Bug 899367 - Have nsGlobalWindow go through nsJSContext to access the outer. r=mccr8

2024-09-13 09:24:08 -07:00 · 2013-08-27 15:21:39 -07:00 · 2013-08-27 15:21:39 -07:00 · 0fcb9a74eb
commit 0fcb9a74eb
parent f4dd8b2c3e
4 changed files with 28 additions and 10 deletions
--- a/dom/base/nsGlobalWindow.cpp
+++ b/dom/base/nsGlobalWindow.cpp
@ -2048,8 +2048,9 @@ nsGlobalWindow::SetOuterObject(JSContext* aCx, JS::Handle<JSObject*> aOuterObjec
 {
  JSAutoCompartment ac(aCx, aOuterObject);

-  // Indicate the default compartment object associated with this cx.
-  js::SetDefaultObjectForContext(aCx, aOuterObject);
+  // Inform the nsJSContext, which is the canonical holder of the outer.
+  MOZ_ASSERT(IsOuterWindow());
+  mContext->SetWindowProxy(aOuterObject);

  // Set up the prototype for the outer object.
  JS::Rooted<JSObject*> inner(aCx, JS_GetParent(aOuterObject));
@ -2445,11 +2446,7 @@ nsGlobalWindow::SetNewDocument(nsIDocument* aDocument,
        newInnerWindow->FastGetGlobalJSObject());
 #endif

-    // Now that we're connecting the outer global to the inner one,
-    // we must have transplanted it. The JS engine tries to maintain
-    // the global object's compartment as its default compartment,
-    // so update that now since it might have changed.
-    js::SetDefaultObjectForContext(cx, mJSObject);
+    MOZ_ASSERT(mContext->GetWindowProxy() == mJSObject);
 #ifdef DEBUG
    JS::Rooted<JSObject*> rootedJSObject(cx, mJSObject);
    JS::Rooted<JSObject*> proto1(cx), proto2(cx);
--- a/dom/base/nsIScriptContext.h
+++ b/dom/base/nsIScriptContext.h
@ -27,8 +27,8 @@ class nsIDOMWindow;
 class nsIURI;

 #define NS_ISCRIPTCONTEXT_IID \
-{ 0x1d931a17, 0x453a, 0x47fb, \
-  { 0x94, 0x66, 0x2d, 0x3e, 0xd1, 0xef, 0x7a, 0xc5 } }
+{ 0x03c0874e, 0xcb49, 0x41c8, \
+  { 0xa3, 0x0b, 0xef, 0x3e, 0xc1, 0x88, 0xb1, 0x1f } }

 /* This MUST match JSVERSION_DEFAULT.  This version stuff if we don't
   know what language we have is a little silly... */
@ -165,6 +165,12 @@ public:
   * Tell the context we're done reinitializing it.
   */
  virtual void DidInitializeContext() = 0;
+
+  /**
+   * Access the Window Proxy. The setter should only be called by nsGlobalWindow.
+   */
+  virtual void SetWindowProxy(JS::Handle<JSObject*> aWindowProxy) = 0;
+  virtual JSObject* GetWindowProxy() = 0;
 };

 NS_DEFINE_STATIC_IID_ACCESSOR(nsIScriptContext, NS_ISCRIPTCONTEXT_IID)
--- a/dom/base/nsJSEnvironment.cpp
+++ b/dom/base/nsJSEnvironment.cpp
@ -1137,7 +1137,7 @@ nsJSContext::GetGlobalObject()
 JSObject*
 nsJSContext::GetNativeGlobal()
 {
-    return js::DefaultObjectForContextOrNull(mContext);
+    return GetWindowProxy();
 }

 JSContext*
@ -2581,6 +2581,18 @@ nsJSContext::ReportPendingException()
  }
 }

+void
+nsJSContext::SetWindowProxy(JS::Handle<JSObject*> aWindowProxy)
+{
+  js::SetDefaultObjectForContext(mContext, aWindowProxy);
+}
+
+JSObject*
+nsJSContext::GetWindowProxy()
+{
+  return xpc_UnmarkGrayObject(js::DefaultObjectForContextOrNull(mContext));
+}
+
 void
 nsJSContext::LikelyShortLivingObjectCreated()
 {
--- a/dom/base/nsJSEnvironment.h
+++ b/dom/base/nsJSEnvironment.h
@ -80,6 +80,9 @@ public:
  virtual void WillInitializeContext() MOZ_OVERRIDE;
  virtual void DidInitializeContext() MOZ_OVERRIDE;

+  virtual void SetWindowProxy(JS::Handle<JSObject*> aWindowProxy) MOZ_OVERRIDE;
+  virtual JSObject* GetWindowProxy() MOZ_OVERRIDE;
+
  static void LoadStart();
  static void LoadEnd();