eliott/servo
1
0
Fork 0
mirror of https://github.com/servo/servo synced 2026-05-12 18:06:32 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
332de00336096475aefb0dcbefa4e006aaff0ed4
servo/components/script/dom/bindings
History
yvt c25355704d fix(script): the condition for exposing a cross-origin setter is CrossOriginWritable, not CrossOriginReadable 
The expression `crossOriginIframe.contentWindow.location.href = "new
href"` takes the following steps: (1) Get the setter for `href` by
invoking `[[GetOwnProperty]]` on `crossOriginIframe.contentWindow.
location`. (2) Call the setter, passing `crossOriginIframe.
contentWindow` and `"new href"`. Since the target `Location` is cross
origin, getting the setter succeeds only if the `CrossOriginWritable`
extended attribute is present on the `href` attribute, and it's present.
However, instead of `CrossOriginWritable`, `CrossOriginReadable` was
checked mistakenly.

Since `Location#href` has `CrossOriginWritable` but not
`CrossOriginReadable`, this bug rendered `Location#href` inaccessible
from a cross-origin document.
2021-08-17 09:26:27 +09:00
..
codegen
fix(script): the condition for exposing a cross-origin setter is CrossOriginWritable, not CrossOriginReadable
2021-08-17 09:26:27 +09:00
callback.rs
Always pass InRealm to GlobalScope::from_context to avoid getting null global
2020-02-16 09:55:10 +09:00
cell.rs
Fix refcell_backtrace feature.
2020-06-18 12:56:33 -04:00
constant.rs
Use safe JSContext when possible in interface.rs
2019-08-09 00:43:24 +01:00
conversions.rs
Update mozjs.
2021-02-18 09:35:45 -05:00
error.rs
Fix building with --feature js_backtrace
2020-06-22 16:14:04 -04:00
guard.rs
Add creation url and Secure Contexts
2020-11-25 18:30:50 +00:00
htmlconstructor.rs
Reduce code duplication. Move some of CodegenRust.py to htmlconstructor.rs
2020-06-03 15:13:34 -04:00
inheritance.rs
Update MPL license to https (part 3)
2018-11-19 14:47:12 +01:00
interface.rs
refactor(script): apply suggestions
2021-07-25 18:45:22 +09:00
iterable.rs
Add trait DomObjectWrap to provide WRAP function
2020-03-20 22:16:56 -04:00
mod.rs
refactor(script): move crate::dom::bindings::{utils → principals)::ServoJSPrincipal
2021-07-13 21:45:21 +09:00
namespace.rs
Update SpiderMonkey
2020-03-06 11:13:28 +01:00
num.rs
Update MPL license to https (part 3)
2018-11-19 14:47:12 +01:00
principals.rs
refactor(script): don't conjure up ServoJSPrincipals in ServoJSPrincipalsRef::deref
2021-07-25 19:36:06 +09:00
proxyhandler.rs
fix(script): don't pass an unrooted slice to from_rooted_slice
2021-07-28 09:10:55 +09:00
record.rs
Update SpiderMonkey
2020-03-06 11:13:28 +01:00
refcounted.rs
Extract some thread local use from generic code.
2020-06-04 20:54:36 -04:00
reflector.rs
Add trait DomObjectWrap to provide WRAP function
2020-03-20 22:16:56 -04:00
root.rs
Move thread state checks out of generic methods to reduce generated code duplication.
2020-06-04 20:54:36 -04:00
serializable.rs
Add lint check for &DomRoot<T>
2019-12-21 12:44:35 -09:00
settings_stack.rs
Update MPL license to https (part 3)
2018-11-19 14:47:12 +01:00
str.rs
Form constraints validation
2020-04-02 10:16:46 +02:00
structuredclone.rs
Update mozjs.
2021-02-18 09:35:45 -05:00
trace.rs
Change ErrorScopeId type to NonZeroU64
2020-08-03 01:45:29 +05:30
transferable.rs
Add lint check for &DomRoot<T>
2019-12-21 12:44:35 -09:00
utils.rs
refactor(script): move crate::dom::bindings::{utils → principals)::ServoJSPrincipal
2021-07-13 21:45:21 +09:00
weakref.rs
Use #![register_tool] instead of #![register_attr]
2019-11-15 17:24:42 +01:00
xmlname.rs
Changed error type on qname, per spec
2020-02-12 17:02:56 -05:00