Bug 1575051 - Part 4: Expose JS stack access check control on FindWithName. r=peterv

Differential Revision: https://phabricator.services.mozilla.com/D49286 --HG-- extra : moz-landing-system : lando
2024-10-08 10:44:56 +00:00 · 2019-10-25 15:34:30 +00:00 · 2019-10-25 15:34:30 +00:00 · 15dd2821c0
commit 15dd2821c0
parent 6330b1de84
3 changed files with 11 additions and 7 deletions
--- a/docshell/base/BrowsingContext.cpp
+++ b/docshell/base/BrowsingContext.cpp
@ -476,11 +476,14 @@ void BrowsingContext::GetChildren(Children& aChildren) {
 //
 // See
 // https://html.spec.whatwg.org/multipage/browsers.html#the-rules-for-choosing-a-browsing-context-given-a-browsing-context-name
-BrowsingContext* BrowsingContext::FindWithName(const nsAString& aName) {
+BrowsingContext* BrowsingContext::FindWithName(
+    const nsAString& aName, bool aUseEntryGlobalForAccessCheck) {
  RefPtr<BrowsingContext> requestingContext = this;
-  if (nsCOMPtr<nsIDocShell> caller = do_GetInterface(GetEntryGlobal())) {
-    if (caller->GetBrowsingContext()) {
-      requestingContext = caller->GetBrowsingContext();
+  if (aUseEntryGlobalForAccessCheck) {
+    if (nsCOMPtr<nsIDocShell> caller = do_GetInterface(GetEntryGlobal())) {
+      if (caller->GetBrowsingContext()) {
+        requestingContext = caller->GetBrowsingContext();
+      }
    }
  }

--- a/docshell/base/BrowsingContext.h
+++ b/docshell/base/BrowsingContext.h
@ -271,7 +271,8 @@ class BrowsingContext : public nsISupports,
  // BrowsingContext::FindWithName(const nsAString&) is equivalent to
  // calling nsIDocShellTreeItem::FindItemWithName(aName, nullptr,
  // nullptr, false, <return value>).
-  BrowsingContext* FindWithName(const nsAString& aName);
+  BrowsingContext* FindWithName(const nsAString& aName,
+                                bool aUseEntryGlobalForAccessCheck = true);

  // Find a browsing context in this context's list of
  // children. Doesn't consider the special names, '_self', '_parent',
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@ -8518,8 +8518,8 @@ nsresult nsDocShell::PerformRetargeting(nsDocShellLoadState* aLoadState,
      aLoadState->Target().LowerCaseEqualsLiteral("_self") ||
      aLoadState->Target().LowerCaseEqualsLiteral("_parent") ||
      aLoadState->Target().LowerCaseEqualsLiteral("_top")) {
-    if (BrowsingContext* context =
-            mBrowsingContext->FindWithName(aLoadState->Target())) {
+    if (BrowsingContext* context = mBrowsingContext->FindWithName(
+            aLoadState->Target(), /* aUseEntryGlobalForAccessCheck */ false)) {
      targetDocShell = context->GetDocShell();
    }
  }