Closed Bug 1300817 Opened 5 years ago Closed 5 years ago
Window Watcher::Open Window Internal() can read Origin Attributes off of the system principal
See <http://searchfox.org/mozilla-central/source/embedding/components/windowwatcher/nsWindowWatcher.cpp#1118> This is definitely the wrong thing to do for expanded principals, as demonstrated by bug 1297687. It is also the wrong thing to do with the system principal. Since this code can run from the scriptable nsIWindowWatcher.openWindow(), it can cause bugs with add-ons calling it from such principals mentioned above.
Comment on attachment 8788959 [details] [diff] [review] Avoid inheriting the origin attributes of the subject principal if it's expanded That doesn't address subjectPrincipal being system. Why is that ok? r=me with that explained.
Attachment #8788959 - Flags: review?(bzbarsky) → review+
Err, it's not OK. I meant to do that in a separate patch for easier bisectability but I forgot. Sorry! :/ Filed as bug 1301201.
See Also: → 1301201
Pushed by firstname.lastname@example.org: https://hg.mozilla.org/integration/mozilla-inbound/rev/fdfb1d87051b Avoid inheriting the origin attributes of the subject principal if it's expanded; r=bzbarsky
You need to log in before you can comment on or make changes to this bug.