Closed
Bug 119529
Opened 23 years ago
Closed 22 years ago
uncaught exception: Permission denied to get property Function.caller
Categories
(Core :: Security: CAPS, defect)
Tracking
()
RESOLVED
FIXED
Future
People
(Reporter: bht237, Assigned: security-bugs)
Details
(Whiteboard: mozilla1.3)
Attachments
(1 file)
|
473 bytes,
text/html
|
Details |
function.caller should return null in the attached test case as in Netscape 4 and others. Mozilla/5.0 (Windows; U; Win95; en-US; rv:0.9.7+) Gecko/20020110 Maybe looking at bug 117307 helps (which was fixed really quickly) I cc Brendan for that reason. I would be very glad if this would be fixed soon. Hope it is not a big deal.
|
||
Comment 2•23 years ago
|
||
Confirming with Mozilla binaries on WinNT, Linux. OS: --> All.
Here is the source for the reporter's testcase:
<HTML><HEAD><SCRIPT>
function handler(t,u,n)
{
alert("handler.caller = " + handler.caller);
return false;
}
window.onerror = handler;
noSuchFunction();
</SCRIPT></HEAD></HTML>
In NN4.7 and IE6 the output of this is an alert: "handler.caller = null".
In Mozilla, however, you get an exception in the JS Console:
Error: uncaught exception: Permission denied to get property Function.caller
cc'ing Mitch as well -Assignee: rogerl → khanson
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: Windows 95 → All
|
||
Comment 3•23 years ago
|
||
Reassigning to mstoltz, changing component. I think this is a 4xp bug -- Mitch, what's going on? /be
Assignee: khanson → mstoltz
Component: Javascript Engine → Security: CAPS
|
Assignee | |
Comment 5•23 years ago
|
||
Not sure...I thought Function.caller was only blocked when it involved a cross-host access, which doesn't seem to be the case here. I'll take a look.
Status: NEW → ASSIGNED
Target Milestone: --- → mozilla1.0
|
||
Updated•23 years ago
|
|
|
Assignee | |
Updated•23 years ago
|
Target Milestone: mozilla1.0 → mozilla1.2
|
|
Assignee | |
Updated•23 years ago
|
Keywords: 4xp,
ecommerce,
mozilla0.9.9,
mozilla1.0,
nsbeta1+,
testcase
|
|
Assignee | |
Updated•22 years ago
|
Target Milestone: mozilla1.2alpha → Future
|
|
||
Comment 6•22 years ago
|
||
I just checked in the fix for bug 181934 -- anyone care to test whether it fixes this bug too? Try tomorrow's builds if you can't patch your own (I was relying on waterson to test my one-line js engine patch in 181934). /be
|
|
||
Comment 7•22 years ago
|
||
Also note bug 158592, "Stack Trace code causes process thread to die". There, recursive appeals to |f.caller| succeeded until they reached top-level code. At that point the code failed silently (no errors in the JS Console), causing JS execution to stop. The problem was diagnosed as follows: ------- Additional Comment_ #5 From Peter Van der Beken 2002-11-06 09:26 ------- nsScriptSecurityManager::CheckJSFunctionCallerAccess blocks access to .caller. Rather odd since .caller is null in this case. I'm also seeing: ###!!! ASSERTION: CheckPropertyAccessImpl called without a target object or URL: 'Error', file nsScriptSecurityManager.cpp, line 723
|
|
||
Comment 8•22 years ago
|
||
> I just checked in the fix for bug 181934 -- anyone care to test > whether it fixes this bug too? Yes, it does seem to have fixed this bug, too. Using Mozilla trunk binary 2002112711 on WinNT. When I try the above testcase, it now alerts "handler.caller = null", as desired. bht@actrix.gen.nz: do you find the same? Bug 158592 also seems to be fixed now.
|
|
||
Comment 9•22 years ago
|
||
Resolving this bug as FIXED due to the fix for bug 181934. bht@actrix.gen.nz: if you do not find this to be fixed, please reopen this bug. Be sure, however, to try it out using a trunk build dated 2002-11-27 or after; thanks -
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•