Bug 986542 - Don't categorically disable script for detached docshells. r=bz
authorBobby Holley <bobbyholley@gmail.com>
Sun, 23 Mar 2014 12:54:18 -0300
changeset 174971 e15020347f1b484185ebd5014d6ece3873a6d3f0
parent 174970 0f161bf4f415e284d6143b764109fcb07e336235
child 174972 82b3e6f5e0ae5f2708f18f4a48a4b1cc4f0a3442
push id41397
push userbobbyholley@gmail.com
push dateSun, 23 Mar 2014 15:54:31 +0000
treeherdermozilla-inbound@e15020347f1b [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbz
bugs986542
milestone31.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 986542 - Don't categorically disable script for detached docshells. r=bz
docshell/base/nsDocShell.cpp
js/xpconnect/tests/mochitest/mochitest.ini
js/xpconnect/tests/mochitest/test_bug986542.html
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -2983,19 +2983,24 @@ nsDocShell::GetParentDocshell()
 void
 nsDocShell::RecomputeCanExecuteScripts()
 {
     bool old = mCanExecuteScripts;
     nsRefPtr<nsDocShell> parent = GetParentDocshell();
 
     // If we have no tree owner, that means that we've been detached from the
     // docshell tree (this is distinct from having no parent dochshell, which
-    // is the case for root docshells). In that case, don't allow script.
+    // is the case for root docshells). It would be nice to simply disallow
+    // script in detached docshells, but bug 986542 demonstrates that this
+    // behavior breaks at least one website.
+    //
+    // So instead, we use our previous value, unless mAllowJavascript has been
+    // explicitly set to false.
     if (!mTreeOwner) {
-        mCanExecuteScripts = false;
+        mCanExecuteScripts = mCanExecuteScripts && mAllowJavascript;
     // If scripting has been explicitly disabled on our docshell, we're done.
     } else if (!mAllowJavascript) {
         mCanExecuteScripts = false;
     // If we have a parent, inherit.
     } else if (parent) {
         mCanExecuteScripts = parent->mCanExecuteScripts;
     // Otherwise, we're the root of the tree, and we haven't explicitly disabled
     // script. Allow.
--- a/js/xpconnect/tests/mochitest/mochitest.ini
+++ b/js/xpconnect/tests/mochitest/mochitest.ini
@@ -83,15 +83,16 @@ support-files =
 [test_bug870423.html]
 [test_bug871887.html]
 [test_bug912322.html]
 [test_bug916945.html]
 [test_bug92773.html]
 [test_bug940783.html]
 [test_bug965082.html]
 [test_bug960820.html]
+[test_bug986542.html]
 [test_crosscompartment_weakmap.html]
 [test_frameWrapping.html]
 # The JS test component we use below is only available in debug builds.
 [test_getWebIDLCaller.html]
 skip-if = debug == false
 [test_nac.xhtml]
 [test_sameOriginPolicy.html]
new file mode 100644
--- /dev/null
+++ b/js/xpconnect/tests/mochitest/test_bug986542.html
@@ -0,0 +1,45 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=986542
+-->
+<head>
+  <meta charset="utf-8">
+  <title>Test for Bug 986542</title>
+  <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+  <script type="application/javascript">
+
+  /** Test for Bug 986542 **/
+  SimpleTest.waitForExplicitFinish();
+  addLoadEvent(function() {
+    var ifr = document.getElementById("ifr");
+    var doc = ifr.contentDocument;
+    var scr = doc.createElement("script");
+    scr.textContent = "function f() { onF(); }";
+    ifr.contentWindow.onF = function() {
+      ok(true, "Called event handler in detached window");
+      SimpleTest.finish();
+    }
+    doc.body.appendChild(scr);
+    var target = document.getElementById("target");
+    target.onclick = ifr.contentWindow.f;
+    ifr.parentNode.removeChild(ifr);
+    info("Removed frame from document. Waiting for event handler to be called.");
+    target.dispatchEvent(new MouseEvent('click'));
+  });
+
+  </script>
+</head>
+<body>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=986542">Mozilla Bug 986542</a>
+<p id="display"></p>
+<div id="content" style="display: none">
+
+</div>
+<div id="target"></div>
+<iframe id="ifr"></iframe>
+<pre id="test">
+</pre>
+</body>
+</html>