fix bug 47410. Allow JS components to implement nsISecurityCheckedComponent and have sidebar componnet implement it to allow access from untrusted scripts. a=brendan@mozilla.org a=johng@netscape.com
This commit is contained in:
jband%netscape.com
Родитель
8ba16c914a
Коммит
02b25f73f7
|
|
@ -37,7 +37,7 @@
|
|||
* Return values of 'AllAccess' or 'NoAccess' unconditionally allow or deny
|
||||
* access to the operation.
|
||||
*/
|
||||
[uuid(0dad9e8c-a12d-4dcb-9a6f-7d09839356e1)]
|
||||
[scriptable, uuid(0dad9e8c-a12d-4dcb-9a6f-7d09839356e1)]
|
||||
interface nsISecurityCheckedComponent : nsISupports {
|
||||
string canCreateWrapper(in nsIIDPtr iid);
|
||||
string canCallMethod(in nsIIDPtr iid, in wstring methodName);
|
||||
|
|
|
|||
|
|
@ -49,6 +49,7 @@ const nsIRDFContainer = Components.interfaces.nsIRDFContainer;
|
|||
const nsIFileLocator = Components.interfaces.nsIFileLocator;
|
||||
const nsIRDFRemoteDataSource = Components.interfaces.nsIRDFRemoteDataSource;
|
||||
const nsIInternetSearchService = Components.interfaces.nsIInternetSearchService;
|
||||
const nsISecurityCheckedComponent = Components.interfaces.nsISecurityCheckedComponent;
|
||||
|
||||
function nsSidebar()
|
||||
{
|
||||
|
|
@ -283,7 +284,45 @@ function (engineURL, iconURL, suggestedTitle, suggestedCategory)
|
|||
}
|
||||
}
|
||||
|
||||
// method of nsISecurityCheckedComponent
|
||||
nsSidebar.prototype.canCreateWrapper =
|
||||
function (iid) {
|
||||
return "NoAccess";
|
||||
}
|
||||
|
||||
// method of nsISecurityCheckedComponent
|
||||
nsSidebar.prototype.canCallMethod =
|
||||
function (iid, methodName) {
|
||||
if (iid.equals(nsISidebar) &&
|
||||
(methodName == "setWindow" ||
|
||||
methodName == "addPanel" ||
|
||||
methodName == "addSearchEngine")) {
|
||||
return "AllAccess";
|
||||
} else {
|
||||
return "NoAccess";
|
||||
}
|
||||
}
|
||||
|
||||
// method of nsISecurityCheckedComponent
|
||||
nsSidebar.prototype.canGetProperty =
|
||||
function (iid, propertyName) {
|
||||
return "NoAccess";
|
||||
}
|
||||
|
||||
// method of nsISecurityCheckedComponent
|
||||
nsSidebar.prototype.canSetProperty =
|
||||
function (iid, propertyName) {
|
||||
return "NoAccess";
|
||||
}
|
||||
|
||||
nsSidebar.prototype.QueryInterface =
|
||||
function (iid) {
|
||||
if (!iid.equals(nsISidebar) &&
|
||||
!iid.equals(nsISecurityCheckedComponent) &&
|
||||
!iid.equals(nsISupports))
|
||||
throw Components.results.NS_ERROR_NO_INTERFACE;
|
||||
return this;
|
||||
}
|
||||
|
||||
var sidebarModule = new Object();
|
||||
|
||||
|
|
@ -323,10 +362,7 @@ function (outer, iid) {
|
|||
if (outer != null)
|
||||
throw Components.results.NS_ERROR_NO_AGGREGATION;
|
||||
|
||||
if (!iid.equals(nsISidebar) && !iid.equals(nsISupports))
|
||||
throw Components.results.NS_ERROR_INVALID_ARG;
|
||||
|
||||
return new nsSidebar();
|
||||
return (new nsSidebar()).QueryInterface(iid);
|
||||
}
|
||||
|
||||
/* entrypoint */
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче