need a way to postMessage from sandboxes (without source window object)

RESOLVED FIXED in mozilla14

Status

()

Core
DOM
RESOLVED FIXED
6 years ago
4 years ago

People

(Reporter: krizsa, Assigned: krizsa)

Tracking

({dev-doc-needed})

Trunk
mozilla14
dev-doc-needed
Points:
---
Dependency tree / graph
Bug Flags:
in-testsuite +

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment, 2 obsolete attachments)

(Assignee)

Description

6 years ago
From a sandbox currently postMessage to a window object does not work (silent failure). The reason is that the function expects that the global is a window that can be used as a source window. For sandboxes that is not the case, but probably the principal of the sandbox can be used for the security checks.
(Assignee)

Updated

6 years ago
Assignee: nobody → gkrizsanits
(Assignee)

Updated

6 years ago
Blocks: 729994
(Assignee)

Comment 1

6 years ago
Created attachment 604030 [details] [diff] [review]
first draft with test

So I'm not sure that this is safe enough, and I don't know who is the best person to ask for a review on this. What do you think khuey? So there are two cases, either the sandbox have system principal, then I'm not really affraid of security implications. And when it has a URI based principal, then there is a check before cloning the data, but I'm not sure if it's enough. I would also love to validate somehow if the global or it's principal belongs to a sandbox, and the callerInnerWin isn't null for some other reasons.
Attachment #604030 - Flags: review?(khuey)
Comment on attachment 604030 [details] [diff] [review]
first draft with test

Review of attachment 604030 [details] [diff] [review]:
-----------------------------------------------------------------

::: dom/base/nsGlobalWindow.cpp
@@ +6347,5 @@
>      // if the principal has a URI, use that to generate the origin
>      nsContentUtils::GetUTFOrigin(callerPrin, origin);
>    }
>    else {
> +    if (callerInnerWin) {

just use

else if (callerInnerWin) {
...
}
else {
}

No need for another level of indenting.

@@ +6349,5 @@
>    }
>    else {
> +    if (callerInnerWin) {
> +      // otherwise use the URI of the document to generate origin
> +      nsCOMPtr<nsIDocument> doc = do_QueryInterface(callerInnerWin->mDocument);

callerInnerWin->GetExtantDocument()
Attachment #604030 - Flags: review?(khuey) → review+
(Assignee)

Comment 3

6 years ago
Created attachment 612215 [details] [diff] [review]
ready to go

https://tbpl.mozilla.org/?tree=Try&rev=7b684de69a0d
Attachment #604030 - Attachment is obsolete: true
Attachment #612215 - Flags: review+
(Assignee)

Comment 4

6 years ago
Created attachment 612218 [details] [diff] [review]
ready to go

The previous version of the patch did not contain the Mercurial Queue headers, this one does.
Attachment #612215 - Attachment is obsolete: true
Attachment #612218 - Flags: review+
(Assignee)

Updated

6 years ago
Keywords: checkin-needed
https://hg.mozilla.org/integration/mozilla-inbound/rev/8f03b8e2cc5a
Flags: in-testsuite+
Keywords: checkin-needed
Target Milestone: --- → mozilla14
https://hg.mozilla.org/mozilla-central/rev/8f03b8e2cc5a
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED

Updated

5 years ago
Keywords: dev-doc-needed
OS: Windows 7 → All
Hardware: x86_64 → All
Version: unspecified → Trunk
Blocks: 762530
Component: DOM: Mozilla Extensions → DOM
Product: Core → Core
You need to log in before you can comment on or make changes to this bug.