Bug 784233 - Relax __exposedProps__ check for sandboxes until we can repack AMO addons. r=gal
authorBobby Holley <bobbyholley@gmail.com>
Tue, 21 Aug 2012 10:27:08 -0700
changeset 108417 6f955c140b60ae8399bc4a013a80e794f64fa315
parent 108416 0e73660050a44ecd554cd3859f4af01bbdca2f65
child 108418 321da000a2281b8ca719f2290df8e13571a62cb3
push id1490
push userakeybl@mozilla.com
push dateMon, 08 Oct 2012 18:29:50 +0000
treeherdermozilla-beta@f335e7dacdc1 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersgal
bugs784233
milestone17.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 784233 - Relax __exposedProps__ check for sandboxes until we can repack AMO addons. r=gal
content/base/public/nsDeprecatedOperationList.h
js/xpconnect/tests/chrome/test_cows.xul
js/xpconnect/wrappers/AccessCheck.cpp
--- a/content/base/public/nsDeprecatedOperationList.h
+++ b/content/base/public/nsDeprecatedOperationList.h
@@ -40,10 +40,11 @@ DEPRECATED_OPERATION(IsEqualNode)
 DEPRECATED_OPERATION(TextContent)
 DEPRECATED_OPERATION(EnablePrivilege)
 DEPRECATED_OPERATION(Position)
 DEPRECATED_OPERATION(TotalSize)
 DEPRECATED_OPERATION(InputEncoding)
 DEPRECATED_OPERATION(MozBeforePaint)
 DEPRECATED_OPERATION(MozBlobBuilder)
 DEPRECATED_OPERATION(DOMExceptionCode)
+DEPRECATED_OPERATION(NoExposedProps)
 DEPRECATED_OPERATION(MutationEvent)
 DEPRECATED_OPERATION(MozSlice)
--- a/js/xpconnect/tests/chrome/test_cows.xul
+++ b/js/xpconnect/tests/chrome/test_cows.xul
@@ -90,22 +90,20 @@ function COWTests() {
     //var cow = getCOW({ foo: "fooval", __exposedProps__: {}});
     //Math.sin(1);
     //is(cow.foo, undefined, "one test to rule them all");
     //return;
 
     const PROPS_TO_TEST = ['foo', 'bar', 'prototype'];
 
     var empty = {};
-    var nonempty = {foo: 42, bar: 33};
+    // Once we flip the default for __exposedProps__, this should behave
+    // the same as for function objects below.
     is(getCOW(empty).foo, undefined,
        "shouldn't throw when accessing exposed properties that doesn't exist");
-    PROPS_TO_TEST.forEach(function(name) {
-        isPropHidden(getCOW(nonempty), name, "object without exposedProps");
-    });
 
     // Test function objects without __exposedProps__
     var func = function(x) { return 42; };
     func.foo = "foo property";
     var funcCOW = getCOW(func);
     PROPS_TO_TEST.forEach(function(name) {
         isPropHidden(funcCOW, name, "function without exposedProps");
     });
--- a/js/xpconnect/wrappers/AccessCheck.cpp
+++ b/js/xpconnect/wrappers/AccessCheck.cpp
@@ -378,16 +378,26 @@ PermitIfUniversalXPConnect(JSContext *cx
         perm = ExposedPropertiesOnly::PermitPropertyAccess;
         return true; // Allow
     }
 
     // Deny
     return Deny(cx, id, act);
 }
 
+static bool
+IsInSandbox(JSContext *cx, JSObject *obj)
+{
+    JSAutoEnterCompartment ac;
+    if (!ac.enter(cx, obj))
+        return false;
+    JSObject *global = JS_GetGlobalForObject(cx, obj);
+    return !strcmp(js::GetObjectJSClass(global)->name, "Sandbox");
+}
+
 bool
 ExposedPropertiesOnly::check(JSContext *cx, JSObject *wrapper, jsid id, Wrapper::Action act,
                              Permission &perm)
 {
     JSObject *wrappedObject = Wrapper::wrappedObject(wrapper);
 
     if (act == Wrapper::CALL) {
         perm = PermitObjectAccess;
@@ -422,16 +432,36 @@ ExposedPropertiesOnly::check(JSContext *
     }
 
     // If no __exposedProps__ existed, deny access.
     if (!found) {
         // Everything below here needs to be done in the wrapper's compartment.
         if (!wrapperAC.enter(cx, wrapper))
             return false;
 
+        // Make a temporary exception for objects in a chrome sandbox to help
+        // out jetpack. See bug 784233.
+        if (!JS_ObjectIsFunction(cx, wrappedObject) &&
+            IsInSandbox(cx, wrappedObject))
+        {
+            // This little loop hole will go away soon! See bug 553102.
+            nsCOMPtr<nsPIDOMWindow> win =
+                do_QueryInterface(nsJSUtils::GetStaticScriptGlobal(cx, wrapper));
+            if (win) {
+                nsCOMPtr<nsIDocument> doc =
+                    do_QueryInterface(win->GetExtantDocument());
+                if (doc) {
+                    doc->WarnOnceAbout(nsIDocument::eNoExposedProps,
+                                       /* asError = */ true);
+                }
+            }
+
+            perm = PermitPropertyAccess;
+            return true;
+        }
         return PermitIfUniversalXPConnect(cx, id, act, perm); // Deny
     }
 
     if (id == JSID_VOID) {
         // This will force the caller to call us back for individual property accesses.
         perm = PermitPropertyAccess;
         return true;
     }