From d624f6b97e9ffb98dfaf6f88d4fbbb15434a9ad5 Mon Sep 17 00:00:00 2001 From: Gabor Krizsanits Date: Tue, 8 Aug 2017 13:43:20 +0200 Subject: [PATCH] Bug 1378207 - Handle sandboxes with XOW protos in WebExtensionChildActor. r=rpl Sandbox can throw on property access if it does not have permission to access its own proto, even if the caller compartment had. --- devtools/server/actors/webextension.js | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/devtools/server/actors/webextension.js b/devtools/server/actors/webextension.js index 2dcb03a1d4c2..b1cb069ba491 100644 --- a/devtools/server/actors/webextension.js +++ b/devtools/server/actors/webextension.js @@ -336,6 +336,16 @@ WebExtensionChildActor.prototype._shouldAddNewGlobalAsDebuggee = function (newGl const global = unwrapDebuggerObjectGlobal(newGlobal); if (global instanceof Ci.nsIDOMWindow) { + try { + global.document; + } catch (e) { + // The global might be a sandbox with a window object in its proto chain. If the + // window navigated away since the sandbox was created, it can throw a security + // exception during this property check as the sandbox no longer has access to + // its own proto. + return false; + } + // Filter out any global which contains a XUL document. if (global.document instanceof Ci.nsIDOMXULDocument) { return false;