1448735 - Stop allowing Components in non-system-principal sandboxes

Status: RESOLVED FIXED

(Core :: XPConnect, enhancement)

Description

[Boris Zbarsky [:bzbarsky]]

Right now we put a Components into expanded-principal sandboxes unless they explicitly opt out.  We should stop doing this, as part of making Components system-only.

Comment 1

[Boris Zbarsky [:bzbarsky]]

Attachment: Stop exposing Components in expanded principal sandboxes

I don't see an obvious way to keep the test coverage for same-compartment security wrappers there...

Comment 2

[Kris Maglione [:kmag]]

Comment on attachment 8962229 [details] [diff] [review]
Stop exposing Components in expanded principal sandboxes

Review of attachment 8962229 [details] [diff] [review]:
-----------------------------------------------------------------

::: js/xpconnect/tests/unit/test_bug872772.js
@@ -37,5 @@
> -  var waivedC = unwaivedC.wrappedJSObject;
> -  Assert.ok(waivedC && unwaivedC && (waivedC != unwaivedC));
> -  xhr.waivedC = waivedC;
> -  Assert.ok(xhr.waivedC === waivedC);
> -  Assert.ok(Cu.unwaiveXrays(xhr.waivedC) === unwaivedC);

I guess at this point it doesn't really matter. Once the DOM_OBJECT flag is gone, there shouldn't be any way to get a same-compartment security wrapper from a content scope anymore.

Comment 3

[Pulsebot]

Pushed by bzbarsky@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/0aa804586253
Stop exposing Components in expanded principal sandboxes.  r=kmag

Comment 4

[Bogdan Tara[:bogdan_tara | bogdant]]

https://hg.mozilla.org/mozilla-central/rev/0aa804586253