Closed
Bug 763433
Opened 13 years ago
Closed 13 years ago
ExposedPropertiesOnly::check should leave the chrome compartment before checking UniversalXPConnect
Categories
(Core :: XPConnect, defect)
Core
XPConnect
Tracking
()
RESOLVED
FIXED
mozilla16
People
(Reporter: bholley, Assigned: bholley)
References
Details
Attachments
(2 files)
7.24 KB,
patch
|
mrbkap
:
review+
|
Details | Diff | Splinter Review |
3.26 KB,
patch
|
mrbkap
:
review+
|
Details | Diff | Splinter Review |
This isn't a problem on trunk, because we don't base CAPS security decision on the context compartment. But with bug 754202, we do. Let's fix this.
Assignee | ||
Comment 1•13 years ago
|
||
Attachment #632212 -
Flags: review?(mrbkap)
Assignee | ||
Comment 2•13 years ago
|
||
Adding to the mess of the NodePrincipal (et al) check isn't great, but I'm refactoring that in bug 761704.
Attachment #632213 -
Flags: review?(mrbkap)
Comment 3•13 years ago
|
||
Comment on attachment 632212 [details] [diff] [review]
Part 1 - Clarify compartment semantics for ExposedPropertiesOnly. v2
Review of attachment 632212 [details] [diff] [review]:
-----------------------------------------------------------------
::: js/xpconnect/wrappers/AccessCheck.cpp
@@ +447,5 @@
> }
> +
> + // Double-check that the subject principal according to CAPS is a content
> + // principal rather than the system principal. If it is, this check is
> + // meaningless.
If it is or if it is not?
Updated•13 years ago
|
Attachment #632212 -
Flags: review?(mrbkap) → review+
Updated•13 years ago
|
Attachment #632213 -
Flags: review?(mrbkap) → review+
Assignee | ||
Comment 4•13 years ago
|
||
Pushed to try: https://tbpl.mozilla.org/?tree=Try&rev=0eb257679869
Assignee | ||
Comment 5•13 years ago
|
||
Comment 6•13 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/9523d286839d
https://hg.mozilla.org/mozilla-central/rev/256b856c0da6
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla16
You need to log in
before you can comment on or make changes to this bug.
Description
•