commit b0f60cb668c5a37f2be4dfc4aa87e5bb0d707dac Author: Bobby Holley bobbyholley@gmail.com Date: Mon Feb 10 14:07:27 2014 -0800

Bug 912322 - Stop making XBL methods available to the web. r=bz a=sylvestre --- dom/webidl/Document.webidl | 5 +++- js/xpconnect/tests/mochitest/Makefile.in | 1 + js/xpconnect/tests/mochitest/test_bug912322.html | 35 ++++++++++++++++++++++ 3 files changed, 40 insertions(+), 1 deletion(-)

diff --git a/dom/webidl/Document.webidl b/dom/webidl/Document.webidl index 2233af8..4805a74 100644 --- a/dom/webidl/Document.webidl +++ b/dom/webidl/Document.webidl @@ -277,11 +277,14 @@ partial interface Document { partial interface Document { // nsIDOMDocumentXBL. Wish we could make these [ChromeOnly], but // that would likely break bindings running with the page principal. + [Func="IsChromeOrXBL"] NodeList? getAnonymousNodes(Element elt); + [Func="IsChromeOrXBL"] Element? getAnonymousElementByAttribute(Element elt, DOMString attrName, DOMString attrValue); + [Func="IsChromeOrXBL"] Element? getBindingParent(Node node); - [Throws] + [Throws, Func="IsChromeOrXBL"] void loadBindingDocument(DOMString documentURL);

// nsIDOMDocumentTouch diff --git a/js/xpconnect/tests/mochitest/Makefile.in b/js/xpconnect/tests/mochitest/Makefile.in index 4c947e9..e3e1b63 100644 --- a/js/xpconnect/tests/mochitest/Makefile.in +++ b/js/xpconnect/tests/mochitest/Makefile.in @@ -96,6 +96,7 @@ MOCHITEST_FILES = chrome_wrappers_helper.html \ test_bug865260.html \ test_bug870423.html \ test_bug871887.html \ + test_bug912322.html \ file_crosscompartment_weakmap.html \ test_crosscompartment_weakmap.html \ test_asmjs.html \ diff --git a/js/xpconnect/tests/mochitest/test_bug912322.html b/js/xpconnect/tests/mochitest/test_bug912322.html new file mode 100644 index 0000000..22fcc9f --- /dev/null +++ b/js/xpconnect/tests/mochitest/test_bug912322.html @@ -0,0 +1,35 @@ +<!DOCTYPE HTML> +<html> +<!-- +https://bugzilla.mozilla.org/show_bug.cgi?id=912322 +--> +<head> + <meta charset="utf-8"> + <title>Test for Bug 912322</title> + <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script> + <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/> + <script type="application/javascript"> + + /** Test that XBL functions aren't exposed to the web. **/ + funs = ['getAnonymousNodes', 'getAnonymousElementByAttribute', + 'getBindingParent', 'loadBindingDocument']; + for (var f of funs) { + ok(!(f in document), f + " should not be available to content"); + ok(f in SpecialPowers.wrap(document), f + " should be available to chrome via Xray"); + } + + + + + </script> +</head> +<body> +<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=912322">Mozilla Bug 912322</a> +<p id="display"></p> +<div id="content" style="display: none"> + +</div> +<pre id="test"> +</pre> +</body> +</html>