changed init for jsdependentstring
authorRiccardo Pelizzi <r.pelizzi@gmail.com>
Mon, 23 Jan 2012 01:06:50 -0500
changeset 38 f09a80187e7aeb8a9d2e007e991945a7ce6eec12
parent 37 48dd641008026f951561f7e8d9ad35278f91d556
child 39 f950386b1e592fd75f3086e81336c361d02256d8
push id22
push userr.pelizzi@gmail.com
push dateMon, 23 Jan 2012 06:07:02 +0000
changed init for jsdependentstring
xssfilter
--- a/xssfilter
+++ b/xssfilter
@@ -5211,33 +5211,70 @@ diff --git a/dom/base/nsJSTimeoutHandler
  
  static const char kSetIntervalStr[] = "setInterval";
  static const char kSetTimeoutStr[] = "setTimeout";
  
  // Our JS nsIScriptTimeoutHandler implementation.
  class nsJSScriptTimeoutHandler: public nsIScriptTimeoutHandler
  {
  public:
-@@ -301,16 +302,32 @@ nsJSScriptTimeoutHandler::Init(nsGlobalW
+@@ -223,16 +224,17 @@ nsJSScriptTimeoutHandler::Init(nsGlobalW
+   NS_ENSURE_SUCCESS(rv, rv);
+ 
+   PRUint32 argc;
+   jsval *argv = nsnull;
+ 
+   ncc->GetArgc(&argc);
+   ncc->GetArgvPtr(&argv);
+ 
++  JSString *str = nsnull;
+   JSFlatString *expr = nsnull;
+   JSObject *funobj = nsnull;
+ 
+   JSAutoRequest ar(cx);
+ 
+   if (argc < 1) {
+     ::JS_ReportError(cx, "Function %s requires at least 2 parameter",
+                      *aIsInterval ? kSetIntervalStr : kSetTimeoutStr);
+@@ -256,17 +258,17 @@ nsJSScriptTimeoutHandler::Init(nsGlobalW
+   switch (::JS_TypeOfValue(cx, argv[0])) {
+   case JSTYPE_FUNCTION:
+     funobj = JSVAL_TO_OBJECT(argv[0]);
+     break;
+ 
+   case JSTYPE_STRING:
+   case JSTYPE_OBJECT:
+     {
+-      JSString *str = ::JS_ValueToString(cx, argv[0]);
++      str = ::JS_ValueToString(cx, argv[0]);
+       if (!str)
+         return NS_ERROR_OUT_OF_MEMORY;
+ 
+       expr = ::JS_FlattenString(cx, str);
+       if (!expr)
+           return NS_ERROR_OUT_OF_MEMORY;
+ 
+       argv[0] = STRING_TO_JSVAL(str);
+@@ -301,16 +303,32 @@ nsJSScriptTimeoutHandler::Init(nsGlobalW
          if (!allowsEval) {
            ::JS_ReportError(cx, "call to %s blocked by CSP",
                              *aIsInterval ? kSetIntervalStr : kSetTimeoutStr);
  
            // Note: Our only caller knows to turn NS_ERROR_DOM_TYPE_ERR into NS_OK.
            return NS_ERROR_DOM_TYPE_ERR;
          }
        }
 +      nsRefPtr<nsXSSFilter> xss;
 +      rv = doc->NodePrincipal()->GetXSSFilter(getter_AddRefs(xss));
 +      NS_ENSURE_SUCCESS(rv, rv);
 +
 +      if (xss) {
 +        //xss settimeout
 +        nsDependentJSString nsStr;
-+        nsStr.init(cx, expr);
++        nsStr.init(cx, str);
 +        XSSJSAction t = xss_timeout;
 +        if (!xss->PermitsJSAction(nsStr, t)) {
 +          ::JS_ReportError(cx, "call to %s blocked by XSS Filter",
 +                           *aIsInterval ? kSetIntervalStr : kSetTimeoutStr);
 +          return NS_ERROR_DOM_TYPE_ERR;
 +        }
 +      }
 +