What are your thoughts re bug 1019081 comment 9?

In practice the only caller that sets mWebIDLCallerPrincipal is the CallSetup ctor, and it only does this in the aIsJSImplementedWebIDL case. Is it possible in this case for the principal we get from SubjectPrincipal() to not be owned by anything on the stack? I don't think so: we came in via a JSNative, and its callee is an object that owns the relevant compartment and principal. So I think this is in fact safe. I'm open to comments to make the restrictions on setting mWebIDLCallerPrincipal clearer!

Comment on attachment 8432708 [details] [diff] [review] Hold a weak ref to the principal in AutoEntryScript, to reduce call overhead Review of attachment 8432708 [details] [diff] [review]: ----------------------------------------------------------------- ::: dom/base/ScriptSettings.h @@ +179,5 @@ > private: > JSAutoCompartment mAc; > dom::ScriptSettingsStack& mStack; > + // It's safe to make this a weak pointer, since it's the subject principal > + // when we go on the stack, so can't go away until after we're gone. Can you add the aforementioned nuances to this comment?

Done, and https://hg.mozilla.org/integration/mozilla-inbound/rev/62c85e7fc6ad