roytam1/palemoon27
1
0
Fork 0
mirror of https://github.com/roytam1/palemoon27.git synced 2026-05-26 14:18:48 +00:00
Code Issues Projects Releases Wiki Activity
Files
93f97225b62c6bda24ff66ac14b02431ba9aadd4
palemoon27/dom/base/PostMessageEvent.cpp
T
roytam1 93f97225b6 import changes from `dev' branch of rmottola/Arctic-Fox: 
- Bug 1161913 - Part 2. Request canvas to push out its next drawn frame instead of pulling it. r=mt (b2ddcd68c3)
- Bug 1161913 - Part 3 - Relax requestFrame ordering guarantee in tests. r=mt (8bc69b9fc4)
- Bug 1176945 - Remove unnecessary hwc reference from gl r=jgilbert (8f1ac06d99)
- spaces and restore XP specific (ac03acf252)
- reinstantiate some gfx log (d7deb9c3bd)
- Bug 1191042 - Use CreateOffscreen for WebGL instead of CreateHeadless. - r=jrmuizel (f98fd02e59)
- space (ad72b4f071)
- Bug 1183085 - Remove EndConstruction() from layer documentation; r=roc (b1ef791fea)
- Bug 771288 - Multiprocess FileHandle support (FileHandle on PBackground); r=baku (f77ab5b9c3)
- Bug 1202788 - Upgrade object_data table to new format (follow-up to bug 871846). r=janv (ea86fd2890)
- Bug 1204183 - Test the object_data upgrade from bug 1202788. r=janv (5a48cfdf17)
- Bug 1198814 - Use StructuredCloneHelper in PromiseWorkerProxy, r=smaug (10e9f33700)
- namespace name (b4feaf8e67)
- Bug 1203561 - Use StructuredCloneHelper in StackScopedCloneData, r=smaug (156525cf32)
- Bug 1209919 - Improving naming and comments in StructuredCloneHelper, r=smaug (f177bca203)
- Bug 1167100 - User originAttribute in ContentPrincipalInfo. r=bholley (340c3d606e)
- Bug 1182197 investigation patch. Log the stack at promise fulfillment on a CCed promise into the crash reporter data. r=dmajor,nsm (376c1bba93)
- Bug 1183907, properly wrappercache worker URL object, r=baku (d71937b9d0)
- Bug 1203463 - URL constructor should support about:blank URI, r=bz (d539b63667)
- Bug 1207496 - Part 4: Remove use of expression closure from services/sync/. r=gps (f1eae787d9)
- Bug 1207496 - Part 3: Remove use of expression closure from services/fxaccounts/. r=markh (f60e64c061)
- Bug 1207496 - Part 2: Remove use of expression closure from services/crypt/. r=mrbkap (ec2738f497)
- Bug 1207496 - Part 1: Remove use of expression closure from services/common/. r=gps (3464407503)
- Bug 1134881 - Sync password timeCreated & timePasswordChanged fields. r=rnewman (96befc78b2)
- adapted version of Bug 753289 - Pre: rename WEAVE_SYNC_PREFS to PREF_SYNC_PREFS_PREFIX. (5987671e36)
2022-07-29 23:52:26 +08:00

146 lines
5.3 KiB
C++
Raw Blame History

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "PostMessageEvent.h"
#include "MessageEvent.h"
#include "mozilla/dom/BlobBinding.h"
#include "mozilla/dom/FileList.h"
#include "mozilla/dom/FileListBinding.h"
#include "mozilla/dom/MessagePort.h"
#include "mozilla/dom/MessagePortBinding.h"
#include "mozilla/dom/PMessagePort.h"
#include "mozilla/dom/StructuredCloneTags.h"
#include "mozilla/EventDispatcher.h"
#include "nsGlobalWindow.h"
#include "nsIPresShell.h"
#include "nsIPrincipal.h"
#include "nsPresContext.h"
namespace mozilla {
namespace dom {
PostMessageEvent::PostMessageEvent(nsGlobalWindow* aSource,
const nsAString& aCallerOrigin,
nsGlobalWindow* aTargetWindow,
nsIPrincipal* aProvidedPrincipal,
bool aTrustedCaller)
: StructuredCloneHolder(CloningSupported, TransferringSupported,
SameProcessSameThread),
mSource(aSource),
mCallerOrigin(aCallerOrigin),
mTargetWindow(aTargetWindow),
mProvidedPrincipal(aProvidedPrincipal),
mTrustedCaller(aTrustedCaller)
{
MOZ_COUNT_CTOR(PostMessageEvent);
}
PostMessageEvent::~PostMessageEvent()
{
MOZ_COUNT_DTOR(PostMessageEvent);
}
NS_IMETHODIMP
PostMessageEvent::Run()
{
MOZ_ASSERT(mTargetWindow->IsOuterWindow(),
"should have been passed an outer window!");
MOZ_ASSERT(!mSource || mSource->IsOuterWindow(),
"should have been passed an outer window!");
AutoJSAPI jsapi;
jsapi.Init();
JSContext* cx = jsapi.cx();
// If we bailed before this point we're going to leak mMessage, but
// that's probably better than crashing.
nsRefPtr<nsGlobalWindow> targetWindow;
if (mTargetWindow->IsClosedOrClosing() ||
!(targetWindow = mTargetWindow->GetCurrentInnerWindowInternal()) ||
targetWindow->IsClosedOrClosing())
return NS_OK;
MOZ_ASSERT(targetWindow->IsInnerWindow(),
"we ordered an inner window!");
JSAutoCompartment ac(cx, targetWindow->GetWrapperPreserveColor());
// Ensure that any origin which might have been provided is the origin of this
// window's document. Note that we do this *now* instead of when postMessage
// is called because the target window might have been navigated to a
// different location between then and now. If this check happened when
// postMessage was called, it would be fairly easy for a malicious webpage to
// intercept messages intended for another site by carefully timing navigation
// of the target window so it changed location after postMessage but before
// now.
if (mProvidedPrincipal) {
// Get the target's origin either from its principal or, in the case the
// principal doesn't carry a URI (e.g. the system principal), the target's
// document.
nsIPrincipal* targetPrin = targetWindow->GetPrincipal();
if (NS_WARN_IF(!targetPrin))
return NS_OK;
// Note: This is contrary to the spec with respect to file: URLs, which
// the spec groups into a single origin, but given we intentionally
// don't do that in other places it seems better to hold the line for
// now. Long-term, we want HTML5 to address this so that we can
// be compliant while being safer.
if (!targetPrin->Equals(mProvidedPrincipal)) {
return NS_OK;
}
}
ErrorResult rv;
JS::Rooted<JS::Value> messageData(cx);
nsCOMPtr<nsPIDOMWindow> window = targetWindow.get();
Read(window, cx, &messageData, rv);
if (NS_WARN_IF(rv.Failed())) {
return rv.StealNSResult();
}
// Create the event
nsCOMPtr<mozilla::dom::EventTarget> eventTarget =
do_QueryInterface(static_cast<nsPIDOMWindow*>(targetWindow.get()));
nsRefPtr<MessageEvent> event =
new MessageEvent(eventTarget, nullptr, nullptr);
event->InitMessageEvent(NS_LITERAL_STRING("message"), false /*non-bubbling */,
false /*cancelable */, messageData, mCallerOrigin,
EmptyString(), mSource);
nsTArray<nsRefPtr<MessagePort>> ports = TakeTransferredPorts();
event->SetPorts(new MessagePortList(static_cast<dom::Event*>(event.get()),
ports));
// We can't simply call dispatchEvent on the window because doing so ends
// up flipping the trusted bit on the event, and we don't want that to
// happen because then untrusted content can call postMessage on a chrome
// window if it can get a reference to it.
nsIPresShell *shell = targetWindow->GetExtantDoc()->GetShell();
nsRefPtr<nsPresContext> presContext;
if (shell)
presContext = shell->GetPresContext();
event->SetTrusted(mTrustedCaller);
WidgetEvent* internalEvent = event->GetInternalNSEvent();
nsEventStatus status = nsEventStatus_eIgnore;
EventDispatcher::Dispatch(static_cast<nsPIDOMWindow*>(mTargetWindow),
presContext,
internalEvent,
static_cast<dom::Event*>(event.get()),
&status);
return NS_OK;
}
} // namespace dom
} // namespace mozilla
Reference in New Issue View Git Blame Copy Permalink