Last Comment Bug 664688 - JavaScript evaluation "permission denied" after navigation to a different domain
: JavaScript evaluation "permission denied" after navigation to a different domain
Status: RESOLVED FIXED
[fixed-in-fx-team]
:
Product: Firefox
Classification: Client Software
Component: Developer Tools: Console (show other bugs)
: Trunk
: All All
: P1 normal (vote)
: Firefox 15
Assigned To: Mihai Sucan [:msucan]
:
: Brian Grinstead [:bgrins]
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-06-16 03:52 PDT by Mihai Sucan [:msucan]
Modified: 2012-06-03 13:50 PDT (History)
3 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments
proposed fix (8.89 KB, patch)
2012-06-03 03:28 PDT, Mihai Sucan [:msucan]
past: review+
Details | Diff | Splinter Review

Description Mihai Sucan [:msucan] 2011-06-16 03:52:39 PDT
STR:

1. Open a tab.
2. Go to www.google.com.
3. Open the Web Console.
4. Execute: window.location.href; (it works)
5. Go to www.mozilla.com.
6. Execute the same code as in step 3. (it works)
7. Press the history back button or Alt-Left, to go back to Google.
8. Execute the same code a sin step 3.

Expected result: it works.

Actual result: [13:45:33.028] Error: Permission denied to access property 'href'.

Problem: location changes are not detected by the Web Console if the page doesn't reload (bfcached).

Code problem: we need to call hud.reattachConsole(newWindowObject) when the location change is detected, such that the sandbox is updated. Please see the ConsoleProgressListener in HUDService.jsm and how HUDService.windowInitializer() calls hud.reattachConsole() when needed (for top level windows only).

This bug can be reproduced with Firefox 4+, including Fx7 nightlies.
Comment 1 Mihai Sucan [:msucan] 2011-09-15 09:40:35 PDT
This bug is fixed by the work being done in bug 673148.
Comment 2 Rob Campbell [:rc] (:robcee) 2012-01-10 09:02:33 PST
filter on pegasus.
Comment 3 Kevin Dangoor 2012-04-18 08:29:36 PDT
This works for me in current Nightly.
Comment 4 Mihai Sucan [:msucan] 2012-04-19 03:43:31 PDT
I can still reproduce the bug. Local Firefox build from today's fx-team repo (running on Linux).
Comment 5 Mihai Sucan [:msucan] 2012-06-03 03:28:03 PDT
Created attachment 629586 [details] [diff] [review]
proposed fix

Proposed fix.

Track the sandbox location. Recreate the sandbox whenever the page location is changed. Included a test that I hope won't introduce oranges.

Try push:
https://tbpl.mozilla.org/?tree=Try&rev=517f806346ee
Comment 6 Mihai Sucan [:msucan] 2012-06-03 03:34:25 PDT
Before the Web Console async patches (bug 673148) we were tracking the content window global creation and we were updating the sandbox whenever a new global was created for the tabs where web consoles were open. However, go back/forward did not invoke the listener we had, because no content window global was created, it was just going through previous pages stored in memory. Sandbox evaluation failed because attempts were considered to be cross-domain - every sandbox we create is associated to a specific window object and we get the page permissions in the sandbox.

Now with the Web Console async patches landed even normal navigation to a page from a different domain causes the "permission denied" error. The STR in comment 0 fails at step 6.

The proposed fix is simple, well understood (hopefully), risk free and it's not a rush job - it's how I'd see it fixed. Different proposals are welcome.

Looking forward to your review. Thank you!
Comment 7 Panos Astithas [:past] 2012-06-03 03:51:06 PDT
Comment on attachment 629586 [details] [diff] [review]
proposed fix

Review of attachment 629586 [details] [diff] [review]:
-----------------------------------------------------------------

Looks good, thanks for the detailed description of the changes!
Comment 8 Panos Astithas [:past] 2012-06-03 06:43:50 PDT
https://hg.mozilla.org/integration/fx-team/rev/482e07a4fb05
Comment 9 Rob Campbell [:rc] (:robcee) 2012-06-03 13:50:24 PDT
https://hg.mozilla.org/mozilla-central/rev/482e07a4fb05

Note You need to log in before you can comment on or make changes to this bug.