Closed Bug 336303 Opened 18 years ago Closed 18 years ago

[FIX]nsPrincipal::GetOrigin should dig into nested URIs

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla1.9alpha1

People

(Reporter: bzbarsky, Assigned: bzbarsky)

References

Details

(Keywords: fixed1.8.0.15, verified1.8.1.13)

Attachments

(2 files, 2 obsolete files)

Proposed fix 18 years ago Boris Zbarsky [:bzbarsky] 6.33 KB, patch	dveditz : review+	Details \| Diff \| Splinter Review
Er, yes. ;) 18 years ago Boris Zbarsky [:bzbarsky] 4.77 KB, patch	jst : superreview+	Details \| Diff \| Splinter Review
With all parts really there 18 years ago Boris Zbarsky [:bzbarsky] 7.17 KB, patch		Details \| Diff \| Splinter Review
1.8 branch version 16 years ago Daniel Veditz [:dveditz] 6.79 KB, patch	bzbarsky : review+ bzbarsky : superreview+ samuel.sidler+old : approval1.8.1.13+ caillon : approval1.8.0.next+	Details \| Diff \| Splinter Review

Boris Zbarsky [:bzbarsky]

Assignee

Description

•

18 years ago

That would allow us to remove the "ugly manual de-nesting of jar: in
nsScriptSecurityManager::LookupPolicy".

Boris Zbarsky [:bzbarsky]

Assignee

Updated

•

18 years ago

Blocks: 327241

Boris Zbarsky [:bzbarsky]

Assignee

Updated

•

18 years ago

Depends on: 334407

Boris Zbarsky [:bzbarsky]

Assignee

Comment 1

•

18 years ago

Attached patch Proposed fix (obsolete) — Details — Splinter Review

I checked the GetOrigin callers.  All except for GetCodebasePrincipal are just fine with this change; I believe GetCodebasePrincipal is fine too.

Attachment #220558 - Flags: superreview?(jst)

Attachment #220558 - Flags: review?(dveditz)

Boris Zbarsky [:bzbarsky]

Assignee

Updated

•

18 years ago

Priority: -- → P2

Summary: nsPrincipal::GetOrigin should dig into nested URIs → [FIX]nsPrincipal::GetOrigin should dig into nested URIs

Target Milestone: --- → mozilla1.9alpha

Daniel Veditz [:dveditz]

Comment 2

•

18 years ago

Comment on attachment 220558 [details] [diff] [review]
Proposed fix

presumably there's a caps/include/nsPrincipal.h patch that adds the mOrigin member?

r=dveditz

Attachment #220558 - Flags: review?(dveditz) → review+

Boris Zbarsky [:bzbarsky]

Assignee

Comment 3

•

18 years ago

Attached patch Er, yes. ;) (obsolete) — Details — Splinter Review

Attachment #220558 - Attachment is obsolete: true

Attachment #220780 - Flags: superreview?(jst)

Attachment #220558 - Flags: superreview?(jst)

Johnny Stenback (:jst)

Comment 4

•

18 years ago

Comment on attachment 220780 [details] [diff] [review]
Er, yes.  ;)

sr=jst

Attachment #220780 - Flags: superreview?(jst) → superreview+

Boris Zbarsky [:bzbarsky]

Assignee

Comment 5

•

18 years ago

Attached patch With all parts really there — Details — Splinter Review

Attachment #220780 - Attachment is obsolete: true

Boris Zbarsky [:bzbarsky]

Assignee

Comment 6

•

18 years ago

Fixed.

Status: NEW → RESOLVED

Closed: 18 years ago

Resolution: --- → FIXED

Daniel Veditz [:dveditz]

Updated

•

16 years ago

Blocks: CVE-2008-1195

Flags: blocking1.8.1.13+

Daniel Veditz [:dveditz]

Comment 7

•

16 years ago

Attached patch 1.8 branch version — Details — Splinter Review

Attachment #308264 - Flags: superreview?(bzbarsky)

Attachment #308264 - Flags: review?(bzbarsky)

Attachment #308264 - Flags: approval1.8.1.13?

Boris Zbarsky [:bzbarsky]

Assignee

Comment 8

•

16 years ago

Comment on attachment 308264 [details] [diff] [review]
1.8 branch version

Looks good. r+sr=bzbarsky

Attachment #308264 - Flags: superreview?(bzbarsky)

Attachment #308264 - Flags: superreview+

Attachment #308264 - Flags: review?(bzbarsky)

Attachment #308264 - Flags: review+

Samuel Sidler (old account; do not CC)

Comment 9

•

16 years ago

Comment on attachment 308264 [details] [diff] [review]
1.8 branch version

Approved for 1.8.1.13. a=ss

Attachment #308264 - Flags: approval1.8.1.13? → approval1.8.1.13+

Daniel Veditz [:dveditz]

Comment 10

•

16 years ago

Fix checked into 1.8 branch

Flags: blocking1.8.0.15?

Keywords: fixed1.8.1.13

Daniel Veditz [:dveditz]

Comment 11

•

16 years ago

qa: this can be tested with the test case in bug 402995

Christopher Aillon (sabbatical, not receiving bugmail)

Updated

•

16 years ago

Flags: blocking1.8.0.15? → blocking1.8.0.15+

Christopher Aillon (sabbatical, not receiving bugmail)

Updated

•

16 years ago

Attachment #308264 - Flags: approval1.8.0.15?

Christopher Aillon (sabbatical, not receiving bugmail)

Comment 12

•

16 years ago

Comment on attachment 308264 [details] [diff] [review]
1.8 branch version

a=caillon for the 1.8.0 branch

Attachment #308264 - Flags: approval1.8.0.15? → approval1.8.0.15+

Al Billings [:abillings - ex-MoCo]

Comment 13

•

16 years ago

I verified bug 402995 using Firefox 2.0.0.12 on Ubuntu 7.10 with JRE 1.6.0_03-b05.
I then validated the fix for 402995 using Mozilla/5.0 (X11; U; Linux i686; en-US;
rv:1.8.1.13) Gecko/2008031115 Firefox/2.0.0.13, which is the RC1 for 2.0.0.13.
The bug no longer reproduces in either of the jar: versions. 

Marking as verified for 1.8.1.13

Keywords: fixed1.8.1.13 → verified1.8.1.13

Reed Loden [:reed]

Comment 14

•

16 years ago

MOZILLA_1_8_0_BRANCH:

Checking in caps/include/nsPrincipal.h;
/cvsroot/mozilla/caps/include/nsPrincipal.h,v  <--  nsPrincipal.h
new revision: 1.17.10.1; previous revision: 1.17
done
Checking in caps/src/nsPrincipal.cpp;
/cvsroot/mozilla/caps/src/nsPrincipal.cpp,v  <--  nsPrincipal.cpp
new revision: 1.37.2.1.2.2; previous revision: 1.37.2.1.2.1
done
Checking in caps/src/nsScriptSecurityManager.cpp;
/cvsroot/mozilla/caps/src/nsScriptSecurityManager.cpp,v  <--  nsScriptSecurityManager.cpp
new revision: 1.266.2.7.2.13; previous revision: 1.266.2.7.2.12
done

Keywords: fixed1.8.0.15

You need to log in before you can comment on or make changes to this bug.