Bug 1209263 - Allow embedders to tell SpiderMonkey how to structured …

…clone principals; r=bz --HG-- extra : rebase_source : 04835c034431953344e83203e7753043461474ba
dothq · Oct 2, 2015 · ee543a3 · ee543a3
1 parent d66d461
commit ee543a3
Show file tree

Hide file tree

Showing 12 changed files with 207 additions and 71 deletions.
diff --git a/caps/nsJSPrincipals.cpp b/caps/nsJSPrincipals.cpp
@@ -15,8 +15,13 @@
 #include "nsMemory.h"
 #include "nsStringBuffer.h"
 
+#include "mozilla/dom/StructuredCloneTags.h"
 // for mozilla::dom::workers::kJSPrincipalsDebugToken
 #include "mozilla/dom/workers/Workers.h"
+#include "mozilla/ipc/BackgroundUtils.h"
+
+using namespace mozilla;
+using namespace mozilla::ipc;
 
 NS_IMETHODIMP_(MozExternalRefCountType)
 nsJSPrincipals::AddRef()
@@ -85,7 +90,7 @@ JSPrincipals::dump()
       nsAutoCString str;
       static_cast<nsJSPrincipals *>(this)->GetScriptLocation(str);
       fprintf(stderr, "nsIPrincipal (%p) = %s\n", static_cast<void*>(this), str.get());
-    } else if (debugToken == mozilla::dom::workers::kJSPrincipalsDebugToken) {
+    } else if (debugToken == dom::workers::kJSPrincipalsDebugToken) {
         fprintf(stderr, "Web Worker principal singleton (%p)\n", this);
     } else {
         fprintf(stderr,
@@ -95,4 +100,104 @@ JSPrincipals::dump()
     }
 }
 
-#endif 
+#endif
+
+/* static */ bool
+nsJSPrincipals::ReadPrincipals(JSContext* aCx, JSStructuredCloneReader* aReader,
+                               JSPrincipals** aOutPrincipals)
+{
+    uint32_t tag;
+    uint32_t unused;
+    if (!JS_ReadUint32Pair(aReader, &tag, &unused)) {
+        return false;
+    }
+
+    if (!(tag == SCTAG_DOM_NULL_PRINCIPAL ||
+          tag == SCTAG_DOM_SYSTEM_PRINCIPAL ||
+          tag == SCTAG_DOM_CONTENT_PRINCIPAL)) {
+        xpc::Throw(aCx, NS_ERROR_DOM_DATA_CLONE_ERR);
+        return false;
+    }
+
+    return ReadKnownPrincipalType(aCx, aReader, tag, aOutPrincipals);
+}
+
+/* static */ bool
+nsJSPrincipals::ReadKnownPrincipalType(JSContext* aCx,
+                                       JSStructuredCloneReader* aReader,
+                                       uint32_t aTag,
+                                       JSPrincipals** aOutPrincipals)
+{
+    MOZ_ASSERT(aTag == SCTAG_DOM_NULL_PRINCIPAL ||
+               aTag == SCTAG_DOM_SYSTEM_PRINCIPAL ||
+               aTag == SCTAG_DOM_CONTENT_PRINCIPAL);
+
+    if (NS_WARN_IF(!NS_IsMainThread())) {
+        xpc::Throw(aCx, NS_ERROR_UNCATCHABLE_EXCEPTION);
+        return false;
+    }
+
+    PrincipalInfo info;
+    if (aTag == SCTAG_DOM_SYSTEM_PRINCIPAL) {
+        info = SystemPrincipalInfo();
+    } else if (aTag == SCTAG_DOM_NULL_PRINCIPAL) {
+        info = NullPrincipalInfo();
+    } else {
+        uint32_t suffixLength, specLength;
+        if (!JS_ReadUint32Pair(aReader, &suffixLength, &specLength)) {
+            return false;
+        }
+
+        nsAutoCString suffix;
+        suffix.SetLength(suffixLength);
+        if (!JS_ReadBytes(aReader, suffix.BeginWriting(), suffixLength)) {
+            return false;
+        }
+
+        nsAutoCString spec;
+        spec.SetLength(specLength);
+        if (!JS_ReadBytes(aReader, spec.BeginWriting(), specLength)) {
+            return false;
+        }
+
+        OriginAttributes attrs;
+        attrs.PopulateFromSuffix(suffix);
+        info = ContentPrincipalInfo(attrs, spec);
+    }
+
+    nsresult rv;
+    nsCOMPtr<nsIPrincipal> prin = PrincipalInfoToPrincipal(info, &rv);
+    if (NS_WARN_IF(NS_FAILED(rv))) {
+        xpc::Throw(aCx, NS_ERROR_DOM_DATA_CLONE_ERR);
+        return false;
+    }
+
+    *aOutPrincipals = get(prin.forget().take());
+    return true;
+}
+
+bool
+nsJSPrincipals::write(JSContext* aCx, JSStructuredCloneWriter* aWriter)
+{
+    PrincipalInfo info;
+    if (NS_WARN_IF(NS_FAILED(PrincipalToPrincipalInfo(this, &info)))) {
+        xpc::Throw(aCx, NS_ERROR_DOM_DATA_CLONE_ERR);
+        return false;
+    }
+
+    if (info.type() == PrincipalInfo::TNullPrincipalInfo) {
+        return JS_WriteUint32Pair(aWriter, SCTAG_DOM_NULL_PRINCIPAL, 0);
+    }
+    if (info.type() == PrincipalInfo::TSystemPrincipalInfo) {
+        return JS_WriteUint32Pair(aWriter, SCTAG_DOM_SYSTEM_PRINCIPAL, 0);
+    }
+
+    MOZ_ASSERT(info.type() == PrincipalInfo::TContentPrincipalInfo);
+    const ContentPrincipalInfo& cInfo = info;
+    nsAutoCString suffix;
+    cInfo.attrs().CreateSuffix(suffix);
+    return JS_WriteUint32Pair(aWriter, SCTAG_DOM_CONTENT_PRINCIPAL, 0) &&
+           JS_WriteUint32Pair(aWriter, suffix.Length(), cInfo.spec().Length()) &&
+           JS_WriteBytes(aWriter, suffix.get(), suffix.Length()) &&
+           JS_WriteBytes(aWriter, cInfo.spec().get(), cInfo.spec().Length());
+}
diff --git a/caps/nsJSPrincipals.h b/caps/nsJSPrincipals.h
@@ -16,6 +16,17 @@ class nsJSPrincipals : public nsIPrincipal, public JSPrincipals
   static bool Subsume(JSPrincipals *jsprin, JSPrincipals *other);
   static void Destroy(JSPrincipals *jsprin);
 
+  /* JSReadPrincipalsOp for nsJSPrincipals */
+  static bool ReadPrincipals(JSContext* aCx, JSStructuredCloneReader* aReader,
+                             JSPrincipals** aOutPrincipals);
+
+  static bool ReadKnownPrincipalType(JSContext* aCx,
+                                     JSStructuredCloneReader* aReader,
+                                     uint32_t aTag,
+                                     JSPrincipals** aOutPrincipals);
+
+  bool write(JSContext* aCx, JSStructuredCloneWriter* aWriter) final;
+
   /*
    * Get a weak reference to nsIPrincipal associated with the given JS
    * principal, and vice-versa.

diff --git a/dom/base/StructuredCloneHolder.cpp b/dom/base/StructuredCloneHolder.cpp
@@ -418,49 +418,19 @@ StructuredCloneHolder::ReadFullySerializableObjects(JSContext* aCx,
   if (aTag == SCTAG_DOM_NULL_PRINCIPAL ||
       aTag == SCTAG_DOM_SYSTEM_PRINCIPAL ||
       aTag == SCTAG_DOM_CONTENT_PRINCIPAL) {
-    if (!NS_IsMainThread()) {
-      return nullptr;
-    }
-
-    mozilla::ipc::PrincipalInfo info;
-    if (aTag == SCTAG_DOM_SYSTEM_PRINCIPAL) {
-      info = mozilla::ipc::SystemPrincipalInfo();
-    } else if (aTag == SCTAG_DOM_NULL_PRINCIPAL) {
-      info = mozilla::ipc::NullPrincipalInfo();
-    } else {
-
-      uint32_t suffixLength, specLength;
-      if (!JS_ReadUint32Pair(aReader, &suffixLength, &specLength)) {
-        return nullptr;
-      }
-
-      nsAutoCString suffix;
-      suffix.SetLength(suffixLength);
-      if (!JS_ReadBytes(aReader, suffix.BeginWriting(), suffixLength)) {
-       return nullptr;
-      }
-
-      nsAutoCString spec;
-      spec.SetLength(specLength);
-      if (!JS_ReadBytes(aReader, spec.BeginWriting(), specLength)) {
-        return nullptr;
-      }
-
-      OriginAttributes attrs;
-      attrs.PopulateFromSuffix(suffix);
-      info = mozilla::ipc::ContentPrincipalInfo(attrs, spec);
-    }
-
-    nsresult rv;
-    nsCOMPtr<nsIPrincipal> principal = PrincipalInfoToPrincipal(info, &rv);
-    if (NS_WARN_IF(NS_FAILED(rv))) {
-      xpc::Throw(aCx, NS_ERROR_DOM_DATA_CLONE_ERR);
+    JSPrincipals* prin;
+    if (!nsJSPrincipals::ReadKnownPrincipalType(aCx, aReader, aTag, &prin)) {
       return nullptr;
     }
+    // nsJSPrincipals::ReadKnownPrincipalType addrefs for us, but because of the
+    // casting between JSPrincipals* and nsIPrincipal* we can't use
+    // getter_AddRefs above and have to already_AddRefed here.
+    nsCOMPtr<nsIPrincipal> principal = already_AddRefed<nsIPrincipal>(nsJSPrincipals::get(prin));
 
     JS::RootedValue result(aCx);
-    rv = nsContentUtils::WrapNative(aCx, principal, &NS_GET_IID(nsIPrincipal),
-                                    &result);
+    nsresult rv = nsContentUtils::WrapNative(aCx, principal,
+                                             &NS_GET_IID(nsIPrincipal),
+                                             &result);
     if (NS_FAILED(rv)) {
       xpc::Throw(aCx, NS_ERROR_DOM_DATA_CLONE_ERR);
       return nullptr;
@@ -560,27 +530,8 @@ StructuredCloneHolder::WriteFullySerializableObjects(JSContext* aCx,
     nsCOMPtr<nsISupports> base = xpc::UnwrapReflectorToISupports(aObj);
     nsCOMPtr<nsIPrincipal> principal = do_QueryInterface(base);
     if (principal) {
-      mozilla::ipc::PrincipalInfo info;
-      if (NS_WARN_IF(NS_FAILED(PrincipalToPrincipalInfo(principal, &info)))) {
-        xpc::Throw(aCx, NS_ERROR_DOM_DATA_CLONE_ERR);
-        return false;
-      }
-
-      if (info.type() == mozilla::ipc::PrincipalInfo::TNullPrincipalInfo) {
-        return JS_WriteUint32Pair(aWriter, SCTAG_DOM_NULL_PRINCIPAL, 0);
-      }
-      if (info.type() == mozilla::ipc::PrincipalInfo::TSystemPrincipalInfo) {
-        return JS_WriteUint32Pair(aWriter, SCTAG_DOM_SYSTEM_PRINCIPAL, 0);
-      }
-
-      MOZ_ASSERT(info.type() == mozilla::ipc::PrincipalInfo::TContentPrincipalInfo);
-      const mozilla::ipc::ContentPrincipalInfo& cInfo = info;
-      nsAutoCString suffix;
-      cInfo.attrs().CreateSuffix(suffix);
-      return JS_WriteUint32Pair(aWriter, SCTAG_DOM_CONTENT_PRINCIPAL, 0) &&
-             JS_WriteUint32Pair(aWriter, suffix.Length(), cInfo.spec().Length()) &&
-             JS_WriteBytes(aWriter, suffix.get(), suffix.Length()) &&
-             JS_WriteBytes(aWriter, cInfo.spec().get(), cInfo.spec().Length());
+      auto nsjsprincipals = nsJSPrincipals::get(principal);
+      return nsjsprincipals->write(aCx, aWriter);
     }
   }
 

diff --git a/dom/workers/Principal.cpp b/dom/workers/Principal.cpp
@@ -11,10 +11,18 @@
 
 BEGIN_WORKERS_NAMESPACE
 
+struct WorkerPrincipal final : public JSPrincipals
+{
+  bool write(JSContext* aCx, JSStructuredCloneWriter* aWriter) override {
+    MOZ_CRASH("WorkerPrincipal::write not implemented");
+    return false;
+  }
+};
+
 JSPrincipals*
 GetWorkerPrincipal()
 {
-  static JSPrincipals sPrincipal;
+  static WorkerPrincipal sPrincipal;
 
   /*
    * To make sure the the principals refcount is initialized to one, atomically

diff --git a/js/public/Principals.h b/js/public/Principals.h
@@ -15,6 +15,8 @@
 
 #include "jspubtd.h"
 
+#include "js/StructuredClone.h"
+
 namespace js {
     struct PerformanceGroup;
 } // namespace js
@@ -36,6 +38,12 @@ struct JSPrincipals {
 # endif
     }
 
+    /*
+     * Write the principals with the given |writer|. Return false on failure,
+     * true on success.
+     */
+    virtual bool write(JSContext* cx, JSStructuredCloneWriter* writer) = 0;
+
     /*
      * This is not defined by the JS engine but should be provided by the
      * embedding.
@@ -99,4 +107,26 @@ typedef void
 extern JS_PUBLIC_API(void)
 JS_InitDestroyPrincipalsCallback(JSRuntime* rt, JSDestroyPrincipalsOp destroyPrincipals);
 
+/*
+ * Read a JSPrincipals instance from the given |reader| and initialize the out
+ * paratemer |outPrincipals| to the JSPrincipals instance read.
+ *
+ * Return false on failure, true on success. The |outPrincipals| parameter
+ * should not be modified if false is returned.
+ *
+ * The caller is not responsible for calling JS_HoldPrincipals on the resulting
+ * JSPrincipals instance, the JSReadPrincipalsOp must increment the refcount of
+ * the resulting JSPrincipals on behalf of the caller.
+ */
+using JSReadPrincipalsOp = bool (*)(JSContext* cx, JSStructuredCloneReader* reader,
+                                    JSPrincipals** outPrincipals);
+
+/*
+ * Initialize the callback that is called to read JSPrincipals instances from a
+ * buffer. The initialization can be done only once per JS runtime.
+ */
+extern JS_PUBLIC_API(void)
+JS_InitReadPrincipalsCallback(JSRuntime* rt, JSReadPrincipalsOp read);
+
+
 #endif  /* js_Principals_h */
diff --git a/js/src/jsapi-tests/testCloneScript.cpp b/js/src/jsapi-tests/testCloneScript.cpp
@@ -51,19 +51,18 @@ BEGIN_TEST(test_cloneScript)
 }
 END_TEST(test_cloneScript)
 
-static void
-DestroyPrincipals(JSPrincipals* principals)
-{
-    delete principals;
-}
-
-struct Principals : public JSPrincipals
+struct Principals final : public JSPrincipals
 {
   public:
     Principals()
     {
         refcount = 0;
     }
+
+    bool write(JSContext* cx, JSStructuredCloneWriter* writer) override {
+        MOZ_ASSERT(false, "not imlemented");
+        return false;
+    }
 };
 
 class AutoDropPrincipals
@@ -84,6 +83,13 @@ class AutoDropPrincipals
     }
 };
 
+static void
+DestroyPrincipals(JSPrincipals* principals)
+{
+    auto p = static_cast<Principals*>(principals);
+    delete p;
+}
+
 BEGIN_TEST(test_cloneScriptWithPrincipals)
 {
     JS_InitDestroyPrincipalsCallback(rt, DestroyPrincipals);

diff --git a/js/src/jsapi-tests/tests.h b/js/src/jsapi-tests/tests.h
@@ -409,6 +409,11 @@ class TestJSPrincipals : public JSPrincipals
     {
         refcount = rc;
     }
+
+    bool write(JSContext* cx, JSStructuredCloneWriter* writer) override {
+        MOZ_ASSERT(false, "not implemented");
+        return false;
+    }
 };
 
 #ifdef JS_GC_ZEAL

diff --git a/js/src/jsapi.cpp b/js/src/jsapi.cpp
@@ -3338,6 +3338,14 @@ JS_InitDestroyPrincipalsCallback(JSRuntime* rt, JSDestroyPrincipalsOp destroyPri
     rt->destroyPrincipals = destroyPrincipals;
 }
 
+extern JS_PUBLIC_API(void)
+JS_InitReadPrincipalsCallback(JSRuntime* rt, JSReadPrincipalsOp read)
+{
+    MOZ_ASSERT(read);
+    MOZ_ASSERT(!rt->readPrincipals);
+    rt->readPrincipals = read;
+}
+
 JS_PUBLIC_API(JSFunction*)
 JS_NewFunction(JSContext* cx, JSNative native, unsigned nargs, unsigned flags,
                const char* name)

diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
@@ -214,7 +214,7 @@ NewGlobalObject(JSContext* cx, JS::CompartmentOptions& options,
  * The 'newGlobal' function takes an option indicating which principal the
  * new global should have; 'evaluate' does for the new code.
  */
-class ShellPrincipals: public JSPrincipals {
+class ShellPrincipals final : public JSPrincipals {
     uint32_t bits;
 
     static uint32_t getBits(JSPrincipals* p) {
@@ -228,6 +228,11 @@ class ShellPrincipals: public JSPrincipals {
         this->refcount = refcount;
     }
 
+    bool write(JSContext* cx, JSStructuredCloneWriter* writer) override {
+        MOZ_ASSERT(false, "not implemented");
+        return false;
+    }
+
     static void destroy(JSPrincipals* principals) {
         MOZ_ASSERT(principals != &fullyTrusted);
         MOZ_ASSERT(principals->refcount == 0);