mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Fix for bug 669096 (Injecting function from chrome extends the lifetime of navigated-away inner window). r=mrbkap. 

--HG--
extra : rebase_source : 3375132c3e507e09dd79e63d277769090040f6bf
This commit is contained in:
Peter Van der Beken 2011-08-30 16:22:01 +02:00
Родитель 15e72bfded
Коммит 591866c51a
1 изменённых файлов: 41 добавлений и 0 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

41
dom/base/nsGlobalWindow.cpp
Просмотреть файл

@ -1817,6 +1817,34 @@ WindowStateHolder::~WindowStateHolder()
NS_IMPL_ISUPPORTS1(WindowStateHolder, WindowStateHolder)
struct ReparentWaiverClosure
{
JSContext *mCx;
JSObject *mNewInner;
};
static JSDHashOperator
ReparentWaiverWrappers(JSDHashTable *table, JSDHashEntryHdr *hdr,
uint32 number, void *arg)
{
ReparentWaiverClosure *closure = static_cast<ReparentWaiverClosure*>(arg);
JSObject *value = static_cast<JSObject2JSObjectMap::Entry *>(hdr)->value;
// We reparent wrappers that have as their parent an inner window whose
// outer has the new inner window as its current inner.
JSObject *parent = JS_GetParent(closure->mCx, value);
JSObject *outer = JS_ObjectToOuterObject(closure->mCx, parent);
if (outer) {
JSObject *inner = JS_ObjectToInnerObject(closure->mCx, outer);
if (inner == closure->mNewInner && inner != parent)
JS_SetParent(closure->mCx, value, closure->mNewInner);
} else {
JS_ClearPendingException(closure->mCx);
}
return JS_DHASH_NEXT;
}
nsresult
nsGlobalWindow::SetNewDocument(nsIDocument* aDocument,
nsISupports* aState,
@ -2163,6 +2191,19 @@ nsGlobalWindow::SetNewDocument(nsIDocument* aDocument,
JS_SetParent(cx, mJSObject, newInnerWindow->mJSObject);
mContext->SetOuterObject(mJSObject);
JSCompartment *compartment = js::GetObjectCompartment(mJSObject);
xpc::CompartmentPrivate *priv =
static_cast<xpc::CompartmentPrivate*>(JS_GetCompartmentPrivate(cx, compartment));
if (priv && priv->waiverWrapperMap) {
NS_ASSERTION(!JS_IsExceptionPending(cx),
"We might overwrite a pending exception!");
ReparentWaiverClosure closure = {
cx,
newInnerWindow->mJSObject
};
priv->waiverWrapperMap->Enumerate(ReparentWaiverWrappers, &closure);
}
}
}