Closed
Bug 289204
Opened 20 years ago
Closed 20 years ago
Showing a blocked popup has chrome privs
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: doronr, Assigned: jst)
References
Details
(Keywords: fixed-aviary1.0.3, fixed1.7.7, Whiteboard: [sg:fix])
Attachments
(3 files)
150 bytes,
text/html
|
Details | |
2.75 KB,
patch
|
jst
:
review+
jst
:
superreview+
dbaron
:
approval-aviary1.0.3+
dbaron
:
approval1.7.7+
shaver
:
approval1.8b2+
|
Details | Diff | Splinter Review |
2.92 KB,
patch
|
Details | Diff | Splinter Review |
window.open("javascript:alert(Components.stack)"); is the testcase :)
Reporter | ||
Comment 1•20 years ago
|
||
Happens on trunk too, Seamonkey and Firefox. Steps: - popup is blocked - Showing it (via infobar or statusbar item) will print Components.Stack, a nono.
Comment 2•20 years ago
|
||
I'm positive we had and fixed this bug at one point :-(
Reporter | ||
Comment 3•20 years ago
|
||
So should we start considering doing a security smoketest for releases?
Comment 4•20 years ago
|
||
"start considering"??? You _should_ be doing regression testing of all security fixes. In an automated fashion, ideally, on every nightly. Preferably as part of the tinderbox tests so it goes orange when a security thing like this regresses.
Assignee | ||
Comment 5•20 years ago
|
||
I'm actually not convinced this was fixed. A very similar problem was fixed, but I think this one simply slipped through the cracks and noone noticed (or at least told us) until now. Patch coming up.
Assignee | ||
Comment 6•20 years ago
|
||
Assignee | ||
Comment 7•20 years ago
|
||
Comment on attachment 179829 [details] [diff] [review] Push the callee's cx onto the context stack if contentwindow.open() is called from chrome. r+sr=brendan (in person).
Attachment #179829 -
Flags: superreview+
Attachment #179829 -
Flags: review+
Assignee | ||
Updated•20 years ago
|
Keywords: fixed-aviary1.0.3
Comment 8•20 years ago
|
||
(In reply to comment #5) > I'm actually not convinced this was fixed. A very similar problem was fixed, Yes, I was thinking of bug 235457.
Comment 9•20 years ago
|
||
Comment on attachment 179829 [details] [diff] [review] Push the callee's cx onto the context stack if contentwindow.open() is called from chrome. >+ stack->Push(cx); stack->Push(cx) is treated as fallible in many of our other calls. Seems like we should early-out if this fails, since we can be in a world of hurt. (This world of hurt, specifically.)
Attachment #179829 -
Flags: approval1.7.7+
Attachment #179829 -
Flags: approval-aviary1.0.3+
Assignee | ||
Comment 10•20 years ago
|
||
Updated•20 years ago
|
Keywords: fixed1.7.7
Whiteboard: [sg:fix]
Comment 12•20 years ago
|
||
Comment on attachment 179829 [details] [diff] [review] Push the callee's cx onto the context stack if contentwindow.open() is called from chrome. applies cleanly, requesting a= for trunk checkin
Attachment #179829 -
Flags: approval1.8b2?
Comment 13•20 years ago
|
||
Comment on attachment 179829 [details] [diff] [review] Push the callee's cx onto the context stack if contentwindow.open() is called from chrome. a=shaver for the trunk.
Attachment #179829 -
Flags: approval1.8b2? → approval1.8b2+
Comment 14•20 years ago
|
||
Comment on attachment 179829 [details] [diff] [review] Push the callee's cx onto the context stack if contentwindow.open() is called from chrome. a=brendan for 1.8b2. /be
Comment 15•20 years ago
|
||
Fixed on trunk.
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED
Comment 16•20 years ago
|
||
(In reply to comment #1) > Created an attachment (id=179767) [edit] > testcase > > Happens on trunk too, Seamonkey and Firefox. > > Steps: > - popup is blocked > - Showing it (via infobar or statusbar item) will print Components.Stack, a > nono. Hi Doron, Would you please compose a new test case for mozilla? With this case you provided here I can't reproduce this bug on mozilla/linux while the os of this bug is set to all. Please send it to tim.miao@sun.com. Thanks.
Reporter | ||
Comment 17•20 years ago
|
||
In Seamonkey, just go to the testcase, right click on the buttom-right (in the statusbar) icon for the blocked popup, and choose "Show blabla".
Updated•19 years ago
|
Flags: testcase+
Updated•18 years ago
|
Flags: in-testsuite+ → in-testsuite?
Updated•6 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•