Closed
Bug 479288
Opened 16 years ago
Closed 16 years ago
Lack of XOW
Categories
(Core :: XPConnect, defect, P2)
Tracking
()
RESOLVED
FIXED
mozilla1.9.1
People
(Reporter: moz_bug_r_a4, Assigned: mrbkap)
References
Details
(Keywords: fixed1.9.0.12, fixed1.9.1, regression, Whiteboard: [sg:high] regression from security fix 460882)
Attachments
(1 file, 1 obsolete file)
4.69 KB,
patch
|
bent.mozilla
:
review+
jst
:
superreview+
|
Details | Diff | Splinter Review |
This seems to be a regression from bug 460882. When accessing a window by using __parent__ property or valueOf.call(), the window is not wrapped in XOW. Sorry if this is a duplicate of bug 478910 or bug 479211.
Updated•16 years ago
|
Assignee: nobody → bent.mozilla
Assignee | ||
Comment 3•16 years ago
|
||
This is mine, really. I'm sure bent won't mind me stealing it.
Assignee: bent.mozilla → mrbkap
Updated•16 years ago
|
Comment 4•16 years ago
|
||
sg:high at least, sg:critical if there's a way into a privileged about: page or similar.
Whiteboard: [sg:high]
Assignee | ||
Comment 5•16 years ago
|
||
This should fix it. It still needs a run against Dromaeo to ensure I'm not actually slowing anything down.
Attachment #363204 -
Flags: review?(bent.mozilla)
Assignee | ||
Comment 6•16 years ago
|
||
Bent convinced me that the thisObject hook was the way to go and that we should call OBJ_TO_OUTER_OBJECT from the thisObject hook in XPConnect.
Attachment #363204 -
Attachment is obsolete: true
Attachment #363217 -
Flags: review?(bent.mozilla)
Attachment #363204 -
Flags: review?(bent.mozilla)
Comment on attachment 363217 [details] [diff] [review] Updated to bent's comments Looks great! No significant differences on dromaeo.
Attachment #363217 -
Flags: review?(bent.mozilla) → review+
Assignee | ||
Updated•16 years ago
|
Attachment #363217 -
Flags: superreview?(jst)
Comment 8•16 years ago
|
||
Taking off the 1.9.0.8 blocking list until we've got a handle on all the remaining regressions of bug 460882.
Flags: blocking1.9.0.8+
Updated•16 years ago
|
Attachment #363217 -
Flags: superreview?(jst) → superreview+
Updated•16 years ago
|
Flags: blocking1.9.1? → blocking1.9.1+
Priority: -- → P2
Target Milestone: --- → mozilla1.9.1
Updated•16 years ago
|
Whiteboard: [sg:high] → [sg:high] needs landing
Assignee | ||
Comment 9•16 years ago
|
||
http://hg.mozilla.org/mozilla-central/rev/839f915de914
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•16 years ago
|
Whiteboard: [sg:high] needs landing → [sg:high]
Assignee | ||
Comment 11•16 years ago
|
||
http://hg.mozilla.org/releases/mozilla-1.9.1/rev/b731d0bcadac
Keywords: fixed1.9.1
Updated•16 years ago
|
Whiteboard: [sg:high] → [sg:high] regression from security fix 460882
Updated•15 years ago
|
Flags: blocking1.9.0.12?
Updated•15 years ago
|
Flags: blocking1.9.0.12? → blocking1.9.0.12+
Assignee | ||
Updated•15 years ago
|
Keywords: fixed1.9.0.12
Comment 12•15 years ago
|
||
Does this bug actually apply to 1.9.0? I don't see a checkin for CVS above for 1.9.0 and testing with the testcase with 1.9.0.11, the bug doesn't reproduce.
Assignee | ||
Comment 13•15 years ago
|
||
Al, this is the same as bug 481434 in that it won't affect 1.9.0.11, but the patch was needed when we landed bug 460882 on the 1.9.0 branch to avoid introducing this regression there.
Updated•15 years ago
|
Group: core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•