bug 580128 - Temporary fixes to XrayWrapper - note: these were mostly overridden by later patches. r=gal

This commit is contained in:
Blake Kaplan 2010-09-02 16:02:51 -07:00
Родитель 856533e5bc
Коммит f2103a50a8
6 изменённых файлов: 121 добавлений и 30 удалений

Просмотреть файл

@ -44,6 +44,7 @@
#include "XPCNativeWrapper.h"
#include "nsPIDOMWindow.h"
#include "jswrapper.h"
#include "XrayWrapper.h"
namespace XPCWrapper {
@ -67,7 +68,13 @@ Unwrap(JSContext *cx, JSObject *wrapper)
// XXX Security check!
}
return wrapper->unwrap();
JSObject *wrappedObj = wrapper->unwrap();
if (wrappedObj->getJSClass() == &xpc::HolderClass) {
typedef xpc::XrayWrapper<JSCrossCompartmentWrapper> Xray;
wrappedObj = Xray::unwrapHolder(cx, wrappedObj);
}
return wrappedObj;
}
js::Class *clasp = wrapper->getClass();

Просмотреть файл

@ -174,6 +174,8 @@ AccessCheck::isCrossOriginAccessPermitted(JSContext *cx, JSObject *wrapper, jsid
js::Class *clasp = obj->getClass();
if (clasp->ext.innerObject)
name = "Window";
else if (Jsvalify(clasp) == &HolderClass)
name = XrayWrapper<JSCrossCompartmentWrapper>::unwrapHolder(cx, obj)->getClass()->name;
else
name = clasp->name;

Просмотреть файл

@ -151,13 +151,16 @@ FilteringWrapper<Base, Policy>::enter(JSContext *cx, JSObject *wrapper, jsid id,
#define SOW FilteringWrapper<JSCrossCompartmentWrapper, OnlyIfSubjectIsSystem>
#define COW FilteringWrapper<JSCrossCompartmentWrapper, ExposedPropertiesOnly>
#define XOW FilteringWrapper<XrayWrapper<CrossOriginWrapper>, CrossOriginAccessiblePropertiesOnly>
#define NNXOW FilteringWrapper<JSCrossCompartmentWrapper, CrossOriginAccessiblePropertiesOnly>
template<> SOW SOW::singleton(0);
template<> COW COW::singleton(0);
template<> XOW XOW::singleton(0);
template<> NNXOW NNXOW::singleton(0);
template class SOW;
template class COW;
template class XOW;
template class NNXOW;
}

Просмотреть файл

@ -84,9 +84,15 @@ WrapperFactory::Rewrap(JSContext *cx, JSObject *obj, JSObject *wrappedProto, JSO
wrapper = &XrayWrapperWaivedWrapper;
} else {
// Native objects must be wrapped into an X-ray wrapper.
wrapper = IS_WN_WRAPPER_OBJECT(obj)
? &XrayWrapper<JSCrossCompartmentWrapper>::singleton
: &JSCrossCompartmentWrapper::singleton;
if (!obj->getGlobal()->isSystem() &&
(IS_WN_WRAPPER(obj) || obj->getClass()->ext.innerObject)) {
typedef XrayWrapper<JSCrossCompartmentWrapper> Xray;
wrapper = &Xray::singleton;
obj = Xray::createHolder(cx, parent, obj);
} else {
wrapper = &JSCrossCompartmentWrapper::singleton;
}
}
} else if (AccessCheck::isChrome(origin)) {
// If an object that needs a system only wrapper crosses into content
@ -108,8 +114,15 @@ WrapperFactory::Rewrap(JSContext *cx, JSObject *obj, JSObject *wrappedProto, JSO
// a predefined set of properties. XrayWrapper adds a property
// (.wrappedJSObject) which allows bypassing the XrayWrapper, but
// we filter out access to that property.
wrapper = &FilteringWrapper<XrayWrapper<CrossOriginWrapper>,
CrossOriginAccessiblePropertiesOnly>::singleton;
if (!IS_WN_WRAPPER(obj)) {
wrapper = &FilteringWrapper<JSCrossCompartmentWrapper,
CrossOriginAccessiblePropertiesOnly>::singleton;
} else {
typedef XrayWrapper<CrossOriginWrapper> Xray;
wrapper = &FilteringWrapper<XrayWrapper<CrossOriginWrapper>,
CrossOriginAccessiblePropertiesOnly>::singleton;
obj = Xray::createHolder(cx, parent, obj);
}
}
return JSWrapper::New(cx, obj, wrappedProto, NULL, wrapper);
}

Просмотреть файл

@ -90,10 +90,12 @@ GetWrappedNative(JSObject *obj)
}
static JSObject *
GetWrappedNativeObjectFromHolder(JSObject *holder)
GetWrappedNativeObjectFromHolder(JSContext *cx, JSObject *holder)
{
NS_ASSERTION(holder->getJSClass() == &HolderClass, "expected a native property holder object");
return holder->getSlot(JSSLOT_WN_OBJ).toObjectOrNull();
JSObject *wrappedObj = &holder->getSlot(JSSLOT_WN_OBJ).toObject();
OBJ_TO_INNER_OBJECT(cx, wrappedObj);
return wrappedObj;
}
// Some DOM objects have shared properties that don't have an explicit
@ -102,7 +104,23 @@ GetWrappedNativeObjectFromHolder(JSObject *holder)
static JSBool
holder_get(JSContext *cx, JSObject *obj, jsid id, jsval *vp)
{
JSObject *wnObject = GetWrappedNativeObjectFromHolder(obj);
if (obj->isWrapper()) {
#ifdef DEBUG
{
typedef FilteringWrapper<XrayWrapper<CrossOriginWrapper>,
CrossOriginAccessiblePropertiesOnly>
FilteringXRay;
JSProxyHandler *handler = obj->getProxyHandler();
NS_ASSERTION(handler == &XrayWrapper<JSCrossCompartmentWrapper>::singleton ||
handler == &XrayWrapper<CrossOriginWrapper>::singleton ||
handler == &FilteringXRay::singleton,
"bad object");
}
#endif
obj = obj->unwrap();
}
JSObject *wnObject = GetWrappedNativeObjectFromHolder(cx, obj);
XPCWrappedNative *wn = GetWrappedNative(wnObject);
if (NATIVE_HAS_FLAG(wn, WantGetProperty)) {
JSBool retval = true;
@ -120,7 +138,7 @@ holder_get(JSContext *cx, JSObject *obj, jsid id, jsval *vp)
static JSBool
holder_set(JSContext *cx, JSObject *obj, jsid id, jsval *vp)
{
JSObject *wnObject = GetWrappedNativeObjectFromHolder(obj);
JSObject *wnObject = GetWrappedNativeObjectFromHolder(cx, obj);
XPCWrappedNative *wn = GetWrappedNative(wnObject);
if (NATIVE_HAS_FLAG(wn, WantSetProperty)) {
JSBool retval = true;
@ -141,27 +159,29 @@ ResolveNativeProperty(JSContext *cx, JSObject *holder, jsid id, bool set, JSProp
desc->obj = NULL;
NS_ASSERTION(holder->getJSClass() == &HolderClass, "expected a native property holder object");
JSObject *wnObject = GetWrappedNativeObjectFromHolder(holder);
JSObject *wnObject = GetWrappedNativeObjectFromHolder(cx, holder);
XPCWrappedNative *wn = GetWrappedNative(wnObject);
// This will do verification and the method lookup for us.
XPCCallContext ccx(JS_CALLER, cx, holder, nsnull, id);
XPCCallContext ccx(JS_CALLER, cx, wnObject, nsnull, id);
// Run the resolve hook of the wrapped native.
JSBool retval = true;
JSObject *pobj = NULL;
uintN flags = cx->resolveFlags | (set ? JSRESOLVE_ASSIGNING : 0);
nsresult rv = wn->GetScriptableInfo()->GetCallback()->NewResolve(wn, cx, holder, id, flags,
&pobj, &retval);
if (NS_FAILED(rv)) {
if (retval) {
XPCThrower::Throw(rv, cx);
if (NATIVE_HAS_FLAG(wn, WantNewResolve)) {
JSBool retval = true;
JSObject *pobj = NULL;
uintN flags = cx->resolveFlags | (set ? JSRESOLVE_ASSIGNING : 0);
nsresult rv = wn->GetScriptableInfo()->GetCallback()->NewResolve(wn, cx, holder, id, flags,
&pobj, &retval);
if (NS_FAILED(rv)) {
if (retval) {
XPCThrower::Throw(rv, cx);
}
return false;
}
return false;
}
if (pobj) {
return JS_GetPropertyDescriptorById(cx, pobj, id, cx->resolveFlags, desc);
if (pobj) {
return JS_GetPropertyDescriptorById(cx, pobj, id, cx->resolveFlags, desc);
}
}
// There are no native numeric properties, so we can shortcut here. We will not
@ -174,9 +194,9 @@ ResolveNativeProperty(JSContext *cx, JSObject *holder, jsid id, bool set, JSProp
XPCNativeInterface *iface;
XPCNativeMember *member;
if (ccx.GetWrapper() != wn ||
!wn->IsValid() ||
!(iface = ccx.GetInterface()) ||
!(member = ccx.GetMember())) {
!wn->IsValid() ||
!(iface = ccx.GetInterface()) ||
!(member = ccx.GetMember())) {
/* Not found */
return true;
}
@ -233,12 +253,13 @@ static JSBool
holder_enumerate(JSContext *cx, JSObject *holder)
{
// Ask the native wrapper for all its ids
JSIdArray *ida = JS_Enumerate(cx, GetWrappedNativeObjectFromHolder(holder));
JSIdArray *ida = JS_Enumerate(cx, GetWrappedNativeObjectFromHolder(cx, holder));
if (!ida)
return false;
// Resolve the underlying native properties onto the holder object
jsid *idp = ida->vector;
size_t length = ida->length;
// Resolve the underlyign native properties onto the holder object
while (length-- > 0) {
JSPropertyDescriptor dummy;
if (!ResolveNativeProperty(cx, holder, *idp++, false, &dummy))
@ -259,7 +280,7 @@ wrappedJSObject_getter(JSContext *cx, JSObject *holder, jsid id, jsval *vp)
// If the caller intentionally waives the X-ray wrapper we usually
// apply for wrapped natives, use a special wrapper to make sure the
// membrane will not automatically apply an X-ray wrapper.
JSObject *wn = GetWrappedNativeObjectFromHolder(holder);
JSObject *wn = GetWrappedNativeObjectFromHolder(cx, holder);
JSObject *obj = JSWrapper::New(cx, wn, NULL, wn->getParent(), &WaiveXrayWrapperWrapper);
if (!obj)
return false;
@ -267,6 +288,22 @@ wrappedJSObject_getter(JSContext *cx, JSObject *holder, jsid id, jsval *vp)
return true;
}
template <typename Base>
bool
XrayWrapper<Base>::get(JSContext *cx, JSObject *wrapper, JSObject *receiver, jsid id,
js::Value *vp)
{
return JSProxyHandler::get(cx, wrapper, receiver, id, vp);
}
template <typename Base>
bool
XrayWrapper<Base>::set(JSContext *cx, JSObject *wrapper, JSObject *receiver, jsid id,
js::Value *vp)
{
return JSProxyHandler::set(cx, wrapper, receiver, id, vp);
}
template <typename Base>
bool
XrayWrapper<Base>::getPropertyDescriptor(JSContext *cx, JSObject *wrapper, jsid id, PropertyDescriptor *desc_in)
@ -313,6 +350,28 @@ XrayWrapper<Base>::hasOwn(JSContext *cx, JSObject *wrapper, jsid id, bool *bp)
return JSProxyHandler::hasOwn(cx, wrapper, id, bp);
}
template <typename Base>
JSObject *
XrayWrapper<Base>::createHolder(JSContext *cx,
JSObject *parent,
JSObject *wrappedNative)
{
JSObject *holder = JS_NewObjectWithGivenProto(cx, &HolderClass, nsnull, parent);
if (!holder)
return nsnull;
holder->setSlot(JSSLOT_WN_OBJ, ObjectValue(*wrappedNative));
return holder;
}
template <typename Base>
JSObject *
XrayWrapper<Base>::unwrapHolder(JSContext *cx, JSObject *holder)
{
NS_ASSERTION(holder->getJSClass() == &HolderClass, "bad holder");
return GetWrappedNativeObjectFromHolder(cx, holder);
}
#define SJOW XrayWrapper<JSCrossCompartmentWrapper>
#define XOSJOW XrayWrapper<CrossOriginWrapper>

Просмотреть файл

@ -53,6 +53,10 @@ class XrayWrapper : public Base {
XrayWrapper(uintN flags);
virtual ~XrayWrapper();
virtual bool get(JSContext *cx, JSObject *wrapper, JSObject *receiver, jsid id,
js::Value *vp);
virtual bool set(JSContext *cx, JSObject *wrapper, JSObject *receiver, jsid id,
js::Value *vp);
virtual bool getPropertyDescriptor(JSContext *cx, JSObject *wrapper, jsid id,
js::PropertyDescriptor *desc);
virtual bool getOwnPropertyDescriptor(JSContext *cx, JSObject *wrapper, jsid id,
@ -60,6 +64,9 @@ class XrayWrapper : public Base {
virtual bool has(JSContext *cx, JSObject *wrapper, jsid id, bool *bp);
virtual bool hasOwn(JSContext *cx, JSObject *wrapper, jsid id, bool *bp);
static JSObject *createHolder(JSContext *cx, JSObject *parent, JSObject *wrappedNative);
static JSObject *unwrapHolder(JSContext *cx, JSObject *holder);
static XrayWrapper singleton;
};