Michael Daumling pointed this out in a private e-mail to brendan. I've checked in a fix for it on the trunk, but we should fix it on the branch too, since it's such a simple fix.
The code in question is:
ok = js_CheckPrincipalsAccess(cx, scopeobj, principals, js_eval_str);
ok = js_Execute(cx, scopeobj, script, caller, JSFRAME_EVAL, rval);
I'll attach a patch for branch consideration in a second.
Created attachment 210375 [details] [diff] [review]
This is the patch I checked in (backported to the paramaterization changes for js_CheckPrincipalsAccess). Brendan, mind stamping this for posterity?
This is already fixed on the trunk, marking it as such.
Comment on attachment 210375 [details] [diff] [review]
Another no-braner ;-).
Fix checked into the 1.8 branches.
Please provide a testcase and/or testing guidance for this fix.