bug 79916 - was using | instead of &, causing a security hole. r=jband, sr=brendan.

caps/src/nsScriptSecurityManager.cpp

@@ -377,7 +377,7 @@ nsScriptSecurityManager::IsDOMClass(nsIClassInfo* aClassInfo)
         return PR_FALSE;
     PRUint32 classFlags;
     nsresult rv = aClassInfo->GetFlags(&classFlags);
-    return NS_SUCCEEDED(rv) && (classFlags | nsIClassInfo::DOM_OBJECT);
+    return NS_SUCCEEDED(rv) && (classFlags & nsIClassInfo::DOM_OBJECT);
 }
 
 PRInt32