This stuff is mostly garbage these days. The two main deps of this bug I've found are: (1) nsISecurityCheckedComponent (2) Our current implementation of [Unforgeable] for Location. Marking these deps appropriately.

With efaust's hack in bug 950407, we can get rid of the second dep. And the first one is coming very soon.

\o/ I *never* understood this one.

(In reply to Luke Wagner [:luke] from comment #2) > \o/ I *never* understood this one. Me neither. https://tbpl.mozilla.org/?tree=Try&rev=31bbfd1c86a0

This is green modulo one jit-test that I've fixed. Uploading patches and flagging for review.

Now that we have the principal-based filtering for stack walking, we can do this. This isn't technically equivalent to the old behavior, since a stack that goes: A -> B -> A would previous have only seen the second set of |A| frames, whereas now we'd see both sets. But this seems strictly better (also, it doesn't happen on the web). As noted, I've filed a bug for making this context- and saveFrameChain-agnostic.

But how will we call from Gecko into the JS engine to query CAPS via a callback?

js::CheckAccess has all sorts of crazy side-effects on its parameters. Luckily, they mostly happen on dead values. We have to alter a jit-test that previously threw, and doesn't anymore. I have confirmed that the reason for throwing was not the security check itself, but rather the lookupGeneric call that happens inside js::CheckAccess, which ends up throwing 'undefined is not a function'. It seems like this is just an issue of calling lookupGeneric when we shouldn't, and that the correct behavior here is not to throw.

Thankfully, this case was only taking the JSACC_PROTO, which is significantly simpler than the alternative.

There's no need for the JS shell stuff either, since vm/Runtime.cpp already sets up NullSecurityCallbacks by default.

I have no idea what this is supposed to be doing, given that the compilation scope doesn't run script. We should make sure this is reviewed by someone who remembers why this was written.

\o/

Comment on attachment 8363109 [details] [diff] [review] Part 10 - Remove nsIXPCSecurityManager::CanAccess and nsScriptSecurityManager::CheckPropertyAccessImpl. v1 Review of attachment 8363109 [details] [diff] [review]: ----------------------------------------------------------------- \o/

Thanks for the reviews Blake! Final all-platform try push: https://tbpl.mozilla.org/?tree=Try&rev=08db96c278ab

remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/f6fb2082c996 remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/08b7f4b5b665 remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/048746b43ad3 remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/4e3c42f192f4 remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/1a85688d37ea remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/7ed1607eac3a remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/4030b1beb0d4 remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/5ac97770b63c remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/5db4e6d1dc02 remote: https://hg.mozilla.org/integration/mozilla-inbound/rev/cc32cb2daf27

https://hg.mozilla.org/mozilla-central/rev/f6fb2082c996 https://hg.mozilla.org/mozilla-central/rev/08b7f4b5b665 https://hg.mozilla.org/mozilla-central/rev/048746b43ad3 https://hg.mozilla.org/mozilla-central/rev/4e3c42f192f4 https://hg.mozilla.org/mozilla-central/rev/1a85688d37ea https://hg.mozilla.org/mozilla-central/rev/7ed1607eac3a https://hg.mozilla.org/mozilla-central/rev/4030b1beb0d4 https://hg.mozilla.org/mozilla-central/rev/5ac97770b63c https://hg.mozilla.org/mozilla-central/rev/5db4e6d1dc02 https://hg.mozilla.org/mozilla-central/rev/cc32cb2daf27

*applause*