Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-08 10:44:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 553102 - Make content-> access default to deny if __exposedProps__ is not defined. r=mrbkap

Browse Source
This commit is contained in:
Bobby Holley 2012-08-17 23:14:55 -07:00
parent aa8dadc330
commit 9a7444669f
8 changed files with 4 additions and 124 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
content/base/public/nsDeprecatedOperationList.h
View File

@ -45,6 +45,5 @@ DEPRECATED_OPERATION(InputEncoding)
DEPRECATED_OPERATION(MozBeforePaint) DEPRECATED_OPERATION(MozBeforePaint)
DEPRECATED_OPERATION(MozBlobBuilder) DEPRECATED_OPERATION(MozBlobBuilder)
DEPRECATED_OPERATION(DOMExceptionCode) DEPRECATED_OPERATION(DOMExceptionCode)
DEPRECATED_OPERATION(NoExposedProps)
DEPRECATED_OPERATION(MutationEvent) DEPRECATED_OPERATION(MutationEvent)
DEPRECATED_OPERATION(MozSlice) DEPRECATED_OPERATION(MozSlice)

2
dom/locales/en-US/chrome/dom/dom.properties
View File

@ -127,8 +127,6 @@ MediaLoadDecodeError=Media resource %S could not be decoded.
MozBlobBuilderWarning=Use of MozBlobBuilder is deprecated. Use Blob constructor instead. MozBlobBuilderWarning=Use of MozBlobBuilder is deprecated. Use Blob constructor instead.
# LOCALIZATION NOTE: Do not translate "DOMException", "code" and "name" # LOCALIZATION NOTE: Do not translate "DOMException", "code" and "name"
DOMExceptionCodeWarning=Use of DOMException's code attribute is deprecated. Use name instead. DOMExceptionCodeWarning=Use of DOMException's code attribute is deprecated. Use name instead.
# LOCALIZATION NOTE: Do not translate "__exposedProps__"
NoExposedPropsWarning=Exposing chrome JS objects to content without __exposedProps__ is insecure and deprecated. See https://developer.mozilla.org/en/XPConnect_wrappers for more information.
# LOCALIZATION NOTE: Do not translate "Mutation Event" and "MutationObserver" # LOCALIZATION NOTE: Do not translate "Mutation Event" and "MutationObserver"
MutationEventWarning=Use of Mutation Events is deprecated. Use MutationObserver instead. MutationEventWarning=Use of Mutation Events is deprecated. Use MutationObserver instead.
# LOCALIZATION NOTE: Do not translate "Blob", "mozSlice", or "slice" # LOCALIZATION NOTE: Do not translate "Blob", "mozSlice", or "slice"

1
js/xpconnect/tests/chrome/Makefile.in
View File

@ -33,7 +33,6 @@ MOCHITEST_CHROME_FILES = \
test_bug706301.xul \ test_bug706301.xul \
test_bug726949.xul \ test_bug726949.xul \
test_bug743843.xul \ test_bug743843.xul \
test_bug758563.xul \
test_bug760076.xul \ test_bug760076.xul \
test_bug760109.xul \ test_bug760109.xul \
test_bug763343.xul \ test_bug763343.xul \

80
js/xpconnect/tests/chrome/test_bug758563.xul
View File

@ -1,80 +0,0 @@
<?xml version="1.0"?>
<?xml-stylesheet type="text/css" href="chrome://global/skin"?>
<?xml-stylesheet type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"?>
<!--
https://bugzilla.mozilla.org/show_bug.cgi?id=758563
-->
<window title="Mozilla Bug 758563"
xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
<script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"/>
<!-- test results are displayed in the html:body -->
<body xmlns="http://www.w3.org/1999/xhtml">
<a href="https://bugzilla.mozilla.org/show_bug.cgi?id=758563"
target="_blank">Mozilla Bug 758563</a>
</body>
<!-- test code goes here -->
<script type="application/javascript">
<![CDATA[
/** Test for deprecation warnings for non-__exposedProps__ COWs. **/
SimpleTest.waitForExplicitFinish();
// Set up our console listener.
var gWarnings = 0;
function onWarning(consoleMessage) {
if (/__exposedProps__/.test(consoleMessage.message))
gWarnings++;
}
var gListener = {
observe: onWarning,
QueryInterface: function (iid) {
if (!iid.equals(Components.interfaces.nsIConsoleListener) &&
!iid.equals(Components.interfaces.nsISupports)) {
throw Components.results.NS_ERROR_NO_INTERFACE;
}
return this;
}
};
var gConsoleService = Components.classes["@mozilla.org/consoleservice;1"]
.getService(Components.interfaces.nsIConsoleService);
gConsoleService.registerListener(gListener);
// Wait for both child frame to load.
var gLoadCount = 0;
function frameLoaded() {
if (++gLoadCount == 2)
go();
}
function go() {
testFor('frame1');
testFor('frame2');
// Warnings are dispatched async, so stick ourselves at the end of the event
// queue.
setTimeout(done, 0);
}
function testFor(id) {
var win = document.getElementById(id).contentWindow.wrappedJSObject;
win.chromeObj = {a: 42};
win.ok = ok;
win.is = is;
win.doAccess();
}
function done() {
gConsoleService.unregisterListener(gListener);
is(gWarnings, 2, "Got the right number of warnings");
SimpleTest.finish();
}
]]>
</script>
<iframe id="frame1" onload="frameLoaded();" type="content" src="http://mochi.test:8888/tests/js/xpconnect/tests/mochitest/file_bug758563.html" />
<iframe id="frame2" onload="frameLoaded();" type="content" src="http://mochi.test:8888/tests/js/xpconnect/tests/mochitest/file_bug758563.html" />
</window>

6
js/xpconnect/tests/chrome/test_cows.xul
View File

@ -95,10 +95,12 @@ function COWTests() {
const PROPS_TO_TEST = ['foo', 'bar', 'prototype']; const PROPS_TO_TEST = ['foo', 'bar', 'prototype'];
var empty = {}; var empty = {};
// Once we flip the default for __exposedProps__, this should behave var nonempty = {foo: 42, bar: 33};
// the same as for function objects below.
is(getCOW(empty).foo, undefined, is(getCOW(empty).foo, undefined,
"shouldn't throw when accessing exposed properties that doesn't exist"); "shouldn't throw when accessing exposed properties that doesn't exist");
PROPS_TO_TEST.forEach(function(name) {
isPropHidden(getCOW(nonempty), name, "object without exposedProps");
});
// Test function objects without __exposedProps__ // Test function objects without __exposedProps__
var func = function(x) { return 42; }; var func = function(x) { return 42; };

1
js/xpconnect/tests/mochitest/Makefile.in
View File

@ -61,7 +61,6 @@ MOCHITEST_FILES = bug500931_helper.html \
test_bug691059.html \ test_bug691059.html \
file_bug706301.html \ file_bug706301.html \
test_bug745483.html \ test_bug745483.html \
file_bug758563.html \
file_bug760131.html \ file_bug760131.html \
test_bug764389.html \ test_bug764389.html \
test_bug772288.html \ test_bug772288.html \

19
js/xpconnect/tests/mochitest/file_bug758563.html
View File

@ -1,19 +0,0 @@
<html>
<head>
<script type="application/javascript">
function doAccess() {
// Access the variable twice.
oneAccess();
oneAccess();
}
function oneAccess() {
try {
is(window.chromeObj.a, 42, "Successfully read chrome property");
} catch (e) { ok(false, "Threw while trying to access chrome property"); };
}
</script>
</head>
<body>
</body>
</html>

18
js/xpconnect/wrappers/AccessCheck.cpp
View File

@ -427,24 +427,6 @@ ExposedPropertiesOnly::check(JSContext *cx, JSObject *wrapper, jsid id, Wrapper:
if (!wrapperAC.enter(cx, wrapper)) if (!wrapperAC.enter(cx, wrapper))
return false; return false;
// For now, only do this on functions.
if (!JS_ObjectIsFunction(cx, wrappedObject)) {
// This little loop hole will go away soon! See bug 553102.
nsCOMPtr<nsPIDOMWindow> win =
do_QueryInterface(nsJSUtils::GetStaticScriptGlobal(cx, wrapper));
if (win) {
nsCOMPtr<nsIDocument> doc =
do_QueryInterface(win->GetExtantDocument());
if (doc) {
doc->WarnOnceAbout(nsIDocument::eNoExposedProps,
/* asError = */ true);
}
}
perm = PermitPropertyAccess;
return true;
}
return PermitIfUniversalXPConnect(cx, id, act, perm); // Deny return PermitIfUniversalXPConnect(cx, id, act, perm); // Deny
} }