Closed Bug 1005806 Opened 6 years ago Closed 6 years ago
Iterating <input> properties throws a security Error because HTMLInput
Element .controllers is not chromeonly
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36 Steps to reproduce: Iterating the properties on an <input> element throws a security Error when accessing the "controllers" property. This is a recent change in Firefox 29, and I suspect it is a side-effect caused by https://bugzilla.mozilla.org/show_bug.cgi?id=794943 Actual results: > var input = document.createElement("input"); > typeof input.controllers; Error: Permission denied for <https://www.google.com> to create wrapper for object of class XULControllers Expected results: > var input = document.createElement("input"); > typeof input.controllers "object" or "undefined"
Note that the behavior in Firefox 28 was for typeof to return "object". However, controllers is not defined on HTMLInputElement. https://developer.mozilla.org/en/docs/Web/API/HTMLInputElement It is however defined in XUL https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XUL/Property/controllers Part 3 of the patch in bug 94943 makes the controllers property [ChromeOnly], in which case I would expect it to not be exposed at all to webpages and typeof to return "undefined".
> Part 3 of the patch in bug 94943 I assume you mean bug 794943? That was for Window.controllers, not HTMLInputElement.controllers. Bobby, is there a reason the latter is not chromeonly?
Status: UNCONFIRMED → NEW
Ever confirmed: true
Summary: Iterating <input> properties throws a security Error → Iterating <input> properties throws a security Error because HTMLInputElement.controllers is not chromeonly
(In reply to Boris Zbarsky [:bz] from comment #2) > Bobby, is there a reason the latter is not chromeonly? Not that I know of. Patch coming up.
Comment on attachment 8417445 [details] [diff] [review] HTMLInputElement.controllers should be [ChromeOnly]. v1 r=me. We should probably get this backported to aurora/beta too.
Attachment #8417445 - Flags: review?(bzbarsky) → review+
This is a web-visible regression with a simple fix. We should track for branches. https://tbpl.mozilla.org/?tree=Try&rev=c4e0ccd1fda9
Assignee: nobody → bobbyholley
Comment on attachment 8417445 [details] [diff] [review] HTMLInputElement.controllers should be [ChromeOnly]. v1 [Approval Request Comment] Bug caused by (feature/regressing bug #): bug 794943 User impact if declined: weird gecko-specific exception thrown when iterating properties. Testing completed (on m-c, etc.): Haven't pushed to m-i because it's closed. Will soon. Risk to taking this patch (and alternatives if risky): Very low risk. String or IDL/UUID changes made by this patch: None
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla32
Yes I meant bug 794943, that was a typo on my part. Thank you for the quick acknowledgement and turnaround.
Thor, thank you for reporting the issue, and pinpointing what the problem is!
Reproduced the initial issue using old Nightly (2014-04-30) on Windows 7 64bit, verified as fixed using Firefox 30 beta 3, latest Aurora and latest Nightly on Windows 7 64bit, Mac OS X 10.9.2 and Ubuntu 13.10 32bit.
You need to log in before you can comment on or make changes to this bug.