Closed Bug 306164 Opened 19 years ago Closed 19 years ago

global scope polluter is missing after document.write()

Categories

(Core :: DOM: Core & HTML, defect)

x86
Windows XP
defect
Not set
normal

Tracking

()

RESOLVED FIXED

People

(Reporter: sync2d, Assigned: mrbkap)

References

()

Details

(Keywords: fixed1.8, regression, testcase)

Attachments

(1 file, 1 obsolete file)

Regression from bug 296639.

javascript:document.write("<script id=x>alert(x);</script>");document.close();

Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8b4) Gecko/20050730 Firefox/1.0+
=> alerts "[object HTMLScriptElement]"
Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8b4) Gecko/20050826 Firefox/1.0+
=> "Error: x is not defined" in JS console
Status: UNCONFIRMED → NEW
Ever confirmed: true
I think this may be a symptom of a larger problem -- why aren't we reusing the
inner window for these document.write/document.open calls to SetNewWindow? This
patch makes sure that when we invalidate the current global scope polluter, we
make sure to reinstall it on the new inner window.
Assignee: general → mrbkap
Status: NEW → ASSIGNED
Attachment #194063 - Flags: review?(jst)
This is a regression from Firefox 1.0 that should probably be squashed.
Flags: blocking1.8b4?
The conditions for invalidating/installing the global scope polluter were not
quite correct in the last patch. We now only install and invalidate the global
scope polluter when either we're not reusing the global window or the document
has actually changed.
Attachment #194063 - Attachment is obsolete: true
Attachment #194221 - Flags: review?(jst)
Attachment #194063 - Flags: review?(jst)
Comment on attachment 194221 [details] [diff] [review]
use the right condition

Yeah, that's what we want. r+sr=jst
Attachment #194221 - Flags: superreview+
Attachment #194221 - Flags: review?(jst)
Attachment #194221 - Flags: review+
Flags: blocking1.8b4? → blocking1.8b4+
Attachment #194221 - Flags: approval1.8b4+
Fix checked into MOZILLA_1_8_BRANCH and the trunk.
Status: ASSIGNED → RESOLVED
Closed: 19 years ago
Keywords: fixed1.8
Resolution: --- → FIXED
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: