Closed
Bug 533882
Opened 15 years ago
Closed 14 years ago
Avoid calling into caps when we don't have to in XOWs
Categories
(Core :: XPConnect, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: mrbkap, Assigned: mrbkap)
Details
Attachments
(1 file)
12.44 KB,
patch
|
jst
:
review+
bzbarsky
:
superreview+
|
Details | Diff | Splinter Review |
Doing so knocks us off trace.
Assignee | ||
Comment 1•15 years ago
|
||
Note that our attempts to not fall off trace when executing window.foo are defeated by js_LeaveTraceIfGlobalObject. But this avoids calling into caps when a XOW whose parent (scope) is the same as the object it's wrapping. It's safe to do this because XOWs can't be shared across origins. For the cross-origin, same-scope case, we'll still call into caps, but the security check will pass.
Attachment #416841 -
Flags: superreview?(bzbarsky)
Attachment #416841 -
Flags: review?(jst)
Comment 2•15 years ago
|
||
> For the cross-origin, same-scope case, we'll still call into caps
You meant cross-scope, same-origin?
What's with this js_LeaveTraceIfGlobalObject stuff? :(
Assignee | ||
Comment 3•15 years ago
|
||
(In reply to comment #2) > You meant cross-scope, same-origin? Oops, yes. > What's with this js_LeaveTraceIfGlobalObject stuff? :( I talked with brendan and gal about this yesterday. The problem is that we lazily import global slots into the trace and then only update the slots in the global object after we leave trace. Because of this, we have to bail any time someone aliases the global object. According to gal, it would not be hard to populate the global object with updated values, but we don't do that yet.
Comment 4•15 years ago
|
||
Comment on attachment 416841 [details] [diff] [review] Proposed fix UnwrapXOW(JSContext *cx, JSObject *wrapper) { - wrapper = UnwrapGeneric(cx, &XPCCrossOriginWrapper::XOWClass, wrapper); + JSObject *innerObj = + UnwrapGeneric(cx, &XPCCrossOriginWrapper::XOWClass, wrapper); if (!wrapper) { return nsnull; } You want to check innerObj there, not wrapper. r=jst with that.
Attachment #416841 -
Flags: review?(jst) → review+
Comment 5•14 years ago
|
||
Comment on attachment 416841 [details] [diff] [review] Proposed fix sr=bzbarsky with jst's nit addressed.
Attachment #416841 -
Flags: superreview?(bzbarsky) → superreview+
Assignee | ||
Comment 6•14 years ago
|
||
http://hg.mozilla.org/mozilla-central/rev/eea9f123edfe
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•