corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1947732 - Provide nsIPrincipal to GetTrustedTypesCompliantAttributeValue. r=smaug

Browse Source 
Differential Revision: https://phabricator.services.mozilla.com/D246745
This commit is contained in:
Tom Schuster
2025-04-30 11:09:08 +00:00
parent edaa914b45
commit 8487400e45
9 changed files with 40 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
dom/base/Attr.cpp
View File

@@ -160,7 +160,7 @@ void Attr::SetValue(const nsAString& aValue, nsIPrincipal* aTriggeringPrincipal,
const nsAString* compliantString = const nsAString* compliantString =
TrustedTypeUtils::GetTrustedTypesCompliantAttributeValue( TrustedTypeUtils::GetTrustedTypesCompliantAttributeValue(
*element, nameAtom, mNodeInfo->NamespaceID(), aValue, *element, nameAtom, mNodeInfo->NamespaceID(), aValue,
compliantStringHolder, aRv); aTriggeringPrincipal, compliantStringHolder, aRv);
if (aRv.Failed()) { if (aRv.Failed()) {
return; return;
} }

20
dom/base/Element.cpp
View File

@@ -1636,10 +1636,10 @@ Attr* Element::GetAttributeNode(const nsAString& aName) {
return Attributes()->GetNamedItem(aName); return Attributes()->GetNamedItem(aName);
} }
already_AddRefed<Attr> Element::SetAttributeNode(Attr& aNewAttr, already_AddRefed<Attr> Element::SetAttributeNode(
ErrorResult& aError) { Attr& aNewAttr, nsIPrincipal* aSubjectPrincipal, ErrorResult& aError) {
RefPtr<nsDOMAttributeMap> attrMap = Attributes(); RefPtr<nsDOMAttributeMap> attrMap = Attributes();
return attrMap->SetNamedItemNS(aNewAttr, aError); return attrMap->SetNamedItemNS(aNewAttr, aSubjectPrincipal, aError);
} }
already_AddRefed<Attr> Element::RemoveAttributeNode(Attr& aAttribute, already_AddRefed<Attr> Element::RemoveAttributeNode(Attr& aAttribute,
@@ -1726,8 +1726,8 @@ void Element::SetAttribute(
Maybe<nsAutoString> compliantStringHolder; Maybe<nsAutoString> compliantStringHolder;
const nsAString* compliantString = const nsAString* compliantString =
TrustedTypeUtils::GetTrustedTypesCompliantAttributeValue( TrustedTypeUtils::GetTrustedTypesCompliantAttributeValue(
*this, nameAtom, kNameSpaceID_None, aValue, compliantStringHolder, *this, nameAtom, kNameSpaceID_None, aValue, aTriggeringPrincipal,
aError); compliantStringHolder, aError);
if (aError.Failed()) { if (aError.Failed()) {
return; return;
} }
@@ -1742,7 +1742,7 @@ void Element::SetAttribute(
const nsAString* compliantString = const nsAString* compliantString =
TrustedTypeUtils::GetTrustedTypesCompliantAttributeValue( TrustedTypeUtils::GetTrustedTypesCompliantAttributeValue(
*this, attributeName, name->NamespaceID(), aValue, *this, attributeName, name->NamespaceID(), aValue,
compliantStringHolder, aError); aTriggeringPrincipal, compliantStringHolder, aError);
if (aError.Failed()) { if (aError.Failed()) {
return; return;
} }
@@ -1775,7 +1775,7 @@ void Element::SetAttributeNS(
RefPtr<nsAtom> attributeName = ni->NameAtom(); RefPtr<nsAtom> attributeName = ni->NameAtom();
const nsAString* compliantString = const nsAString* compliantString =
TrustedTypeUtils::GetTrustedTypesCompliantAttributeValue( TrustedTypeUtils::GetTrustedTypesCompliantAttributeValue(
*this, attributeName, ni->NamespaceID(), aValue, *this, attributeName, ni->NamespaceID(), aValue, aTriggeringPrincipal,
compliantStringHolder, aError); compliantStringHolder, aError);
if (aError.Failed()) { if (aError.Failed()) {
return; return;
@@ -1828,10 +1828,10 @@ Attr* Element::GetAttributeNodeNSInternal(const nsAString& aNamespaceURI,
return Attributes()->GetNamedItemNS(aNamespaceURI, aLocalName); return Attributes()->GetNamedItemNS(aNamespaceURI, aLocalName);
} }
already_AddRefed<Attr> Element::SetAttributeNodeNS(Attr& aNewAttr, already_AddRefed<Attr> Element::SetAttributeNodeNS(
ErrorResult& aError) { Attr& aNewAttr, nsIPrincipal* aSubjectPrincipal, ErrorResult& aError) {
RefPtr<nsDOMAttributeMap> attrMap = Attributes(); RefPtr<nsDOMAttributeMap> attrMap = Attributes();
return attrMap->SetNamedItemNS(aNewAttr, aError); return attrMap->SetNamedItemNS(aNewAttr, aSubjectPrincipal, aError);
} }
already_AddRefed<nsIHTMLCollection> Element::GetElementsByTagNameNS( already_AddRefed<nsIHTMLCollection> Element::GetElementsByTagNameNS(

4
dom/base/Element.h
View File

@@ -1439,13 +1439,13 @@ class Element : public FragmentOrElement {
void RequestPointerLock(CallerType aCallerType); void RequestPointerLock(CallerType aCallerType);
Attr* GetAttributeNode(const nsAString& aName); Attr* GetAttributeNode(const nsAString& aName);
MOZ_CAN_RUN_SCRIPT already_AddRefed<Attr> SetAttributeNode( MOZ_CAN_RUN_SCRIPT already_AddRefed<Attr> SetAttributeNode(
Attr& aNewAttr, ErrorResult& aError); Attr& aNewAttr, nsIPrincipal* aSubjectPrincipal, ErrorResult& aError);
already_AddRefed<Attr> RemoveAttributeNode(Attr& aOldAttr, already_AddRefed<Attr> RemoveAttributeNode(Attr& aOldAttr,
ErrorResult& aError); ErrorResult& aError);
Attr* GetAttributeNodeNS(const nsAString& aNamespaceURI, Attr* GetAttributeNodeNS(const nsAString& aNamespaceURI,
const nsAString& aLocalName); const nsAString& aLocalName);
MOZ_CAN_RUN_SCRIPT already_AddRefed<Attr> SetAttributeNodeNS( MOZ_CAN_RUN_SCRIPT already_AddRefed<Attr> SetAttributeNodeNS(
Attr& aNewAttr, ErrorResult& aError); Attr& aNewAttr, nsIPrincipal* aSubjectPrincipal, ErrorResult& aError);
MOZ_CAN_RUN_SCRIPT already_AddRefed<DOMRectList> GetClientRects(); MOZ_CAN_RUN_SCRIPT already_AddRefed<DOMRectList> GetClientRects();
MOZ_CAN_RUN_SCRIPT already_AddRefed<DOMRect> GetBoundingClientRect(); MOZ_CAN_RUN_SCRIPT already_AddRefed<DOMRect> GetBoundingClientRect();

8
dom/base/nsDOMAttributeMap.cpp
View File

@@ -176,8 +176,8 @@ Attr* nsDOMAttributeMap::GetNamedItem(const nsAString& aAttrName) {
return NamedGetter(aAttrName, dummy); return NamedGetter(aAttrName, dummy);
} }
already_AddRefed<Attr> nsDOMAttributeMap::SetNamedItemNS(Attr& aAttr, already_AddRefed<Attr> nsDOMAttributeMap::SetNamedItemNS(
ErrorResult& aError) { Attr& aAttr, nsIPrincipal* aSubjectPrincipal, ErrorResult& aError) {
NS_ENSURE_TRUE(mContent, nullptr); NS_ENSURE_TRUE(mContent, nullptr);
// XXX should check same-origin between mContent and aAttr however // XXX should check same-origin between mContent and aAttr however
@@ -207,8 +207,8 @@ already_AddRefed<Attr> nsDOMAttributeMap::SetNamedItemNS(Attr& aAttr,
nsCOMPtr<Element> element = mContent; nsCOMPtr<Element> element = mContent;
const nsAString* compliantString = const nsAString* compliantString =
TrustedTypeUtils::GetTrustedTypesCompliantAttributeValue( TrustedTypeUtils::GetTrustedTypesCompliantAttributeValue(
*element, nameAtom, ni->NamespaceID(), value, compliantStringHolder, *element, nameAtom, ni->NamespaceID(), value, aSubjectPrincipal,
aError); compliantStringHolder, aError);
if (aError.Failed()) { if (aError.Failed()) {
return nullptr; return nullptr;
} }

5
dom/base/nsDOMAttributeMap.h
View File

@@ -19,6 +19,7 @@
class nsAtom; class nsAtom;
class nsINode; class nsINode;
class nsIPrincipal;
namespace mozilla { namespace mozilla {
class ErrorResult; class ErrorResult;
@@ -147,8 +148,8 @@ class nsDOMAttributeMap final : public nsISupports, public nsWrapperCache {
Attr* GetNamedItemNS(const nsAString& aNamespaceURI, Attr* GetNamedItemNS(const nsAString& aNamespaceURI,
const nsAString& aLocalName); const nsAString& aLocalName);
MOZ_CAN_RUN_SCRIPT already_AddRefed<Attr> SetNamedItemNS(Attr& aNode, MOZ_CAN_RUN_SCRIPT already_AddRefed<Attr> SetNamedItemNS(
ErrorResult& aError); Attr& aNode, nsIPrincipal* aSubjectPrincipal, ErrorResult& aError);
already_AddRefed<Attr> RemoveNamedItemNS(const nsAString& aNamespaceURI, already_AddRefed<Attr> RemoveNamedItemNS(const nsAString& aNamespaceURI,
const nsAString& aLocalName, const nsAString& aLocalName,
ErrorResult& aError); ErrorResult& aError);

21
dom/security/trusted-types/TrustedTypeUtils.cpp
View File

@@ -666,7 +666,8 @@ template <typename TrustedTypeOrStringArg>
MOZ_CAN_RUN_SCRIPT const nsAString* GetTrustedTypesCompliantAttributeValue( MOZ_CAN_RUN_SCRIPT const nsAString* GetTrustedTypesCompliantAttributeValue(
const nsINode& aElement, nsAtom* aAttributeName, const nsINode& aElement, nsAtom* aAttributeName,
int32_t aAttributeNamespaceID, const TrustedTypeOrStringArg& aNewValue, int32_t aAttributeNamespaceID, const TrustedTypeOrStringArg& aNewValue,
Maybe<nsAutoString>& aResultHolder, ErrorResult& aError) { nsIPrincipal* aPrincipalOrNull, Maybe<nsAutoString>& aResultHolder,
ErrorResult& aError) {
if (!StaticPrefs::dom_security_trusted_types_enabled()) { if (!StaticPrefs::dom_security_trusted_types_enabled()) {
// A trusted type might've been created before the pref was set to `false`, // A trusted type might've been created before the pref was set to `false`,
// so we cannot assume aNewValue.IsString(). // so we cannot assume aNewValue.IsString().
@@ -710,15 +711,15 @@ MOZ_CAN_RUN_SCRIPT const nsAString* GetTrustedTypesCompliantAttributeValue(
switch (expectedType) { switch (expectedType) {
case TrustedType::TrustedHTML: case TrustedType::TrustedHTML:
return GetTrustedTypesCompliantString<TrustedHTML>( return GetTrustedTypesCompliantString<TrustedHTML>(
input, sink, kTrustedTypesOnlySinkGroup, aElement, nullptr, input, sink, kTrustedTypesOnlySinkGroup, aElement, aPrincipalOrNull,
aResultHolder, aError); aResultHolder, aError);
case TrustedType::TrustedScript: case TrustedType::TrustedScript:
return GetTrustedTypesCompliantString<TrustedScript>( return GetTrustedTypesCompliantString<TrustedScript>(
input, sink, kTrustedTypesOnlySinkGroup, aElement, nullptr, input, sink, kTrustedTypesOnlySinkGroup, aElement, aPrincipalOrNull,
aResultHolder, aError); aResultHolder, aError);
case TrustedType::TrustedScriptURL: case TrustedType::TrustedScriptURL:
return GetTrustedTypesCompliantString<TrustedScriptURL>( return GetTrustedTypesCompliantString<TrustedScriptURL>(
input, sink, kTrustedTypesOnlySinkGroup, aElement, nullptr, input, sink, kTrustedTypesOnlySinkGroup, aElement, aPrincipalOrNull,
aResultHolder, aError); aResultHolder, aError);
} }
MOZ_ASSERT_UNREACHABLE(); MOZ_ASSERT_UNREACHABLE();
@@ -729,20 +730,22 @@ MOZ_CAN_RUN_SCRIPT const nsAString* GetTrustedTypesCompliantAttributeValue(
const nsINode& aElement, nsAtom* aAttributeName, const nsINode& aElement, nsAtom* aAttributeName,
int32_t aAttributeNamespaceID, int32_t aAttributeNamespaceID,
const TrustedHTMLOrTrustedScriptOrTrustedScriptURLOrString& aNewValue, const TrustedHTMLOrTrustedScriptOrTrustedScriptURLOrString& aNewValue,
Maybe<nsAutoString>& aResultHolder, ErrorResult& aError) { nsIPrincipal* aPrincipalOrNull, Maybe<nsAutoString>& aResultHolder,
ErrorResult& aError) {
return GetTrustedTypesCompliantAttributeValue< return GetTrustedTypesCompliantAttributeValue<
TrustedHTMLOrTrustedScriptOrTrustedScriptURLOrString>( TrustedHTMLOrTrustedScriptOrTrustedScriptURLOrString>(
aElement, aAttributeName, aAttributeNamespaceID, aNewValue, aResultHolder, aElement, aAttributeName, aAttributeNamespaceID, aNewValue,
aError); aPrincipalOrNull, aResultHolder, aError);
} }
MOZ_CAN_RUN_SCRIPT const nsAString* GetTrustedTypesCompliantAttributeValue( MOZ_CAN_RUN_SCRIPT const nsAString* GetTrustedTypesCompliantAttributeValue(
const nsINode& aElement, nsAtom* aAttributeName, const nsINode& aElement, nsAtom* aAttributeName,
int32_t aAttributeNamespaceID, const nsAString& aNewValue, int32_t aAttributeNamespaceID, const nsAString& aNewValue,
Maybe<nsAutoString>& aResultHolder, ErrorResult& aError) { nsIPrincipal* aPrincipalOrNull, Maybe<nsAutoString>& aResultHolder,
ErrorResult& aError) {
return GetTrustedTypesCompliantAttributeValue<const nsAString*>( return GetTrustedTypesCompliantAttributeValue<const nsAString*>(
aElement, aAttributeName, aAttributeNamespaceID, &aNewValue, aElement, aAttributeName, aAttributeNamespaceID, &aNewValue,
aResultHolder, aError); aPrincipalOrNull, aResultHolder, aError);
} }
bool HostGetCodeForEval(JSContext* aCx, JS::Handle<JSObject*> aCode, bool HostGetCodeForEval(JSContext* aCx, JS::Handle<JSObject*> aCode,

6
dom/security/trusted-types/TrustedTypeUtils.h
View File

@@ -145,11 +145,13 @@ MOZ_CAN_RUN_SCRIPT const nsAString* GetTrustedTypesCompliantAttributeValue(
const nsINode& aElement, nsAtom* aAttributeName, const nsINode& aElement, nsAtom* aAttributeName,
int32_t aAttributeNamespaceID, int32_t aAttributeNamespaceID,
const TrustedHTMLOrTrustedScriptOrTrustedScriptURLOrString& aNewValue, const TrustedHTMLOrTrustedScriptOrTrustedScriptURLOrString& aNewValue,
Maybe<nsAutoString>& aResultHolder, ErrorResult& aError); nsIPrincipal* aPrincipalOrNull, Maybe<nsAutoString>& aResultHolder,
ErrorResult& aError);
MOZ_CAN_RUN_SCRIPT const nsAString* GetTrustedTypesCompliantAttributeValue( MOZ_CAN_RUN_SCRIPT const nsAString* GetTrustedTypesCompliantAttributeValue(
const nsINode& aElement, nsAtom* aAttributeName, const nsINode& aElement, nsAtom* aAttributeName,
int32_t aAttributeNamespaceID, const nsAString& aNewValue, int32_t aAttributeNamespaceID, const nsAString& aNewValue,
Maybe<nsAutoString>& aResultHolder, ErrorResult& aError); nsIPrincipal* aPrincipalOrNull, Maybe<nsAutoString>& aResultHolder,
ErrorResult& aError);
// https://html.spec.whatwg.org/multipage/webappapis.html#hostgetcodeforeval(argument) // https://html.spec.whatwg.org/multipage/webappapis.html#hostgetcodeforeval(argument)
bool HostGetCodeForEval(JSContext* aCx, JS::Handle<JSObject*> aCode, bool HostGetCodeForEval(JSContext* aCx, JS::Handle<JSObject*> aCode,

4
dom/webidl/Element.webidl
View File

@@ -151,12 +151,12 @@ interface Element : Node {
// Obsolete methods. // Obsolete methods.
Attr? getAttributeNode(DOMString name); Attr? getAttributeNode(DOMString name);
[CEReactions, Throws] [CEReactions, NeedsSubjectPrincipal=NonSystem, Throws]
Attr? setAttributeNode(Attr newAttr); Attr? setAttributeNode(Attr newAttr);
[CEReactions, Throws] [CEReactions, Throws]
Attr? removeAttributeNode(Attr oldAttr); Attr? removeAttributeNode(Attr oldAttr);
Attr? getAttributeNodeNS(DOMString? namespaceURI, DOMString localName); Attr? getAttributeNodeNS(DOMString? namespaceURI, DOMString localName);
[CEReactions, Throws] [CEReactions, NeedsSubjectPrincipal=NonSystem, Throws]
Attr? setAttributeNodeNS(Attr newAttr); Attr? setAttributeNodeNS(Attr newAttr);
[Func="nsContentUtils::IsCallerChromeOrElementTransformGettersEnabled"] [Func="nsContentUtils::IsCallerChromeOrElementTransformGettersEnabled"]

4
dom/webidl/NamedNodeMap.webidl
View File

@@ -7,7 +7,7 @@
Exposed=Window] Exposed=Window]
interface NamedNodeMap { interface NamedNodeMap {
getter Attr? getNamedItem(DOMString name); getter Attr? getNamedItem(DOMString name);
[CEReactions, Throws, BinaryName="setNamedItemNS"] [CEReactions, NeedsSubjectPrincipal=NonSystem, Throws, BinaryName="setNamedItemNS"]
Attr? setNamedItem(Attr arg); Attr? setNamedItem(Attr arg);
[CEReactions, Throws] [CEReactions, Throws]
Attr removeNamedItem(DOMString name); Attr removeNamedItem(DOMString name);
@@ -16,7 +16,7 @@ interface NamedNodeMap {
readonly attribute unsigned long length; readonly attribute unsigned long length;
Attr? getNamedItemNS(DOMString? namespaceURI, DOMString localName); Attr? getNamedItemNS(DOMString? namespaceURI, DOMString localName);
[CEReactions, Throws] [CEReactions, NeedsSubjectPrincipal=NonSystem, Throws]
Attr? setNamedItemNS(Attr arg); Attr? setNamedItemNS(Attr arg);
[CEReactions, Throws] [CEReactions, Throws]
Attr removeNamedItemNS(DOMString? namespaceURI, DOMString localName); Attr removeNamedItemNS(DOMString? namespaceURI, DOMString localName);