зеркало из https://github.com/mozilla/gecko-dev.git
Bug 353851 - "accumulation of outer chrome windows in mOpener chains (window.opener)". r+sr=jst, a=blocking1.9. Fixed small typo that caused Txul to blow up yesterday.
This commit is contained in:
bent.mozilla@gmail.com
Родитель
78f303f067
Коммит
fe4e0240cb
|
|
@ -930,8 +930,6 @@ NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN(nsGlobalWindow)
|
|||
|
||||
NS_IMPL_CYCLE_COLLECTION_TRAVERSE_NSCOMPTR(mContext)
|
||||
|
||||
NS_IMPL_CYCLE_COLLECTION_TRAVERSE_NSCOMPTR(mOpener)
|
||||
|
||||
NS_IMPL_CYCLE_COLLECTION_TRAVERSE_NSCOMPTR(mControllers)
|
||||
NS_IMPL_CYCLE_COLLECTION_TRAVERSE_NSCOMPTR(mArguments)
|
||||
NS_IMPL_CYCLE_COLLECTION_TRAVERSE_NSCOMPTR(mArgumentsLast)
|
||||
|
|
@ -974,8 +972,6 @@ NS_IMPL_CYCLE_COLLECTION_TRAVERSE_END
|
|||
NS_IMPL_CYCLE_COLLECTION_UNLINK_BEGIN(nsGlobalWindow)
|
||||
NS_IMPL_CYCLE_COLLECTION_UNLINK_NSCOMPTR(mContext)
|
||||
|
||||
NS_IMPL_CYCLE_COLLECTION_UNLINK_NSCOMPTR(mOpener)
|
||||
|
||||
NS_IMPL_CYCLE_COLLECTION_UNLINK_NSCOMPTR(mControllers)
|
||||
NS_IMPL_CYCLE_COLLECTION_UNLINK_NSCOMPTR(mArguments)
|
||||
NS_IMPL_CYCLE_COLLECTION_UNLINK_NSCOMPTR(mArgumentsLast)
|
||||
|
|
@ -2073,7 +2069,9 @@ nsGlobalWindow::SetOpenerWindow(nsIDOMWindowInternal* aOpener,
|
|||
NS_ASSERTION(aOpener || !aOriginalOpener,
|
||||
"Shouldn't set mHadOriginalOpener if aOpener is null");
|
||||
|
||||
mOpener = aOpener;
|
||||
mOpener = do_GetWeakReference(aOpener);
|
||||
NS_ASSERTION(mOpener, "Opener must support weak references!");
|
||||
|
||||
if (aOriginalOpener) {
|
||||
mHadOriginalOpener = PR_TRUE;
|
||||
}
|
||||
|
|
@ -2801,18 +2799,22 @@ nsGlobalWindow::GetOpener(nsIDOMWindowInternal** aOpener)
|
|||
FORWARD_TO_OUTER(GetOpener, (aOpener), NS_ERROR_NOT_INITIALIZED);
|
||||
|
||||
*aOpener = nsnull;
|
||||
// First, check if we were called from a privileged chrome script
|
||||
|
||||
nsCOMPtr<nsIDOMWindowInternal> opener = do_QueryReferent(mOpener);
|
||||
if (!opener) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// First, check if we were called from a privileged chrome script
|
||||
if (nsContentUtils::IsCallerTrustedForRead()) {
|
||||
*aOpener = mOpener;
|
||||
NS_IF_ADDREF(*aOpener);
|
||||
NS_ADDREF(*aOpener = opener);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
// We don't want to reveal the opener if the opener is a mail window,
|
||||
// because opener can be used to spoof the contents of a message (bug 105050).
|
||||
// So, we look in the opener's root docshell to see if it's a mail window.
|
||||
nsCOMPtr<nsPIDOMWindow> openerPwin(do_QueryInterface(mOpener));
|
||||
nsCOMPtr<nsPIDOMWindow> openerPwin(do_QueryInterface(opener));
|
||||
if (openerPwin) {
|
||||
nsCOMPtr<nsIDocShellTreeItem> docShellAsItem =
|
||||
do_QueryInterface(openerPwin->GetDocShell());
|
||||
|
|
@ -2825,7 +2827,7 @@ nsGlobalWindow::GetOpener(nsIDOMWindowInternal** aOpener)
|
|||
PRUint32 appType;
|
||||
nsresult rv = openerRootDocShell->GetAppType(&appType);
|
||||
if (NS_SUCCEEDED(rv) && appType != nsIDocShell::APP_TYPE_MAIL) {
|
||||
*aOpener = mOpener;
|
||||
*aOpener = opener;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -663,7 +663,7 @@ protected:
|
|||
PRPackedBool mIsChrome : 1;
|
||||
|
||||
nsCOMPtr<nsIScriptContext> mContext;
|
||||
nsCOMPtr<nsIDOMWindowInternal> mOpener;
|
||||
nsWeakPtr mOpener;
|
||||
nsCOMPtr<nsIControllers> mControllers;
|
||||
nsCOMPtr<nsIArray> mArguments;
|
||||
nsCOMPtr<nsIArray> mArgumentsLast;
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче