Closed Bug 342974 Opened 18 years ago Closed 18 years ago

Scriptable theme bindings?

Categories

(Toolkit :: Startup and Profile System, defect)

defect
Not set
major

Tracking

()

RESOLVED DUPLICATE of bug 343037

People

(Reporter: asaf, Assigned: moco)

References

Details

(Whiteboard: [sg:dupe 343037])

See my comment 72 on bug 318168.

IIRC Benjamin disabled scripable XBL bindings in theme packages a long time ago. Is this broken now (or do these work becuase they're attributes?).

(Setting the security flag just-in-case).
Flags: blocking-firefox2?
asaf, thanks for point this out.  this particular code is exercised only when the hidden pref (browser.tabs.closeButtons).

I need to set that hidden pref and confirm that it doesn't work (which means I need to fix it).

if it does work, that's scary, as you point out, because it means that scriptable XBL bindings in theme packages are not disabled.
Assignee: nobody → sspitzer
Summary: Scriptable theme bindings → Scriptable theme bindings?
Whiteboard: [sg:investigate]
So... We disable scripts in the bindings themselves (<method>, etc).  The attributes, however, are not really living in the binding; they're living in a XUL document (the nodes are cloned, imported, etc).  So I fully expect that they can execute.  :(

We might need to hack our event handler compilation stuff to know about bindingParents, etc...
on the subject of:

this.parentNode.parentNode.parentNode.parentNode.parentNode.parentNode.removeCurrentTab()

there's one parentNode too many, which needs to be fixed in mozilla/toolkit/content/widgets/tabbrowser.xml.

will go test on my mac to see if the removeCurrentTab call fails on the mac, because it is in the globalBindings.xml in the pinstripe theme.
from my testing on windows (mozilla/toolkit/content/widgets/tabbrowser.xml) vs mac (mozilla/toolkit/themes/pinstripe/global/globalBindings.xml), the script on mac is not being executed.
Seth, we should really move this to tabbrowser.xml (as a <handler> in apseudo-private binding?) and extand it in the theme. Anyway, this belongs to bug 318168 or to a new bug (please CC me if so).
I've double checked that for pinstripe, we are not executing the script on the attributes.  so this bug can be closed (or marked invalid.)

boris said he wants to look over the code to understand why this is the case, and he also asked me to open another "investigate" bug on XBL script elements, as they should not be executed in themes.  I'll go do that now.

as for asaf's comments and the issue of browser.tabs.closeButtons (when set to 3) not working on pinstripe, I'll log another bug on that.
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → INVALID
> boris said he wants to look over the code to understand why this is the case,
> and he also asked me to open another "investigate" bug on XBL script elements,
> as they should not be executed in themes.  I'll go do that now.

see bug #343037
> as for asaf's comments and the issue of browser.tabs.closeButtons (when set to
> 3) not working on pinstripe, I'll log another bug on that.

see bug #343061
No longer blocks: 343061
Blocks: 343061
Status: RESOLVED → REOPENED
Flags: blocking-firefox2?
Resolution: INVALID → ---
Whiteboard: [sg:investigate]

*** This bug has been marked as a duplicate of 343037 ***
Status: REOPENED → RESOLVED
Closed: 18 years ago18 years ago
Resolution: --- → DUPLICATE
Whiteboard: [sg:dupe 343037]
Component: XRE Startup → Startup and Profile System
QA Contact: xre.startup → startup
Group: core-security
You need to log in before you can comment on or make changes to this bug.