Bug 397828: Make window.document and document.open no longer be allAccess
authorjonas@sicking.cc
Sat, 01 Dec 2007 10:24:24 -0800
changeset 8527 0f78f3fe7b53d04b2ff4ba0bc1c56a4cf59e3b71
parent 8526 2ecd6f59355b4a757fc738339d6c4a55e95431d9
child 8528 53e4a483777c8abb8ad59aa887890e8b4ae0171d
push id1
push userbsmedberg@mozilla.com
push dateThu, 20 Mar 2008 16:49:24 +0000
treeherderautoland@61007906a1f8 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
bugs397828
milestone1.9b2pre
Bug 397828: Make window.document and document.open no longer be allAccess
content/html/document/src/nsHTMLDocument.cpp
modules/libpref/src/init/all.js
--- a/content/html/document/src/nsHTMLDocument.cpp
+++ b/content/html/document/src/nsHTMLDocument.cpp
@@ -2055,28 +2055,18 @@ nsHTMLDocument::OpenCommon(const nsACStr
   nsresult rv = NS_OK;
 
   // If we already have a parser we ignore the document.open call.
   if (mParser) {
 
     return NS_OK;
   }
 
-  if (!nsContentUtils::CanCallerAccess(static_cast<nsIDOMHTMLDocument*>(this))) {
-    nsPIDOMWindow *win = GetWindow();
-    if (win) {
-      nsCOMPtr<nsIDOMElement> frameElement;
-      rv = win->GetFrameElement(getter_AddRefs(frameElement));
-      NS_ENSURE_SUCCESS(rv, rv);
-
-      if (frameElement && !nsContentUtils::CanCallerAccess(frameElement)) {
-        return NS_ERROR_DOM_SECURITY_ERR;
-      }
-    }
-  }
+  NS_ASSERTION(nsContentUtils::CanCallerAccess(static_cast<nsIDOMHTMLDocument*>(this)),
+               "XOWs should have caught this!");
 
   if (!aContentType.EqualsLiteral("text/html") &&
       !aContentType.EqualsLiteral("text/plain")) {
     NS_WARNING("Unsupported type; fix the caller");
     return NS_ERROR_DOM_NOT_SUPPORTED_ERR;
   }
 
   // check whether we're in the middle of unload.  If so, ignore this call.
--- a/modules/libpref/src/init/all.js
+++ b/modules/libpref/src/init/all.js
@@ -297,30 +297,27 @@ pref("capability.policy.default.History.
 pref("capability.policy.default.History.current", "UniversalBrowserRead");
 pref("capability.policy.default.History.forward.get", "allAccess");
 pref("capability.policy.default.History.go.get", "allAccess");
 pref("capability.policy.default.History.item", "UniversalBrowserRead");
 pref("capability.policy.default.History.next", "UniversalBrowserRead");
 pref("capability.policy.default.History.previous", "UniversalBrowserRead");
 pref("capability.policy.default.History.toString", "UniversalBrowserRead");
 
-pref("capability.policy.default.HTMLDocument.open.get", "allAccess");
-
 pref("capability.policy.default.Location.hash.set", "allAccess");
 pref("capability.policy.default.Location.href.set", "allAccess");
 pref("capability.policy.default.Location.replace.get", "allAccess");
 
 pref("capability.policy.default.Navigator.preference", "allAccess");
 pref("capability.policy.default.Navigator.preferenceinternal.get", "UniversalPreferencesRead");
 pref("capability.policy.default.Navigator.preferenceinternal.set", "UniversalPreferencesWrite");
 
 pref("capability.policy.default.Window.blur.get", "allAccess");
 pref("capability.policy.default.Window.close.get", "allAccess");
 pref("capability.policy.default.Window.closed.get", "allAccess");
-pref("capability.policy.default.Window.document.get", "allAccess");
 pref("capability.policy.default.Window.focus.get", "allAccess");
 pref("capability.policy.default.Window.frames.get", "allAccess");
 pref("capability.policy.default.Window.history.get", "allAccess");
 pref("capability.policy.default.Window.length.get", "allAccess");
 pref("capability.policy.default.Window.location", "allAccess");
 pref("capability.policy.default.Window.opener.get", "allAccess");
 pref("capability.policy.default.Window.parent.get", "allAccess");
 pref("capability.policy.default.Window.self.get", "allAccess");