Bug 1083060 - Only use the XOW policy for Window and Location. r=bz
--- a/js/xpconnect/wrappers/WrapperFactory.cpp
+++ b/js/xpconnect/wrappers/WrapperFactory.cpp
@@ -362,17 +362,17 @@ DEBUG_CheckUnwrapSafety(HandleObject obj
}
}
#else
#define DEBUG_CheckUnwrapSafety(obj, handler, origin, target) {}
#endif
static const Wrapper *
SelectWrapper(bool securityWrapper, bool wantXrays, XrayType xrayType,
- bool waiveXrays, bool originIsXBLScope)
+ bool waiveXrays, bool originIsXBLScope, JSObject *obj)
{
// Waived Xray uses a modified CCW that has transparent behavior but
// transitively waives Xrays on arguments.
if (waiveXrays) {
MOZ_ASSERT(!securityWrapper);
return &WaiveXrayWrapper::singleton;
}
@@ -393,29 +393,29 @@ SelectWrapper(bool securityWrapper, bool
return &PermissiveXrayDOM::singleton;
else if (xrayType == XrayForJSObject)
return &PermissiveXrayJS::singleton;
MOZ_ASSERT(xrayType == XrayForOpaqueObject);
return &PermissiveXrayOpaque::singleton;
}
// This is a security wrapper. Use the security versions and filter.
- if (xrayType == XrayForDOMObject)
+ if (xrayType == XrayForDOMObject && IdentifyCrossOriginObject(obj) != CrossOriginOpaque)
return &FilteringWrapper<CrossOriginXrayWrapper,
CrossOriginAccessiblePropertiesOnly>::singleton;
// There's never any reason to expose other objects to non-subsuming actors.
// Just use an opaque wrapper in these cases.
//
// In general, we don't want opaque function wrappers to be callable.
// But in the case of XBL, we rely on content being able to invoke
// functions exposed from the XBL scope. We could remove this exception,
// if needed, by using ExportFunction to generate the content-side
// representations of XBL methods.
- if (originIsXBLScope)
+ if (xrayType == XrayForJSObject && originIsXBLScope)
return &FilteringWrapper<CrossCompartmentSecurityWrapper, OpaqueWithCall>::singleton;
return &FilteringWrapper<CrossCompartmentSecurityWrapper, Opaque>::singleton;
}
static const Wrapper *
SelectAddonWrapper(JSContext *cx, HandleObject obj, const Wrapper *wrapper)
{
JSAddonId *originAddon = JS::AddonIdOfObject(obj);
@@ -520,17 +520,17 @@ WrapperFactory::Rewrap(JSContext *cx, Ha
// wrappers.
bool waiveXrays = wantXrays && !securityWrapper && HasWaiveXrayFlag(obj);
// We have slightly different behavior for the case when the object
// being wrapped is in an XBL scope.
bool originIsContentXBLScope = IsContentXBLScope(origin);
wrapper = SelectWrapper(securityWrapper, wantXrays, xrayType, waiveXrays,
- originIsContentXBLScope);
+ originIsContentXBLScope, obj);
// If we want to apply add-on interposition in the target compartment,
// then we try to "upgrade" the wrapper to an interposing one.
if (CompartmentPrivate::Get(target)->scope->HasInterposition())
wrapper = SelectAddonWrapper(cx, obj, wrapper);
}
if (!targetSubsumesOrigin) {