Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-26 06:11:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 956382 - Consider document.domain when computing security wrappers. r=mrbkap

Browse Source
This commit is contained in:
Bobby Holley 2014-02-13 18:57:35 -08:00
parent e0f33e6e2e
commit 2b33b064b7
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
js/xpconnect/wrappers/WrapperFactory.cpp
View File

@ -323,7 +323,7 @@ DEBUG_CheckUnwrapSafety(HandleObject obj, js::Wrapper *handler,
// this case.
} else {
// Otherwise, it should depend on whether the target subsumes the origin.
MOZ_ASSERT(handler->hasSecurityPolicy() == !AccessCheck::subsumes(target, origin));
MOZ_ASSERT(handler->hasSecurityPolicy() == !AccessCheck::subsumesConsideringDomain(target, origin));
}
}
#else
@ -385,8 +385,8 @@ WrapperFactory::Rewrap(JSContext *cx, HandleObject existing, HandleObject obj,
JSCompartment *target = js::GetContextCompartment(cx);
bool originIsChrome = AccessCheck::isChrome(origin);
bool targetIsChrome = AccessCheck::isChrome(target);
bool originSubsumesTarget = AccessCheck::subsumes(origin, target);
bool targetSubsumesOrigin = AccessCheck::subsumes(target, origin);
bool originSubsumesTarget = AccessCheck::subsumesConsideringDomain(origin, target);
bool targetSubsumesOrigin = AccessCheck::subsumesConsideringDomain(target, origin);
bool sameOrigin = targetSubsumesOrigin && originSubsumesTarget;
XrayType xrayType = GetXrayType(obj);
bool waiveXrayFlag = flags & WAIVE_XRAY_WRAPPER_FLAG;