Ubuntu
firefox package

  1. Bug #1022741
  2. Comment #212

Comment 212 for bug 1022741

Revision history for this message
In , R-bugs-h (r-bugs-h) wrote :

Comment on attachment 638541
iframe sandbox v19

>+ // If this document is being loaded by a docshell, copy its sandbox flags
>+ // to the document. These are immutable after being set here.
>+ nsCOMPtr<nsIDocShell> docShell = do_QueryInterface(aContainer);
>+
>+ if (docShell) {
>+ nsresult rv = docShell->GetSandboxFlags(&mSandboxFlags);
>+ NS_ENSURE_SUCCESS(rv, rv);
>+
>+ // Additionally, if this docshell had its document's sandbox
>+ // attribute removed prior to this load, we need to re-enable
>+ // plugins for this docshell.
>+ bool sandboxCleared;
>+ if (NS_SUCCEEDED(docShell->GetSandboxCleared(&sandboxCleared)) &&
>+ sandboxCleared) {
>+ docShell->SetAllowPlugins(true);
>+ docShell->SetSandboxCleared(false);
>+ }
>+ }
This doesn't work if you remove sandbox attribute and add it then back and then load a new document.

>+ // Sandboxed document check: javascript: URI's are disabled
>+ // in a sandboxed document unless 'allow-scripts' was specified.
>+ nsCOMPtr<nsIDocument> doc = do_QueryInterface(aOriginalInnerWindow->GetExtantDocument());
No need for nsCOMPtr if you use aOriginalInnerWindow->GetExtantDoc()