Bug 916644 - Disable invoking WebIDL constructors without |new| unless you have the system principal. r=bz

dom/bindings/Codegen.py

@@ -1177,11 +1177,18 @@ class CGClassConstructor(CGAbstractStaticMethod):
   JS::CallArgs args = JS::CallArgsFromVp(argc, vp);
   JS::Rooted<JSObject*> obj(cx, &args.callee());
 """
+        # [ChromeOnly] interfaces may only be constructed by chrome.
+        # Additionally, we want to throw if a non-chrome caller does a bareword invocation of a
+        # constructor without |new|. We don't enforce this for chrome to avoid the addon compat
+        # fallout of making that change. See bug 916644.
         if isChromeOnly(self._ctor):
-            preamble += """  if (!nsContentUtils::ThreadsafeIsCallerChrome()) {
+            mayInvokeCtor = "nsContentUtils::ThreadsafeIsCallerChrome()"
+        else:
+            mayInvokeCtor = "(args.isConstructing() || nsContentUtils::ThreadsafeIsCallerChrome())"
+        preamble += """  if (!%s) {
     return ThrowingConstructor(cx, argc, vp);
   }
-"""
+""" % mayInvokeCtor
         name = self._ctor.identifier.name
         nativeName = MakeNativeName(self.descriptor.binaryNames.get(name, name))
         callGenerator = CGMethodCall(nativeName, True, self.descriptor,

dom/tests/mochitest/bugs/test_bug370098.html

@@ -24,10 +24,9 @@ function test_constructor(dom_proto, shouldthrow) {
     } catch (e) {
         threw = true;
     }
-    if (shouldthrow)
-      ok(threw, "Calling |" + dom_proto + "()| should throw");
-    else
-      todo(threw, "Calling |" + dom_proto + "()| should throw");
+    // XSLTProcessor is still on the old bindings.
+    if (dom_proto != 'XSLTProcessor')
+      ok(threw, "Calling |" + dom_proto + "()| should always throw");
 
     threw = false;
     try {