Bug 996280 - Use the docshell's sandbox flags if we can't get the active document in IsSandboxedFrom(). r=smaug, a=sledru
authorBob Owen <bobowencode@gmail.com>
Tue, 06 May 2014 19:48:33 +0100
changeset 192292 68b0fb01bfdc
parent 192291 9e2975cd6792
child 192293 19554eb3bed1
push id3559
push userryanvm@gmail.com
push date2014-05-15 13:07 +0000
treeherdermozilla-beta@792de35e26c0 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewerssmaug, sledru
bugs996280
milestone30.0
Bug 996280 - Use the docshell's sandbox flags if we can't get the active document in IsSandboxedFrom(). r=smaug, a=sledru
docshell/base/nsDocShell.cpp
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -3463,21 +3463,24 @@ nsDocShell::IsSandboxedFrom(nsIDocShell*
         return false;
     }
 
     // We cannot be sandboxed from ourselves.
     if (aTargetDocShell == this) {
         return false;
     }
 
-    uint32_t sandboxFlags = 0;
-
-    nsCOMPtr<nsIDocument> doc = mContentViewer->GetDocument();
-    if (doc) {
-        sandboxFlags = doc->GetSandboxFlags();
+    // Default the sandbox flags to our flags, so that if we can't retrieve the
+    // active document, we will still enforce our own.
+    uint32_t sandboxFlags = mSandboxFlags;
+    if (mContentViewer) {
+        nsCOMPtr<nsIDocument> doc = mContentViewer->GetDocument();
+        if (doc) {
+            sandboxFlags = doc->GetSandboxFlags();
+        }
     }
 
     // If no flags, we are not sandboxed at all.
     if (!sandboxFlags) {
         return false;
     }
 
     // If aTargetDocShell has an ancestor, it is not top level.