Bug 1842713 - Replace same-origin check by intra-cluster-shared-objec…

…t-allowed r=smaug

This patch replaces the same-origin check by
`areIntraClusterCloneableSharedObjectsAllowed()` when reading a
serialized/transferred VideoFrame.

Depends on D183598

Differential Revision: https://phabricator.services.mozilla.com/D183433

dom/base/StructuredCloneHolder.cpp

@@ -1104,7 +1104,8 @@ JSObject* StructuredCloneHolder::CustomReadHandler(
 
   if (StaticPrefs::dom_media_webcodecs_enabled() &&
       aTag == SCTAG_DOM_VIDEOFRAME &&
-      CloneScope() == StructuredCloneScope::SameProcess) {
+      CloneScope() == StructuredCloneScope::SameProcess &&
+      aCloneDataPolicy.areIntraClusterClonableSharedObjectsAllowed()) {
     JS::Rooted<JSObject*> global(aCx, mGlobal->GetGlobalJSObject());
     if (VideoFrame_Binding::ConstructorEnabled(aCx, global)) {
       return VideoFrame::ReadStructuredClone(aCx, mGlobal, aReader,
@@ -1372,7 +1373,8 @@ StructuredCloneHolder::CustomReadTransferHandler(
 
   if (StaticPrefs::dom_media_webcodecs_enabled() &&
       aTag == SCTAG_DOM_VIDEOFRAME &&
-      CloneScope() == StructuredCloneScope::SameProcess) {
+      CloneScope() == StructuredCloneScope::SameProcess &&
+      aCloneDataPolicy.areIntraClusterClonableSharedObjectsAllowed()) {
     MOZ_ASSERT(aContent);
 
     JS::Rooted<JSObject*> globalObj(aCx, mGlobal->GetGlobalJSObject());

dom/media/webcodecs/VideoFrame.cpp

@@ -160,14 +160,6 @@ class NV12BufferReader final : public YUVBufferReaderBase {
  * The followings are helpers defined in
  * https://w3c.github.io/webcodecs/#videoframe-algorithms
  */
-static bool IsSameOrigin(nsIGlobalObject* aGlobal, nsIURI* aURI) {
-  MOZ_ASSERT(aGlobal);
-
-  nsIPrincipal* principal = aGlobal->PrincipalOrNull();
-  // If VideoFrames is created in worker, then it's from the same origin. In
-  // this case, principal or aURI is null. Otherwise, check the origin.
-  return !principal || !aURI || principal->IsSameOrigin(aURI);
-}
 
 static bool IsSameOrigin(nsIGlobalObject* aGlobal, const VideoFrame& aFrame) {
   MOZ_ASSERT(aGlobal);
@@ -1103,12 +1095,10 @@ VideoFrameSerializedData::VideoFrameSerializedData(
     layers::Image* aImage, const Maybe<VideoPixelFormat>& aFormat,
     gfx::IntSize aCodedSize, gfx::IntRect aVisibleRect,
     gfx::IntSize aDisplaySize, Maybe<uint64_t> aDuration, int64_t aTimestamp,
-    const VideoColorSpaceInit& aColorSpace,
-    already_AddRefed<nsIURI> aPrincipalURI)
+    const VideoColorSpaceInit& aColorSpace)
     : VideoFrameData(aImage, aFormat, aVisibleRect, aDisplaySize, aDuration,
                      aTimestamp, aColorSpace),
-      mCodedSize(aCodedSize),
-      mPrincipalURI(aPrincipalURI) {}
+      mCodedSize(aCodedSize) {}
 
 /*
  * W3C Webcodecs VideoFrame implementation
@@ -1766,10 +1756,6 @@ already_AddRefed<layers::Image> VideoFrame::GetImage() const {
 JSObject* VideoFrame::ReadStructuredClone(
     JSContext* aCx, nsIGlobalObject* aGlobal, JSStructuredCloneReader* aReader,
     const VideoFrameSerializedData& aData) {
-  if (!IsSameOrigin(aGlobal, aData.mPrincipalURI.get())) {
-    return nullptr;
-  }
-
   JS::Rooted<JS::Value> value(aCx, JS::NullValue());
   // To avoid a rooting hazard error from returning a raw JSObject* before
   // running the RefPtr destructor, RefPtr needs to be destructed before
@@ -1804,7 +1790,7 @@ bool VideoFrame::WriteStructuredClone(JSStructuredCloneWriter* aWriter,
   // serialize a reference instead of a copy.
   aHolder->VideoFrames().AppendElement(VideoFrameSerializedData(
       image.get(), mResource->TryPixelFormat(), mCodedSize, mVisibleRect,
-      mDisplaySize, mDuration, mTimestamp, mColorSpace, GetPrincipalURI()));
+      mDisplaySize, mDuration, mTimestamp, mColorSpace));
 
   return !NS_WARN_IF(!JS_WriteUint32Pair(aWriter, SCTAG_DOM_VIDEOFRAME, index));
 }
@@ -1820,7 +1806,7 @@ UniquePtr<VideoFrame::TransferredData> VideoFrame::Transfer() {
   Resource r = mResource.extract();
   auto frame = MakeUnique<TransferredData>(
       r.mImage.get(), r.TryPixelFormat(), mCodedSize, mVisibleRect,
-      mDisplaySize, mDuration, mTimestamp, mColorSpace, GetPrincipalURI());
+      mDisplaySize, mDuration, mTimestamp, mColorSpace);
   Close();
   return frame;
 }
@@ -1831,23 +1817,12 @@ already_AddRefed<VideoFrame> VideoFrame::FromTransferred(
     nsIGlobalObject* aGlobal, TransferredData* aData) {
   MOZ_ASSERT(aData);
 
-  if (!IsSameOrigin(aGlobal, aData->mPrincipalURI.get())) {
-    return nullptr;
-  }
-
   return MakeAndAddRef<VideoFrame>(aGlobal, aData->mImage, aData->mFormat,
                                    aData->mCodedSize, aData->mVisibleRect,
                                    aData->mDisplaySize, aData->mDuration,
                                    aData->mTimestamp, aData->mColorSpace);
 }
 
-already_AddRefed<nsIURI> VideoFrame::GetPrincipalURI() const {
-  AssertIsOnOwningThread();
-
-  nsIPrincipal* principal = mParent->PrincipalOrNull();
-  return principal ? principal->GetURI() : nullptr;
-}
-
 /*
  * VideoFrame::Format
  *

dom/media/webcodecs/VideoFrame.h

@@ -75,11 +75,9 @@ struct VideoFrameSerializedData : VideoFrameData {
                            gfx::IntSize aCodedSize, gfx::IntRect aVisibleRect,
                            gfx::IntSize aDisplaySize, Maybe<uint64_t> aDuration,
                            int64_t aTimestamp,
-                           const VideoColorSpaceInit& aColorSpace,
-                           already_AddRefed<nsIURI> aPrincipalURI);
+                           const VideoColorSpaceInit& aColorSpace);
 
   const gfx::IntSize mCodedSize;
-  const nsCOMPtr<nsIURI> mPrincipalURI;
 };
 
 class VideoFrame final : public nsISupports, public nsWrapperCache {
@@ -217,8 +215,6 @@ class VideoFrame final : public nsISupports, public nsWrapperCache {
   // VideoFrame can run on either main thread or worker thread.
   void AssertIsOnOwningThread() const { NS_ASSERT_OWNINGTHREAD(VideoFrame); }
 
-  already_AddRefed<nsIURI> GetPrincipalURI() const;
-
   // A class representing the VideoFrame's data.
   class Resource final {
    public: