Closed
Bug 1478441
Opened 6 years ago
Closed 6 years ago
Introduce nsIURIWithSpecialOrigin for Thunderbird to replace nsIURIWithPrincipal which was removed in bug 1228139
Categories
(Core :: Networking, enhancement, P5)
Core
Networking
Tracking
()
RESOLVED
FIXED
mozilla63
Tracking | Status | |
---|---|---|
firefox63 | --- | fixed |
People
(Reporter: jorgk-bmo, Assigned: jorgk-bmo)
Details
(Whiteboard: [necko-triaged][Thunderbird-testfailure: Z all][Thunderbird-disabled-test][Thunderbird-temporary-fix])
Attachments
(4 files, 15 obsolete files)
5.50 KB,
patch
|
Details | Diff | Splinter Review | |
2.66 KB,
patch
|
Details | Diff | Splinter Review | |
17.35 KB,
patch
|
jorgk-bmo
:
review+
|
Details | Diff | Splinter Review |
11.03 KB,
patch
|
baku
:
review+
|
Details | Diff | Splinter Review |
Usage of nsIURIWithPrincipal was introduced in Mailnews in bug 1347598 when its removal was already on the books in bug 1228139 :-( I understand that to solve the <img crossorigin="anonymous" ...> problem, we were relying on the code that just got removed here: https://hg.mozilla.org/mozilla-central/rev/09917998d963#l1.36 or https://hg.mozilla.org/mozilla-central/rev/09917998d963#l2.56 Boris, can you please suggest a replacement. Meanwhile I'll have to do whatever emergency surgery that is necessary to get us compiling again.
Flags: needinfo?(bzbarsky)
Assignee | ||
Updated•6 years ago
|
Keywords: leave-open
Comment 1•6 years ago
|
||
Andrea? Note that this is an _implementation_ of nsIURIWithPrincipal that is not blob, so I'm not sure there's a way to do this right now after bug 1228139 landed...
Flags: needinfo?(bzbarsky) → needinfo?(amarchesini)
Assignee | ||
Comment 2•6 years ago
|
||
Well, if you want to stick with the removal of nsIURIWithPrincipal, you might need some conditional code in ContentPrincipal.cpp. Something like #ifdef MOZ_THUNDERBIRD nsCOMPtr<nsIMsgMailNewsUrl> uriWithPrincipal = do_QueryInterface(origin); if (uriWithPrincipal) { nsCOMPtr<nsIPrincipal> uriPrincipal; rv = uriWithPrincipal->GetPrincipal(getter_AddRefs(uriPrincipal)); NS_ENSURE_SUCCESS(rv, rv); return uriPrincipal->GetOriginNoSuffix(aOriginNoSuffix); } #endif Intolerable, right? Let alone the problem to get to nsIMsgMailNewsUrl.
Assignee | ||
Comment 3•6 years ago
|
||
This would be the emergency surgery. I could add readonly attribute nsIPrincipal principal; readonly attribute nsIURI principalUri; to nsIMsgMailNewsUrl.idl to maintain the getter functions, but there's no point since no one would call them.
Assignee | ||
Updated•6 years ago
|
Attachment #8994944 -
Attachment description: 1478441-part1.patch - emegency surgery → 1478441-part1.patch - emergency surgery
Comment 4•6 years ago
|
||
Well, the other option is something similar to ORIGIN_IS_FULL_SPEC but that delegates some sort of complex checking to the URI impl. And another option is to change mailbox: URIs to be nsIStandardURL, with per-message hostnames, and then just remove the ORIGIN_IS_FULL_SPEC thing and have them do security checks like any other hostname-based URI.
Pushed by mozilla@jorgk.com: https://hg.mozilla.org/comm-central/rev/7ee9f9040488 Port 1228139: Replace use of nsIURIWithPrincipal, part 1, emergency measures. rs=bustage-fix
Assignee | ||
Comment 6•6 years ago
|
||
OK, I've just extinguished the fire, so now let's see what to do with the debris ;-( Boris, thanks for comment #4, sadly I'm not an expert on any of that, but since the departure of Kent, the last man standing. So let's see. Looks like we already do ORIGIN_IS_FULL_SPEC, see: https://searchfox.org/mozilla-central/rev/bdfd20ef30d521b57d5b6feeda71325e8b4cad66/netwerk/base/nsIProtocolHandler.idl#19 So I don't know what "something similar to ORIGIN_IS_FULL_SPEC" is meant to mean. The next option is to change our mailbox: URIs, which are mostly like file: URIs to include a hostname? We (sadly) already have various formats (quoting from some old bugs): mailbox://tbtest@example.com@server.de/Inbox?number=1 mailbox:///C:/Users/jorgk/AppData/Roaming/Thunderbird/Profiles/5gfhfw7f.POP%20tbtest/Mail/server.de/Inbox?number=1 and there's also mailbox://nobody@Local%20Folders/xxx and mailbox:///C:/Users/jorgk/AppData/Local/Temp/nsmail-13.eml&number=0 for single messages. Making any changes there would be a major operation. So what's at the base of the <img crossorigin="anonymous" ...> we tried to solve in the first place?
Assignee | ||
Comment 7•6 years ago
|
||
I think I remember it now. Since the origin is the full spec, so with all the little bits and pieces Mailnews adds, there is no chance that Gecko can do any decent security checks. That's why we introduced the "principal spec" which was a normalised spec without the disturbing bits, and that was retrieved via nsIURIWithPrincipal. Anyway, something along those lines. But even if I added a server/hostname, it would be hard to do for local folders. They would all get the same server, well, unless I invent a "per folder" server. Oh, you even talked about a "per-message hostname" in comment #4. So something like: mailbox://nobody@msg1.fake/C:/Users/jorgk/etc/Inbox?number=1 That's certainly a big ask. And we're only talking mailbox: here? There are IMAP messages with imap:// URLs. They already have a server, but you don't want one message on the server to get access to other messages on the same server. So there you'd need a "real" server to address the message and a "fake" per-message hostname for security checking? Hmm. It was certainly more handy to be able to tell Gecko which spec to use for the checks.
Comment 8•6 years ago
|
||
> mailbox://nobody@msg1.fake/C:/Users/jorgk/etc/Inbox?number=1 Well. You could do something like, using your examples from comment 6: mailbox://tbtest%40example.com%40server.de%2FInbox%3Fnumber%3D1 mailbox://%2FC%3A%2FUsers%2Fjorgk%2FAppData%2FRoaming%2FThunderbird%2FProfiles%2F5gfhfw7f.POP%2520tbtest%2FMail%2Fserver.de%2FInbox%3Fnumber%3D1 mailbox://nobody%40Local%2520Folders%2Fxxx As in, take the entire bit after "//", or just the "principal spec" part, escape it, and use the result as the hostname. > And we're only talking mailbox: here? Presumably whichever things currently implement nsIURIWithPrincipal... For imap:// there might be complication here, I agree. I think we should see what Andrea says.
Assignee | ||
Comment 9•6 years ago
|
||
Comment 10•6 years ago
|
||
I thought I had submitted this.... > So I don't know what "something similar to ORIGIN_IS_FULL_SPEC" is meant to mean. I mean another flag, that says "for this URI, ask it directly whether the two URIs are same-origin or not" or some such. This would presumably need a new interface such URIs would need to implement; whether that's something we really want is unclear. > The next option is to change our mailbox: URIs, which are mostly like file: URIs to include a hostname? Yes. Fundamentally, the web security model is built around hostnames. So the simplest way to get security boundaries is to make them look like hostnames. > Making any changes there would be a major operation. Sure.
Comment 11•6 years ago
|
||
Pushed by mozilla@jorgk.com: https://hg.mozilla.org/comm-central/rev/37be8758d57e Part 2: disable failing test test-image-display.js. rs=bustage-fix
Assignee | ||
Updated•6 years ago
|
Whiteboard: [Thunderbird-testfailure: Z all][Thunderbird-disabled-test][Thunderbird-temporary-fix]
Assignee | ||
Comment 12•6 years ago
|
||
I need to head out for a few hours, so I thought I'll present my idea as a WIP. I didn't get it compiled yet, somehow the derived class nsMsgMailNewsUrl doesn't appear to see the method to override it. Anyway, perhaps something along these lines can work. No word from Andrea yet.
Attachment #8995174 -
Flags: feedback?(bzbarsky)
Assignee | ||
Comment 13•6 years ago
|
||
I wrestled a bit with the compiler. The problem is that #if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE) #define IS_ORIGIN_IS_FULL_SPEC_DEFINED 1 #endif is in nsIProtocolHandler.idl and that's not included everywhere. So for now I duplicated this. So far it compiles. Changing nsIURI.idl is no fun since it recompiles half the system. I'll ask for review when I have the C-C part.
Assignee: nobody → jorgk
Attachment #8995174 -
Attachment is obsolete: true
Status: NEW → ASSIGNED
Attachment #8995174 -
Flags: feedback?(bzbarsky)
Assignee | ||
Comment 14•6 years ago
|
||
This is the C-C part. However, I can't test it since the program doesn't even start, not even with only the M-C patch applied. So those M-C changes are pretty destructive. The debug console says: [5900, Unnamed thread 193be60c800] WARNING: XPCOM objects created/destroyed from static ctor/dtor: file c:/mozilla-source/comm-central/xpcom/base/nsTraceRefcnt.cpp, line 209 [5900, Main Thread] WARNING: NS_ENSURE_SUCCESS_VOID(rv) failed with result 0x80520012: file c:/mozilla-source/comm-central/dom/base/nsFrameMessageManager.cpp, line 1381 [5900, Main Thread] WARNING: CheckLinkStatus called on main thread! No check performed. Assuming link is up, status is unknown.: file c:/mozilla-source/comm-central/netwerk/system/win32/nsNotifyAddrListener.cpp, line 710 What is so destructive about that I'm doing. Boris, could you take a look please.
Flags: needinfo?(bzbarsky)
Assignee | ||
Comment 15•6 years ago
|
||
That seems like a false alarm. Here are the equivalent lines when running without the M-C patch: [10940, Main Thread] WARNING: CheckLinkStatus called on main thread! No check performed. Assuming link is up, status is unknown.: file c:/mozilla-source/comm-central/netwerk/system/win32/nsNotifyAddrListener.cpp, line 710 [10940, Main Thread] WARNING: NS_ENSURE_SUCCESS(rv, rv) failed with result 0x80040111: file c:/mozilla-source/comm-central/netwerk/protocol/res/SubstitutingProtocolHandler.cpp, line 342
Comment 16•6 years ago
|
||
> What is so destructive about that I'm doing
Well, you're adding stuff to the nsIURI vtable that is in a C++ block, but xpconnect doesn't know about it. That will make calls through xpconnect into any idl API that inherits from nsIURI jump off into lala-land. That includes nsIMozIconURI and nsIURL.
That's my best guess for what's going wrong, at least.
Flags: needinfo?(bzbarsky)
Assignee | ||
Comment 17•6 years ago
|
||
Thanks, yes, that sounds plausible. So how to fix that damage? And what about the approach in general?
Comment 18•6 years ago
|
||
Don't change nsIURI. Add a new interface or something and QI to it...
Assignee | ||
Comment 19•6 years ago
|
||
(In reply to Boris Zbarsky [:bz] (no decent commit message means r-) from comment #18) > Don't change nsIURI. Add a new interface or something and QI to it... OK. So we basically add parts of what was removed back again. Call it nsIURIWithPrincipal? ;-) - Then I can just back out the C-C patches and everything will work again.
Comment 20•6 years ago
|
||
Again, please talk to Andrea.
Assignee | ||
Comment 21•6 years ago
|
||
This restores the bits we need.
Attachment #8995293 -
Attachment is obsolete: true
Attachment #8995306 -
Attachment is obsolete: true
Attachment #8995359 -
Flags: review?(bzbarsky)
Assignee | ||
Comment 22•6 years ago
|
||
Fixed ugly variable name. Sorry 'bout the noise.
Attachment #8995359 -
Attachment is obsolete: true
Attachment #8995359 -
Flags: review?(bzbarsky)
Attachment #8995360 -
Flags: review?(bzbarsky)
Assignee | ||
Comment 23•6 years ago
|
||
Typo in Mailnews :-( - Sorry again about more noise.
Attachment #8995361 -
Flags: review?(bzbarsky)
Assignee | ||
Updated•6 years ago
|
Attachment #8995360 -
Attachment is obsolete: true
Attachment #8995360 -
Flags: review?(bzbarsky)
Assignee | ||
Comment 24•6 years ago
|
||
Comment on attachment 8995361 [details] [diff] [review] 1478441-restore-nsIURIWithPrincipal.patch (v1c) Well, no word from Andrea. Maybe he'll react to a review request.
Attachment #8995361 -
Flags: review?(amarchesini)
Comment 25•6 years ago
|
||
Comment on attachment 8995361 [details] [diff] [review] 1478441-restore-nsIURIWithPrincipal.patch (v1c) Andrea should review this.
Attachment #8995361 -
Flags: review?(bzbarsky)
Assignee | ||
Comment 26•6 years ago
|
||
Attachment #8995361 -
Attachment is obsolete: true
Attachment #8995361 -
Flags: review?(amarchesini)
Flags: needinfo?(amarchesini)
Attachment #8995442 -
Flags: review?(amarchesini)
Assignee | ||
Comment 27•6 years ago
|
||
Note that there is already code in M-C to support Thunderbird's URLs: https://searchfox.org/mozilla-central/search?q=IS_ORIGIN_IS_FULL_SPEC_DEFINED&case=false®exp=false&path= So restoring previously removed code protected with a conditional compile shouldn't be a problem, IMHO. Not having this code regresses bug 1347598. Fixing the issue any other way would entail significant effort and great risk.
Component: General → Networking
Product: MailNews Core → Core
Summary: Port 1228139: Replace use of nsIURIWithPrincipal → Restore parts of nsIURIWithPrincipal which was removed in bug 1228139
Version: 60 → 60 Branch
Assignee | ||
Updated•6 years ago
|
Version: 60 Branch → Trunk
Comment 28•6 years ago
|
||
Comment on attachment 8995442 [details] [diff] [review] 1478441-restore-nsIURIWithPrincipal.patch (v1c) - changed reviewer Review of attachment 8995442 [details] [diff] [review]: ----------------------------------------------------------------- ::: netwerk/base/nsIURIWithPrincipal.idl @@ +10,5 @@ > + * nsIURIWithPrincipal is implemented by URIs which are associated with a > + * specific principal. This is exclusively used in comm-central's Mailnews module. > + */ > +[scriptable, builtinclass, uuid(626a5c0c-bfd8-4531-8b47-a8451b0daa33)] > +interface nsIURIWithPrincipal : nsISupports Sorry, I was in PTO Thursday and Friday. This patch re-introduce nsIURIWithPrincipal just in a couple of places. You should probably restore these too: https://dxr.mozilla.org/mozilla-beta/rev/fc0a1b63ccc727f9cb4ed424d3ac88e86529fc46/caps/NullPrincipal.cpp#184 https://dxr.mozilla.org/mozilla-beta/rev/fc0a1b63ccc727f9cb4ed424d3ac88e86529fc46/netwerk/base/nsNetUtil.cpp#2520 Probably Thunderbird doesn't use first-party-isolation. Ignore this: https://dxr.mozilla.org/mozilla-beta/rev/fc0a1b63ccc727f9cb4ed424d3ac88e86529fc46/caps/OriginAttributes.cpp#67 There are 2 reasons why I wanted/want to remove nsIURIWithPrincipal: 1. in firefox, this is used only for blobURLs and I don't want to implement 'remote' blobURLs for content processes: a blobURL doesn't know its principal/blobImpl until it's opened for real. 2. We want to make nsIURI and nsIPrincipal thread-safe objects. nsIURI is partially thread-safe (the CTOR must be executed on the main-thread). nsIPrincipal is not thread-safe at all. It's easier to make them thread-safe if there is not an interface that 'links' the 2 objects. Here my idea: it seems that you don't really care about the principal if you can have the origin as nsIURI. You need to extra part of the mailbox: URL and consider it as 'origin'. What about if you introduce something like: interface nsIURIWithSpecialOrigin { readonly nsIURI origin; } This should not require a huge refactoring of how thunderbird deals with mailbox: URLs. Could it work? I'm online on IRC if you want to discuss this issue more.
Attachment #8995442 -
Flags: review?(amarchesini) → review-
Assignee | ||
Comment 29•6 years ago
|
||
Thank you for the detailed answer. (In reply to Andrea Marchesini [:baku] from comment #28) > You should probably restore these too: I restored what made our test pass ;-) > Here my idea: it seems that you don't really care about the principal if you > can have the origin as nsIURI. You need to extra part of the mailbox: URL > and consider it as 'origin'. ... Could it work? Looks doable. I'll look into it during the "night shift" ;-) > I'm online on IRC if you want to discuss this issue more. Let me explore your idea.
Assignee | ||
Updated•6 years ago
|
Summary: Restore parts of nsIURIWithPrincipal which was removed in bug 1228139 → Introduce nsIURIWithSpecialOrigin for Thunderbird to replace nsIURIWithPrincipal which was removed in bug 1228139
Assignee | ||
Comment 30•6 years ago
|
||
Something like this? Should I still add the bits in NullPrincipal.cpp and nsNetUtil.cpp you poineted out in comment #28.
Attachment #8995442 -
Attachment is obsolete: true
Attachment #8995912 -
Flags: feedback?(amarchesini)
Assignee | ||
Comment 31•6 years ago
|
||
This is the C-C part. Compiles and works ;-) We should rename GetPrincipalSpec() to GetNormalizedSpec(), but that's another story.
Comment 32•6 years ago
|
||
Comment on attachment 8995912 [details] [diff] [review] 1478441-nsIURIWithSpecialOrigin.patch - WIP (v1) Review of attachment 8995912 [details] [diff] [review]: ----------------------------------------------------------------- Yes. Thanks.
Attachment #8995912 -
Flags: feedback?(amarchesini) → feedback+
Assignee | ||
Comment 33•6 years ago
|
||
(In reply to Jorg K (GMT+2) from comment #30) > Should I still add the bits in NullPrincipal.cpp and nsNetUtil.cpp you pointed out in comment #28?
Comment 34•6 years ago
|
||
(In reply to Jorg K (GMT+2) from comment #33) > (In reply to Jorg K (GMT+2) from comment #30) > > Should I still add the bits in NullPrincipal.cpp and nsNetUtil.cpp you pointed out in comment #28? Yes. that is needed. In particular nsNetUtil.cpp where we check if 2 URLs can load each other.
Assignee | ||
Comment 35•6 years ago
|
||
This is the C-C part. It needs to be applied on to of a backout of the "emergency measures" landed as revision 7ee9f9040488. I did it this way so the transition from nsIURIWithPrincipal with nsIURIWithSpecialOrigin is clearly visible.
Attachment #8995915 -
Attachment is obsolete: true
Assignee | ||
Comment 36•6 years ago
|
||
OK, I've added the parts in NullPrincipal.cpp and nsNetUtil.cpp. Hard to tell for me whether I got this right. Here's a try run with the M-C and C-C patches applied: https://hg.mozilla.org/try/rev/ae848c8f3284449011653d11d1ce2b3887c15ecb (M-C) used by https://treeherder.mozilla.org/#/jobs?repo=try-comm-central&revision=5bb85f23de2234a175ae7860ea4609a4fa1e33d8 (The trick is in modifying .taskcluster.yml to point to that revision on M-C try.)
Attachment #8995912 -
Attachment is obsolete: true
Attachment #8995961 -
Flags: review?(amarchesini)
Assignee | ||
Updated•6 years ago
|
Attachment #8995948 -
Flags: review?(amarchesini)
Comment 37•6 years ago
|
||
Comment on attachment 8995961 [details] [diff] [review] 1478441-nsIURIWithSpecialOrigin.patch - M-C part (v2) Review of attachment 8995961 [details] [diff] [review]: ----------------------------------------------------------------- ::: netwerk/base/nsIURIWithSpecialOrigin.idl @@ +17,5 @@ > + * Special origin. > + */ > + readonly attribute nsIURI origin; > +}; > + no extra line here.
Attachment #8995961 -
Flags: review?(amarchesini) → review+
Comment 38•6 years ago
|
||
Comment on attachment 8995948 [details] [diff] [review] 1478441-use-nsIURIWithSpecialOrigin.patch - C-C part (v2) Review of attachment 8995948 [details] [diff] [review]: ----------------------------------------------------------------- good. Thanks!
Attachment #8995948 -
Flags: review?(amarchesini) → review+
Comment 39•6 years ago
|
||
Comment on attachment 8995961 [details] [diff] [review] 1478441-nsIURIWithSpecialOrigin.patch - M-C part (v2) Review of attachment 8995961 [details] [diff] [review]: ----------------------------------------------------------------- You want to change nsContentUtil::GetUTFOrigin (2 methods). Separate patch?
Assignee | ||
Comment 40•6 years ago
|
||
I've modified nsContentUtils::GetUTFOrigin(nsIURI* aURI, nsAString& aOrigin). The new IDL file accidentally had Windows CRLF line endings in the previous patch, so the compile totally failed. Here we go again: https://treeherder.mozilla.org/#/jobs?repo=try-comm-central&revision=d3b50ffce01cf87d9630ece34974522951b2aed9
Attachment #8995961 -
Attachment is obsolete: true
Attachment #8996021 -
Flags: review?(amarchesini)
Assignee | ||
Comment 41•6 years ago
|
||
Moved variable down a bit, sorry about the noise.
Attachment #8996021 -
Attachment is obsolete: true
Attachment #8996021 -
Flags: review?(amarchesini)
Attachment #8996023 -
Flags: review?(amarchesini)
Assignee | ||
Comment 42•6 years ago
|
||
More noise ;-( - I've been thinking whether those new hunks should do some error checking, but since most of the functions to which I'm adding don't return a status, checking the origin URI or checking the status is the same. In nsContentUtils::GetUTFOrigin() returns a result, so I'm checking the status there.
Attachment #8996023 -
Attachment is obsolete: true
Attachment #8996023 -
Flags: review?(amarchesini)
Attachment #8996035 -
Flags: review?(amarchesini)
Assignee | ||
Comment 43•6 years ago
|
||
So this is the new unreviewed bit that wasn't in (v2) which had r+: https://bugzilla.mozilla.org/attachment.cgi?oldid=8995961&action=interdiff&newid=8996035&headers=1 The try run is "green" BTW, so this isn't doing any damage.
Assignee | ||
Comment 44•6 years ago
|
||
Changed "normalised" (British English) to "normalized" (US English) for consistency with the function name.
Attachment #8995948 -
Attachment is obsolete: true
Attachment #8996041 -
Flags: review+
Comment 45•6 years ago
|
||
Comment on attachment 8996035 [details] [diff] [review] 1478441-nsIURIWithSpecialOrigin.patch - M-C part (v3c) Review of attachment 8996035 [details] [diff] [review]: ----------------------------------------------------------------- ::: caps/NullPrincipal.cpp @@ +194,5 @@ > + RefPtr<BasePrincipal> principal = BasePrincipal::CreateCodebasePrincipal(origin, attrs); > + return principal == this; > + } > + } > +#endif Actually, this block is wrong, because you are creating a new principal and that is different than 'this' for sure. Remove this block. In general, you don't have nullprincipal for mailbox: URL, right? ::: dom/base/nsContentUtils.cpp @@ +6350,5 @@ > + // Check if either URI has a special origin. > + nsCOMPtr<nsIURIWithSpecialOrigin> uriWithSpecialOrigin = do_QueryInterface(aURI); > + if (uriWithSpecialOrigin) { > + nsCOMPtr<nsIURI> origin; > + nsresult rv2 = uriWithSpecialOrigin->GetOrigin(getter_AddRefs(origin)); why rv2? maybe add: nsresult rv; at the beginning of the method and use rv here and at line 6362. ::: netwerk/base/nsNetUtil.cpp @@ +2487,5 @@ > + // Check if either URI has a special origin. > + nsCOMPtr<nsIURI> origin; > + nsCOMPtr<nsIURIWithSpecialOrigin> uriWithSpecialOrigin = do_QueryInterface(sourceBaseURI); > + if (uriWithSpecialOrigin) { > + uriWithSpecialOrigin->GetOrigin(getter_AddRefs(origin)); nsresult rv = ... if (NS_WARN_IF(NS_FAILED(rv))) { return false; } MOZ_ASSERT(origin); @@ +2488,5 @@ > + nsCOMPtr<nsIURI> origin; > + nsCOMPtr<nsIURIWithSpecialOrigin> uriWithSpecialOrigin = do_QueryInterface(sourceBaseURI); > + if (uriWithSpecialOrigin) { > + uriWithSpecialOrigin->GetOrigin(getter_AddRefs(origin)); > + if (origin) {} @@ +2493,5 @@ > + sourceBaseURI = origin; > + } > + uriWithSpecialOrigin = do_QueryInterface(targetBaseURI); > + if (uriWithSpecialOrigin) { > + uriWithSpecialOrigin->GetOrigin(getter_AddRefs(origin)); same here.
Attachment #8996035 -
Flags: review?(amarchesini) → review+
Assignee | ||
Comment 46•6 years ago
|
||
Thanks. Following the same scheme, shouldn't the code in ContentPrincipal.cpp be like this for consistency? +#if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE) + nsCOMPtr<nsIURIWithSpecialOrigin> uriWithSpecialOrigin = do_QueryInterface(aURI); + if (uriWithSpecialOrigin) { + nsCOMPtr<nsIURI> origin; + rv = uriWithSpecialOrigin->GetOrigin(getter_AddRefs(origin)); + if (NS_WARN_IF(NS_FAILED(rv))) { + return false; + } + MOZ_ASSERT(origin); + OriginAttributes attrs; + RefPtr<BasePrincipal> principal = BasePrincipal::CreateCodebasePrincipal(origin, attrs); + return nsIPrincipal::Subsumes(principal); + } +#endif And in BasePrincipal.cpp: +#if defined(MOZ_THUNDERBIRD) || defined(MOZ_SUITE) + nsCOMPtr<nsIURIWithSpecialOrigin> uriWithSpecialOrigin = do_QueryInterface(aURI); + if (uriWithSpecialOrigin) { + nsCOMPtr<nsIURI> origin; + rv = uriWithSpecialOrigin->GetOrigin(getter_AddRefs(origin)); + if (NS_WARN_IF(NS_FAILED(rv))) { + return nullptr; + } + MOZ_ASSERT(origin); + OriginAttributes attrs; + RefPtr<BasePrincipal> principal = CreateCodebasePrincipal(origin, attrs); + return principal.forget(); + } +#endif Not ideal to return a nullptr there, but there's a NS_ENSURE_SUCCESS(rv, nullptr); later in the code. Thanks for your patience!
Flags: needinfo?(amarchesini)
Assignee | ||
Comment 47•6 years ago
|
||
Addressed review issues from comment #45. Carrying forward :baku's r+.
Attachment #8996035 -
Attachment is obsolete: true
Attachment #8996399 -
Flags: review+
Assignee | ||
Comment 48•6 years ago
|
||
Here's a version which changes the error handling as per my comment #46. Andreas, please do an interdiff to v4 and then pick the one you prefer.
Flags: needinfo?(amarchesini)
Attachment #8996403 -
Flags: review?(amarchesini)
Assignee | ||
Comment 49•6 years ago
|
||
Sorry, Andrea, no "s".
Updated•6 years ago
|
Priority: -- → P5
Whiteboard: [Thunderbird-testfailure: Z all][Thunderbird-disabled-test][Thunderbird-temporary-fix] → [necko-triaged][Thunderbird-testfailure: Z all][Thunderbird-disabled-test][Thunderbird-temporary-fix]
Comment 50•6 years ago
|
||
Comment on attachment 8996403 [details] [diff] [review] 1478441-nsIURIWithSpecialOrigin.patch - M-C part (v5) Review of attachment 8996403 [details] [diff] [review]: ----------------------------------------------------------------- Thanks!
Attachment #8996403 -
Flags: review?(amarchesini) → review+
Assignee | ||
Updated•6 years ago
|
Attachment #8996399 -
Attachment is obsolete: true
Assignee | ||
Comment 51•6 years ago
|
||
Thank you, Andrea! Making sure it compiles for FF not get into trouble with the sheriffs ;-) https://treeherder.mozilla.org/#/jobs?repo=try&revision=34381248c3b1d1e724425365e814a00e0ade71fc And a last try run for TB: https://treeherder.mozilla.org/#/jobs?repo=try-comm-central&revision=f184b489c1d53540492de170730cba65ec8d6bfa
Assignee | ||
Comment 52•6 years ago
|
||
Dear Sheriff, please check in "1478441-nsIURIWithSpecialOrigin.patch - M-C part (v5)". I'll handle the C-C part myself. Thanks you. P.S.: I had to repeat the try for TB, successful here: https://treeherder.mozilla.org/#/jobs?repo=try-comm-central&revision=a2f531fb566c374f96fd7182a79f6385b610d14b
Keywords: leave-open → checkin-needed
Comment 53•6 years ago
|
||
Pushed by dluca@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/01533e166085 Introduce nsIURIWithSpecialOrigin needed for Thunderbird. r=baku
Keywords: checkin-needed
Comment 54•6 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/01533e166085
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
status-firefox63:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla63
Comment 55•6 years ago
|
||
Pushed by mozilla@jorgk.com: https://hg.mozilla.org/comm-central/rev/071b02e0acfd Backed out changeset 37be8758d57e to re-enable tests. a=backout https://hg.mozilla.org/comm-central/rev/d5c25d3deed9 Backed out emergency measures from changeset 7ee9f9040488. a=backout https://hg.mozilla.org/comm-central/rev/1c28beaa36fb Replace nsIURIWithPrincipal with nsIURIWithSpecialOrigin. r=baku
You need to log in
before you can comment on or make changes to this bug.
Description
•