp(mime, "application/x-java-vm") == 0) {
addCodebase = true;
nsCOMPtr<nsIObjectLoadingContent> objlContent = do_QueryInterface(mContent);
nsCOMPtr<nsIURI> codebaseURI;
objlContent->GetObjectBaseURI(nsCString(mime), getter_AddRefs(codebaseURI));
nsresult rv = codebaseURI->GetSpec(codebaseSpec);
NS_ENSURE_SUCCESS(rv, rv);
// Make space if codebase isn't already set
if (!mContent->HasAttr(kNameSpaceID_None, nsGkAtoms::codebase)) {
mNumCachedAttrs++;
}
}
mCachedAttrParamNames = (char**)NS_Alloc(sizeof(char*) * (mNumCachedAttrs + 1 + mNumCachedParams));
NS_ENSURE_TRUE(mCachedAttrParamNames, NS_ERROR_OUT_OF_MEMORY);
mCachedAttrParamValues = (char**)NS_Alloc(sizeof(char*) * (mNumCachedAttrs + 1 + mNumCachedParams));
@@ -1273,22 +1247,12 @@ nsresult nsPluginInstanceOwner::EnsureCachedAttrParamArrays()
mNumCachedAttrs--;
wmodeSet = true;
}
} else if (addCodebase && 0 == PL_strcasecmp(mCachedAttrParamNames[nextAttrParamIndex], "codebase")) {
mCachedAttrParamValues[nextAttrParamIndex] = ToNewUTF8String(NS_ConvertUTF8toUTF16(codebaseSpec));
addCodebase = false;
} else {
mCachedAttrParamValues[nextAttrParamIndex] = ToNewUTF8String(value);
}
nextAttrParamIndex++;
}
// Pontentially add CODEBASE attribute
if (addCodebase) {
mCachedAttrParamNames [nextAttrParamIndex] = ToNewUTF8String(NS_LITERAL_STRING("codebase"));
mCachedAttrParamValues[nextAttrParamIndex] = ToNewUTF8String(NS_ConvertUTF8toUTF16(codebaseSpec));
nextAttrParamIndex++;
}
// Potentially add WMODE attribute.
if (!wmodeType.IsEmpty() && !wmodeSet) {
mCachedAttrParamNames [nextAttrParamIndex] = ToNewUTF8String(NS_LITERAL_STRING("wmode"));