Accessing window.history as an array fails

VERIFIED FIXED in mozilla0.9.4

Status

()

Core
DOM: Core & HTML
VERIFIED FIXED
17 years ago
17 years ago

People

(Reporter: Mitchell Stoltz (not reading bugmail), Assigned: jst)

Tracking

({regression})

Trunk
mozilla0.9.4
x86
Windows NT
regression
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [HAVE FIX], URL)

Attachments

(3 attachments)

Attempting to access window.history[1], for example, fails in
nsStringArraySH::GetProperty. A script should be able (with the right
permissions) to access history as an array. As a script needs permissions to do
this anyway, it's probably not a high priority to fix.
(Assignee)

Comment 1

17 years ago
Created attachment 35510 [details] [diff] [review]
Proposed fix for embarrassing typos.
(Assignee)

Comment 2

17 years ago
Created attachment 35511 [details] [diff] [review]
Proposed fix for embarrassing typos.
(Assignee)

Comment 3

17 years ago
Of all the typo's one can make...

Nominating for mozilla0.9.1
Status: NEW → ASSIGNED
Keywords: mozilla0.9.1, mozilla0.9.2, regression
Whiteboard: [HAVE FIX]
Target Milestone: --- → mozilla0.9.1

Comment 4

17 years ago
why cannot we retarget it to 0.9.2? It doesn't appear to cause crash, topcrash
nor it's a major loss of functionality. If you agree, please move to 0.9.2
(Assignee)

Comment 5

17 years ago
Moving to mozilla0.9.2
Whiteboard: [HAVE FIX] → [HAVE PARTIAL FIX]
Target Milestone: mozilla0.9.1 → mozilla0.9.2
(Assignee)

Comment 6

17 years ago
Moving to mozilla0.9.3
Target Milestone: mozilla0.9.2 → mozilla0.9.3
Target Milestone: mozilla0.9.3 → mozilla0.9.4
(Assignee)

Comment 7

17 years ago
Created attachment 47610 [details] [diff] [review]
Proposed fix
(Assignee)

Comment 8

17 years ago
Mitch, please have a look at the security manager call in the attached patch,
I'm trying to make accessing history[x] equivalent to calling the method
history.item(x), did I get that call right?
(Assignee)

Updated

17 years ago
Whiteboard: [HAVE PARTIAL FIX] → [HAVE FIX]
(Reporter)

Comment 9

17 years ago
Perfect. We already have a policy in all.js for History.item, so this should
work fine.
(Assignee)

Comment 10

17 years ago
jband, sr=?

Comment 11

17 years ago
sr=jband

I see you are also going to fix that ugly typo in GetStringAt (that cls so 
nicely modernized with a NS_PTR_TO_INT32 macro :)
(Assignee)

Comment 12

17 years ago
Yeah, that one cracked me up too :-)
a=dbaron on behalf of drivers
(Assignee)

Comment 14

17 years ago
Fix checked in.
Status: ASSIGNED → RESOLVED
Last Resolved: 17 years ago
Resolution: --- → FIXED

Comment 15

17 years ago
Mitch, can you verify this one please ????? or just let me know the testcase.

Comment 16

17 years ago
Verified. I minimised mstoltz testcase & I used this testcode to verify this 
bug. Following is the code.

<html>
<head>
<title>History Test</title>
</head>

<body >
<h1>History Test</h1>

<script>

function f() {
 netscape.security.PrivilegeManager.enablePrivilege('UniversalBrowserRead');
 alert(self.history[0].href);
}
</script>
<br><br>
1] Click following button.<br>
2] Grant Universal read priviledge when asked.
<br><br>
EXPECTED RESULT: You should see alert showing first URL of history array.
<br><br>
ACTUAL RESULTS: see Javascript console. Permission is denied.<br><br>
<form>
<input type="button" value="Accessing window.history" onclick="f();">
</form>
</body>
</html>
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.