Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-17 15:25:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

bug 580128 - Make document.domain affect how we look up properties in addition to the security check. r=gal

Browse Source
This commit is contained in:
Blake Kaplan 2010-10-10 15:42:21 -07:00
parent 5631a85e40
commit 316a5324f1
1 changed files with 55 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
js/src/xpconnect/wrappers/XrayWrapper.cpp
View File

@ -427,8 +427,11 @@ class AutoLeaveHelper
};
static bool
UniversalXPConnect()
Transparent(JSContext *cx, JSObject *wrapper)
{
if (!WrapperFactory::IsPartiallyTransparent(wrapper))
return false;
// Redirect access straight to the wrapper if UniversalXPConnect is enabled.
nsIScriptSecurityManager *ssm = XPCWrapper::GetSecurityManager();
if (ssm) {
@ -436,6 +439,49 @@ UniversalXPConnect()
if (NS_SUCCEEDED(ssm->IsCapabilityEnabled("UniversalXPConnect", &privileged)) && privileged)
return true;
}
JSObject *scope = nsnull;
JSStackFrame *fp = nsnull;
JS_FrameIterator(cx, &fp);
if (fp) {
while (fp->isDummyFrame()) {
if (!JS_FrameIterator(cx, &fp))
break;
}
if (fp)
scope = &fp->scopeChain();
}
if (!scope)
scope = JS_GetScopeChain(cx);
nsIPrincipal *subject;
nsIPrincipal *object;
nsIXPConnect *xpc = nsXPConnect::GetXPConnect();
{
JSAutoEnterCompartment ac;
if (!ac.enter(cx, scope))
return false;
subject = xpc->GetPrincipal(JS_GetGlobalForObject(cx, scope), PR_TRUE);
}
{
JSAutoEnterCompartment ac;
JSObject *obj = wrapper->unwrap();
if (!ac.enter(cx, obj))
return false;
object = xpc->GetPrincipal(JS_GetGlobalForObject(cx, obj), PR_TRUE);
}
PRBool subsumes;
if (NS_SUCCEEDED(subject->Subsumes(object, &subsumes)) && subsumes)
return true;
return false;
}
@ -497,8 +543,8 @@ XrayWrapper<Base, Policy>::getPropertyDescriptor(JSContext *cx, JSObject *wrappe
return true;
}
// Redirect access straight to the wrapper if UniversalXPConnect is enabled.
if (WrapperFactory::IsPartiallyTransparent(wrapper) && UniversalXPConnect()) {
// Redirect access straight to the wrapper if we are transparent.
if (Transparent(cx, wrapper)) {
JSObject *wnObject = GetWrappedNativeObjectFromHolder(cx, holder);
{
@ -538,7 +584,7 @@ XrayWrapper<Base, Policy>::defineProperty(JSContext *cx, JSObject *wrapper, jsid
JSPropertyDescriptor *jsdesc = Jsvalify(desc);
// Redirect access straight to the wrapper if UniversalXPConnect is enabled.
if (WrapperFactory::IsPartiallyTransparent(wrapper) && UniversalXPConnect()) {
if (Transparent(cx, wrapper)) {
JSObject *wnObject = GetWrappedNativeObjectFromHolder(cx, holder);
JSAutoEnterCompartment ac;
@ -578,7 +624,7 @@ XrayWrapper<Base, Policy>::getOwnPropertyNames(JSContext *cx, JSObject *wrapper,
JSObject *holder = GetHolder(wrapper);
// Redirect access straight to the wrapper if UniversalXPConnect is enabled.
if (WrapperFactory::IsPartiallyTransparent(wrapper) && UniversalXPConnect()) {
if (Transparent(cx, wrapper)) {
JSObject *wnObject = GetWrappedNativeObjectFromHolder(cx, holder);
JSAutoEnterCompartment ac;
@ -599,8 +645,8 @@ XrayWrapper<Base, Policy>::delete_(JSContext *cx, JSObject *wrapper, jsid id, bo
jsval v;
JSBool b;
// Redirect access straight to the wrapper if UniversalXPConnect is enabled.
if (WrapperFactory::IsPartiallyTransparent(wrapper) && UniversalXPConnect()) {
// Redirect access straight to the wrapper if we should be transparent.
if (Transparent(cx, wrapper)) {
JSObject *wnObject = GetWrappedNativeObjectFromHolder(cx, holder);
JSAutoEnterCompartment ac;
@ -625,8 +671,8 @@ XrayWrapper<Base, Policy>::enumerate(JSContext *cx, JSObject *wrapper, js::AutoI
{
JSObject *holder = GetHolder(wrapper);
// Redirect access straight to the wrapper if UniversalXPConnect is enabled.
if (WrapperFactory::IsPartiallyTransparent(wrapper) && UniversalXPConnect()) {
// Redirect access straight to the wrapper if we are transparent.
if (Transparent(cx, wrapper)) {
JSObject *wnObject = GetWrappedNativeObjectFromHolder(cx, holder);
JSAutoEnterCompartment ac;