Fix bug 636097 (r=gal, a=blocker).

This commit is contained in:
mrbkap@gmail.com 2011-02-23 22:13:17 -08:00
parent 9c4e860a93
commit 5178abf4ed
4 changed files with 68 additions and 3 deletions

View File

@ -87,6 +87,7 @@ _TEST_FILES = bug500931_helper.html \
test1_bug629331.html \
test2_bug629331.html \
test_bug618017.html \
test_bug636097.html \
$(NULL)
#test_bug484107.html \

View File

@ -0,0 +1,63 @@
<!DOCTYPE HTML>
<html>
<!--
https://bugzilla.mozilla.org/show_bug.cgi?id=504877
test by moz_bug_r_a4@yahoo.com
-->
<head>
<title>Test for Bug 504877</title>
<script type="application/javascript" src="/MochiKit/packed.js"></script>
<script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
</head>
<body>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=504877">Mozilla Bug 504877</a>
<p id="display"></p>
<div id="content" style="display: none">
</div>
<pre id="test">
<script type="application/javascript">
/** Test for Bug 504877 **/
SimpleTest.waitForExplicitFinish();
var targetUrl = "http://example.com/";
var l;
function a() {
var r = "FAIL", s;
try {
s = l.toString();
}
catch (e) {
if (/Permission denied/.test(e))
r = "PASS";
s = e;
}
is(r, "PASS", "should have thrown an exception");
SimpleTest.finish();
}
var p = 0;
function b() {
switch (++p) {
case 1:
frames[0].location = "about:blank";
break;
case 2:
l = frames[0].location;
frames[0].location = targetUrl;
break;
case 3:
a();
break;
}
}
</script>
</pre>
<iframe onload="b()"></iframe>
</body>
</html>

View File

@ -93,7 +93,9 @@ AccessCheck::isLocationObjectSameOrigin(JSContext *cx, JSObject *wrapper)
JS_ASSERT(obj->getClass()->ext.innerObject);
}
OBJ_TO_INNER_OBJECT(cx, obj);
return obj && isSameOrigin(wrapper->compartment(), obj->compartment());
return obj &&
(isSameOrigin(wrapper->compartment(), obj->compartment()) ||
documentDomainMakesSameOrigin(cx, obj));
}
bool

View File

@ -121,8 +121,7 @@ struct SameOriginOrCrossOriginAccessiblePropertiesOnly : public Policy {
static bool check(JSContext *cx, JSObject *wrapper, jsid id, JSWrapper::Action act,
Permission &perm) {
if (AccessCheck::isCrossOriginAccessPermitted(cx, wrapper, id, act) ||
AccessCheck::isLocationObjectSameOrigin(cx, wrapper) ||
AccessCheck::documentDomainMakesSameOrigin(cx, wrapper->unwrap())) {
AccessCheck::isLocationObjectSameOrigin(cx, wrapper)) {
perm = PermitPropertyAccess;
return true;
}