[Pkg-mozext-commits] [greasemonkey] 12/45: Move sandbox related functions into JSM.
David Prévot
taffit at moszumanska.debian.org
Mon Nov 3 20:59:19 UTC 2014
This is an automated email from the git hooks/post-receive script.
taffit pushed a commit to branch master
in repository greasemonkey.
commit 4a937982d5f07133bbd029a8ba913f634f66c1fa
Author: Ventero <ventero at ventero.de>
Date: Sun Sep 21 00:43:07 2014 +0200
Move sandbox related functions into JSM.
---
components/greasemonkey.js | 162 +------------------------------------------
modules/sandbox.js | 169 +++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 170 insertions(+), 161 deletions(-)
diff --git a/components/greasemonkey.js b/components/greasemonkey.js
index b3f130c..4e9cb7d 100644
--- a/components/greasemonkey.js
+++ b/components/greasemonkey.js
@@ -9,19 +9,15 @@ var Ci = Components.interfaces;
var Cu = Components.utils;
Cu.import("resource://greasemonkey/third-party/getChromeWinForContentWin.js");
-Cu.import('resource://greasemonkey/GM_setClipboard.js');
Cu.import('resource://greasemonkey/constants.js');
Cu.import("resource://greasemonkey/menucommand.js");
-Cu.import("resource://greasemonkey/miscapis.js");
Cu.import("resource://greasemonkey/parseScript.js");
Cu.import("resource://greasemonkey/prefmanager.js");
+Cu.import("resource://greasemonkey/sandbox.js");
Cu.import("resource://greasemonkey/sync.js");
Cu.import("resource://greasemonkey/util.js");
-Cu.import("resource://greasemonkey/xmlhttprequester.js");
Cu.import("resource://gre/modules/XPCOMUtils.jsm");
-// Only a particular set of strings are allowed. See: http://goo.gl/ex2LJ
-var gMaxJSVersion = "ECMAv5";
var gStartupHasRun = false;
var gScriptEndingRegexp = new RegExp('\\.user\\.js$');
@@ -31,10 +27,6 @@ var gFileProtocolHandler = Components
.getService(Ci.nsIFileProtocolHandler);
var gIoService = Cc["@mozilla.org/network/io-service;1"]
.getService(Ci.nsIIOService);
-var gStringBundle = Components
- .classes["@mozilla.org/intl/stringbundle;1"]
- .getService(Components.interfaces.nsIStringBundleService)
- .createBundle("chrome://greasemonkey/locale/greasemonkey.properties");
var gTmpDir = Components.classes["@mozilla.org/file/directory_service;1"]
.getService(Components.interfaces.nsIProperties)
.get("TmpD", Components.interfaces.nsIFile);
@@ -43,13 +35,6 @@ var gStripUserPassRegexp = new RegExp('(://)([^:/]+)(:[^@/]+)?@');
/////////////////////// Component-global Helper Functions //////////////////////
-// TODO: Remove this, see #1318.
-function alert(msg) {
- Cc["@mozilla.org/embedcomp/prompt-service;1"]
- .getService(Ci.nsIPromptService)
- .alert(null, "Greasemonkey alert", msg);
-}
-
function contentLoad(aEvent) {
var safeWin = aEvent.target.defaultView;
safeWin.removeEventListener('DOMContentLoaded', contentLoad, true);
@@ -57,157 +42,12 @@ function contentLoad(aEvent) {
GM_util.getService().runScripts('document-end', safeWin);
}
-function createSandbox(aScript, aContentWin, aUrl) {
- if (GM_util.inArray(aScript.grants, 'none')) {
- // If there is an explicit none grant, use a plain unwrapped sandbox
- // with no other content.
- var contentSandbox = new Components.utils.Sandbox(
- aContentWin,
- {
- 'sandboxName': aScript.id,
- 'sandboxPrototype': aContentWin,
- 'wantXrays': false,
- });
- // GM_info is always provided.
- Components.utils.evalInSandbox(
- 'const GM_info = ' + uneval(aScript.info()), contentSandbox);
- // Alias unsafeWindow for compatibility.
- Components.utils.evalInSandbox(
- 'const unsafeWindow = window;', contentSandbox);
-
- if (GM_util.compareFirefoxVersion("16.0") < 0) {
- // See #1350. The upstream bug was fixed in Firefox 16; apply workaround
- // only in older versions.
- contentSandbox.alert = alert;
- }
-
- return contentSandbox;
- }
-
- var sandbox = new Components.utils.Sandbox(
- [aContentWin],
- {
- 'sandboxName': aScript.id,
- 'sandboxPrototype': aContentWin,
- 'wantXrays': true,
- });
-
- // Note that because waivers aren't propagated between origins, we need the
- // unsafeWindow getter to live in the sandbox. See http://bugzil.la/1043958
- var unsafeWindowGetter = new sandbox.Function(
- 'return window.wrappedJSObject || window;');
- Object.defineProperty(sandbox, 'unsafeWindow', {get: unsafeWindowGetter});
-
- // Functions for interaction with unsafeWindow; see: http://goo.gl/C8Au16
- sandbox.createObjectIn = Cu.createObjectIn;
- sandbox.cloneInto = Cu.cloneInto;
- sandbox.exportFunction = Cu.exportFunction;
-
- if (GM_util.inArray(aScript.grants, 'GM_addStyle')) {
- sandbox.GM_addStyle = GM_util.hitch(null, GM_addStyle, aContentWin.document);
- }
- if (GM_util.inArray(aScript.grants, 'GM_log')) {
- sandbox.GM_log = GM_util.hitch(new GM_ScriptLogger(aScript), 'log');
- }
- if (GM_util.inArray(aScript.grants, 'GM_registerMenuCommand')) {
- var gmrmc = GM_util.hitch(
- null, registerMenuCommand, aContentWin, aScript);
- sandbox.GM_registerMenuCommand = gmrmc;
- }
-
- var scriptStorage = new GM_ScriptStorage(aScript);
- if (GM_util.inArray(aScript.grants, 'GM_deleteValue')) {
- sandbox.GM_deleteValue = GM_util.hitch(scriptStorage, 'deleteValue');
- }
- if (GM_util.inArray(aScript.grants, 'GM_getValue')) {
- sandbox.GM_getValue = GM_util.hitch(scriptStorage, 'getValue');
- }
- if (GM_util.inArray(aScript.grants, 'GM_setValue')) {
- sandbox.GM_setValue = GM_util.hitch(scriptStorage, 'setValue');
- }
-
- if (GM_util.inArray(aScript.grants, 'GM_setClipboard')) {
- sandbox.GM_setClipboard = GM_util.hitch(null, GM_setClipboard);
- }
-
- var scriptResources = new GM_Resources(aScript);
- if (GM_util.inArray(aScript.grants, 'GM_getResourceURL')) {
- sandbox.GM_getResourceURL = GM_util.hitch(scriptResources, 'getResourceURL', aScript);
- }
- if (GM_util.inArray(aScript.grants, 'GM_getResourceText')) {
- sandbox.GM_getResourceText = GM_util.hitch(scriptResources, 'getResourceText');
- }
-
- if (GM_util.inArray(aScript.grants, 'GM_listValues')) {
- sandbox.GM_listValues = GM_util.hitch(scriptStorage, 'listValues');
- }
- if (GM_util.inArray(aScript.grants, 'GM_openInTab')) {
- sandbox.GM_openInTab = GM_util.hitch(
- null, GM_openInTab, aContentWin);
- }
- if (GM_util.inArray(aScript.grants, 'GM_xmlhttpRequest')) {
- sandbox.GM_xmlhttpRequest = GM_util.hitch(
- new GM_xmlhttpRequester(aContentWin, aUrl, sandbox),
- 'contentStartRequest');
- }
-
- Components.utils.evalInSandbox(
- 'const GM_info = ' + uneval(aScript.info()), sandbox);
-
- return sandbox;
-}
-
function isTempScript(uri) {
if (uri.scheme != "file") return false;
var file = gFileProtocolHandler.getFileFromURLSpec(uri.spec);
return gTmpDir.contains(file, true);
}
-function runScriptInSandbox(script, sandbox) {
- // Eval the code, with anonymous wrappers when/if appropriate.
- function evalWithWrapper(code, fileName) {
- try {
- Components.utils.evalInSandbox(code, sandbox, gMaxJSVersion, fileName, 1);
- } catch (e) {
- if ("return not in function" == e.message) {
- // See #1592; we never anon wrap anymore, unless forced to by a return
- // not in a function.
- GM_util.logError(
- gStringBundle.GetStringFromName('return-not-in-func-deprecated'),
- true, // is a warning
- fileName,
- e.lineNumber
- );
- Components.utils.evalInSandbox(
- GM_util.anonWrap(code), sandbox, gMaxJSVersion, fileName, 1);
- } else {
- // Otherwise raise.
- throw e;
- }
- }
- }
-
- // Eval the code, with a try/catch to report errors cleanly.
- function evalWithCatch(code, fileName) {
- try {
- evalWithWrapper(code, fileName);
- } catch (e) {
- // Log it properly.
- GM_util.logError(e, false, fileName, e.lineNumber);
- // Stop the script, in the case of requires, as if it was one big script.
- return false;
- }
- return true;
- }
-
- for (var i = 0, require = null; require = script.requires[i]; i++) {
- if (!evalWithCatch(require.textContent, require.fileURL)) {
- return;
- }
- }
- evalWithCatch(script.textContent, script.fileURL);
-}
-
function startup(aService) {
if (gStartupHasRun) return;
gStartupHasRun = true;
diff --git a/modules/sandbox.js b/modules/sandbox.js
new file mode 100644
index 0000000..060aacc
--- /dev/null
+++ b/modules/sandbox.js
@@ -0,0 +1,169 @@
+const EXPORTED_SYMBOLS = ['createSandbox', 'runScriptInSandbox'];
+
+let {utils: Cu, interfaces: Ci, classes: Cc} = Components;
+
+Cu.import('resource://greasemonkey/GM_setClipboard.js');
+Cu.import("resource://greasemonkey/menucommand.js");
+Cu.import("resource://greasemonkey/miscapis.js");
+Cu.import("resource://greasemonkey/util.js");
+Cu.import("resource://greasemonkey/xmlhttprequester.js");
+
+var gStringBundle = Cc["@mozilla.org/intl/stringbundle;1"]
+ .getService(Ci.nsIStringBundleService)
+ .createBundle("chrome://greasemonkey/locale/greasemonkey.properties");
+
+// Only a particular set of strings are allowed. See: http://goo.gl/ex2LJ
+var gMaxJSVersion = "ECMAv5";
+
+// TODO: Remove this, see #1318.
+function alert(msg) {
+ Cc["@mozilla.org/embedcomp/prompt-service;1"]
+ .getService(Ci.nsIPromptService)
+ .alert(null, "Greasemonkey alert", msg);
+}
+
+function createSandbox(aScript, aContentWin, aUrl) {
+ if (GM_util.inArray(aScript.grants, 'none')) {
+ // If there is an explicit none grant, use a plain unwrapped sandbox
+ // with no other content.
+ var contentSandbox = new Components.utils.Sandbox(
+ aContentWin,
+ {
+ 'sandboxName': aScript.id,
+ 'sandboxPrototype': aContentWin,
+ 'wantXrays': false,
+ });
+ // GM_info is always provided.
+ Components.utils.evalInSandbox(
+ 'const GM_info = ' + uneval(aScript.info()), contentSandbox);
+ // Alias unsafeWindow for compatibility.
+ Components.utils.evalInSandbox(
+ 'const unsafeWindow = window;', contentSandbox);
+
+ if (GM_util.compareFirefoxVersion("16.0") < 0) {
+ // See #1350. The upstream bug was fixed in Firefox 16; apply workaround
+ // only in older versions.
+ contentSandbox.alert = alert;
+ }
+
+ return contentSandbox;
+ }
+
+ var sandbox = new Components.utils.Sandbox(
+ [aContentWin],
+ {
+ 'sandboxName': aScript.id,
+ 'sandboxPrototype': aContentWin,
+ 'wantXrays': true,
+ });
+
+ // Note that because waivers aren't propagated between origins, we need the
+ // unsafeWindow getter to live in the sandbox. See http://bugzil.la/1043958
+ var unsafeWindowGetter = new sandbox.Function(
+ 'return window.wrappedJSObject || window;');
+ Object.defineProperty(sandbox, 'unsafeWindow', {get: unsafeWindowGetter});
+
+ // Functions for interaction with unsafeWindow; see: http://goo.gl/C8Au16
+ sandbox.createObjectIn = Cu.createObjectIn;
+ sandbox.cloneInto = Cu.cloneInto;
+ sandbox.exportFunction = Cu.exportFunction;
+
+ if (GM_util.inArray(aScript.grants, 'GM_addStyle')) {
+ sandbox.GM_addStyle = GM_util.hitch(null, GM_addStyle, aContentWin.document);
+ }
+ if (GM_util.inArray(aScript.grants, 'GM_log')) {
+ sandbox.GM_log = GM_util.hitch(new GM_ScriptLogger(aScript), 'log');
+ }
+ if (GM_util.inArray(aScript.grants, 'GM_registerMenuCommand')) {
+ var gmrmc = GM_util.hitch(
+ null, registerMenuCommand, aContentWin, aScript);
+ sandbox.GM_registerMenuCommand = gmrmc;
+ }
+
+ var scriptStorage = new GM_ScriptStorage(aScript);
+ if (GM_util.inArray(aScript.grants, 'GM_deleteValue')) {
+ sandbox.GM_deleteValue = GM_util.hitch(scriptStorage, 'deleteValue');
+ }
+ if (GM_util.inArray(aScript.grants, 'GM_getValue')) {
+ sandbox.GM_getValue = GM_util.hitch(scriptStorage, 'getValue');
+ }
+ if (GM_util.inArray(aScript.grants, 'GM_setValue')) {
+ sandbox.GM_setValue = GM_util.hitch(scriptStorage, 'setValue');
+ }
+
+ if (GM_util.inArray(aScript.grants, 'GM_setClipboard')) {
+ sandbox.GM_setClipboard = GM_util.hitch(null, GM_setClipboard);
+ }
+
+ var scriptResources = new GM_Resources(aScript);
+ if (GM_util.inArray(aScript.grants, 'GM_getResourceURL')) {
+ sandbox.GM_getResourceURL = GM_util.hitch(scriptResources, 'getResourceURL', aScript);
+ }
+ if (GM_util.inArray(aScript.grants, 'GM_getResourceText')) {
+ sandbox.GM_getResourceText = GM_util.hitch(scriptResources, 'getResourceText');
+ }
+
+ if (GM_util.inArray(aScript.grants, 'GM_listValues')) {
+ sandbox.GM_listValues = GM_util.hitch(scriptStorage, 'listValues');
+ }
+ if (GM_util.inArray(aScript.grants, 'GM_openInTab')) {
+ sandbox.GM_openInTab = GM_util.hitch(
+ null, GM_openInTab, aContentWin);
+ }
+ if (GM_util.inArray(aScript.grants, 'GM_xmlhttpRequest')) {
+ sandbox.GM_xmlhttpRequest = GM_util.hitch(
+ new GM_xmlhttpRequester(aContentWin, aUrl, sandbox),
+ 'contentStartRequest');
+ }
+
+ Components.utils.evalInSandbox(
+ 'const GM_info = ' + uneval(aScript.info()), sandbox);
+
+ return sandbox;
+}
+
+
+function runScriptInSandbox(script, sandbox) {
+ // Eval the code, with anonymous wrappers when/if appropriate.
+ function evalWithWrapper(code, fileName) {
+ try {
+ Components.utils.evalInSandbox(code, sandbox, gMaxJSVersion, fileName, 1);
+ } catch (e) {
+ if ("return not in function" == e.message) {
+ // See #1592; we never anon wrap anymore, unless forced to by a return
+ // not in a function.
+ GM_util.logError(
+ gStringBundle.GetStringFromName('return-not-in-func-deprecated'),
+ true, // is a warning
+ fileName,
+ e.lineNumber
+ );
+ Components.utils.evalInSandbox(
+ GM_util.anonWrap(code), sandbox, gMaxJSVersion, fileName, 1);
+ } else {
+ // Otherwise raise.
+ throw e;
+ }
+ }
+ }
+
+ // Eval the code, with a try/catch to report errors cleanly.
+ function evalWithCatch(code, fileName) {
+ try {
+ evalWithWrapper(code, fileName);
+ } catch (e) {
+ // Log it properly.
+ GM_util.logError(e, false, fileName, e.lineNumber);
+ // Stop the script, in the case of requires, as if it was one big script.
+ return false;
+ }
+ return true;
+ }
+
+ for (var i = 0, require = null; require = script.requires[i]; i++) {
+ if (!evalWithCatch(require.textContent, require.fileURL)) {
+ return;
+ }
+ }
+ evalWithCatch(script.textContent, script.fileURL);
+}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-mozext/greasemonkey.git
More information about the Pkg-mozext-commits
mailing list