diff options
| author | bors-servo <servo-ops@mozilla.com> | 2021-08-01 10:31:40 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-08-01 10:31:40 -0400 |
| commit | bd92fad81a24d08208a5739cad4bde6eb58d6ce8 (patch) | |
| tree | e0e84609080a1d237bfdcaa10e0bef18cdea26ea /components/script/dom/windowproxy.rs | |
| parent | 052278d0580ec1cbd2c9887e65d259dbf5efa775 (diff) | |
| parent | afbe2fa1f259411b6c49a3ec3b2baccfbf1664d9 (diff) | |
| download | servo-bd92fad81a24d08208a5739cad4bde6eb58d6ce8.tar.gz servo-bd92fad81a24d08208a5739cad4bde6eb58d6ce8.zip | |
Auto merge of #28546 - yvt:feat-cow-infra, r=jdm
Implement `Location`'s custom internal methods
This PR partly resurrects #16501 and introduces the use of principals object to associate objects and Realms with origins. Using this infrastructure, this PR implements [the custom internal methods][1] of the `Location` interface, which is "maybe-cross-origin".
Unimplemented/incomplete things:
- Other maybe-cross-origin interfaces, namely `WindowProxy` and `DissimilarWindowLocation`, aren't implemented correctly yet (causing most test cases of `tests/wpt/web-platform-tests/html/browsers/origin/cross-origin-objects/cross-origin-objects.html` to fail).
- `WindowProxy`: #28556
- [The "perform a security check" operation][2] and `Location`'s non-cross-origin properties' relevant `Document` origin checks aren't implemented either (not sure if they are covered by the existing tests).
- There are a slight deviation from the standard and inefficiency in `CrossOriginGetOwnPropertyHelper`'s current implementation.
- #28557
[1]: https://html.spec.whatwg.org/multipage/#the-location-interface
[2]: https://html.spec.whatwg.org/multipage/browsers.html#integration-with-idl
---
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes fix #16243 and make some progress in #2382
---
- [x] There are tests for these changes OR
- [ ] These changes do not require tests because ___
Diffstat (limited to 'components/script/dom/windowproxy.rs')
| -rw-r--r-- | components/script/dom/windowproxy.rs | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/components/script/dom/windowproxy.rs b/components/script/dom/windowproxy.rs index 244b42dc8a5..bccded0f43c 100644 --- a/components/script/dom/windowproxy.rs +++ b/components/script/dom/windowproxy.rs @@ -1084,6 +1084,9 @@ pub fn new_window_proxy_handler() -> WindowProxyHandler { // These traps often throw security errors, and only pass on calls to methods // defined in the DissimilarOriginWindow IDL. +// TODO: reuse the infrastructure in `proxyhandler.rs`. For starters, the calls +// to this function should be replaced with those to +// `report_cross_origin_denial`. #[allow(unsafe_code)] unsafe fn throw_security_error(cx: *mut JSContext, realm: InRealm) -> bool { if !JS_IsExceptionPending(cx) { |