Bug 1345961 - Fixing an assertion about OriginAttribute comparison in PostMessage, r=tjr
authorAndrea Marchesini <amarchesini@mozilla.com>
Thu, 04 May 2017 15:42:42 +0200
changeset 572801 558841792eabd8a0c58d83272746b64b6171826d
parent 572800 8d3adabc1d0b725872c79dcd8d7d125a32c32d4a
child 572802 16f838f22efaf877617c659174dbbca2a8d19ded
push id57195
push userbmo:rbarker@mozilla.com
push dateThu, 04 May 2017 20:08:56 +0000
reviewerstjr
bugs1345961
milestone55.0a1
Bug 1345961 - Fixing an assertion about OriginAttribute comparison in PostMessage, r=tjr The OriginAttributes of the 2 windows must match but ignoring the FirstPartDomain isolation.
dom/base/PostMessageEvent.cpp
--- a/dom/base/PostMessageEvent.cpp
+++ b/dom/base/PostMessageEvent.cpp
@@ -101,28 +101,27 @@ PostMessageEvent::Run()
       return NS_OK;
 
     // Note: This is contrary to the spec with respect to file: URLs, which
     //       the spec groups into a single origin, but given we intentionally
     //       don't do that in other places it seems better to hold the line for
     //       now.  Long-term, we want HTML5 to address this so that we can
     //       be compliant while being safer.
     if (!targetPrin->Equals(mProvidedPrincipal)) {
+      MOZ_DIAGNOSTIC_ASSERT(ChromeUtils::IsOriginAttributesEqualIgnoringFPD(mProvidedPrincipal->OriginAttributesRef(),
+                                                                            targetPrin->OriginAttributesRef()),
+                            "Unexpected postMessage call to a window with mismatched "
+                            "origin attributes");
+
       nsAutoString providedOrigin, targetOrigin;
       nsresult rv = nsContentUtils::GetUTFOrigin(targetPrin, targetOrigin);
       NS_ENSURE_SUCCESS(rv, rv);
       rv = nsContentUtils::GetUTFOrigin(mProvidedPrincipal, providedOrigin);
       NS_ENSURE_SUCCESS(rv, rv);
 
-      MOZ_DIAGNOSTIC_ASSERT(providedOrigin != targetOrigin ||
-                            (mProvidedPrincipal->OriginAttributesRef() ==
-                              targetPrin->OriginAttributesRef()),
-                            "Unexpected postMessage call to a window with mismatched "
-                            "origin attributes");
-
       const char16_t* params[] = { providedOrigin.get(), targetOrigin.get() };
 
       nsContentUtils::ReportToConsole(nsIScriptError::errorFlag,
         NS_LITERAL_CSTRING("DOM Window"), sourceDocument,
         nsContentUtils::eDOM_PROPERTIES,
         "TargetPrincipalDoesNotMatch",
         params, ArrayLength(params));