author | Bobby Holley <bobbyholley@gmail.com> |
Fri, 17 Oct 2014 16:17:03 +0200 | |
changeset 210883 | ba0373a2af17c17e65456136dd8d2f03aea2fabd |
parent 210882 | 78f725c6441db73e22b886040a0782f11478bbe0 |
child 210884 | a483e89f4b2197fe44cd689c87048246088d6fe4 |
push id | 50589 |
push user | bobbyholley@gmail.com |
push date | Fri, 17 Oct 2014 14:17:32 +0000 |
treeherder | mozilla-inbound@ba0373a2af17 [default view] [failures only] |
perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
reviewers | bz |
bugs | 1083060 |
milestone | 36.0a1 |
first release with | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
--- a/js/xpconnect/wrappers/WrapperFactory.cpp +++ b/js/xpconnect/wrappers/WrapperFactory.cpp @@ -362,17 +362,17 @@ DEBUG_CheckUnwrapSafety(HandleObject obj } } #else #define DEBUG_CheckUnwrapSafety(obj, handler, origin, target) {} #endif static const Wrapper * SelectWrapper(bool securityWrapper, bool wantXrays, XrayType xrayType, - bool waiveXrays, bool originIsXBLScope) + bool waiveXrays, bool originIsXBLScope, JSObject *obj) { // Waived Xray uses a modified CCW that has transparent behavior but // transitively waives Xrays on arguments. if (waiveXrays) { MOZ_ASSERT(!securityWrapper); return &WaiveXrayWrapper::singleton; } @@ -393,29 +393,29 @@ SelectWrapper(bool securityWrapper, bool return &PermissiveXrayDOM::singleton; else if (xrayType == XrayForJSObject) return &PermissiveXrayJS::singleton; MOZ_ASSERT(xrayType == XrayForOpaqueObject); return &PermissiveXrayOpaque::singleton; } // This is a security wrapper. Use the security versions and filter. - if (xrayType == XrayForDOMObject) + if (xrayType == XrayForDOMObject && IdentifyCrossOriginObject(obj) != CrossOriginOpaque) return &FilteringWrapper<CrossOriginXrayWrapper, CrossOriginAccessiblePropertiesOnly>::singleton; // There's never any reason to expose other objects to non-subsuming actors. // Just use an opaque wrapper in these cases. // // In general, we don't want opaque function wrappers to be callable. // But in the case of XBL, we rely on content being able to invoke // functions exposed from the XBL scope. We could remove this exception, // if needed, by using ExportFunction to generate the content-side // representations of XBL methods. - if (originIsXBLScope) + if (xrayType == XrayForJSObject && originIsXBLScope) return &FilteringWrapper<CrossCompartmentSecurityWrapper, OpaqueWithCall>::singleton; return &FilteringWrapper<CrossCompartmentSecurityWrapper, Opaque>::singleton; } static const Wrapper * SelectAddonWrapper(JSContext *cx, HandleObject obj, const Wrapper *wrapper) { JSAddonId *originAddon = JS::AddonIdOfObject(obj); @@ -520,17 +520,17 @@ WrapperFactory::Rewrap(JSContext *cx, Ha // wrappers. bool waiveXrays = wantXrays && !securityWrapper && HasWaiveXrayFlag(obj); // We have slightly different behavior for the case when the object // being wrapped is in an XBL scope. bool originIsContentXBLScope = IsContentXBLScope(origin); wrapper = SelectWrapper(securityWrapper, wantXrays, xrayType, waiveXrays, - originIsContentXBLScope); + originIsContentXBLScope, obj); // If we want to apply add-on interposition in the target compartment, // then we try to "upgrade" the wrapper to an interposing one. if (CompartmentPrivate::Get(target)->scope->HasInterposition()) wrapper = SelectAddonWrapper(cx, obj, wrapper); } if (!targetSubsumesOrigin) {