Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-26 06:11:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1335654 part 3. Implement actually throwing a SecurityError when cross-origin property accesses are denied. r=bholley

Browse Source
This commit is contained in:
Boris Zbarsky 2017-02-02 12:48:49 -05:00
parent 72ca8d1730
commit bcc1d4ab44
8 changed files with 50 additions and 350 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
dom/bindings/test/test_crossOriginWindowSymbolAccess.html
View File

@ -10,10 +10,10 @@ async_test(function (t) {
window.addEventListener("load", t.step_func(
function() {
assert_equals(document.querySelector("iframe").contentDocument, null, "Should have a crossorigin frame");
assert_throws(new Error(), function() {
assert_throws("SecurityError", function() {
frames[0][Symbol.iterator];
}, "Should throw exception on cross-origin Window symbol-named get");
assert_throws(new Error(), function() {
assert_throws("SecurityError", function() {
frames[0].location[Symbol.iterator];
}, "Should throw exception on cross-origin Location symbol-named get");
t.done();

37
js/xpconnect/wrappers/AccessCheck.cpp
View File

@ -14,6 +14,7 @@
#include "FilteringWrapper.h"
#include "jsfriendapi.h"
#include "mozilla/ErrorResult.h"
#include "mozilla/dom/BindingUtils.h"
#include "mozilla/dom/LocationBinding.h"
#include "mozilla/dom/WindowBinding.h"
@ -275,6 +276,42 @@ AccessCheck::checkPassToPrivilegedCode(JSContext* cx, HandleObject wrapper, cons
return true;
}
void
AccessCheck::reportCrossOriginDenial(JSContext* cx, JS::HandleId id,
const nsACString& accessType)
{
// This function exists because we want to report DOM SecurityErrors, not JS
// Errors, when denying access on cross-origin DOM objects. It's
// conceptually pretty similar to
// AutoEnterPolicy::reportErrorIfExceptionIsNotPending.
if (JS_IsExceptionPending(cx)) {
return;
}
nsAutoCString message;
if (JSID_IS_VOID(id)) {
message = NS_LITERAL_CSTRING("Permission denied to access object");
} else {
// We want to use JS_ValueToSource here, because that most closely
// matches what AutoEnterPolicy::reportErrorIfExceptionIsNotPending
// does.
JS::RootedValue idVal(cx, js::IdToValue(id));
nsAutoJSString propName;
JS::RootedString idStr(cx, JS_ValueToSource(cx, idVal));
if (!idStr || !propName.init(cx, idStr)) {
return;
}
message = NS_LITERAL_CSTRING("Permission denied to ") +
accessType +
NS_LITERAL_CSTRING(" property ") +
NS_ConvertUTF16toUTF8(propName) +
NS_LITERAL_CSTRING(" on cross-origin object");
}
ErrorResult rv;
rv.ThrowDOMException(NS_ERROR_DOM_SECURITY_ERR, message);
rv.MaybeSetPendingException(cx);
}
enum Access { READ = (1<<0), WRITE = (1<<1), NO_ACCESS = 0 };
static void

9
js/xpconnect/wrappers/AccessCheck.h
View File

@ -9,6 +9,7 @@
#include "jswrapper.h"
#include "js/Id.h"
#include "nsStringGlue.h"
class nsIPrincipal;
@ -29,6 +30,11 @@ class AccessCheck {
JS::HandleValue value);
static bool checkPassToPrivilegedCode(JSContext* cx, JS::HandleObject wrapper,
const JS::CallArgs& args);
// Called to report the correct sort of exception when our policy denies and
// should throw. The accessType argument should be one of "access",
// "define", "delete", depending on which operation is being denied.
static void reportCrossOriginDenial(JSContext* cx, JS::HandleId id,
const nsACString& accessType);
};
enum CrossOriginObjectType {
@ -86,6 +92,9 @@ struct CrossOriginAccessiblePropertiesOnly : public Policy {
// Silently fail for enumerate-like operations.
if (act == js::Wrapper::ENUMERATE)
return true;
if (mayThrow)
AccessCheck::reportCrossOriginDenial(cx, id,
NS_LITERAL_CSTRING("access"));
return false;
}
static bool allowNativeCall(JSContext* cx, JS::IsAcceptableThis test, JS::NativeImpl impl) {

3
testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-general.html.ini
View File

@ -3,9 +3,6 @@
[Iframe with empty returned CSP should be blocked.]
expected: FAIL
[Iframe with less restricting CSP should be blocked.]
expected: FAIL
[Iframe with a different CSP should be blocked.]
expected: FAIL

6
testing/web-platform/meta/content-security-policy/embedded-enforcement/subsumption_algorithm-strict_dynamic.html.ini
View File

@ -1,11 +1,5 @@
[subsumption_algorithm-strict_dynamic.html]
type: testharness
['strict-dynamic' is effective only for `script-src`.]
expected: FAIL
['strict-dynamic' is proper handled for finding effective policy.]
expected: FAIL
['strict-dynamic' has to be allowed by required csp if it is present in returned csp.]
expected: FAIL

6
testing/web-platform/meta/html/browsers/origin/cross-origin-objects/cross-origin-objects-exceptions.html.ini
View File

@ -1,14 +1,8 @@
[cross-origin-objects-exceptions.html]
type: testharness
[Basic sanity-checking]
expected: FAIL
[Only whitelisted properties are accessible cross-origin]
expected: FAIL
[[[GetPrototypeOf\]\] should return null]
expected: FAIL
[[[SetPrototypeOf\]\] should throw]
expected: FAIL

330
testing/web-platform/meta/html/browsers/the-window-object/security-window/window-security.html.ini
View File

@ -1,341 +1,15 @@
[window-security.html]
type: testharness
[A SecurityError exception must be thrown when window.applicationCache is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.devicePixelRatio is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.document is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.external is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.frameElement is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.history is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.innerWidth is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.innerHeight is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.locationbar is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.localStorage is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.menubar is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.name is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.navigator is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onabort is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onafterprint is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onbeforeprint is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onbeforeunload is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onblur is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.oncancel is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.oncanplay is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.oncanplaythrough is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onchange is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onclick is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onclose is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.oncontextmenu is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.oncuechange is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.ondblclick is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.ondrag is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.ondragend is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.ondragenter is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.ondragleave is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.ondragover is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.ondragstart is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.ondrop is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.ondurationchange is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onemptied is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onended is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onerror is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onfocus is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onhashchange is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.oninput is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.oninvalid is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onkeydown is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onkeypress is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onkeyup is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onload is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onloadeddata is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onloadedmetadata is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onloadstart is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onmessage is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onmousedown is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onmousemove is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onmouseout is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onmouseover is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onmouseup is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onmousewheel is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onoffline is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.ononline is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onpause is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onplay is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onplaying is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onpagehide is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onpageshow is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onpopstate is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onprogress is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onratechange is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onreset is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onresize is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onscroll is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onseeked is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onseeking is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onselect is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onshow is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onstalled is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onstorage is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onsubmit is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onsuspend is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.ontimeupdate is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onunload is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onvolumechange is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.onwaiting is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.pageXOffset is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.pageYOffset is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.personalbar is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.screen is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.scrollbars is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.statusbar is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.status is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.screenX is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.screenY is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.sessionStorage is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.toolbar is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.alert is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.clearInterval is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.clearTimeout is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.confirm is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.getComputedStyle is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.getSelection is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.matchMedia is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.moveBy is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.moveTo is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.open is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.print is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.prompt is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.resizeTo is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.resizeBy is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.scroll is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.scrollTo is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.scrollBy is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.setInterval is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.setTimeout is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.showModalDialog is accessed from a different origin.]
expected: FAIL
[A SecurityError exception must be thrown when window.stop is accessed from a different origin.]
expected: FAIL
disabled:
if e10s: https://bugzilla.mozilla.org/show_bug.cgi?id=981796

5
testing/web-platform/meta/html/browsers/windows/nested-browsing-contexts/frameElement.html.ini
View File

@ -1,5 +0,0 @@
[frameElement.html]
type: testharness
[The SecurityError must be thrown if the window accesses to frameElement attribute of a Window which does not have the same effective script origin]
expected: FAIL