Bug 1955775 - Don't include domain in ContentPrincipal::GetHashValue. r=nika,ckerschb

As it can mutate over the lifetime of the principal. Differential Revision: https://phabricator.services.mozilla.com/D242653
2025-04-01 12:57:21 +00:00
parent 3f94feec70
commit 89fc1ca8e3
14 changed files with 43 additions and 33 deletions
--- a/caps/BasePrincipal.cpp
+++ b/caps/BasePrincipal.cpp
@@ -1618,3 +1618,9 @@ void BasePrincipal::WriteJSONProperty(JSONWriter& aWriter,
 }
 }  // namespace mozilla
 uint32_t nsIPrincipal::GetHashValue() const {
  auto* bp = mozilla::BasePrincipal::Cast(this);
  return mozilla::HashGeneric(bp->GetOriginNoSuffixHash(),
                              bp->GetOriginSuffixHash());
 }
--- a/caps/ContentPrincipal.cpp
+++ b/caps/ContentPrincipal.cpp
@@ -308,17 +308,6 @@ bool ContentPrincipal::MayLoadInternal(nsIURI* aURI) {
  return false;
 }
 uint32_t ContentPrincipal::GetHashValue() {
  MOZ_ASSERT(mURI, "Need a principal URI");
  nsCOMPtr<nsIURI> uri;
  GetDomain(getter_AddRefs(uri));
  if (!uri) {
    GetURI(getter_AddRefs(uri));
  };
  return NS_SecurityHashURI(uri);
 }
 NS_IMETHODIMP
 ContentPrincipal::GetDomain(nsIURI** aDomain) {
  if (!GetHasExplicitDomain()) {
--- a/caps/ContentPrincipal.h
+++ b/caps/ContentPrincipal.h
@@ -22,7 +22,6 @@ class JSONWriter;
 class ContentPrincipal final : public BasePrincipal {
 public:
  NS_IMETHOD QueryInterface(REFNSIID aIID, void** aInstancePtr) override;
  uint32_t GetHashValue() override;
  NS_IMETHOD GetURI(nsIURI** aURI) override;
  NS_IMETHOD GetDomain(nsIURI** aDomain) override;
  NS_IMETHOD SetDomain(nsIURI* aDomain) override;
--- a/caps/ExpandedPrincipal.cpp
+++ b/caps/ExpandedPrincipal.cpp
@@ -106,10 +106,6 @@ bool ExpandedPrincipal::MayLoadInternal(nsIURI* uri) {
  return false;
 }
 uint32_t ExpandedPrincipal::GetHashValue() {
  MOZ_CRASH("extended principal should never be used as key in a hash map");
 }
 NS_IMETHODIMP
 ExpandedPrincipal::GetURI(nsIURI** aURI) {
  *aURI = nullptr;
--- a/caps/ExpandedPrincipal.h
+++ b/caps/ExpandedPrincipal.h
@@ -37,7 +37,6 @@ class ExpandedPrincipal : public nsIExpandedPrincipal,
    return nsJSPrincipals::Release();
  };
  NS_IMETHOD QueryInterface(REFNSIID aIID, void** aInstancePtr) override;
  uint32_t GetHashValue() override;
  NS_IMETHOD GetURI(nsIURI** aURI) override;
  NS_IMETHOD GetDomain(nsIURI** aDomain) override;
  NS_IMETHOD SetDomain(nsIURI* aDomain) override;
--- a/caps/NullPrincipal.cpp
+++ b/caps/NullPrincipal.cpp
@@ -157,8 +157,6 @@ nsresult NullPrincipal::GetScriptLocation(nsACString& aStr) {
 * nsIPrincipal implementation
 */
 uint32_t NullPrincipal::GetHashValue() { return (NS_PTR_TO_INT32(this) >> 2); }
 NS_IMETHODIMP
 NullPrincipal::GetURI(nsIURI** aURI) {
  nsCOMPtr<nsIURI> uri = mURI;
--- a/caps/NullPrincipal.h
+++ b/caps/NullPrincipal.h
@@ -40,7 +40,6 @@ class NullPrincipal final : public BasePrincipal {
  static PrincipalKind Kind() { return eNullPrincipal; }
  NS_IMETHOD QueryInterface(REFNSIID aIID, void** aInstancePtr) override;
  uint32_t GetHashValue() override;
  NS_IMETHOD GetURI(nsIURI** aURI) override;
  NS_IMETHOD GetIsOriginPotentiallyTrustworthy(bool* aResult) override;
  NS_IMETHOD GetDomain(nsIURI** aDomain) override;
--- a/caps/PrincipalHashKey.h
+++ b/caps/PrincipalHashKey.h
@@ -43,8 +43,7 @@ class PrincipalHashKey : public PLDHashEntryHdr {
    return aKey;
  }
  static PLDHashNumber HashKey(const nsIPrincipal* aKey) {
-    const auto* bp = BasePrincipal::Cast(aKey);
+    return aKey->GetHashValue();
    return HashGeneric(bp->GetOriginNoSuffixHash(), bp->GetOriginSuffixHash());
  }
  enum { ALLOW_MEMMOVE = true };
--- a/caps/SystemPrincipal.cpp
+++ b/caps/SystemPrincipal.cpp
@@ -65,8 +65,6 @@ nsresult SystemPrincipal::GetScriptLocation(nsACString& aStr) {
 // Methods implementing nsIPrincipal //
 ///////////////////////////////////////
 uint32_t SystemPrincipal::GetHashValue() { return NS_PTR_TO_INT32(this); }
 NS_IMETHODIMP
 SystemPrincipal::GetURI(nsIURI** aURI) {
  *aURI = nullptr;
--- a/caps/SystemPrincipal.h
+++ b/caps/SystemPrincipal.h
@@ -43,7 +43,6 @@ class SystemPrincipal final : public BasePrincipal, public nsISerializable {
  NS_DECL_NSISERIALIZABLE
  NS_IMETHOD QueryInterface(REFNSIID aIID, void** aInstancePtr) override;
  uint32_t GetHashValue() override;
  NS_IMETHOD GetURI(nsIURI** aURI) override;
  NS_IMETHOD GetDomain(nsIURI** aDomain) override;
  NS_IMETHOD SetDomain(nsIURI* aDomain) override;
--- a/caps/nsIPrincipal.idl
+++ b/caps/nsIPrincipal.idl
@@ -95,11 +95,16 @@ interface nsIPrincipal : nsISupports
    boolean equalsURI(in nsIURI aOtherURI);
    /**
-     * Returns a hash value for the principal.
+     * Returns a hash value for the principal. Guaranteed to be equal
     * for two principals which are Equals(...).
     *
     * Implemented in BasePrincipal.cpp.
     *
     * May be called from any thread.
     */
-    [notxpcom, nostdcall] readonly attribute unsigned long hashValue;
+    %{C++
    uint32_t GetHashValue() const;
    %}
    /**
     * The principal URI to which this principal pertains.  This is
--- a/caps/tests/gtest/TestPrincipalHash.cpp
+++ b/caps/tests/gtest/TestPrincipalHash.cpp
@@ -0,0 +1,27 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 #include "gtest/gtest.h"
 #include "mozilla/gtest/MozAssertions.h"
 #include "nsIPrincipal.h"
 #include "nsScriptSecurityManager.h"
 #include "nsNetUtil.h"
 TEST(PrincipalHash, DocumentDomain)
 {
  nsCOMPtr<nsIScriptSecurityManager> ssm =
      nsScriptSecurityManager::GetScriptSecurityManager();
  nsCOMPtr<nsIPrincipal> principal;
  nsresult rv =
      ssm->CreateContentPrincipalFromOrigin("https://sub.mozilla.org"_ns, getter_AddRefs(principal));
  EXPECT_NS_SUCCEEDED(rv);
  const auto hash = principal->GetHashValue();
  nsCOMPtr<nsIURI> domain;
  rv = NS_NewURI(getter_AddRefs(domain), "https://mozilla.org"_ns);
  EXPECT_NS_SUCCEEDED(rv);
  principal->SetDomain(domain);
  ASSERT_EQ(principal->GetHashValue(), hash) << "Principal hash shouldn't change";
 }
--- a/caps/tests/gtest/moz.build
+++ b/caps/tests/gtest/moz.build
@@ -9,6 +9,7 @@ UNIFIED_SOURCES += [
    "TestNullPrincipalPrecursor.cpp",
    "TestOriginAttributes.cpp",
    "TestPrincipalAttributes.cpp",
    "TestPrincipalHash.cpp",
    "TestPrincipalSerialization.cpp",
    "TestRedirectChainURITruncation.cpp",
    "TestScriptSecurityManager.cpp",
--- a/gfx/thebes/gfxFontSrcPrincipal.cpp
+++ b/gfx/thebes/gfxFontSrcPrincipal.cpp
@@ -20,12 +20,7 @@ gfxFontSrcPrincipal::gfxFontSrcPrincipal(nsIPrincipal* aNodePrincipal,
  MOZ_ASSERT(NS_IsMainThread());
  MOZ_ASSERT(aNodePrincipal);
  MOZ_ASSERT(aStoragePrincipal);
-
+  mHash = mStoragePrincipal->GetHashValue();
  nsAutoCString suffix;
  mStoragePrincipal->GetOriginSuffix(suffix);
  mHash = mozilla::AddToHash(mStoragePrincipal->GetHashValue(),
                             mozilla::HashString(suffix));
 }
 gfxFontSrcPrincipal::~gfxFontSrcPrincipal() = default;