807371 - Stop calling CheckFunctionAccess in WebIDL callbacks

Status: RESOLVED DUPLICATE of bug 840488

(Core :: DOM: Core & HTML, defect)

Description

[Boris Zbarsky [:bzbarsky]]

We should just be checking whether script is enabled on the relevant nsIScriptContext.  Probably modulo system object principals for the callback.  Want to land bug 807226 first to mitigate risk.

Comment 1

[Nikhil Marathe [:nsm] (No longer reading bugmail, please needinfo?)]

Attachment: patch

Comment 2

[Boris Zbarsky [:bzbarsky]]

Comment on attachment 801816 [details] [diff] [review]
patch

This gives different behavior from what we have now, no?  Specifically: 

1. The current code allows expanded principals to execute, even if script is
   disabled.
2. The current code follows the docshell's JavaScript-disabled setting. 
3. The current code follows the global JavaScript-disabled pref. 
4. The about: URI bits in nsScriptSecurityManager::CanExecuteScripts.

Comment 3

[Nikhil Marathe [:nsm] (No longer reading bugmail, please needinfo?)]

So this patch should also call CanExecuteScripts() like CheckFunctionAccess() does? At that point it seems this patch is almost like inlining CheckFunctionAccess(). Could you explain why this is required then? I don't understand the difference.

Comment 4

[Boris Zbarsky [:bzbarsky]]

CheckFunctionAccess takes arguments that are, in practice, unused from this code.  Just calling CanExecuteScripts would make it clearer what's really going on here: what we have now looks like a security check, and it's not.

That said, if we seriously want to work on this stuff I'd prefer we fix bug 840488.

Comment 5

[Bobby Holley (:bholley)]

I did this in bug 840488.