зеркало из https://github.com/mozilla/gecko-dev.git
Bug 480430 followup -- wrap for different-scope bug same-origin chrome wrappers since we have code that depends on it.
This commit is contained in:
Родитель
3628a2acea
Коммит
209b129774
|
@ -2362,9 +2362,10 @@ nsXPConnect::GetWrapperForObject(JSContext* aJSContext,
|
|||
|
||||
*_retval = OBJECT_TO_JSVAL(aObject);
|
||||
|
||||
PRBool sameOrigin = xpc_SameOrigin(objectscope, xpcscope);
|
||||
JSBool sameOrigin;
|
||||
JSBool sameScope = xpc_SameScope(objectscope, xpcscope, &sameOrigin);
|
||||
if(STOBJ_IS_SYSTEM(aObject) ||
|
||||
(sameOrigin &&
|
||||
(sameScope &&
|
||||
(!XPC_XOW_ClassNeedsXOW(STOBJ_GET_CLASS(aObject)->name) ||
|
||||
(aFilenameFlags & JSFILENAME_SYSTEM))))
|
||||
return NS_OK;
|
||||
|
@ -2373,23 +2374,26 @@ nsXPConnect::GetWrapperForObject(JSContext* aJSContext,
|
|||
|
||||
if(aFilenameFlags & JSFILENAME_PROTECTED)
|
||||
{
|
||||
NS_ASSERTION(!sameOrigin, "Bad filename flags");
|
||||
wrappedObj = XPCNativeWrapper::GetNewOrUsed(aJSContext, wrapper,
|
||||
aPrincipal);
|
||||
}
|
||||
else if(aFilenameFlags & JSFILENAME_SYSTEM)
|
||||
{
|
||||
NS_ASSERTION(!sameOrigin, "Bad filename flags");
|
||||
jsval val = OBJECT_TO_JSVAL(aObject);
|
||||
if(XPC_SJOW_Construct(aJSContext, nsnull, 1, &val, &val))
|
||||
wrappedObj = JSVAL_TO_OBJECT(val);
|
||||
}
|
||||
else
|
||||
else if (!sameOrigin)
|
||||
{
|
||||
jsval val = OBJECT_TO_JSVAL(aObject);
|
||||
if(XPC_XOW_WrapObject(aJSContext, aScope, &val, wrapper))
|
||||
wrappedObj = JSVAL_TO_OBJECT(val);
|
||||
}
|
||||
else
|
||||
{
|
||||
// Different scopes, but same origin, return the original object.
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
if(!wrappedObj)
|
||||
return NS_ERROR_FAILURE;
|
||||
|
|
|
@ -1156,8 +1156,9 @@ XPCConvert::NativeInterface2JSObject(XPCCallContext& ccx,
|
|||
JSObject *flat = wrapper->GetFlatJSObject();
|
||||
jsval v = OBJECT_TO_JSVAL(flat);
|
||||
|
||||
JSBool sameOrigin;
|
||||
if (allowNativeWrapper &&
|
||||
!xpc_SameOrigin(wrapper->GetScope(), xpcscope))
|
||||
!xpc_SameScope(wrapper->GetScope(), xpcscope, &sameOrigin))
|
||||
{
|
||||
// Cross scope access detected. Check if chrome code
|
||||
// is accessing non-chrome objects, and if so, wrap
|
||||
|
@ -1218,6 +1219,7 @@ XPCConvert::NativeInterface2JSObject(XPCCallContext& ccx,
|
|||
strongWrapper = wrapper;
|
||||
|
||||
JSObject *destObj = nsnull;
|
||||
JSBool triedWrapping = JS_FALSE;
|
||||
if(flags & JSFILENAME_PROTECTED)
|
||||
{
|
||||
#ifdef DEBUG_XPCNativeWrapper
|
||||
|
@ -1256,6 +1258,7 @@ XPCConvert::NativeInterface2JSObject(XPCCallContext& ccx,
|
|||
destObj =
|
||||
XPCNativeWrapper::GetNewOrUsed(ccx, wrapper,
|
||||
objPrincipal);
|
||||
triedWrapping = JS_TRUE;
|
||||
}
|
||||
else if (flags & JSFILENAME_SYSTEM)
|
||||
{
|
||||
|
@ -1266,17 +1269,20 @@ XPCConvert::NativeInterface2JSObject(XPCCallContext& ccx,
|
|||
|
||||
if(XPC_SJOW_Construct(ccx, nsnull, 1, &v, &v))
|
||||
destObj = JSVAL_TO_OBJECT(v);
|
||||
triedWrapping = JS_TRUE;
|
||||
}
|
||||
else
|
||||
else if (!sameOrigin)
|
||||
{
|
||||
// Reaching across scopes from content code. Wrap
|
||||
// the new object in a XOW.
|
||||
if (XPC_XOW_WrapObject(ccx, scope, &v))
|
||||
destObj = JSVAL_TO_OBJECT(v);
|
||||
triedWrapping = JS_TRUE;
|
||||
}
|
||||
|
||||
return destObj &&
|
||||
CreateHolderIfNeeded(ccx, destObj, d, dest);
|
||||
if(triedWrapping)
|
||||
return destObj &&
|
||||
CreateHolderIfNeeded(ccx, destObj, d, dest);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -729,21 +729,24 @@ xpc_NewSystemInheritingJSObject(JSContext *cx, JSClass *clasp, JSObject *proto,
|
|||
}
|
||||
|
||||
inline JSBool
|
||||
xpc_SameOrigin(XPCWrappedNativeScope *objectscope, XPCWrappedNativeScope *xpcscope)
|
||||
xpc_SameScope(XPCWrappedNativeScope *objectscope, XPCWrappedNativeScope *xpcscope,
|
||||
JSBool *sameOrigin)
|
||||
{
|
||||
if(objectscope == xpcscope)
|
||||
if (objectscope == xpcscope)
|
||||
{
|
||||
*sameOrigin = JS_TRUE;
|
||||
return JS_TRUE;
|
||||
}
|
||||
|
||||
nsIPrincipal *objectprincipal = objectscope->GetPrincipal();
|
||||
nsIPrincipal *xpcprincipal = xpcscope->GetPrincipal();
|
||||
PRBool sameOrigin;
|
||||
if(!objectprincipal || !xpcprincipal ||
|
||||
NS_FAILED(objectprincipal->Equals(xpcprincipal, &sameOrigin)))
|
||||
NS_FAILED(objectprincipal->Equals(xpcprincipal, sameOrigin)))
|
||||
{
|
||||
return JS_FALSE;
|
||||
*sameOrigin = JS_FALSE;
|
||||
}
|
||||
|
||||
return sameOrigin;
|
||||
return JS_FALSE;
|
||||
}
|
||||
|
||||
inline jsval
|
||||
|
|
|
@ -4068,7 +4068,9 @@ xpc_NewSystemInheritingJSObject(JSContext *cx, JSClass *clasp, JSObject *proto,
|
|||
JSObject *parent);
|
||||
|
||||
inline JSBool
|
||||
xpc_SameOrigin(XPCWrappedNativeScope *objectscope, XPCWrappedNativeScope *xpcscope);
|
||||
xpc_SameScope(XPCWrappedNativeScope *objectscope,
|
||||
XPCWrappedNativeScope *xpcscope,
|
||||
JSBool *sameOrigin);
|
||||
|
||||
nsISupports *
|
||||
XPC_GetIdentityObject(JSContext *cx, JSObject *obj);
|
||||
|
|
Загрузка…
Ссылка в новой задаче