Closed Bug 784770 Opened 13 years ago Closed 12 years ago

Using view-source protocol in add-on leads to error "Exposing chrome JS objects to content without __exposedProps__ is insecure and deprecated"

Categories

(Core :: XPConnect, defect)

Product:
Core
Component:
XPConnect
Version:
15 Branch
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 774633

People

(Reporter: gk, Unassigned)

References

Details

Attachments

(1 file)

viewsource.xpi
7.87 KB, application/octet-stream
Details
Attached file viewsource.xpi
User Agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/17.0 Firefox/17.0 Build ID: 20120822030558 Steps to reproduce: I installed the attached minimal test xpi which tries to load a view-source URL in a new window Actual results: In FF beta and aurora I get: Error: Exposing chrome JS objects to content without __exposedProps__ is insecure and deprecated. See https://developer.mozilla.org/en/XPConnect_wrappers for more information. Source File: view-source:http://getfoxyproxy.org/downloads.html Line: 0 And in a nightly I get: Error: [Exception... "'JavaScript component does not have a method named: "handleEvent"' when calling method: [nsIDOMEventListener::handleEvent]" nsresult: "0x80570030 (NS_ERROR_XPC_JSOBJECT_HAS_NO_FUNCTION_NAMED)" location: "<unknown>" data: no] Expected results: There should be no error messages.
The issue occurs as well if one tries to load a local files (e.g. PAC files).
Blocks: 553102
Bobby?
Component: General → XPConnect
Easier STR: 1) Open Scratchpad in Firefox 16. 2) Set the Environment to Browser (you need to set the devtools.chrome.enabled preference to true). 3) Run this code: open("view-source:" + "http://getfoxyproxy.org/downloads.html", "", "scrollbars,resizable,chrome,dialog=no,width=450,height=425"); This should show the error, though the source viewer displays with no apparent problems. Running the same code in the Content environment, or removing the 'chrome' feature in the open call removes the error.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Yeah I'm looking at this. Gimme a few more.
This is bug 774633 :-( The patches in that bug fix this bug. Now they if only we could get them reviewed. ;-)
Depends on: 774633
Bug 774633 is fixed now, and the STR in Comment 3 doesn't trigger an error using: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20130505 Firefox/23.0 So I guess this bug can be resolved?
Flags: needinfo?
sounds good to me.
Status: NEW → RESOLVED
Closed: 12 years ago
Flags: needinfo?
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: