Setting cookie in www.netscape.com would get security error

VERIFIED FIXED in M11

Status

()

Core
DOM: Core & HTML
P3
normal
VERIFIED FIXED
19 years ago
10 months ago

People

(Reporter: Norris Boyd, Assigned: Norris Boyd)

Tracking

Trunk
x86
Windows NT
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: Either joki or vidur could help, URL)

(Assignee)

Description

19 years ago
Change mozilla/modules/libpref/src/win/winprefs.js so that security is enabled
by changing the line
/* DISABLE FOR NOW
to
///* DISABLE FOR NOW
and similarly for the comment close. Rebuild so the changed file is copied to
dist.

Start apprunner. Place a breakpoint on the line
    if (NS_FAILED(globalData->GetPrincipal(result))) {
in method
    nsScriptSecurityManager::GetObjectPrincipal
in file mozilla/caps/src/nsScriptSecurityManager.cpp.

Load http://www.netscape.com. You should hit the breakpoint. Continue until you
see SetHTMLDocumentProperty in the call stack.

Examine
{,,NECKO.DLL}*(nsStdURL*){,,RDF.DLL}(((*(XULDocumentImpl*){,,JSDOM.DLL}((*(Globa
lWindowImpl*){*}((globalData).mRawPtr)).mDocument)).mDocumentURL).mRawPtr)

You'll see that the document's url is the navigator.xul file. This causes a
security error because it looks like a script from www.netscape.com is trying to
modify an object in chrome.
(Assignee)

Updated

19 years ago
Blocks: 7254
(Assignee)

Updated

19 years ago
No longer blocks: 7254
Target Milestone: M11
(Assignee)

Comment 1

19 years ago
Marking M11 since needed for beta.
(Assignee)

Comment 2

19 years ago
This bug is likely related to 13192, which is a small test case.
(Assignee)

Updated

19 years ago
Blocks: 7254
(Assignee)

Updated

19 years ago
Whiteboard: Either joki or vidur could help
(Assignee)

Updated

18 years ago
Assignee: joki → norris
(Assignee)

Updated

18 years ago
Status: NEW → RESOLVED
Last Resolved: 18 years ago
Resolution: --- → FIXED
(Assignee)

Comment 3

18 years ago
Vidur's changes to fix document parenting have fixed this problem.

Updated

18 years ago
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.