--- a/dom/base/nsGlobalWindowInner.cpp
+++ b/dom/base/nsGlobalWindowInner.cpp
@@ -208,17 +208,16 @@
#include "mozilla/dom/VRDisplay.h"
#include "mozilla/dom/VRDisplayEvent.h"
#include "mozilla/dom/VRDisplayEventBinding.h"
#include "mozilla/dom/VREventObserver.h"
#include "nsRefreshDriver.h"
#include "Layers.h"
-#include "mozilla/AddonPathService.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/Services.h"
#include "mozilla/Telemetry.h"
#include "mozilla/dom/Location.h"
#include "nsHTMLDocument.h"
#include "nsWrapperCacheInlines.h"
#include "mozilla/DOMEventTargetHelper.h"
#include "prrng.h"
--- a/dom/events/EventListenerManager.cpp
+++ b/dom/events/EventListenerManager.cpp
@@ -2,17 +2,16 @@
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
// Microsoft's API Name hackery sucks
#undef CreateEvent
-#include "mozilla/AddonPathService.h"
#include "mozilla/BasicEvents.h"
#include "mozilla/CycleCollectedJSRuntime.h"
#include "mozilla/DOMEventTargetHelper.h"
#include "mozilla/EventDispatcher.h"
#include "mozilla/EventListenerManager.h"
#include "mozilla/HalSensor.h"
#include "mozilla/InternalMutationEvent.h"
#include "mozilla/JSEventHandler.h"
@@ -982,18 +981,16 @@ EventListenerManager::CompileEventHandle
nsCOMPtr<nsPIDOMWindowInner> win = do_QueryInterface(mTarget);
uint32_t argCount;
const char **argNames;
nsContentUtils::GetEventArgNames(aElement->GetNameSpaceID(),
typeAtom, win,
&argCount, &argNames);
- JSAddonId *addonId = MapURIToAddonID(uri);
-
// Wrap the event target, so that we can use it as the scope for the event
// handler. Note that mTarget is different from aElement in the <body> case,
// where mTarget is a Window.
//
// The wrapScope doesn't really matter here, because the target will create
// its reflector in the proper scope, and then we'll enter that compartment.
JS::Rooted<JSObject*> wrapScope(cx, global->GetGlobalJSObject());
JS::Rooted<JS::Value> v(cx);
@@ -1001,30 +998,16 @@ EventListenerManager::CompileEventHandle
JSAutoCompartment ac(cx, wrapScope);
nsresult rv = nsContentUtils::WrapNative(cx, mTarget, &v,
/* aAllowWrapping = */ false);
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}
}
- if (addonId) {
- JS::Rooted<JSObject*> vObj(cx, &v.toObject());
- JS::Rooted<JSObject*> addonScope(cx, xpc::GetAddonScope(cx, vObj, addonId));
- if (!addonScope) {
- return NS_ERROR_FAILURE;
- }
- JSAutoCompartment ac(cx, addonScope);
-
- // Wrap our event target into the addon scope, since that's where we want to
- // do all our work.
- if (!JS_WrapValue(cx, &v)) {
- return NS_ERROR_FAILURE;
- }
- }
JS::Rooted<JSObject*> target(cx, &v.toObject());
JSAutoCompartment ac(cx, target);
// Now that we've entered the compartment we actually care about, create our
// scope chain. Note that we start with |element|, not aElement, because
// mTarget is different from aElement in the <body> case, where mTarget is a
// Window, and in that case we do not want the scope chain to include the body
// or the document.
--- a/dom/script/ScriptSettings.cpp
+++ b/dom/script/ScriptSettings.cpp
@@ -209,25 +209,16 @@ GetEntryGlobal()
}
nsIDocument*
GetEntryDocument()
{
nsIGlobalObject* global = GetEntryGlobal();
nsCOMPtr<nsPIDOMWindowInner> entryWin = do_QueryInterface(global);
- // If our entry global isn't a window, see if it's an addon scope associated
- // with a window. If it is, the caller almost certainly wants that rather
- // than null.
- if (!entryWin && global) {
- if (auto* win = xpc::AddonWindowOrNull(global->GetGlobalJSObject())) {
- entryWin = win->AsInner();
- }
- }
-
return entryWin ? entryWin->GetExtantDoc() : nullptr;
}
nsIGlobalObject*
GetIncumbentGlobal()
{
// We need the current JSContext in order to check the JS for
// scripted frames that may have appeared since anyone last
@@ -548,22 +539,16 @@ WarningOnlyErrorReporter(JSContext* aCx,
MOZ_ASSERT(worker);
worker->ReportError(aCx, JS::ConstUTF8CharsZ(), aRep);
return;
}
RefPtr<xpc::ErrorReport> xpcReport = new xpc::ErrorReport();
nsGlobalWindowInner* win = xpc::CurrentWindowOrNull(aCx);
- if (!win) {
- // We run addons in a separate privileged compartment, but if we're in an
- // addon compartment we should log warnings to the console of the associated
- // DOM Window.
- win = xpc::AddonWindowOrNull(JS::CurrentGlobalOrNull(aCx));
- }
xpcReport->Init(aRep, nullptr, nsContentUtils::IsSystemCaller(aCx),
win ? win->AsInner()->WindowID() : 0);
xpcReport->LogToConsole();
}
void
AutoJSAPI::ReportException()
{
@@ -588,21 +573,16 @@ AutoJSAPI::ReportException()
JS::Rooted<JS::Value> exn(cx());
js::ErrorReport jsReport(cx());
if (StealException(&exn) &&
jsReport.init(cx(), exn, js::ErrorReport::WithSideEffects)) {
if (mIsMainThread) {
RefPtr<xpc::ErrorReport> xpcReport = new xpc::ErrorReport();
RefPtr<nsGlobalWindowInner> win = xpc::WindowGlobalOrNull(errorGlobal);
- if (!win) {
- // We run addons in a separate privileged compartment, but they still
- // expect to trigger the onerror handler of their associated DOM Window.
- win = xpc::AddonWindowOrNull(errorGlobal);
- }
nsPIDOMWindowInner* inner = win ? win->AsInner() : nullptr;
bool isChrome = nsContentUtils::IsSystemPrincipal(
nsContentUtils::ObjectPrincipal(errorGlobal));
xpcReport->Init(jsReport.report(), jsReport.toStringResult().c_str(),
isChrome,
inner ? inner->WindowID() : 0);
if (inner && jsReport.report()->errorNumber != JSMSG_OUT_OF_MEMORY) {
JS::RootingContext* rcx = JS::RootingContext::get(cx());
--- a/dom/xbl/nsXBLBinding.cpp
+++ b/dom/xbl/nsXBLBinding.cpp
@@ -1110,17 +1110,16 @@ nsXBLBinding::LookupMember(JSContext* aC
// never get here. But on the off-chance that someone adds new callsites to
// LookupMember, we do a release-mode assertion as belt-and-braces.
// We do a release-mode assertion here to be extra safe.
//
// This code is only called for content XBL, so we don't have to worry about
// add-on scopes here.
JS::Rooted<JSObject*> boundScope(aCx,
js::GetGlobalForObjectCrossCompartment(mBoundElement->GetWrapper()));
- MOZ_RELEASE_ASSERT(!xpc::IsInAddonScope(boundScope));
MOZ_RELEASE_ASSERT(!xpc::IsInContentXBLScope(boundScope));
JS::Rooted<JSObject*> xblScope(aCx, xpc::GetXBLScope(aCx, boundScope));
NS_ENSURE_TRUE(xblScope, false);
MOZ_ASSERT(boundScope != xblScope);
// Enter the xbl scope and invoke the internal version.
{
JSAutoCompartment ac(aCx, xblScope);
--- a/dom/xbl/nsXBLProtoImpl.cpp
+++ b/dom/xbl/nsXBLProtoImpl.cpp
@@ -11,17 +11,16 @@
#include "nsIDocument.h"
#include "nsContentUtils.h"
#include "nsIXPConnect.h"
#include "nsIServiceManager.h"
#include "nsIDOMNode.h"
#include "nsXBLPrototypeBinding.h"
#include "nsXBLProtoImplProperty.h"
#include "nsIURI.h"
-#include "mozilla/AddonPathService.h"
#include "mozilla/dom/ScriptSettings.h"
#include "mozilla/dom/XULElementBinding.h"
#include "xpcpublic.h"
#include "js/CharacterEncoding.h"
using namespace mozilla;
using namespace mozilla::dom;
using js::GetGlobalForObjectCrossCompartment;
@@ -78,20 +77,19 @@ nsXBLProtoImpl::InstallImplementation(ns
// using a separate XBL scope, we want to define them there first (so that
// they'll be available for Xray lookups, among other things), and then copy
// the properties to the content-side prototype as needed. We don't need to
// bother about the field accessors here, since we don't use/support those
// for in-content bindings.
// First, start by entering the compartment of the XBL scope. This may or may
// not be the same compartment as globalObject.
- JSAddonId* addonId = MapURIToAddonID(aPrototypeBinding->BindingURI());
JS::Rooted<JSObject*> globalObject(cx,
GetGlobalForObjectCrossCompartment(targetClassObject));
- JS::Rooted<JSObject*> scopeObject(cx, xpc::GetScopeForXBLExecution(cx, globalObject, addonId));
+ JS::Rooted<JSObject*> scopeObject(cx, xpc::GetXBLScopeOrGlobal(cx, globalObject));
NS_ENSURE_TRUE(scopeObject, NS_ERROR_OUT_OF_MEMORY);
MOZ_ASSERT(js::GetGlobalForObjectCrossCompartment(scopeObject) == scopeObject);
JSAutoCompartment ac(cx, scopeObject);
// Determine the appropriate property holder.
//
// Note: If |targetIsNew| is false, we'll early-return above. However, that only
// tells us if the content-side object is new, which may be the case even if
--- a/dom/xbl/nsXBLProtoImplField.cpp
+++ b/dom/xbl/nsXBLProtoImplField.cpp
@@ -12,17 +12,16 @@
#include "js/CharacterEncoding.h"
#include "nsUnicharUtils.h"
#include "nsReadableUtils.h"
#include "nsXBLProtoImplField.h"
#include "nsIScriptContext.h"
#include "nsIURI.h"
#include "nsXBLSerialize.h"
#include "nsXBLPrototypeBinding.h"
-#include "mozilla/AddonPathService.h"
#include "mozilla/dom/BindingUtils.h"
#include "mozilla/dom/ElementBinding.h"
#include "mozilla/dom/ScriptSettings.h"
#include "nsGlobalWindow.h"
#include "xpcpublic.h"
#include "WrapperFactory.h"
using namespace mozilla;
@@ -397,40 +396,38 @@ nsXBLProtoImplField::InstallField(JS::Ha
nsIGlobalObject* globalObject = xpc::WindowGlobalOrNull(aBoundNode);
if (!globalObject) {
return NS_OK;
}
// We are going to run script via EvaluateString, so we need a script entry
// point, but as this is XBL related it does not appear in the HTML spec.
- // We need an actual JSContext to do GetScopeForXBLExecution, and it needs to
+ // We need an actual JSContext to do GetXBLScopeOrGlobal, and it needs to
// be in the compartment of globalObject. But we want our XBL execution scope
// to be our entry global.
AutoJSAPI jsapi;
if (!jsapi.Init(globalObject)) {
return NS_ERROR_UNEXPECTED;
}
MOZ_ASSERT(!::JS_IsExceptionPending(jsapi.cx()),
"Shouldn't get here when an exception is pending!");
- JSAddonId* addonId = MapURIToAddonID(aBindingDocURI);
-
// Note: the UNWRAP_OBJECT may mutate boundNode; don't use it after that call.
JS::Rooted<JSObject*> boundNode(jsapi.cx(), aBoundNode);
Element* boundElement = nullptr;
rv = UNWRAP_OBJECT(Element, &boundNode, boundElement);
if (NS_WARN_IF(NS_FAILED(rv))) {
return rv;
}
// First, enter the xbl scope, build the element's scope chain, and use
// that as the scope chain for the evaluation.
JS::Rooted<JSObject*> scopeObject(jsapi.cx(),
- xpc::GetScopeForXBLExecution(jsapi.cx(), aBoundNode, addonId));
+ xpc::GetXBLScopeOrGlobal(jsapi.cx(), aBoundNode));
NS_ENSURE_TRUE(scopeObject, NS_ERROR_OUT_OF_MEMORY);
AutoEntryScript aes(scopeObject, "XBL <field> initialization", true);
JSContext* cx = aes.cx();
JS::Rooted<JS::Value> result(cx);
JS::CompileOptions options(cx);
options.setFileAndLine(uriSpec.get(), mLineNumber);
--- a/dom/xbl/nsXBLProtoImplMethod.cpp
+++ b/dom/xbl/nsXBLProtoImplMethod.cpp
@@ -98,17 +98,16 @@ nsXBLProtoImplMethod::InstallMember(JSCo
NS_PRECONDITION(IsCompiled(),
"Should not be installing an uncompiled method");
MOZ_ASSERT(js::IsObjectInContextCompartment(aTargetClassObject, aCx));
#ifdef DEBUG
{
JS::Rooted<JSObject*> globalObject(aCx, JS_GetGlobalForObject(aCx, aTargetClassObject));
MOZ_ASSERT(xpc::IsInContentXBLScope(globalObject) ||
- xpc::IsInAddonScope(globalObject) ||
globalObject == xpc::GetXBLScope(aCx, globalObject));
MOZ_ASSERT(JS::CurrentGlobalOrNull(aCx) == globalObject);
}
#endif
JS::Rooted<JSObject*> jsMethodObject(aCx, GetCompiledMethod());
if (jsMethodObject) {
nsDependentString name(mName);
@@ -255,17 +254,17 @@ nsXBLProtoImplMethod::Write(nsIObjectOut
JS::Rooted<JSObject*> method(RootingCx(), GetCompiledMethod());
return XBL_SerializeFunction(aStream, method);
}
return NS_OK;
}
nsresult
-nsXBLProtoImplAnonymousMethod::Execute(nsIContent* aBoundElement, JSAddonId* aAddonId)
+nsXBLProtoImplAnonymousMethod::Execute(nsIContent* aBoundElement)
{
MOZ_ASSERT(aBoundElement->IsElement());
NS_PRECONDITION(IsCompiled(), "Can't execute uncompiled method");
if (!GetCompiledMethod()) {
// Nothing to do here
return NS_OK;
}
@@ -279,28 +278,26 @@ nsXBLProtoImplAnonymousMethod::Execute(n
if (!global) {
return NS_OK;
}
nsAutoMicroTask mt;
// We are going to run script via JS::Call, so we need a script entry point,
// but as this is XBL related it does not appear in the HTML spec.
- // We need an actual JSContext to do GetScopeForXBLExecution, and it needs to
+ // We need an actual JSContext to do GetXBLScopeOrGlobal, and it needs to
// be in the compartment of globalObject. But we want our XBL execution scope
// to be our entry global.
AutoJSAPI jsapi;
if (!jsapi.Init(global)) {
return NS_ERROR_UNEXPECTED;
}
- JS::Rooted<JSObject*> globalObject(jsapi.cx(), global->GetGlobalJSObject());
-
JS::Rooted<JSObject*> scopeObject(jsapi.cx(),
- xpc::GetScopeForXBLExecution(jsapi.cx(), globalObject, aAddonId));
+ xpc::GetXBLScopeOrGlobal(jsapi.cx(), global->GetGlobalJSObject()));
NS_ENSURE_TRUE(scopeObject, NS_ERROR_OUT_OF_MEMORY);
dom::AutoEntryScript aes(scopeObject,
"XBL <constructor>/<destructor> invocation",
true);
JSContext* cx = aes.cx();
JS::AutoObjectVector scopeChain(cx);
if (!nsJSUtils::GetScopeChainForElement(cx, aBoundElement->AsElement(),
--- a/dom/xbl/nsXBLProtoImplMethod.h
+++ b/dom/xbl/nsXBLProtoImplMethod.h
@@ -133,17 +133,17 @@ protected:
};
class nsXBLProtoImplAnonymousMethod : public nsXBLProtoImplMethod {
public:
explicit nsXBLProtoImplAnonymousMethod(const char16_t* aName) :
nsXBLProtoImplMethod(aName)
{}
- nsresult Execute(nsIContent* aBoundElement, JSAddonId* aAddonId);
+ nsresult Execute(nsIContent* aBoundElement);
// Override InstallMember; these methods never get installed as members on
// binding instantiations (though they may hang out in mMembers on the
// prototype implementation).
virtual nsresult InstallMember(JSContext* aCx,
JS::Handle<JSObject*> aTargetClassObject) override {
return NS_OK;
}
--- a/dom/xbl/nsXBLProtoImplProperty.cpp
+++ b/dom/xbl/nsXBLProtoImplProperty.cpp
@@ -129,17 +129,16 @@ nsXBLProtoImplProperty::InstallMember(JS
"Should not be installing an uncompiled property");
MOZ_ASSERT(mGetter.IsCompiled() && mSetter.IsCompiled());
MOZ_ASSERT(js::IsObjectInContextCompartment(aTargetClassObject, aCx));
#ifdef DEBUG
{
JS::Rooted<JSObject*> globalObject(aCx, JS_GetGlobalForObject(aCx, aTargetClassObject));
MOZ_ASSERT(xpc::IsInContentXBLScope(globalObject) ||
- xpc::IsInAddonScope(globalObject) ||
globalObject == xpc::GetXBLScope(aCx, globalObject));
MOZ_ASSERT(JS::CurrentGlobalOrNull(aCx) == globalObject);
}
#endif
JS::Rooted<JSObject*> getter(aCx, mGetter.GetJSFunction());
JS::Rooted<JSObject*> setter(aCx, mSetter.GetJSFunction());
if (getter || setter) {
--- a/dom/xbl/nsXBLPrototypeBinding.cpp
+++ b/dom/xbl/nsXBLPrototypeBinding.cpp
@@ -38,17 +38,16 @@
#include "nsTextNode.h"
#include "nsIInterfaceInfo.h"
#include "nsIScriptError.h"
#ifdef MOZ_OLD_STYLE
#include "nsCSSRuleProcessor.h"
#endif
#include "nsXBLResourceLoader.h"
-#include "mozilla/AddonPathService.h"
#include "mozilla/dom/CDATASection.h"
#include "mozilla/dom/Comment.h"
#include "mozilla/dom/Element.h"
#include "mozilla/StyleSheet.h"
#include "mozilla/StyleSheetInlines.h"
#ifdef MOZ_XUL
#include "nsXULElement.h"
@@ -278,26 +277,26 @@ nsXBLPrototypeBinding::FlushSkinSheets()
return NS_OK;
}
nsresult
nsXBLPrototypeBinding::BindingAttached(nsIContent* aBoundElement)
{
if (mImplementation && mImplementation->CompiledMembers() &&
mImplementation->mConstructor)
- return mImplementation->mConstructor->Execute(aBoundElement, MapURIToAddonID(mBindingURI));
+ return mImplementation->mConstructor->Execute(aBoundElement);
return NS_OK;
}
nsresult
nsXBLPrototypeBinding::BindingDetached(nsIContent* aBoundElement)
{
if (mImplementation && mImplementation->CompiledMembers() &&
mImplementation->mDestructor)
- return mImplementation->mDestructor->Execute(aBoundElement, MapURIToAddonID(mBindingURI));
+ return mImplementation->mDestructor->Execute(aBoundElement);
return NS_OK;
}
nsXBLProtoImplAnonymousMethod*
nsXBLPrototypeBinding::GetConstructor()
{
if (mImplementation)
return mImplementation->mConstructor;
--- a/dom/xbl/nsXBLPrototypeHandler.cpp
+++ b/dom/xbl/nsXBLPrototypeHandler.cpp
@@ -29,17 +29,16 @@
#include "nsPIWindowRoot.h"
#include "nsIDOMWindow.h"
#include "nsIServiceManager.h"
#include "nsIScriptError.h"
#include "nsString.h"
#include "nsReadableUtils.h"
#include "nsGkAtoms.h"
#include "nsIXPConnect.h"
-#include "mozilla/AddonPathService.h"
#include "nsDOMCID.h"
#include "nsUnicharUtils.h"
#include "nsCRT.h"
#include "nsXBLEventHandler.h"
#include "nsXBLSerialize.h"
#include "nsJSUtils.h"
#include "mozilla/BasicEvents.h"
#include "mozilla/JSEventHandler.h"
@@ -343,20 +342,17 @@ nsXBLPrototypeHandler::ExecuteHandler(Ev
return NS_OK;
}
JSContext* cx = jsapi.cx();
JS::Rooted<JSObject*> handler(cx);
rv = EnsureEventHandler(jsapi, onEventAtom, &handler);
NS_ENSURE_SUCCESS(rv, rv);
- JSAddonId* addonId = MapURIToAddonID(mPrototypeBinding->DocURI());
-
- JS::Rooted<JSObject*> globalObject(cx, boundGlobal->GetGlobalJSObject());
- JS::Rooted<JSObject*> scopeObject(cx, xpc::GetScopeForXBLExecution(cx, globalObject, addonId));
+ JS::Rooted<JSObject*> scopeObject(cx, xpc::GetXBLScopeOrGlobal(cx, boundGlobal->GetGlobalJSObject()));
NS_ENSURE_TRUE(scopeObject, NS_ERROR_OUT_OF_MEMORY);
// Bind it to the bound element. Note that if we're using a separate XBL scope,
// we'll actually be binding the event handler to a cross-compartment wrapper
// to the bound element's reflector.
// First, enter our XBL scope. This is where the generic handler should have
// been compiled, above.
@@ -413,19 +409,17 @@ nsXBLPrototypeHandler::EnsureEventHandle
return NS_OK;
}
}
// Ensure that we have something to compile
nsDependentString handlerText(mHandlerText);
NS_ENSURE_TRUE(!handlerText.IsEmpty(), NS_ERROR_FAILURE);
- JSAddonId* addonId = MapURIToAddonID(mPrototypeBinding->DocURI());
-
- JS::Rooted<JSObject*> scopeObject(cx, xpc::GetScopeForXBLExecution(cx, globalObject, addonId));
+ JS::Rooted<JSObject*> scopeObject(cx, xpc::GetXBLScopeOrGlobal(cx, globalObject));
NS_ENSURE_TRUE(scopeObject, NS_ERROR_OUT_OF_MEMORY);
nsAutoCString bindingURI;
nsresult rv = mPrototypeBinding->DocURI()->GetSpec(bindingURI);
NS_ENSURE_SUCCESS(rv, rv);
uint32_t argCount;
const char **argNames;
--- a/dom/xul/XULDocument.cpp
+++ b/dom/xul/XULDocument.cpp
@@ -73,17 +73,16 @@
#include "nsIStyleSheetLinkingElement.h"
#include "nsIObserverService.h"
#include "nsNodeUtils.h"
#include "nsIDocShellTreeOwner.h"
#include "nsIXULWindow.h"
#include "nsXULPopupManager.h"
#include "nsCCUncollectableMarker.h"
#include "nsURILoader.h"
-#include "mozilla/AddonPathService.h"
#include "mozilla/BasicEvents.h"
#include "mozilla/dom/Element.h"
#include "mozilla/dom/NodeInfoInlines.h"
#include "mozilla/dom/ProcessingInstruction.h"
#include "mozilla/dom/ScriptSettings.h"
#include "mozilla/dom/XULDocumentBinding.h"
#include "mozilla/EventDispatcher.h"
#include "mozilla/LoadInfo.h"
@@ -3173,22 +3172,18 @@ XULDocument::ExecuteScript(nsXULPrototyp
// We're about to run script via JS::CloneAndExecuteScript, so we need an
// AutoEntryScript. This is Gecko specific and not in any spec.
AutoEntryScript aes(mScriptGlobalObject, "precompiled XUL <script> element");
JSContext* cx = aes.cx();
JS::Rooted<JSScript*> scriptObject(cx, aScript->GetScriptObject());
NS_ENSURE_TRUE(scriptObject, NS_ERROR_UNEXPECTED);
- JS::Rooted<JSObject*> baseGlobal(cx, JS::CurrentGlobalOrNull(cx));
- NS_ENSURE_TRUE(xpc::Scriptability::Get(baseGlobal).Allowed(), NS_OK);
-
- JSAddonId* addonId = mCurrentPrototype ? MapURIToAddonID(mCurrentPrototype->GetURI()) : nullptr;
- JS::Rooted<JSObject*> global(cx, xpc::GetAddonScope(cx, baseGlobal, addonId));
- NS_ENSURE_TRUE(global, NS_ERROR_FAILURE);
+ JS::Rooted<JSObject*> global(cx, JS::CurrentGlobalOrNull(cx));
+ NS_ENSURE_TRUE(xpc::Scriptability::Get(global).Allowed(), NS_OK);
JS::ExposeObjectToActiveJS(global);
JSAutoCompartment ac(cx, global);
// The script is in the compilation scope. Clone it into the target scope
// and execute it. On failure, ~AutoScriptEntry will handle exceptions, so
// there is no need to manually check the return value.
JS::RootedValue rval(cx);
--- a/js/xpconnect/idl/xpccomponents.idl
+++ b/js/xpconnect/idl/xpccomponents.idl
@@ -171,29 +171,16 @@ interface nsIXPCComponents_Utils : nsISu
*/
[implicit_jscontext,optional_argc]
jsval evalInSandbox(in AString source, in jsval sandbox,
[optional] in jsval version,
[optional] in AUTF8String filename,
[optional] in long lineNo);
/*
- * getSandboxAddonId is designed to be called from JavaScript only.
- *
- * getSandboxAddonId retrieves the add-on ID associated with
- * a sandbox object. It will return undefined if there
- * is no add-on ID attached to the sandbox.
- *
- * var s = C.u.Sandbox(..., { addonId: "123" });
- * var id = C.u.getSandboxAddonId(s);
- */
- [implicit_jscontext]
- jsval getSandboxAddonId(in jsval sandbox);
-
- /*
* getSandboxMetadata is designed to be called from JavaScript only.
*
* getSandboxMetadata retrieves the metadata associated with
* a sandbox object. It will return undefined if there
* is no metadata attached to the sandbox.
*
* var s = C.u.Sandbox(..., { metadata: "metadata" });
* var metadata = C.u.getSandboxMetadata(s);
--- a/js/xpconnect/src/Sandbox.cpp
+++ b/js/xpconnect/src/Sandbox.cpp
@@ -437,129 +437,16 @@ sandbox_moved(JSObject* obj, JSObject* o
nsIScriptObjectPrincipal* sop =
static_cast<nsIScriptObjectPrincipal*>(xpc_GetJSPrivate(obj));
if (!sop)
return 0;
return static_cast<SandboxPrivate*>(sop)->ObjectMoved(obj, old);
}
-static bool
-writeToProto_setProperty(JSContext* cx, JS::HandleObject obj, JS::HandleId id,
- JS::HandleValue v, JS::ObjectOpResult& result)
-{
- RootedObject proto(cx);
- if (!JS_GetPrototype(cx, obj, &proto))
- return false;
-
- RootedValue receiver(cx, ObjectValue(*proto));
- return JS_ForwardSetPropertyTo(cx, proto, id, v, receiver, result);
-}
-
-static bool
-writeToProto_getProperty(JSContext* cx, JS::HandleObject obj, JS::HandleId id,
- JS::MutableHandleValue vp)
-{
- RootedObject proto(cx);
- if (!JS_GetPrototype(cx, obj, &proto))
- return false;
-
- return JS_GetPropertyById(cx, proto, id, vp);
-}
-
-struct AutoSkipPropertyMirroring
-{
- explicit AutoSkipPropertyMirroring(RealmPrivate* priv) : priv(priv) {
- MOZ_ASSERT(!priv->skipWriteToGlobalPrototype);
- priv->skipWriteToGlobalPrototype = true;
- }
- ~AutoSkipPropertyMirroring() {
- MOZ_ASSERT(priv->skipWriteToGlobalPrototype);
- priv->skipWriteToGlobalPrototype = false;
- }
-
- private:
- RealmPrivate* priv;
-};
-
-// This hook handles the case when writeToGlobalPrototype is set on the
-// sandbox. This flag asks that any properties defined on the sandbox global
-// also be defined on the sandbox global's prototype. Whenever one of these
-// properties is changed (on either side), the change should be reflected on
-// both sides. We use this functionality to create sandboxes that are
-// essentially "sub-globals" of another global. This is useful for running
-// add-ons in a separate compartment while still giving them access to the
-// chrome window.
-static bool
-sandbox_addProperty(JSContext* cx, HandleObject obj, HandleId id, HandleValue v)
-{
- RealmPrivate* priv = RealmPrivate::Get(obj);
- MOZ_ASSERT(priv->writeToGlobalPrototype);
-
- // Whenever JS_EnumerateStandardClasses is called, it defines the
- // "undefined" property, even if it's already defined. We don't want to do
- // anything in that case.
- if (id == XPCJSRuntime::Get()->GetStringID(XPCJSContext::IDX_UNDEFINED))
- return true;
-
- // Avoid recursively triggering sandbox_addProperty in the
- // JS_DefinePropertyById call below.
- if (priv->skipWriteToGlobalPrototype)
- return true;
-
- AutoSkipPropertyMirroring askip(priv);
-
- RootedObject proto(cx);
- if (!JS_GetPrototype(cx, obj, &proto))
- return false;
-
- // After bug 1015790 is fixed, we should be able to remove this unwrapping.
- RootedObject unwrappedProto(cx, js::UncheckedUnwrap(proto, /* stopAtWindowProxy = */ false));
-
- Rooted<JS::PropertyDescriptor> pd(cx);
- if (!JS_GetPropertyDescriptorById(cx, proto, id, &pd))
- return false;
-
- // This is a little icky. If the property exists and is not configurable,
- // then JS_CopyPropertyFrom will throw an exception when we try to do a
- // normal assignment since it will think we're trying to remove the
- // non-configurability. So we do JS_SetPropertyById in that case.
- //
- // However, in the case of |const x = 3|, we get called once for
- // JSOP_DEFCONST and once for JSOP_SETCONST. The first one creates the
- // property as readonly and configurable. The second one changes the
- // attributes to readonly and not configurable. If we use JS_SetPropertyById
- // for the second call, it will throw an exception because the property is
- // readonly. We have to use JS_CopyPropertyFrom since it ignores the
- // readonly attribute (as it calls JSObject::defineProperty). See bug
- // 1019181.
- if (pd.object() && !pd.configurable()) {
- if (!JS_SetPropertyById(cx, proto, id, v))
- return false;
- } else {
- if (!JS_CopyPropertyFrom(cx, id, unwrappedProto, obj,
- MakeNonConfigurableIntoConfigurable))
- return false;
- }
-
- if (!JS_GetPropertyDescriptorById(cx, obj, id, &pd))
- return false;
-
- unsigned attrs = pd.attributes() & ~(JSPROP_GETTER | JSPROP_SETTER);
- attrs |= JSPROP_PROPOP_ACCESSORS | JSPROP_REDEFINE_NONCONFIGURABLE;
-
- if (!JS_DefinePropertyById(cx, obj, id,
- JS_PROPERTYOP_GETTER(writeToProto_getProperty),
- JS_PROPERTYOP_SETTER(writeToProto_setProperty),
- attrs))
- return false;
-
- return true;
-}
-
#define XPCONNECT_SANDBOX_CLASS_METADATA_SLOT (XPCONNECT_GLOBAL_EXTRA_SLOT_OFFSET)
static const js::ClassOps SandboxClassOps = {
nullptr, nullptr, nullptr,
JS_NewEnumerateStandardClasses, JS_ResolveStandardClass,
JS_MayResolveStandardClass,
sandbox_finalize,
nullptr, nullptr, nullptr, JS_GlobalObjectTraceHook,
@@ -575,48 +462,28 @@ static const js::Class SandboxClass = {
XPCONNECT_GLOBAL_FLAGS_WITH_EXTRA_SLOTS(1) |
JSCLASS_FOREGROUND_FINALIZE,
&SandboxClassOps,
JS_NULL_CLASS_SPEC,
&SandboxClassExtension,
JS_NULL_OBJECT_OPS
};
-// Note to whomever comes here to remove addProperty hooks: billm has promised
-// to do the work for this class.
-static const js::ClassOps SandboxWriteToProtoClassOps = {
- sandbox_addProperty, nullptr, nullptr,
- JS_NewEnumerateStandardClasses, JS_ResolveStandardClass,
- JS_MayResolveStandardClass,
- sandbox_finalize,
- nullptr, nullptr, nullptr, JS_GlobalObjectTraceHook,
-};
-
-static const js::Class SandboxWriteToProtoClass = {
- "Sandbox",
- XPCONNECT_GLOBAL_FLAGS_WITH_EXTRA_SLOTS(1) |
- JSCLASS_FOREGROUND_FINALIZE,
- &SandboxWriteToProtoClassOps,
- JS_NULL_CLASS_SPEC,
- &SandboxClassExtension,
- JS_NULL_OBJECT_OPS
-};
-
static const JSFunctionSpec SandboxFunctions[] = {
JS_FN("dump", SandboxDump, 1,0),
JS_FN("debug", SandboxDebug, 1,0),
JS_FN("importFunction", SandboxImport, 1,0),
JS_FS_END
};
bool
xpc::IsSandbox(JSObject* obj)
{
const js::Class* clasp = js::GetObjectClass(obj);
- return clasp == &SandboxClass || clasp == &SandboxWriteToProtoClass;
+ return clasp == &SandboxClass;
}
/***************************************************************************/
nsXPCComponents_utils_Sandbox::nsXPCComponents_utils_Sandbox()
{
}
nsXPCComponents_utils_Sandbox::~nsXPCComponents_utils_Sandbox()
@@ -1150,28 +1017,23 @@ xpc::CreateSandboxObject(JSContext* cx,
addonId = id;
}
}
creationOptions.setAddonId(addonId);
compartmentOptions.behaviors().setDiscardSource(options.discardSource);
- const js::Class* clasp = options.writeToGlobalPrototype
- ? &SandboxWriteToProtoClass
- : &SandboxClass;
+ const js::Class* clasp = &SandboxClass;
RootedObject sandbox(cx, xpc::CreateGlobalObject(cx, js::Jsvalify(clasp),
principal, compartmentOptions));
if (!sandbox)
return NS_ERROR_FAILURE;
- RealmPrivate* realmPriv = RealmPrivate::Get(sandbox);
- realmPriv->writeToGlobalPrototype = options.writeToGlobalPrototype;
-
CompartmentPrivate* priv = CompartmentPrivate::Get(sandbox);
priv->allowWaivers = options.allowWaivers;
priv->isWebExtensionContentScript = options.isWebExtensionContentScript;
priv->isContentXBLCompartment = options.isContentXBLScope;
// Set up the wantXrays flag, which indicates whether xrays are desired even
// for same-origin access.
//
@@ -1188,33 +1050,20 @@ xpc::CreateSandboxObject(JSContext* cx,
JSAutoCompartment ac(cx, sandbox);
nsCOMPtr<nsIScriptObjectPrincipal> sbp =
new SandboxPrivate(principal, sandbox);
// Pass on ownership of sbp to |sandbox|.
JS_SetPrivate(sandbox, sbp.forget().take());
- {
- // Don't try to mirror standard class properties, if we're using a
- // mirroring sandbox. (This is meaningless for non-mirroring
- // sandboxes.)
- AutoSkipPropertyMirroring askip(RealmPrivate::Get(sandbox));
-
- // Ensure |Object.prototype| is instantiated before prototype-
- // splicing below. For write-to-global-prototype behavior, extend
- // this to all builtin properties.
- if (options.writeToGlobalPrototype) {
- if (!JS_EnumerateStandardClasses(cx, sandbox))
- return NS_ERROR_XPC_UNEXPECTED;
- } else {
- if (!JS_GetObjectPrototype(cx, sandbox))
- return NS_ERROR_XPC_UNEXPECTED;
- }
- }
+ // Ensure |Object.prototype| is instantiated before prototype-
+ // splicing below.
+ if (!JS_GetObjectPrototype(cx, sandbox))
+ return NS_ERROR_XPC_UNEXPECTED;
if (options.proto) {
bool ok = JS_WrapObject(cx, &options.proto);
if (!ok)
return NS_ERROR_XPC_UNEXPECTED;
// Now check what sort of thing we've got in |proto|, and figure out
// if we need a SandboxProxyHandler.
@@ -1245,19 +1094,16 @@ xpc::CreateSandboxObject(JSContext* cx,
return NS_ERROR_OUT_OF_MEMORY;
}
ok = JS_SplicePrototype(cx, sandbox, options.proto);
if (!ok)
return NS_ERROR_XPC_UNEXPECTED;
}
- // Don't try to mirror the properties that are set below.
- AutoSkipPropertyMirroring askip(RealmPrivate::Get(sandbox));
-
bool allowComponents = principal == nsXPConnect::SystemPrincipal() ||
nsContentUtils::IsExpandedPrincipal(principal);
if (options.wantComponents && allowComponents &&
!ObjectScope(sandbox)->AttachComponentsObject(cx))
return NS_ERROR_XPC_UNEXPECTED;
if (!XPCNativeWrapper::AttachNewConstructorObject(cx, sandbox))
return NS_ERROR_XPC_UNEXPECTED;
@@ -1732,18 +1578,16 @@ SandboxOptions::Parse()
ParseBoolean("wantComponents", &wantComponents) &&
ParseBoolean("wantExportHelpers", &wantExportHelpers) &&
ParseBoolean("isWebExtensionContentScript", &isWebExtensionContentScript) &&
ParseString("sandboxName", sandboxName) &&
ParseObject("sameZoneAs", &sameZoneAs) &&
ParseBoolean("freshZone", &freshZone) &&
ParseBoolean("invisibleToDebugger", &invisibleToDebugger) &&
ParseBoolean("discardSource", &discardSource) &&
- ParseJSString("addonId", &addonId) &&
- ParseBoolean("writeToGlobalPrototype", &writeToGlobalPrototype) &&
ParseGlobalProperties() &&
ParseValue("metadata", &metadata) &&
ParseUInt32("userContextId", &userContextId) &&
ParseObject("originAttributes", &originAttributes);
if (!ok)
return false;
if (freshZone && sameZoneAs) {
@@ -1966,36 +1810,16 @@ xpc::EvalInSandbox(JSContext* cx, Handle
NS_ENSURE_TRUE(ok, NS_ERROR_FAILURE);
// Whew!
rval.set(v);
return NS_OK;
}
nsresult
-xpc::GetSandboxAddonId(JSContext* cx, HandleObject sandbox, MutableHandleValue rval)
-{
- MOZ_ASSERT(NS_IsMainThread());
- MOZ_ASSERT(IsSandbox(sandbox));
-
- JSAddonId* id = JS::AddonIdOfObject(sandbox);
- if (!id) {
- rval.setNull();
- return NS_OK;
- }
-
- JS::RootedValue idStr(cx, StringValue(JS::StringOfAddonId(id)));
- if (!JS_WrapValue(cx, &idStr))
- return NS_ERROR_UNEXPECTED;
-
- rval.set(idStr);
- return NS_OK;
-}
-
-nsresult
xpc::GetSandboxMetadata(JSContext* cx, HandleObject sandbox, MutableHandleValue rval)
{
MOZ_ASSERT(NS_IsMainThread());
MOZ_ASSERT(IsSandbox(sandbox));
RootedValue metadata(cx);
{
JSAutoCompartment ac(cx, sandbox);
--- a/js/xpconnect/src/XPCComponents.cpp
+++ b/js/xpconnect/src/XPCComponents.cpp
@@ -2197,31 +2197,16 @@ nsXPCComponents_Utils::EvalInSandbox(con
lineNo = frame->GetLineNumber(cx);
}
}
return xpc::EvalInSandbox(cx, sandbox, source, filename, lineNo, retval);
}
NS_IMETHODIMP
-nsXPCComponents_Utils::GetSandboxAddonId(HandleValue sandboxVal,
- JSContext* cx, MutableHandleValue rval)
-{
- if (!sandboxVal.isObject())
- return NS_ERROR_INVALID_ARG;
-
- RootedObject sandbox(cx, &sandboxVal.toObject());
- sandbox = js::CheckedUnwrap(sandbox);
- if (!sandbox || !xpc::IsSandbox(sandbox))
- return NS_ERROR_INVALID_ARG;
-
- return xpc::GetSandboxAddonId(cx, sandbox, rval);
-}
-
-NS_IMETHODIMP
nsXPCComponents_Utils::GetSandboxMetadata(HandleValue sandboxVal,
JSContext* cx, MutableHandleValue rval)
{
if (!sandboxVal.isObject())
return NS_ERROR_INVALID_ARG;
RootedObject sandbox(cx, &sandboxVal.toObject());
sandbox = js::CheckedUnwrap(sandbox);
--- a/js/xpconnect/src/XPCJSRuntime.cpp
+++ b/js/xpconnect/src/XPCJSRuntime.cpp
@@ -186,19 +186,17 @@ CompartmentPrivate::CompartmentPrivate(J
CompartmentPrivate::~CompartmentPrivate()
{
MOZ_COUNT_DTOR(xpc::CompartmentPrivate);
mWrappedJSMap->ShutdownMarker();
delete mWrappedJSMap;
}
RealmPrivate::RealmPrivate(JS::Realm* realm)
- : writeToGlobalPrototype(false)
- , skipWriteToGlobalPrototype(false)
- , scriptability(JS::GetCompartmentForRealm(realm))
+ : scriptability(JS::GetCompartmentForRealm(realm))
, scope(nullptr)
{
}
static bool
TryParseLocationURICandidate(const nsACString& uristr,
CompartmentPrivate::LocationHint aLocationHint,
nsIURI** aURI)
@@ -443,28 +441,16 @@ IsContentXBLScope(JS::Realm* realm)
bool
IsInContentXBLScope(JSObject* obj)
{
return IsContentXBLCompartment(js::GetObjectCompartment(obj));
}
bool
-IsAddonCompartment(JSCompartment* compartment)
-{
- return CompartmentPrivate::Get(compartment)->isAddonCompartment;
-}
-
-bool
-IsInAddonScope(JSObject* obj)
-{
- return IsAddonCompartment(js::GetObjectCompartment(obj));
-}
-
-bool
IsUniversalXPConnectEnabled(JSCompartment* compartment)
{
CompartmentPrivate* priv = CompartmentPrivate::Get(compartment);
if (!priv)
return false;
return priv->universalXPConnectEnabled;
}
@@ -545,36 +531,16 @@ WindowGlobalOrNull(JSObject* aObj)
{
MOZ_ASSERT(aObj);
JSObject* glob = js::GetGlobalForObjectCrossCompartment(aObj);
return WindowOrNull(glob);
}
nsGlobalWindowInner*
-AddonWindowOrNull(JSObject* aObj)
-{
- if (!IsInAddonScope(aObj))
- return nullptr;
-
- JSObject* global = js::GetGlobalForObjectCrossCompartment(aObj);
- JSObject* proto = js::GetPrototypeNoProxy(global);
-
- // Addons could theoretically change the prototype of the addon scope, but
- // we pretty much just want to crash if that happens so that we find out
- // about it and get them to change their code.
- MOZ_RELEASE_ASSERT(js::IsCrossCompartmentWrapper(proto) ||
- xpc::IsSandboxPrototypeProxy(proto));
- JSObject* mainGlobal = js::UncheckedUnwrap(proto, /* stopAtWindowProxy = */ false);
- MOZ_RELEASE_ASSERT(JS_IsGlobalObject(mainGlobal));
-
- return WindowOrNull(mainGlobal);
-}
-
-nsGlobalWindowInner*
CurrentWindowOrNull(JSContext* cx)
{
JSObject* glob = JS::CurrentGlobalOrNull(cx);
return glob ? WindowOrNull(glob) : nullptr;
}
// Nukes all wrappers into or out of the given compartment, and prevents new
// wrappers from being created. Additionally marks the compartment as
--- a/js/xpconnect/src/XPCWrappedNativeScope.cpp
+++ b/js/xpconnect/src/XPCWrappedNativeScope.cpp
@@ -214,31 +214,16 @@ XPCWrappedNativeScope::AttachComponentsO
DEFINE_SUBCOMPONENT_PROPERTY(c, Classes, nullptr, CC)
DEFINE_SUBCOMPONENT_PROPERTY(c, Utils, &NS_GET_IID(nsIXPCComponents_Utils), CU)
#undef DEFINE_SUBCOMPONENT_PROPERTY
return true;
}
-static bool
-CompartmentPerAddon()
-{
- static bool initialized = false;
- static bool pref = false;
-
- if (!initialized) {
- pref = Preferences::GetBool("dom.compartment_per_addon", false) ||
- BrowserTabsRemoteAutostart();
- initialized = true;
- }
-
- return pref;
-}
-
JSObject*
XPCWrappedNativeScope::EnsureContentXBLScope(JSContext* cx)
{
JS::RootedObject global(cx, GetGlobalJSObject());
MOZ_ASSERT(js::IsObjectInContextCompartment(global, cx));
MOZ_ASSERT(!IsContentXBLScope());
MOZ_ASSERT(strcmp(js::GetObjectClass(global)->name,
"nsXBLPrototypeScript compilation scope"));
@@ -300,51 +285,23 @@ XPCWrappedNativeScope::AllowContentXBLSc
nsContentUtils::AllowXULXBLForPrincipal(GetPrincipal()));
return mAllowContentXBLScope;
}
namespace xpc {
JSObject*
GetXBLScope(JSContext* cx, JSObject* contentScopeArg)
{
- MOZ_ASSERT(!IsInAddonScope(contentScopeArg));
-
JS::RootedObject contentScope(cx, contentScopeArg);
- JSCompartment* addonComp = js::GetObjectCompartment(contentScope);
- JS::Rooted<JS::Realm*> addonRealm(cx, JS::GetRealmForCompartment(addonComp));
- JSAutoCompartment ac(cx, contentScope);
- JSObject* scope = RealmPrivate::Get(addonRealm)->scope->EnsureContentXBLScope(cx);
- NS_ENSURE_TRUE(scope, nullptr); // See bug 858642.
- scope = js::UncheckedUnwrap(scope);
- JS::ExposeObjectToActiveJS(scope);
- return scope;
-}
-
-JSObject*
-GetScopeForXBLExecution(JSContext* cx, HandleObject contentScope, JSAddonId* addonId)
-{
- MOZ_RELEASE_ASSERT(!IsInAddonScope(contentScope));
-
- RootedObject global(cx, js::GetGlobalForObjectCrossCompartment(contentScope));
- if (IsInContentXBLScope(contentScope))
- return global;
-
JSAutoCompartment ac(cx, contentScope);
XPCWrappedNativeScope* nativeScope = RealmPrivate::Get(contentScope)->scope;
- bool isSystem = nsContentUtils::IsSystemPrincipal(nativeScope->GetPrincipal());
- RootedObject scope(cx);
- if (nativeScope->UseContentXBLScope())
- scope = nativeScope->EnsureContentXBLScope(cx);
- else if (addonId && CompartmentPerAddon() && isSystem)
- scope = nativeScope->EnsureAddonScope(cx, addonId);
- else
- scope = global;
+ RootedObject scope(cx, nativeScope->EnsureContentXBLScope(cx));
+ NS_ENSURE_TRUE(scope, nullptr); // See bug 858642.
- NS_ENSURE_TRUE(scope, nullptr); // See bug 858642.
scope = js::UncheckedUnwrap(scope);
JS::ExposeObjectToActiveJS(scope);
return scope;
}
bool
AllowContentXBLScope(JS::Realm* realm)
{
@@ -362,83 +319,16 @@ UseContentXBLScope(JS::Realm* realm)
void
ClearContentXBLScope(JSObject* global)
{
RealmPrivate::Get(global)->scope->ClearContentXBLScope();
}
} /* namespace xpc */
-JSObject*
-XPCWrappedNativeScope::EnsureAddonScope(JSContext* cx, JSAddonId* addonId)
-{
- JS::RootedObject global(cx, GetGlobalJSObject());
- MOZ_ASSERT(js::IsObjectInContextCompartment(global, cx));
- MOZ_ASSERT(!IsContentXBLScope());
- MOZ_ASSERT(!IsAddonScope());
- MOZ_ASSERT(addonId);
- MOZ_ASSERT(nsContentUtils::IsSystemPrincipal(GetPrincipal()));
-
- // In bug 1092156, we found that add-on scopes don't work correctly when the
- // window navigates. The add-on global's prototype is an outer window, so,
- // after the navigation, looking up window properties in the add-on scope
- // will fail. However, in most cases where the window can be navigated, the
- // entire window is part of the add-on. To solve the problem, we avoid
- // returning an add-on scope for a window that is already tagged with the
- // add-on ID.
- if (AddonIdOfObject(global) == addonId)
- return global;
-
- // If we already have an addon scope object, we know what to use.
- for (size_t i = 0; i < mAddonScopes.Length(); i++) {
- if (JS::AddonIdOfObject(js::UncheckedUnwrap(mAddonScopes[i])) == addonId)
- return mAddonScopes[i];
- }
-
- SandboxOptions options;
- options.wantComponents = true;
- options.proto = global;
- options.sameZoneAs = global;
- options.addonId = JS::StringOfAddonId(addonId);
- options.writeToGlobalPrototype = true;
-
- RootedValue v(cx);
- nsresult rv = CreateSandboxObject(cx, &v, GetPrincipal(), options);
- NS_ENSURE_SUCCESS(rv, nullptr);
- mAddonScopes.AppendElement(&v.toObject());
-
- CompartmentPrivate::Get(js::UncheckedUnwrap(&v.toObject()))->isAddonCompartment = true;
- return &v.toObject();
-}
-
-JSObject*
-xpc::GetAddonScope(JSContext* cx, JS::HandleObject contentScope, JSAddonId* addonId)
-{
- MOZ_RELEASE_ASSERT(!IsInAddonScope(contentScope));
-
- if (!addonId || !CompartmentPerAddon()) {
- return js::GetGlobalForObjectCrossCompartment(contentScope);
- }
-
- JSAutoCompartment ac(cx, contentScope);
- XPCWrappedNativeScope* nativeScope = RealmPrivate::Get(contentScope)->scope;
- if (nativeScope->GetPrincipal() != nsXPConnect::SystemPrincipal()) {
- // This can happen if, for example, Jetpack loads an unprivileged HTML
- // page from the add-on. It's not clear what to do there, so we just use
- // the normal global.
- return js::GetGlobalForObjectCrossCompartment(contentScope);
- }
- JSObject* scope = nativeScope->EnsureAddonScope(cx, addonId);
- NS_ENSURE_TRUE(scope, nullptr);
-
- scope = js::UncheckedUnwrap(scope);
- JS::ExposeObjectToActiveJS(scope);
- return scope;
-}
-
XPCWrappedNativeScope::~XPCWrappedNativeScope()
{
MOZ_COUNT_DTOR(XPCWrappedNativeScope);
// We can do additional cleanup assertions here...
MOZ_ASSERT(0 == mWrappedNativeMap->Count(), "scope has non-empty map");
delete mWrappedNativeMap;
@@ -539,40 +429,32 @@ XPCWrappedNativeScope::UpdateWeakPointer
return;
// Update our pointer to the global object in case it was moved or
// finalized.
mGlobalJSObject.updateWeakPointerAfterGC();
if (!mGlobalJSObject) {
JSContext* cx = dom::danger::GetJSContext();
mContentXBLScope.finalize(cx);
- for (size_t i = 0; i < mAddonScopes.Length(); i++)
- mAddonScopes[i].finalize(cx);
GetWrappedNativeMap()->Clear();
mWrappedNativeProtoMap->Clear();
return;
}
DebugOnly<JSCompartment*> comp =
js::GetObjectCompartment(mGlobalJSObject.unbarrieredGet());
#ifdef DEBUG
// These are traced, so no updates are necessary.
if (mContentXBLScope) {
JSObject* prev = mContentXBLScope.unbarrieredGet();
mContentXBLScope.updateWeakPointerAfterGC();
MOZ_ASSERT(prev == mContentXBLScope.unbarrieredGet());
AssertSameCompartment(comp, mContentXBLScope);
}
- for (size_t i = 0; i < mAddonScopes.Length(); i++) {
- JSObject* prev = mAddonScopes[i].unbarrieredGet();
- mAddonScopes[i].updateWeakPointerAfterGC();
- MOZ_ASSERT(prev == mAddonScopes[i].unbarrieredGet());
- AssertSameCompartment(comp, mAddonScopes[i]);
- }
#endif
// Sweep mWrappedNativeMap for dying flat JS objects. Moving has already
// been handled by XPCWrappedNative::FlatJSObjectMoved.
for (auto iter = GetWrappedNativeMap()->Iter(); !iter.Done(); iter.Next()) {
auto entry = static_cast<Native2WrappedNativeMap::Entry*>(iter.Get());
XPCWrappedNative* wrapper = entry->value;
JSObject* obj = wrapper->GetFlatJSObjectPreserveColor();
--- a/js/xpconnect/src/xpcprivate.h
+++ b/js/xpconnect/src/xpcprivate.h
@@ -921,18 +921,16 @@ public:
void TraceSelf(JSTracer* trc) {
MOZ_ASSERT(mGlobalJSObject);
mGlobalJSObject.trace(trc, "XPCWrappedNativeScope::mGlobalJSObject");
}
void TraceInside(JSTracer* trc) {
if (mContentXBLScope)
mContentXBLScope.trace(trc, "XPCWrappedNativeScope::mXBLScope");
- for (size_t i = 0; i < mAddonScopes.Length(); i++)
- mAddonScopes[i].trace(trc, "XPCWrappedNativeScope::mAddonScopes");
if (mXrayExpandos.initialized())
mXrayExpandos.trace(trc);
}
static void
SuspectAllWrappers(nsCycleCollectionNoteRootCallback& cb);
static void
@@ -974,30 +972,27 @@ public:
static bool
IsDyingScope(XPCWrappedNativeScope* scope);
// Gets the appropriate scope object for XBL in this scope. The context
// must be same-compartment with the global upon entering, and the scope
// object is wrapped into the compartment of the global.
JSObject* EnsureContentXBLScope(JSContext* cx);
- JSObject* EnsureAddonScope(JSContext* cx, JSAddonId* addonId);
-
XPCWrappedNativeScope(JSContext* cx, JS::HandleObject aGlobal);
nsAutoPtr<JSObject2JSObjectMap> mWaiverWrapperMap;
JSCompartment* Compartment() const { return js::GetObjectCompartment(mGlobalJSObject); }
bool IsContentXBLScope() { return xpc::IsContentXBLCompartment(Compartment()); }
bool AllowContentXBLScope();
bool UseContentXBLScope() { return mUseContentXBLScope; }
void ClearContentXBLScope() { mContentXBLScope = nullptr; }
- bool IsAddonScope() { return xpc::IsAddonCompartment(Compartment()); }
protected:
virtual ~XPCWrappedNativeScope();
XPCWrappedNativeScope() = delete;
private:
static XPCWrappedNativeScope* gScopes;
static XPCWrappedNativeScope* gDyingScopes;
@@ -1012,19 +1007,16 @@ private:
// constructor).
JS::ObjectPtr mGlobalJSObject;
// XBL Scope. This is is a lazily-created sandbox for non-system scopes.
// EnsureContentXBLScope() decides whether it needs to be created or not.
// This reference is wrapped into the compartment of mGlobalJSObject.
JS::ObjectPtr mContentXBLScope;
- // Lazily created sandboxes for addon code.
- nsTArray<JS::ObjectPtr> mAddonScopes;
-
JS::WeakMapPtr<JSObject*, JSObject*> mXrayExpandos;
// For remote XUL domains, we run all XBL in the content scope for compat
// reasons (though we sometimes pref this off for automation). We separately
// track the result of this decision (mAllowContentXBLScope), from the decision
// of whether to actually _use_ an XBL scope (mUseContentXBLScope), which depends
// on the type of global and whether the compartment is system principal
// or not.
@@ -2690,18 +2682,16 @@ public:
JSObject* options = nullptr)
: OptionsBase(cx, options)
, wantXrays(true)
, allowWaivers(true)
, wantComponents(true)
, wantExportHelpers(false)
, isWebExtensionContentScript(false)
, proto(cx)
- , addonId(cx)
- , writeToGlobalPrototype(false)
, sameZoneAs(cx)
, freshZone(false)
, isContentXBLScope(false)
, invisibleToDebugger(false)
, discardSource(false)
, metadata(cx)
, userContextId(0)
, originAttributes(cx)
@@ -2711,18 +2701,16 @@ public:
bool wantXrays;
bool allowWaivers;
bool wantComponents;
bool wantExportHelpers;
bool isWebExtensionContentScript;
JS::RootedObject proto;
nsCString sandboxName;
- JS::RootedString addonId;
- bool writeToGlobalPrototype;
JS::RootedObject sameZoneAs;
bool freshZone;
bool isContentXBLScope;
bool invisibleToDebugger;
bool discardSource;
GlobalProperties globalProperties;
JS::RootedValue metadata;
uint32_t userContextId;
@@ -2862,20 +2850,16 @@ CreateSandboxObject(JSContext* cx, JS::M
// call. This helper will use filename and lineNo for error reporting,
// and if no filename is provided it will use the codebase from the
// principal and line number 1 as a fallback.
nsresult
EvalInSandbox(JSContext* cx, JS::HandleObject sandbox, const nsAString& source,
const nsACString& filename, int32_t lineNo,
JS::MutableHandleValue rval);
-nsresult
-GetSandboxAddonId(JSContext* cx, JS::HandleObject sandboxArg,
- JS::MutableHandleValue rval);
-
// Helper for retrieving metadata stored in a reserved slot. The metadata
// is set during the sandbox creation using the "metadata" option.
nsresult
GetSandboxMetadata(JSContext* cx, JS::HandleObject sandboxArg,
JS::MutableHandleValue rval);
nsresult
SetSandboxMetadata(JSContext* cx, JS::HandleObject sandboxArg,
@@ -2959,27 +2943,16 @@ public:
bool wantXrays;
// Controls whether this compartment is allowed to waive Xrays to content
// that it subsumes. This should generally be true, except in cases where we
// want to prevent code from depending on Xray Waivers (which might make it
// more portable to other browser architectures).
bool allowWaivers;
- // This flag is intended for a very specific use, internal to Gecko. It may
- // go away or change behavior at any time. It should not be added to any
- // documentation and it should not be used without consulting the XPConnect
- // module owner.
- bool writeToGlobalPrototype;
-
- // When writeToGlobalPrototype is true, we use this flag to temporarily
- // disable the writeToGlobalPrototype behavior (when resolving standard
- // classes, for example).
- bool skipWriteToGlobalPrototype;
-
// This compartment corresponds to a WebExtension content script, and
// receives various bits of special compatibility behavior.
bool isWebExtensionContentScript;
// If CPOWs are disabled for browser code via the
// dom.ipc.cpows.forbid-unsafe-from-browser preferences, then only
// add-ons can use CPOWs. This flag allows a non-addon scope
// to opt into CPOWs. It's necessary for the implementation of
@@ -3110,27 +3083,16 @@ public:
// cross-compartment wrapper, as CCWs aren't dedicated to a particular
// realm.
static RealmPrivate* Get(JSObject* object)
{
JS::Realm* realm = JS::GetObjectRealmOrNull(object);
return Get(realm);
}
- // This flag is intended for a very specific use, internal to Gecko. It may
- // go away or change behavior at any time. It should not be added to any
- // documentation and it should not be used without consulting the XPConnect
- // module owner.
- bool writeToGlobalPrototype;
-
- // When writeToGlobalPrototype is true, we use this flag to temporarily
- // disable the writeToGlobalPrototype behavior (when resolving standard
- // classes, for example).
- bool skipWriteToGlobalPrototype;
-
// The scriptability of this realm.
Scriptability scriptability;
// Our XPCWrappedNativeScope. This is non-null if and only if this is an
// XPConnect realm.
XPCWrappedNativeScope* scope;
};
--- a/js/xpconnect/src/xpcpublic.h
+++ b/js/xpconnect/src/xpcpublic.h
@@ -103,23 +103,16 @@ GetXBLScope(JSContext* cx, JSObject* con
inline JSObject*
GetXBLScopeOrGlobal(JSContext* cx, JSObject* obj)
{
if (IsInContentXBLScope(obj))
return js::GetGlobalForObjectCrossCompartment(obj);
return GetXBLScope(cx, obj);
}
-// This function is similar to GetXBLScopeOrGlobal. However, if |obj| is a
-// chrome scope, then it will return an add-on scope if addonId is non-null.
-// Like GetXBLScopeOrGlobal, it returns the scope of |obj| if it's already a
-// content XBL scope. But it asserts that |obj| is not an add-on scope.
-JSObject*
-GetScopeForXBLExecution(JSContext* cx, JS::HandleObject obj, JSAddonId* addonId);
-
// Returns whether XBL scopes have been explicitly disabled for code running
// in this compartment. See the comment around mAllowContentXBLScope.
bool
AllowContentXBLScope(JS::Realm* realm);
// Returns whether we will use an XBL scope for this realm. This is
// semantically equivalent to comparing global != GetXBLScope(global), but it
// does not have the side-effect of eagerly creating the XBL scope if it does
@@ -128,25 +121,16 @@ bool
UseContentXBLScope(JS::Realm* realm);
// Clear out the content XBL scope (if any) on the given global. This will
// force creation of a new one if one is needed again.
void
ClearContentXBLScope(JSObject* global);
bool
-IsAddonCompartment(JSCompartment* c);
-
-bool
-IsInAddonScope(JSObject* obj);
-
-JSObject*
-GetAddonScope(JSContext* cx, JS::HandleObject contentScope, JSAddonId* addonId);
-
-bool
IsSandboxPrototypeProxy(JSObject* obj);
bool
IsReflector(JSObject* obj);
bool
IsXrayWrapper(JSObject* obj);
@@ -518,24 +502,16 @@ WindowOrNull(JSObject* aObj);
/**
* If |aObj| has a window for a global, returns the associated nsGlobalWindow.
* Otherwise, returns null.
*/
nsGlobalWindowInner*
WindowGlobalOrNull(JSObject* aObj);
/**
- * If |aObj| is in an addon scope and that addon scope is associated with a
- * live DOM Window, returns the associated nsGlobalWindow. Otherwise, returns
- * null.
- */
-nsGlobalWindowInner*
-AddonWindowOrNull(JSObject* aObj);
-
-/**
* If |cx| is in a compartment whose global is a window, returns the associated
* nsGlobalWindow. Otherwise, returns null.
*/
nsGlobalWindowInner*
CurrentWindowOrNull(JSContext* cx);
void
SimulateActivityCallback(bool aActive);
--- a/js/xpconnect/tests/unit/test_sandbox_metadata.js
+++ b/js/xpconnect/tests/unit/test_sandbox_metadata.js
@@ -3,23 +3,21 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/* See https://bugzilla.mozilla.org/show_bug.cgi?id=898559 */
function run_test()
{
let sandbox = Cu.Sandbox("http://www.blah.com", {
metadata: "test metadata",
- addonId: "12345"
});
Cu.importGlobalProperties(["XMLHttpRequest"]);
Assert.equal(Cu.getSandboxMetadata(sandbox), "test metadata");
- Assert.equal(Cu.getSandboxAddonId(sandbox), "12345");
sandbox = Cu.Sandbox("http://www.blah.com", {
metadata: { foopy: { bar: 2 }, baz: "hi" }
});
let metadata = Cu.getSandboxMetadata(sandbox);
Assert.equal(metadata.baz, "hi");
Assert.equal(metadata.foopy.bar, 2);
deleted file mode 100644
--- a/js/xpconnect/tests/unit/test_writeToGlobalPrototype.js
+++ /dev/null
@@ -1,74 +0,0 @@
-var G = 3;
-
-function run_test()
-{
- let s = Cu.Sandbox(this, {sandboxPrototype: this, writeToGlobalPrototype: true});
-
- Cu.evalInSandbox("a = 3", s);
- Cu.evalInSandbox("var b = 3", s);
- Cu.evalInSandbox("const c = 3", s);
- Cu.evalInSandbox("this.d = 3", s);
- Cu.evalInSandbox("function e() { return 3; }", s);
-
- Assert.equal(Cu.evalInSandbox("a", s), 3);
- Assert.equal(Cu.evalInSandbox("b", s), 3);
- Assert.equal(Cu.evalInSandbox("c", s), 3);
- Assert.equal(Cu.evalInSandbox("d", s), 3);
- Assert.equal(Cu.evalInSandbox("e()", s), 3);
-
- Assert.equal(a, 3);
- Assert.equal(b, 3);
- // c is a lexical binding and does not write to the global prototype
- Assert.equal(d, 3);
- Assert.equal(e(), 3);
-
- a = 12;
- Assert.equal(Cu.evalInSandbox("a", s), 12);
- b = 12;
- Assert.equal(Cu.evalInSandbox("b", s), 12);
- d = 12;
- Assert.equal(Cu.evalInSandbox("d", s), 12);
-
- this.q = 3;
- Assert.equal(Cu.evalInSandbox("q", s), 3);
- Cu.evalInSandbox("q = 12", s);
- Assert.equal(q, 12);
-
- Assert.equal(Cu.evalInSandbox("G", s), 3);
- Cu.evalInSandbox("G = 12", s);
- Assert.equal(G, 12);
-
- Cu.evalInSandbox("Object.defineProperty(this, 'x', {enumerable: false, value: 3})", s);
- Assert.equal(Cu.evalInSandbox("x", s), 3);
- Assert.equal(x, 3);
- for (var p in this) {
- Assert.notEqual(p, "x");
- }
-
- Cu.evalInSandbox("Object.defineProperty(this, 'y', {get: function() { this.gotten = true; return 3; }})", s);
- Assert.equal(y, 3);
- Assert.equal(Cu.evalInSandbox("gotten", s), true);
- Assert.equal(gotten, true);
-
- Cu.evalInSandbox("this.gotten = false", s);
- Assert.equal(Cu.evalInSandbox("y", s), 3);
- Assert.equal(Cu.evalInSandbox("gotten", s), true);
- Assert.equal(gotten, true);
-
- Cu.evalInSandbox("Object.defineProperty(this, 'z', {get: function() { this.gotten = true; return 3; }, set: function(v) { this.setTo = v; }})", s);
- z = 12;
- Assert.equal(setTo, 12);
- Assert.equal(z, 3);
- Assert.equal(gotten, true);
- Assert.equal(Cu.evalInSandbox("gotten", s), true);
- gotten = false;
- Assert.equal(Cu.evalInSandbox("gotten", s), false);
-
- Cu.evalInSandbox("z = 20", s);
- Assert.equal(setTo, 20);
- Assert.equal(Cu.evalInSandbox("z", s), 3);
- Assert.equal(gotten, true);
- Assert.equal(Cu.evalInSandbox("gotten", s), true);
- gotten = false;
- Assert.equal(Cu.evalInSandbox("gotten", s), false);
-}
--- a/js/xpconnect/tests/unit/xpcshell.ini
+++ b/js/xpconnect/tests/unit/xpcshell.ini
@@ -126,17 +126,16 @@ head = head_watchdog.js
head = head_watchdog.js
[test_watchdog_toggle.js]
head = head_watchdog.js
[test_watchdog_default.js]
head = head_watchdog.js
[test_watchdog_hibernate.js]
head = head_watchdog.js
[test_weak_keys.js]
-[test_writeToGlobalPrototype.js]
[test_xpcwn_tamperproof.js]
[test_xrayed_iterator.js]
[test_xray_named_element_access.js]
[test_xray_SavedFrame.js]
[test_xray_SavedFrame-02.js]
[test_xray_regexp.js]
[test_resolve_dead_promise.js]
[test_asyncLoadSubScriptError.js]
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -227,21 +227,16 @@ pref("dom.keyboardevent.dispatch_during_
// If this is true, TextEventDispatcher dispatches keypress event with setting
// WidgetEvent::mFlags::mOnlySystemGroupDispatchInContent to true if it won't
// cause inputting printable character.
pref("dom.keyboardevent.keypress.dispatch_non_printable_keys_only_system_group_in_content", false);
// Whether the WebMIDI API is enabled
pref("dom.webmidi.enabled", false);
-// Whether to run add-on code in different compartments from browser code. This
-// causes a separate compartment for each (addon, global) combination, which may
-// significantly increase the number of compartments in the system.
-pref("dom.compartment_per_addon", true);
-
// Whether to enable the JavaScript start-up cache. This causes one of the first
// execution to record the bytecode of the JavaScript function used, and save it
// in the existing cache entry. On the following loads of the same script, the
// bytecode would be loaded from the cache instead of being generated once more.
pref("dom.script_loader.bytecode_cache.enabled", true);
// Ignore the heuristics of the bytecode cache, and always record on the first
// visit. (used for testing purposes).
--- a/testing/mochitest/browser-test.js
+++ b/testing/mochitest/browser-test.js
@@ -7,18 +7,16 @@ var gSaveInstrumentationData = null;
ChromeUtils.import("resource://gre/modules/XPCOMUtils.jsm");
ChromeUtils.import("resource://gre/modules/Task.jsm");
ChromeUtils.import("resource://gre/modules/AppConstants.jsm");
ChromeUtils.import("resource://gre/modules/Services.jsm");
ChromeUtils.defineModuleGetter(this, "ContentSearch",
"resource:///modules/ContentSearch.jsm");
-Cu.importGlobalProperties(["NodeFilter"]);
-
const SIMPLETEST_OVERRIDES =
["ok", "is", "isnot", "todo", "todo_is", "todo_isnot", "info", "expectAssertions", "requestCompleteLog"];
// non-android is bootstrapped by marionette
if (Services.appinfo.OS == 'Android') {
window.addEventListener("load", function() {
window.addEventListener("MozAfterPaint", function() {
setTimeout(testInit, 0);