Bug 1185360 - PostMessageEvent should not have a different behavior if the main principal subsumes the destination one., r=smaug
--- a/dom/base/PostMessageEvent.cpp
+++ b/dom/base/PostMessageEvent.cpp
@@ -21,17 +21,16 @@
namespace mozilla {
namespace dom {
namespace {
struct StructuredCloneInfo
{
PostMessageEvent* event;
- bool subsumes;
nsPIDOMWindow* window;
// This hashtable contains the transferred ports - used to avoid duplicates.
nsTArray<nsRefPtr<MessagePortBase>> transferredPorts;
// This array is populated when the ports are cloned.
nsTArray<nsRefPtr<MessagePortBase>> clonedPorts;
};
@@ -112,17 +111,17 @@ PostMessageEvent::WriteStructuredClone(J
void *closure)
{
StructuredCloneInfo* scInfo = static_cast<StructuredCloneInfo*>(closure);
NS_ASSERTION(scInfo, "Must have scInfo!");
// See if this is a File/Blob object.
{
Blob* blob = nullptr;
- if (scInfo->subsumes && NS_SUCCEEDED(UNWRAP_OBJECT(Blob, obj, blob))) {
+ if (NS_SUCCEEDED(UNWRAP_OBJECT(Blob, obj, blob))) {
BlobImpl* blobImpl = blob->Impl();
if (JS_WriteUint32Pair(writer, SCTAG_DOM_BLOB, 0) &&
JS_WriteBytes(writer, &blobImpl, sizeof(blobImpl))) {
scInfo->event->StoreISupports(blobImpl);
return true;
}
}
}
@@ -130,17 +129,17 @@ PostMessageEvent::WriteStructuredClone(J
nsCOMPtr<nsIXPConnectWrappedNative> wrappedNative;
nsContentUtils::XPConnect()->
GetWrappedNativeOfJSObject(cx, obj, getter_AddRefs(wrappedNative));
if (wrappedNative) {
uint32_t scTag = 0;
nsISupports* supports = wrappedNative->Native();
nsCOMPtr<nsIDOMFileList> list = do_QueryInterface(supports);
- if (list && scInfo->subsumes)
+ if (list)
scTag = SCTAG_DOM_FILELIST;
if (scTag)
return JS_WriteUint32Pair(writer, scTag, 0) &&
JS_WriteBytes(writer, &supports, sizeof(supports)) &&
scInfo->event->StoreISupports(supports);
}
@@ -374,24 +373,22 @@ PostMessageEvent::Run()
internalEvent,
static_cast<dom::Event*>(event.get()),
&status);
return NS_OK;
}
bool
PostMessageEvent::Write(JSContext* aCx, JS::Handle<JS::Value> aMessage,
- JS::Handle<JS::Value> aTransfer, bool aSubsumes,
- nsPIDOMWindow* aWindow)
+ JS::Handle<JS::Value> aTransfer, nsPIDOMWindow* aWindow)
{
// We *must* clone the data here, or the JS::Value could be modified
// by script
StructuredCloneInfo scInfo;
scInfo.event = this;
scInfo.window = aWindow;
- scInfo.subsumes = aSubsumes;
return mBuffer.write(aCx, aMessage, aTransfer, &sPostMessageCallbacks,
&scInfo);
}
} // namespace dom
} // namespace mozilla
--- a/dom/base/PostMessageEvent.h
+++ b/dom/base/PostMessageEvent.h
@@ -34,18 +34,17 @@ public:
PostMessageEvent(nsGlobalWindow* aSource,
const nsAString& aCallerOrigin,
nsGlobalWindow* aTargetWindow,
nsIPrincipal* aProvidedPrincipal,
bool aTrustedCaller);
bool Write(JSContext* aCx, JS::Handle<JS::Value> aMessage,
- JS::Handle<JS::Value> aTransfer, bool aSubsumes,
- nsPIDOMWindow* aWindow);
+ JS::Handle<JS::Value> aTransfer, nsPIDOMWindow* aWindow);
private:
~PostMessageEvent();
const MessagePortIdentifier& GetPortIdentifier(uint64_t aId);
MessagePortIdentifier* NewPortIdentifier(uint64_t* aPosition);
--- a/dom/base/nsGlobalWindow.cpp
+++ b/dom/base/nsGlobalWindow.cpp
@@ -8556,23 +8556,20 @@ nsGlobalWindow::PostMessageMozOuter(JSCo
new PostMessageEvent(nsContentUtils::IsCallerChrome() || !callerInnerWin
? nullptr
: callerInnerWin->GetOuterWindowInternal(),
origin,
this,
providedPrincipal,
nsContentUtils::IsCallerChrome());
- nsIPrincipal* principal = GetPrincipal();
JS::Rooted<JS::Value> message(aCx, aMessage);
JS::Rooted<JS::Value> transfer(aCx, aTransfer);
- bool subsumes;
-
- if (NS_FAILED(callerPrin->Subsumes(principal, &subsumes)) ||
- !event->Write(aCx, message, transfer, subsumes, this)) {
+
+ if (!event->Write(aCx, message, transfer, this)) {
aError.Throw(NS_ERROR_DOM_DATA_CLONE_ERR);
return;
}
aError = NS_DispatchToCurrentThread(event);
}
void