searching for reviewer(bholley)
eeca0e099b8a: Bug 1536689 - Make AssertValidDependentString asserts more fatal. r=bholley
Emilio Cobos Álvarez <emilio@crisal.io> - Wed, 20 Mar 2019 23:13:14 +0000 - rev 465316
Push 35736 by ncsoregi@mozilla.com at Thu, 21 Mar 2019 10:40:08 +0000
Bug 1536689 - Make AssertValidDependentString asserts more fatal. r=bholley We should catch these issues ASAP. This NS_ASSERTION also bit me in the past. Differential Revision: https://phabricator.services.mozilla.com/D24115
fd2b7f779973: Bug 1536466 - Fix nsTDependentString with non-null-terminated buffer assertion r=bholley
Barret Rennie <barret@brennie.ca> - Tue, 19 Mar 2019 23:51:22 +0000 - rev 465163
Push 35732 by opoprus@mozilla.com at Wed, 20 Mar 2019 10:52:37 +0000
Bug 1536466 - Fix nsTDependentString with non-null-terminated buffer assertion r=bholley `gecko_profiler_add_text_marker` was being passed a character pointer and a length to construct a `nsDependentCString`. However, these values were coming from a Rust `&str`, which is not null-terminated, causing an debug assertion to be hit (and possible memory safety issues if mishandle the string). We now construct an `nsDependentCSubstring` instead. Differential Revision: https://phabricator.services.mozilla.com/D24032
dadc02e71d59: Bug 1530146 part 2. Back out the fix for bug 1526624, since it's no longer needed. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Fri, 01 Mar 2019 00:19:53 +0000 - rev 461919
Push 35634 by rmaries@mozilla.com at Sat, 02 Mar 2019 09:26:10 +0000
Bug 1530146 part 2. Back out the fix for bug 1526624, since it's no longer needed. r=bholley Differential Revision: https://phabricator.services.mozilla.com/D21482
fe2cba661d5e: Bug 1530146 part 1. Switch XrayWaiver to always being same-realm with its target. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Fri, 01 Mar 2019 02:54:41 +0000 - rev 461918
Push 35634 by rmaries@mozilla.com at Sat, 02 Mar 2019 09:26:10 +0000
Bug 1530146 part 1. Switch XrayWaiver to always being same-realm with its target. r=bholley Differential Revision: https://phabricator.services.mozilla.com/D21481
e097bf9457c3: Bug 1512162 - Reenable stack protection for ppc64le in XPConnect. r=bholley
Cameron Kaiser <spectre@floodgap.com> - Wed, 27 Feb 2019 19:31:08 -0800 - rev 461914
Push 35631 by rgurzau@mozilla.com at Fri, 01 Mar 2019 13:06:03 +0000
Bug 1512162 - Reenable stack protection for ppc64le in XPConnect. r=bholley
8e58294baf24: Bug 1528383 - Allow getting 'wrappedJSObject' without the attribute being defined, r=bholley
Nika Layzell <nika@thelayzells.com> - Tue, 26 Feb 2019 21:19:11 +0000 - rev 461548
Push 35625 by csabou@mozilla.com at Thu, 28 Feb 2019 10:55:23 +0000
Bug 1528383 - Allow getting 'wrappedJSObject' without the attribute being defined, r=bholley Differential Revision: https://phabricator.services.mozilla.com/D20016
1b528e3cac94: Bug 1523843 part 2. Use a single compartment for same-origin Realms in a single page (toplevel load). r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Thu, 21 Feb 2019 22:56:30 +0000 - rev 460588
Push 35596 by rmaries@mozilla.com at Sat, 23 Feb 2019 04:13:22 +0000
Bug 1523843 part 2. Use a single compartment for same-origin Realms in a single page (toplevel load). r=bholley Differential Revision: https://phabricator.services.mozilla.com/D19799
9f776274089a: Bug 1515582. Remove the separate XBL scope setup. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Mon, 11 Feb 2019 21:51:47 +0000 - rev 458582
Push 35538 by btara@mozilla.com at Tue, 12 Feb 2019 05:25:24 +0000
Bug 1515582. Remove the separate XBL scope setup. r=bholley With these changes, XBL just runs in the window scope of whatever document it's attached to. Since (outside of tests and "remote XUL") we no longer attach XBL to web documents, this is fine. And "remote XUL" already ran without the XBL scope. Native anonymous content, which used to be placed in the XBL scope to hide it from the page, is now placed in the unprivileged junk scope, so it stays hidden from the page. dom/xbl/test/test_bug944407.xul is being removed because we are changing the behavior it's trying to test for. Since we now always put the XBL in the same scope as the page, script is enabled for the XBL if and only if it's enabled for the page. dom/base/test/test_bug419527.xhtml, dom/events/test/test_bug391568.xhtml, dom/xbl/test/test_bug1086996.xhtml are being switched to a chrome test because otherwise the XBL can't see the getAnonymousNodes method. All the XBL bits are being removed from test_interfaces because we no longer have a separate XBL scope to test the behavior of. js/xpconnect/tests/mochitest/test_nac.xhtml is being removed because XBL no longer has access to NAC unless the page it's attached to does too, so the test doesn't really make sense. layout/xul/test/test_bug1197913.xul is being switched to a chrome test because its XUL elements use bindings that rely on APIs that are not exposed to normal web content. layout/reftests/bugs/495385-2f.xhtml is being removed because I can't think of a sane way to test that in the new world, short of running the reftest as chrome. And it doesn't seem worthwhile to look for a way to do that. dom/xbl/test/test_bug1098628_throw_from_construct.xhtml now needs to expectUncaughtException(), because the exception is now being thrown in Window scope. dom/xbl/test/test_bug1359859.xhtml needs to expectUncaughtException() as needed and not use XPCNativeWrapper (which it doesn't need to anyway now). dom/xbl/test/test_bug389322.xhtml, dom/xbl/test/test_bug400705.xhtml, dom/xbl/test/test_bug401907.xhtml, dom/xbl/test/test_bug403162.xhtml, dom/xbl/test/test_bug526178.xhtml, dom/xbl/test/test_bug639338.xhtml don't need to use XPCNativeWrapper anymore. dom/xbl/test/test_bug821850.html is being removed because it exists only to test XBL scopes. dom/xbl/test/file_bug950909.xml is being changed to work without a separate XBL scope (though whether the test still makes sense at that point is a bit questionable). Differential Revision: https://phabricator.services.mozilla.com/D19260
6c7ae3e0b592: Bug 1526624. Fix Xray waivers to deal with multiple globals per compartment. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Mon, 11 Feb 2019 21:07:45 +0000 - rev 458578
Push 35538 by btara@mozilla.com at Tue, 12 Feb 2019 05:25:24 +0000
Bug 1526624. Fix Xray waivers to deal with multiple globals per compartment. r=bholley In the new setup, they are still same-compartment with their target, but may not be same-realm (due to transplants). We could make them be same-realm by adjusting FixWaiverAfterTransplant, but this is conceptually simpler. Differential Revision: https://phabricator.services.mozilla.com/D19261
ef4325327e46: Bug 1346759 - Use URI comparison for null principals instead of pointer comparison. r=ckerschb,bholley
Jonathan Kingston <jkt@mozilla.com> - Mon, 11 Feb 2019 18:03:12 +0000 - rev 458525
Push 35536 by btara@mozilla.com at Mon, 11 Feb 2019 21:54:04 +0000
Bug 1346759 - Use URI comparison for null principals instead of pointer comparison. r=ckerschb,bholley Differential Revision: https://phabricator.services.mozilla.com/D12154
6836ad129868: Bug 1525629. Move wrapper denial warning state to RealmPrivate. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Thu, 07 Feb 2019 00:26:40 +0000 - rev 457606
Push 35516 by rmaries@mozilla.com at Fri, 08 Feb 2019 04:23:26 +0000
Bug 1525629. Move wrapper denial warning state to RealmPrivate. r=bholley This is supposed to be per-global state, and we're planning to have multiple globals per compartment. Differential Revision: https://phabricator.services.mozilla.com/D18850
25b050d6d1e9: Bug 1514049. Remove xpc::GetCompartmentPrincipal. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Wed, 30 Jan 2019 19:16:12 +0000 - rev 457603
Push 35516 by rmaries@mozilla.com at Fri, 08 Feb 2019 04:23:26 +0000
Bug 1514049. Remove xpc::GetCompartmentPrincipal. r=bholley Differential Revision: https://phabricator.services.mozilla.com/D18035
54964c38d790: Bug 1514050 part 2. Stop recomputing cross-compartment wrappers on document.domain changes. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Wed, 30 Jan 2019 19:02:34 +0000 - rev 457602
Push 35516 by rmaries@mozilla.com at Fri, 08 Feb 2019 04:23:26 +0000
Bug 1514050 part 2. Stop recomputing cross-compartment wrappers on document.domain changes. r=bholley The change to test_clonewrapper.xul is because in the new setup we've already tried handing an object across origins via chrome code, so it has a cached (opaque) wrapper. When we set document.domain and pass the same object again, we end up picking up the cached wrapper when we try to wrap across the compartment boundary, so don't grant access when perhaps we should... This does lead to a possible spec violation in the following situation: 1) Two documents (A, B) start out same-site but different-origin. 2) Privileged code (system or extension) puts a reference to an object from site A into site B. This object gets an opaque CCW. 3) Both sites set document.domain to become same-effective-script-origin and then site B goes through the site A Window and the object graph hanging off it and gets to the object involved. It gets an opaque CCW when it should have a transparent CCW. We could fix this if we kept recomputing wrappers on document.domain change and just fixed the compartment filter used by the recomputation. But this seems like a pretty rare situation, and not one web sites can get into without an assist from a somewhat buggy extension or system code, so let's see whether we can just live with it and remove the recomputation. Differential Revision: https://phabricator.services.mozilla.com/D18032
97aaced3f817: Bug 1514050 part 1. Change the cross-compartment wrappers we use for web objects so we can avoid recomputing them when document.domain changes. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Fri, 01 Feb 2019 05:26:48 +0000 - rev 457601
Push 35516 by rmaries@mozilla.com at Fri, 08 Feb 2019 04:23:26 +0000
Bug 1514050 part 1. Change the cross-compartment wrappers we use for web objects so we can avoid recomputing them when document.domain changes. r=bholley We want to use a transparent CCW if there is any pair of globals, one from each compartment, which are, or have ever been, same origin-domain in the HTML spec sense. This is obviously required in the "are now same origin-domain" case, and in the "were same origin-domain" case it's required because there may be existing transparent CCWs between the compartments and we don't want them to become opaque due to a roundtrip through the compartment boundary. In practice, we need to consider two cases: 1) The two compartments started out same-origin. In this case the two CompartmentOriginInfos will have matching (in the Equals() sense) GetPrincipalIgnoringDocumentDomain(). They will also have matching SiteRef(), of course. 2) The two compartments started out different-origin but then at some point two globals in the compartments ended up same origin-domain. That requires that the two globals be same TLD+1 and have both set document.domain. So in this case the two CompartmentOriginInfos have matching SiteRef() and both test true for HasChangedDocumentDomain(). We only need to worry about this for web compartments, which means that we only need to worry about cases when security checks are symmetric (i.e. originSubsumesTarget == targetSubsumesOrigin) and neither compartment is forcing Xrays. Differential Revision: https://phabricator.services.mozilla.com/D18031
4abfd3bb9934: Bug 1471496 part 2. Change the way we do cross-compartment wrappers for Window and Location so they don't ever need to be recomputed. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Wed, 06 Feb 2019 14:53:48 +0000 - rev 457527
Push 35513 by opoprus@mozilla.com at Thu, 07 Feb 2019 09:46:04 +0000
Bug 1471496 part 2. Change the way we do cross-compartment wrappers for Window and Location so they don't ever need to be recomputed. r=bholley The end result we want is that on the web cross-compartment wrappers for WindowProxy and Location are always CrossOriginObjectWrapper. That needs to be true for both cases that are different-origin (as now) and cases that are same-origin, since they might become different-origin due to document.domain changes but we don't want that to affect the wrappers involved. On the web, all security checks are symmetric, so in WrapperFactory::Rewrap we would have originSubsumesTarget == targetSubsumesOrigin in all web cases. I claim that originSubsumesTarget == targetSubsumesOrigin && (!targetSubsumesOrigin || (!originCompartmentPrivate->wantXrays && !targetCompartmentPrivate->wantXrays)) && "object is a WindowProxy or Location" is a necessary and sufficient condition for using CrossOriginObjectWrapper. Comparing to our current code, if originSubsumesTarget and targetSubsumesOrigin are both false, then for the WindowProxy and Location cases we currently end up with the following arguments to SelectWrapper: securityWrapper: true xrayType: XrayForDOMObject waiveXrays: false So SelectWrapper ends up returning CrossOriginObjectWrapper, which the new condition keeps doing. If originSubsumesTarget and targetSubsumesOrigin are both true, then there are two cases. If both compartments have wantXrays false (which is always the case on the web), then we end up with the following arguments to SelectWrapper: securityWrapper: false xrayType: NotXray waiveXrays: false and SelectWrapper returns CrossCompartmentWrapper. We want to do CrossOriginObjectWrapper instead, as explained above. Finally, if originSubsumesTarget and targetSubsumesOrigin are both true but one of the compartments has wantXrays set, then we get: securityWrapper: false xrayType: XrayForDOMObject waiveXrays: might be true or false and then SelectWrapper might return a WaiveXrayWrapper or a PermissiveXrayDOM. In this case we do _not_ want to start returning CrossOriginObjectWrapper, and this is a non-web case anyway, since web compartments can't set wantXrays. Differential Revision: https://phabricator.services.mozilla.com/D18030
462cfc9e96dc: Bug 1471496 part 1. Fix IsPlatformObjectSameOrigin to do the right thing when we're doing first-party isolation but turning off its effects on scripted property access. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Wed, 06 Feb 2019 14:53:13 +0000 - rev 457526
Push 35513 by opoprus@mozilla.com at Thu, 07 Feb 2019 09:46:04 +0000
Bug 1471496 part 1. Fix IsPlatformObjectSameOrigin to do the right thing when we're doing first-party isolation but turning off its effects on scripted property access. r=bholley Differential Revision: https://phabricator.services.mozilla.com/D18029
00cdd5991ace: Bug 1471496 part 2. Change the way we do cross-compartment wrappers for Window and Location so they don't ever need to be recomputed. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Tue, 05 Feb 2019 18:06:18 +0000 - rev 457331
Push 35506 by opoprus@mozilla.com at Wed, 06 Feb 2019 09:47:29 +0000
Bug 1471496 part 2. Change the way we do cross-compartment wrappers for Window and Location so they don't ever need to be recomputed. r=bholley The end result we want is that on the web cross-compartment wrappers for WindowProxy and Location are always CrossOriginObjectWrapper. That needs to be true for both cases that are different-origin (as now) and cases that are same-origin, since they might become different-origin due to document.domain changes but we don't want that to affect the wrappers involved. On the web, all security checks are symmetric, so in WrapperFactory::Rewrap we would have originSubsumesTarget == targetSubsumesOrigin in all web cases. I claim that originSubsumesTarget == targetSubsumesOrigin && (!targetSubsumesOrigin || (!originCompartmentPrivate->wantXrays && !targetCompartmentPrivate->wantXrays)) && "object is a WindowProxy or Location" is a necessary and sufficient condition for using CrossOriginObjectWrapper. Comparing to our current code, if originSubsumesTarget and targetSubsumesOrigin are both false, then for the WindowProxy and Location cases we currently end up with the following arguments to SelectWrapper: securityWrapper: true xrayType: XrayForDOMObject waiveXrays: false So SelectWrapper ends up returning CrossOriginObjectWrapper, which the new condition keeps doing. If originSubsumesTarget and targetSubsumesOrigin are both true, then there are two cases. If both compartments have wantXrays false (which is always the case on the web), then we end up with the following arguments to SelectWrapper: securityWrapper: false xrayType: NotXray waiveXrays: false and SelectWrapper returns CrossCompartmentWrapper. We want to do CrossOriginObjectWrapper instead, as explained above. Finally, if originSubsumesTarget and targetSubsumesOrigin are both true but one of the compartments has wantXrays set, then we get: securityWrapper: false xrayType: XrayForDOMObject waiveXrays: might be true or false and then SelectWrapper might return a WaiveXrayWrapper or a PermissiveXrayDOM. In this case we do _not_ want to start returning CrossOriginObjectWrapper, and this is a non-web case anyway, since web compartments can't set wantXrays. Differential Revision: https://phabricator.services.mozilla.com/D18030
317151999412: Bug 1471496 part 1. Fix IsPlatformObjectSameOrigin to do the right thing when we're doing first-party isolation but turning off its effects on scripted property access. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Tue, 05 Feb 2019 18:46:15 +0000 - rev 457330
Push 35506 by opoprus@mozilla.com at Wed, 06 Feb 2019 09:47:29 +0000
Bug 1471496 part 1. Fix IsPlatformObjectSameOrigin to do the right thing when we're doing first-party isolation but turning off its effects on scripted property access. r=bholley Differential Revision: https://phabricator.services.mozilla.com/D18029
9658187a54fb: Bug 1471496 part 2. Change the way we do cross-compartment wrappers for Window and Location so they don't ever need to be recomputed. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Thu, 31 Jan 2019 15:56:22 +0000 - rev 456557
Push 35489 by rmaries@mozilla.com at Sat, 02 Feb 2019 21:36:03 +0000
Bug 1471496 part 2. Change the way we do cross-compartment wrappers for Window and Location so they don't ever need to be recomputed. r=bholley The end result we want is that on the web cross-compartment wrappers for WindowProxy and Location are always CrossOriginObjectWrapper. That needs to be true for both cases that are different-origin (as now) and cases that are same-origin, since they might become different-origin due to document.domain changes but we don't want that to affect the wrappers involved. On the web, all security checks are symmetric, so in WrapperFactory::Rewrap we would have originSubsumesTarget == targetSubsumesOrigin in all web cases. I claim that originSubsumesTarget == targetSubsumesOrigin && (!targetSubsumesOrigin || (!originCompartmentPrivate->wantXrays && !targetCompartmentPrivate->wantXrays)) && "object is a WindowProxy or Location" is a necessary and sufficient condition for using CrossOriginObjectWrapper. Comparing to our current code, if originSubsumesTarget and targetSubsumesOrigin are both false, then for the WindowProxy and Location cases we currently end up with the following arguments to SelectWrapper: securityWrapper: true xrayType: XrayForDOMObject waiveXrays: false So SelectWrapper ends up returning CrossOriginObjectWrapper, which the new condition keeps doing. If originSubsumesTarget and targetSubsumesOrigin are both true, then there are two cases. If both compartments have wantXrays false (which is always the case on the web), then we end up with the following arguments to SelectWrapper: securityWrapper: false xrayType: NotXray waiveXrays: false and SelectWrapper returns CrossCompartmentWrapper. We want to do CrossOriginObjectWrapper instead, as explained above. Finally, if originSubsumesTarget and targetSubsumesOrigin are both true but one of the compartments has wantXrays set, then we get: securityWrapper: false xrayType: XrayForDOMObject waiveXrays: might be true or false and then SelectWrapper might return a WaiveXrayWrapper or a PermissiveXrayDOM. In this case we do _not_ want to start returning CrossOriginObjectWrapper, and this is a non-web case anyway, since web compartments can't set wantXrays. Differential Revision: https://phabricator.services.mozilla.com/D18030
2ff333373fe4: Bug 1471496 part 1. Fix IsPlatformObjectSameOrigin to do the right thing when we're doing first-party isolation but turning off its effects on scripted property access. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Thu, 31 Jan 2019 15:53:24 +0000 - rev 456556
Push 35489 by rmaries@mozilla.com at Sat, 02 Feb 2019 21:36:03 +0000
Bug 1471496 part 1. Fix IsPlatformObjectSameOrigin to do the right thing when we're doing first-party isolation but turning off its effects on scripted property access. r=bholley Differential Revision: https://phabricator.services.mozilla.com/D18029
9474df714baf: Bug 1517055 - Revendor ANGLE mozilla/firefox-66. (1xN texture cherry-pick) r=bholley
Jeff Gilbert <jgilbert@mozilla.com> - Tue, 22 Jan 2019 11:45:51 -0800 - rev 454960
Push 35420 by archaeopteryx@coole-files.de at Wed, 23 Jan 2019 16:57:04 +0000
Bug 1517055 - Revendor ANGLE mozilla/firefox-66. (1xN texture cherry-pick) r=bholley Differential Revision: https://phabricator.services.mozilla.com/D17295
8c488b723dc7: Bug 1517055 - Update update-angle.py for newer ANGLE changes. r=bholley
Jeff Gilbert <jgilbert@mozilla.com> - Tue, 22 Jan 2019 11:21:28 -0800 - rev 454959
Push 35420 by archaeopteryx@coole-files.de at Wed, 23 Jan 2019 16:57:04 +0000
Bug 1517055 - Update update-angle.py for newer ANGLE changes. r=bholley Differential Revision: https://phabricator.services.mozilla.com/D17296
565a04cfb0e4: Bug 1160757. Make it clear that XrayWrapper::getPropertyDescriptor is unused. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Mon, 21 Jan 2019 03:34:29 +0000 - rev 454704
Push 35411 by csabou@mozilla.com at Tue, 22 Jan 2019 03:53:40 +0000
Bug 1160757. Make it clear that XrayWrapper::getPropertyDescriptor is unused. r=bholley Differential Revision: https://phabricator.services.mozilla.com/D15669
8c6fcfca6421: Bug 1363208 part 1. Add a MaybeWrapObject function that works on JSObject* instead of JS::Value. r=peterv,bholley
Boris Zbarsky <bzbarsky@mit.edu> - Mon, 21 Jan 2019 03:24:42 +0000 - rev 454643
Push 35409 by rmaries@mozilla.com at Mon, 21 Jan 2019 17:48:45 +0000
Bug 1363208 part 1. Add a MaybeWrapObject function that works on JSObject* instead of JS::Value. r=peterv,bholley Differential Revision: https://phabricator.services.mozilla.com/D15424
afb8c84c9677: Bug 1441308 - Add pref to disable texture cache clear r=bholley
Doug Thayer <dothayer@mozilla.com> - Thu, 10 Jan 2019 16:59:47 +0000 - rev 453302
Push 35352 by dvarga@mozilla.com at Fri, 11 Jan 2019 04:12:48 +0000
Bug 1441308 - Add pref to disable texture cache clear r=bholley To facilitate testing of document splitting before it is preffed on, I'm adding a pref to disable clearing the texture cache, since this will currently crash the browser with doc splitting on. Depends on D13840 Differential Revision: https://phabricator.services.mozilla.com/D13841
95537e83071a: Bug 1441308 - Make WR caches document-aware r=bholley
Doug Thayer <dothayer@mozilla.com> - Thu, 10 Jan 2019 16:59:06 +0000 - rev 453300
Push 35352 by dvarga@mozilla.com at Fri, 11 Jan 2019 04:12:48 +0000
Bug 1441308 - Make WR caches document-aware r=bholley This change makes the various WR caches segment their cached data by document, so that documents' data are not evicted out from underneath them. Differential Revision: https://phabricator.services.mozilla.com/D13343
4e654e9222bd: Bug 1518991 - Make nsIPrincipal URI getter infallible; r=bholley
Kyle Machulis <kyle@nonpolynomial.com> - Thu, 10 Jan 2019 05:44:33 +0000 - rev 453206
Push 35348 by opoprus@mozilla.com at Thu, 10 Jan 2019 09:38:54 +0000
Bug 1518991 - Make nsIPrincipal URI getter infallible; r=bholley nsIPrincipal::GetURI returns NS_OK for all implementations. Make it infallible so we can clean up status checks in C++ code that uses principals. Differential Revision: https://phabricator.services.mozilla.com/D16145
c5d46599eb99: Bug 1516237 - Fix FixWaiverAfterTransplant to nuke CCWs for oldWaiver in the new compartment. r=bholley
Jan de Mooij <jdemooij@mozilla.com> - Thu, 03 Jan 2019 09:04:02 +0000 - rev 452381
Push 35304 by dvarga@mozilla.com at Thu, 03 Jan 2019 16:24:35 +0000
Bug 1516237 - Fix FixWaiverAfterTransplant to nuke CCWs for oldWaiver in the new compartment. r=bholley This case can come up with same-compartment realms. Keeping these CCWs would confuse RemapWrapper because it'd be called with the CCW and target in the same compartment. Differential Revision: https://phabricator.services.mozilla.com/D15491
e6e4acbfd9cc: Bug 1515884: Remove unused XPCWrappedJS nsIPropertyBag implementation. r=bholley
Kris Maglione <maglione.k@gmail.com> - Fri, 21 Dec 2018 15:03:13 -0800 - rev 451876
Push 35267 by rmaries@mozilla.com at Mon, 24 Dec 2018 21:51:45 +0000
Bug 1515884: Remove unused XPCWrappedJS nsIPropertyBag implementation. r=bholley This helper code is currently unused, and presents a pretty significant footgun for any JS object which implements nsIPropertyBag itself. When those objects are first queried to nsIWritablePropertyBag, they behave as expected, returning the JS-implemented nsIPropertyBag methods. But when they're first queried to nsIPropertyBag, they use the XPCWrappedNative stubs, which don't behave as expected. Differential Revision: https://phabricator.services.mozilla.com/D15235
93ce93d1510d: Bug 1515590 part 4 - Don't call FixWaiverAfterTransplant if JS_TransplantObject didn't change object identity. r=bholley
Jan de Mooij <jdemooij@mozilla.com> - Fri, 21 Dec 2018 18:33:08 +0000 - rev 451848
Push 35264 by btara@mozilla.com at Sun, 23 Dec 2018 21:50:18 +0000
Bug 1515590 part 4 - Don't call FixWaiverAfterTransplant if JS_TransplantObject didn't change object identity. r=bholley Depends on D15093 Differential Revision: https://phabricator.services.mozilla.com/D15094
11d454511a09: Bug 1515590 part 2 - Fix test_bug1042436.xul to create the sandbox in a new compartment because Xray warning state is stored per compartment. r=bholley
Jan de Mooij <jdemooij@mozilla.com> - Fri, 21 Dec 2018 18:34:12 +0000 - rev 451846
Push 35264 by btara@mozilla.com at Sun, 23 Dec 2018 21:50:18 +0000
Bug 1515590 part 2 - Fix test_bug1042436.xul to create the sandbox in a new compartment because Xray warning state is stored per compartment. r=bholley Differential Revision: https://phabricator.services.mozilla.com/D15092
fca2da230042: Bug 1514261. Skip messing around with compartments in FunctionForwarder if the forwarder is already same-compartment with the underlying callee. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Sun, 16 Dec 2018 00:13:53 -0500 - rev 450862
Push 35215 by ncsoregi@mozilla.com at Sun, 16 Dec 2018 09:52:36 +0000
Bug 1514261. Skip messing around with compartments in FunctionForwarder if the forwarder is already same-compartment with the underlying callee. r=bholley
dd14a663cea2: Bug 1443429 - P2. Fix constness. r=bholley
Jean-Yves Avenard <jyavenard@mozilla.com> - Thu, 13 Dec 2018 20:05:00 +0000 - rev 450457
Push 35202 by btara@mozilla.com at Fri, 14 Dec 2018 05:43:22 +0000
Bug 1443429 - P2. Fix constness. r=bholley And minor C++ cleanup to keep the static analyser happy. Differential Revision: https://phabricator.services.mozilla.com/D12702
5c892a6147ae: Bug 1512162: Disable stack protection for a portion of XPConnect on ppc64le due to a compiler bug. r=bholley
Cameron Kaiser <spectre@floodgap.com> - Wed, 12 Dec 2018 18:52:08 -0800 - rev 450373
Push 35199 by ebalazs@mozilla.com at Thu, 13 Dec 2018 09:42:43 +0000
Bug 1512162: Disable stack protection for a portion of XPConnect on ppc64le due to a compiler bug. r=bholley
d3f7202b48cd: Bug 1511726 - Don't try to use shader disk cache if disabled. r=bholley
Jan Beich <jbeich@FreeBSD.org> - Tue, 04 Dec 2018 00:10:01 +0000 - rev 450130
Push 35190 by ccoroiu@mozilla.com at Wed, 12 Dec 2018 05:10:47 +0000
Bug 1511726 - Don't try to use shader disk cache if disabled. r=bholley
c50c098e40c4: Bug 1504660 - Implement Xrays for instanceof r=bholley
Rob Wu <rob@robwu.nl> - Sun, 02 Dec 2018 22:21:51 +0000 - rev 449175
Push 35148 by ebalazs@mozilla.com at Mon, 03 Dec 2018 09:29:15 +0000
Bug 1504660 - Implement Xrays for instanceof r=bholley Ensure that "a instanceof b" has Xray semantics, i.e. that when b is a XrayWrapper, that the wrapped object's getters, `Symbol.hasInstance` hook and proxy traps are not triggered. The toolkit/components/mozintl/test/test_mozintlhelper.js test was updated to explicitly waive Xrays, instead of relying on the previous behavior where Xrays were automatically waived. Depends on D11591 Depends on D11591 Differential Revision: https://phabricator.services.mozilla.com/D11592
c07309d939dd: Bug 1504660 - Move js::InstanceOfOperator to JS::InstanceofOperator r=bholley
Rob Wu <rob@robwu.nl> - Sun, 02 Dec 2018 22:21:48 +0000 - rev 449174
Push 35148 by ebalazs@mozilla.com at Mon, 03 Dec 2018 09:29:15 +0000
Bug 1504660 - Move js::InstanceOfOperator to JS::InstanceofOperator r=bholley There is currently no public API to call the 'instanceof' handler without triggering proxies. The public method, JS_HasInstance, may skip the default logic if a class has a non-null JSHasInstanceOp. (i.e. js/src/proxy/Proxy.cpp and js/src/ctypes/CTypes.cpp ). To serve the need of the next patch (which needs to trigger the instanceof logic without triggering the proxy), this patch publishes the js::InstanceofOperator method. JS::InstanceOfOperator is the new name, and the new capitalization matches the name of the abstract operation in the ES6 specification. Differential Revision: https://phabricator.services.mozilla.com/D11591
e52996e78762: Bug 1510490 - Follow-up to fix Btup build bustage. r=bholley
Kartikaya Gupta <kgupta@mozilla.com> - Sat, 01 Dec 2018 04:39:39 +0000 - rev 449099
Push 35143 by dvarga@mozilla.com at Sat, 01 Dec 2018 21:37:36 +0000
Bug 1510490 - Follow-up to fix Btup build bustage. r=bholley Differential Revision: https://phabricator.services.mozilla.com/D13604
bb3a3cc424cd: Bug 1286798 - Part 21: Base domain needs to be handled too if strict file origin policy is not in effect; r=bholley,asuth,dholbert
Jan Varga <jan.varga@gmail.com> - Thu, 29 Nov 2018 21:48:22 +0100 - rev 448803
Push 35128 by rmaries@mozilla.com at Fri, 30 Nov 2018 03:06:13 +0000
Bug 1286798 - Part 21: Base domain needs to be handled too if strict file origin policy is not in effect; r=bholley,asuth,dholbert
125f1466fe9d: Bug 1120371 - remove obsolete drawCustomFocusRing from Canvas2D. r=jrmuizel, r=bholley
Lee Salzman <lsalzman@mozilla.com> - Tue, 27 Nov 2018 15:57:54 -0500 - rev 448422
Push 35112 by csabou@mozilla.com at Wed, 28 Nov 2018 04:08:44 +0000
Bug 1120371 - remove obsolete drawCustomFocusRing from Canvas2D. r=jrmuizel, r=bholley
754cc91c9d3b: Bug 1505511 - Part 3: Support WeakMap and WeakSet in Xray. r=bholley
Tooru Fujisawa <arai_a@mac.com> - Tue, 20 Nov 2018 20:21:32 +0900 - rev 447217
Push 35072 by aiakab@mozilla.com at Tue, 20 Nov 2018 16:47:49 +0000
Bug 1505511 - Part 3: Support WeakMap and WeakSet in Xray. r=bholley
bd4cebdbed4b: Bug 1508147 - Re-remove unused CompartmentPrivate::isAddonCompartment, r=bholley
Timothy Guan-tin Chien <timdream@gmail.com> - Mon, 19 Nov 2018 18:46:57 +0000 - rev 447040
Push 35065 by rmaries@mozilla.com at Mon, 19 Nov 2018 21:56:32 +0000
Bug 1508147 - Re-remove unused CompartmentPrivate::isAddonCompartment, r=bholley It was removed in bug 1478275, but re-introduced because of a false rebase in bug 1431255. Differential Revision: https://phabricator.services.mozilla.com/D12331
8a8fbc85088e: Bug 1506861 - Stop accessing Proxy.prototype in XrayWrapper r=bholley
Rob Wu <rob@robwu.nl> - Thu, 15 Nov 2018 01:35:59 +0000 - rev 446561
Push 35043 by ebalazs@mozilla.com at Thu, 15 Nov 2018 16:12:36 +0000
Bug 1506861 - Stop accessing Proxy.prototype in XrayWrapper r=bholley Differential Revision: https://phabricator.services.mozilla.com/D11771
c64e836cd9ef: Bug 1506736. Don't try to Xray statics on JS builtin constructors that we don't normally support Xrays for. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Tue, 13 Nov 2018 21:19:01 +0000 - rev 446097
Push 35034 by ccoroiu@mozilla.com at Wed, 14 Nov 2018 09:49:38 +0000
Bug 1506736. Don't try to Xray statics on JS builtin constructors that we don't normally support Xrays for. r=bholley Differential Revision: https://phabricator.services.mozilla.com/D11764
8105dec7146e: Bug 1506492 - Report WebRender swap-chain memory usage. r=bholley
Matt Woodrow <mwoodrow@mozilla.com> - Tue, 13 Nov 2018 03:15:51 +0000 - rev 445983
Push 35031 by nerli@mozilla.com at Tue, 13 Nov 2018 16:25:26 +0000
Bug 1506492 - Report WebRender swap-chain memory usage. r=bholley Differential Revision: https://phabricator.services.mozilla.com/D11594
53412b7c8303: Bug 1503968 - set Watchdog thread stack size to at least platform minimal stack size. r=bholley
Dan Horák <dan@danny.cz> - Mon, 05 Nov 2018 00:51:00 +0200 - rev 445515
Push 35020 by shindli@mozilla.com at Sat, 10 Nov 2018 21:37:25 +0000
Bug 1503968 - set Watchdog thread stack size to at least platform minimal stack size. r=bholley
2ebceffd59bd: Bug 1505424 - Increase fuzz due to nondeterminism. r=bholley
Kartikaya Gupta <kgupta@mozilla.com> - Fri, 09 Nov 2018 16:37:43 +0000 - rev 445451
Push 35016 by rmaries@mozilla.com at Fri, 09 Nov 2018 21:48:23 +0000
Bug 1505424 - Increase fuzz due to nondeterminism. r=bholley Differential Revision: https://phabricator.services.mozilla.com/D11481
5a2f826c9f8d: Bug 1435827 part 6/9: ctypes tests no longer depend on successful file deletion r=bholley
Carl Corcoran <ccorcoran@mozilla.com> - Fri, 02 Nov 2018 07:40:14 +0000 - rev 444065
Push 34981 by aciure@mozilla.com at Fri, 02 Nov 2018 16:43:47 +0000
Bug 1435827 part 6/9: ctypes tests no longer depend on successful file deletion r=bholley These ctypes tests were failing if the file couldn't be deleted immediately after unloading from the process. These tests would fail if we are currently reading the loaded DLL for examination for trustworthiness. There is no way to prevent GetFileVersionInfo() or WinVerifyTrust() from locking the file, so a reasonable solution is to not consider this a failure condition for testing. Differential Revision: https://phabricator.services.mozilla.com/D6242
2fc7502a62b0: Bug 1501644 - Update test to check if content sees shimmed window.controllers in beta and release r=bholley
Sebastian Hengst <archaeopteryx@coole-files.de> - Fri, 26 Oct 2018 15:57:01 +0000 - rev 443151
Push 34942 by csabou@mozilla.com at Fri, 26 Oct 2018 21:55:19 +0000
Bug 1501644 - Update test to check if content sees shimmed window.controllers in beta and release r=bholley Differential Revision: https://phabricator.services.mozilla.com/D9896
90b73f4b4635: Bug 1497301 part 4. Simplify Location::CheckURL. r=bholley
Boris Zbarsky <bzbarsky@mit.edu> - Fri, 12 Oct 2018 11:07:18 -0400 - rev 441414
Push 34863 by ebalazs@mozilla.com at Tue, 16 Oct 2018 09:31:43 +0000
Bug 1497301 part 4. Simplify Location::CheckURL. r=bholley The main change is to just use the principal bindings pass us to do our CheckLoadURI check. If we do that, we don't have to care about the current JSContext.