mozilla-inbound: changeset 125824:c5ad6568024ddf6f05564db733f43037f16486df

author	Bobby Holley <bobbyholley@gmail.com>
	Thu, 21 Mar 2013 09:33:34 -0700
changeset 125824	c5ad6568024ddf6f05564db733f43037f16486df
parent 125823	dc052939828763df406f53df40edf877238d468f
child 125825	fddb99719062766fc910716465e3b957d5e9a63b
push id	25109
push user	ryanvm@gmail.com
push date	Thu, 21 Mar 2013 19:52:05 +0000
treeherder	mozilla-inbound@a83cbe4e0576 [default view] [failures only]
perfherder	[talos] [build metrics] [platform microbench] (compared to previous push)
reviewers	bz
bugs	844783
milestone	22.0a1
first release with	nightly linux32 3825fdbcec62 / 22.0a1 / 20130323031040 / files nightly linux64 3825fdbcec62 / 22.0a1 / 20130323031040 / files nightly mac 3825fdbcec62 / 22.0a1 / 20130323031040 / files nightly win32 3825fdbcec62 / 22.0a1 / 20130323031040 / files nightly win64 3825fdbcec62 / 22.0a1 / 20130323031040 / files
last release without	nightly linux32 a73a2b5c423b / 22.0a1 / 20130321090706 / files nightly linux64 a73a2b5c423b / 22.0a1 / 20130321090706 / files nightly mac a73a2b5c423b / 22.0a1 / 20130321090706 / files nightly win32 a73a2b5c423b / 22.0a1 / 20130321090706 / files nightly win64 a73a2b5c423b / 22.0a1 / 20130321090706 / files

--- a/build/automation.py.in
+++ b/build/automation.py.in
@@ -543,16 +543,24 @@ user_pref("extensions.getAddons.search.u
 user_pref("plugins.update.url", "http://%(server)s/plugins-dummy/updateCheckURL");
 
 // Existing tests don't wait for the notification button security delay
 user_pref("security.notification_enable_delay", 0);
 
 // Make enablePrivilege continue to work for test code. :-(
 user_pref("security.turn_off_all_security_so_that_viruses_can_take_over_this_computer", true);
 
+// In the default configuration, we bypass XBL scopes (a security feature) for
+// domains whitelisted for remote XUL, so that intranet apps and such continue
+// to work without major rewrites. However, we also use the whitelist mechanism
+// to run our XBL tests in automation, in which case we really want to be testing
+// the configuration that we ship to users without special whitelisting. So we
+// use an additional pref here to allow automation to use the "normal" behavior.
+user_pref("dom.use_xbl_scopes_for_remote_xul", true);
+
 // Get network events.
 user_pref("network.activity.blipIntervalMilliseconds", 250);
 
 // Don't allow the Data Reporting service to prompt for policy acceptance.
 user_pref("datareporting.policy.dataSubmissionPolicyBypassAcceptance", true);
 
 // Point Firefox Health Report at a local server. We don't care if it actually
 // works. It just can't hit the default production endpoint.

--- a/js/xpconnect/src/XPCWrappedNativeScope.cpp
+++ b/js/xpconnect/src/XPCWrappedNativeScope.cpp
@@ -5,16 +5,17 @@
 
 /* Class used to manage the wrapped native objects within a JS scope. */
 
 #include "xpcprivate.h"
 #include "XPCWrapper.h"
 #include "jsproxy.h"
 #include "nsContentUtils.h"
 #include "nsPrincipal.h"
+#include "mozilla/Preferences.h"
 
 #include "mozilla/dom/BindingUtils.h"
 
 using namespace mozilla;
 using namespace xpc;
 
 /***************************************************************************/
 
@@ -124,27 +125,32 @@ XPCWrappedNativeScope::XPCWrappedNativeS
     DEBUG_TrackNewScope(this);
     MOZ_COUNT_CTOR(XPCWrappedNativeScope);
 
     // Attach ourselves to the compartment private.
     CompartmentPrivate *priv = EnsureCompartmentPrivate(aGlobal);
     priv->scope = this;
 
     // Determine whether to use an XBL scope or not.
+    nsIPrincipal *principal = GetPrincipal();
     mUseXBLScope = XPCJSRuntime::Get()->XBLScopesEnabled();
     if (mUseXBLScope) {
       js::Class *clasp = js::GetObjectClass(mGlobalJSObject);
       mUseXBLScope = !strcmp(clasp->name, "Window") ||
                      !strcmp(clasp->name, "ChromeWindow") ||
                      !strcmp(clasp->name, "ModalContentWindow");
     }
     if (mUseXBLScope) {
-      nsIPrincipal *principal = GetPrincipal();
       mUseXBLScope = principal && !nsContentUtils::IsSystemPrincipal(principal);
     }
+    if (mUseXBLScope) {
+      mUseXBLScope = !nsContentUtils::AllowXULXBLForPrincipal(principal) ||
+                      Preferences::GetBool("dom.use_xbl_scopes_for_remote_xul",
+                                           false);
+    }
 }
 
 // static
 JSBool
 XPCWrappedNativeScope::IsDyingScope(XPCWrappedNativeScope *scope)
 {
     for (XPCWrappedNativeScope *cur = gDyingScopes; cur; cur = cur->mNext) {
         if (scope == cur)

--- a/layout/tools/reftest/reftest-cmdline.js
+++ b/layout/tools/reftest/reftest-cmdline.js
@@ -71,16 +71,17 @@ RefTestCmdLineHandler.prototype =
      * setDefaultPrefs().  These are duplicated there so we can have a 
      * restartless addon for reftest on native Android.
      *
      * FIXME: These should be in only one place. 
      */
     var prefs = Components.classes["@mozilla.org/preferences-service;1"].
                 getService(Components.interfaces.nsIPrefService);
     var branch = prefs.getDefaultBranch("");
+    branch.setBoolPref("dom.use_xbl_scopes_for_remote_xul", true);
     branch.setBoolPref("gfx.color_management.force_srgb", true);
     branch.setBoolPref("browser.dom.window.dump.enabled", true);
     branch.setIntPref("ui.caretBlinkTime", -1);
     branch.setBoolPref("dom.send_after_paint_to_content", true);
     // no slow script dialogs
     branch.setIntPref("dom.max_script_run_time", 0);
     branch.setIntPref("dom.max_chrome_script_run_time", 0);
     branch.setIntPref("hangmonitor.timeout", 0);

build/automation.py.in		file \| annotate \| diff \| comparison \| revisions
js/xpconnect/src/XPCWrappedNativeScope.cpp		file \| annotate \| diff \| comparison \| revisions
layout/tools/reftest/reftest-cmdline.js		file \| annotate \| diff \| comparison \| revisions