Bug 797909, null principal for initial about:blank, r=bz a=lsblakk
authorOlli Pettay <Olli.Pettay@helsinki.fi>
Sat, 06 Oct 2012 02:59:40 +0300
changeset 107070 ff90431f32c39fe62ffba1327556fc1e85453824
parent 107069 28ef082de058889014a0b2f0acb3245ea1b7a36e
child 107071 40414595ae486aa4ef55d62b2c40da9738798079
push id2211
push useropettay@mozilla.com
push dateSat, 06 Oct 2012 00:01:41 +0000
treeherdermozilla-aurora@ff90431f32c3 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbz, lsblakk
bugs797909
milestone17.0a2
Bug 797909, null principal for initial about:blank, r=bz a=lsblakk
docshell/base/nsDocShell.cpp
docshell/test/Makefile.in
docshell/test/test_bug797909.html
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -6779,18 +6779,24 @@ nsDocShell::CreateAboutBlankContentViewe
   // unloads... but that's ok, more or less.  Would be nice if it fired load
   // too, of course.
   mFiredUnloadEvent = false;
 
   nsCOMPtr<nsIDocumentLoaderFactory> docFactory =
       nsContentUtils::FindInternalContentViewer("text/html");
 
   if (docFactory) {
+    nsCOMPtr<nsIPrincipal> principal;
+    if (mSandboxFlags & SANDBOXED_ORIGIN) {
+      principal = do_CreateInstance("@mozilla.org/nullprincipal;1");
+    } else {
+      principal = aPrincipal;
+    }
     // generate (about:blank) document to load
-    docFactory->CreateBlankDocument(mLoadGroup, aPrincipal,
+    docFactory->CreateBlankDocument(mLoadGroup, principal,
                                     getter_AddRefs(blankDoc));
     if (blankDoc) {
       // Hack: set the base URI manually, since this document never
       // got Reset() with a channel.
       blankDoc->SetBaseURI(aBaseURI);
 
       blankDoc->SetContainer(static_cast<nsIDocShell *>(this));
 
--- a/docshell/test/Makefile.in
+++ b/docshell/test/Makefile.in
@@ -95,16 +95,17 @@ MOCHITEST_FILES = \
 		test_bug691547.html \
 		bug691547_frame.html \
 		test_bug694612.html \
 		test_bug703855.html \
 		file_bug703855.html \
 		test_bug713825.html \
 		test_bug728939.html \
 		file_bug728939.html \
+		test_bug797909.html \
 		$(NULL)
 
 ifeq ($(MOZ_WIDGET_TOOLKIT),cocoa)
 MOCHITEST_FILES += \
 		test_bug511449.html \
 		file_bug511449.html \
 		$(NULL)
 endif
new file mode 100644
--- /dev/null
+++ b/docshell/test/test_bug797909.html
@@ -0,0 +1,66 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=797909
+-->
+<head>
+  <meta charset="utf-8">
+  <title>Test for Bug 797909</title>
+  <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+</head>
+<body onload="runTest()">
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=797909">Mozilla Bug 797909</a>
+<p id="display"></p>
+<div id="content" style="display: none">
+  
+</div>
+<pre id="test">
+<script type="application/javascript">
+  /** Test for Bug 797909 **/
+
+  SimpleTest.waitForExplicitFinish();
+
+  function runTest() {
+    iframe = document.getElementById("ifr");
+    try {
+      var iframeDoc = iframe.contentWindow.document;
+      ok(false, "Should have thrown an exception");
+    } catch (ex) {
+      ok(true, "Got an exception");
+    }
+
+    iframe = document.createElement("iframe");
+    // set sandbox attribute
+    iframe.sandbox = "allow-scripts";
+    // and then insert into the doc
+    document.body.appendChild(iframe);
+
+    try {
+      var iframeDoc = iframe.contentWindow.document;
+      ok(false, "Should have thrown an exception");
+    } catch (ex) {
+      ok(true, "Got an exception");
+    }
+
+    iframe = document.createElement("iframe");
+    // set sandbox attribute
+    iframe.sandbox = "allow-same-origin";
+    // and then insert into the doc
+    document.body.appendChild(iframe);
+
+    try {
+      var iframeDoc = iframe.contentWindow.document;
+      ok(true, "Shouldn't have thrown an exception");
+    } catch (ex) {
+      ok(false, "Got an unexpected exception");
+    }
+
+    SimpleTest.finish();
+  }
+
+</script>
+</pre>
+<iframe id="ifr" sandbox = "allow-scripts"></iframe>
+</body>
+</html>