зеркало из https://github.com/mozilla/gecko-dev.git
bug 313566: Add a couple of checks. r=jst sr=bzbarsky
This commit is contained in:
mrbkap%gmail.com
Родитель
f44f93ebc5
Коммит
ca50f64d3e
|
|
@ -1,4 +1,5 @@
|
|||
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
||||
/* vim: set ts=2 sw=2 et tw=80: */
|
||||
/* ***** BEGIN LICENSE BLOCK *****
|
||||
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
|
||||
*
|
||||
|
|
@ -141,7 +142,19 @@ nsXULCommandDispatcher::GetFocusedElement(nsIDOMElement** aElement)
|
|||
EnsureFocusController();
|
||||
NS_ENSURE_TRUE(mFocusController, NS_ERROR_FAILURE);
|
||||
|
||||
return mFocusController->GetFocusedElement(aElement);
|
||||
nsresult rv = mFocusController->GetFocusedElement(aElement);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Make sure the caller can access the focused element.
|
||||
if (*aElement && !nsContentUtils::CanCallerAccess(*aElement)) {
|
||||
// XXX This might want to return null, but we use that return value
|
||||
// to mean "there is no focused element," so to be clear, throw an
|
||||
// exception.
|
||||
NS_RELEASE(*aElement);
|
||||
return NS_ERROR_DOM_SECURITY_ERR;
|
||||
}
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
|
|
@ -154,7 +167,23 @@ nsXULCommandDispatcher::GetFocusedWindow(nsIDOMWindow** aWindow)
|
|||
nsresult rv = mFocusController->GetFocusedWindow(getter_AddRefs(window));
|
||||
NS_ENSURE_TRUE(NS_SUCCEEDED(rv) && window, rv);
|
||||
|
||||
return CallQueryInterface(window, aWindow);
|
||||
rv = CallQueryInterface(window, aWindow);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Make sure the caller can access this window. The caller can access this
|
||||
// window iff it can access the document.
|
||||
nsCOMPtr<nsIDOMDocument> domdoc;
|
||||
rv = (*aWindow)->GetDocument(getter_AddRefs(domdoc));
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
// Note: If there is no document, then this window has been cleared and
|
||||
// there's nothing left to protect, so let the window pass through.
|
||||
if (domdoc && !nsContentUtils::CanCallerAccess(domdoc)) {
|
||||
NS_RELEASE(*aWindow);
|
||||
return NS_ERROR_DOM_SECURITY_ERR;
|
||||
}
|
||||
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
|
||||
/* vim: set ts=4 sw=4 et tw=80: */
|
||||
/* ***** BEGIN LICENSE BLOCK *****
|
||||
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
|
||||
*
|
||||
|
|
@ -1607,6 +1608,11 @@ nsXULDocument::GetPopupNode(nsIDOMNode** aNode)
|
|||
// get popup node
|
||||
rv = focusController->GetPopupNode(aNode); // addref happens here
|
||||
|
||||
if (NS_SUCCEEDED(rv) && *aNode && !nsContentUtils::CanCallerAccess(*aNode)) {
|
||||
NS_RELEASE(*aNode);
|
||||
return NS_ERROR_DOM_SECURITY_ERR;
|
||||
}
|
||||
|
||||
return rv;
|
||||
}
|
||||
|
||||
|
|
@ -1628,6 +1634,9 @@ nsXULDocument::SetPopupNode(nsIDOMNode* aNode)
|
|||
NS_IMETHODIMP
|
||||
nsXULDocument::GetTooltipNode(nsIDOMNode** aNode)
|
||||
{
|
||||
if (mTooltipNode && !nsContentUtils::CanCallerAccess(mTooltipNode)) {
|
||||
return NS_ERROR_DOM_SECURITY_ERR;
|
||||
}
|
||||
*aNode = mTooltipNode;
|
||||
NS_IF_ADDREF(*aNode);
|
||||
return NS_OK;
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче