Closed Bug 611485 Opened 9 years ago Closed 9 years ago
Passing a Location object as a string argument of a cross-origin XPConnect call fails
Mozilla/5.0 (Windows NT 5.1; rv:2.0b8pre) Gecko/20101108 Firefox/4.0b8pre Testcase works fine on winXP, please test on Mac.
Status: UNCONFIRMED → NEW
blocking2.0: --- → ?
Component: Location Bar → XPConnect
Ever confirmed: true
Product: Firefox → Core
QA Contact: location.bar → xpconnect
Summary: top.location.replace behaviour change in beta7 → Passing a Location object as a string argument of a cross-origin XPConnect call fails
Ideally, this would just call the toString from nsIDOMLocation.... Even more ideally, it wouldn't look like the callee (window.top here) is the one trying to do the toString() call, since that's in fact something that shouldn't be allowed.
Andreas, is this related to the changes we took to refuse to pass certain types of C++ objects across origins, or is this something different? Either way, assigning to mrbkap, and blocking.
Assignee: nobody → mrbkap
blocking2.0: ? → betaN+
This is a work in progress. It doesn't actually succeed in calling functions through Xrays yet (we get a compartment mismatch trying to do so). I think it's pretty close, but the end result is going to be a least a little fragile. I think there might be a better way to do this by teaching XPConnect internals more about compartments. But for now, this approach *should* work.
Attachment #489992 - Attachment is obsolete: true
This patch mostly works, but is too incompatible to land. I'm working on an alternative that will be more compatible.
Attachment #505335 - Attachment is obsolete: true
Comment on attachment 506562 [details] [diff] [review] Fix We still have to rename CrossOriginWrappers. Nice to get rid of the Same/Cross compartment Xray business. This patch is definitely a step forward.
Attachment #506562 - Flags: review?(gal) → review+
Whiteboard: [hardblocker] → [hardblocker] fixed-in-tracemonkey
Fixed by tracemonkey merge. http://hg.mozilla.org/mozilla-central/rev/a2825fbe23e3
cdleary-bot mozilla-central merge info: http://hg.mozilla.org/mozilla-central/rev/a2825fbe23e3 http://hg.mozilla.org/mozilla-central/rev/8474f8f13bb1
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Build identifier: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:2.0b12pre) Gecko/20110206 Firefox/4.0b12pre Confirming issue as being fixed.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.