Bug 1083060 - Only use the XOW policy for Window and Location. r=bz
authorBobby Holley <bobbyholley@gmail.com>
Fri, 17 Oct 2014 16:17:03 +0200
changeset 210883 ba0373a2af17c17e65456136dd8d2f03aea2fabd
parent 210882 78f725c6441db73e22b886040a0782f11478bbe0
child 210884 a483e89f4b2197fe44cd689c87048246088d6fe4
push id50589
push userbobbyholley@gmail.com
push dateFri, 17 Oct 2014 14:17:32 +0000
treeherdermozilla-inbound@ba0373a2af17 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbz
bugs1083060
milestone36.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1083060 - Only use the XOW policy for Window and Location. r=bz
js/xpconnect/wrappers/WrapperFactory.cpp
--- a/js/xpconnect/wrappers/WrapperFactory.cpp
+++ b/js/xpconnect/wrappers/WrapperFactory.cpp
@@ -362,17 +362,17 @@ DEBUG_CheckUnwrapSafety(HandleObject obj
     }
 }
 #else
 #define DEBUG_CheckUnwrapSafety(obj, handler, origin, target) {}
 #endif
 
 static const Wrapper *
 SelectWrapper(bool securityWrapper, bool wantXrays, XrayType xrayType,
-              bool waiveXrays, bool originIsXBLScope)
+              bool waiveXrays, bool originIsXBLScope, JSObject *obj)
 {
     // Waived Xray uses a modified CCW that has transparent behavior but
     // transitively waives Xrays on arguments.
     if (waiveXrays) {
         MOZ_ASSERT(!securityWrapper);
         return &WaiveXrayWrapper::singleton;
     }
 
@@ -393,29 +393,29 @@ SelectWrapper(bool securityWrapper, bool
             return &PermissiveXrayDOM::singleton;
         else if (xrayType == XrayForJSObject)
             return &PermissiveXrayJS::singleton;
         MOZ_ASSERT(xrayType == XrayForOpaqueObject);
         return &PermissiveXrayOpaque::singleton;
     }
 
     // This is a security wrapper. Use the security versions and filter.
-    if (xrayType == XrayForDOMObject)
+    if (xrayType == XrayForDOMObject && IdentifyCrossOriginObject(obj) != CrossOriginOpaque)
         return &FilteringWrapper<CrossOriginXrayWrapper,
                                  CrossOriginAccessiblePropertiesOnly>::singleton;
 
     // There's never any reason to expose other objects to non-subsuming actors.
     // Just use an opaque wrapper in these cases.
     //
     // In general, we don't want opaque function wrappers to be callable.
     // But in the case of XBL, we rely on content being able to invoke
     // functions exposed from the XBL scope. We could remove this exception,
     // if needed, by using ExportFunction to generate the content-side
     // representations of XBL methods.
-    if (originIsXBLScope)
+    if (xrayType == XrayForJSObject && originIsXBLScope)
         return &FilteringWrapper<CrossCompartmentSecurityWrapper, OpaqueWithCall>::singleton;
     return &FilteringWrapper<CrossCompartmentSecurityWrapper, Opaque>::singleton;
 }
 
 static const Wrapper *
 SelectAddonWrapper(JSContext *cx, HandleObject obj, const Wrapper *wrapper)
 {
     JSAddonId *originAddon = JS::AddonIdOfObject(obj);
@@ -520,17 +520,17 @@ WrapperFactory::Rewrap(JSContext *cx, Ha
         // wrappers.
         bool waiveXrays = wantXrays && !securityWrapper && HasWaiveXrayFlag(obj);
 
         // We have slightly different behavior for the case when the object
         // being wrapped is in an XBL scope.
         bool originIsContentXBLScope = IsContentXBLScope(origin);
 
         wrapper = SelectWrapper(securityWrapper, wantXrays, xrayType, waiveXrays,
-                                originIsContentXBLScope);
+                                originIsContentXBLScope, obj);
 
         // If we want to apply add-on interposition in the target compartment,
         // then we try to "upgrade" the wrapper to an interposing one.
         if (CompartmentPrivate::Get(target)->scope->HasInterposition())
             wrapper = SelectAddonWrapper(cx, obj, wrapper);
     }
 
     if (!targetSubsumesOrigin) {