Bug 912322 - Stop making XBL methods available to the web. r=bz

2024-09-13 09:24:08 -07:00 · 2013-09-06 09:12:56 -07:00 · 2013-09-06 09:12:56 -07:00 · 0d8272ce2d
commit 0d8272ce2d
parent 0fcc3886ab
3 changed files with 40 additions and 1 deletions
--- a/dom/webidl/Document.webidl
+++ b/dom/webidl/Document.webidl
@ -277,11 +277,14 @@ partial interface Document {
 partial interface Document {
  // nsIDOMDocumentXBL.  Wish we could make these [ChromeOnly], but
  // that would likely break bindings running with the page principal.
+  [Func="IsChromeOrXBL"]
  NodeList? getAnonymousNodes(Element elt);
+  [Func="IsChromeOrXBL"]
  Element? getAnonymousElementByAttribute(Element elt, DOMString attrName,
                                          DOMString attrValue);
+  [Func="IsChromeOrXBL"]
  Element? getBindingParent(Node node);
-  [Throws]
+  [Throws, Func="IsChromeOrXBL"]
  void loadBindingDocument(DOMString documentURL);

  // nsIDOMDocumentTouch
--- a/js/xpconnect/tests/mochitest/Makefile.in
+++ b/js/xpconnect/tests/mochitest/Makefile.in
@ -87,6 +87,7 @@ MOCHITEST_FILES =	chrome_wrappers_helper.html \
 		test_bug865260.html \
 		test_bug870423.html \
 		test_bug871887.html \
+		test_bug912322.html \
 		file_crosscompartment_weakmap.html \
 		test_crosscompartment_weakmap.html \
 		test_asmjs.html \
--- a/js/xpconnect/tests/mochitest/test_bug912322.html
+++ b/js/xpconnect/tests/mochitest/test_bug912322.html
@ -0,0 +1,35 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=912322
+-->
+<head>
+  <meta charset="utf-8">
+  <title>Test for Bug 912322</title>
+  <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+  <script type="application/javascript">
+
+  /** Test that XBL functions aren't exposed to the web. **/
+  funs = ['getAnonymousNodes', 'getAnonymousElementByAttribute',
+          'getBindingParent', 'loadBindingDocument'];
+  for (var f of funs) {
+    ok(!(f in document), f + " should not be available to content");
+    ok(f in SpecialPowers.wrap(document), f + " should be available to chrome via Xray");
+  }
+
+
+
+
+  </script>
+</head>
+<body>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=912322">Mozilla Bug 912322</a>
+<p id="display"></p>
+<div id="content" style="display: none">
+
+</div>
+<pre id="test">
+</pre>
+</body>
+</html>