commit 3f9092acb0075896fa3178c95601ffaa7f985779 Author: Boris Zbarsky <bzbarsky@mit.edu> Date: Wed Mar 26 21:44:25 2014 -0400 Bug 987003 - Be more careful sandboxing javascript: URLs. r=bholley, a=sledru --- dom/src/jsurl/nsJSProtocolHandler.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/dom/src/jsurl/nsJSProtocolHandler.cpp b/dom/src/jsurl/nsJSProtocolHandler.cpp index de5ff3b..27b8ddb 100644 --- a/dom/src/jsurl/nsJSProtocolHandler.cpp +++ b/dom/src/jsurl/nsJSProtocolHandler.cpp @@ -282,7 +282,8 @@ nsresult nsJSThunk::EvaluateScript(nsIChannel *aChannel, nsIXPConnect *xpc = nsContentUtils::XPConnect(); nsCOMPtr<nsIXPConnectJSObjectHolder> sandbox; - rv = xpc->CreateSandbox(cx, principal, getter_AddRefs(sandbox)); + // Important: Use a null principal here + rv = xpc->CreateSandbox(cx, nullptr, getter_AddRefs(sandbox)); NS_ENSURE_SUCCESS(rv, rv); // The nsXPConnect sandbox API gives us a wrapper to the sandbox for