Mercurial > mozreview > gecko / changeset / 3490bfd8749430ac3a19698f75cd1f31367f19a3
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 293394 - javascript: should never execute with chrome privs, r=bz draft
authorFranziskus Kiefer <franziskuskiefer@gmail.com>
Mon, 29 Feb 2016 12:25:11 +0100
changeset 338513 3490bfd8749430ac3a19698f75cd1f31367f19a3
parent 338511 4657041c6f77b36b1fb9647c28f53f4f51757360
child 515807 7a6f7e731e23d7c16a7fa06cb512b1e42b1f4e87
push id12524
push userfranziskuskiefer@gmail.com
push dateWed, 09 Mar 2016 09:36:39 +0000
reviewersbz
bugs293394
milestone48.0a1
Bug 293394 - javascript: should never execute with chrome privs, r=bz MozReview-Commit-ID: J6zDIcUZZMv
dom/jsurl/nsJSProtocolHandler.cpp file | annotate | diff | comparison | revisions 
--- a/dom/jsurl/nsJSProtocolHandler.cpp
+++ b/dom/jsurl/nsJSProtocolHandler.cpp
@@ -258,16 +258,21 @@ nsresult nsJSThunk::EvaluateScript(nsICh
     rv = principal->Subsumes(objectPrincipal, &subsumes);
     if (NS_FAILED(rv))
         return rv;
 
     if (!subsumes) {
         return NS_ERROR_DOM_RETVAL_UNDEFINED;
     }
 
+    // Fail if someone tries to execute in a global with system principal.
+    if (nsContentUtils::IsSystemPrincipal(objectPrincipal)) {
+        return NS_ERROR_DOM_SECURITY_ERR;
+    }
+
     JS::Rooted<JS::Value> v (cx, JS::UndefinedValue());
     // Finally, we have everything needed to evaluate the expression.
     JS::CompileOptions options(cx);
     options.setFileAndLine(mURL.get(), 1)
            .setVersion(JSVERSION_DEFAULT);
     nsJSUtils::EvaluateOptions evalOptions(cx);
     evalOptions.setCoerceToString(true);
     rv = nsJSUtils::EvaluateString(cx, NS_ConvertUTF8toUTF16(script),
gecko
Deployed from af051c2a8da7 at 2024-04-29T16:08:03Z.