Last Comment Bug 776824 - Add isInBrowserElement to nsIPrincipal
: Add isInBrowserElement to nsIPrincipal
Status: RESOLVED FIXED
:
Product: Core
Classification: Components
Component: Security: CAPS (show other bugs)
: Trunk
: All All
: -- normal (vote)
: mozilla17
Assigned To: Mounir Lamouri (:mounir)
:
Mentors:
Depends on:
Blocks: 758258
  Show dependency treegraph
 
Reported: 2012-07-23 23:05 PDT by Mounir Lamouri (:mounir)
Modified: 2012-07-31 19:19 PDT (History)
3 users (show)
mounir: in‑testsuite+
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---
+


Attachments
Patch (7.61 KB, patch)
2012-07-23 23:05 PDT, Mounir Lamouri (:mounir)
mrbkap: review+
Details | Diff | Review
Patch (8.03 KB, patch)
2012-07-25 21:50 PDT, Mounir Lamouri (:mounir)
jonas: superreview+
mounir: checkin+
Details | Diff | Review

Description Mounir Lamouri (:mounir) 2012-07-23 23:05:40 PDT
Created attachment 645201 [details] [diff] [review]
Patch

extendedOrigin might be a bad idea for the moment. A lot of places seem to require access to some of the information "hidden" in the attribute. So let's make isInMozBrowserElement a real attribute and see what happens of extendedOrigin.
Comment 1 Blake Kaplan (:mrbkap) (please use needinfo!) 2012-07-25 17:53:53 PDT
Comment on attachment 645201 [details] [diff] [review]
Patch

This really feels like the wrong place to stick this. Extended origin makes sense, but to me principals are descriptions of privileges and asking a privilege if it's inside a browser element seems semantically wrong.

Talking to jst, one thing he suggested is that we could tie principals to an "owner" that would then be able to return this sort of information. I'm clearing the request for now. If there is really no better place to stick this, I guess I'd be willing to r+ it, but I'd really rather search for an alternative first.
Comment 2 Blake Kaplan (:mrbkap) (please use needinfo!) 2012-07-25 18:36:36 PDT
Comment on attachment 645201 [details] [diff] [review]
Patch

After talking to Jonas, I'm OK with this. The name really threw me off though since it looks like we're asking a purely DOM question to a principal when we're actually asking "are you in this other security context."
Comment 3 Mounir Lamouri (:mounir) 2012-07-25 21:50:04 PDT
Created attachment 646022 [details] [diff] [review]
Patch

Jonas, could you sr that patch?
Comment 4 Ryan VanderMeulen [:RyanVM] 2012-07-31 19:19:00 PDT
https://hg.mozilla.org/mozilla-central/rev/b69add485ebc

Note You need to log in before you can comment on or make changes to this bug.