wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 754202 - Pull subject principals directly off the compartment. r=mrbkap

Browse Source 
It would be nice to check these principals against the principals acquired
using the old mechanism. Unfortunately, they often differ. Because CAPS uses
JS stack frames, any time we enter a compartment and do an operation (even
throwing an Access-Denied exception) without running any JS code, we'll end
up with a different principal.

Our security story is pretty darn tied to compartments at this point, so let's
just pull the trigger.
This commit is contained in:
Bobby Holley 2012-06-07 14:28:21 +02:00
parent a8f4d0e303
commit 14f7c293ba
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
caps/src/nsScriptSecurityManager.cpp
View File

@ -2364,9 +2364,15 @@ nsIPrincipal*
nsScriptSecurityManager::GetSubjectPrincipal(JSContext *cx,
nsresult* rv)
{
NS_PRECONDITION(rv, "Null out param");
JSStackFrame *fp;
return GetPrincipalAndFrame(cx, &fp, rv);
*rv = NS_OK;
JSCompartment *compartment = js::GetContextCompartment(cx);
// The context should always be in a compartment, either one it has entered
// or the one associated with its global.
MOZ_ASSERT(!!compartment);
JSPrincipals *principals = JS_GetCompartmentPrincipals(compartment);
return nsJSPrincipals::get(principals);
}
NS_IMETHODIMP