Bug 780047 - Prevent mozbrowser/mozapp processes from calling PBrowser::CreateWindow. r=cjones
authorJustin Lebar <justin.lebar@gmail.com>
Tue, 28 Aug 2012 14:22:59 -0300
changeset 105721 e6cc3b189dcf840566d6b8f7f7930a741744b7fe
parent 105720 04d13cf166ab1c0c6d765ff22551c0cee9199c44
child 105722 8a41f262b382442039e32a1d619dfad09913ce60
push id55
push usershu@rfrn.org
push dateThu, 30 Aug 2012 01:33:09 +0000
reviewerscjones
bugs780047
milestone18.0a1
Bug 780047 - Prevent mozbrowser/mozapp processes from calling PBrowser::CreateWindow. r=cjones
dom/ipc/TabParent.cpp
--- a/dom/ipc/TabParent.cpp
+++ b/dom/ipc/TabParent.cpp
@@ -167,16 +167,21 @@ TabParent::RecvEvent(const RemoteDOMEven
 
 bool
 TabParent::AnswerCreateWindow(PBrowserParent** retval)
 {
     if (!mBrowserDOMWindow) {
         return false;
     }
 
+    // Only non-app, non-browser processes may call CreateWindow.
+    if (GetApp() || IsBrowserElement()) {
+        return false;
+    }
+
     // Get a new rendering area from the browserDOMWin.  We don't want
     // to be starting any loads here, so get it with a null URI.
     nsCOMPtr<nsIFrameLoaderOwner> frameLoaderOwner;
     mBrowserDOMWindow->OpenURIInFrame(nullptr, nullptr,
                                       nsIBrowserDOMWindow::OPEN_NEWTAB,
                                       nsIBrowserDOMWindow::OPEN_NEW,
                                       getter_AddRefs(frameLoaderOwner));
     if (!frameLoaderOwner) {