Bug 1185360 - PostMessageEvent should not have a different behavior if the main principal subsumes the destination one., r=smaug

2024-09-13 09:24:08 -07:00 · 2015-07-22 17:01:55 +01:00 · 2015-07-22 17:01:55 +01:00 · 40ecfa670a
commit 40ecfa670a
parent fe3a563f9c
3 changed files with 5 additions and 12 deletions
--- a/dom/base/PostMessageEvent.cpp
+++ b/dom/base/PostMessageEvent.cpp
@ -26,7 +26,6 @@ namespace {
 struct StructuredCloneInfo
 {
  PostMessageEvent* event;
-  bool subsumes;
  nsPIDOMWindow* window;

  // This hashtable contains the transferred ports - used to avoid duplicates.
@ -117,7 +116,7 @@ PostMessageEvent::WriteStructuredClone(JSContext* cx,
  // See if this is a File/Blob object.
  {
    Blob* blob = nullptr;
-    if (scInfo->subsumes && NS_SUCCEEDED(UNWRAP_OBJECT(Blob, obj, blob))) {
+    if (NS_SUCCEEDED(UNWRAP_OBJECT(Blob, obj, blob))) {
      BlobImpl* blobImpl = blob->Impl();
      if (JS_WriteUint32Pair(writer, SCTAG_DOM_BLOB, 0) &&
          JS_WriteBytes(writer, &blobImpl, sizeof(blobImpl))) {
@ -135,7 +134,7 @@ PostMessageEvent::WriteStructuredClone(JSContext* cx,
    nsISupports* supports = wrappedNative->Native();

    nsCOMPtr<nsIDOMFileList> list = do_QueryInterface(supports);
-    if (list && scInfo->subsumes)
+    if (list)
      scTag = SCTAG_DOM_FILELIST;

    if (scTag)
@ -379,15 +378,13 @@ PostMessageEvent::Run()

 bool
 PostMessageEvent::Write(JSContext* aCx, JS::Handle<JS::Value> aMessage,
-                        JS::Handle<JS::Value> aTransfer, bool aSubsumes,
-                        nsPIDOMWindow* aWindow)
+                        JS::Handle<JS::Value> aTransfer, nsPIDOMWindow* aWindow)
 {
  // We *must* clone the data here, or the JS::Value could be modified
  // by script
  StructuredCloneInfo scInfo;
  scInfo.event = this;
  scInfo.window = aWindow;
-  scInfo.subsumes = aSubsumes;

  return mBuffer.write(aCx, aMessage, aTransfer, &sPostMessageCallbacks,
                       &scInfo);
--- a/dom/base/PostMessageEvent.h
+++ b/dom/base/PostMessageEvent.h
@ -39,8 +39,7 @@ public:
                   bool aTrustedCaller);

  bool Write(JSContext* aCx, JS::Handle<JS::Value> aMessage,
-             JS::Handle<JS::Value> aTransfer, bool aSubsumes,
-             nsPIDOMWindow* aWindow);
+             JS::Handle<JS::Value> aTransfer, nsPIDOMWindow* aWindow);

 private:
  ~PostMessageEvent();
--- a/dom/base/nsGlobalWindow.cpp
+++ b/dom/base/nsGlobalWindow.cpp
@ -8561,13 +8561,10 @@ nsGlobalWindow::PostMessageMozOuter(JSContext* aCx, JS::Handle<JS::Value> aMessa
                         providedPrincipal,
                         nsContentUtils::IsCallerChrome());

-  nsIPrincipal* principal = GetPrincipal();
  JS::Rooted<JS::Value> message(aCx, aMessage);
  JS::Rooted<JS::Value> transfer(aCx, aTransfer);
-  bool subsumes;

-  if (NS_FAILED(callerPrin->Subsumes(principal, &subsumes)) ||
-      !event->Write(aCx, message, transfer, subsumes, this)) {
+  if (!event->Write(aCx, message, transfer, this)) {
    aError.Throw(NS_ERROR_DOM_DATA_CLONE_ERR);
    return;
  }