User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36 Steps to reproduce: Iterating the properties on an <input> element throws a security Error when accessing the "controllers" property. This is a recent change in Firefox 29, and I suspect it is a side-effect caused by https://bugzilla.mozilla.org/show_bug.cgi?id=794943 Actual results: > var input = document.createElement("input"); > typeof input.controllers; Error: Permission denied for <https://www.google.com> to create wrapper for object of class XULControllers Expected results: > var input = document.createElement("input"); > typeof input.controllers "object" or "undefined"

Note that the behavior in Firefox 28 was for typeof to return "object". However, controllers is not defined on HTMLInputElement. https://developer.mozilla.org/en/docs/Web/API/HTMLInputElement It is however defined in XUL https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XUL/Property/controllers Part 3 of the patch in bug 94943 makes the controllers property [ChromeOnly], in which case I would expect it to not be exposed at all to webpages and typeof to return "undefined".

> Part 3 of the patch in bug 94943 I assume you mean bug 794943? That was for Window.controllers, not HTMLInputElement.controllers. Bobby, is there a reason the latter is not chromeonly?

(In reply to Boris Zbarsky [:bz] from comment #2) > Bobby, is there a reason the latter is not chromeonly? Not that I know of. Patch coming up.

Comment on attachment 8417445 [details] [diff] [review] HTMLInputElement.controllers should be [ChromeOnly]. v1 r=me. We should probably get this backported to aurora/beta too.

This is a web-visible regression with a simple fix. We should track for branches. https://tbpl.mozilla.org/?tree=Try&rev=c4e0ccd1fda9

Comment on attachment 8417445 [details] [diff] [review] HTMLInputElement.controllers should be [ChromeOnly]. v1 [Approval Request Comment] Bug caused by (feature/regressing bug #): bug 794943 User impact if declined: weird gecko-specific exception thrown when iterating properties. Testing completed (on m-c, etc.): Haven't pushed to m-i because it's closed. Will soon. Risk to taking this patch (and alternatives if risky): Very low risk. String or IDL/UUID changes made by this patch: None

Yes I meant bug 794943, that was a typo on my part. Thank you for the quick acknowledgement and turnaround.

Thor, thank you for reporting the issue, and pinpointing what the problem is!

https://hg.mozilla.org/releases/mozilla-aurora/rev/2bd1995be292 https://hg.mozilla.org/releases/mozilla-beta/rev/02e1dd202d67

Reproduced the initial issue using old Nightly (2014-04-30) on Windows 7 64bit, verified as fixed using Firefox 30 beta 3, latest Aurora and latest Nightly on Windows 7 64bit, Mac OS X 10.9.2 and Ubuntu 13.10 32bit.