Bug 1566678. Handle attempts to setImmutablePrototype on a WindowProxy more gracefully. r=jandem
authorBoris Zbarsky <bzbarsky@mit.edu>
Fri, 19 Jul 2019 08:14:14 +0000
changeset 483497 37fd68a3d10d0ec85350177152ab9af8425f0d3c
parent 483496 bb821df559211ad7eb5f0e6d23b06ebac554d6ff
child 483498 d57c700859fbd63684386e0bf063331460753bc4
push id90420
push userbzbarsky@mozilla.com
push dateFri, 19 Jul 2019 13:05:10 +0000
treeherderautoland@37fd68a3d10d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjandem
bugs1566678
milestone70.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1566678. Handle attempts to setImmutablePrototype on a WindowProxy more gracefully. r=jandem Differential Revision: https://phabricator.services.mozilla.com/D38555
dom/base/MaybeCrossOriginObject.cpp
dom/base/MaybeCrossOriginObject.h
--- a/dom/base/MaybeCrossOriginObject.cpp
+++ b/dom/base/MaybeCrossOriginObject.cpp
@@ -394,16 +394,24 @@ bool MaybeCrossOriginObject<Base>::getPr
     JSContext* cx, JS::Handle<JSObject*> proxy, bool* isOrdinary,
     JS::MutableHandle<JSObject*> protop) const {
   // We have a custom [[GetPrototypeOf]]
   *isOrdinary = false;
   return true;
 }
 
 template <typename Base>
+bool MaybeCrossOriginObject<Base>::setImmutablePrototype(
+    JSContext* cx, JS::Handle<JSObject*> proxy, bool* succeeded) const {
+  // We just want to disallow this.
+  *succeeded = false;
+  return true;
+}
+
+template <typename Base>
 bool MaybeCrossOriginObject<Base>::isExtensible(JSContext* cx,
                                                 JS::Handle<JSObject*> proxy,
                                                 bool* extensible) const {
   // We never allow [[PreventExtensions]] to succeed.
   *extensible = true;
   return true;
 }
 
--- a/dom/base/MaybeCrossOriginObject.h
+++ b/dom/base/MaybeCrossOriginObject.h
@@ -196,25 +196,29 @@ class MaybeCrossOriginObject : public Ba
    * "proto" is the new prototype object (possibly null).  It must be
    * same-compartment with "cx".
    */
   bool setPrototype(JSContext* cx, JS::Handle<JSObject*> proxy,
                     JS::Handle<JSObject*> proto,
                     JS::ObjectOpResult& result) const final;
 
   /**
-   * Our non-standard getPrototypeIfOrdinary hook.  We don't need to implement
-   * setImmutablePrototype, because the default behavior of not allowing it is
-   * fine for us.
+   * Our non-standard getPrototypeIfOrdinary hook.
    */
   bool getPrototypeIfOrdinary(JSContext* cx, JS::Handle<JSObject*> proxy,
                               bool* isOrdinary,
                               JS::MutableHandle<JSObject*> protop) const final;
 
   /**
+   * Our non-standard setImmutablePrototype hook.
+   */
+  bool setImmutablePrototype(JSContext* cx, JS::Handle<JSObject*> proxy,
+                             bool* succeeded) const final;
+
+  /**
    * Implementation of [[IsExtensible]] as defined in
    * <https://html.spec.whatwg.org/multipage/window-object.html#windowproxy-isextensible>
    * and
    * <https://html.spec.whatwg.org/multipage/history.html#location-isextensible>.
    */
   bool isExtensible(JSContext* cx, JS::Handle<JSObject*> proxy,
                     bool* extensible) const final;