Closed
Bug 1491342
Opened 6 years ago
Closed 6 years ago
Figure out what to do with the AccessCheck::subsumesConsideringDomain calls in ShouldWaiveXray
Categories
(Core :: XPConnect, enhancement, P2)
Core
XPConnect
Tracking
()
RESOLVED
FIXED
mozilla64
Tracking | Status | |
---|---|---|
firefox64 | --- | fixed |
People
(Reporter: jandem, Assigned: jandem)
References
Details
Attachments
(1 file)
In ShouldWaiveXray we do two subsumesConsideringDomain(IgnoringFPD) calls to check for same-origin compartments: https://searchfox.org/mozilla-central/rev/dd965445ec47fbf3cee566eff93b301666bda0e1/js/xpconnect/wrappers/WrapperFactory.cpp#148-156 JS_GetCompartmentPrincipals is deprecated so what should we do here instead? We can't use the origin stored in CompartmentPrivate because that doesn't consider the document.domain case. I'm afraid I don't know enough about Xrays and Xray Waivers.
Assignee | ||
Updated•6 years ago
|
Flags: needinfo?(bobbyholley)
Comment 1•6 years ago
|
||
I believe that we should not have waivers in any cases that involve document.domain. That is, preserving waivers if and only if both compartments are same-origin, ignoring document.domain, is the right thing here.
Comment 2•6 years ago
|
||
Yeah, I don't think we need to consider domain here. We just do that because all the checks in the Xray code consider it for consistency. That said, I don't see how this case is different from the one in WrapperFactory::Rewrap, where we _do_ need to consider the domain. There's probably a detail I've forgotten that explains this, but I'd appreciate help remembering. :-)
Flags: needinfo?(bobbyholley)
Assignee | ||
Comment 3•6 years ago
|
||
Great, thanks! (In reply to Bobby Holley (:bholley) from comment #2) > That said, I don't see how this case is different from the one in > WrapperFactory::Rewrap, where we _do_ need to consider the domain. There's > probably a detail I've forgotten that explains this, but I'd appreciate help > remembering. :-) I was thinking that code will change once we do WindowProxy/Location filtering to just hand out either opaque or transparent wrappers based on the {site, had-domain-change} data on both compartments?
Comment 4•6 years ago
|
||
(In reply to Jan de Mooij [:jandem] from comment #3) > Great, thanks! > > (In reply to Bobby Holley (:bholley) from comment #2) > > That said, I don't see how this case is different from the one in > > WrapperFactory::Rewrap, where we _do_ need to consider the domain. There's > > probably a detail I've forgotten that explains this, but I'd appreciate help > > remembering. :-) > > I was thinking that code will change once we do WindowProxy/Location > filtering to just hand out either opaque or transparent wrappers based on > the {site, had-domain-change} data on both compartments? Ah, right. Though it's more complicated than just opaque-versus-transparent. What we'd do would be to replace the subsumesConsideringDomain with subsumes, and then have a special-case at the top where we see if both compartments have had d.d set _and_ the Sites are the same. In that case we'd hand out a transparent wrapper, otherwise we'd continue with the rest of the logic.
Assignee | ||
Updated•6 years ago
|
Assignee: nobody → jdemooij
Status: NEW → ASSIGNED
Updated•6 years ago
|
Priority: -- → P2
Assignee | ||
Comment 5•6 years ago
|
||
We want to get rid of JS_GetCompartmentPrincipals. The origin stored in CompartmentPrivate does not account for document.domain changes because that's a per-realm thing. Fortunately we should not have waivers in any cases that involve document.domain.
Comment 6•6 years ago
|
||
Comment on attachment 9009611 [details] Bug 1491342 - Ignore document.domain in ShouldWaiveXray. r?bholley Bobby Holley (:bholley) has approved the revision.
Attachment #9009611 -
Flags: review+
Pushed by jandemooij@gmail.com: https://hg.mozilla.org/integration/autoland/rev/316a48e82d51 Ignore document.domain in ShouldWaiveXray. r=bholley
Comment 8•6 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/316a48e82d51
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
status-firefox64:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla64
You need to log in
before you can comment on or make changes to this bug.
Description
•