Closed
Bug 79544
Opened 24 years ago
Closed 24 years ago
JS error when bringing up Composer
Categories
(Core :: Security: CAPS, defect)
Tracking
()
VERIFIED
FIXED
People
(Reporter: sfraser_bugs, Assigned: security-bugs)
Details
(Keywords: smoketest)
I get this JS error when bringing up composer:
************************************************************
* Call to xpconnect wrapped JSObject produced this error: *
[Exception... "Permission denied to create wrapper for object
[nsIDocumentStateListener::NotifyDocumentCreated]" nsresult: "0x8057001e
(NS_ERROR_XPC_JS_THREW_STRING)" location: "<unknown>" data: no]
************************************************************
This is probably jst DOM fallout.
|
Reporter | |
Comment 1•24 years ago
|
||
Note that this causes a bunch of our toolbar items to remain disabled.
|
|
Reporter | |
Comment 2•24 years ago
|
||
It seems that something that is called from NotifyDocumentCreated is doing
something bad. Control does reach the start of that JS function.
|
||
Comment 3•24 years ago
|
||
This looks like a caps problem to me. DumpJSStack() in the debugger shows the
stack below at a point where the caps system is disallowing the creation of a
wrapper (I'm not certain if this is the same case that causes the error in the
JS console).
A breakpoint at the failure return in
nsScriptSecurityManager::CheckXPCPermissions will catch such failure cases.
Why would this be disallowed when the first JS frame on the stack is running in
chrome?
0 [native frame]
1 GetEditorController() ["chrome://editor/content/ComposerCommands.js":188]
numControllers = 3
i = 0
commandManager = null
controller = undefined
interfaceRequestor = undefined
this = [xpconnect wrapped Window @ 0x3fb0520]
2 SetupHTMLEditorCommands() ["chrome://editor/content/ComposerCommands.js":34]
controller = undefined
this = [xpconnect wrapped Window @ 0x3fb0520]
3 EditorSharedStartup() ["chrome://editor/content/editor.js":207]
tableKey = undefined
dragStr = undefined
clickStr = undefined
delStr = undefined
BrowserColors = undefined
this = [xpconnect wrapped Window @ 0x3fb0520]
4 EditorStartup(editorType = "html", editorElement = [xpconnect wrapped XULElem
nt @ 0x4838c10]) ["chrome://editor/content/editor.js":186]
url = undefined
this = [xpconnect wrapped Window @ 0x3fb0520]
5 EditorOnLoad() ["chrome://editor/content/editor.js":92]
this = [xpconnect wrapped Window @ 0x3fb0520]
6 onload(event = [xpconnect wrapped Event @ 0x48fc400]) ["<unknown>":0]
this = [xpconnect wrapped Window @ 0x3fb0520]
7 <TOP LEVEL> ["<unknown>":0]
|
|
Reporter | |
Comment 4•24 years ago
|
||
Some dump()s in this JS show that this line fails:
var newdoctype = domdoc.implementation.createDocumentType("html",
"-//W3C//DTD HTML 4.01 Transitional//EN","");
line 1682 of editor.js.
|
|
Reporter | |
Comment 5•24 years ago
|
||
It seems to return from the createDocumentType() call cleanly, but I never reach
the next line of JS. Something that may be a contributing factor is that the
object that createDocumentType returns is a nsIDOMDocumentType, which inherits
from nsIDOMNode. Do we have some kind of issue with security and inheritance?
|
|
Reporter | |
Comment 6•24 years ago
|
||
The class for which we are getting a security check failure is actually
nsDOMDocumentType.
|
||
Comment 8•24 years ago
|
||
Nice catch, DocumentType was missing it's classinfo line in it's QI map. Problem
fixed.
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
|
|
||
Comment 9•24 years ago
|
||
Reopening since the toolbars are still disabled.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
|
|
||
Comment 10•24 years ago
|
||
When I try to bring up composer I see permission denied to create wrappers for:
nsDOMWindowController
nsComposerWindowController
nsEditorController
|
|
Reporter | |
Comment 11•24 years ago
|
||
Right. The problem here seems to be a security manager one. The JS is doing
var controller = window._content.controllers.getControllerAt(i);
var interfaceRequestor =
controller.QueryInterface(Components.interfaces.nsIInterfaceRequestor);
if (!interfaceRequestor) continue;
commandManager =
interfaceRequestor.getInterface(Components.interfaces.nsIControllerCommandManager
);
but since this JS runs on XUL, there should not be any security issues. jst says
that mstoltz has some bugs about messing with stuff on _content from XUL, and
this is one of them. We verified that everything works if you disable the
security manager.
Assignee: jst → mstoltz
Status: REOPENED → NEW
|
|
Reporter | |
Comment 12•24 years ago
|
||
Blocker for composer.
Severity: normal → blocker
Component: Editor → Security: CAPS
Keywords: smoketest
|
Assignee | |
Comment 13•24 years ago
|
||
We checked in a temporary workaround.
Status: NEW → RESOLVED
Closed: 24 years ago → 24 years ago
Resolution: --- → FIXED
|
||
Comment 14•24 years ago
|
||
Marking VERIFIED FIXED on:
-MacOS91 2001-05-30-09-trunk
-Win98SE 2001-05-30-09-trunk
-LinRH62 2001-05-30-08-trunk
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•