Use a more roundabout way to convert variables to strings and call FindProxyForURL. bug 355214, r=crowder/darin sr=dveditz

This commit is contained in:
mrbkap%gmail.com 2007-02-05 18:19:48 +00:00
Родитель f159f65687
Коммит cdda8da797
1 изменённых файлов: 30 добавлений и 1 удалений

Просмотреть файл

@ -52,6 +52,22 @@ const nsISupports = Components.interfaces.nsISupports;
const nsIProxyAutoConfig = Components.interfaces.nsIProxyAutoConfig;
const nsIDNSService = Components.interfaces.nsIDNSService;
// Loaded once per PAC script, this is a safe way for the supplied functions
// that require chrome privileges to turn a random untrusted object into a
// string.
var safeToString = null;
function myToString(thisp) {
return thisp + '';
}
// This is like safeToString, except that it calls a given function with a
// given this and arguments.
var callFunction = null;
function myCall(fun, thisp) {
var args = Array.prototype.slice.call(arguments, 2);
return fun.apply(thisp, args);
}
// implementor of nsIProxyAutoConfig
function nsProxyAutoConfig() {};
@ -81,6 +97,13 @@ nsProxyAutoConfig.prototype = {
this._sandBox = new Components.utils.Sandbox(pacURI);
Components.utils.evalInSandbox(pacUtils, this._sandBox);
safeToString =
Components.utils.evalInSandbox("(" + myToString.toSource() + ")",
this._sandBox);
callFunction =
Components.utils.evalInSandbox("(" + myCall.toSource() + ")",
this._sandBox);
// add predefined functions to pac
this._sandBox.importFunction(myIpAddress);
this._sandBox.importFunction(dnsResolve);
@ -96,11 +119,15 @@ nsProxyAutoConfig.prototype = {
return null;
// Call the original function
return this._findProxyForURL.call(this._sandBox, testURI, testHost);
return callFunction(this._findProxyForURL, this._sandBox,
testURI, testHost);
}
}
function proxyAlert(msg) {
// Ensure that we have a string.
msg = safeToString(msg);
try {
// It would appear that the console service is threadsafe.
var cns = Components.classes["@mozilla.org/consoleservice;1"]
@ -122,6 +149,8 @@ function myIpAddress() {
// wrapper for resolving hostnames called by PAC file
function dnsResolve(host) {
host = safeToString(host);
try {
return dns.resolve(host, 0).getNextAddrAsString();
} catch (e) {