The default bug view has changed. See this FAQ.

Allow postMessage()ing File and FileLists between windows

RESOLVED FIXED in mozilla8

Status

()

Core
DOM
RESOLVED FIXED
6 years ago
2 years ago

People

(Reporter: khuey, Assigned: khuey)

Tracking

(Depends on: 1 bug, {dev-doc-complete})

unspecified
mozilla8
dev-doc-complete
Points:
---
Dependency tree / graph
Bug Flags:
in-testsuite ?

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

Created attachment 547980 [details] [diff] [review]
Patch

The attached patch allows the postMessage if and only if the caller's principal subsumes the target's, so I think we can do this without security review.
Attachment #547980 - Flags: review?(jonas)
Assignee: nobody → khuey
Status: NEW → ASSIGNED
Comment on attachment 547980 [details] [diff] [review]
Patch

Review of attachment 547980 [details] [diff] [review]:
-----------------------------------------------------------------

r=me with that fixed.

::: dom/base/nsGlobalWindow.cpp
@@ +6030,5 @@
> +    nsISupports* supports = wrappedNative->Native();
> +
> +    nsCOMPtr<nsIDOMBlob> blob = do_QueryInterface(supports);
> +    if (blob && scInfo->subsumes)
> +      scTag = SCTAG_DOM_FILE;

SCTAG_DOM_BLOB seems like a better name. Seems better to ensure that no-one casts to nsIDOMFile anywhere after checking this tag.

@@ +6277,5 @@
>    // We *must* clone the data here, or the jsval could be modified
>    // by script
>    JSAutoStructuredCloneBuffer buffer;
> +  StructuredCloneInfo scInfo;
> +  scInfo.event = event.get();

The .get() here shouldn't be needed.
Attachment #547980 - Flags: review?(jonas) → review+
Going to write some tests and slip this into 8.
Keywords: dev-doc-needed

Updated

6 years ago
Depends on: 678560
http://hg.mozilla.org/mozilla-central/rev/31eddfef6549

This still needs tests, which are blocked on some SpecialPowers enhancements :-/
Status: ASSIGNED → RESOLVED
Last Resolved: 6 years ago
Flags: in-testsuite?
Resolution: --- → FIXED
Target Milestone: --- → mozilla8
Documentation updated:

https://developer.mozilla.org/en/DOM/window.postMessage

Also mentioned on Firefox 8 for developers.
Keywords: dev-doc-needed → dev-doc-complete

Comment 5

5 years ago
Sorry for commenting on a closed bug, but I would like some clarification:
What exactly is meant by the following statement?

    "This is only allowed if the recipient's principal is contained within the sender's principal"

Does this mean that postMessage with File/Blob/FileList objects as data is not allowed for cross-domain communication?
Doesn't this contradict the following statement?

    "window.postMessage is a method for safely enabling cross-origin communication"
(In reply to Sebastian Tschan from comment #5)
> Sorry for commenting on a closed bug, but I would like some clarification:
> What exactly is meant by the following statement?
> 
>     "This is only allowed if the recipient's principal is contained within
> the sender's principal"
> 
> Does this mean that postMessage with File/Blob/FileList objects as data is
> not allowed for cross-domain communication?

Yes.

> Doesn't this contradict the following statement?
> 
>     "window.postMessage is a method for safely enabling cross-origin
> communication"

To some extent.  We plan to allow postMessaging Files and FileLists across origins, that just needs a more in depth security review.
Blocks: 722126

Comment 7

3 years ago
When is cross origins going to be implemented?

Updated

2 years ago
Blocks: 1185360
You need to log in before you can comment on or make changes to this bug.