From affbaffc08f4de5b7f8e821c1ae616ae6c404c97 Mon Sep 17 00:00:00 2001
From: Nicolas Chevobbe <nchevobbe@mozilla.com>
Date: Tue, 11 Apr 2023 06:25:58 +0000
Subject: [PATCH] Bug 860312 - [devtools] Add LegacyLenientThis getters to
 unsafe list. r=devtools-reviewers,ochameau.

Getters with LegacyLenientThis attribute will trigger a warning in the console
if it's called with the unexpected `this`.
We can't tell in DevTools if we have the "right" `this`.
For example displaying an `HTMLDivElementPrototype` object, we'll trigger the
warning because of the `onmouseenter` getter, which is supposed to be called
with the `HTMLElement` instance, which we don't have at this point.

For this reason, we exclude those from being safe getters, which will prevent
triggering the warning.

Differential Revision: https://phabricator.services.mozilla.com/D174070
---
 .../webconsole/test/browser/_webconsole.ini   |  1 +
 ...browser_webconsole_lenient_this_warning.js | 68 +++++++++++++++++++
 .../webconsole/webidl-unsafe-getters-names.js |  3 +
 .../webconsole/GenerateDataFromWebIdls.py     |  5 +-
 4 files changed, 76 insertions(+), 1 deletion(-)
 create mode 100644 devtools/client/webconsole/test/browser/browser_webconsole_lenient_this_warning.js

diff --git a/devtools/client/webconsole/test/browser/_webconsole.ini b/devtools/client/webconsole/test/browser/_webconsole.ini
index 3423a8efed2c..324aa2b8bae2 100644
--- a/devtools/client/webconsole/test/browser/_webconsole.ini
+++ b/devtools/client/webconsole/test/browser/_webconsole.ini
@@ -296,6 +296,7 @@ https_first_disabled = true
 [browser_webconsole_insecure_passwords_web_console_warning.js]
 [browser_webconsole_inspect_cross_domain_object.js]
 [browser_webconsole_keyboard_accessibility.js]
+[browser_webconsole_lenient_this_warning.js]
 [browser_webconsole_limit_multiline.js]
 [browser_webconsole_location_debugger_link.js]
 fail-if = a11y_checks # bug 1687728 frame-link-filename is not accessible
diff --git a/devtools/client/webconsole/test/browser/browser_webconsole_lenient_this_warning.js b/devtools/client/webconsole/test/browser/browser_webconsole_lenient_this_warning.js
new file mode 100644
index 000000000000..5da077ab40d6
--- /dev/null
+++ b/devtools/client/webconsole/test/browser/browser_webconsole_lenient_this_warning.js
@@ -0,0 +1,68 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+// Check that calling the LenientThis warning is only called when expected.
+const TEST_URI = `data:text/html;charset=utf8,<!DOCTYPE html>${encodeURI(`
+    <h1>LenientThis warning</h1>
+    <script>
+      const el = document.createElement('div');
+      globalThis.htmlDivElementProto = Object.getPrototypeOf(el);
+      function triggerLenientThisWarning(){
+        Object.getOwnPropertyDescriptor(
+          Object.getPrototypeOf(globalThis.htmlDivElementProto),
+          'onmouseenter'
+        ).get.call()
+      }
+    </script>`)}`;
+
+add_task(async function() {
+  const hud = await openNewTabAndConsole(TEST_URI);
+
+  const expectedWarningMessageText =
+    "Ignoring get or set of property that has [LenientThis] ";
+
+  await SpecialPowers.spawn(gBrowser.selectedBrowser, [], function() {
+    const global = content.wrappedJSObject;
+    global.console.log(global.htmlDivElementProto);
+  });
+
+  info("Wait for a bit so any warning message could be displayed");
+  await wait(1000);
+  await waitFor(() => findConsoleAPIMessage(hud, "HTMLDivElementPrototype"));
+
+  ok(
+    !findWarningMessage(hud, expectedWarningMessageText, ".warn"),
+    "Displaying the HTMLDivElementPrototype does not trigger the LenientThis warning"
+  );
+
+  info(
+    "Call a LenientThis getter with the wrong `this` to trigger a warning message"
+  );
+  await SpecialPowers.spawn(gBrowser.selectedBrowser, [], function() {
+    content.wrappedJSObject.triggerLenientThisWarning();
+  });
+
+  await waitFor(() =>
+    findWarningMessage(hud, expectedWarningMessageText, ".warn")
+  );
+  ok(
+    true,
+    "Calling the LenientThis getter with an unexpected `this` did triggered the warning"
+  );
+
+  info(
+    "Clear the console and call the LenientThis getter with an unexpected `this` again"
+  );
+  await clearOutput(hud);
+  await SpecialPowers.spawn(gBrowser.selectedBrowser, [], function() {
+    content.wrappedJSObject.triggerLenientThisWarning();
+  });
+  info("Wait for a bit so any warning message could be displayed");
+  await wait(1000);
+  ok(
+    !findWarningMessage(hud, expectedWarningMessageText, ".warn"),
+    "Calling the LenientThis getter a second time did not trigger the warning again"
+  );
+});
diff --git a/devtools/server/actors/webconsole/webidl-unsafe-getters-names.js b/devtools/server/actors/webconsole/webidl-unsafe-getters-names.js
index 1174282b2bd0..265fd70d99d6 100644
--- a/devtools/server/actors/webconsole/webidl-unsafe-getters-names.js
+++ b/devtools/server/actors/webconsole/webidl-unsafe-getters-names.js
@@ -13,6 +13,9 @@ module.exports = [
   "mozPreservesPitch",
   "mozPressure",
   "nearestViewportElement",
+  "onmouseenter",
+  "onmouseleave",
   "onmozfullscreenchange",
   "onmozfullscreenerror",
+  "onreadystatechange",
 ];
diff --git a/devtools/shared/webconsole/GenerateDataFromWebIdls.py b/devtools/shared/webconsole/GenerateDataFromWebIdls.py
index 689393699276..dfb64c15164a 100644
--- a/devtools/shared/webconsole/GenerateDataFromWebIdls.py
+++ b/devtools/shared/webconsole/GenerateDataFromWebIdls.py
@@ -178,7 +178,10 @@ for result in results:
                 not iface in DEPRECATED_INTERFACE__EXCLUDE_LIST
                 and not name in unsafe_getters_names
                 and member.isAttr()
-                and member.getExtendedAttribute("Deprecated")
+                and (
+                    member.getExtendedAttribute("Deprecated")
+                    or member.getExtendedAttribute("LegacyLenientThis")
+                )
             ):
                 unsafe_getters_names.append(name)