Closed
Bug 119529
Opened 23 years ago
Closed 22 years ago
uncaught exception: Permission denied to get property Function.caller
Categories
(Core :: Security: CAPS, defect)
Tracking
()
RESOLVED
FIXED
Future
People
(Reporter: bht237, Assigned: security-bugs)
Details
(Whiteboard: mozilla1.3)
Attachments
(1 file)
|
473 bytes,
text/html
|
Details |
function.caller should return null in the attached test case as in Netscape 4
and others.
Mozilla/5.0 (Windows; U; Win95; en-US; rv:0.9.7+) Gecko/20020110
Maybe looking at bug 117307 helps (which was fixed really quickly)
I cc Brendan for that reason.
I would be very glad if this would be fixed soon. Hope it is not a big deal.
|
||
Comment 2•23 years ago
|
||
Confirming with Mozilla binaries on WinNT, Linux. OS: --> All.
Here is the source for the reporter's testcase:
<HTML><HEAD><SCRIPT>
function handler(t,u,n)
{
alert("handler.caller = " + handler.caller);
return false;
}
window.onerror = handler;
noSuchFunction();
</SCRIPT></HEAD></HTML>
In NN4.7 and IE6 the output of this is an alert: "handler.caller = null".
In Mozilla, however, you get an exception in the JS Console:
Error: uncaught exception: Permission denied to get property Function.caller
cc'ing Mitch as well -
Assignee: rogerl → khanson
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Windows 95 → All
|
|
||
Comment 3•23 years ago
|
||
Reassigning to mstoltz, changing component. I think this is a 4xp bug -- Mitch,
what's going on?
/be
Assignee: khanson → mstoltz
Component: Javascript Engine → Security: CAPS
|
|
Assignee | |
Comment 5•23 years ago
|
||
Not sure...I thought Function.caller was only blocked when it involved a
cross-host access, which doesn't seem to be the case here. I'll take a look.
Status: NEW → ASSIGNED
Target Milestone: --- → mozilla1.0
|
||
Updated•23 years ago
|
|
|
Assignee | |
Updated•23 years ago
|
Target Milestone: mozilla1.0 → mozilla1.2
|
|
Assignee | |
Updated•23 years ago
|
Keywords: 4xp,
ecommerce,
mozilla0.9.9,
mozilla1.0,
nsbeta1+,
testcase
|
|
Assignee | |
Updated•23 years ago
|
Target Milestone: mozilla1.2alpha → Future
|
|
||
Comment 6•22 years ago
|
||
I just checked in the fix for bug 181934 -- anyone care to test whether it fixes
this bug too? Try tomorrow's builds if you can't patch your own (I was relying
on waterson to test my one-line js engine patch in 181934).
/be
|
|
||
Comment 7•22 years ago
|
||
Also note bug 158592, "Stack Trace code causes process thread to die".
There, recursive appeals to |f.caller| succeeded until they reached
top-level code. At that point the code failed silently (no errors
in the JS Console), causing JS execution to stop.
The problem was diagnosed as follows:
------- Additional Comment_ #5 From Peter Van der Beken 2002-11-06 09:26 -------
nsScriptSecurityManager::CheckJSFunctionCallerAccess blocks access to .caller.
Rather odd since .caller is null in this case. I'm also seeing:
###!!! ASSERTION: CheckPropertyAccessImpl called without a target object or URL:
'Error', file nsScriptSecurityManager.cpp, line 723
|
|
||
Comment 8•22 years ago
|
||
> I just checked in the fix for bug 181934 -- anyone care to test
> whether it fixes this bug too?
Yes, it does seem to have fixed this bug, too. Using Mozilla
trunk binary 2002112711 on WinNT. When I try the above testcase,
it now alerts "handler.caller = null", as desired.
bht@actrix.gen.nz: do you find the same?
Bug 158592 also seems to be fixed now.
|
|
||
Comment 9•22 years ago
|
||
Resolving this bug as FIXED due to the fix for bug 181934.
bht@actrix.gen.nz: if you do not find this to be fixed,
please reopen this bug. Be sure, however, to try it out
using a trunk build dated 2002-11-27 or after; thanks -
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•