mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 751858 - Actually throw when we deny access. r=bholley
This commit is contained in:
parent
aec24cbe16
commit
f14f44ff14
@ -455,12 +455,10 @@ ExposedPropertiesOnly::check(JSContext *cx, JSObject *wrapper, jsid id, Wrapper:
|
||||
perm = PermitObjectAccess;
|
||||
return true;
|
||||
}
|
||||
if (act == Wrapper::PUNCTURE) {
|
||||
perm = DenyAccess;
|
||||
return false;
|
||||
}
|
||||
|
||||
perm = DenyAccess;
|
||||
if (act == Wrapper::PUNCTURE)
|
||||
return PermitIfUniversalXPConnect(cx, id, act, perm); // Deny
|
||||
|
||||
jsid exposedPropsId = GetRTIdByIndex(cx, XPCJSRuntime::IDX_EXPOSEDPROPS);
|
||||
|
||||
|
@ -120,14 +120,13 @@ struct LocationPolicy : public Policy {
|
||||
perm = DenyAccess;
|
||||
|
||||
// Location object security is complicated enough. Don't allow punctures.
|
||||
if (act == js::Wrapper::PUNCTURE)
|
||||
return false;
|
||||
|
||||
if (AccessCheck::isCrossOriginAccessPermitted(cx, wrapper, id, act) ||
|
||||
AccessCheck::isLocationObjectSameOrigin(cx, wrapper)) {
|
||||
if (act != js::Wrapper::PUNCTURE &&
|
||||
(AccessCheck::isCrossOriginAccessPermitted(cx, wrapper, id, act) ||
|
||||
AccessCheck::isLocationObjectSameOrigin(cx, wrapper))) {
|
||||
perm = PermitPropertyAccess;
|
||||
return true;
|
||||
}
|
||||
|
||||
JSAutoEnterCompartment ac;
|
||||
if (!ac.enter(cx, wrapper))
|
||||
return false;
|
||||
|
Loading…
Reference in New Issue
Block a user