Closed
Bug 445725
Opened 16 years ago
Closed 16 years ago
[FIX]file:// iframes get the wrong principal after a reload
Categories
(Core :: DOM: Navigation, defect)
Tracking
()
RESOLVED
FIXED
mozilla1.9.1b3
People
(Reporter: mrbkap, Assigned: bzbarsky)
References
(Depends on 1 open bug)
Details
(Keywords: fixed1.9.1)
Attachments
(2 files)
(deleted),
application/zip
|
Details | |
(deleted),
patch
|
jst
:
review+
jst
:
superreview+
beltzner
:
approval1.9.1+
|
Details | Diff | Splinter Review |
I lost track of when this happened, but it appears that currently, an iframe in an HTML page loaded from a file:// URI inherits the principal of the outer page. However, when the subframe has been navigated and the page is reloaded (e.g. via the reload button), the subframe's principal changes to not inherit, meaning that the page is no longer allowed to access the subframe.
In the testcase provided by Aaron Morgulis, the subframe is one directory level deeper than the outer page.
I'm filing this as unconfirmed because I'm not sure my initial premise (about file:// iframes inheriting their owner's principal) is correct.
Assignee | ||
Comment 1•16 years ago
|
||
So there is code in nsDocShell::DoChannelLoad that should be setting the owner on the channel, and we should be passing in the "right" owner from the history entry here, I would think. Want to look into why that's failing?
Status: UNCONFIRMED → NEW
Ever confirmed: true
Reporter | ||
Comment 2•16 years ago
|
||
There is no owner on the channel because we navigated via a click on an anchor link. This calls:
OnNewURI(aURI, nsnull, mLoadType, PR_TRUE);
which passes a null channel (therefore, no owner). From IRC:
06:37 <@bz> That sounds like a bug
06:37 <@bz> I guess it didn't bite us before because for javascript: and data: we don't do anchor loads
Assignee | ||
Comment 3•16 years ago
|
||
Makes sure to copy over the owner on anchor scroll.
Assignee: nobody → bzbarsky
Status: NEW → ASSIGNED
Attachment #351651 -
Flags: superreview?(jst)
Attachment #351651 -
Flags: review?(jst)
Assignee | ||
Updated•16 years ago
|
Summary: file:// iframes get the wrong principal after a reload → [FIX]file:// iframes get the wrong principal after a reload
Comment 4•16 years ago
|
||
Comment on attachment 351651 [details] [diff] [review]
Fix
Looks good.
Attachment #351651 -
Flags: superreview?(jst)
Attachment #351651 -
Flags: superreview+
Attachment #351651 -
Flags: review?(jst)
Attachment #351651 -
Flags: review+
Assignee | ||
Comment 5•16 years ago
|
||
Comment on attachment 351651 [details] [diff] [review]
Fix
I think it's worth taking this in 1.9.1
Attachment #351651 -
Flags: approval1.9.1?
Assignee | ||
Comment 6•16 years ago
|
||
Pushed http://hg.mozilla.org/mozilla-central/rev/633b48e70c60
Need file:// mochitests to test this.
Comment 7•16 years ago
|
||
Comment on attachment 351651 [details] [diff] [review]
Fix
a191=beltzner
Attachment #351651 -
Flags: approval1.9.1? → approval1.9.1+
Assignee | ||
Comment 8•16 years ago
|
||
Keywords: fixed1.9.1
Updated•16 years ago
|
Target Milestone: --- → mozilla1.9.1b3
Version: unspecified → Trunk
You need to log in
before you can comment on or make changes to this bug.
Description
•