Commit Graph

6949 Commits

Author SHA1 Message Date
Ciure Andrei
7a748ae68f Merge mozilla-central to autoland. a=merge CLOSED TREE 2019-01-04 01:03:06 +02:00
Boris Zbarsky
447c1f8722 Bug 1517434 part 3. Get rid of pointer compares to nsXPConnect::SystemPrincipal. r=mccr8
Differential Revision: https://phabricator.services.mozilla.com/D15674

--HG--
extra : moz-landing-system : lando
2019-01-03 21:08:15 +00:00
Boris Zbarsky
058f83508f Bug 1517434 part 2. Convert existing callers of GetIsSystemPrincipal() to IsSystemPrincipal(). r=mccr8
Differential Revision: https://phabricator.services.mozilla.com/D15673

--HG--
extra : moz-landing-system : lando
2019-01-03 20:55:38 +00:00
Jan de Mooij
78e49f6404 Bug 1512029 part 4 - Use the privileged junk scope's compartment for sandboxes created with the system principal. r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D14255

--HG--
extra : moz-landing-system : lando
2019-01-03 10:02:31 +00:00
Jan de Mooij
cdbd8647b5 Bug 1516237 - Fix FixWaiverAfterTransplant to nuke CCWs for oldWaiver in the new compartment. r=bholley
This case can come up with same-compartment realms. Keeping these CCWs
would confuse RemapWrapper because it'd be called with the CCW and target
in the same compartment.

Differential Revision: https://phabricator.services.mozilla.com/D15491

--HG--
extra : moz-landing-system : lando
2019-01-03 09:04:02 +00:00
Peter Van der Beken
066d891adb Bug 1353867 - Add cross-process proxies for WindowProxy. r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D12656

--HG--
extra : moz-landing-system : lando
2019-01-02 13:29:18 +00:00
Peter Van der Beken
43adb531b7 Bug 1353867 - Expose IsCrossOriginWhitelistedProp/AppendCrossOriginWhitelistedPropNames to DOM code. r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D12655

--HG--
extra : moz-landing-system : lando
2019-01-02 13:28:40 +00:00
Peter Van der Beken
58c7fc4d20 Bug 1353867 - Change WindowProxyHolder's native type to BrowsingContext. r=bzbarsky
Make the WindowProxyHolder hold a strong reference to a BrowsingContext, as in the future
we might not have a nsPIDOMWindowOuter (if the document is loaded in a different process).

Differential Revision: https://phabricator.services.mozilla.com/D12651

--HG--
extra : moz-landing-system : lando
2019-01-02 13:27:05 +00:00
Jan de Mooij
2aa7efc012 Bug 1515590 part 5 - Fix test_bug771429.xul to work with same-compartment realms. r=bzbarsky
Changes the test to test both freshCompartment: true and freshCompartment: false
sandbox options.

There's one sub test that fails with same-copartment realms, I commented that
and added a weaker test for the same-compartment case.

Differential Revision: https://phabricator.services.mozilla.com/D15289

--HG--
extra : moz-landing-system : lando
2018-12-29 09:27:14 +00:00
Emilio Cobos Álvarez
d2ed260822 Bug 1517241 - Rename nsIDocument to mozilla::dom::Document. r=smaug
Summary: Really sorry for the size of the patch. It's mostly automatic
s/nsIDocument/Document/ but I had to fix up in a bunch of places manually to
add the right namespacing and such.

Overall it's not a very interesting patch I think.

nsDocument.cpp turns into Document.cpp, nsIDocument.h into Document.h and
nsIDocumentInlines.h into DocumentInlines.h.

I also changed a bunch of nsCOMPtr usage to RefPtr, but not all of it.

While fixing up some of the bits I also removed some unneeded OwnerDoc() null
checks and such, but I didn't do anything riskier than that.
2019-01-03 17:48:33 +01:00
Sylvestre Ledru
cccdda3c2a Bug 1516555 - Reformat everything to the Google coding style r=Ehsan
# ignore-this-changeset

Differential Revision: https://phabricator.services.mozilla.com/D15426

--HG--
extra : moz-landing-system : lando
2018-12-28 15:48:06 +00:00
Jeff Walden
8a135a9c5a Bug 1515801 - Make subscripts have lazy source, and change the source-hook to hint UTF-8 rather than offer no charset hint so that lazy-source for them will work correctly. r=kmag 2018-12-26 14:37:42 -06:00
Jeff Walden
605ce5d8cc Bug 1515801 - Rip out vestigial handling of non-UTF-8 character sets from the subscript loader. r=kmag
--HG--
extra : rebase_source : 97a7604c6649d73d6b7a1f8d608cfdfe7c13a6aa
2018-12-14 14:25:56 -08:00
Boris Zbarsky
d6876ebbfa Bug 1515999. Remove the unused JSContext argument from GetArrayIndexFromId. r=peterv 2018-12-26 13:45:15 -08:00
Bogdan Tara
601b0d2329 Merge mozilla-central to mozilla-inbound. a=merge CLOSED TREE 2018-12-24 00:10:07 +02:00
Kris Maglione
39ae97e234 Bug 1515884: Remove unused XPCWrappedJS nsIPropertyBag implementation. r=bholley
This helper code is currently unused, and presents a pretty significant
footgun for any JS object which implements nsIPropertyBag itself.

When those objects are first queried to nsIWritablePropertyBag, they behave as
expected, returning the JS-implemented nsIPropertyBag methods. But when
they're first queried to nsIPropertyBag, they use the XPCWrappedNative stubs,
which don't behave as expected.

Differential Revision: https://phabricator.services.mozilla.com/D15235

--HG--
extra : rebase_source : 02942592dc8c4efcc1190610448a46593faa5703
2018-12-21 15:03:13 -08:00
Jan de Mooij
ecaf5bdea0 Bug 1515590 part 4 - Don't call FixWaiverAfterTransplant if JS_TransplantObject didn't change object identity. r=bholley
Depends on D15093

Differential Revision: https://phabricator.services.mozilla.com/D15094

--HG--
extra : moz-landing-system : lando
2018-12-21 18:33:08 +00:00
Jan de Mooij
9190590e09 Bug 1515590 part 3 - Fix some debugger tests by forcing separate compartments for the debugger and debuggee. r=ochameau
With same-compartment chrome globals these would end up in the same compartment.
We need to prevent that because the debugger doesn't support it.

Differential Revision: https://phabricator.services.mozilla.com/D15093

--HG--
extra : moz-landing-system : lando
2018-12-22 21:39:56 +00:00
Jan de Mooij
929107cd39 Bug 1515590 part 2 - Fix test_bug1042436.xul to create the sandbox in a new compartment because Xray warning state is stored per compartment. r=bholley
Differential Revision: https://phabricator.services.mozilla.com/D15092

--HG--
extra : moz-landing-system : lando
2018-12-21 18:34:12 +00:00
Jan de Mooij
1672f1efbd Bug 1514776 - Enter the unwrapped object's realm before calling aes.ReportException() in nsXPCWrappedJSClass::CheckForException. r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D14851

--HG--
extra : moz-landing-system : lando
2018-12-21 08:53:09 +00:00
Jan de Mooij
cf908f9f73 Bug 1514672 part 2 - Use the scripted caller's global instead of the context global in a few more places. r=bzbarsky
This fixes some test failures exposed by the previous patch.

Differential Revision: https://phabricator.services.mozilla.com/D14850

--HG--
extra : moz-landing-system : lando
2018-12-21 20:56:19 +00:00
Gurzau Raul
fcb3be1b9f Merge mozilla-central to inbound. a=merge CLOSED TREE 2018-12-21 18:40:39 +02:00
Nathan Froyd
feb0416cc1 Bug 1496629 - use RefPtr rather than nsCOMPtr to avoid data race. r=kmag 2018-12-21 11:03:30 -05:00
Jan de Mooij
ebf079a50a Bug 1515590 part 1 - Fix incorrect SandboxProxyHandler::getOwnPropertyDescriptor implementation. r=bzbarsky
The code was trying to implement the getOwnPropertyDescriptor trap in terms of
getPropertyDescriptor, by comparing the "holder" object we found to the object
we did the lookup on. This becomes buggy when wrappers like WindowProxy are involved.

The patch removes this check and calls JS_GetOwnPropertyDescriptor instead of
JS_GetPropertyDescriptor.

Differential Revision: https://phabricator.services.mozilla.com/D15091

--HG--
extra : moz-landing-system : lando
2018-12-20 20:41:58 +00:00
Margareta Eliza Balazs
f43dfc843e Merge mozilla-central to autoland. a=merge CLOSED TREE 2018-12-21 11:42:32 +02:00
Luke Wagner
dc93733616 Bug 1507939 - Baldr: add javascript.options.wasm_verbose (r=lth)
--HG--
extra : rebase_source : 7405ee0bcc6a12fe8bbe797919a6e76d01d3c172
2018-12-20 20:51:11 -06:00
Jan de Mooij
bd8f77645e Bug 1480121 - Remove the global stored in nsXPCWrappedJS. r=bzbarsky
Reasons for doing this:

* nsXPCWrappedJS has complicated GC behavior and we're seeing some oranges in this area.

* Due to the GC/CC complexity, the global stored in nsXPCWrappedJS *must be* the
  object's global in the root-wrapper (implies non-CCW) case. If we do that, the
  global is redundant because we can just get it from the object when we need it.

* For the CCW case, it probably doesn't matter too much which chrome global we
  use so we can use the compartment's first global - we now have an API for that.
  This may also save some memory because it avoids keeping globals alive unnecessarily
  and matches what we do for WrappedNatives and CCWs now. Furthermore, bug 1478359
  comment 12 suggests CCWs can only show up here for in-content XBL and that's in the
  process of being removed.

Differential Revision: https://phabricator.services.mozilla.com/D15096

--HG--
extra : moz-landing-system : lando
2018-12-20 19:13:43 +00:00
Jan de Mooij
2104ae00bb Bug 1514672 part 1 - Move XPCWrappedNativeScope from RealmPrivate to CompartmentPrivate. r=bzbarsky
This needs to be on the compartment to prevent creating duplicate wrapped natives.
We now also allocate these objects in the compartment's first global for
consistency and to prevent leaks.

XPCWrappedNativeScope also stores the content XBL scope. I considered moving
this to RealmPrivate, but given the fate of in-content XBL I went with the
simpler option of keeping it on XPCWrappedNativeScope and release-asserting we
have a single realm in the XBL case.

Because XPCWrappedNativeScope no longer stores a global object, we no longer
need XPCWrappedNativeScope::TraceSelf, XPCWrappedNativeProto::TraceInside and
XPC_WN_Proto_Trace.

Differential Revision: https://phabricator.services.mozilla.com/D14849

--HG--
extra : moz-landing-system : lando
2018-12-20 08:23:31 +00:00
Razvan Maries
f658ebcbab Merge mozilla-inbound to mozilla-central a=merge 2018-12-20 07:04:06 +02:00
Jeff Walden
ed23151bd7 Bug 1492937 - Make the JS subscript loader load scripts exclusively as UTF-8, with no way to specify any other encoding, and adjust a bunch of existing tests to use UTF-8 directly, rather than Unicode escape sequences or similar. (This also changes the encoding of .sjs scripts and all mochitest-browser tests in the tree from Latin-1 to UTF-8.) r=yzen, r=MattN, r=jimb, r=kmag 2018-12-19 13:46:20 -08:00
Andrew McCreight
0507792161 Bug 1471989 - Clear JSStackFrame's JS object pointer when the window goes away. r=bzbarsky
JSStackFrames are C++ objects that are exposed to chrome JS and keep
alive content JS. This means that if chrome JS leaks a stack frame
then a window can be leaked.

The basic idea of this patch is to think of JSStackFrames as
cross-compartment wrappers, and do a "hueyfix" on them by dropping the
content JS reference when the associated content window is closed.

To do that, this patch modifies the realm private to keep a list of
all live JSStackFrames that have been created with objects in that
realm. When we nuke that realm, we also clear out all of the JS
pointers from the registered stack frames on that realm.

This adds a hash table lookup to the JSStackFrame ctor and dtor, which
is hopefully not too much overhead.

The test works by intentionally leaking a JSStackFrame from chrome JS
and making sure that the window still goes away.

Differential Revision: https://phabricator.services.mozilla.com/D14880

--HG--
extra : moz-landing-system : lando
2018-12-19 19:42:04 +00:00
Andreea Pavel
f9260c6914 Backed out changeset b1fe3750580d (bug 1471989) for build bustages on a CLOSED TREE 2018-12-19 20:48:10 +02:00
Andrew McCreight
09534362bf Bug 1471989 - Clear JSStackFrame's JS object pointer when the window goes away. r=bzbarsky
JSStackFrames are C++ objects that are exposed to chrome JS and keep
alive content JS. This means that if chrome JS leaks a stack frame
then a window can be leaked.

The basic idea of this patch is to think of JSStackFrames as
cross-compartment wrappers, and do a "hueyfix" on them by dropping the
content JS reference when the associated content window is closed.

To do that, this patch modifies the realm private to keep a list of
all live JSStackFrames that have been created with objects in that
realm. When we nuke that realm, we also clear out all of the JS
pointers from the registered stack frames on that realm.

This adds a hash table lookup to the JSStackFrame ctor and dtor, which
is hopefully not too much overhead.

The test works by intentionally leaking a JSStackFrame from chrome JS
and making sure that the window still goes away.

Differential Revision: https://phabricator.services.mozilla.com/D14880

--HG--
extra : moz-landing-system : lando
2018-12-19 16:46:25 +00:00
Bogdan Tara
b13992b643 Backed out changeset 82ca028b0524 (bug 1503984) for StaticPrefList failures CLOSED TREE 2018-12-18 22:06:19 +02:00
Felipe Gomes
72585dea54 Bug 1503984 - Add a pref to block chrome code from accessing content subframes. r=nika
The pref dom.chrome_frame_access.enabled will default to true. When false, it will block various methods that chrome code can use to traverse subframes. The initial list is:
  iframe.contentWindow
  iframe.contentDocument
  window.top
  window.parent
  window.opener
  window.frames[i]
  window.frames.length
  MessageEvent.source

More blocks are likely to be added in the future.

Differential Revision: https://phabricator.services.mozilla.com/D13180

--HG--
extra : moz-landing-system : lando
2018-12-18 18:53:24 +00:00
Jan de Mooij
618fd67694 Bug 1512655 part 3 - Fix assertion in Cu.permitCPOWsInScope and ensure test globals that use it are in a separate compartment. r=kmag
Differential Revision: https://phabricator.services.mozilla.com/D14780

--HG--
extra : moz-landing-system : lando
2018-12-18 18:42:56 +00:00
Jan de Mooij
7fa54ccf51 Bug 1512655 part 2 - Assert Cu.setWantXrays is never called on system-principal scopes. r=kmag
Differential Revision: https://phabricator.services.mozilla.com/D14695

--HG--
extra : moz-landing-system : lando
2018-12-18 18:42:28 +00:00
Jan de Mooij
84fe725407 Bug 1512655 part 1 - Move forcePermissiveCOWs from CompartmentPrivate to RealmPrivate. r=kmag
Differential Revision: https://phabricator.services.mozilla.com/D14694

--HG--
extra : moz-landing-system : lando
2018-12-18 18:39:04 +00:00
shindli
3841c4f8cd Backed out 3 changesets (bug 1512655) for bustages in s/xpconnect/src/XPCComponents.cpp:2001 CLOSED TREE
Backed out changeset 2593c7d67f51 (bug 1512655)
Backed out changeset da21d7e91e19 (bug 1512655)
Backed out changeset ccb15a086148 (bug 1512655)
2018-12-18 14:55:53 +02:00
Jan de Mooij
76238bc575 Bug 1512655 part 3 - Fix assertion in Cu.permitCPOWsInScope and ensure test globals that use it are in a separate compartment. r=kmag
Differential Revision: https://phabricator.services.mozilla.com/D14780

--HG--
extra : moz-landing-system : lando
2018-12-18 00:31:08 +00:00
Jan de Mooij
a2a91d4831 Bug 1512655 part 2 - Assert Cu.setWantXrays is never called on system-principal scopes. r=kmag
Differential Revision: https://phabricator.services.mozilla.com/D14695

--HG--
extra : moz-landing-system : lando
2018-12-17 20:38:59 +00:00
Jan de Mooij
111454f4a4 Bug 1512655 part 1 - Move forcePermissiveCOWs from CompartmentPrivate to RealmPrivate. r=kmag
Differential Revision: https://phabricator.services.mozilla.com/D14694

--HG--
extra : moz-landing-system : lando
2018-12-17 20:38:11 +00:00
Kris Maglione
3e8d266e8a Bug 1513366: Part 1 - Add do_ImportModule helper for importing JS modules. r=mccr8
This helper makes it considerably easier for C++ code to import a JS module
and wrap it in an appropriately-defined XPIDL interface for its exports.
Typical usage is something like:

Foo.jsm:

  var EXPORTED_SYMBOLS = ["foo"];

  function foo(bar) {
    return bar.toString();
  }

mozIFoo.idl:

  interface mozIFoo : nsISupports {
    AString foo(double meh);
  }

Thing.cpp:

  nsCOMPtr<mozIFoo> foo = do_ImportModule(
    "resource://meh/Foo.jsm");

  MOZ_TRY(foo->Foo(42));

Differential Revision: https://phabricator.services.mozilla.com/D14209

--HG--
extra : rebase_source : 4d518205b173fc210908235b42ddace590e6b7e5
2018-12-11 13:28:20 -08:00
Jan de Mooij
a87026ec12 Bug 1512029 part 2 - Some CompartmentPrivate changes for same-compartment realms. r=bzbarsky
Differential Revision: https://phabricator.services.mozilla.com/D14253

--HG--
extra : moz-landing-system : lando
2018-12-16 14:59:50 +00:00
Jan de Mooij
cccc414b7a Bug 1512029 part 1 - Stop calling JS_GetCompartmentPrincipals for system compartments. r=bzbarsky
Because it release-asserts the compartment has a single realm.

I also renamed JS_GetCompartmentPrincipals to JS_DeprecatedGetCompartmentPrincipals
to discourage people from using it.

Differential Revision: https://phabricator.services.mozilla.com/D14252

--HG--
extra : moz-landing-system : lando
2018-12-16 14:59:46 +00:00
Boris Zbarsky
771d1e342c Bug 1514261. Skip messing around with compartments in FunctionForwarder if the forwarder is already same-compartment with the underlying callee. r=bholley 2018-12-16 00:13:53 -05:00
Steve Fink
10953d54c2 Bug 1513108 - Remove the separate class extension hook for getting a weakmap key delegate, r=jonco
Replace with just unwrapping the key, since there are no users that return anything else for a delegate.

--HG--
extra : rebase_source : e72b825121ca3493364c9347f65e5dddd1ef53e0
2018-12-07 14:38:01 -08:00
Yoshi Cheng-Hao Huang
ad67f7c11b Bug 1475896 - Add telemetry for GC marking rate. r=jonco, data-review=chutten 2018-12-14 17:10:10 +01:00
Jon Coppeard
6f81506124 Bug 1463462 - Make gray marking assertions call a JSAPI function r=sfink 2018-12-06 16:28:10 -05:00
Cameron Kaiser
93af8a88e6 Bug 1512162: Followup: narrow non-stack-protected window for XPConnect on ppc64le. r=bhollley 2018-12-13 09:14:53 -08:00