Closed Bug 763433 Opened 13 years ago Closed 13 years ago

ExposedPropertiesOnly::check should leave the chrome compartment before checking UniversalXPConnect

Categories

(Core :: XPConnect, defect)

defect
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla16

People

(Reporter: bholley, Assigned: bholley)

References

Details

Attachments

(2 files)

This isn't a problem on trunk, because we don't base CAPS security decision on the context compartment. But with bug 754202, we do. Let's fix this.
Adding to the mess of the NodePrincipal (et al) check isn't great, but I'm refactoring that in bug 761704.
Attachment #632213 - Flags: review?(mrbkap)
Comment on attachment 632212 [details] [diff] [review] Part 1 - Clarify compartment semantics for ExposedPropertiesOnly. v2 Review of attachment 632212 [details] [diff] [review]: ----------------------------------------------------------------- ::: js/xpconnect/wrappers/AccessCheck.cpp @@ +447,5 @@ > } > + > + // Double-check that the subject principal according to CAPS is a content > + // principal rather than the system principal. If it is, this check is > + // meaningless. If it is or if it is not?
Attachment #632212 - Flags: review?(mrbkap) → review+
Attachment #632213 - Flags: review?(mrbkap) → review+
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla16
Blocks: 766641
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: