From 2c70356c5b9101c813ad2116a0984e30280afacc Mon Sep 17 00:00:00 2001 From: Michael Layzell Date: Wed, 10 Jun 2015 12:48:22 -0400 Subject: [PATCH] Bug 1173523 - Part 1: Expose an nsIPrincipal from nsIPermission rather than a host string, appId, and isInBrowserElement, r=ehsan --- dom/ipc/ContentChild.cpp | 18 ++- dom/ipc/ContentParent.cpp | 15 +-- dom/storage/DOMStorageObserver.cpp | 14 +- extensions/cookie/nsPermission.cpp | 122 ++++++++++++++--- extensions/cookie/nsPermission.h | 8 +- extensions/cookie/nsPermissionManager.cpp | 126 +++++++++++------- .../test/unit/test_permmanager_local_files.js | 2 +- netwerk/base/nsIPermission.idl | 44 ++++-- netwerk/ipc/NeckoMessageUtils.h | 30 ++--- 9 files changed, 246 insertions(+), 133 deletions(-) diff --git a/dom/ipc/ContentChild.cpp b/dom/ipc/ContentChild.cpp index b4acda4172d88..ea4e78821f315 100644 --- a/dom/ipc/ContentChild.cpp +++ b/dom/ipc/ContentChild.cpp @@ -53,6 +53,7 @@ #include "mozilla/plugins/PluginModuleParent.h" #include "mozilla/widget/WidgetMessageUtils.h" #include "mozilla/media/MediaChild.h" +#include "mozilla/BasePrincipal.h" #if defined(MOZ_CONTENT_SANDBOX) #if defined(XP_WIN) @@ -2112,19 +2113,16 @@ ContentChild::RecvAddPermission(const IPC::Permission& permission) MOZ_ASSERT(permissionManager, "We have no permissionManager in the Content process !"); - nsCOMPtr uri; - NS_NewURI(getter_AddRefs(uri), NS_LITERAL_CSTRING("http://") + nsCString(permission.host)); - NS_ENSURE_TRUE(uri, true); - - nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); - MOZ_ASSERT(secMan); + nsAutoCString originNoSuffix; + OriginAttributes attrs; + attrs.PopulateFromOrigin(permission.origin, originNoSuffix); - nsCOMPtr principal; - nsresult rv = secMan->GetAppCodebasePrincipal(uri, permission.appId, - permission.isInBrowserElement, - getter_AddRefs(principal)); + nsCOMPtr uri; + nsresult rv = NS_NewURI(getter_AddRefs(uri), originNoSuffix); NS_ENSURE_SUCCESS(rv, true); + nsCOMPtr principal = mozilla::BasePrincipal::CreateCodebasePrincipal(uri, attrs); + // child processes don't care about modification time. int64_t modificationTime = 0; diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp index b6fc3cb84acec..6c49883bc2aa5 100755 --- a/dom/ipc/ContentParent.cpp +++ b/dom/ipc/ContentParent.cpp @@ -2559,12 +2559,12 @@ ContentParent::RecvReadPermissions(InfallibleTArray* aPermissio enumerator->GetNext(getter_AddRefs(supp)); nsCOMPtr perm = do_QueryInterface(supp); - nsCString host; - perm->GetHost(host); - uint32_t appId; - perm->GetAppId(&appId); - bool isInBrowserElement; - perm->GetIsInBrowserElement(&isInBrowserElement); + nsCOMPtr principal; + perm->GetPrincipal(getter_AddRefs(principal)); + nsCString origin; + if (principal) { + principal->GetOrigin(origin); + } nsCString type; perm->GetType(type); uint32_t capability; @@ -2574,8 +2574,7 @@ ContentParent::RecvReadPermissions(InfallibleTArray* aPermissio int64_t expireTime; perm->GetExpireTime(&expireTime); - aPermissions->AppendElement(IPC::Permission(host, appId, - isInBrowserElement, type, + aPermissions->AppendElement(IPC::Permission(origin, type, capability, expireType, expireTime)); } diff --git a/dom/storage/DOMStorageObserver.cpp b/dom/storage/DOMStorageObserver.cpp index 29a20ed98722d..54ca84016398c 100644 --- a/dom/storage/DOMStorageObserver.cpp +++ b/dom/storage/DOMStorageObserver.cpp @@ -196,8 +196,20 @@ DOMStorageObserver::Observe(nsISupports* aSubject, return NS_OK; } + nsCOMPtr principal; + perm->GetPrincipal(getter_AddRefs(principal)); + if (!principal) { + return NS_OK; + } + + nsCOMPtr origin; + principal->GetURI(getter_AddRefs(origin)); + if (!origin) { + return NS_OK; + } + nsAutoCString host; - perm->GetHost(host); + origin->GetHost(host); if (host.IsEmpty()) { return NS_OK; } diff --git a/extensions/cookie/nsPermission.cpp b/extensions/cookie/nsPermission.cpp index bdd3abad0e5ef..a84a4180a9bda 100644 --- a/extensions/cookie/nsPermission.cpp +++ b/extensions/cookie/nsPermission.cpp @@ -4,75 +4,155 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "nsPermission.h" +#include "nsContentUtils.h" #include "nsIClassInfoImpl.h" +#include "nsIEffectiveTLDService.h" +#include "nsIScriptSecurityManager.h" // nsPermission Implementation NS_IMPL_CLASSINFO(nsPermission, nullptr, 0, {0}) NS_IMPL_ISUPPORTS_CI(nsPermission, nsIPermission) -nsPermission::nsPermission(const nsACString &aHost, - uint32_t aAppId, - bool aIsInBrowserElement, +nsPermission::nsPermission(nsIPrincipal* aPrincipal, const nsACString &aType, uint32_t aCapability, uint32_t aExpireType, int64_t aExpireTime) - : mHost(aHost) + : mPrincipal(aPrincipal) , mType(aType) , mCapability(aCapability) , mExpireType(aExpireType) , mExpireTime(aExpireTime) - , mAppId(aAppId) - , mIsInBrowserElement(aIsInBrowserElement) { } NS_IMETHODIMP -nsPermission::GetHost(nsACString &aHost) +nsPermission::GetPrincipal(nsIPrincipal** aPrincipal) { - aHost = mHost; + nsCOMPtr copy = mPrincipal; + copy.forget(aPrincipal); return NS_OK; } NS_IMETHODIMP -nsPermission::GetAppId(uint32_t* aAppId) +nsPermission::GetType(nsACString &aType) { - *aAppId = mAppId; + aType = mType; return NS_OK; } NS_IMETHODIMP -nsPermission::GetIsInBrowserElement(bool* aIsInBrowserElement) +nsPermission::GetCapability(uint32_t *aCapability) { - *aIsInBrowserElement = mIsInBrowserElement; + *aCapability = mCapability; return NS_OK; } NS_IMETHODIMP -nsPermission::GetType(nsACString &aType) +nsPermission::GetExpireType(uint32_t *aExpireType) { - aType = mType; + *aExpireType = mExpireType; return NS_OK; } NS_IMETHODIMP -nsPermission::GetCapability(uint32_t *aCapability) +nsPermission::GetExpireTime(int64_t *aExpireTime) { - *aCapability = mCapability; + *aExpireTime = mExpireTime; return NS_OK; } NS_IMETHODIMP -nsPermission::GetExpireType(uint32_t *aExpireType) +nsPermission::Matches(nsIPrincipal* aPrincipal, bool aExactHost, bool* aMatches) { - *aExpireType = mExpireType; + NS_ENSURE_ARG_POINTER(aPrincipal); + NS_ENSURE_ARG_POINTER(aMatches); + + *aMatches = false; + + // If the principals are equal, then they match. + if (mPrincipal->Equals(aPrincipal)) { + *aMatches = true; + return NS_OK; + } + + // Make sure that the OriginAttributes of the two entries are the same + nsAutoCString theirSuffix; + nsresult rv = aPrincipal->GetOriginSuffix(theirSuffix); + NS_ENSURE_SUCCESS(rv, rv); + + nsAutoCString ourSuffix; + rv = mPrincipal->GetOriginSuffix(ourSuffix); + NS_ENSURE_SUCCESS(rv, rv); + + if (theirSuffix != ourSuffix) { + return NS_OK; + } + + // Right now, we only care about the hosts + nsCOMPtr theirURI; + rv = aPrincipal->GetURI(getter_AddRefs(theirURI)); + NS_ENSURE_SUCCESS(rv, rv); + + nsCOMPtr ourURI; + rv = mPrincipal->GetURI(getter_AddRefs(ourURI)); + NS_ENSURE_SUCCESS(rv, rv); + + // Get the hosts so we can compare them + nsAutoCString theirHost; + rv = theirURI->GetHost(theirHost); + if (NS_FAILED(rv) || theirHost.IsEmpty()) { + return NS_OK; + } + + nsAutoCString ourHost; + rv = ourURI->GetHost(ourHost); + if (NS_FAILED(rv) || ourHost.IsEmpty()) { + return NS_OK; + } + + if (aExactHost) { // If we only care about the exact host, we compare them and are done + *aMatches = theirHost == ourHost; + return NS_OK; + } + + nsCOMPtr tldService = + do_GetService(NS_EFFECTIVETLDSERVICE_CONTRACTID); + if (!tldService) { + NS_ERROR("Should have a tld service!"); + return NS_ERROR_FAILURE; + } + + // Check if the host or any subdomain of the host matches. This loop will + // not loop forever, as GetNextSubDomain will eventually fail with + // NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS. + while (theirHost != ourHost) { + rv = tldService->GetNextSubDomain(theirHost, theirHost); + if (NS_FAILED(rv)) { + if (rv == NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS) { + return NS_OK; + } else { + return rv; + } + } + } + + *aMatches = true; return NS_OK; } NS_IMETHODIMP -nsPermission::GetExpireTime(int64_t *aExpireTime) +nsPermission::MatchesURI(nsIURI* aURI, bool aExactHost, bool* aMatches) { - *aExpireTime = mExpireTime; - return NS_OK; + NS_ENSURE_ARG_POINTER(aURI); + + nsIScriptSecurityManager* secMan = nsContentUtils::GetSecurityManager(); + NS_ENSURE_TRUE(secMan, NS_ERROR_FAILURE); + + nsCOMPtr principal; + nsresult rv = secMan->GetNoAppCodebasePrincipal(aURI, getter_AddRefs(principal)); + NS_ENSURE_SUCCESS(rv, rv); + + return Matches(principal, aExactHost, aMatches); } diff --git a/extensions/cookie/nsPermission.h b/extensions/cookie/nsPermission.h index 8e459fb59f715..1e966e4b78b84 100644 --- a/extensions/cookie/nsPermission.h +++ b/extensions/cookie/nsPermission.h @@ -18,9 +18,7 @@ class nsPermission : public nsIPermission NS_DECL_ISUPPORTS NS_DECL_NSIPERMISSION - nsPermission(const nsACString &aHost, - uint32_t aAppId, - bool aIsInBrowserElement, + nsPermission(nsIPrincipal* aPrincipal, const nsACString &aType, uint32_t aCapability, uint32_t aExpireType, @@ -29,13 +27,11 @@ class nsPermission : public nsIPermission protected: virtual ~nsPermission() {}; - nsCString mHost; + nsCOMPtr mPrincipal; nsCString mType; uint32_t mCapability; uint32_t mExpireType; int64_t mExpireTime; - uint32_t mAppId; - bool mIsInBrowserElement; }; #endif // nsPermission_h__ diff --git a/extensions/cookie/nsPermissionManager.cpp b/extensions/cookie/nsPermissionManager.cpp index 0706c80b5ccb2..0fdafb6658e94 100644 --- a/extensions/cookie/nsPermissionManager.cpp +++ b/extensions/cookie/nsPermissionManager.cpp @@ -8,6 +8,7 @@ #include "mozilla/dom/ContentParent.h" #include "mozilla/dom/ContentChild.h" +#include "mozilla/BasePrincipal.h" #include "mozilla/unused.h" #include "nsPermissionManager.h" #include "nsPermission.h" @@ -742,6 +743,15 @@ nsPermissionManager::AddFromPrincipal(nsIPrincipal* aPrincipal, return NS_OK; } + // Null principals can't meaningfully have persisted permissions attached to + // them, so we don't allow adding permissions for them. + bool isNullPrincipal; + nsresult rv = aPrincipal->GetIsNullPrincipal(&isNullPrincipal); + NS_ENSURE_SUCCESS(rv, rv); + if (isNullPrincipal) { + return NS_OK; + } + // Permissions may not be added to expanded principals. if (IsExpandedPrincipal(aPrincipal)) { return NS_ERROR_INVALID_ARG; @@ -771,16 +781,12 @@ nsPermissionManager::AddInternal(nsIPrincipal* aPrincipal, NS_ENSURE_SUCCESS(rv, rv); if (!IsChildProcess()) { - uint32_t appId; - rv = aPrincipal->GetAppId(&appId); - NS_ENSURE_SUCCESS(rv, rv); - - bool isInBrowserElement; - rv = aPrincipal->GetIsInBrowserElement(&isInBrowserElement); + nsAutoCString origin; + rv = aPrincipal->GetOrigin(origin); NS_ENSURE_SUCCESS(rv, rv); - IPC::Permission permission(host, appId, isInBrowserElement, aType, - aPermission, aExpireType, aExpireTime); + IPC::Permission permission(origin, aType, aPermission, + aExpireType, aExpireTime); nsTArray cplist; ContentParent::GetAll(cplist); @@ -1099,12 +1105,8 @@ nsPermissionManager::RemoveFromPrincipal(nsIPrincipal* aPrincipal, NS_IMETHODIMP nsPermissionManager::RemovePermission(nsIPermission* aPerm) { - nsAutoCString host; - nsresult rv = aPerm->GetHost(host); - NS_ENSURE_SUCCESS(rv, rv); - nsCOMPtr principal; - rv = GetPrincipal(host, getter_AddRefs(principal)); + nsresult rv = aPerm->GetPrincipal(getter_AddRefs(principal)); NS_ENSURE_SUCCESS(rv, rv); nsAutoCString type; @@ -1302,9 +1304,14 @@ nsPermissionManager::GetPermissionObject(nsIPrincipal* aPrincipal, } PermissionEntry& perm = entry->GetPermissions()[idx]; - nsCOMPtr r = new nsPermission(entry->GetKey()->mHost, - entry->GetKey()->mAppId, - entry->GetKey()->mIsInBrowserElement, + nsCOMPtr principal; + rv = GetPrincipal(entry->GetKey()->mHost, + entry->GetKey()->mAppId, + entry->GetKey()->mIsInBrowserElement, + getter_AddRefs(principal)); + NS_ENSURE_SUCCESS(rv, rv); + + nsCOMPtr r = new nsPermission(principal, mTypeArray.ElementAt(perm.mType), perm.mPermission, perm.mExpireType, @@ -1445,6 +1452,7 @@ nsPermissionManager::GetPermissionHashKey(const nsACString& aHost, return GetPermissionHashKey(NS_LITERAL_CSTRING(""), aAppId, aIsInBrowserElement, aType, true); } + // If aExactHostMatch wasn't true, we can check if the base domain has a permission entry. if (!aExactHostMatch) { nsCString domain = GetNextSubDomainForHost(aHost); if (!domain.IsEmpty()) { @@ -1471,10 +1479,16 @@ NS_IMETHODIMP nsPermissionManager::GetEnumerator(nsISimpleEnumerator **aEnum) continue; } + nsCOMPtr principal; + if (NS_FAILED(GetPrincipal(entry->GetKey()->mHost, + entry->GetKey()->mAppId, + entry->GetKey()->mIsInBrowserElement, + getter_AddRefs(principal)))) { + continue; + } + array.AppendObject( - new nsPermission(entry->GetKey()->mHost, - entry->GetKey()->mAppId, - entry->GetKey()->mIsInBrowserElement, + new nsPermission(principal, mTypeArray.ElementAt(permEntry.mType), permEntry.mPermission, permEntry.mExpireType, @@ -1518,10 +1532,16 @@ nsPermissionManager::RemoveAllModifiedSince(int64_t aModificationTime) continue; } + nsCOMPtr principal; + if (NS_FAILED(GetPrincipal(entry->GetKey()->mHost, + entry->GetKey()->mAppId, + entry->GetKey()->mIsInBrowserElement, + getter_AddRefs(principal)))) { + continue; + } + array.AppendObject( - new nsPermission(entry->GetKey()->mHost, - entry->GetKey()->mAppId, - entry->GetKey()->mIsInBrowserElement, + new nsPermission(principal, mTypeArray.ElementAt(permEntry.mType), permEntry.mPermission, permEntry.mExpireType, @@ -1530,22 +1550,21 @@ nsPermissionManager::RemoveAllModifiedSince(int64_t aModificationTime) } for (int32_t i = 0; i principal; nsAutoCString type; - uint32_t appId = 0; - - array[i]->GetHost(host); - array[i]->GetIsInBrowserElement(&isInBrowserElement); - array[i]->GetType(type); - array[i]->GetAppId(&appId); - nsCOMPtr principal; - if (NS_FAILED(GetPrincipal(host, appId, isInBrowserElement, - getter_AddRefs(principal)))) { + nsresult rv = array[i]->GetPrincipal(getter_AddRefs(principal)); + if (NS_FAILED(rv)) { NS_ERROR("GetPrincipal() failed!"); continue; } + + rv = array[i]->GetType(type); + if (NS_FAILED(rv)) { + NS_ERROR("GetType() failed!"); + continue; + } + // AddInternal handles removal, so let it do the work... AddInternal( principal, @@ -1600,11 +1619,17 @@ nsPermissionManager::RemovePermissionsForApp(uint32_t aAppId, bool aBrowserOnly) continue; } + nsCOMPtr principal; + if (NS_FAILED(GetPrincipal(entry->GetKey()->mHost, + entry->GetKey()->mAppId, + entry->GetKey()->mIsInBrowserElement, + getter_AddRefs(principal)))) { + continue; + } + for (const auto& permEntry : entry->GetPermissions()) { permissions.AppendObject( - new nsPermission(entry->GetKey()->mHost, - entry->GetKey()->mAppId, - entry->GetKey()->mIsInBrowserElement, + new nsPermission(principal, mTypeArray.ElementAt(permEntry.mType), permEntry.mPermission, permEntry.mExpireType, @@ -1613,21 +1638,12 @@ nsPermissionManager::RemovePermissionsForApp(uint32_t aAppId, bool aBrowserOnly) } for (int32_t i = 0; i < permissions.Count(); ++i) { - nsAutoCString host; - bool isInBrowserElement; + nsCOMPtr principal; nsAutoCString type; - permissions[i]->GetHost(host); - permissions[i]->GetIsInBrowserElement(&isInBrowserElement); + permissions[i]->GetPrincipal(getter_AddRefs(principal)); permissions[i]->GetType(type); - nsCOMPtr principal; - if (NS_FAILED(GetPrincipal(host, aAppId, isInBrowserElement, - getter_AddRefs(principal)))) { - NS_ERROR("GetPrincipal() failed!"); - continue; - } - AddInternal(principal, type, nsIPermissionManager::UNKNOWN_ACTION, @@ -1750,8 +1766,11 @@ nsPermissionManager::NotifyObserversWithPermission(const nsACString &aHost, int64_t aExpireTime, const char16_t *aData) { + nsCOMPtr principal; + GetPrincipal(aHost, aAppId, aIsInBrowserElement, getter_AddRefs(principal)); + nsCOMPtr permission = - new nsPermission(aHost, aAppId, aIsInBrowserElement, aType, aPermission, + new nsPermission(principal, aType, aPermission, aExpireType, aExpireTime); if (permission) NotifyObservers(permission, aData); @@ -2244,11 +2263,16 @@ nsPermissionManager::FetchPermissions() { for (uint32_t i = 0; i < perms.Length(); i++) { const IPC::Permission &perm = perms[i]; - nsCOMPtr principal; - nsresult rv = GetPrincipal(perm.host, perm.appId, - perm.isInBrowserElement, getter_AddRefs(principal)); + nsAutoCString originNoSuffix; + mozilla::OriginAttributes attrs; + attrs.PopulateFromOrigin(perm.origin, originNoSuffix); + + nsCOMPtr uri; + nsresult rv = NS_NewURI(getter_AddRefs(uri), originNoSuffix); NS_ENSURE_SUCCESS(rv, rv); + nsCOMPtr principal = mozilla::BasePrincipal::CreateCodebasePrincipal(uri, attrs); + // The child process doesn't care about modification times - it neither // reads nor writes, nor removes them based on the date - so 0 (which // will end up as now()) is fine. diff --git a/extensions/cookie/test/unit/test_permmanager_local_files.js b/extensions/cookie/test/unit/test_permmanager_local_files.js index 6de1ce7b063db..32d72dd70b86b 100644 --- a/extensions/cookie/test/unit/test_permmanager_local_files.js +++ b/extensions/cookie/test/unit/test_permmanager_local_files.js @@ -45,4 +45,4 @@ function run_test() { do_check_eq(pm.testPermissionFromPrincipal(principal, "test/local-files"), pm.ALLOW_ACTION); do_check_eq(pm.testPermissionFromPrincipal(witnessPrincipal, "test/local-files"), pm.ALLOW_ACTION); do_check_eq(pm.testPermissionFromPrincipal(fileInDirPrincipal, "test/local-files"), pm.ALLOW_ACTION); -} \ No newline at end of file +} diff --git a/netwerk/base/nsIPermission.idl b/netwerk/base/nsIPermission.idl index 4500679905acc..1e8a41b76c104 100644 --- a/netwerk/base/nsIPermission.idl +++ b/netwerk/base/nsIPermission.idl @@ -6,7 +6,10 @@ #include "nsISupports.idl" -[scriptable, uuid(cfb08e46-193c-4be7-a467-d7775fb2a31e)] +interface nsIPrincipal; +interface nsIURI; + +[scriptable, uuid(bb409a51-2371-4fea-9dc9-b7286a458b8c)] /** * This interface defines a "permission" object, * used to specify allowed/blocked objects from @@ -16,19 +19,9 @@ interface nsIPermission : nsISupports { /** - * The name of the host for which the permission is set - */ - readonly attribute AUTF8String host; - - /** - * The id of the app for which the permission is set. - */ - readonly attribute unsigned long appId; - - /** - * Whether the permission has been set to a page inside a browser element. + * The principal for which this permission applies. */ - readonly attribute boolean isInBrowserElement; + readonly attribute nsIPrincipal principal; /** * a case-sensitive ASCII string, indicating the type of permission @@ -56,4 +49,29 @@ interface nsIPermission : nsISupports * 0:00:00). */ readonly attribute int64_t expireTime; + + /** + * Test whether a principal would be affected by this permission. + * + * @param principal the principal to test + * @param exactHost If true, only the specific host will be matched, + * @see nsIPermissionManager::testExactPermission. + * If false, subdomains will also be searched, + * @see nsIPermissionManager::testPermission. + */ + boolean matches(in nsIPrincipal principal, + in boolean exactHost); + + /** + * Test whether a URI would be affected by this permission. + * This performs a matches with a NO_APP_ID identifier. + * + * @param uri the uri to test + * @param exactHost If true, only the specific host will be matched, + * @see nsIPermissionManager::testExactPermission. + * If false, subdomains will also be searched, + * @see nsIPermissionManager::testPermission. + */ + boolean matchesURI(in nsIURI uri, + in boolean exactHost); }; diff --git a/netwerk/ipc/NeckoMessageUtils.h b/netwerk/ipc/NeckoMessageUtils.h index 3886a81a8bd78..ce0219d21a230 100644 --- a/netwerk/ipc/NeckoMessageUtils.h +++ b/netwerk/ipc/NeckoMessageUtils.h @@ -20,26 +20,20 @@ namespace IPC { struct Permission { - nsCString host, type; + nsCString origin, type; uint32_t capability, expireType; int64_t expireTime; - uint32_t appId; - bool isInBrowserElement; Permission() { } - Permission(const nsCString& aHost, - const uint32_t aAppId, - const bool aIsInBrowserElement, + Permission(const nsCString& aOrigin, const nsCString& aType, const uint32_t aCapability, const uint32_t aExpireType, - const int64_t aExpireTime) : host(aHost), + const int64_t aExpireTime) : origin(aOrigin), type(aType), capability(aCapability), expireType(aExpireType), - expireTime(aExpireTime), - appId(aAppId), - isInBrowserElement(aIsInBrowserElement) + expireTime(aExpireTime) {} }; @@ -48,34 +42,26 @@ struct ParamTraits { static void Write(Message* aMsg, const Permission& aParam) { - WriteParam(aMsg, aParam.host); + WriteParam(aMsg, aParam.origin); WriteParam(aMsg, aParam.type); WriteParam(aMsg, aParam.capability); WriteParam(aMsg, aParam.expireType); WriteParam(aMsg, aParam.expireTime); - WriteParam(aMsg, aParam.appId); - WriteParam(aMsg, aParam.isInBrowserElement); } static bool Read(const Message* aMsg, void** aIter, Permission* aResult) { - return ReadParam(aMsg, aIter, &aResult->host) && + return ReadParam(aMsg, aIter, &aResult->origin) && ReadParam(aMsg, aIter, &aResult->type) && ReadParam(aMsg, aIter, &aResult->capability) && ReadParam(aMsg, aIter, &aResult->expireType) && - ReadParam(aMsg, aIter, &aResult->expireTime) && - ReadParam(aMsg, aIter, &aResult->appId) && - ReadParam(aMsg, aIter, &aResult->isInBrowserElement); + ReadParam(aMsg, aIter, &aResult->expireTime); } static void Log(const Permission& p, std::wstring* l) { l->append(L"("); - LogParam(p.host, l); - l->append(L", "); - LogParam(p.appId, l); - l->append(L", "); - LogParam(p.isInBrowserElement, l); + LogParam(p.origin, l); l->append(L", "); LogParam(p.capability, l); l->append(L", ");