[tbb-commits] [tor-browser/esr24] Bug 912322 - Stop making XBL methods available to the web. r=bz a=sylvestre
mikeperry at torproject.org
mikeperry at torproject.org
Fri Aug 29 05:26:37 UTC 2014
commit b0f60cb668c5a37f2be4dfc4aa87e5bb0d707dac
Author: Bobby Holley <bobbyholley at gmail.com>
Date: Mon Feb 10 14:07:27 2014 -0800
Bug 912322 - Stop making XBL methods available to the web. r=bz a=sylvestre
---
dom/webidl/Document.webidl | 5 +++-
js/xpconnect/tests/mochitest/Makefile.in | 1 +
js/xpconnect/tests/mochitest/test_bug912322.html | 35 ++++++++++++++++++++++
3 files changed, 40 insertions(+), 1 deletion(-)
diff --git a/dom/webidl/Document.webidl b/dom/webidl/Document.webidl
index 2233af8..4805a74 100644
--- a/dom/webidl/Document.webidl
+++ b/dom/webidl/Document.webidl
@@ -277,11 +277,14 @@ partial interface Document {
partial interface Document {
// nsIDOMDocumentXBL. Wish we could make these [ChromeOnly], but
// that would likely break bindings running with the page principal.
+ [Func="IsChromeOrXBL"]
NodeList? getAnonymousNodes(Element elt);
+ [Func="IsChromeOrXBL"]
Element? getAnonymousElementByAttribute(Element elt, DOMString attrName,
DOMString attrValue);
+ [Func="IsChromeOrXBL"]
Element? getBindingParent(Node node);
- [Throws]
+ [Throws, Func="IsChromeOrXBL"]
void loadBindingDocument(DOMString documentURL);
// nsIDOMDocumentTouch
diff --git a/js/xpconnect/tests/mochitest/Makefile.in b/js/xpconnect/tests/mochitest/Makefile.in
index 4c947e9..e3e1b63 100644
--- a/js/xpconnect/tests/mochitest/Makefile.in
+++ b/js/xpconnect/tests/mochitest/Makefile.in
@@ -96,6 +96,7 @@ MOCHITEST_FILES = chrome_wrappers_helper.html \
test_bug865260.html \
test_bug870423.html \
test_bug871887.html \
+ test_bug912322.html \
file_crosscompartment_weakmap.html \
test_crosscompartment_weakmap.html \
test_asmjs.html \
diff --git a/js/xpconnect/tests/mochitest/test_bug912322.html b/js/xpconnect/tests/mochitest/test_bug912322.html
new file mode 100644
index 0000000..22fcc9f
--- /dev/null
+++ b/js/xpconnect/tests/mochitest/test_bug912322.html
@@ -0,0 +1,35 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=912322
+-->
+<head>
+ <meta charset="utf-8">
+ <title>Test for Bug 912322</title>
+ <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+ <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+ <script type="application/javascript">
+
+ /** Test that XBL functions aren't exposed to the web. **/
+ funs = ['getAnonymousNodes', 'getAnonymousElementByAttribute',
+ 'getBindingParent', 'loadBindingDocument'];
+ for (var f of funs) {
+ ok(!(f in document), f + " should not be available to content");
+ ok(f in SpecialPowers.wrap(document), f + " should be available to chrome via Xray");
+ }
+
+
+
+
+ </script>
+</head>
+<body>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=912322">Mozilla Bug 912322</a>
+<p id="display"></p>
+<div id="content" style="display: none">
+
+</div>
+<pre id="test">
+</pre>
+</body>
+</html>
More information about the tbb-commits
mailing list