Created attachment 545554 [details] [diff] [review] Proposed fix In bug 533596, comment 26, Henri pointed to js/src/xpconnect/tests/chrome/test_evalInSandbox.xul (note that the bug number in the test is actually bogus) and asks why it fails with his patch for bug 543435. I debugged it today and found that the test is (partly bogus). The part of the test that's failing appears to want to test a chrome sandbox. The way it does that is to load a data: URL in an iframe in a chrome document. Unfortunately, it appears that there's a copy/paste error in the test which makes the iframe type=content. This doesn't appear to affect current trunk. However, even when I make the iframe type=chrome, the test fails with the patch for bug 543435. Henri, I think the remainder of the fix is figuring out why your changes leave the iframe with a content principal. Either way, we should probably take this fix. As a note, if it's too hard to fix the data: URL behavior, we could also change the test to use an explicit chrome: URL.
(In reply to comment #0) > Created attachment 545554 [details] [diff] [review] [review] > Proposed fix > > In bug 533596, comment 26, Henri pointed to > js/src/xpconnect/tests/chrome/test_evalInSandbox.xul (note that the bug > number in the test is actually bogus) and asks why it fails with his patch > for bug 543435. I debugged it today and found that the test is (partly > bogus). Thank you! > However, even when I make the iframe type=chrome, the test fails with the > patch for bug 543435. Henri, I think the remainder of the fix is figuring > out why your changes leave the iframe with a content principal. Either way, > we should probably take this fix. > > As a note, if it's too hard to fix the data: URL behavior, we could also > change the test to use an explicit chrome: URL. I'm not at all familiar with what *should* be happening. Do you mean that a data: URL should load with a chrome principal but the initial about:blank interferes with the principal selection?
> + <iframe type="chrome" Are you sure that type="chrome" has an effect on HTML iframes? smaug told me on IRC that it doesn't.
Oh, that's a good point. But I think HTML iframes always inherit the principal of their owner document, in which case the data: URL should have chrome privileges anyway, right?
One option is to make the "inherit from current document" case of GetInheritedPrincipal initially pretend there's no current document if the current document is the initial about:blank....
Comment on attachment 545554 [details] [diff] [review] Proposed fix Blake, I'm assuming we don't want this in light of comment 4. Rerequest review if I'm mistaken.
Created attachment 553600 [details] [diff] [review] Proposed fix