1316661 - Eliminate calls to IsCallerChrome in dom/html code

Status: RESOLVED FIXED

(Core :: DOM: Core & HTML, defect)

Comment 1

[Boris Zbarsky [:bzbarsky]]

Attachment: part 1. Eliminate IsCallerChrome callers in HTMLCanvasElement code

Comment 2

[Boris Zbarsky [:bzbarsky]]

Attachment: part 2. Eliminate IsCallerChrome callers in HTMLDocument

Comment 3

[Boris Zbarsky [:bzbarsky]]

Attachment: part 3. Eliminate IsCallerChrome callers in nsGenericHTMLElement

The only nsGenericHTMLElement::GetEditor callers are
HTMLInputElement::GetEditor/HTMLTextareaElement::GetEditor (the XPCOM-y
versions), which are only called from C++ and only from two places: a11y code,
which forces itself to look like system, and typeaheadfind, which would break
badly if it could not get an editor.  So that security check simply shouldn't
exist.

The script API doesn't call down into here _and_ is [ChromeOnly] in the webidl
already.

Comment 4

[Boris Zbarsky [:bzbarsky]]

Attachment: part 4. Eliminate IsCallerChrome callers in HTMLMenuElement

Comment 5

[Boris Zbarsky [:bzbarsky]]

Attachment: part 5. Eliminate IsCallerChrome caller in HTMLTextareaElement

The WebIDL caller of SetUserInput is [ChromeOnly] and the other callers are all C++ code that should be able to set the value.

Comment 6

[Boris Zbarsky [:bzbarsky]]

Attachment: part 6. Get rid of nsIObjectLoadingContent.hasRunningPlugin, since it's unused

Comment 7

[Olli Pettay [:smaug][bugs@pettay.fi]]

Comment on attachment 8810454 [details] [diff] [review]
part 2.  Eliminate IsCallerChrome callers in HTMLDocument

>-    if (NS_FAILED(rv)) {
>+    // Note that it doesn't matter what CallerType we pass, because the caleee
callee

Comment 8

[Pulsebot]

Pushed by bzbarsky@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/40f2ef965fde
part 1.  Eliminate IsCallerChrome callers in HTMLCanvasElement code.  r=smaug
https://hg.mozilla.org/integration/mozilla-inbound/rev/9279b5e62d23
part 2.  Eliminate IsCallerChrome callers in HTMLDocument.  r=smaug
https://hg.mozilla.org/integration/mozilla-inbound/rev/52620710ec9f
part 3.  Eliminate IsCallerChrome callers in nsGenericHTMLElement.  r=smaug
https://hg.mozilla.org/integration/mozilla-inbound/rev/fe7461fb4426
part 4.  Eliminate IsCallerChrome callers in HTMLMenuElement.  r=smaug
https://hg.mozilla.org/integration/mozilla-inbound/rev/4d7cf1d3124c
part 5.  Eliminate IsCallerChrome caller in HTMLTextareaElement.  r=smaug

Comment 9

[Carsten Book [:Tomcat]]

https://hg.mozilla.org/mozilla-central/rev/40f2ef965fde
https://hg.mozilla.org/mozilla-central/rev/9279b5e62d23
https://hg.mozilla.org/mozilla-central/rev/52620710ec9f
https://hg.mozilla.org/mozilla-central/rev/fe7461fb4426
https://hg.mozilla.org/mozilla-central/rev/4d7cf1d3124c

Comment 10

[Pulsebot]

Pushed by bzbarsky@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/7d6c3fc9d6e4
part 6.  Get rid of nsIObjectLoadingContent.hasRunningPlugin, since it's unused.  r=smaug

Comment 11

[Wes Kocher (:KWierso) (Not reading bugmail; email directly if needed)]

https://hg.mozilla.org/mozilla-central/rev/7d6c3fc9d6e4