mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 944407 - Allow scripts for an XBL binding if and only if the XBL document comes from a scriptable domain. r=bz
This commit is contained in:
parent
2320f5f132
commit
3b4dfe688e
@ -1082,28 +1082,7 @@ nsXBLBinding::DoInitJSClass(JSContext *cx, JS::Handle<JSObject*> global,
|
|||||||
bool
|
bool
|
||||||
nsXBLBinding::AllowScripts()
|
nsXBLBinding::AllowScripts()
|
||||||
{
|
{
|
||||||
if (!mPrototypeBinding->GetAllowScripts())
|
return mPrototypeBinding->GetAllowScripts();
|
||||||
return false;
|
|
||||||
|
|
||||||
// Nasty hack. Use the JSContext of the bound node, since the
|
|
||||||
// security manager API expects to get the docshell type from
|
|
||||||
// that. But use the nsIPrincipal of our document.
|
|
||||||
nsIScriptSecurityManager* mgr = nsContentUtils::GetSecurityManager();
|
|
||||||
if (!mgr) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
nsIDocument* doc = mBoundElement ? mBoundElement->OwnerDoc() : nullptr;
|
|
||||||
if (!doc) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
nsCOMPtr<nsIScriptGlobalObject> global = do_QueryInterface(doc->GetInnerWindow());
|
|
||||||
if (!global || !global->GetGlobalJSObject()) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
return mgr->ScriptAllowed(global->GetGlobalJSObject());
|
|
||||||
}
|
}
|
||||||
|
|
||||||
nsXBLBinding*
|
nsXBLBinding*
|
||||||
|
@ -141,7 +141,7 @@ public:
|
|||||||
JS::MutableHandle<JSObject*> aClassObject,
|
JS::MutableHandle<JSObject*> aClassObject,
|
||||||
bool* aNew);
|
bool* aNew);
|
||||||
|
|
||||||
bool AllowScripts(); // XXX make const
|
bool AllowScripts();
|
||||||
|
|
||||||
mozilla::dom::XBLChildrenElement* FindInsertionPointFor(nsIContent* aChild);
|
mozilla::dom::XBLChildrenElement* FindInsertionPointFor(nsIContent* aChild);
|
||||||
|
|
||||||
|
@ -403,6 +403,24 @@ nsXBLDocumentInfo::nsXBLDocumentInfo(nsIDocument* aDocument)
|
|||||||
mScriptAccess = allow;
|
mScriptAccess = allow;
|
||||||
}
|
}
|
||||||
mIsChrome = true;
|
mIsChrome = true;
|
||||||
|
} else {
|
||||||
|
// If this binding isn't running with system principal, then it's running
|
||||||
|
// from a remote-XUL whitelisted domain. This is already a not-really-
|
||||||
|
// supported configuration (among other things, we don't use XBL scopes in
|
||||||
|
// that configuration for compatibility reasons). But we should still at
|
||||||
|
// least make an effort to prevent binding code from running if content
|
||||||
|
// script is disabled or if the source domain is blacklisted (since the
|
||||||
|
// source domain for remote XBL must always be the same as the source domain
|
||||||
|
// of the bound content).
|
||||||
|
//
|
||||||
|
// If we just ask the binding document if script is enabled, it will
|
||||||
|
// discover that it has no inner window, and return false. So instead, we
|
||||||
|
// short-circuit the normal compartment-managed script-disabling machinery,
|
||||||
|
// and query the policy for the URI directly.
|
||||||
|
bool allow;
|
||||||
|
nsIScriptSecurityManager* ssm = nsContentUtils::GetSecurityManager();
|
||||||
|
nsresult rv = ssm->PolicyAllowsScript(uri, &allow);
|
||||||
|
mScriptAccess = NS_SUCCEEDED(rv) && allow;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -27,7 +27,7 @@ public:
|
|||||||
already_AddRefed<nsIDocument> GetDocument()
|
already_AddRefed<nsIDocument> GetDocument()
|
||||||
{ nsCOMPtr<nsIDocument> copy = mDocument; return copy.forget(); }
|
{ nsCOMPtr<nsIDocument> copy = mDocument; return copy.forget(); }
|
||||||
|
|
||||||
bool GetScriptAccess() { return mScriptAccess; }
|
bool GetScriptAccess() const { return mScriptAccess; }
|
||||||
|
|
||||||
nsIURI* DocumentURI() { return mDocument->GetDocumentURI(); }
|
nsIURI* DocumentURI() { return mDocument->GetDocumentURI(); }
|
||||||
|
|
||||||
|
@ -214,7 +214,7 @@ nsXBLPrototypeBinding::SetBindingElement(nsIContent* aElement)
|
|||||||
}
|
}
|
||||||
|
|
||||||
bool
|
bool
|
||||||
nsXBLPrototypeBinding::GetAllowScripts()
|
nsXBLPrototypeBinding::GetAllowScripts() const
|
||||||
{
|
{
|
||||||
return mXBLDocInfoWeak->GetScriptAccess();
|
return mXBLDocInfoWeak->GetScriptAccess();
|
||||||
}
|
}
|
||||||
|
@ -48,7 +48,7 @@ public:
|
|||||||
// binding URIs.
|
// binding URIs.
|
||||||
bool CompareBindingURI(nsIURI* aURI) const;
|
bool CompareBindingURI(nsIURI* aURI) const;
|
||||||
|
|
||||||
bool GetAllowScripts();
|
bool GetAllowScripts() const;
|
||||||
|
|
||||||
nsresult BindingAttached(nsIContent* aBoundElement);
|
nsresult BindingAttached(nsIContent* aBoundElement);
|
||||||
nsresult BindingDetached(nsIContent* aBoundElement);
|
nsresult BindingDetached(nsIContent* aBoundElement);
|
||||||
|
Loading…
Reference in New Issue
Block a user