static bool
IsFrameId(JSContext *cx, JSObject *objArg, jsid idArg)
{
RootedObject obj(cx, objArg);
RootedId id(cx, idArg);
obj = JS_ObjectToInnerObject(cx, obj);
MOZ_ASSERT(!js::IsWrapper(obj));
nsGlobalWindow* win = WindowOrNull(obj);
if (!win) {
return false;
}
nsCOMPtr<nsIDOMWindowCollection> col;
win->GetFrames(getter_AddRefs(col));
if (!col) {
return false;
}
nsCOMPtr<nsIDOMWindow> domwin;
if (JSID_IS_INT(id)) {
col->Item(JSID_TO_INT(id), getter_AddRefs(domwin));
} else if (JSID_IS_STRING(id)) {
nsAutoJSString idAsString;
if (!idAsString.init(cx, JSID_TO_STRING(id))) {
return false;
}
col->NamedItem(idAsString, getter_AddRefs(domwin));
}
return domwin != nullptr;
}
static XPCWrappedNative *
GetWrappedNative(JSContext *cx, JSObject *obj)
{
obj = JS_ObjectToInnerObject(cx, obj);
return IS_WN_WRAPPER(obj)
? static_cast<XPCWrappedNative *>(js::GetObjectPrivate(obj))
: nsnull;
}
XPCVariant::XPCVariant(JSContext* cx, jsval aJSVal)
: mJSVal(aJSVal), mCCGeneration(0)
{
nsVariant::Initialize(&mData);
if (!JSVAL_IS_PRIMITIVE(mJSVal)) {
// XXXbholley - The innerization here was from bug 638026. Blake says
// the basic problem was that we were storing the C++ inner but the JS
// outer, which meant that, after navigation, the JS inner could be
// collected, which would cause us to try to recreate the JS inner at
// some later point after teardown, which would crash. This is shouldn't
// be a problem anymore because SetParentToWindow will do the right
// thing, but I'm saving the cleanup here for another day. Blake thinks
// that we should just not store the WN if we're creating a variant for
// an outer window.
JSObject *obj = JS_ObjectToInnerObject(cx, JSVAL_TO_OBJECT(mJSVal));
mJSVal = OBJECT_TO_JSVAL(obj);
JSObject *unwrapped = js::UnwrapObjectChecked(obj, /* stopAtOuter = */ false);
mReturnRawObject = !(unwrapped && IS_WN_WRAPPER(unwrapped));
} else
mReturnRawObject = false;
}
XPCVariant::XPCVariant(XPCCallContext& ccx, jsval aJSVal)
: mJSVal(aJSVal), mCCGeneration(0)
{
nsVariant::Initialize(&mData);
if (!JSVAL_IS_PRIMITIVE(mJSVal)) {
JSObject *obj = JS_ObjectToInnerObject(ccx, JSVAL_TO_OBJECT(mJSVal));
mJSVal = OBJECT_TO_JSVAL(obj);
// If the incoming object is an XPCWrappedNative, then it could be a
// double-wrapped object, and we should return the double-wrapped
// object back out to script.
JSObject* proto;
XPCWrappedNative* wn =
XPCWrappedNative::GetWrappedNativeOfJSObject(ccx,
JSVAL_TO_OBJECT(mJSVal),
nsnull,
&proto);
mReturnRawObject = !wn && !proto;
} else
mReturnRawObject = false;
}
/*
* "Steal" calls to netscape.security.PrivilegeManager.enablePrivilege,
* et al. so that code that worked with 4.0 can still work.
*/
NS_IMETHODIMP
nsSecurityNameSet::InitializeNameSet(nsIScriptContext* aScriptContext)
{
JSContext* cx = aScriptContext->GetNativeContext();
JSObject *global = JS_ObjectToInnerObject(cx, JS_GetGlobalObject(cx));
// We hide enablePrivilege behind a pref because it has been altered in a
// way that makes it fundamentally insecure to use in production. Mozilla
// uses this pref during automated testing to support legacy test code that
// uses enablePrivilege. If you're not doing test automation, you _must_ not
// flip this pref, or you will be exposing all your users to security
// vulnerabilities.
if (!mozilla::Preferences::GetBool("security.enablePrivilege.enable_for_tests"))
return NS_OK;
/*
* Find Object.prototype's class by walking up the global object's
* prototype chain.
*/
JSObject *obj = global;
JSObject *proto;
JSAutoRequest ar(cx);
while ((proto = JS_GetPrototype(obj)) != nullptr)
obj = proto;
JSClass *objectClass = JS_GetClass(obj);
JS::Value v;
if (!JS_GetProperty(cx, global, "netscape", &v))
return NS_ERROR_FAILURE;
JSObject *securityObj;
if (v.isObject()) {
/*
* "netscape" property of window object exists; get the
* "security" property.
*/
obj = &v.toObject();
if (!JS_GetProperty(cx, obj, "security", &v) || !v.isObject())
return NS_ERROR_FAILURE;
securityObj = &v.toObject();
} else {
/* define netscape.security object */
obj = JS_DefineObject(cx, global, "netscape", objectClass, nullptr, 0);
if (obj == nullptr)
return NS_ERROR_FAILURE;
securityObj = JS_DefineObject(cx, obj, "security", objectClass,
nullptr, 0);
if (securityObj == nullptr)
return NS_ERROR_FAILURE;
}
/* Define PrivilegeManager object with the necessary "static" methods. */
obj = JS_DefineObject(cx, securityObj, "PrivilegeManager", objectClass,
nullptr, 0);
if (obj == nullptr)
return NS_ERROR_FAILURE;
return JS_DefineFunctions(cx, obj, PrivilegeManager_static_methods)
? NS_OK
: NS_ERROR_FAILURE;
}
