gecko-dev/caps
Boris Zbarsky 36e6030c74 Bug 1514050 part 2. Stop recomputing cross-compartment wrappers on document.domain changes. r=bholley
The change to test_clonewrapper.xul is because in the new setup we've already
tried handing an object across origins via chrome code, so it has a cached
(opaque) wrapper.  When we set document.domain and pass the same object again,
we end up picking up the cached wrapper when we try to wrap across the
compartment boundary, so don't grant access when perhaps we should...

This does lead to a possible spec violation in the following situation:

1) Two documents (A, B) start out same-site but different-origin.
2) Privileged code (system or extension) puts a reference to an object from
site A into site B.  This object gets an opaque CCW.
3) Both sites set document.domain to become same-effective-script-origin and
then site B goes through the site A Window and the object graph hanging off it
and gets to the object involved.  It gets an opaque CCW when it should have a
transparent CCW.

We could fix this if we kept recomputing wrappers on document.domain change and
just fixed the compartment filter used by the recomputation.  But this seems
like a pretty rare situation, and not one web sites can get into without an
assist from a somewhat buggy extension or system code, so let's see whether we
can just live with it and remove the recomputation.

Differential Revision: https://phabricator.services.mozilla.com/D18032

--HG--
extra : moz-landing-system : lando
2019-01-30 19:02:34 +00:00
..
tests Bug 1518283 - prohibit blank lines at the beginning and end of blocks (eslint padded-blocks) r=mossop,Standard8 2019-01-30 17:26:25 +00:00
BasePrincipal.cpp Bug 1515863, r=ckerschb 2019-01-08 16:59:21 +01:00
BasePrincipal.h Bug 1515863, r=ckerschb 2018-12-21 11:56:47 +00:00
ContentPrincipal.cpp Bug 1514050 part 2. Stop recomputing cross-compartment wrappers on document.domain changes. r=bholley 2019-01-30 19:02:34 +00:00
ContentPrincipal.h Bug 1515863, r=ckerschb 2018-12-21 11:56:47 +00:00
DomainPolicy.cpp Bug 1511393 - Use c-basic-offset: 2 in Emacs mode line for C/C++ code. r=nbp 2018-12-01 04:52:05 +09:00
DomainPolicy.h Bug 1511393 - Use c-basic-offset: 2 in Emacs mode line for C/C++ code. r=nbp 2018-12-01 04:52:05 +09:00
ExpandedPrincipal.cpp Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format 2018-11-30 11:46:48 +01:00
ExpandedPrincipal.h Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format 2018-11-30 11:46:48 +01:00
NullPrincipal.cpp Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format 2018-11-30 11:46:48 +01:00
NullPrincipal.h Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format 2018-11-30 11:46:48 +01:00
NullPrincipalURI.cpp Bug 1522596 - Remove nsIIPCSerializableURI and move its only member to nsIURI; r=valentin 2019-01-25 13:32:36 +00:00
NullPrincipalURI.h Bug 1522596 - Remove nsIIPCSerializableURI and move its only member to nsIURI; r=valentin 2019-01-25 13:32:36 +00:00
OriginAttributes.cpp Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format 2018-11-30 11:46:48 +01:00
OriginAttributes.h Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format 2018-11-30 11:46:48 +01:00
SystemPrincipal.cpp Bug 1517241 - Rename nsIDocument to mozilla::dom::Document. r=smaug 2019-01-03 17:48:33 +01:00
SystemPrincipal.h Bug 1517241 - Rename nsIDocument to mozilla::dom::Document. r=smaug 2019-01-03 17:48:33 +01:00
moz.build Bug 1476306 - Moving NullPrincipal/ContentPrincipal/SystemPrincipal under mozilla namespace - part 3 - ContentPrincipal, r=ckerschb 2018-07-17 21:38:48 +02:00
nsIAddonPolicyService.idl
nsIDomainPolicy.idl Bug 1507540 part 1. Use more notxpcom attributes in caps/. r=mrbkap 2018-11-19 20:17:52 -05:00
nsIPrincipal.idl Bug 1518991 - Make nsIPrincipal URI getter infallible; r=bholley 2019-01-10 05:44:33 +00:00
nsIScriptSecurityManager.idl Bug 1515863, r=ckerschb 2018-12-21 11:56:47 +00:00
nsJSPrincipals.cpp Bug 1511393 - Use c-basic-offset: 2 in Emacs mode line for C/C++ code. r=nbp 2018-12-01 04:52:05 +09:00
nsJSPrincipals.h Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format 2018-11-30 11:46:48 +01:00
nsScriptSecurityManager.cpp Merge mozilla-central to inbound. a=merge CLOSED TREE 2019-01-29 23:54:31 +02:00
nsScriptSecurityManager.h Bug 1511393 - Use c-basic-offset: 2 in Emacs mode line for C/C++ code. r=nbp 2018-12-01 04:52:05 +09:00