Closed Bug 733035 Opened 9 years ago Closed 9 years ago

need a way to postMessage from sandboxes (without source window object)


(Core :: DOM: Core & HTML, defect)

Not set





(Reporter: gkrizsanits, Assigned: gkrizsanits)



(Keywords: dev-doc-needed)


(1 file, 2 obsolete files)

From a sandbox currently postMessage to a window object does not work (silent failure). The reason is that the function expects that the global is a window that can be used as a source window. For sandboxes that is not the case, but probably the principal of the sandbox can be used for the security checks.
Assignee: nobody → gkrizsanits
Blocks: 729994
Attached patch first draft with test (obsolete) — Splinter Review
So I'm not sure that this is safe enough, and I don't know who is the best person to ask for a review on this. What do you think khuey? So there are two cases, either the sandbox have system principal, then I'm not really affraid of security implications. And when it has a URI based principal, then there is a check before cloning the data, but I'm not sure if it's enough. I would also love to validate somehow if the global or it's principal belongs to a sandbox, and the callerInnerWin isn't null for some other reasons.
Attachment #604030 - Flags: review?(khuey)
Comment on attachment 604030 [details] [diff] [review]
first draft with test

Review of attachment 604030 [details] [diff] [review]:

::: dom/base/nsGlobalWindow.cpp
@@ +6347,5 @@
>      // if the principal has a URI, use that to generate the origin
>      nsContentUtils::GetUTFOrigin(callerPrin, origin);
>    }
>    else {
> +    if (callerInnerWin) {

just use

else if (callerInnerWin) {
else {

No need for another level of indenting.

@@ +6349,5 @@
>    }
>    else {
> +    if (callerInnerWin) {
> +      // otherwise use the URI of the document to generate origin
> +      nsCOMPtr<nsIDocument> doc = do_QueryInterface(callerInnerWin->mDocument);

Attachment #604030 - Flags: review?(khuey) → review+
Attached patch ready to go (obsolete) — Splinter Review
Attachment #604030 - Attachment is obsolete: true
Attachment #612215 - Flags: review+
Attached patch ready to goSplinter Review
The previous version of the patch did not contain the Mercurial Queue headers, this one does.
Attachment #612215 - Attachment is obsolete: true
Attachment #612218 - Flags: review+
Keywords: checkin-needed
Flags: in-testsuite+
Keywords: checkin-needed
Target Milestone: --- → mozilla14
Closed: 9 years ago
Resolution: --- → FIXED
Keywords: dev-doc-needed
OS: Windows 7 → All
Hardware: x86_64 → All
Version: unspecified → Trunk
Component: DOM: Mozilla Extensions → DOM
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.