[tbb-commits] [tor-browser/esr24] Bug 912322 - Stop making XBL methods available to the web. r=bz a=sylvestre

Fri Aug 29 05:26:37 UTC 2014

commit b0f60cb668c5a37f2be4dfc4aa87e5bb0d707dac
Author: Bobby Holley <bobbyholley at gmail.com>
Date:   Mon Feb 10 14:07:27 2014 -0800

    Bug 912322 - Stop making XBL methods available to the web. r=bz a=sylvestre
---
 dom/webidl/Document.webidl                       |    5 +++-
 js/xpconnect/tests/mochitest/Makefile.in         |    1 +
 js/xpconnect/tests/mochitest/test_bug912322.html |   35 ++++++++++++++++++++++
 3 files changed, 40 insertions(+), 1 deletion(-)

diff --git a/dom/webidl/Document.webidl b/dom/webidl/Document.webidl
index 2233af8..4805a74 100644
--- a/dom/webidl/Document.webidl
+++ b/dom/webidl/Document.webidl
@@ -277,11 +277,14 @@ partial interface Document {
 partial interface Document {
   // nsIDOMDocumentXBL.  Wish we could make these [ChromeOnly], but
   // that would likely break bindings running with the page principal.
+  [Func="IsChromeOrXBL"]
   NodeList? getAnonymousNodes(Element elt);
+  [Func="IsChromeOrXBL"]
   Element? getAnonymousElementByAttribute(Element elt, DOMString attrName,
                                           DOMString attrValue);
+  [Func="IsChromeOrXBL"]
   Element? getBindingParent(Node node);
-  [Throws]
+  [Throws, Func="IsChromeOrXBL"]
   void loadBindingDocument(DOMString documentURL);
 
   // nsIDOMDocumentTouch
diff --git a/js/xpconnect/tests/mochitest/Makefile.in b/js/xpconnect/tests/mochitest/Makefile.in
index 4c947e9..e3e1b63 100644
--- a/js/xpconnect/tests/mochitest/Makefile.in
+++ b/js/xpconnect/tests/mochitest/Makefile.in
@@ -96,6 +96,7 @@ MOCHITEST_FILES =	chrome_wrappers_helper.html \
 		test_bug865260.html \
 		test_bug870423.html \
 		test_bug871887.html \
+		test_bug912322.html \
 		file_crosscompartment_weakmap.html \
 		test_crosscompartment_weakmap.html \
 		test_asmjs.html \
diff --git a/js/xpconnect/tests/mochitest/test_bug912322.html b/js/xpconnect/tests/mochitest/test_bug912322.html
new file mode 100644
index 0000000..22fcc9f
--- /dev/null
+++ b/js/xpconnect/tests/mochitest/test_bug912322.html
@@ -0,0 +1,35 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=912322
+-->
+<head>
+  <meta charset="utf-8">
+  <title>Test for Bug 912322</title>
+  <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+  <script type="application/javascript">
+
+  /** Test that XBL functions aren't exposed to the web. **/
+  funs = ['getAnonymousNodes', 'getAnonymousElementByAttribute',
+          'getBindingParent', 'loadBindingDocument'];
+  for (var f of funs) {
+    ok(!(f in document), f + " should not be available to content");
+    ok(f in SpecialPowers.wrap(document), f + " should be available to chrome via Xray");
+  }
+
+
+
+
+  </script>
+</head>
+<body>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=912322">Mozilla Bug 912322</a>
+<p id="display"></p>
+<div id="content" style="display: none">
+
+</div>
+<pre id="test">
+</pre>
+</body>
+</html>



