mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 655649 - Use Subsumes Rather than Equals in XPConnect wrapper computation. r=mrbkap
Now that we have nsExpandedPrincipal, the current way of doing things is wrong. For some reason, the old document.domain hackery was hiding the failures here.
This commit is contained in:
parent
32d74402a9
commit
63851e7543
@ -32,8 +32,9 @@ GetCompartmentPrincipal(JSCompartment *compartment)
|
||||
return nsJSPrincipals::get(JS_GetCompartmentPrincipals(compartment));
|
||||
}
|
||||
|
||||
// Does the principal of compartment a subsume the principal of compartment b?
|
||||
bool
|
||||
AccessCheck::isSameOrigin(JSCompartment *a, JSCompartment *b)
|
||||
AccessCheck::subsumes(JSCompartment *a, JSCompartment *b)
|
||||
{
|
||||
nsIPrincipal *aprin = GetCompartmentPrincipal(a);
|
||||
nsIPrincipal *bprin = GetCompartmentPrincipal(b);
|
||||
@ -44,14 +45,11 @@ AccessCheck::isSameOrigin(JSCompartment *a, JSCompartment *b)
|
||||
if (!aprin || !bprin)
|
||||
return true;
|
||||
|
||||
bool equals;
|
||||
nsresult rv = aprin->EqualsIgnoringDomain(bprin, &equals);
|
||||
if (NS_FAILED(rv)) {
|
||||
NS_ERROR("unable to ask about equality");
|
||||
return false;
|
||||
}
|
||||
bool subsumes;
|
||||
nsresult rv = aprin->SubsumesIgnoringDomain(bprin, &subsumes);
|
||||
NS_ENSURE_SUCCESS(rv, false);
|
||||
|
||||
return equals;
|
||||
return subsumes;
|
||||
}
|
||||
|
||||
bool
|
||||
@ -77,8 +75,8 @@ AccessCheck::isLocationObjectSameOrigin(JSContext *cx, JSObject *wrapper)
|
||||
|
||||
// Which lets us compare the current compartment against the old one.
|
||||
return obj &&
|
||||
(isSameOrigin(js::GetObjectCompartment(wrapper),
|
||||
js::GetObjectCompartment(obj)) ||
|
||||
(subsumes(js::GetObjectCompartment(wrapper),
|
||||
js::GetObjectCompartment(obj)) ||
|
||||
documentDomainMakesSameOrigin(cx, obj));
|
||||
}
|
||||
|
||||
|
@ -15,7 +15,7 @@ namespace xpc {
|
||||
|
||||
class AccessCheck {
|
||||
public:
|
||||
static bool isSameOrigin(JSCompartment *a, JSCompartment *b);
|
||||
static bool subsumes(JSCompartment *a, JSCompartment *b);
|
||||
static bool isChrome(JSCompartment *compartment);
|
||||
static bool callerIsChrome();
|
||||
static nsIPrincipal *getPrincipal(JSCompartment *compartment);
|
||||
|
@ -368,7 +368,7 @@ WrapperFactory::Rewrap(JSContext *cx, JSObject *obj, JSObject *wrappedProto, JSO
|
||||
wrapper = &FilteringWrapper<CrossCompartmentSecurityWrapper,
|
||||
ExposedPropertiesOnly>::singleton;
|
||||
}
|
||||
} else if (AccessCheck::isSameOrigin(origin, target)) {
|
||||
} else if (AccessCheck::subsumes(target, origin)) {
|
||||
// For the same-origin case we use a transparent wrapper, unless one
|
||||
// of the following is true:
|
||||
// * The object is flagged as needing a SOW.
|
||||
|
Loading…
Reference in New Issue
Block a user