Last Comment Bug 673742 - Allow postMessage()ing File and FileLists between windows
: Allow postMessage()ing File and FileLists between windows
Status: RESOLVED FIXED
: dev-doc-complete
Product: Core
Classification: Components
Component: DOM (show other bugs)
: unspecified
: All All
: -- normal with 1 vote (vote)
: mozilla8
Assigned To: Kyle Huey [:khuey] (khuey@mozilla.com)
:
Mentors:
Depends on: 678560
Blocks: 722126 1185360
  Show dependency treegraph
 
Reported: 2011-07-23 20:00 PDT by Kyle Huey [:khuey] (khuey@mozilla.com)
Modified: 2015-07-19 10:48 PDT (History)
6 users (show)
khuey: in‑testsuite?
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments
Patch (9.68 KB, patch)
2011-07-23 20:00 PDT, Kyle Huey [:khuey] (khuey@mozilla.com)
jonas: review+
Details | Diff | Splinter Review

Description Kyle Huey [:khuey] (khuey@mozilla.com) 2011-07-23 20:00:07 PDT
Created attachment 547980 [details] [diff] [review]
Patch

The attached patch allows the postMessage if and only if the caller's principal subsumes the target's, so I think we can do this without security review.
Comment 1 Jonas Sicking (:sicking) PTO Until July 5th 2011-08-03 10:31:08 PDT
Comment on attachment 547980 [details] [diff] [review]
Patch

Review of attachment 547980 [details] [diff] [review]:
-----------------------------------------------------------------

r=me with that fixed.

::: dom/base/nsGlobalWindow.cpp
@@ +6030,5 @@
> +    nsISupports* supports = wrappedNative->Native();
> +
> +    nsCOMPtr<nsIDOMBlob> blob = do_QueryInterface(supports);
> +    if (blob && scInfo->subsumes)
> +      scTag = SCTAG_DOM_FILE;

SCTAG_DOM_BLOB seems like a better name. Seems better to ensure that no-one casts to nsIDOMFile anywhere after checking this tag.

@@ +6277,5 @@
>    // We *must* clone the data here, or the jsval could be modified
>    // by script
>    JSAutoStructuredCloneBuffer buffer;
> +  StructuredCloneInfo scInfo;
> +  scInfo.event = event.get();

The .get() here shouldn't be needed.
Comment 2 Kyle Huey [:khuey] (khuey@mozilla.com) 2011-08-11 04:23:54 PDT
Going to write some tests and slip this into 8.
Comment 3 Kyle Huey [:khuey] (khuey@mozilla.com) 2011-08-13 05:30:15 PDT
http://hg.mozilla.org/mozilla-central/rev/31eddfef6549

This still needs tests, which are blocked on some SpecialPowers enhancements :-/
Comment 4 Eric Shepherd [:sheppy] 2011-10-18 07:50:45 PDT
Documentation updated:

https://developer.mozilla.org/en/DOM/window.postMessage

Also mentioned on Firefox 8 for developers.
Comment 5 Sebastian Tschan 2011-11-20 00:37:50 PST
Sorry for commenting on a closed bug, but I would like some clarification:
What exactly is meant by the following statement?

    "This is only allowed if the recipient's principal is contained within the sender's principal"

Does this mean that postMessage with File/Blob/FileList objects as data is not allowed for cross-domain communication?
Doesn't this contradict the following statement?

    "window.postMessage is a method for safely enabling cross-origin communication"
Comment 6 Kyle Huey [:khuey] (khuey@mozilla.com) 2011-11-20 02:57:07 PST
(In reply to Sebastian Tschan from comment #5)
> Sorry for commenting on a closed bug, but I would like some clarification:
> What exactly is meant by the following statement?
> 
>     "This is only allowed if the recipient's principal is contained within
> the sender's principal"
> 
> Does this mean that postMessage with File/Blob/FileList objects as data is
> not allowed for cross-domain communication?

Yes.

> Doesn't this contradict the following statement?
> 
>     "window.postMessage is a method for safely enabling cross-origin
> communication"

To some extent.  We plan to allow postMessaging Files and FileLists across origins, that just needs a more in depth security review.
Comment 7 Jimmy Warting 2014-07-12 12:29:35 PDT
When is cross origins going to be implemented?

Note You need to log in before you can comment on or make changes to this bug.