Fix bug 628231. r=jst, a=blocker

2025-01-09 05:14:24 +00:00 · 2011-01-25 16:09:56 -08:00 · 2011-01-25 16:09:56 -08:00 · edcc809b4a
commit edcc809b4a
parent e06e629210
1 changed files with 21 additions and 3 deletions
--- a/dom/src/json/nsJSON.cpp
+++ b/dom/src/json/nsJSON.cpp
@ -1,4 +1,5 @@
 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 sw=2 et tw=79: */
 /* ***** BEGIN LICENSE BLOCK *****
 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
 *
@ -59,6 +60,7 @@
 #include "nsContentUtils.h"
 #include "nsCRTGlue.h"
 #include "nsAutoPtr.h"
+#include "nsIScriptSecurityManager.h"

 static const char kXPConnectServiceCID[] = "@mozilla.org/js/xpc/XPConnect;1";

@ -204,14 +206,30 @@ nsJSON::EncodeFromJSVal(jsval *value, JSContext *cx, nsAString &result)

  JSAutoEnterCompartment ac;
  JSObject *obj;
-  if (JSVAL_IS_OBJECT(*value) && (obj = JSVAL_TO_OBJECT(*value)) &&
-      !ac.enter(cx, obj)) {
-    return NS_ERROR_FAILURE;
+  nsIScriptSecurityManager *ssm = nsnull;
+  if (JSVAL_IS_OBJECT(*value) && (obj = JSVAL_TO_OBJECT(*value))) {
+    if (!ac.enter(cx, obj)) {
+      return NS_ERROR_FAILURE;
+    }
+
+    nsCOMPtr<nsIPrincipal> principal;
+    ssm = nsContentUtils::GetSecurityManager();
+    nsresult rv = ssm->GetObjectPrincipal(cx, obj, getter_AddRefs(principal));
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    JSStackFrame *fp = nsnull;
+    rv = ssm->PushContextPrincipal(cx, JS_FrameIterator(cx, &fp), principal);
+    NS_ENSURE_SUCCESS(rv, rv);
  }

  nsJSONWriter writer;
  JSBool ok = JS_Stringify(cx, value, NULL, JSVAL_NULL,
                           WriteCallback, &writer);
+
+  if (ssm) {
+    ssm->PopContextPrincipal(cx);
+  }
+
  if (!ok) {
    return NS_ERROR_XPC_BAD_CONVERT_JS;
  }