Closed
Bug 968003
Opened 10 years ago
Closed 10 years ago
Window.frameElement getter should do return null if the caller does not subsumes the origin of the frameElement
Categories
(Core :: DOM: Core & HTML, defect)
Tracking
()
RESOLVED
FIXED
mozilla30
People
(Reporter: bholley, Assigned: bholley)
References
Details
Attachments
(1 file)
3.08 KB,
patch
|
bzbarsky
:
review+
|
Details | Diff | Splinter Review |
Currently, we rely on security wrappers to give us an opaque object in this case. But the spec says to return null. We should fix that at some point. The spec currently has this as a document.domain-considering check, so we should make sure to do the right thing if this lands after bug 956382.
Comment 1•10 years ago
|
||
This is fairly trivial to fix, but let's just get bug 956382 landed first and then do this. For the record, all that's needed is to change this line of nsGlobalWindow::GetFrameElement: return GetRealFrameElement(aError); to be: Element* element = GetRealFrameElement(aError); if (aError.Failed() || !element) { return nullptr; } if (!nsContentUtils::GetSubjectPrincipal()-> SubsumesConsideringDomain(element->NodePrincipal())) { return nullptr; } return element; or so.
Depends on: 956382
Assignee | ||
Comment 2•10 years ago
|
||
https://tbpl.mozilla.org/?tree=Try&rev=792aea58ea4e
Assignee | ||
Updated•10 years ago
|
Assignee: nobody → bobbyholley
Assignee | ||
Comment 3•10 years ago
|
||
Attachment #8376397 -
Flags: review?(bzbarsky)
Comment 4•10 years ago
|
||
Comment on attachment 8376397 [details] [diff] [review] Return null for frameElement with a cross-origin parent. v1 r=I-believe-the-code-I-suggested? ;)
Attachment #8376397 -
Flags: review?(bzbarsky) → review+
Assignee | ||
Comment 5•10 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/da8ce1721f25
Comment 6•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/da8ce1721f25
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla30
Updated•5 years ago
|
Component: DOM → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•