Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-29 15:52:07 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fixes for bugs 79796, 77203, and 54060. r=jband@netscape.com,

Browse Source 
sr=brendan@mozilla.org
This commit is contained in:
mstoltz%netscape.com 2001-05-11 00:43:27 +00:00
parent 1a1b738b1b
commit 59c995612e
7 changed files with 76 additions and 114 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
caps/idl/nsIScriptSecurityManager.idl
View File

@ -40,8 +40,7 @@ interface nsIScriptSecurityManager : nsIXPCSecurityManager
in nsISupports aObj,
in nsIClassInfo aClassInfo,
in string aClassName,
in string aProperty,
in boolean skipFrame);
in string aProperty);
/**
* Check that the script currently running in context "cx" can load "uri".

15
caps/include/nsScriptSecurityManager.h
View File

@ -114,11 +114,11 @@ private:
JSContext* aJSContext, JSObject* aJSObject,
nsISupports* aObj, nsIClassInfo* aClassInfo,
jsval aName, const char* aClassName,
const char* aProperty, PRBool skipFrame, void** aPolicy);
const char* aProperty, void** aPolicy);
nsresult
CheckSameOrigin(JSContext* aCx, nsIPrincipal* aSubject,
nsIPrincipal* aObject, PRUint32 aAction, PRBool aSkipFrame);
nsIPrincipal* aObject, PRUint32 aAction);
PRInt32
GetSecurityLevel(JSContext* aCx, nsIPrincipal *principal,
@ -146,28 +146,21 @@ private:
nsresult
GetScriptPrincipal(JSContext* cx, JSScript* script, nsIPrincipal** result);
nsresult
GetCallingPrincipal(JSContext* cx, nsIPrincipal** result);
nsresult
GetFunctionObjectPrincipal(JSContext* cx, JSObject* obj,
nsIPrincipal** result);
nsresult
GetPrincipalAndFrame(JSContext *cx, PRBool skipInnerFrame,
GetPrincipalAndFrame(JSContext *cx,
nsIPrincipal** result,
JSStackFrame** frameResult);
nsresult
SavePrincipal(nsIPrincipal* aToSave);
nsresult IsCapabilityEnabledImpl(const char *capability,
PRBool skipFrame,
PRBool *result);
nsresult
CheckXPCPermissions(JSContext* cx, nsISupports* aObj,
const char* aObjectSecurityLevel, PRBool skipFrame, const char* aErrorMsg);
const char* aObjectSecurityLevel, const char* aErrorMsg);
nsresult
InitPrefs();

121
caps/src/nsScriptSecurityManager.cpp
View File

@ -64,7 +64,7 @@
#include "nsIWindowWatcher.h"
#include "nsIConsoleService.h"
#include "nsISecurityCheckedComponent.h"
#include "nsIPref.h"
#include "nsIPrefBranchInternal.h"
static NS_DEFINE_IID(kIIOServiceIID, NS_IIOSERVICE_IID);
static NS_DEFINE_CID(kIOServiceCID, NS_IOSERVICE_CID);
@ -143,12 +143,10 @@ nsScriptSecurityManager::CheckPropertyAccess(PRUint32 aAction,
nsISupports* aObj,
nsIClassInfo* aClassInfo,
const char* aClassName,
const char* aProperty,
PRBool aSkipFrame)
const char* aProperty)
{
return CheckPropertyAccessImpl(aAction, nsnull, aJSContext, aJSObject, aObj,
aClassInfo, nsnull, aClassName, aProperty,
aSkipFrame, nsnull);
aClassInfo, nsnull, aClassName, aProperty, nsnull);
}
nsresult
@ -157,13 +155,10 @@ nsScriptSecurityManager::CheckPropertyAccessImpl(PRUint32 aAction,
JSContext* aJSContext, JSObject* aJSObject,
nsISupports* aObj, nsIClassInfo* aClassInfo,
jsval aName, const char* aClassName,
const char* aProperty,
PRBool aSkipFrame, void** aPolicy)
const char* aProperty, void** aPolicy)
{
nsCOMPtr<nsIPrincipal> subjectPrincipal;
JSStackFrame *notused;
if (NS_FAILED(GetPrincipalAndFrame(aJSContext, aSkipFrame,
getter_AddRefs(subjectPrincipal), &notused)))
if (NS_FAILED(GetSubjectPrincipal(aJSContext, getter_AddRefs(subjectPrincipal))))
return NS_ERROR_FAILURE;
PRBool equals;
@ -245,8 +240,7 @@ nsScriptSecurityManager::CheckPropertyAccessImpl(PRUint32 aAction,
getter_AddRefs(objectPrincipal))))
return NS_ERROR_FAILURE;
rv = CheckSameOrigin(aJSContext, subjectPrincipal, objectPrincipal,
aAction == nsIXPCSecurityManager::ACCESS_SET_PROPERTY,
aSkipFrame);
aAction == nsIXPCSecurityManager::ACCESS_SET_PROPERTY);
}
else
rv = NS_ERROR_DOM_SECURITY_ERR;
@ -318,7 +312,7 @@ nsScriptSecurityManager::CheckPropertyAccessImpl(PRUint32 aAction,
}
}
}
rv = CheckXPCPermissions(aJSContext, aObj, objectSecurityLevel, aSkipFrame,
rv = CheckXPCPermissions(aJSContext, aObj, objectSecurityLevel,
"Permission denied to access property");
#ifdef DEBUG_mstoltz
if(NS_SUCCEEDED(rv))
@ -331,8 +325,7 @@ nsScriptSecurityManager::CheckPropertyAccessImpl(PRUint32 aAction,
nsresult
nsScriptSecurityManager::CheckSameOrigin(JSContext *aCx, nsIPrincipal* aSubject,
nsIPrincipal* aObject, PRUint32 aAction,
PRBool aSkipFrame)
nsIPrincipal* aObject, PRUint32 aAction)
{
/*
** Get origin of subject and object and compare.
@ -366,7 +359,7 @@ nsScriptSecurityManager::CheckSameOrigin(JSContext *aCx, nsIPrincipal* aSubject,
PRBool capabilityEnabled = PR_FALSE;
const char* cap = aAction == nsIXPCSecurityManager::ACCESS_SET_PROPERTY ?
"UniversalBrowserWrite" : "UniversalBrowserRead";
if (NS_FAILED(IsCapabilityEnabledImpl(cap, aSkipFrame, &capabilityEnabled)))
if (NS_FAILED(IsCapabilityEnabled(cap, &capabilityEnabled)))
return NS_ERROR_FAILURE;
if (capabilityEnabled)
return NS_OK;
@ -411,7 +404,7 @@ nsScriptSecurityManager::GetSecurityLevel(JSContext* aJSContext,
//-- Look up the security policy for this property
nsCAutoString prefName;
if (NS_FAILED(GetPrefName(principal, aClassName, aPropertyName,
classPolicy, prefName)))
classPolicy, prefName)))
return SCRIPT_SECURITY_NO_ACCESS;
char *secLevelString;
rv = mSecurityPrefs->SecurityGetCharPref(prefName, &secLevelString);
@ -420,6 +413,18 @@ nsScriptSecurityManager::GetSecurityLevel(JSContext* aJSContext,
prefName += (aAction == nsIXPCSecurityManager::ACCESS_SET_PROPERTY ? ".set" : ".get");
rv = mSecurityPrefs->SecurityGetCharPref(prefName, &secLevelString);
}
if (NS_FAILED(rv)) //-- No site policy for this property; look for a default policy
{
if (NS_FAILED(GetPrefName(principal, aClassName, aPropertyName,
nsnull, prefName)))
return SCRIPT_SECURITY_NO_ACCESS;
rv = mSecurityPrefs->SecurityGetCharPref(prefName, &secLevelString);
if (NS_FAILED(rv))
{
prefName += (aAction == nsIXPCSecurityManager::ACCESS_SET_PROPERTY ? ".set" : ".get");
rv = mSecurityPrefs->SecurityGetCharPref(prefName, &secLevelString);
}
}
if (NS_SUCCEEDED(rv) && secLevelString)
{
if (PL_strcmp(secLevelString, "sameOrigin") == 0)
@ -571,7 +576,7 @@ nsScriptSecurityManager::CheckLoadURIFromScript(JSContext *cx, nsIURI *aURI)
// Get principal of currently executing script.
nsCOMPtr<nsIPrincipal> principal;
if (NS_FAILED(GetCallingPrincipal(cx, getter_AddRefs(principal))))
if (NS_FAILED(GetSubjectPrincipal(cx, getter_AddRefs(principal))))
return NS_ERROR_FAILURE;
// Native code can load all URIs.
@ -689,6 +694,7 @@ nsScriptSecurityManager::CheckLoadURI(nsIURI *aSourceURI, nsIURI *aTargetURI,
};
nsXPIDLCString targetSpec;
const char* targetPage;
for (unsigned i=0; i < sizeof(protocolList)/sizeof(protocolList[0]); i++) {
if (nsCRT::strcasecmp(targetScheme, protocolList[i].name) == 0) {
PRBool doCheck = PR_FALSE;
@ -707,9 +713,11 @@ nsScriptSecurityManager::CheckLoadURI(nsIURI *aSourceURI, nsIURI *aTargetURI,
// Allow loading about:blank, otherwise deny
if(NS_FAILED(targetUri->GetSpec(getter_Copies(targetSpec))))
return NS_ERROR_FAILURE;
return (PL_strcmp(targetSpec, "about:blank") == 0) ||
(PL_strcmp(targetSpec, "about:") == 0) ||
(PL_strcmp(targetSpec, "about:mozilla") == 0) ?
targetPage = targetSpec.get() + sizeof("about:") - 1;
return (PL_strcmp(targetPage, "blank") == 0) ||
(PL_strcmp(targetPage, "") == 0) ||
(PL_strcmp(targetPage, "mozilla") == 0) ||
(PL_strcmp(targetPage, "credits") == 0) ?
NS_OK : ReportErrorToConsole(aTargetURI);
case DenyProtocol:
// Deny access
@ -1069,10 +1077,16 @@ nsScriptSecurityManager::GetFunctionObjectPrincipal(JSContext *cx,
nsIPrincipal **result)
{
JSFunction *fun = (JSFunction *) JS_GetPrivate(cx, obj);
if (JS_GetFunctionObject(fun) != obj)
// Function has been cloned; get principals from scope
return GetObjectPrincipal(cx, obj, result);
JSScript *script = JS_GetFunctionScript(cx, fun);
if (script && JS_GetFunctionObject(fun) != obj)
{
// Scripted function has been cloned; get principals from obj's
// parent-linked scope chain. We do not get object principals for a
// cloned *native* function, because the subject in that case is a
// script or function further down the stack who is calling us.
return GetObjectPrincipal(cx, obj, result);
}
return GetScriptPrincipal(cx, script, result);
}
@ -1093,20 +1107,11 @@ nsScriptSecurityManager::GetFramePrincipal(JSContext *cx,
nsresult
nsScriptSecurityManager::GetPrincipalAndFrame(JSContext *cx,
PRBool skipInnerFrame,
nsIPrincipal **result,
JSStackFrame **frameResult)
{
// Get principals from innermost frame of JavaScript or Java.
JSStackFrame *fp = nsnull; // tell JS_FrameIterator to start at innermost
if (skipInnerFrame) // Skip the innermost frame
{
fp = JS_FrameIterator(cx, &fp);
#ifdef DEBUG_mstoltz
if(!fp)
printf("####### JS stack weirdness in GetPrincipalAndFrame.\n");
#endif
}
for (fp = JS_FrameIterator(cx, &fp); fp; fp = JS_FrameIterator(cx, &fp))
{
if (NS_FAILED(GetFramePrincipal(cx, fp, result)))
@ -1149,15 +1154,7 @@ nsScriptSecurityManager::GetSubjectPrincipal(JSContext *cx,
nsIPrincipal **result)
{
JSStackFrame *fp;
return GetPrincipalAndFrame(cx, PR_FALSE, result, &fp);
}
nsresult
nsScriptSecurityManager::GetCallingPrincipal(JSContext *cx,
nsIPrincipal **result)
{
JSStackFrame *fp;
return GetPrincipalAndFrame(cx, PR_TRUE, result, &fp);
return GetPrincipalAndFrame(cx, result, &fp);
}
nsresult
@ -1262,14 +1259,6 @@ nsScriptSecurityManager::SavePrincipal(nsIPrincipal* aToSave)
NS_IMETHODIMP
nsScriptSecurityManager::IsCapabilityEnabled(const char *capability,
PRBool *result)
{
return IsCapabilityEnabledImpl(capability, PR_FALSE, result);
}
nsresult
nsScriptSecurityManager::IsCapabilityEnabledImpl(const char *capability,
PRBool aSkipFrame,
PRBool *result)
{
nsresult rv;
JSStackFrame *fp = nsnull;
@ -1280,9 +1269,6 @@ nsScriptSecurityManager::IsCapabilityEnabledImpl(const char *capability,
*result = PR_TRUE;
return NS_OK;
}
if (aSkipFrame)
fp = JS_FrameIterator(cx, &fp);
do
{
nsCOMPtr<nsIPrincipal> principal;
@ -1494,8 +1480,7 @@ nsScriptSecurityManager::EnableCapability(const char *capability)
}
nsCOMPtr<nsIPrincipal> principal;
if (NS_FAILED(GetPrincipalAndFrame(cx, PR_FALSE, getter_AddRefs(principal),
&fp)))
if (NS_FAILED(GetPrincipalAndFrame(cx, getter_AddRefs(principal), &fp)))
return NS_ERROR_FAILURE;
void *annotation = JS_GetFrameAnnotation(cx, fp);
PRBool enabled;
@ -1527,8 +1512,7 @@ nsScriptSecurityManager::RevertCapability(const char *capability)
JSContext *cx = GetCurrentContextQuick();
JSStackFrame *fp;
nsCOMPtr<nsIPrincipal> principal;
if (NS_FAILED(GetPrincipalAndFrame(cx, PR_FALSE, getter_AddRefs(principal),
&fp)))
if (NS_FAILED(GetPrincipalAndFrame(cx, getter_AddRefs(principal), &fp)))
return NS_ERROR_FAILURE;
void *annotation = JS_GetFrameAnnotation(cx, fp);
principal->RevertCapability(capability, &annotation);
@ -1542,8 +1526,7 @@ nsScriptSecurityManager::DisableCapability(const char *capability)
JSContext *cx = GetCurrentContextQuick();
JSStackFrame *fp;
nsCOMPtr<nsIPrincipal> principal;
if (NS_FAILED(GetPrincipalAndFrame(cx, PR_FALSE, getter_AddRefs(principal),
&fp)))
if (NS_FAILED(GetPrincipalAndFrame(cx, getter_AddRefs(principal), &fp)))
return NS_ERROR_FAILURE;
void *annotation = JS_GetFrameAnnotation(cx, fp);
principal->DisableCapability(capability, &annotation);
@ -1656,8 +1639,7 @@ nsScriptSecurityManager::CanCreateWrapper(JSContext *aJSContext,
if (checkedComponent)
checkedComponent->CanCreateWrapper((nsIID *)&aIID, getter_Copies(objectSecurityLevel));
// XXX Do we skip a frame here or not? Need to find out
return CheckXPCPermissions(aJSContext, aObj, objectSecurityLevel, PR_TRUE,
return CheckXPCPermissions(aJSContext, aObj, objectSecurityLevel,
"Permission denied to create wrapper for object");
}
@ -1672,7 +1654,7 @@ nsScriptSecurityManager::CanCreateInstance(JSContext *aJSContext,
PR_FREEIF(cidStr);
#endif
return CheckXPCPermissions(aJSContext, nsnull, nsnull, PR_FALSE,
return CheckXPCPermissions(aJSContext, nsnull, nsnull,
"Permission denied to create instance of class");
}
@ -1686,7 +1668,7 @@ nsScriptSecurityManager::CanGetService(JSContext *aJSContext,
PR_FREEIF(cidStr);
#endif
return CheckXPCPermissions(aJSContext, nsnull, nsnull, PR_FALSE,
return CheckXPCPermissions(aJSContext, nsnull, nsnull,
"Permission denied to get service");
}
@ -1702,19 +1684,18 @@ nsScriptSecurityManager::CanAccess(PRUint32 aAction,
void** aPolicy)
{
return CheckPropertyAccessImpl(aAction, aCallContext, aJSContext, aJSObject,
aObj, aClassInfo, aName, nsnull, nsnull, PR_TRUE, aPolicy);
aObj, aClassInfo, aName, nsnull, nsnull, aPolicy);
}
nsresult
nsScriptSecurityManager::CheckXPCPermissions(JSContext *aJSContext,
nsISupports* aObj,
const char* aObjectSecurityLevel,
PRBool aSkipFrame,
const char* aErrorMsg)
{
//-- Check for the all-powerful UniversalXPConnect privilege
PRBool ok = PR_FALSE;
if (NS_SUCCEEDED(IsCapabilityEnabledImpl("UniversalXPConnect", aSkipFrame, &ok)) && ok)
if (NS_SUCCEEDED(IsCapabilityEnabled("UniversalXPConnect", &ok)) && ok)
return NS_OK;
//-- If the object implements nsISecurityCheckedComponent, it has a non-default policy.
@ -2135,14 +2116,14 @@ nsScriptSecurityManager::InitPrefs()
NS_ENSURE_SUCCESS(rv, rv);
mSecurityPrefs = do_QueryInterface(mPrefs, &rv);
NS_ENSURE_SUCCESS(rv, rv);
nsCOMPtr<nsIPref> oldPrefService = do_GetService(NS_PREF_CONTRACTID, &rv);
nsCOMPtr<nsIPrefBranchInternal> prefBranchInternal = do_QueryInterface(mPrefs, &rv);
NS_ENSURE_SUCCESS(rv, rv);
// Set the initial value of the "javascript.enabled" prefs
JSEnabledPrefChanged();
// set observer callbacks in case the value of the pref changes
oldPrefService->AddObserver(sJSEnabledPrefName, this);
oldPrefService->AddObserver(sJSMailEnabledPrefName, this);
prefBranchInternal->AddObserver(sJSEnabledPrefName, this);
prefBranchInternal->AddObserver(sJSMailEnabledPrefName, this);
PRUint32 prefCount;
char** prefNames;
@ -2162,7 +2143,7 @@ nsScriptSecurityManager::InitPrefs()
NS_FREE_XPCOM_ALLOCATED_POINTER_ARRAY(prefCount, prefNames);
//-- Set a callback for principal changes
oldPrefService->AddObserver(sPrincipalPrefix, this);
prefBranchInternal->AddObserver(sPrincipalPrefix, this);
return NS_OK;
}

2
content/events/src/nsEventListenerManager.cpp
View File

@ -978,7 +978,7 @@ nsEventListenerManager::RegisterScriptEventListener(nsIScriptContext *aContext,
if (NS_FAILED(rv = securityManager->CheckPropertyAccess(
nsIXPCSecurityManager::ACCESS_SET_PROPERTY, cx, jsobj, aObject, classInfo,
"EventTarget","addEventListener", PR_FALSE))) {
"EventTarget","addEventListener"))) {
// XXX set pending exception on the native call context?
return rv;
}

29
dom/src/base/nsDOMClassInfo.cpp
View File

@ -1081,18 +1081,12 @@ nsWindowSH::doCheckWriteAccess(JSContext *cx, JSObject *obj, jsval id,
nsresult rv;
#if 1
PRBool isLocation = JSVAL_IS_STRING(id) &&
JSVAL_TO_STRING(id) == sLocation_id;
rv = sSecMan->CheckPropertyAccess(nsIXPCSecurityManager::ACCESS_SET_PROPERTY,
cx, obj, native, this, "Window",
isLocation ? "location" : "scriptglobals",
PR_FALSE);
#else
rv = sSecMan->CanAccess(nsIXPCSecurityManager::ACCESS_SET_PROPERTY, nsnull,
cx, obj, native, this, id, nsnull);
#endif
isLocation ? "location" : "scriptglobals");
if (NS_SUCCEEDED(rv)) {
return rv;
@ -1102,15 +1096,13 @@ nsWindowSH::doCheckWriteAccess(JSContext *cx, JSObject *obj, jsval id,
// following lines ensure that the exception is propagated.
nsCOMPtr<nsIXPCNativeCallContext> cnccx;
sXPConnect->GetCurrentNativeCallContext(getter_AddRefs(cnccx));
NS_ENSURE_SUCCESS(rv, rv);
cnccx->SetExceptionWasThrown(PR_TRUE);
rv = sXPConnect->GetCurrentNativeCallContext(getter_AddRefs(cnccx));
if (cnccx)
cnccx->SetExceptionWasThrown(PR_TRUE);
return rv; // rv is from CheckPropertyAccess()
}
nsresult
nsWindowSH::doCheckReadAccess(JSContext *cx, JSObject *obj, jsval id,
nsISupports *native)
@ -1127,18 +1119,12 @@ nsWindowSH::doCheckReadAccess(JSContext *cx, JSObject *obj, jsval id,
return NS_OK;
}
#if 1
PRBool isLocation = JSVAL_IS_STRING(id) &&
JSVAL_TO_STRING(id) == sLocation_id;
rv = sSecMan->CheckPropertyAccess(nsIXPCSecurityManager::ACCESS_GET_PROPERTY,
cx, obj, native, this, "Window",
isLocation ? "location" : "scriptglobals",
PR_FALSE);
#else
rv = sSecMan->CanAccess(nsIXPCSecurityManager::ACCESS_GET_PROPERTY,
nsnull, cx, obj, native, this, id, nsnull);
#endif
isLocation ? "location" : "scriptglobals");
if (NS_SUCCEEDED(rv)) {
return rv;
@ -1149,9 +1135,8 @@ nsWindowSH::doCheckReadAccess(JSContext *cx, JSObject *obj, jsval id,
nsCOMPtr<nsIXPCNativeCallContext> cnccx;
sXPConnect->GetCurrentNativeCallContext(getter_AddRefs(cnccx));
NS_ENSURE_SUCCESS(rv, rv);
cnccx->SetExceptionWasThrown(PR_TRUE);
if (cnccx)
cnccx->SetExceptionWasThrown(PR_TRUE);
return rv; // rv is from CheckPropertyAccess()
}

5
dom/src/base/nsGlobalWindow.cpp
View File

@ -4096,9 +4096,8 @@ NavigatorImpl::Preference()
action = nsIXPCSecurityManager::ACCESS_GET_PROPERTY;
else
action = nsIXPCSecurityManager::ACCESS_SET_PROPERTY;
rv = secMan->CheckPropertyAccess(action,
cx, nsnull, nsnull, nsnull, "Navigator", "preferenceinternal",
PR_TRUE);
rv = secMan->CheckPropertyAccess(action, cx, nsnull, nsnull, nsnull,
"Navigator", "preferenceinternal");
if (NS_FAILED(rv))
{
//-- XXX doing the right thing here? Does the exception propagate?

15
modules/libpref/src/init/all.js
View File

@ -144,10 +144,6 @@ pref("browser.search.defaultenginename", "chrome://navigator/locale/navigator.pr
// Default Capability Preferences: Security-Critical!
// Editing these may create a security risk - be sure you know what you're doing
//pref("capability.policy.default.barprop.visible.set", "UniversalBrowserWrite");
pref("capability.policy.default.Document.close", "allAccess");
pref("capability.policy.default.Document.open", "allAccess");
pref("capability.policy.default.Document.write", "allAccess");
pref("capability.policy.default.Document.writeln", "allAccess");
pref("capability.policy.default.Domexception.code", "allAccess");
pref("capability.policy.default.Domexception.message", "allAccess");
@ -159,12 +155,17 @@ pref("capability.policy.default.History.back", "allAccess");
pref("capability.policy.default.History.current", "UniversalBrowserRead");
pref("capability.policy.default.History.forward", "allAccess");
pref("capability.policy.default.History.go", "allAccess");
pref("capability.policy.default.History.item", "UniversalBrowserRead");
//pref("capability.policy.default.History.item", "UniversalBrowserRead");
pref("capability.policy.default.History.length", "UniversalBrowserRead");
pref("capability.policy.default.History.next", "UniversalBrowserRead");
pref("capability.policy.default.History.previous", "UniversalBrowserRead");
pref("capability.policy.default.History.toString", "UniversalBrowserRead");
pref("capability.policy.default.HTMLDocument.close", "allAccess");
pref("capability.policy.default.HTMLDocument.open", "allAccess");
pref("capability.policy.default.HTMLDocument.write", "allAccess");
pref("capability.policy.default.HTMLDocument.writeln", "allAccess");
pref("capability.policy.default.Location.hash.set", "allAccess");
pref("capability.policy.default.Location.host.set", "allAccess");
pref("capability.policy.default.Location.hostname.set", "allAccess");
@ -172,6 +173,8 @@ pref("capability.policy.default.Location.href.set", "allAccess");
pref("capability.policy.default.Location.pathname.set", "allAccess");
pref("capability.policy.default.Location.port.set", "allAccess");
pref("capability.policy.default.Location.protocol.set", "allAccess");
pref("capability.policy.default.Location.reload", "allAccess");
pref("capability.policy.default.Location.replace", "allAccess");
pref("capability.policy.default.Location.search.set", "allAccess");
pref("capability.policy.default.Navigator.preference", "allAccess");
@ -188,6 +191,8 @@ pref("capability.policy.default.Window.history", "allAccess");
pref("capability.policy.default.Window.location", "allAccess");
// window.openDialog is insecure and must be made inaccessible from web scripts - see bug 56009
pref("capability.policy.default.Window.opendialog", "noAccess");
pref("capability.policy.default.Window.self", "allAccess");
pref("capability.policy.default.Window.window", "allAccess");
pref("capability.policy.mailnews.Domexception.tostring", "noAccess");
pref("capability.policy.mailnews.HTMLDocument.domain", "noAccess");