Closed
Bug 829872
Opened 12 years ago
Closed 11 years ago
Consider returning null from contentDocument getters when the caller does not subsume the document
Categories
(Core :: DOM: Core & HTML, defect)
Core
DOM: Core & HTML
Tracking
()
RESOLVED
FIXED
mozilla23
People
(Reporter: bzbarsky, Assigned: bholley)
References
(Blocks 1 open bug)
Details
(Keywords: dev-doc-complete, site-compat)
Attachments
(4 files, 1 obsolete file)
2.28 KB,
patch
|
bzbarsky
:
review+
|
Details | Diff | Splinter Review |
3.70 KB,
patch
|
bzbarsky
:
review+
|
Details | Diff | Splinter Review |
3.82 KB,
patch
|
bzbarsky
:
review+
|
Details | Diff | Splinter Review |
18.12 KB,
patch
|
imelven
:
review+
|
Details | Diff | Splinter Review |
Apparently this is what WebKit does and Hixie would slightly like to do that to simplify the spec. I don't think this should be particularly hard to implement. Specifically, the relevant properties are, afaict: 1) .contentDocument on HTMLFrameElement, HTMLIFrameElement, HTMLObjectElement. 2) getSVGDocument() on HTMLEmbedElement, HTMLIFrameElement, HTMLObjectElement WebKit apparently also returns null from .frameElement if the caller does not subsume the element. I would probably be fine with doing that too, actually.
Yes! This can only simplify things which is good. Though our existing infrastructure handles this situation quite well, you never know if we might be able to simplify things in the future.
Assignee | ||
Comment 2•12 years ago
|
||
Yeah I think the compartment mechanics here should be straightforward. For the Xray case, we should be in the caller's compartment, and so a simple CallerSubsumes-style check should do the trick here. This has the remote possibility of breaking chrome code that waives Xray, inspects a content scope, and tries to work its way to a second (not-same-origin) content scope via contentDocument. But that's a pretty contrived example. I say do it to improve spec coherence here.
Assignee | ||
Updated•11 years ago
|
Blocks: CVE-2013-1687
Assignee | ||
Comment 3•11 years ago
|
||
Attachment #744340 -
Flags: review?(bzbarsky)
Assignee | ||
Comment 4•11 years ago
|
||
Attachment #744341 -
Flags: review?(bzbarsky)
Assignee | ||
Comment 5•11 years ago
|
||
Attachment #744342 -
Flags: review?(bzbarsky)
Assignee | ||
Comment 6•11 years ago
|
||
https://tbpl.mozilla.org/?tree=Try&rev=826265e7cf35
![]() |
Reporter | |
Comment 7•11 years ago
|
||
Comment on attachment 744340 [details] [diff] [review] Part 1 - Add convenience version of Equals/Subsumes to nsIPrincipal. v1 r=me
Attachment #744340 -
Flags: review?(bzbarsky) → review+
![]() |
Reporter | |
Comment 8•11 years ago
|
||
Comment on attachment 744341 [details] [diff] [review] Part 2 - Return null for cross-origin contentDocument. v1 > HTMLObjectElement::GetContentDocument(nsIDOMDocument **aContentDocument) You don't need any changes to this method: it's calling the WebIDL one for the real work. > nsGenericHTMLFrameElement::GetContentDocument(nsIDOMDocument** aContentDocument) Likewise. r=me with that.
Attachment #744341 -
Flags: review?(bzbarsky) → review+
![]() |
Reporter | |
Comment 9•11 years ago
|
||
Comment on attachment 744342 [details] [diff] [review] Part 3 - Tests. v1 r=me. Want to toss some getSVGDocument() tests in there too? Also, perhaps a followup on frameElement?
Attachment #744342 -
Flags: review?(bzbarsky) → review+
Assignee | ||
Comment 10•11 years ago
|
||
These almost universally depend on some sort of special privileges, so I don't think they're representative of any use-cases we might find on the web.
Attachment #744905 -
Flags: review?(imelven)
Assignee | ||
Comment 11•11 years ago
|
||
https://tbpl.mozilla.org/?tree=Try&rev=6d9089068a2b
Assignee | ||
Comment 12•11 years ago
|
||
(In reply to Boris Zbarsky (:bz) from comment #9) > Also, perhaps a followup on frameElement? Filed bug 829872.
Assignee | ||
Comment 13•11 years ago
|
||
Fixed a misplaced paren. This is green with that change.
Attachment #744905 -
Attachment is obsolete: true
Attachment #744905 -
Flags: review?(imelven)
Attachment #745000 -
Flags: review?(imelven)
Comment 14•11 years ago
|
||
Comment on attachment 745000 [details] [diff] [review] Part 4 - Fix up tests that depend on contentDocument being non-null. v2 Review of attachment 745000 [details] [diff] [review]: ----------------------------------------------------------------- Changes make sense and look good to me, I am not a peer tho :)
Attachment #745000 -
Flags: review?(imelven) → review+
Assignee | ||
Comment 15•11 years ago
|
||
(In reply to Ian Melven :imelven from comment #14) > Changes make sense and look good to me, I am not a peer tho :) That's ok. Mass test changes like this just need someone to understand the issue at hand. remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/036cde16f9d5 remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/70cfbdceb63a remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/fb498cfb4058 remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/bfe5c0296c3b
Comment 16•11 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/036cde16f9d5 https://hg.mozilla.org/mozilla-central/rev/70cfbdceb63a https://hg.mozilla.org/mozilla-central/rev/fb498cfb4058 https://hg.mozilla.org/mozilla-central/rev/bfe5c0296c3b
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla23
Comment 17•11 years ago
|
||
I've added this bug to the compatibility doc. Please correct the info if wrong. https://developer.mozilla.org/en-US/docs/Site_Compatibility_for_Firefox_23
Comment 19•11 years ago
|
||
(In reply to Kohei Yoshino [:kohei] from comment #17) > I've added this bug to the compatibility doc. Please correct the info if > wrong. > https://developer.mozilla.org/en-US/docs/Site_Compatibility_for_Firefox_23 Looks good to me.
Keywords: dev-doc-needed → dev-doc-complete
Assignee | ||
Updated•11 years ago
|
Assignee: nobody → bobbyholley+bmo
Updated•5 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•