STEPS TO REPRODUCE: 1) Write some JS that has UniversalXPConnect (or is chrome) 2) In this JS, get the mainThread off the threadmanager. 3) Call processNextEvent() on it. ACTUAL RESULTS: The Run() method of the runnable called while there is a non-null JSContext on the top of the JSContext stack. This screws up security checks, subject principals, etc. EXPECTED RESULTS: Not screw up security checks and subject principals. NOTE: Given that we use this API from C++ too, and that some callers of it from C++ have similar issues (XMLHttpRequest comes to mind!), ideally we would just push a null cx on the JSContext stack in this method. Failing that, we need to either make this method noscript or provide an API that JS could use around calls to this method to push a null cx on the JSContext stack. Not sure how well this last would work, truthfully. If desired, we could also do a combination: have a scriptable "safe" method for processing events (one that pushes a null cx before each event) and a noscript "unsafe" method (the latter used in places in the code where perf matters and which therefore do their own cx pushing around the whole chunk where they spin the event loop).
Not wanted for 1.9.0.x.