Bug 553102 - Make content-> access default to deny if __exposedProps__ is not defined. r=mrbkap
authorBobby Holley <bobbyholley@gmail.com>
Fri, 17 Aug 2012 23:14:55 -0700
changeset 105824 0f090cc7e9faf744a342c0746148df7e0792a567
parent 105823 2f210fb9f63cf58455b80341ab7b0b4f5ec47d7d
child 105825 9c48df21d74453daafabd9388e14c5b7d442a747
child 105828 68ecea83a7da0f7fdd358a0ed830fddb75f7945b
push id1989
push userakeybl@mozilla.com
push dateTue, 28 Aug 2012 00:20:43 +0000
treeherdermozilla-aurora@a8e95ae10ea7 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmrbkap
bugs553102
milestone17.0a1
Bug 553102 - Make content-> access default to deny if __exposedProps__ is not defined. r=mrbkap
content/base/public/nsDeprecatedOperationList.h
dom/locales/en-US/chrome/dom/dom.properties
js/xpconnect/tests/chrome/Makefile.in
js/xpconnect/tests/chrome/test_bug758563.xul
js/xpconnect/tests/chrome/test_cows.xul
js/xpconnect/tests/mochitest/Makefile.in
js/xpconnect/tests/mochitest/file_bug758563.html
js/xpconnect/wrappers/AccessCheck.cpp
--- a/content/base/public/nsDeprecatedOperationList.h
+++ b/content/base/public/nsDeprecatedOperationList.h
@@ -40,11 +40,10 @@ DEPRECATED_OPERATION(IsEqualNode)
 DEPRECATED_OPERATION(TextContent)
 DEPRECATED_OPERATION(EnablePrivilege)
 DEPRECATED_OPERATION(Position)
 DEPRECATED_OPERATION(TotalSize)
 DEPRECATED_OPERATION(InputEncoding)
 DEPRECATED_OPERATION(MozBeforePaint)
 DEPRECATED_OPERATION(MozBlobBuilder)
 DEPRECATED_OPERATION(DOMExceptionCode)
-DEPRECATED_OPERATION(NoExposedProps)
 DEPRECATED_OPERATION(MutationEvent)
 DEPRECATED_OPERATION(MozSlice)
--- a/dom/locales/en-US/chrome/dom/dom.properties
+++ b/dom/locales/en-US/chrome/dom/dom.properties
@@ -122,14 +122,12 @@ MediaLoadSourceMediaNotMatched=Specified
 # LOCALIZATION NOTE: %1$S is the MIME type HTTP header being sent by the web server, %2$S is the URL of the media resource which failed to load.
 MediaLoadUnsupportedMimeType=HTTP "Content-Type" of "%1$S" is not supported. Load of media resource %2$S failed.
 # LOCALIZATION NOTE: %S is the URL of the media resource which failed to load because of error in decoding.
 MediaLoadDecodeError=Media resource %S could not be decoded.
 # LOCALIZATION NOTE: Do not translate "MozBlobBuilder" and "Blob"
 MozBlobBuilderWarning=Use of MozBlobBuilder is deprecated. Use Blob constructor instead.
 # LOCALIZATION NOTE: Do not translate "DOMException", "code" and "name"
 DOMExceptionCodeWarning=Use of DOMException's code attribute is deprecated. Use name instead.
-# LOCALIZATION NOTE: Do not translate "__exposedProps__"
-NoExposedPropsWarning=Exposing chrome JS objects to content without __exposedProps__ is insecure and deprecated. See https://developer.mozilla.org/en/XPConnect_wrappers for more information.
 # LOCALIZATION NOTE: Do not translate "Mutation Event" and "MutationObserver"
 MutationEventWarning=Use of Mutation Events is deprecated. Use MutationObserver instead.
 # LOCALIZATION NOTE: Do not translate "Blob", "mozSlice", or "slice"
 MozSliceWarning=Use of mozSlice on the Blob object is deprecated.  Use slice instead.
--- a/js/xpconnect/tests/chrome/Makefile.in
+++ b/js/xpconnect/tests/chrome/Makefile.in
@@ -28,17 +28,16 @@ MOCHITEST_CHROME_FILES = \
 		file_bug618176.xul \
 		test_bug654370.xul \
 		test_bug658560.xul \
 		test_bug664689.xul \
 		test_bug679861.xul \
 		test_bug706301.xul \
 		test_bug726949.xul \
 		test_bug743843.xul \
-		test_bug758563.xul \
 		test_bug760076.xul \
 		test_bug760109.xul \
 		test_bug763343.xul \
 		test_bug771429.xul \
 		test_bug773962.xul \
 		test_APIExposer.xul \
 		test_chrometoSource.xul \
 		outoflinexulscript.js \
deleted file mode 100644
--- a/js/xpconnect/tests/chrome/test_bug758563.xul
+++ /dev/null
@@ -1,80 +0,0 @@
-<?xml version="1.0"?>
-<?xml-stylesheet type="text/css" href="chrome://global/skin"?>
-<?xml-stylesheet type="text/css" href="chrome://mochikit/content/tests/SimpleTest/test.css"?>
-<!--
-https://bugzilla.mozilla.org/show_bug.cgi?id=758563
--->
-<window title="Mozilla Bug 758563"
-        xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
-  <script type="application/javascript" src="chrome://mochikit/content/tests/SimpleTest/SimpleTest.js"/>
-
-  <!-- test results are displayed in the html:body -->
-  <body xmlns="http://www.w3.org/1999/xhtml">
-  <a href="https://bugzilla.mozilla.org/show_bug.cgi?id=758563"
-     target="_blank">Mozilla Bug 758563</a>
-  </body>
-
-  <!-- test code goes here -->
-  <script type="application/javascript">
-  <![CDATA[
-
-  /** Test for deprecation warnings for non-__exposedProps__ COWs. **/
-
-  SimpleTest.waitForExplicitFinish();
-
-  // Set up our console listener.
-  var gWarnings = 0;
-  function onWarning(consoleMessage) {
-    if (/__exposedProps__/.test(consoleMessage.message))
-      gWarnings++;
-  }
-  var gListener = {
-    observe: onWarning,
-    QueryInterface: function (iid) {
-      if (!iid.equals(Components.interfaces.nsIConsoleListener) &&
-          !iid.equals(Components.interfaces.nsISupports)) {
-        throw Components.results.NS_ERROR_NO_INTERFACE;
-      }
-      return this;
-    }
-  };
-  var gConsoleService = Components.classes["@mozilla.org/consoleservice;1"]
-                                  .getService(Components.interfaces.nsIConsoleService);
-  gConsoleService.registerListener(gListener);
-
-  // Wait for both child frame to load.
-  var gLoadCount = 0;
-  function frameLoaded() {
-    if (++gLoadCount == 2)
-      go();
-  }
-
-  function go() {
-    testFor('frame1');
-    testFor('frame2');
-
-    // Warnings are dispatched async, so stick ourselves at the end of the event
-    // queue.
-    setTimeout(done, 0);
-  }
-
-  function testFor(id) {
-    var win = document.getElementById(id).contentWindow.wrappedJSObject;
-    win.chromeObj = {a: 42};
-    win.ok = ok;
-    win.is = is;
-    win.doAccess();
-  }
-
-  function done() {
-    gConsoleService.unregisterListener(gListener);
-    is(gWarnings, 2, "Got the right number of warnings");
-    SimpleTest.finish();
-  }
-
-  ]]>
-
-  </script>
-  <iframe id="frame1" onload="frameLoaded();" type="content" src="http://mochi.test:8888/tests/js/xpconnect/tests/mochitest/file_bug758563.html" />
-  <iframe id="frame2" onload="frameLoaded();" type="content" src="http://mochi.test:8888/tests/js/xpconnect/tests/mochitest/file_bug758563.html" />
-</window>
--- a/js/xpconnect/tests/chrome/test_cows.xul
+++ b/js/xpconnect/tests/chrome/test_cows.xul
@@ -90,20 +90,22 @@ function COWTests() {
     //var cow = getCOW({ foo: "fooval", __exposedProps__: {}});
     //Math.sin(1);
     //is(cow.foo, undefined, "one test to rule them all");
     //return;
 
     const PROPS_TO_TEST = ['foo', 'bar', 'prototype'];
 
     var empty = {};
-    // Once we flip the default for __exposedProps__, this should behave
-    // the same as for function objects below.
+    var nonempty = {foo: 42, bar: 33};
     is(getCOW(empty).foo, undefined,
        "shouldn't throw when accessing exposed properties that doesn't exist");
+    PROPS_TO_TEST.forEach(function(name) {
+        isPropHidden(getCOW(nonempty), name, "object without exposedProps");
+    });
 
     // Test function objects without __exposedProps__
     var func = function(x) { return 42; };
     func.foo = "foo property";
     var funcCOW = getCOW(func);
     PROPS_TO_TEST.forEach(function(name) {
         isPropHidden(funcCOW, name, "function without exposedProps");
     });
--- a/js/xpconnect/tests/mochitest/Makefile.in
+++ b/js/xpconnect/tests/mochitest/Makefile.in
@@ -56,17 +56,16 @@ MOCHITEST_FILES =	bug500931_helper.html 
 		test_bug661980.html \
 		test_bug650273.html \
 		file_bug650273.html \
 		file_bug658560.html \
 		test_bug655297.html \
 		test_bug691059.html \
 		file_bug706301.html \
 		test_bug745483.html \
-		file_bug758563.html \
 		file_bug760131.html \
 		test_bug764389.html \
 		test_bug772288.html \
 		test_bug781476.html \
 		file_bug781476.html \
 		file_nodelists.html \
 		file_exnstack.html \
 		file_expandosharing.html \
deleted file mode 100644
--- a/js/xpconnect/tests/mochitest/file_bug758563.html
+++ /dev/null
@@ -1,19 +0,0 @@
-<html>
-<head>
-<script type="application/javascript">
-  function doAccess() {
-    // Access the variable twice.
-    oneAccess();
-    oneAccess();
-  }
-
-  function oneAccess() {
-    try {
-      is(window.chromeObj.a, 42, "Successfully read chrome property");
-    } catch (e) { ok(false, "Threw while trying to access chrome property"); };
-  }
-</script>
-</head>
-<body>
-</body>
-</html>
--- a/js/xpconnect/wrappers/AccessCheck.cpp
+++ b/js/xpconnect/wrappers/AccessCheck.cpp
@@ -422,34 +422,16 @@ ExposedPropertiesOnly::check(JSContext *
     }
 
     // If no __exposedProps__ existed, deny access.
     if (!found) {
         // Everything below here needs to be done in the wrapper's compartment.
         if (!wrapperAC.enter(cx, wrapper))
             return false;
 
-        // For now, only do this on functions.
-        if (!JS_ObjectIsFunction(cx, wrappedObject)) {
-
-            // This little loop hole will go away soon! See bug 553102.
-            nsCOMPtr<nsPIDOMWindow> win =
-                do_QueryInterface(nsJSUtils::GetStaticScriptGlobal(cx, wrapper));
-            if (win) {
-                nsCOMPtr<nsIDocument> doc =
-                    do_QueryInterface(win->GetExtantDocument());
-                if (doc) {
-                    doc->WarnOnceAbout(nsIDocument::eNoExposedProps,
-                                       /* asError = */ true);
-                }
-            }
-
-            perm = PermitPropertyAccess;
-            return true;
-        }
         return PermitIfUniversalXPConnect(cx, id, act, perm); // Deny
     }
 
     if (id == JSID_VOID) {
         // This will force the caller to call us back for individual property accesses.
         perm = PermitPropertyAccess;
         return true;
     }