Backed out 4 changesets (bug 1320404) for test_permmanager_load_inval…

…id_entries.js failures Backed out changeset 7c2f4e64d38e (bug 1320404) Backed out changeset a7e7c0251179 (bug 1320404) Backed out changeset dd741b25a244 (bug 1320404) Backed out changeset de9073c57d20 (bug 1320404)
trman · May 3, 2019 · 386d23b · 386d23b
1 parent fb8bc54
commit 386d23b
Show file tree

Hide file tree

Showing 102 changed files with 944 additions and 547 deletions.
diff --git a/browser/base/content/test/caps/browser_principalSerialization_version1.js b/browser/base/content/test/caps/browser_principalSerialization_version1.js
@@ -113,6 +113,7 @@ add_task(async function test_realHistoryCheck() {
       "output": {
         "URI": false,
         "originAttributes": {
+          "appId": 0,
           "firstPartyDomain": "",
           "inIsolatedMozBrowser": false,
           "privateBrowsingId": 0,
@@ -127,6 +128,7 @@ add_task(async function test_realHistoryCheck() {
         "cspJSON": "{\"csp-policies\":[{\"child-src\":[\"https://www.googletagmanager.com\",\"https://www.google-analytics.com\",\"https://www.youtube-nocookie.com\",\"https://trackertest.org\",\"https://www.surveygizmo.com\",\"https://accounts.firefox.com\",\"https://accounts.firefox.com.cn\",\"https://www.youtube.com\"],\"connect-src\":[\"'self'\",\"https://*.mozilla.net\",\"https://*.mozilla.org\",\"https://*.mozilla.com\",\"https://www.googletagmanager.com\",\"https://www.google-analytics.com\",\"https://accounts.firefox.com/\",\"https://accounts.firefox.com.cn/\"],\"default-src\":[\"'self'\",\"https://*.mozilla.net\",\"https://*.mozilla.org\",\"https://*.mozilla.com\"],\"frame-src\":[\"https://www.googletagmanager.com\",\"https://www.google-analytics.com\",\"https://www.youtube-nocookie.com\",\"https://trackertest.org\",\"https://www.surveygizmo.com\",\"https://accounts.firefox.com\",\"https://accounts.firefox.com.cn\",\"https://www.youtube.com\"],\"img-src\":[\"'self'\",\"https://*.mozilla.net\",\"https://*.mozilla.org\",\"https://*.mozilla.com\",\"data:\",\"https://mozilla.org\",\"https://www.googletagmanager.com\",\"https://www.google-analytics.com\",\"https://adservice.google.com\",\"https://adservice.google.de\",\"https://adservice.google.dk\",\"https://creativecommons.org\",\"https://ad.doubleclick.net\"],\"report-only\":false,\"script-src\":[\"'self'\",\"https://*.mozilla.net\",\"https://*.mozilla.org\",\"https://*.mozilla.com\",\"'unsafe-inline'\",\"'unsafe-eval'\",\"https://www.googletagmanager.com\",\"https://www.google-analytics.com\",\"https://tagmanager.google.com\",\"https://www.youtube.com\",\"https://s.ytimg.com\"],\"style-src\":[\"'self'\",\"https://*.mozilla.net\",\"https://*.mozilla.org\",\"https://*.mozilla.com\",\"'unsafe-inline'\"]}]}",
         "URISpec": "https://www.mozilla.org/en-US/",
         "originAttributes": {
+          "appId": 0,
           "firstPartyDomain": "",
           "inIsolatedMozBrowser": false,
           "privateBrowsingId": 0,
@@ -139,6 +141,7 @@ add_task(async function test_realHistoryCheck() {
       "output": {
         "URISpec": "https://www.mozilla.org/en-US/firefox/accounts/",
         "originAttributes": {
+          "appId": 0,
           "firstPartyDomain": "",
           "inIsolatedMozBrowser": false,
           "privateBrowsingId": 0,
@@ -152,6 +155,7 @@ add_task(async function test_realHistoryCheck() {
       "output": {
         "URISpec": "https://developer.mozilla.org/en-US/?utm_source=www.mozilla.org&utm_medium=referral&utm_campaign=nav&utm_content=developers",
         "originAttributes": {
+          "appId": 0,
           "firstPartyDomain": "",
           "inIsolatedMozBrowser": false,
           "privateBrowsingId": 0,
@@ -165,6 +169,7 @@ add_task(async function test_realHistoryCheck() {
       "output": {
         "URI": false,
         "originAttributes": {
+          "appId": 0,
           "firstPartyDomain": "",
           "inIsolatedMozBrowser": false,
           "privateBrowsingId": 0,
@@ -178,6 +183,7 @@ add_task(async function test_realHistoryCheck() {
       "output": {
         "URISpec": "moz-nullprincipal:{045ca18d-436c-4744-bbb6-b1a15366df79}",
         "originAttributes": {
+          "appId": 0,
           "firstPartyDomain": "",
           "inIsolatedMozBrowser": false,
           "privateBrowsingId": 0,

diff --git a/browser/components/sessionstore/test/browser_restore_cookies_noOriginAttributes.js b/browser/components/sessionstore/test/browser_restore_cookies_noOriginAttributes.js
@@ -107,6 +107,7 @@ const SESSION_DATA_OA = JSON.stringify(
       name: "test1",
       originAttributes: {
         addonId: "",
+        appId: 0,
         inIsolatedMozBrowser: false,
         userContextId: 0,
       },

diff --git a/caps/BasePrincipal.cpp b/caps/BasePrincipal.cpp
@@ -293,6 +293,18 @@ BasePrincipal::GetOriginSuffix(nsACString& aOriginAttributes) {
   return NS_OK;
 }
 
+NS_IMETHODIMP
+BasePrincipal::GetAppId(uint32_t* aAppId) {
+  if (AppId() == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
+    MOZ_ASSERT(false);
+    *aAppId = nsIScriptSecurityManager::NO_APP_ID;
+    return NS_OK;
+  }
+
+  *aAppId = AppId();
+  return NS_OK;
+}
+
 NS_IMETHODIMP
 BasePrincipal::GetUserContextId(uint32_t* aUserContextId) {
   *aUserContextId = UserContextId();

diff --git a/caps/BasePrincipal.h b/caps/BasePrincipal.h
@@ -122,6 +122,7 @@ class BasePrincipal : public nsJSPrincipals {
   NS_IMETHOD GetOriginAttributes(JSContext* aCx,
                                  JS::MutableHandle<JS::Value> aVal) final;
   NS_IMETHOD GetOriginSuffix(nsACString& aOriginSuffix) final;
+  NS_IMETHOD GetAppId(uint32_t* aAppId) final;
   NS_IMETHOD GetIsInIsolatedMozBrowserElement(
       bool* aIsInIsolatedMozBrowserElement) final;
   NS_IMETHOD GetUserContextId(uint32_t* aUserContextId) final;
@@ -153,6 +154,7 @@ class BasePrincipal : public nsJSPrincipals {
   const OriginAttributes& OriginAttributesRef() final {
     return mOriginAttributes;
   }
+  uint32_t AppId() const { return mOriginAttributes.mAppId; }
   extensions::WebExtensionPolicy* AddonPolicy();
   uint32_t UserContextId() const { return mOriginAttributes.mUserContextId; }
   uint32_t PrivateBrowsingId() const {

diff --git a/caps/OriginAttributes.cpp b/caps/OriginAttributes.cpp
@@ -133,6 +133,11 @@ void OriginAttributes::CreateSuffix(nsACString& aStr) const {
   // naming.
   //
 
+  if (mAppId != nsIScriptSecurityManager::NO_APP_ID) {
+    value.AppendInt(mAppId);
+    params.Set(NS_LITERAL_STRING("appId"), value);
+  }
+
   if (mInIsolatedMozBrowser) {
     params.Set(NS_LITERAL_STRING("inBrowser"), NS_LITERAL_STRING("1"));
   }
@@ -202,6 +207,16 @@ class MOZ_STACK_CLASS PopulateFromSuffixIterator final
 
   bool URLParamsIterator(const nsAString& aName,
                          const nsAString& aValue) override {
+    if (aName.EqualsLiteral("appId")) {
+      nsresult rv;
+      int64_t val = aValue.ToInteger64(&rv);
+      NS_ENSURE_SUCCESS(rv, false);
+      NS_ENSURE_TRUE(val <= UINT32_MAX, false);
+      mOriginAttributes->mAppId = static_cast<uint32_t>(val);
+
+      return true;
+    }
+
     if (aName.EqualsLiteral("inBrowser")) {
       if (!aValue.EqualsLiteral("1")) {
         return false;
@@ -211,7 +226,7 @@ class MOZ_STACK_CLASS PopulateFromSuffixIterator final
       return true;
     }
 
-    if (aName.EqualsLiteral("addonId") || aName.EqualsLiteral("appId")) {
+    if (aName.EqualsLiteral("addonId")) {
       // No longer supported. Silently ignore so that legacy origin strings
       // don't cause failures.
       return true;

diff --git a/caps/OriginAttributes.h b/caps/OriginAttributes.h
@@ -17,7 +17,8 @@ class OriginAttributes : public dom::OriginAttributesDictionary {
  public:
   OriginAttributes() {}
 
-  explicit OriginAttributes(bool aInIsolatedMozBrowser) {
+  OriginAttributes(uint32_t aAppId, bool aInIsolatedMozBrowser) {
+    mAppId = aAppId;
     mInIsolatedMozBrowser = aInIsolatedMozBrowser;
   }
 
@@ -45,7 +46,8 @@ class OriginAttributes : public dom::OriginAttributesDictionary {
   }
 
   bool operator==(const OriginAttributes& aOther) const {
-    return mInIsolatedMozBrowser == aOther.mInIsolatedMozBrowser &&
+    return mAppId == aOther.mAppId &&
+           mInIsolatedMozBrowser == aOther.mInIsolatedMozBrowser &&
            mUserContextId == aOther.mUserContextId &&
            mPrivateBrowsingId == aOther.mPrivateBrowsingId &&
            mFirstPartyDomain == aOther.mFirstPartyDomain;
@@ -56,7 +58,8 @@ class OriginAttributes : public dom::OriginAttributesDictionary {
   }
 
   MOZ_MUST_USE bool EqualsIgnoringFPD(const OriginAttributes& aOther) const {
-    return mInIsolatedMozBrowser == aOther.mInIsolatedMozBrowser &&
+    return mAppId == aOther.mAppId &&
+           mInIsolatedMozBrowser == aOther.mInIsolatedMozBrowser &&
            mUserContextId == aOther.mUserContextId &&
            mPrivateBrowsingId == aOther.mPrivateBrowsingId;
   }
@@ -126,6 +129,10 @@ class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary {
 
   // Performs a match of |aAttrs| against this pattern.
   bool Matches(const OriginAttributes& aAttrs) const {
+    if (mAppId.WasPassed() && mAppId.Value() != aAttrs.mAppId) {
+      return false;
+    }
+
     if (mInIsolatedMozBrowser.WasPassed() &&
         mInIsolatedMozBrowser.Value() != aAttrs.mInIsolatedMozBrowser) {
       return false;
@@ -150,6 +157,11 @@ class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary {
   }
 
   bool Overlaps(const OriginAttributesPattern& aOther) const {
+    if (mAppId.WasPassed() && aOther.mAppId.WasPassed() &&
+        mAppId.Value() != aOther.mAppId.Value()) {
+      return false;
+    }
+
     if (mInIsolatedMozBrowser.WasPassed() &&
         aOther.mInIsolatedMozBrowser.WasPassed() &&
         mInIsolatedMozBrowser.Value() != aOther.mInIsolatedMozBrowser.Value()) {

diff --git a/caps/nsIPrincipal.idl b/caps/nsIPrincipal.idl
@@ -267,6 +267,24 @@ interface nsIPrincipal : nsISerializable
      */
     readonly attribute ACString baseDomain;
 
+    /**
+     * Gets the id of the app this principal is inside.  If this principal is
+     * not inside an app, returns nsIScriptSecurityManager::NO_APP_ID.
+     *
+     * Note that this principal does not necessarily have the permissions of
+     * the app identified by appId.  For example, this principal might
+     * correspond to an iframe whose origin differs from that of the app frame
+     * containing it.  In this case, the iframe will have the appId of its
+     * containing app frame, but the iframe must not run with the app's
+     * permissions.
+     *
+     * Similarly, this principal might correspond to an <iframe mozbrowser>
+     * inside an app frame; in this case, the content inside the iframe should
+     * not have any of the app's permissions, even if the iframe is at the same
+     * origin as the app.
+     */
+    [infallible] readonly attribute unsigned long appId;
+
     /**
      * Gets the ID of the add-on this principal belongs to.
      */

diff --git a/caps/nsIScriptSecurityManager.idl b/caps/nsIScriptSecurityManager.idl
@@ -246,6 +246,9 @@ interface nsIScriptSecurityManager : nsISupports
      */
     nsIPrincipal getChannelURIPrincipal(in nsIChannel aChannel);
 
+    const unsigned long NO_APP_ID = 0;
+    const unsigned long UNKNOWN_APP_ID = 4294967295; // UINT32_MAX
+
     const unsigned long DEFAULT_USER_CONTEXT_ID = 0;
 
     /**

diff --git a/caps/tests/gtest/TestOriginAttributes.cpp b/caps/tests/gtest/TestOriginAttributes.cpp
@@ -34,9 +34,15 @@ TEST(OriginAttributes, Suffix_default)
   TestSuffix(attrs);
 }
 
-TEST(OriginAttributes, Suffix_inIsolatedMozBrowser)
+TEST(OriginAttributes, Suffix_appId_inIsolatedMozBrowser)
 {
-  OriginAttributes attrs(true);
+  OriginAttributes attrs(1, true);
+  TestSuffix(attrs);
+}
+
+TEST(OriginAttributes, Suffix_maxAppId_inIsolatedMozBrowser)
+{
+  OriginAttributes attrs(4294967295, true);
   TestSuffix(attrs);
 }