Bug 1048968 - Don't use e10s shims when add-on contains unprivileged content (r=bholley)
authorBill McCloskey <wmccloskey@mozilla.com>
Mon, 29 Sep 2014 13:05:22 -0700
changeset 207795 f165c7e561c66ded2c14bff641f6d0bb09c3c9ef
parent 207794 c75006465a93c7d0f3dd97033e7f006318f5cdae
child 207796 af6565f01cf176ee11a667d0b2f205b1246bd26f
push id27568
push usercbook@mozilla.com
push dateTue, 30 Sep 2014 13:03:13 +0000
treeherdermozilla-central@4475aa556e69 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbholley
bugs1048968
milestone35.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1048968 - Don't use e10s shims when add-on contains unprivileged content (r=bholley)
js/xpconnect/src/XPCWrappedNativeScope.cpp
--- a/js/xpconnect/src/XPCWrappedNativeScope.cpp
+++ b/js/xpconnect/src/XPCWrappedNativeScope.cpp
@@ -374,16 +374,22 @@ xpc::GetAddonScope(JSContext *cx, JS::Ha
     MOZ_RELEASE_ASSERT(!IsInAddonScope(contentScope));
 
     if (!addonId || !CompartmentPerAddon()) {
         return js::GetGlobalForObjectCrossCompartment(contentScope);
     }
 
     JSAutoCompartment ac(cx, contentScope);
     XPCWrappedNativeScope *nativeScope = CompartmentPrivate::Get(contentScope)->scope;
+    if (nativeScope->GetPrincipal() != nsXPConnect::SystemPrincipal()) {
+        // This can happen if, for example, Jetpack loads an unprivileged HTML
+        // page from the add-on. It's not clear what to do there, so we just use
+        // the normal global.
+        return js::GetGlobalForObjectCrossCompartment(contentScope);
+    }
     JSObject *scope = nativeScope->EnsureAddonScope(cx, addonId);
     NS_ENSURE_TRUE(scope, nullptr);
 
     scope = js::UncheckedUnwrap(scope);
     JS::ExposeObjectToActiveJS(scope);
     return scope;
 }