Closed Bug 302931 Opened 20 years ago Closed 19 years ago

We shouldn't be calling GetPrincipal() on an outer window

Categories

(Core :: DOM: Core & HTML, defect)

Product:
Core
Component:
DOM: Core & HTML
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: bzbarsky, Unassigned)

References

Details

The last patch in bug 296639 restores principals on the outer window. It seems to me that any time we get principals on the outer window that's a bug -- the inner window is the one that has semi-immutable principals associated with the document; the outer window doesn't...
Actually, we'll always be calling GetPrincipal() on outer windows from caps when it's looking for object principals for a window other than the window where the code is running. I doubt there's much we can do about that. We should never be using an outer window's principals as the subject principal tho, maybe we should add some assertions to that effect to caps?
(In reply to comment #1) > Actually, we'll always be calling GetPrincipal() on outer windows from caps when > it's looking for object principals for a window other than the window where the > code is running. But aren't object principals found via the parent chain? If we walk up that, we should only ever get to an inner window. If some object principals are sought from an outer window (not a contained doc, form, element, node, etc.), then perhaps the caller should be required to get and pass the inner window, restoring the invariant that this bug wants. /be
Imagine you're doing w=window.open(); w.foo="foo";, in that case we'll need to find the object principals of w when checking if the caller can set w.foo, and w is an outer window, so we'll get the principals from it. Internally that's of course equivalent to getting the principals of the current inner, but the call is made on the outer nonetheless.
Yeah. Let's assert in GetSubjectPrincipal (though I'm not sure how, to be completely truthful) and do some long and hard thinking about how to deal with GetObjectPrincipal when we go to optimize it.
This is invalid, per comment 3.
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → INVALID
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.