mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-28 15:23:51 +00:00
Fixing bug 504862. Sanitize modal dialog argument handling. r=mrbkap@gmail.com, sr=bzbarsky@mit.edu
This commit is contained in:
parent
2de0a533d2
commit
0f5b5ba5ba
@ -76,7 +76,6 @@ public:
|
||||
virtual JSObject *GetGlobalJSObject();
|
||||
virtual void OnFinalize(PRUint32 aLangID, void *aScriptGlobal);
|
||||
virtual void SetScriptsEnabled(PRBool aEnabled, PRBool aFireTimeouts);
|
||||
virtual nsresult SetNewArguments(nsIArray *aArguments);
|
||||
|
||||
// nsIScriptObjectPrincipal methods
|
||||
virtual nsIPrincipal* GetPrincipal();
|
||||
@ -393,13 +392,6 @@ nsXBLDocGlobalObject::SetScriptsEnabled(PRBool aEnabled, PRBool aFireTimeouts)
|
||||
// We don't care...
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsXBLDocGlobalObject::SetNewArguments(nsIArray *aArguments)
|
||||
{
|
||||
NS_NOTREACHED("waaah!");
|
||||
return NS_ERROR_UNEXPECTED;
|
||||
}
|
||||
|
||||
//----------------------------------------------------------------------
|
||||
//
|
||||
// nsIScriptObjectPrincipal methods
|
||||
|
@ -81,7 +81,6 @@ public:
|
||||
// nsIScriptGlobalObject methods
|
||||
virtual void OnFinalize(PRUint32 aLangID, void *aGlobal);
|
||||
virtual void SetScriptsEnabled(PRBool aEnabled, PRBool aFireTimeouts);
|
||||
virtual nsresult SetNewArguments(nsIArray *aArguments);
|
||||
|
||||
virtual void *GetScriptGlobal(PRUint32 lang);
|
||||
virtual nsresult EnsureScriptEnvironment(PRUint32 aLangID);
|
||||
@ -809,13 +808,6 @@ nsXULPDGlobalObject::SetScriptsEnabled(PRBool aEnabled, PRBool aFireTimeouts)
|
||||
// We don't care...
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsXULPDGlobalObject::SetNewArguments(nsIArray *aArguments)
|
||||
{
|
||||
NS_NOTREACHED("waaah!");
|
||||
return NS_ERROR_UNEXPECTED;
|
||||
}
|
||||
|
||||
//----------------------------------------------------------------------
|
||||
//
|
||||
// nsIScriptObjectPrincipal methods
|
||||
|
@ -1414,6 +1414,7 @@ jsval nsDOMClassInfo::sToolbar_id = JSVAL_VOID;
|
||||
jsval nsDOMClassInfo::sLocationbar_id = JSVAL_VOID;
|
||||
jsval nsDOMClassInfo::sPersonalbar_id = JSVAL_VOID;
|
||||
jsval nsDOMClassInfo::sStatusbar_id = JSVAL_VOID;
|
||||
jsval nsDOMClassInfo::sDialogArguments_id = JSVAL_VOID;
|
||||
jsval nsDOMClassInfo::sDirectories_id = JSVAL_VOID;
|
||||
jsval nsDOMClassInfo::sControllers_id = JSVAL_VOID;
|
||||
jsval nsDOMClassInfo::sLength_id = JSVAL_VOID;
|
||||
@ -1609,6 +1610,7 @@ nsDOMClassInfo::DefineStaticJSVals(JSContext *cx)
|
||||
SET_JSVAL_TO_STRING(sLocationbar_id, cx, "locationbar");
|
||||
SET_JSVAL_TO_STRING(sPersonalbar_id, cx, "personalbar");
|
||||
SET_JSVAL_TO_STRING(sStatusbar_id, cx, "statusbar");
|
||||
SET_JSVAL_TO_STRING(sDialogArguments_id, cx, "dialogArguments");
|
||||
SET_JSVAL_TO_STRING(sDirectories_id, cx, "directories");
|
||||
SET_JSVAL_TO_STRING(sControllers_id, cx, "controllers");
|
||||
SET_JSVAL_TO_STRING(sLength_id, cx, "length");
|
||||
@ -4454,6 +4456,7 @@ nsDOMClassInfo::ShutDown()
|
||||
sLocationbar_id = JSVAL_VOID;
|
||||
sPersonalbar_id = JSVAL_VOID;
|
||||
sStatusbar_id = JSVAL_VOID;
|
||||
sDialogArguments_id = JSVAL_VOID;
|
||||
sDirectories_id = JSVAL_VOID;
|
||||
sControllers_id = JSVAL_VOID;
|
||||
sLength_id = JSVAL_VOID;
|
||||
@ -6687,6 +6690,24 @@ nsWindowSH::NewResolve(nsIXPConnectWrappedNative *wrapper, JSContext *cx,
|
||||
return NS_OK;
|
||||
}
|
||||
}
|
||||
} else if (id == sDialogArguments_id &&
|
||||
mData == &sClassInfoData[eDOMClassInfo_ModalContentWindow_id]) {
|
||||
nsCOMPtr<nsIArray> args;
|
||||
((nsGlobalModalWindow *)win)->GetDialogArguments(getter_AddRefs(args));
|
||||
|
||||
nsIScriptContext *script_cx = win->GetContext();
|
||||
if (script_cx) {
|
||||
JSAutoSuspendRequest asr(cx);
|
||||
|
||||
// Make nsJSContext::SetProperty()'s magic argument array
|
||||
// handling happen.
|
||||
rv = script_cx->SetProperty(obj, "dialogArguments", args);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
*objp = obj;
|
||||
}
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
}
|
||||
|
||||
@ -6703,8 +6724,7 @@ nsWindowSH::NewResolve(nsIXPConnectWrappedNative *wrapper, JSContext *cx,
|
||||
// binding a name) a new undefined property that's not already
|
||||
// defined on our prototype chain. This way we can access this
|
||||
// expando w/o ever getting back into XPConnect.
|
||||
if ((flags & JSRESOLVE_ASSIGNING) &&
|
||||
!(flags & JSRESOLVE_WITH) &&
|
||||
if ((flags & JSRESOLVE_ASSIGNING) && !(flags & JSRESOLVE_WITH) &&
|
||||
win->IsInnerWindow()) {
|
||||
JSObject *realObj;
|
||||
wrapper->GetJSObject(&realObj);
|
||||
@ -9605,7 +9625,10 @@ nsHTMLPluginObjElementSH::PostCreate(nsIXPConnectWrappedNative *wrapper,
|
||||
JSContext *cx, JSObject *obj)
|
||||
{
|
||||
if (nsContentUtils::IsSafeToRunScript()) {
|
||||
nsresult rv = SetupProtoChain(wrapper, cx, obj);
|
||||
#ifdef DEBUG
|
||||
nsresult rv =
|
||||
#endif
|
||||
SetupProtoChain(wrapper, cx, obj);
|
||||
|
||||
// If SetupProtoChain failed then we're in real trouble. We're about to fail
|
||||
// PostCreate but it's more than likely that we handed our (now invalid)
|
||||
|
@ -287,6 +287,7 @@ protected:
|
||||
static jsval sLocationbar_id;
|
||||
static jsval sPersonalbar_id;
|
||||
static jsval sStatusbar_id;
|
||||
static jsval sDialogArguments_id;
|
||||
static jsval sDirectories_id;
|
||||
static jsval sControllers_id;
|
||||
static jsval sLength_id;
|
||||
|
@ -896,6 +896,7 @@ nsGlobalWindow::CleanUp()
|
||||
}
|
||||
mArguments = nsnull;
|
||||
mArgumentsLast = nsnull;
|
||||
mArgumentsOrigin = nsnull;
|
||||
|
||||
CleanupCachedXBLHandlers(this);
|
||||
|
||||
@ -1195,7 +1196,7 @@ nsGlobalWindow::SetScriptContext(PRUint32 lang_id, nsIScriptContext *aScriptCont
|
||||
NS_ASSERTION(script_glob, "GetNativeGlobal returned NULL!");
|
||||
}
|
||||
// for now, keep mContext real.
|
||||
if (lang_id==nsIProgrammingLanguage::JAVASCRIPT) {
|
||||
if (lang_id == nsIProgrammingLanguage::JAVASCRIPT) {
|
||||
mContext = aScriptContext;
|
||||
mJSObject = (JSObject *)script_glob;
|
||||
}
|
||||
@ -2035,8 +2036,12 @@ nsGlobalWindow::SetNewDocument(nsIDocument* aDocument,
|
||||
}
|
||||
|
||||
if (mArguments) {
|
||||
newInnerWindow->SetNewArguments(mArguments);
|
||||
newInnerWindow->DefineArgumentsProperty(mArguments);
|
||||
newInnerWindow->mArguments = mArguments;
|
||||
newInnerWindow->mArgumentsOrigin = mArgumentsOrigin;
|
||||
|
||||
mArguments = nsnull;
|
||||
mArgumentsOrigin = nsnull;
|
||||
}
|
||||
|
||||
// Give the new inner window our chrome event handler (since it
|
||||
@ -2120,9 +2125,10 @@ nsGlobalWindow::SetDocShell(nsIDocShell* aDocShell)
|
||||
|
||||
if (mArguments) {
|
||||
// We got no new document after someone called
|
||||
// SetNewArguments(), drop our reference to the arguments.
|
||||
// SetArguments(), drop our reference to the arguments.
|
||||
mArguments = nsnull;
|
||||
// xxxmarkh - should we also drop mArgumentsLast?
|
||||
mArgumentsLast = nsnull;
|
||||
mArgumentsOrigin = nsnull;
|
||||
}
|
||||
|
||||
PRUint32 st_ndx;
|
||||
@ -2375,41 +2381,62 @@ nsGlobalWindow::SetScriptsEnabled(PRBool aEnabled, PRBool aFireTimeouts)
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsGlobalWindow::SetNewArguments(nsIArray *aArguments)
|
||||
nsGlobalWindow::SetArguments(nsIArray *aArguments, nsIPrincipal *aOrigin)
|
||||
{
|
||||
FORWARD_TO_OUTER(SetNewArguments, (aArguments), NS_ERROR_NOT_INITIALIZED);
|
||||
|
||||
JSContext *cx;
|
||||
NS_ENSURE_TRUE(aArguments && mContext &&
|
||||
(cx = (JSContext *)mContext->GetNativeContext()),
|
||||
NS_ERROR_NOT_INITIALIZED);
|
||||
|
||||
// Note that currentInner may be non-null if someone's doing a
|
||||
// window.open with an existing window name.
|
||||
nsGlobalWindow *currentInner = GetCurrentInnerWindowInternal();
|
||||
|
||||
nsresult rv;
|
||||
|
||||
if (currentInner) {
|
||||
PRUint32 langID;
|
||||
NS_STID_FOR_ID(langID) {
|
||||
void *glob = currentInner->GetScriptGlobal(langID);
|
||||
nsIScriptContext *ctx = GetScriptContext(langID);
|
||||
if (glob && ctx) {
|
||||
if (mIsModalContentWindow) {
|
||||
rv = ctx->SetProperty(glob, "dialogArguments", aArguments);
|
||||
} else {
|
||||
rv = ctx->SetProperty(glob, "arguments", aArguments);
|
||||
}
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
}
|
||||
}
|
||||
}
|
||||
FORWARD_TO_OUTER(SetArguments, (aArguments, aOrigin),
|
||||
NS_ERROR_NOT_INITIALIZED);
|
||||
|
||||
// Hold on to the arguments so that we can re-set them once the next
|
||||
// document is loaded.
|
||||
mArguments = aArguments;
|
||||
mArgumentsLast = aArguments;
|
||||
mArgumentsOrigin = aOrigin;
|
||||
|
||||
nsGlobalWindow *currentInner = GetCurrentInnerWindowInternal();
|
||||
|
||||
if (!mIsModalContentWindow) {
|
||||
mArgumentsLast = aArguments;
|
||||
} else if (currentInner) {
|
||||
// SetArguments() is being called on a modal content window that
|
||||
// already has an inner window. This can happen when loading
|
||||
// javascript: URIs as modal content dialogs. In this case, we'll
|
||||
// set up the dialog window, both inner and outer, before we call
|
||||
// SetArguments() on the window, so to deal with that, make sure
|
||||
// here that the arguments are propagated to the inner window.
|
||||
|
||||
currentInner->mArguments = aArguments;
|
||||
currentInner->mArgumentsOrigin = aOrigin;
|
||||
}
|
||||
|
||||
return currentInner ?
|
||||
currentInner->DefineArgumentsProperty(aArguments) : NS_OK;
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsGlobalWindow::DefineArgumentsProperty(nsIArray *aArguments)
|
||||
{
|
||||
JSContext *cx;
|
||||
nsIScriptContext *ctx = GetOuterWindowInternal()->mContext;
|
||||
NS_ENSURE_TRUE(aArguments && ctx &&
|
||||
(cx = (JSContext *)ctx->GetNativeContext()),
|
||||
NS_ERROR_NOT_INITIALIZED);
|
||||
|
||||
if (mIsModalContentWindow) {
|
||||
// Modal content windows don't have an "arguments" property, they
|
||||
// have a "dialogArguments" property which is handled
|
||||
// separately. See nsWindowSH::NewResolve().
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
PRUint32 langID;
|
||||
NS_STID_FOR_ID(langID) {
|
||||
void *glob = GetScriptGlobal(langID);
|
||||
ctx = GetScriptContext(langID);
|
||||
if (glob && ctx) {
|
||||
nsresult rv = ctx->SetProperty(glob, "arguments", aArguments);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
}
|
||||
}
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
@ -6098,14 +6125,42 @@ nsGlobalWindow::ShowModalDialog(const nsAString& aURI, nsIVariant *aArgs,
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
if (dlgWin) {
|
||||
nsCOMPtr<nsPIDOMWindow> win(do_QueryInterface(dlgWin));
|
||||
nsCOMPtr<nsIPrincipal> subjectPrincipal;
|
||||
rv = nsContentUtils::GetSecurityManager()->
|
||||
GetSubjectPrincipal(getter_AddRefs(subjectPrincipal));
|
||||
if (NS_FAILED(rv)) {
|
||||
return rv;
|
||||
}
|
||||
|
||||
nsPIDOMWindow *inner = win->GetCurrentInnerWindow();
|
||||
PRBool canAccess = PR_TRUE;
|
||||
|
||||
nsCOMPtr<nsIDOMModalContentWindow> dlgInner(do_QueryInterface(inner));
|
||||
if (subjectPrincipal) {
|
||||
nsCOMPtr<nsIScriptObjectPrincipal> objPrincipal =
|
||||
do_QueryInterface(dlgWin);
|
||||
nsCOMPtr<nsIPrincipal> dialogPrincipal;
|
||||
|
||||
if (dlgInner) {
|
||||
dlgInner->GetReturnValue(aRetVal);
|
||||
if (objPrincipal) {
|
||||
dialogPrincipal = objPrincipal->GetPrincipal();
|
||||
|
||||
rv = subjectPrincipal->Subsumes(dialogPrincipal, &canAccess);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
} else {
|
||||
// Uh, not sure what kind of dialog this is. Prevent access to
|
||||
// be on the safe side...
|
||||
|
||||
canAccess = PR_FALSE;
|
||||
}
|
||||
}
|
||||
|
||||
if (canAccess) {
|
||||
nsCOMPtr<nsPIDOMWindow> win(do_QueryInterface(dlgWin));
|
||||
nsPIDOMWindow *inner = win->GetCurrentInnerWindow();
|
||||
|
||||
nsCOMPtr<nsIDOMModalContentWindow> dlgInner(do_QueryInterface(inner));
|
||||
|
||||
if (dlgInner) {
|
||||
dlgInner->GetReturnValue(aRetVal);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -7406,7 +7461,7 @@ nsGlobalWindow::OpenInternal(const nsAString& aUrl, const nsAString& aName,
|
||||
"Shouldn't have caller context when called noscript");
|
||||
|
||||
*aReturn = nsnull;
|
||||
|
||||
|
||||
nsCOMPtr<nsIWebBrowserChrome> chrome;
|
||||
GetWebBrowserChrome(getter_AddRefs(chrome));
|
||||
if (!chrome) {
|
||||
@ -9040,7 +9095,14 @@ nsGlobalModalWindow::GetDialogArguments(nsIArray **aArguments)
|
||||
FORWARD_TO_INNER_MODAL_CONTENT_WINDOW(GetDialogArguments, (aArguments),
|
||||
NS_ERROR_NOT_INITIALIZED);
|
||||
|
||||
*aArguments = mArguments;
|
||||
PRBool subsumes = PR_FALSE;
|
||||
nsIPrincipal *self = GetPrincipal();
|
||||
if (self && NS_SUCCEEDED(self->Subsumes(mArgumentsOrigin, &subsumes)) &&
|
||||
subsumes) {
|
||||
NS_IF_ADDREF(*aArguments = mArguments);
|
||||
} else {
|
||||
*aArguments = nsnull;
|
||||
}
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
@ -9065,6 +9127,20 @@ nsGlobalModalWindow::SetReturnValue(nsIVariant *aRetVal)
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsresult
|
||||
nsGlobalModalWindow::SetNewDocument(nsIDocument *aDocument,
|
||||
nsISupports *aState,
|
||||
PRBool aClearScopeHint)
|
||||
{
|
||||
// If we're loading a new document into a modal dialog, clear the
|
||||
// return value that was set, if any, by the current document.
|
||||
if (aDocument) {
|
||||
mReturnValue = nsnull;
|
||||
}
|
||||
|
||||
return nsGlobalWindow::SetNewDocument(aDocument, aState, aClearScopeHint);
|
||||
}
|
||||
|
||||
//*****************************************************************************
|
||||
// nsGlobalWindow: Creator Function (This should go away)
|
||||
//*****************************************************************************
|
||||
|
@ -261,7 +261,6 @@ public:
|
||||
|
||||
virtual void OnFinalize(PRUint32 aLangID, void *aScriptGlobal);
|
||||
virtual void SetScriptsEnabled(PRBool aEnabled, PRBool aFireTimeouts);
|
||||
virtual nsresult SetNewArguments(nsIArray *aArguments);
|
||||
|
||||
// nsIScriptObjectPrincipal
|
||||
virtual nsIPrincipal* GetPrincipal();
|
||||
@ -341,8 +340,8 @@ public:
|
||||
|
||||
virtual NS_HIDDEN_(void) SetDocShell(nsIDocShell* aDocShell);
|
||||
virtual NS_HIDDEN_(nsresult) SetNewDocument(nsIDocument *aDocument,
|
||||
nsISupports *aState,
|
||||
PRBool aClearScopeHint);
|
||||
nsISupports *aState,
|
||||
PRBool aClearScopeHint);
|
||||
virtual NS_HIDDEN_(void) SetOpenerWindow(nsIDOMWindowInternal *aOpener,
|
||||
PRBool aOriginalOpener);
|
||||
virtual NS_HIDDEN_(void) EnsureSizeUpToDate();
|
||||
@ -450,6 +449,7 @@ public:
|
||||
virtual void SetReadyForFocus();
|
||||
virtual void PageHidden();
|
||||
virtual nsresult DispatchAsyncHashchange();
|
||||
virtual nsresult SetArguments(nsIArray *aArguments, nsIPrincipal *aOrigin);
|
||||
|
||||
static PRBool DOMWindowDumpEnabled();
|
||||
|
||||
@ -466,6 +466,7 @@ protected:
|
||||
nsISupports *aState,
|
||||
PRBool aClearScopeHint,
|
||||
PRBool aIsInternalCall);
|
||||
nsresult DefineArgumentsProperty(nsIArray *aArguments);
|
||||
|
||||
// Get the parent, returns null if this is a toplevel window
|
||||
nsIDOMWindowInternal *GetParentInternal();
|
||||
@ -725,6 +726,7 @@ protected:
|
||||
nsCOMPtr<nsIControllers> mControllers;
|
||||
nsCOMPtr<nsIArray> mArguments;
|
||||
nsCOMPtr<nsIArray> mArgumentsLast;
|
||||
nsCOMPtr<nsIPrincipal> mArgumentsOrigin;
|
||||
nsRefPtr<nsNavigator> mNavigator;
|
||||
nsRefPtr<nsScreen> mScreen;
|
||||
nsRefPtr<nsHistory> mHistory;
|
||||
@ -846,6 +848,10 @@ public:
|
||||
|
||||
NS_DECL_CYCLE_COLLECTION_CLASS_INHERITED(nsGlobalModalWindow, nsGlobalWindow)
|
||||
|
||||
virtual NS_HIDDEN_(nsresult) SetNewDocument(nsIDocument *aDocument,
|
||||
nsISupports *aState,
|
||||
PRBool aClearScopeHint);
|
||||
|
||||
protected:
|
||||
nsCOMPtr<nsIVariant> mReturnValue;
|
||||
};
|
||||
|
@ -101,13 +101,12 @@ NS_HandleScriptError(nsIScriptGlobalObject *aScriptGlobal,
|
||||
|
||||
|
||||
#define NS_ISCRIPTGLOBALOBJECT_IID \
|
||||
{ /* {6afecd40-0b9a-4cfd-8c42-0f645cd91829} */ \
|
||||
0x6afecd40, 0x0b9a, 0x4cfd, \
|
||||
{ 0x8c, 0x42, 0x0f, 0x64, 0x5c, 0xd9, 0x18, 0x29 } }
|
||||
{ 0xe9f3f2c1, 0x2d94, 0x4722, \
|
||||
{ 0xbb, 0xd4, 0x2b, 0xf6, 0xfd, 0xf4, 0x2f, 0x48 } }
|
||||
|
||||
/**
|
||||
+ * The global object which keeps a script context for each supported script
|
||||
+ * language. This often used to store per-window global state.
|
||||
* The global object which keeps a script context for each supported script
|
||||
* language. This often used to store per-window global state.
|
||||
*/
|
||||
|
||||
class nsIScriptGlobalObject : public nsISupports
|
||||
@ -166,15 +165,8 @@ public:
|
||||
*/
|
||||
virtual void SetScriptsEnabled(PRBool aEnabled, PRBool aFireTimeouts) = 0;
|
||||
|
||||
/** Set a new arguments object for this window. This will be set on
|
||||
* the window right away (if there's an existing document) and it
|
||||
* will also be installed on the window when the next document is
|
||||
* loaded. Each language impl is responsible for converting to
|
||||
* an array of args as appropriate for that language.
|
||||
*/
|
||||
virtual nsresult SetNewArguments(nsIArray *aArguments) = 0;
|
||||
|
||||
/** Handle a script error. Generally called by a script context.
|
||||
/**
|
||||
* Handle a script error. Generally called by a script context.
|
||||
*/
|
||||
virtual nsresult HandleScriptError(nsScriptErrorEvent *aErrorEvent,
|
||||
nsEventStatus *aEventStatus) {
|
||||
|
@ -77,10 +77,11 @@ class nsPresContext;
|
||||
struct nsTimeout;
|
||||
class nsScriptObjectHolder;
|
||||
class nsXBLPrototypeHandler;
|
||||
class nsIArray;
|
||||
|
||||
#define NS_PIDOMWINDOW_IID \
|
||||
{ 0x249423c9, 0x42a6, 0x8243, \
|
||||
{ 0x49, 0x45, 0x71, 0x7f, 0x8d, 0x28, 0x84, 0x43 } }
|
||||
{ 0x70c9f57f, 0xf7b3, 0x4a37, \
|
||||
{ 0xbe, 0x36, 0xbb, 0xb2, 0xd7, 0xe9, 0x40, 0x13 } }
|
||||
|
||||
class nsPIDOMWindow : public nsIDOMWindowInternal
|
||||
{
|
||||
@ -470,6 +471,15 @@ public:
|
||||
*/
|
||||
virtual void SetHasOrientationEventListener() = 0;
|
||||
|
||||
/**
|
||||
* Set a arguments for this window. This will be set on the window
|
||||
* right away (if there's an existing document) and it will also be
|
||||
* installed on the window when the next document is loaded. Each
|
||||
* language impl is responsible for converting to an array of args
|
||||
* as appropriate for that language.
|
||||
*/
|
||||
virtual nsresult SetArguments(nsIArray *aArguments, nsIPrincipal *aOrigin) = 0;
|
||||
|
||||
protected:
|
||||
// The nsPIDOMWindow constructor. The aOuterWindow argument should
|
||||
// be null if and only if the created window itself is an outer
|
||||
|
@ -100,6 +100,8 @@ _TEST_FILES = \
|
||||
test_bug484775.html \
|
||||
test_bug427744.html \
|
||||
test_bug495219.html \
|
||||
test_bug504862.html \
|
||||
file_bug504862.html \
|
||||
$(NULL)
|
||||
|
||||
libs:: $(_TEST_FILES)
|
||||
|
@ -60,6 +60,7 @@
|
||||
#include "nsIDOMWindow.h"
|
||||
#include "nsIDOMChromeWindow.h"
|
||||
#include "nsIDOMWindowInternal.h"
|
||||
#include "nsIDOMModalContentWindow.h"
|
||||
#include "nsIScriptObjectPrincipal.h"
|
||||
#include "nsIScreen.h"
|
||||
#include "nsIScreenManager.h"
|
||||
@ -573,11 +574,21 @@ nsWindowWatcher::OpenWindowJSInternal(nsIDOMWindow *aParent,
|
||||
SizeSpec sizeSpec;
|
||||
CalcSizeSpec(features.get(), sizeSpec);
|
||||
|
||||
PRBool isCallerChrome = PR_FALSE;
|
||||
nsCOMPtr<nsIScriptSecurityManager>
|
||||
sm(do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID));
|
||||
if (sm)
|
||||
sm->SubjectPrincipalIsSystem(&isCallerChrome);
|
||||
|
||||
// Remember who's calling us. This code used to assume a null
|
||||
// subject principal if it failed to get the principal, but that's
|
||||
// just not safe, so bail on errors here.
|
||||
nsCOMPtr<nsIPrincipal> callerPrincipal;
|
||||
rv = sm->GetSubjectPrincipal(getter_AddRefs(callerPrincipal));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
PRBool isCallerChrome = PR_TRUE;
|
||||
if (callerPrincipal) {
|
||||
rv = sm->IsSystemPrincipal(callerPrincipal, &isCallerChrome);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
}
|
||||
|
||||
JSContext *cx = GetJSContextFromWindow(aParent);
|
||||
|
||||
@ -756,9 +767,10 @@ nsWindowWatcher::OpenWindowJSInternal(nsIDOMWindow *aParent,
|
||||
|
||||
if ((aDialog || windowIsModalContentDialog) && argv) {
|
||||
// Set the args on the new window.
|
||||
nsCOMPtr<nsIScriptGlobalObject> scriptGlobal(do_QueryInterface(*_retval));
|
||||
NS_ENSURE_TRUE(scriptGlobal, NS_ERROR_UNEXPECTED);
|
||||
rv = scriptGlobal->SetNewArguments(argv);
|
||||
nsCOMPtr<nsPIDOMWindow> piwin(do_QueryInterface(*_retval));
|
||||
NS_ENSURE_TRUE(piwin, NS_ERROR_UNEXPECTED);
|
||||
|
||||
rv = piwin->SetArguments(argv, callerPrincipal);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user