Closed
Bug 198117
Opened 21 years ago
Closed 21 years ago
AxSecurityPolicy does not allow calling methods on Objects
Categories
(Core Graveyard :: Embedding: ActiveX Wrapper, defect)
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: ashshbhatt, Assigned: adamlock)
References
Details
Attachments
(3 files)
555 bytes,
text/html
|
Details | |
752 bytes,
patch
|
dbradley
:
review+
alecf
:
superreview+
|
Details | Diff | Splinter Review |
4.37 KB,
text/plain
|
Details |
Tested with 20030317 Cannot call methods on objects. Throws up javascript error saying object.method is not a function. Looks like a permission issue. I had this problem earlier when I had to edit the nsAxSecurityPolicy.js file to allow all active-x objects. Happens only build after 20030211.
Reporter | ||
Comment 1•21 years ago
|
||
Hosting appears to be failing because the call to nsScriptSecurityManager::CheckXPCPermissions during control creation is returning NS_ERROR_DOM_XPCONNECT_ACCESS_DENIED which filters up and the plugin creates nothing. Either it's getting the wrong security manager or something has recently changed which is making it fail. Mini stack trace of the problem nsScriptSecurityManager::CheckXPCPermissions(nsISupports * 0x00000000, const char * 0x00000000) line 2504 nsScriptSecurityManager::CanCreateInstance(nsScriptSecurityManager * const 0x00b2c590, JSContext * 0x04b3f040, const nsID & {...}) line 2441 + 12 bytes nsDispatchSupport::IsClassSafeToHost(nsDispatchSupport * const 0x04a228f8, JSContext * 0x04b3f040, const nsID & {...}, int 0x00000001, int * 0x0012c4ac, int * 0x0012c4a4) line 207 + 34 bytes WillHandleCLSID(const _GUID & {CLSID_Shockwave Flash Object}, PluginInstanceData * 0x04bbbce8) line 497 CreateControl(const _GUID & {CLSID_Shockwave Flash Object}, PluginInstanceData * 0x04bbbce8, PropertyList & {...}, const unsigned short * 0x00000000) line 546 + 13 bytes NewControl(const char * 0x04bbbc90, PluginInstanceData * 0x04bbbce8, unsigned short 0x0001, short 0x0005, char * * 0x04b3ea20, char * * 0x04bbbe08) line 912 + 21 bytes NPP_New(char * 0x04bbbc90, _NPP * 0x04b0f2e0, unsigned short 0x0001, short 0x0005, char * * 0x04b3ea20, char * * 0x04bbbe08, _NPSavedData * 0x00000000) line 962 + 31 bytes
Comment 3•21 years ago
|
||
Is the control listed in the prefs, or is the blacklist mode on?
Reporter | ||
Comment 4•21 years ago
|
||
no it is not listed in prefs, no blacklist or whitelist entry
Comment 5•21 years ago
|
||
Currently the default behavior is whitelist mode, so it's going to reject any control that's not listed in the prefs file.
Caps doesn't currently appear to compile in the check that reads the whitelist / blacklist setting so it takes the default. I think the makefile needs a patch to define XPC_IDISPATCH_SUPPORT which I'll supply shortly.
Patch adds the -DXPC_IDISPATC_SUPPORT that enables blacklist mode in caps. Otherwise caps stays in whitelist mode and all controls must be explicitly enabled. With the patch it is possible to create a file, e.g. named activex.js in defaults\prefs with this line and have all controls hosted by default: pref("security.classID.allowByDefault", true); Looking for quick reviews on this
Comment on attachment 117749 [details] [diff] [review] Patch David, Alec can I have r/sr on this simple patch which ensures caps can be flipped into blacklist mode? Thanks
Attachment #117749 -
Flags: superreview?(alecf)
Attachment #117749 -
Flags: review?(dbradley)
Comment 9•21 years ago
|
||
Comment on attachment 117749 [details] [diff] [review] Patch r=dbradley
Attachment #117749 -
Flags: review?(dbradley) → review+
Comment 10•21 years ago
|
||
Comment on attachment 117749 [details] [diff] [review] Patch sr=alecf
Attachment #117749 -
Flags: superreview?(alecf) → superreview+
Assignee | ||
Comment 11•21 years ago
|
||
Fix is checked in. Ashish, you'll have to add a pref to enable blacklist mode as described previously unless you wish to explicitly define the controls to allow. If you prefer you can copy the activex.js which I'm doing for bug 197084 into bin/default/prefs for the same effect. I'll attach a copy in case you want to use it pending checkin for that bug.
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 12•21 years ago
|
||
Copy this to defaults\pref to enable blacklist mode
Updated•12 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•