From edcc809b4a7703f65dbe7d6f4715aa04a4848fc9 Mon Sep 17 00:00:00 2001
From: Blake Kaplan <mrbkap@gmail.com>
Date: Tue, 25 Jan 2011 16:09:56 -0800
Subject: [PATCH] Fix bug 628231. r=jst, a=blocker

---
 dom/src/json/nsJSON.cpp | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/dom/src/json/nsJSON.cpp b/dom/src/json/nsJSON.cpp
index 1005d2e4be06..9b0cb2ef1f17 100644
--- a/dom/src/json/nsJSON.cpp
+++ b/dom/src/json/nsJSON.cpp
@@ -1,4 +1,5 @@
 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 sw=2 et tw=79: */
 /* ***** BEGIN LICENSE BLOCK *****
  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  *
@@ -59,6 +60,7 @@
 #include "nsContentUtils.h"
 #include "nsCRTGlue.h"
 #include "nsAutoPtr.h"
+#include "nsIScriptSecurityManager.h"
 
 static const char kXPConnectServiceCID[] = "@mozilla.org/js/xpc/XPConnect;1";
 
@@ -204,14 +206,30 @@ nsJSON::EncodeFromJSVal(jsval *value, JSContext *cx, nsAString &result)
 
   JSAutoEnterCompartment ac;
   JSObject *obj;
-  if (JSVAL_IS_OBJECT(*value) && (obj = JSVAL_TO_OBJECT(*value)) &&
-      !ac.enter(cx, obj)) {
-    return NS_ERROR_FAILURE;
+  nsIScriptSecurityManager *ssm = nsnull;
+  if (JSVAL_IS_OBJECT(*value) && (obj = JSVAL_TO_OBJECT(*value))) {
+    if (!ac.enter(cx, obj)) {
+      return NS_ERROR_FAILURE;
+    }
+
+    nsCOMPtr<nsIPrincipal> principal;
+    ssm = nsContentUtils::GetSecurityManager();
+    nsresult rv = ssm->GetObjectPrincipal(cx, obj, getter_AddRefs(principal));
+    NS_ENSURE_SUCCESS(rv, rv);
+
+    JSStackFrame *fp = nsnull;
+    rv = ssm->PushContextPrincipal(cx, JS_FrameIterator(cx, &fp), principal);
+    NS_ENSURE_SUCCESS(rv, rv);
   }
 
   nsJSONWriter writer;
   JSBool ok = JS_Stringify(cx, value, NULL, JSVAL_NULL,
                            WriteCallback, &writer);
+
+  if (ssm) {
+    ssm->PopContextPrincipal(cx);
+  }
+
   if (!ok) {
     return NS_ERROR_XPC_BAD_CONVERT_JS;
   }