Bug 797909, null principal for initial about:blank, r=bz

2012-10-05 02:01:34 +03:00 · 2012-10-05 02:01:34 +03:00 · 6011112b41
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@ -6777,8 +6777,14 @@ nsDocShell::CreateAboutBlankContentViewer(nsIPrincipal* aPrincipal,
      nsContentUtils::FindInternalContentViewer("text/html");

  if (docFactory) {
+    nsCOMPtr<nsIPrincipal> principal;
+    if (mSandboxFlags & SANDBOXED_ORIGIN) {
+      principal = do_CreateInstance("@mozilla.org/nullprincipal;1");
+    } else {
+      principal = aPrincipal;
+    }
    // generate (about:blank) document to load
-    docFactory->CreateBlankDocument(mLoadGroup, aPrincipal,
+    docFactory->CreateBlankDocument(mLoadGroup, principal,
                                    getter_AddRefs(blankDoc));
    if (blankDoc) {
      // Hack: set the base URI manually, since this document never
--- a/docshell/test/Makefile.in
+++ b/docshell/test/Makefile.in
@ -100,6 +100,7 @@ MOCHITEST_FILES = \
 		test_bug713825.html \
 		test_bug728939.html \
 		file_bug728939.html \
+		test_bug797909.html \
 		$(NULL)

 ifeq ($(MOZ_WIDGET_TOOLKIT),cocoa)
--- a/docshell/test/test_bug797909.html
+++ b/docshell/test/test_bug797909.html
@ -0,0 +1,66 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=797909
+-->
+<head>
+  <meta charset="utf-8">
+  <title>Test for Bug 797909</title>
+  <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+</head>
+<body onload="runTest()">
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=797909">Mozilla Bug 797909</a>
+<p id="display"></p>
+<div id="content" style="display: none">
+  
+</div>
+<pre id="test">
+<script type="application/javascript">
+  /** Test for Bug 797909 **/
+
+  SimpleTest.waitForExplicitFinish();
+
+  function runTest() {
+    iframe = document.getElementById("ifr");
+    try {
+      var iframeDoc = iframe.contentWindow.document;
+      ok(false, "Should have thrown an exception");
+    } catch (ex) {
+      ok(true, "Got an exception");
+    }
+
+    iframe = document.createElement("iframe");
+    // set sandbox attribute
+    iframe.sandbox = "allow-scripts";
+    // and then insert into the doc
+    document.body.appendChild(iframe);
+
+    try {
+      var iframeDoc = iframe.contentWindow.document;
+      ok(false, "Should have thrown an exception");
+    } catch (ex) {
+      ok(true, "Got an exception");
+    }
+
+    iframe = document.createElement("iframe");
+    // set sandbox attribute
+    iframe.sandbox = "allow-same-origin";
+    // and then insert into the doc
+    document.body.appendChild(iframe);
+
+    try {
+      var iframeDoc = iframe.contentWindow.document;
+      ok(true, "Shouldn't have thrown an exception");
+    } catch (ex) {
+      ok(false, "Got an unexpected exception");
+    }
+
+    SimpleTest.finish();
+  }
+
+</script>
+</pre>
+<iframe id="ifr" sandbox = "allow-scripts"></iframe>
+</body>
+</html>