328885 - Don't propagate mutation events from native anonymous content

Status: RESOLVED FIXED

(Core :: DOM: Events, defect)

Description

[Olli Pettay [:smaug][bugs@pettay.fi]]

We should not propagate mutation events from native anonymous content.
Not sure about XBL and not sure whether this is needed for 1.8.X

Bug 234455 should make this easy to implement.

This is also related to bug 328566 and bug 97058.

Marking security sensitive, just in case...

Comment 1

[neil@parkwaycc.co.uk]

Does anyone actually care about mutation events on native anonymous content?

i.e. could we just not fire them?

Comment 2

[Olli Pettay [:smaug][bugs@pettay.fi]]

That could be done too. Pretty easy with the new dispatching code ;)

Comment 3

[Olli Pettay [:smaug][bugs@pettay.fi]]

Attachment: proposed patch

This doesn't prevent mutation events in native anonymous content, but
those just aren't propagated to non- native-anon.

Comment 4

[Boris Zbarsky [:bzbarsky]]

Comment on attachment 214451 [details] [diff] [review]
proposed patch

Looks reasonable.

I think for XBL-bound stuff we want to cut off mutation events at the anon moundary.  But that may be the case for other events too, not just mutation events (eg mousein/mouseout).  Ideally we'd have a data table somewhere that has this sort of info...

Comment 5

[chris hofmann]

> not sure whether this is needed for 1.8.X

any more thoughts on this?  should the patch be considered for the branch?

Comment 6

[Jonas Sicking (:sicking) No longer reading bugmail consistently]

Do we know if this is causing any real-world exploits or not? If we don't know of any I'm a little hesitant to take it since we've been bitten before by 'we might as well' patches like this.

That said, I don't know of any internal code that uses mutation events. Though there could be extensions relying on them.

Comment 7

[Daniel Veditz [:dveditz]]

Saying "no" to the branch unless someone comes up with something exploitable here.