author | Masatoshi Kimura <VYV03354@nifty.ne.jp> |
Fri, 19 May 2017 07:35:01 +0900 | |
changeset 581168 | 805d89fbe730ecf1698d5d7440cc0339be0f8169 |
parent 580912 | 8e98dab5054dd093a37ba20c62cf0523e484cfbd |
child 629508 | b447aaf0f63414caf738eab7ee5e474f9fd29c4c |
push id | 59795 |
push user | VYV03354@nifty.ne.jp |
push date | Fri, 19 May 2017 11:56:49 +0000 |
reviewers | jmaher |
bugs | 1365199 |
milestone | 55.0a1 |
--- a/dom/base/nsGlobalWindow.cpp +++ b/dom/base/nsGlobalWindow.cpp @@ -2761,17 +2761,17 @@ InitializeLegacyNetscapeObject(JSContext NS_ENSURE_TRUE(obj, false); // We hide enablePrivilege behind a pref because it has been altered in a // way that makes it fundamentally insecure to use in production. Mozilla // uses this pref during automated testing to support legacy test code that // uses enablePrivilege. If you're not doing test automation, you _must_ not // flip this pref, or you will be exposing all your users to security // vulnerabilities. - if (!xpc::IsInAutomation()) { + if (!xpc::CanEnablePrivilege()) { return true; } /* Define PrivilegeManager object with the necessary "static" methods. */ obj = JS_DefineObject(aCx, obj, "PrivilegeManager", nullptr); NS_ENSURE_TRUE(obj, false); return JS_DefineFunctions(aCx, obj, EnablePrivilegeSpec);
--- a/js/xpconnect/src/xpcpublic.h +++ b/js/xpconnect/src/xpcpublic.h @@ -613,16 +613,24 @@ inline bool IsInAutomation() { const char* prefName = "security.turn_off_all_security_so_that_viruses_can_take_over_this_computer"; return mozilla::Preferences::GetBool(prefName) && AreNonLocalConnectionsDisabled(); } +inline bool +CanEnablePrivilege() +{ + const char* prefName = "security.enablePrivilege.enable_in_automation"; + return mozilla::Preferences::GetBool(prefName) && + AreNonLocalConnectionsDisabled(); +} + void CreateCooperativeContext(); void DestroyCooperativeContext(); // Please see JS_YieldCooperativeContext in jsapi.h. void
deleted file mode 100644 --- a/js/xpconnect/tests/mochitest/bug504877_helper.html +++ /dev/null @@ -1,10 +0,0 @@ -<html> - <head> - <script> - function getblat() { - return blat; - } - foopy = 42; - </script> - </head> -</html>
--- a/js/xpconnect/tests/mochitest/mochitest.ini +++ b/js/xpconnect/tests/mochitest/mochitest.ini @@ -1,12 +1,11 @@ [DEFAULT] support-files = bug500931_helper.html - bug504877_helper.html bug571849_helper.html bug589028_helper.html bug92773_helper.html chrome_wrappers_helper.html file1_bug629227.html file2_bug629227.html file_bug505915.html file_bug650273.html @@ -42,17 +41,16 @@ support-files = [test_bug390488.html] [test_bug393269.html] [test_bug396851.html] [test_bug428021.html] [test_bug446584.html] [test_bug462428.html] [test_bug478438.html] [test_bug500691.html] -[test_bug504877.html] [test_bug505915.html] [test_bug560351.html] [test_bug585745.html] [test_bug589028.html] [test_bug601299.html] [test_bug605167.html] [test_bug618017.html] [test_bug623437.html]
deleted file mode 100644 --- a/js/xpconnect/tests/mochitest/test_bug504877.html +++ /dev/null @@ -1,64 +0,0 @@ -<!DOCTYPE HTML> -<html> -<!-- -https://bugzilla.mozilla.org/show_bug.cgi?id=504877 ---> -<head> - <title>Test for Bug 504877</title> - <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> - <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/> -</head> -<body> -<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=504877">Mozilla Bug 504877</a> -<p id="display"></p> -<div id="content" style="display: none"> - -</div> -<pre id="test"> -<script type="application/javascript"> - -/** Test for Bug 504877 **/ -SimpleTest.waitForExplicitFinish(); -var p = 0; -function go() { - var ifr = $('ifr').contentWindow; - function test1() { - try { - ifr.foopy; - ok(false, "should have thrown a cross-origin access exception"); - } catch (e) { - ok(/Permission denied/.test(e), "Threw a permission denied exception"); - } - - var loc = ifr.location; - (function() { - netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect"); - ifr.blat = 42; - - is(ifr.blat, 42, "able to set random properties") - is(ifr.getblat(), 42, "setting properties propagates"); - is(ifr.foopy, 42, "able to use UniversalXPConnect to get random properties"); - - loc.replace; // resolves the property onto the wrapper. - })(); - - loc.replace("http://mochi.test:8888/"); - ok(true, "able to set location on the cross origin(!) frame"); - } - - function test2() { - SimpleTest.finish(); - } - - switch (++p) { - case 1: return test1(); - case 2: return test2(); - } -} - - -</script> -</pre> -<iframe src="http://example.org/tests/js/xpconnect/tests/mochitest/bug504877_helper.html" id="ifr" onload="go()"></iframe> -</body> -</html>
--- a/js/xpconnect/wrappers/WrapperFactory.cpp +++ b/js/xpconnect/wrappers/WrapperFactory.cpp @@ -477,20 +477,20 @@ WrapperFactory::Rewrap(JSContext* cx, Ha CompartmentPrivate::Get(origin); CompartmentPrivate* targetCompartmentPrivate = CompartmentPrivate::Get(target); // // First, handle the special cases. // - // If UniversalXPConnect is enabled, this is just some dumb mochitest. Use + // If UniversalXPConnect is enabled, this is just some dumb talos. Use // a vanilla CCW. if (targetCompartmentPrivate->universalXPConnectEnabled) { - CrashIfNotInAutomation(); + MOZ_RELEASE_ASSERT(CanEnablePrivilege()); wrapper = &CrossCompartmentWrapper::singleton; } // Let the SpecialPowers scope make its stuff easily accessible to content. else if (originCompartmentPrivate->forcePermissiveCOWs) { CrashIfNotInAutomation(); wrapper = &CrossCompartmentWrapper::singleton; }
--- a/testing/specialpowers/content/specialpowersAPI.js +++ b/testing/specialpowers/content/specialpowersAPI.js @@ -56,21 +56,21 @@ function bindDOMWindowUtils(aWindow) { return var util = aWindow.QueryInterface(Ci.nsIInterfaceRequestor) .getInterface(Ci.nsIDOMWindowUtils); return wrapPrivileged(util); } function getRawComponents(aWindow) { - // If we're running in automation that supports enablePrivilege, then we also + // If we're running in automation, then we also // provided access to the privileged Components. try { let win = Cu.waiveXrays(aWindow); - if (typeof win.netscape.security.PrivilegeManager == 'object') + if (Cu.isInAutomation) Cu.forcePrivilegedComponentsForScope(aWindow); } catch (e) {} return Cu.getComponentsForScope(aWindow); } function isWrappable(x) { if (typeof x === "object") return x !== null;
--- a/testing/talos/talos/run_tests.py +++ b/testing/talos/talos/run_tests.py @@ -116,16 +116,17 @@ def run_tests(config, browser_config): if browser_config['develop']: browser_config['extra_args'] = '--no-remote' # with addon signing for production talos, we want to develop without it if browser_config['develop'] or browser_config['branch_name'] == 'Try': browser_config['preferences']['xpinstall.signatures.required'] = False browser_config['preferences']['extensions.allow-non-mpc-extensions'] = True + browser_config['preferences']['security.enablePrivilege.enable_in_automation'] = True # set defaults testdate = config.get('testdate', '') # get the process name from the path to the browser if not browser_config['process']: browser_config['process'] = \ os.path.basename(browser_config['browser_path'])
--- a/testing/talos/tests/test_talosconfig_browser_config.json +++ b/testing/talos/tests/test_talosconfig_browser_config.json @@ -1,1 +1,1 @@ -{'deviceroot': '', 'dirs': {}, 'repository': 'http://hg.mozilla.org/releases/mozilla-release', 'buildid': '20131205075310', 'results_log': 'pathtoresults_log', 'symbols_path': None, 'bcontroller_config': 'pathtobcontroller', 'host': '', 'browser_name': 'Firefox', 'sourcestamp': '39faf812aaec', 'remote': False, 'child_process': 'plugin-container', 'branch_name': '', 'browser_version': '26.0', 'extra_args': '', 'develop': True, 'preferences': {'browser.display.overlaynavbuttons': False, 'extensions.getAddons.get.url': 'http://127.0.0.1/extensions-dummy/repositoryGetURL', 'dom.max_chrome_script_run_time': 0, 'network.proxy.type': 1, 'extensions.update.background.url': 'http://127.0.0.1/extensions-dummy/updateBackgroundURL', 'network.proxy.http': 'localhost', 'plugins.update.url': 'http://127.0.0.1/plugins-dummy/updateCheckURL', 'dom.max_script_run_time': 0, 'extensions.update.enabled': False, 'browser.safebrowsing.keyURL': 'http://127.0.0.1/safebrowsing-dummy/newkey', 'media.navigator.permission.disabled': True, 'app.update.enabled': False, 'extensions.blocklist.url': 'http://127.0.0.1/extensions-dummy/blocklistURL', 'browser.EULA.override': True, 'extensions.checkCompatibility': False, 'talos.logfile': 'pathtofile', 'browser.safebrowsing.gethashURL': 'http://127.0.0.1/safebrowsing-dummy/gethash', 'extensions.hotfix.url': 'http://127.0.0.1/extensions-dummy/hotfixURL', 'dom.disable_window_move_resize': True, 'network.proxy.http_port': 80, 'browser.dom.window.dump.enabled': True, 'extensions.update.url': 'http://127.0.0.1/extensions-dummy/updateURL', 'browser.chrome.dynamictoolbar': False, 'browser.link.open_newwindow': 2, 'extensions.getAddons.search.url': 'http://127.0.0.1/extensions-dummy/repositorySearchURL', 'browser.cache.disk.smart_size.first_run': False, 'security.turn_off_all_security_so_that_viruses_can_take_over_this_computer': True, 'dom.disable_open_during_load': False, 'extensions.getAddons.search.browseURL': 'http://127.0.0.1/extensions-dummy/repositoryBrowseURL', 'browser.cache.disk.smart_size.enabled': False, 'extensions.getAddons.getWithPerformance.url': 'http://127.0.0.1/extensions-dummy/repositoryGetWithPerformanceURL', 'hangmonitor.timeout': 0, 'extensions.getAddons.maxResults': 0, 'dom.send_after_paint_to_content': True, 'security.fileuri.strict_origin_policy': False, 'media.capturestream_hints.enabled': True, 'extensions.update.notifyUser': False, 'extensions.blocklist.enabled': False, 'browser.bookmarks.max_backups': 0, 'browser.shell.checkDefaultBrowser': False, 'media.peerconnection.enabled': True, 'dom.disable_window_flip': True, 'security.enable_java': False, 'browser.warnOnQuit': False, 'media.navigator.enabled': True, 'browser.safebrowsing.updateURL': 'http://127.0.0.1/safebrowsing-dummy/update', 'dom.allow_scripts_to_close_windows': True, 'extensions.webservice.discoverURL': 'http://127.0.0.1/extensions-dummy/discoveryURL'}, 'test_timeout': 1200, 'title': 'qm-pxp01', 'error_filename': 'pathtoerrorfile', 'webserver': 'localhost:15707', 'browser_path':ffox_path, 'port': 20701, 'browser_log': 'browser_output.txt', 'process': 'firefox.exe', 'xperf_path': 'C:/Program Files/Microsoft Windows Performance Toolkit/xperf.exe', 'extensions': ['pathtopageloader'], 'fennecIDs': '', 'env': {'NO_EM_RESTART': '1'}, 'init_url': 'http://localhost:15707/getInfo.html', 'browser_wait': 5} \ No newline at end of file +{'deviceroot': '', 'dirs': {}, 'repository': 'http://hg.mozilla.org/releases/mozilla-release', 'buildid': '20131205075310', 'results_log': 'pathtoresults_log', 'symbols_path': None, 'bcontroller_config': 'pathtobcontroller', 'host': '', 'browser_name': 'Firefox', 'sourcestamp': '39faf812aaec', 'remote': False, 'child_process': 'plugin-container', 'branch_name': '', 'browser_version': '26.0', 'extra_args': '', 'develop': True, 'preferences': {'browser.display.overlaynavbuttons': False, 'extensions.getAddons.get.url': 'http://127.0.0.1/extensions-dummy/repositoryGetURL', 'dom.max_chrome_script_run_time': 0, 'network.proxy.type': 1, 'extensions.update.background.url': 'http://127.0.0.1/extensions-dummy/updateBackgroundURL', 'network.proxy.http': 'localhost', 'plugins.update.url': 'http://127.0.0.1/plugins-dummy/updateCheckURL', 'dom.max_script_run_time': 0, 'extensions.update.enabled': False, 'browser.safebrowsing.keyURL': 'http://127.0.0.1/safebrowsing-dummy/newkey', 'media.navigator.permission.disabled': True, 'app.update.enabled': False, 'extensions.blocklist.url': 'http://127.0.0.1/extensions-dummy/blocklistURL', 'browser.EULA.override': True, 'extensions.checkCompatibility': False, 'talos.logfile': 'pathtofile', 'browser.safebrowsing.gethashURL': 'http://127.0.0.1/safebrowsing-dummy/gethash', 'extensions.hotfix.url': 'http://127.0.0.1/extensions-dummy/hotfixURL', 'dom.disable_window_move_resize': True, 'network.proxy.http_port': 80, 'browser.dom.window.dump.enabled': True, 'extensions.update.url': 'http://127.0.0.1/extensions-dummy/updateURL', 'browser.chrome.dynamictoolbar': False, 'browser.link.open_newwindow': 2, 'extensions.getAddons.search.url': 'http://127.0.0.1/extensions-dummy/repositorySearchURL', 'browser.cache.disk.smart_size.first_run': False, 'security.enablePrivilege.enable_in_automation': True, 'dom.disable_open_during_load': False, 'extensions.getAddons.search.browseURL': 'http://127.0.0.1/extensions-dummy/repositoryBrowseURL', 'browser.cache.disk.smart_size.enabled': False, 'extensions.getAddons.getWithPerformance.url': 'http://127.0.0.1/extensions-dummy/repositoryGetWithPerformanceURL', 'hangmonitor.timeout': 0, 'extensions.getAddons.maxResults': 0, 'dom.send_after_paint_to_content': True, 'security.fileuri.strict_origin_policy': False, 'media.capturestream_hints.enabled': True, 'extensions.update.notifyUser': False, 'extensions.blocklist.enabled': False, 'browser.bookmarks.max_backups': 0, 'browser.shell.checkDefaultBrowser': False, 'media.peerconnection.enabled': True, 'dom.disable_window_flip': True, 'security.enable_java': False, 'browser.warnOnQuit': False, 'media.navigator.enabled': True, 'browser.safebrowsing.updateURL': 'http://127.0.0.1/safebrowsing-dummy/update', 'dom.allow_scripts_to_close_windows': True, 'extensions.webservice.discoverURL': 'http://127.0.0.1/extensions-dummy/discoveryURL'}, 'test_timeout': 1200, 'title': 'qm-pxp01', 'error_filename': 'pathtoerrorfile', 'webserver': 'localhost:15707', 'browser_path':ffox_path, 'port': 20701, 'browser_log': 'browser_output.txt', 'process': 'firefox.exe', 'xperf_path': 'C:/Program Files/Microsoft Windows Performance Toolkit/xperf.exe', 'extensions': ['pathtopageloader'], 'fennecIDs': '', 'env': {'NO_EM_RESTART': '1'}, 'init_url': 'http://localhost:15707/getInfo.html', 'browser_wait': 5} \ No newline at end of file