disable_enablePriv draft
authorMasatoshi Kimura <VYV03354@nifty.ne.jp>
Sat, 03 Jun 2017 11:07:06 +0900
changeset 588741 f40f800da9f2eacf92b50a4c58430e1a0d9f387d
parent 588740 8e358a4dd026a2ea6906444988a2597fbe181b69
child 588742 d0a2717cf89600136b92e5b34f976d2830f3baad
push id62137
push userVYV03354@nifty.ne.jp
push dateSun, 04 Jun 2017 10:29:03 +0000
milestone55.0a1
disable_enablePriv MozReview-Commit-ID: 5aMTkc6V6tp
dom/base/nsGlobalWindow.cpp
--- a/dom/base/nsGlobalWindow.cpp
+++ b/dom/base/nsGlobalWindow.cpp
@@ -2764,31 +2764,17 @@ InitializeLegacyNetscapeObject(JSContext
   // Note: MathJax depends on window.netscape being exposed. See bug 791526.
   JS::Rooted<JSObject*> obj(aCx);
   obj = JS_DefineObject(aCx, aGlobal, "netscape", nullptr);
   NS_ENSURE_TRUE(obj, false);
 
   obj = JS_DefineObject(aCx, obj, "security", nullptr);
   NS_ENSURE_TRUE(obj, false);
 
-  // We hide enablePrivilege behind a pref because it has been altered in a
-  // way that makes it fundamentally insecure to use in production. Mozilla
-  // uses this pref during automated testing to support legacy test code that
-  // uses enablePrivilege. If you're not doing test automation, you _must_ not
-  // flip this pref, or you will be exposing all your users to security
-  // vulnerabilities.
-  if (!xpc::IsInAutomation()) {
-    return true;
-  }
-
-  /* Define PrivilegeManager object with the necessary "static" methods. */
-  obj = JS_DefineObject(aCx, obj, "PrivilegeManager", nullptr);
-  NS_ENSURE_TRUE(obj, false);
-
-  return JS_DefineFunctions(aCx, obj, EnablePrivilegeSpec);
+  return true;
 }
 
 bool
 nsGlobalWindow::ComputeIsSecureContext(nsIDocument* aDocument, SecureContextFlags aFlags)
 {
   MOZ_ASSERT(IsOuterWindow());
 
   nsCOMPtr<nsIPrincipal> principal = aDocument->NodePrincipal();