Bug 1687890: Relax Principal Validation in Content Parent until we have Telemetry Pings r=nika (bb776a03) · Commits · The Tor Project / Applications / Tor Browser

dom/ipc/ContentParent.cpp

+37 −20

Original line number	Diff line number	Diff line
		@@ -1297,6 +1297,27 @@ mozilla::ipc::IPCResult ContentParent::RecvUngrabPointer(
		#endif
		}

		static void LogFailedPrincipalValidationInfo(nsIPrincipal* aPrincipal,
		const char* aMethod) {
		// no need to do the dance if logging is disabled
		if (MOZ_LOG_TEST(ContentParent::GetLog(), LogLevel::Error)) {
		nsAutoCString spec;
		if (!aPrincipal) {
		spec.AssignLiteral("NullPtr");
		} else if (aPrincipal->IsSystemPrincipal()) {
		spec.AssignLiteral("SystemPrincipal");
		} else if (aPrincipal->GetIsExpandedPrincipal()) {
		spec.AssignLiteral("ExpandedPrincipal");
		} else if (aPrincipal->GetIsContentPrincipal()) {
		aPrincipal->GetSpec(spec);
		}

		MOZ_LOG(ContentParent::GetLog(), LogLevel::Error,
		(" Receiving unexpected Principal (%s) within %s", spec.get(),
		aMethod));
		}
		}

		bool ContentParent::ValidatePrincipal(
		nsIPrincipal* aPrincipal,
		const EnumSet<ValidatePrincipalOptions>& aOptions) {
		@@ -1397,7 +1418,7 @@ mozilla::ipc::IPCResult ContentParent::RecvRemovePermission(
		const IPC::Principal& aPrincipal, const nsCString& aPermissionType,
		nsresult* aRv) {
		if (!ValidatePrincipal(aPrincipal)) {
		return IPC_FAIL(this, "receiving unexpected principal");
		LogFailedPrincipalValidationInfo(aPrincipal, __func__);
		}
		*aRv = Permissions::RemovePermission(aPrincipal, aPermissionType);
		return IPC_OK();
		@@ -3249,7 +3270,7 @@ mozilla::ipc::IPCResult ContentParent::RecvSetClipboard(
		const int32_t& aWhichClipboard) {
		if (!ValidatePrincipal(aRequestingPrincipal,
		{ValidatePrincipalOptions::AllowNullPtr})) {
		return IPC_FAIL(this, "receiving unexpected principal");
		LogFailedPrincipalValidationInfo(aRequestingPrincipal, __func__);
		}

		nsresult rv;
		@@ -4481,7 +4502,7 @@ mozilla::ipc::IPCResult ContentParent::RecvCloseAlert(const nsString& aName) {
		mozilla::ipc::IPCResult ContentParent::RecvDisableNotifications(
		const IPC::Principal& aPrincipal) {
		if (!ValidatePrincipal(aPrincipal)) {
		return IPC_FAIL(this, "receiving unexpected principal");
		LogFailedPrincipalValidationInfo(aPrincipal, __func__);
		}
		Unused << Notification::RemovePermission(aPrincipal);
		return IPC_OK();
		@@ -4490,7 +4511,7 @@ mozilla::ipc::IPCResult ContentParent::RecvDisableNotifications(
		mozilla::ipc::IPCResult ContentParent::RecvOpenNotificationSettings(
		const IPC::Principal& aPrincipal) {
		if (!ValidatePrincipal(aPrincipal)) {
		return IPC_FAIL(this, "receiving unexpected principal");
		LogFailedPrincipalValidationInfo(aPrincipal, __func__);
		}
		Unused << Notification::OpenSettings(aPrincipal);
		return IPC_OK();
		@@ -5040,7 +5061,7 @@ bool ContentParent::DeallocPWebrtcGlobalParent(PWebrtcGlobalParent* aActor) {
		mozilla::ipc::IPCResult ContentParent::RecvSetOfflinePermission(
		const Principal& aPrincipal) {
		if (!ValidatePrincipal(aPrincipal)) {
		return IPC_FAIL(this, "receiving unexpected principal");
		LogFailedPrincipalValidationInfo(aPrincipal, __func__);
		}
		nsCOMPtr<nsIOfflineCacheUpdateService> updateService =
		components::OfflineCacheUpdate::Service();
		@@ -5378,7 +5399,7 @@ mozilla::ipc::IPCResult ContentParent::RecvCreateWindow(
		CreateWindowResolver&& aResolve) {
		if (!ValidatePrincipal(aTriggeringPrincipal,
		{ValidatePrincipalOptions::AllowSystem})) {
		return IPC_FAIL(this, "receiving unexpected principal");
		LogFailedPrincipalValidationInfo(aTriggeringPrincipal, __func__);
		}

		nsresult rv = NS_OK;
		@@ -5694,7 +5715,7 @@ mozilla::ipc::IPCResult ContentParent::RecvNotifyPushObservers(
		const nsCString& aScope, const IPC::Principal& aPrincipal,
		const nsString& aMessageId) {
		if (!ValidatePrincipal(aPrincipal)) {
		return IPC_FAIL(this, "receiving unexpected principal");
		LogFailedPrincipalValidationInfo(aPrincipal, __func__);
		}
		PushMessageDispatcher dispatcher(aScope, aPrincipal, aMessageId, Nothing());
		Unused << NS_WARN_IF(NS_FAILED(dispatcher.NotifyObserversAndWorkers()));
		@@ -5705,7 +5726,7 @@ mozilla::ipc::IPCResult ContentParent::RecvNotifyPushObserversWithData(
		const nsCString& aScope, const IPC::Principal& aPrincipal,
		const nsString& aMessageId, nsTArray<uint8_t>&& aData) {
		if (!ValidatePrincipal(aPrincipal)) {
		return IPC_FAIL(this, "receiving unexpected principal");
		LogFailedPrincipalValidationInfo(aPrincipal, __func__);
		}
		PushMessageDispatcher dispatcher(aScope, aPrincipal, aMessageId,
		Some(std::move(aData)));
		@@ -5717,7 +5738,7 @@ mozilla::ipc::IPCResult
		ContentParent::RecvNotifyPushSubscriptionChangeObservers(
		const nsCString& aScope, const IPC::Principal& aPrincipal) {
		if (!ValidatePrincipal(aPrincipal)) {
		return IPC_FAIL(this, "receiving unexpected principal");
		LogFailedPrincipalValidationInfo(aPrincipal, __func__);
		}
		PushSubscriptionChangeDispatcher dispatcher(aScope, aPrincipal);
		Unused << NS_WARN_IF(NS_FAILED(dispatcher.NotifyObserversAndWorkers()));
		@@ -5728,7 +5749,7 @@ mozilla::ipc::IPCResult ContentParent::RecvPushError(
		const nsCString& aScope, const IPC::Principal& aPrincipal,
		const nsString& aMessage, const uint32_t& aFlags) {
		if (!ValidatePrincipal(aPrincipal)) {
		return IPC_FAIL(this, "receiving unexpected principal");
		LogFailedPrincipalValidationInfo(aPrincipal, __func__);
		}
		PushErrorDispatcher dispatcher(aScope, aPrincipal, aMessage, aFlags);
		Unused << NS_WARN_IF(NS_FAILED(dispatcher.NotifyObserversAndWorkers()));
		@@ -5739,7 +5760,7 @@ mozilla::ipc::IPCResult
		ContentParent::RecvNotifyPushSubscriptionModifiedObservers(
		const nsCString& aScope, const IPC::Principal& aPrincipal) {
		if (!ValidatePrincipal(aPrincipal)) {
		return IPC_FAIL(this, "receiving unexpected principal");
		LogFailedPrincipalValidationInfo(aPrincipal, __func__);
		}
		PushSubscriptionModifiedDispatcher dispatcher(aScope, aPrincipal);
		Unused << NS_WARN_IF(NS_FAILED(dispatcher.NotifyObservers()));
		@@ -5812,7 +5833,7 @@ mozilla::ipc::IPCResult ContentParent::RecvStoreAndBroadcastBlobURLRegistration(
		const nsCString& aURI, const IPCBlob& aBlob, const Principal& aPrincipal,
		const Maybe<nsID>& aAgentClusterId) {
		if (!ValidatePrincipal(aPrincipal, {ValidatePrincipalOptions::AllowSystem})) {
		return IPC_FAIL(this, "receiving unexpected principal");
		LogFailedPrincipalValidationInfo(aPrincipal, __func__);
		}
		RefPtr<BlobImpl> blobImpl = IPCBlobUtils::Deserialize(aBlob);
		if (NS_WARN_IF(!blobImpl)) {
		@@ -5835,7 +5856,7 @@ mozilla::ipc::IPCResult
		ContentParent::RecvUnstoreAndBroadcastBlobURLUnregistration(
		const nsCString& aURI, const Principal& aPrincipal) {
		if (!ValidatePrincipal(aPrincipal, {ValidatePrincipalOptions::AllowSystem})) {
		return IPC_FAIL(this, "receiving unexpected principal");
		LogFailedPrincipalValidationInfo(aPrincipal, __func__);
		}
		BlobURLProtocolHandler::RemoveDataEntry(aURI, false /* Don't broadcast */);
		BroadcastBlobURLUnregistration(aURI, aPrincipal, this);
		@@ -6181,10 +6202,6 @@ PURLClassifierParent* ContentParent::AllocPURLClassifierParent(

		mozilla::ipc::IPCResult ContentParent::RecvPURLClassifierConstructor(
		PURLClassifierParent* aActor, const Principal& aPrincipal, bool* aSuccess) {
		if (!ValidatePrincipal(aPrincipal)) {
		return IPC_FAIL(this, "receiving unexpected principal");
		}

		MOZ_ASSERT(NS_IsMainThread());
		MOZ_ASSERT(aActor);
		*aSuccess = false;
		@@ -6196,7 +6213,7 @@ mozilla::ipc::IPCResult ContentParent::RecvPURLClassifierConstructor(
		return IPC_OK();
		}
		if (!ValidatePrincipal(aPrincipal)) {
		return IPC_FAIL(this, "receiving unexpected principal");
		LogFailedPrincipalValidationInfo(aPrincipal, __func__);
		}
		return actor->StartClassify(principal, aSuccess);
		}
		@@ -6365,7 +6382,7 @@ ContentParent::RecvAutomaticStorageAccessPermissionCanBeGranted(
		const Principal& aPrincipal,
		AutomaticStorageAccessPermissionCanBeGrantedResolver&& aResolver) {
		if (!ValidatePrincipal(aPrincipal)) {
		return IPC_FAIL(this, "receiving unexpected principal");
		LogFailedPrincipalValidationInfo(aPrincipal, __func__);
		}
		aResolver(Document::AutomaticStorageAccessPermissionCanBeGranted(aPrincipal));
		return IPC_OK();
		@@ -6439,7 +6456,7 @@ mozilla::ipc::IPCResult ContentParent::RecvCompleteAllowAccessFor(
		mozilla::ipc::IPCResult ContentParent::RecvStoreUserInteractionAsPermission(
		const Principal& aPrincipal) {
		if (!ValidatePrincipal(aPrincipal)) {
		return IPC_FAIL(this, "receiving unexpected principal");
		LogFailedPrincipalValidationInfo(aPrincipal, __func__);
		}
		ContentBlockingUserInteraction::Observe(aPrincipal);
		return IPC_OK();