history[0] is undefined when it shouldn't be

VERIFIED FIXED in M18

Status

()

P3
normal
VERIFIED FIXED
19 years ago
18 years ago

People

(Reporter: czhang, Assigned: jst)

Tracking

Trunk
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [nsbeta3+][HAVE FIX], URL)

Attachments

(3 attachments)

(Reporter)

Description

19 years ago
load 6/20 build on NT
go to the page in URL above, the code is
----------------------------------------------
<script>
  netscape.security.PrivilegeManager.enablePrivilege("UniversalBrowserRead");
  document.write("<h1>"+history[0]+"</h1>");
</script>

I assume that the page served from SSL server is signed, but javascript console 
says "uncaught exception: enableprivilege not granted". it is working fine with 
NS4.7
Signing a page and serving it from an SSL server are two different things. In 
4.x, scripts could derive a signature from the server SSL certificate, not so in 
Seamonkey. I considered this feature, but there wasn't time and I'm told some 
people don't want it to be there. To use enablePrivilege, you must either sign 
your scripts with signtool (I'll show you how to do this, Cathy), or enable 
codebase principal support. SSL doesn't work for this purpose. Marking WONTFIX.
Status: NEW → RESOLVED
Last Resolved: 19 years ago
Resolution: --- → WONTFIX
Summary: SSL server can't enableprivilege of the javascript, script is treated as unsigned → SSL server can't enableprivilege of the javascript, script is treated as unsigned
(Reporter)

Comment 2

19 years ago
Mitch, I turned on signed_applets_codebase_prinple_support in all.js to be true, 
but it does not help, the variable is undefined, there is no error in 
javascript console though
Sorry, signed scripts and codebase principals have both regressed in the few 
weeks since I last dealt with them. Cathy, I'll let you know when they're fixed 
and we can work on testcases.
(Reporter)

Comment 4

19 years ago
change the bug summary.
Status: RESOLVED → REOPENED
Resolution: WONTFIX → ---
Summary: SSL server can't enableprivilege of the javascript, script is treated as unsigned → signed scripts and codebase principals (turned on) should be able to enableprivilege of the javascript
Adding nsbeta2...I will fix this within a few days providing I can get jar:http 
URLs working. This is an important piece of security functionality which is 
broken right now.
Status: REOPENED → ASSIGNED
Keywords: nsbeta2
Target Milestone: --- → M17

Comment 6

19 years ago
Putting on [NEED INFO] radar. PDT needs to know impact to user and risk of fix 
to make a call on this bug. Will this break netcenter activation?  
Whiteboard: [NEED INFO]
The problem here is not with the caps code, I think. Enabling other privileges
using codebase principals works fine. For example, try
http://warp/u/mstoltz/tests/pref.html , which contains the following code:
---------------------------
<script>
netscape.security.PrivilegeManager.enablePrivilege("UniversalPreferencesRead");
document.write("<h1>"+navigator.preference("browser.history.last_page_visited")+"</h1>"); 
</script>
---------------------------
I believe the problem is specifically with the history object, as the security
check on access to history returns success. Reassigning to DOM and changing
summary. Try the URL in the URL field above for a demonstration of the history
problem.

Clearing nsbeta2 because I don't see this as a beta stopper. It's not a security
problem.
Assignee: mstoltz → jst
Status: ASSIGNED → NEW
Component: Security: General → DOM Level 0
Keywords: nsbeta2
QA Contact: czhang → desale
Summary: signed scripts and codebase principals (turned on) should be able to enableprivilege of the javascript → history[0] is undefined when it shouldn't be
Whiteboard: [NEED INFO]

Comment 8

19 years ago
Johnny,

Is it anyway linked to bug 21373 ?

Currently, in the activation process we try to execute history.back() which may 
be trying to load history[0] (bugscape bug 1231). Nothing happens at that point. 
In bug 21373, Ihave explained the problem further. If you see any relation, 
please do take a look as  it is one of the commonly used piece of code in 
activation scripts.
(Assignee)

Comment 9

19 years ago
Radha, looks like this could be related to the session history history bugs you're
working on, if not give this back to me.
Assignee: jst → radha
history.go(0) will now work. I'm not sure if that will give history[0]. Can 
someone verify this. I can't go to the url provided.
Tested it on today's Linux build, history[0] is still undefined.
jst, nisheeth,
I don't know how the work we did for 18321 helps here. Can you throw some light 
here. Thanks,
(Assignee)

Comment 13

19 years ago
Ok, I see the problem with history[0], the mozilla history object is not defined
to be accessible as an array and that's why history[0] is always undefined. I
don't know how frequently the history object is accessed as an array but it
seems like something we should fix for beta3 for backwards compatibility (it's
defined in the javascript docs that history is accessible as an array).

I'm grabbing this bug off your list Radha, I hope you don't mind :)

Eric, please advice on the severity of this, it's pretty simple to add, + or -?
Assignee: radha → jst
Keywords: correctness, nsbeta3
OS: Windows NT → All
Hardware: PC → All
DOM0 backward compatibility. Recommend nsbeta3+.

Comment 15

19 years ago
Marking nsbeta3+

Updated

19 years ago
Whiteboard: [nsbeta3+]
(Assignee)

Comment 16

19 years ago
Created attachment 12934 [details] [diff] [review]
Proposed fix.
(Assignee)

Updated

19 years ago
Status: NEW → ASSIGNED
Whiteboard: [nsbeta3+] → [nsbeta3+][HAVE FIX]
Target Milestone: M17 → M18
(Assignee)

Comment 17

19 years ago
Turns out we also need to make a minor modification to the IDLC compiler to make
it generate security checks around array access calls before this can be checked
in...
Whiteboard: [nsbeta3+][HAVE FIX] → [nsbeta3+][HAVE PARTIAL FIX]
(Assignee)

Comment 18

19 years ago
Created attachment 13007 [details] [diff] [review]
Proposed fix with the added security check
(Assignee)

Comment 19

19 years ago
Ok, the last patch should fix this, review and checkin pending...
Whiteboard: [nsbeta3+][HAVE PARTIAL FIX] → [nsbeta3+][HAVE FIX]
(Assignee)

Comment 20

19 years ago
Created attachment 13025 [details] [diff] [review]
all.js diff to turn on the correct security checking for history[0]
(Assignee)

Comment 21

19 years ago
Fix checked in, marking FIXED.
Status: ASSIGNED → RESOLVED
Last Resolved: 19 years ago19 years ago
Resolution: --- → FIXED

Comment 22

18 years ago
Verified with 2000-09-13-09.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.