mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-21 17:25:36 +00:00
Bug 1595890 part 3. Remove xpc::IsContentXBLCompartment and its various callsites. r=bholley
It always returns false. Differential Revision: https://phabricator.services.mozilla.com/D52746 --HG-- extra : moz-landing-system : lando
This commit is contained in:
parent
54ecf58430
commit
93a34e5934
@ -2115,7 +2115,7 @@ bool nsContentUtils::IsCallerContentXBL() {
|
||||
return true;
|
||||
}
|
||||
|
||||
return xpc::IsContentXBLScope(realm);
|
||||
return false;
|
||||
}
|
||||
|
||||
bool nsContentUtils::IsCallerUAWidget() {
|
||||
|
@ -1560,39 +1560,6 @@ static bool ResolvePrototypeOrConstructor(
|
||||
return JS_WrapPropertyDescriptor(cx, desc);
|
||||
}
|
||||
|
||||
#ifdef DEBUG
|
||||
|
||||
static void DEBUG_CheckXBLCallable(JSContext* cx, JSObject* obj) {
|
||||
// In general, we shouldn't have cross-compartment wrappers here, because
|
||||
// we should be running in an XBL scope, and the content prototype should
|
||||
// contain wrappers to functions defined in the XBL scope. But if the node
|
||||
// has been adopted into another compartment, those prototypes will now point
|
||||
// to a different XBL scope (which is ok).
|
||||
MOZ_ASSERT_IF(js::IsCrossCompartmentWrapper(obj),
|
||||
xpc::IsInContentXBLScope(js::UncheckedUnwrap(obj)));
|
||||
MOZ_ASSERT(JS::IsCallable(obj));
|
||||
}
|
||||
|
||||
static void DEBUG_CheckXBLLookup(JSContext* cx, JS::PropertyDescriptor* desc) {
|
||||
if (!desc->obj) return;
|
||||
if (!desc->value.isUndefined()) {
|
||||
MOZ_ASSERT(desc->value.isObject());
|
||||
DEBUG_CheckXBLCallable(cx, &desc->value.toObject());
|
||||
}
|
||||
if (desc->getter) {
|
||||
MOZ_ASSERT(desc->attrs & JSPROP_GETTER);
|
||||
DEBUG_CheckXBLCallable(cx, JS_FUNC_TO_DATA_PTR(JSObject*, desc->getter));
|
||||
}
|
||||
if (desc->setter) {
|
||||
MOZ_ASSERT(desc->attrs & JSPROP_SETTER);
|
||||
DEBUG_CheckXBLCallable(cx, JS_FUNC_TO_DATA_PTR(JSObject*, desc->setter));
|
||||
}
|
||||
}
|
||||
#else
|
||||
# define DEBUG_CheckXBLLookup(a, b) \
|
||||
{}
|
||||
#endif
|
||||
|
||||
/* static */ bool XrayResolveOwnProperty(
|
||||
JSContext* cx, JS::Handle<JSObject*> wrapper, JS::Handle<JSObject*> obj,
|
||||
JS::Handle<jsid> id, JS::MutableHandle<JS::PropertyDescriptor> desc,
|
||||
@ -1650,37 +1617,6 @@ static void DEBUG_CheckXBLLookup(JSContext* cx, JS::PropertyDescriptor* desc) {
|
||||
}
|
||||
}
|
||||
|
||||
// If we're a special scope for in-content XBL, our script expects to see
|
||||
// the bound XBL methods and attributes when accessing content. However,
|
||||
// these members are implemented in content via custom-spliced prototypes,
|
||||
// and thus aren't visible through Xray wrappers unless we handle them
|
||||
// explicitly. So we check if we're running in such a scope, and if so,
|
||||
// whether the wrappee is a bound element. If it is, we do a lookup via
|
||||
// specialized XBL machinery.
|
||||
//
|
||||
// While we have to do some sketchy walking through content land, we should
|
||||
// be protected by read-only/non-configurable properties, and any functions
|
||||
// we end up with should _always_ be living in our own scope (the XBL
|
||||
// scope). Make sure to assert that.
|
||||
JS::Rooted<JSObject*> maybeElement(cx, obj);
|
||||
Element* element;
|
||||
if (xpc::IsInContentXBLScope(wrapper) &&
|
||||
NS_SUCCEEDED(UNWRAP_OBJECT(Element, &maybeElement, element))) {
|
||||
if (!nsContentUtils::LookupBindingMember(cx, element, id, desc)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
DEBUG_CheckXBLLookup(cx, desc.address());
|
||||
|
||||
if (desc.object()) {
|
||||
// XBL properties shouldn't be cached on the holder, as they might be
|
||||
// shadowed by own properties returned from mResolveOwnProperty.
|
||||
desc.object().set(wrapper);
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
// For non-global instance Xrays there are no other properties, so return
|
||||
// here for them.
|
||||
if (type != eGlobalInstance) {
|
||||
|
@ -497,16 +497,6 @@ Scriptability& Scriptability::Get(JSObject* aScope) {
|
||||
return RealmPrivate::Get(aScope)->scriptability;
|
||||
}
|
||||
|
||||
bool IsContentXBLCompartment(JS::Compartment* compartment) { return false; }
|
||||
|
||||
bool IsContentXBLScope(JS::Realm* realm) {
|
||||
return IsContentXBLCompartment(JS::GetCompartmentForRealm(realm));
|
||||
}
|
||||
|
||||
bool IsInContentXBLScope(JSObject* obj) {
|
||||
return IsContentXBLCompartment(js::GetObjectCompartment(obj));
|
||||
}
|
||||
|
||||
bool IsUAWidgetCompartment(JS::Compartment* compartment) {
|
||||
// We always eagerly create compartment privates for UA Widget compartments.
|
||||
CompartmentPrivate* priv = CompartmentPrivate::Get(compartment);
|
||||
|
@ -191,7 +191,6 @@ bool XPCWrappedNativeScope::AttachComponentsObject(JSContext* aCx) {
|
||||
JSObject* XPCWrappedNativeScope::EnsureContentXBLScope(JSContext* cx) {
|
||||
JS::RootedObject global(cx, CurrentGlobalOrNull(cx));
|
||||
MOZ_ASSERT(js::IsObjectInContextCompartment(global, cx));
|
||||
MOZ_ASSERT(!IsContentXBLScope());
|
||||
MOZ_ASSERT(strcmp(js::GetObjectClass(global)->name,
|
||||
"nsXBLPrototypeScript compilation scope"));
|
||||
|
||||
|
@ -1158,8 +1158,7 @@ bool IsChromeOrXBL(JSContext* cx, JSObject* /* unused */) {
|
||||
// Note that, for performance, we don't check AllowXULXBLForPrincipal here,
|
||||
// and instead rely on the fact that AllowContentXBLScope() only returns false
|
||||
// in remote XUL situations.
|
||||
return AccessCheck::isChrome(c) || IsContentXBLCompartment(c) ||
|
||||
!AllowContentXBLScope(realm);
|
||||
return AccessCheck::isChrome(c) || !AllowContentXBLScope(realm);
|
||||
}
|
||||
|
||||
bool IsNotUAWidget(JSContext* cx, JSObject* /* unused */) {
|
||||
|
@ -905,9 +905,6 @@ class XPCWrappedNativeScope final
|
||||
return js::GetFirstGlobalInCompartment(Compartment());
|
||||
}
|
||||
|
||||
bool IsContentXBLScope() {
|
||||
return xpc::IsContentXBLCompartment(Compartment());
|
||||
}
|
||||
bool AllowContentXBLScope(JS::Realm* aRealm);
|
||||
|
||||
// ID Object prototype caches.
|
||||
|
@ -91,10 +91,6 @@ JSObject* TransplantObjectNukingXrayWaiver(JSContext* cx,
|
||||
JS::HandleObject origObj,
|
||||
JS::HandleObject target);
|
||||
|
||||
bool IsContentXBLCompartment(JS::Compartment* compartment);
|
||||
bool IsContentXBLScope(JS::Realm* realm);
|
||||
bool IsInContentXBLScope(JSObject* obj);
|
||||
|
||||
bool IsUAWidgetCompartment(JS::Compartment* compartment);
|
||||
bool IsUAWidgetScope(JS::Realm* realm);
|
||||
bool IsInUAWidgetScope(JSObject* obj);
|
||||
@ -124,9 +120,6 @@ JSObject* GetUAWidgetScope(JSContext* cx, JSObject* contentScope);
|
||||
|
||||
inline JSObject* GetXBLScopeOrGlobal(JSContext* cx, JSObject* obj) {
|
||||
MOZ_ASSERT(!js::IsCrossCompartmentWrapper(obj));
|
||||
if (IsInContentXBLScope(obj)) {
|
||||
return JS::GetNonCCWObjectGlobal(obj);
|
||||
}
|
||||
return GetXBLScope(cx, obj);
|
||||
}
|
||||
|
||||
|
@ -487,16 +487,6 @@ static const Wrapper* SelectWrapper(bool securityWrapper, XrayType xrayType,
|
||||
|
||||
// There's never any reason to expose other objects to non-subsuming actors.
|
||||
// Just use an opaque wrapper in these cases.
|
||||
//
|
||||
// In general, we don't want opaque function wrappers to be callable.
|
||||
// But in the case of XBL, we rely on content being able to invoke
|
||||
// functions exposed from the XBL scope. We could remove this exception,
|
||||
// if needed, by using ExportFunction to generate the content-side
|
||||
// representations of XBL methods.
|
||||
if (xrayType == XrayForJSObject && IsInContentXBLScope(obj)) {
|
||||
return &FilteringWrapper<CrossCompartmentSecurityWrapper,
|
||||
OpaqueWithCall>::singleton;
|
||||
}
|
||||
return &FilteringWrapper<CrossCompartmentSecurityWrapper, Opaque>::singleton;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user