Bug 1514210 part 2 - Use the privileged junk scope's compartment for windows created with the system principal. r=bzbarsky
authorJan de Mooij <jdemooij@mozilla.com>
Fri, 28 Dec 2018 11:25:48 +0000
changeset 509488 1b13a38c51e5640aa716d8d367c44e101c3835e3
parent 509487 ba3a14b06003a7b437160c217bf732f27df2edab
child 509489 30ca625d8d6eb4c2a3760ba235f38ee1dc93b4f9
push id10547
push userffxbld-merge
push dateMon, 21 Jan 2019 13:03:58 +0000
treeherdermozilla-beta@24ec1916bffe [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbzbarsky
bugs1514210
milestone66.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1514210 part 2 - Use the privileged junk scope's compartment for windows created with the system principal. r=bzbarsky Depends on D15290 Differential Revision: https://phabricator.services.mozilla.com/D15291
dom/base/nsGlobalWindowOuter.cpp
--- a/dom/base/nsGlobalWindowOuter.cpp
+++ b/dom/base/nsGlobalWindowOuter.cpp
@@ -1544,17 +1544,23 @@ static bool InitializeLegacyNetscapeObje
   /* Define PrivilegeManager object with the necessary "static" methods. */
   obj = JS_DefineObject(aCx, obj, "PrivilegeManager", nullptr);
   NS_ENSURE_TRUE(obj, false);
 
   return JS_DefineFunctions(aCx, obj, EnablePrivilegeSpec);
 }
 
 static JS::RealmCreationOptions& SelectZone(
-    nsGlobalWindowInner* aNewInner, JS::RealmCreationOptions& aOptions) {
+    nsIPrincipal* aPrincipal, nsGlobalWindowInner* aNewInner,
+    JS::RealmCreationOptions& aOptions) {
+  // Use the shared system compartment for chrome windows.
+  if (nsContentUtils::IsSystemPrincipal(aPrincipal)) {
+    return aOptions.setExistingCompartment(xpc::PrivilegedJunkScope());
+  }
+
   if (aNewInner->GetOuterWindow()) {
     nsGlobalWindowOuter* top = aNewInner->GetTopInternal();
 
     // If we have a top-level window, use its zone.
     if (top && top->GetGlobalJSObject()) {
       return aOptions.setNewCompartmentInExistingZone(top->GetGlobalJSObject());
     }
   }
@@ -1579,17 +1585,17 @@ static nsresult CreateNativeGlobalForInn
 
   // DOMWindow with nsEP is not supported, we have to make sure
   // no one creates one accidentally.
   nsCOMPtr<nsIExpandedPrincipal> nsEP = do_QueryInterface(aPrincipal);
   MOZ_RELEASE_ASSERT(!nsEP, "DOMWindow with nsEP is not supported");
 
   JS::RealmOptions options;
 
-  SelectZone(aNewInner, options.creationOptions());
+  SelectZone(aPrincipal, aNewInner, options.creationOptions());
 
   options.creationOptions().setSecureContext(aIsSecureContext);
 
   xpc::InitGlobalObjectOptions(options, aPrincipal);
 
   // Determine if we need the Components object.
   bool needComponents = nsContentUtils::IsSystemPrincipal(aPrincipal) ||
                         TreatAsRemoteXUL(aPrincipal);