Bug 735280 - Part 3: Components object specific wrapper. r=bholley

This commit is contained in:
Gabor Krizsanits 2012-04-28 09:12:28 -04:00
Родитель 97b74839de
Коммит 729109dc65
11 изменённых файлов: 136 добавлений и 13 удалений

Просмотреть файл

@ -5,14 +5,14 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=246699
-->
<head>
<title>Test for Bug 246699</title>
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>
<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=246699">Mozilla Bug 246699</a>
<p id="display"></p>
<div id="content" style="display: none">
<iframe id="load-frame"></iframe>
<iframe id="load-frame"></iframe>
</div>
<pre id="test">
<script class="testbody" type="text/javascript">
@ -21,9 +21,14 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=246699
** Test for Bug 246699
** (should produce stack information for caps errors)
**/
function isError(e)
{
return e.constructor.name === "Error" || e.constructor.name === "TypeError";
}
function hasStack(e)
{
return e.constructor.name === "Error" && /inciteCaps/.test(e.stack);
return isError(e) && /inciteCaps/.test(e.stack);
}
function inciteCaps(f)

Просмотреть файл

@ -1,4 +1,3 @@
// |reftest| fails-if(browserIsRemote)
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
@ -52,7 +51,7 @@ if (typeof window == 'undefined')
}
else
{
expect = /(Script error.|Permission denied for <file:\/\/> to get property XPCComponents.classes)/;
expect = /(Script error.|Permission denied to access property 'classes')/;
window._onerror = window.onerror;
window.onerror = (function (msg, page, line) {
@ -64,7 +63,8 @@ else
gDelayTestDriverEnd = true;
window.location="javascript:Components.classes";
// Trying to set Components.classes will trigger a Permission denied exception
window.location="javascript:Components.classes = 42";
actual = 'No Error';
}

Просмотреть файл

@ -60,6 +60,7 @@
#include "nsContentUtils.h"
#include "jsgc.h"
#include "jsfriendapi.h"
#include "AccessCheck.h"
#include "mozilla/dom/bindings/Utils.h"
using namespace mozilla;
@ -4461,12 +4462,13 @@ nsXPCComponents::AttachComponentsObject(XPCCallContext& ccx,
return false;
jsid id = ccx.GetRuntime()->GetStringID(XPCJSRuntime::IDX_COMPONENTS);
JSObject* obj;
return NS_SUCCEEDED(wrapper->GetJSObject(&obj)) &&
obj && JS_DefinePropertyById(ccx, aGlobal, id, OBJECT_TO_JSVAL(obj),
nsnull, nsnull,
JSPROP_PERMANENT | JSPROP_READONLY);
JSObject* obj = wrapper->GetSameCompartmentSecurityWrapper(ccx);
if (!wrapper)
return false;
return JS_DefinePropertyById(ccx, aGlobal, id, OBJECT_TO_JSVAL(obj),
nsnull, nsnull,
JSPROP_PERMANENT | JSPROP_READONLY);
}
/* void lookupMethod (); */

Просмотреть файл

@ -1683,6 +1683,8 @@ XPCWrappedNative::ReparentWrapperIfFound(XPCCallContext& ccx,
JSObject *ww = wrapper->GetWrapper();
if (ww) {
JSObject *newwrapper;
MOZ_ASSERT(!xpc::WrapperFactory::IsComponentsObject(flat),
"Components object should never get here");
if (xpc::WrapperFactory::IsLocationObject(flat)) {
newwrapper = xpc::WrapperFactory::WrapLocationObject(ccx, newobj);
if (!newwrapper)
@ -2240,6 +2242,10 @@ XPCWrappedNative::GetSameCompartmentSecurityWrapper(JSContext *cx)
wrapper = xpc::WrapperFactory::WrapSOWObject(cx, flat);
if (!wrapper)
return NULL;
} else if (xpc::WrapperFactory::IsComponentsObject(flat)) {
wrapper = xpc::WrapperFactory::WrapComponentsObject(cx, flat);
if (!wrapper)
return NULL;
}
// If we made a wrapper, cache it and return it.

Просмотреть файл

@ -0,0 +1,43 @@
function run_test() {
var Cu = Components.utils;
var sb1 = Cu.Sandbox("http://www.blah.com");
var sb2 = Cu.Sandbox("http://www.blah.com");
var sb3 = Cu.Sandbox(this);
var sb4 = Cu.Sandbox("http://www.other.com");
var rv;
// non-chrome accessing chrome Components
sb1.C = Components;
rv = Cu.evalInSandbox("C.utils", sb1);
do_check_eq(rv, undefined);
rv = Cu.evalInSandbox("C.interfaces", sb1);
do_check_neq(rv, undefined);
// non-chrome accessing own Components
rv = Cu.evalInSandbox("Components.utils", sb1);
do_check_eq(rv, undefined);
rv = Cu.evalInSandbox("Components.interfaces", sb1);
do_check_neq(rv, undefined);
// non-chrome same origin
var C2 = Cu.evalInSandbox("Components", sb2);
do_check_neq(rv, C2.utils);
sb1.C2 = C2;
rv = Cu.evalInSandbox("C2.utils", sb1);
do_check_eq(rv, undefined);
rv = Cu.evalInSandbox("C2.interfaces", sb1);
do_check_neq(rv, undefined);
// chrome accessing chrome
sb3.C = Components;
rv = Cu.evalInSandbox("C.utils", sb3);
do_check_eq(rv, Cu);
// non-chrome cross origin
sb4.C2 = C2;
rv = Cu.evalInSandbox("C2.interfaces", sb1);
do_check_neq(rv, undefined);
rv = Cu.evalInSandbox("C2.utils", sb1);
do_check_eq(rv, undefined);
}

Просмотреть файл

@ -25,3 +25,4 @@ fail-if = os == "android"
[test_unload.js]
[test_attributes.js]
[test_params.js]
[test_components.js]

Просмотреть файл

@ -607,4 +607,29 @@ ExposedPropertiesOnly::check(JSContext *cx, JSObject *wrapper, jsid id, Wrapper:
return true; // Allow
}
bool
ComponentsObjectPolicy::check(JSContext *cx, JSObject *wrapper, jsid id, Wrapper::Action act,
Permission &perm)
{
perm = DenyAccess;
JSAutoEnterCompartment ac;
if (!ac.enter(cx, wrapper))
return false;
if (JSID_IS_STRING(id) && act == Wrapper::GET) {
JSFlatString *flatId = JSID_TO_FLAT_STRING(id);
if (JS_FlatStringEqualsAscii(flatId, "isSuccessCode") ||
JS_FlatStringEqualsAscii(flatId, "lookupMethod") ||
JS_FlatStringEqualsAscii(flatId, "interfaces") ||
JS_FlatStringEqualsAscii(flatId, "interfacesByID") ||
JS_FlatStringEqualsAscii(flatId, "results"))
{
perm = PermitPropertyAccess;
return true;
}
}
return PermitIfUniversalXPConnect(cx, id, act, perm); // Deny
}
}

Просмотреть файл

@ -175,4 +175,10 @@ struct ExposedPropertiesOnly : public Policy {
Permission &perm);
};
// Components specific policy
struct ComponentsObjectPolicy : public Policy {
static bool check(JSContext *cx, JSObject *wrapper, jsid id, js::Wrapper::Action act,
Permission &perm);
};
}

Просмотреть файл

@ -151,7 +151,10 @@ FilteringWrapper<Base, Policy>::enter(JSContext *cx, JSObject *wrapper, jsid id,
LocationPolicy>
#define XLW FilteringWrapper<XrayWrapper<CrossCompartmentSecurityWrapper>, \
LocationPolicy>
#define CW FilteringWrapper<SameCompartmentSecurityWrapper, \
ComponentsObjectPolicy>
#define XCW FilteringWrapper<CrossCompartmentSecurityWrapper, \
ComponentsObjectPolicy>
template<> SOW SOW::singleton(WrapperFactory::SCRIPT_ACCESS_ONLY_FLAG |
WrapperFactory::SOW_FLAG);
template<> SCSOW SCSOW::singleton(WrapperFactory::SCRIPT_ACCESS_ONLY_FLAG |
@ -168,6 +171,9 @@ template<> NNXOW NNXOW::singleton(WrapperFactory::SCRIPT_ACCESS_ONLY_FLAG |
template<> LW LW::singleton(WrapperFactory::SHADOWING_FORBIDDEN);
template<> XLW XLW::singleton(WrapperFactory::SHADOWING_FORBIDDEN);
template<> CW CW::singleton(0);
template<> XCW XCW::singleton(0);
template class SOW;
template class COW;
template class XOW;

Просмотреть файл

@ -366,6 +366,9 @@ WrapperFactory::Rewrap(JSContext *cx, JSObject *obj, JSObject *wrappedProto, JSO
wrapper = &FilteringWrapper<XrayProxy, CrossOriginAccessiblePropertiesOnly>::singleton;
} else if (mozilla::dom::bindings::IsDOMClass(JS_GetClass(obj))) {
wrapper = &FilteringWrapper<XrayDOM, CrossOriginAccessiblePropertiesOnly>::singleton;
} else if (IsComponentsObject(obj)) {
wrapper = &FilteringWrapper<CrossCompartmentSecurityWrapper,
ComponentsObjectPolicy>::singleton;
} else {
wrapper = &FilteringWrapper<CrossCompartmentSecurityWrapper,
ExposedPropertiesOnly>::singleton;
@ -400,6 +403,9 @@ WrapperFactory::Rewrap(JSContext *cx, JSObject *obj, JSObject *wrappedProto, JSO
if (AccessCheck::needsSystemOnlyWrapper(obj)) {
wrapper = &FilteringWrapper<CrossCompartmentSecurityWrapper,
OnlyIfSubjectIsSystem>::singleton;
} else if (IsComponentsObject(obj)) {
wrapper = &FilteringWrapper<CrossCompartmentSecurityWrapper,
ComponentsObjectPolicy>::singleton;
} else if (!targetdata || !targetdata->wantXrays ||
(type = GetXrayType(obj)) == NotXray) {
// Do the double-wrapping if need be.
@ -524,4 +530,21 @@ WrapperFactory::WrapSOWObject(JSContext *cx, JSObject *obj)
return wrapperObj;
}
bool
WrapperFactory::IsComponentsObject(JSObject *obj)
{
const char *name = js::GetObjectClass(obj)->name;
return name[0] == 'n' && !strcmp(name, "nsXPCComponents");
}
JSObject *
WrapperFactory::WrapComponentsObject(JSContext *cx, JSObject *obj)
{
JSObject *wrapperObj =
Wrapper::New(cx, obj, JS_GetPrototype(obj), JS_GetGlobalForObject(cx, obj),
&FilteringWrapper<SameCompartmentSecurityWrapper, ComponentsObjectPolicy>::singleton);
return wrapperObj;
}
}

Просмотреть файл

@ -110,6 +110,12 @@ class WrapperFactory {
// Wrap a (same compartment) object in a SOW.
static JSObject *WrapSOWObject(JSContext *cx, JSObject *obj);
// Return true if this is a Components object.
static bool IsComponentsObject(JSObject *obj);
// Wrap a (same compartment) Components object.
static JSObject *WrapComponentsObject(JSContext *cx, JSObject *obj);
};
extern js::Wrapper WaiveXrayWrapperWrapper;