Created attachment 649351 [details] [diff] [review] patch v1: clones `receipts` array DOMApplicationRegistry._cloneAppObject doesn't clone the `receipts` array, which it obtains from content. This causes DOMWindows that install apps to leak due to bug 780674 (which should get fixed by the eventual fix for that bug). It also makes it possible for a webapp to implicitly modify an app's receipts after installing the app, which seems undesirable. And, more generally, it potentially misleads callers who expect the method to deeply clone the app object, such that the clone contains no references to parts of the original object. Here's a fix that uses JSON to clone the array.
Comment on attachment 649351 [details] [diff] [review] patch v1: clones `receipts` array https://hg.mozilla.org/integration/mozilla-inbound/rev/4e54a6eb43d2
Awesome, so this was backed out along with bug 772299 due to mochitest-other permaorange. https://hg.mozilla.org/integration/mozilla-inbound/rev/5886a528d6db After backing out, I realized that Fabrice's follow-up fixed the orange. Please be starring builds when pushing bustage fixes... Re-pushed (with the follow-up included). https://hg.mozilla.org/integration/mozilla-inbound/rev/922cbdeaaec4