зеркало из https://github.com/mozilla/gecko-dev.git
36e6030c74
The change to test_clonewrapper.xul is because in the new setup we've already tried handing an object across origins via chrome code, so it has a cached (opaque) wrapper. When we set document.domain and pass the same object again, we end up picking up the cached wrapper when we try to wrap across the compartment boundary, so don't grant access when perhaps we should... This does lead to a possible spec violation in the following situation: 1) Two documents (A, B) start out same-site but different-origin. 2) Privileged code (system or extension) puts a reference to an object from site A into site B. This object gets an opaque CCW. 3) Both sites set document.domain to become same-effective-script-origin and then site B goes through the site A Window and the object graph hanging off it and gets to the object involved. It gets an opaque CCW when it should have a transparent CCW. We could fix this if we kept recomputing wrappers on document.domain change and just fixed the compartment filter used by the recomputation. But this seems like a pretty rare situation, and not one web sites can get into without an assist from a somewhat buggy extension or system code, so let's see whether we can just live with it and remove the recomputation. Differential Revision: https://phabricator.services.mozilla.com/D18032 --HG-- extra : moz-landing-system : lando |
||
|---|---|---|
| .. | ||
| tests | ||
| BasePrincipal.cpp | ||
| BasePrincipal.h | ||
| ContentPrincipal.cpp | ||
| ContentPrincipal.h | ||
| DomainPolicy.cpp | ||
| DomainPolicy.h | ||
| ExpandedPrincipal.cpp | ||
| ExpandedPrincipal.h | ||
| NullPrincipal.cpp | ||
| NullPrincipal.h | ||
| NullPrincipalURI.cpp | ||
| NullPrincipalURI.h | ||
| OriginAttributes.cpp | ||
| OriginAttributes.h | ||
| SystemPrincipal.cpp | ||
| SystemPrincipal.h | ||
| moz.build | ||
| nsIAddonPolicyService.idl | ||
| nsIDomainPolicy.idl | ||
| nsIPrincipal.idl | ||
| nsIScriptSecurityManager.idl | ||
| nsJSPrincipals.cpp | ||
| nsJSPrincipals.h | ||
| nsScriptSecurityManager.cpp | ||
| nsScriptSecurityManager.h | ||