Closed Bug 772288 Opened 12 years ago Closed 12 years ago

SpecialPowers.wrap(Components).utils.import(url, window) is broken

Categories

(Core :: XPConnect, defect)

Product:
Core
Component:
XPConnect
Platform:
All
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla17

People

(Reporter: MattN, Unassigned)

References

(Blocks 1 open bug)

Details

Attachments

(2 files, 3 obsolete files)

Tests. v2 r=bholley
2.45 KB, patch
bholley
: review+
Details | Diff | Splinter Review
Waive Xray for target objects in Cu.import. v1
4.28 KB, patch
mrbkap
: review+
Details | Diff | Splinter Review
Attached patch Test case (obsolete) — Splinter Review
See the attached mochitest-plain test. Workaround is to do: const Cu = SpecialPowers.wrap(Components).utils; const Services = Cu.import("resource://gre/modules/Services.jsm").Services;
Alternatively, you can do Cu.import(url, window), which imports it into |window|'s scope. See the docs here: https://developer.mozilla.org/en/Components.utils.import There's not a lot we can do here to fix the bug as filed. Cu.import(url) imports the JSM into the caller's scope. SpecialPowers.wrap explicitly proxies operations into a special chrome scope so that they run with privileges. Matt, do you have any ideas on how this could be made nicer? Or should we WONTFIX?
(In reply to Bobby Holley (:bholley) from comment #1) > Alternatively, you can do Cu.import(url, window), which imports it into > |window|'s scope. See the docs here: > https://developer.mozilla.org/en/Components.utils.import Yep, that didn't work either but I forgot to include it in the testcase. I guess I should have mentioned that. I tried: Cu.import(url, window) and Cu.import(url, this) (which would have been the window) as well. I've now updated the test case. Is Cu.import(url, window) supposed to work there? > There's not a lot we can do here to fix the bug as filed. Cu.import(url) > imports the JSM into the caller's scope. SpecialPowers.wrap explicitly > proxies operations into a special chrome scope so that they run with > privileges. Matt, do you have any ideas on how this could be made nicer? Or > should we WONTFIX? If Cu.import(url, window) would work then it would be nicer.
Attachment #640434 - Attachment is obsolete: true
(In reply to Matthew N. [:MattN] from comment #2) > If Cu.import(url, window) would work then it would be nicer. Agreed! Let's morph this bug into that issue.
Summary: SpecialPowers.wrap(Components).utils.import doesn't import symbols in mochitest-plain → SpecialPowers.wrap(Components).utils.import(url, window) is broken
Ah, so the properties are ending up on the Xray holder for the chrome view on the content window. I think we should just unwrap here and enter the compartment. Patching coming right up.
Updated tests. r=bholley
Attachment #640541 - Attachment is obsolete: true
Attachment #640567 - Flags: review+
Attachment #640568 - Flags: review?(mrbkap)
Blocks: 762492
Comment on attachment 640568 [details] [diff] [review] Unwrap target objects for Cu.import. v1 Review of attachment 640568 [details] [diff] [review]: ----------------------------------------------------------------- Doesn't this risk introducing bug 653926 here? If I'm reading the component loader properly, we'll end up with scripts with script->principal being system, but the compartment being non-system. I think we need to avoid that.
Attachment #640568 - Flags: review?(mrbkap)
I'm not sure I grok all of the implications of the old approach, but I totally agree that cavalier unwrapping should be avoided. Let's waive Xray instead.
Attachment #640568 - Attachment is obsolete: true
Attachment #644344 - Flags: review?(mrbkap)
(fixed the 'dump callers' typo locally)
Comment on attachment 644344 [details] [diff] [review] Waive Xray for target objects in Cu.import. v1 Thanks.
Attachment #644344 - Flags: review?(mrbkap) → review+
Twiddled with null-ness and repushed to try: https://tbpl.mozilla.org/?tree=Try&rev=230fd7f7903c
And that one was busted because I asserted AccessCheck::callerIsChrome(), which fails for tests that use UniversalXPConnect to call Cu.import. Switched to nsContentUtils::CallerHasUniversalXPConnect() and repushed: https://tbpl.mozilla.org/?tree=Try&rev=cd60bc464319
https://hg.mozilla.org/mozilla-central/rev/cd5e3b073284 https://hg.mozilla.org/mozilla-central/rev/8485eb46a4d6
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla17
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: