Mercurial > mozreview > gecko / changeset / d8d3ef8f703158df813859eab02042c647ed7a8d
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1353074 - Protect __webDriverComplete global from introspection; r?maja_zf draft
authorAndreas Tolfsen <ato@mozilla.com>
Mon, 03 Apr 2017 18:37:39 +0100
changeset 555141 d8d3ef8f703158df813859eab02042c647ed7a8d
parent 555140 62518c7d62df0844cf6dc6ebbb357dd4bb793545
child 555142 15d5be4545322d99a3fa00c2a22e2641012ca2e8
push id52171
push userbmo:ato@mozilla.com
push dateMon, 03 Apr 2017 18:22:15 +0000
reviewersmaja_zf
bugs1353074
milestone55.0a1
Bug 1353074 - Protect __webDriverComplete global from introspection; r?maja_zf For similar reasons given in the previous commit, we also want to protect the window.__webDriverComplete global from accidental introspection from web content. MozReview-Commit-ID: FyTWHrgee15
testing/marionette/evaluate.js file | annotate | diff | comparison | revisions 
--- a/testing/marionette/evaluate.js
+++ b/testing/marionette/evaluate.js
@@ -98,17 +98,17 @@ this.evaluate = {};
  * @throws ScriptTimeoutError
  *   If the script was interrupted due to script timeout.
  */
 evaluate.sandbox = function (sb, script, args = [], opts = {}) {
   let scriptTimeoutID, timeoutHandler, unloadHandler;
 
   let promise = new Promise((resolve, reject) => {
     let src = "";
-    sb[COMPLETE] = resolve;
+    sb[COMPLETE] = sandbox.cloneInto(resolve, sb);
     timeoutHandler = () => reject(new ScriptTimeoutError("Timed out"));
     unloadHandler = sandbox.cloneInto(
         () => reject(new JavaScriptError("Document was unloaded during execution")),
         sb);
 
     // wrap in function
     if (!opts.directInject) {
       if (opts.async) {
gecko
Deployed from af051c2a8da7 at 2024-04-29T16:08:03Z.