summaryrefslogtreecommitdiffstats
path: root/js/xpconnect/wrappers/ChromeObjectWrapper.h
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--js/xpconnect/wrappers/ChromeObjectWrapper.h42
1 files changed, 42 insertions, 0 deletions
diff --git a/js/xpconnect/wrappers/ChromeObjectWrapper.h b/js/xpconnect/wrappers/ChromeObjectWrapper.h
new file mode 100644
index 0000000000..49ce4fc139
--- /dev/null
+++ b/js/xpconnect/wrappers/ChromeObjectWrapper.h
@@ -0,0 +1,42 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef __ChromeObjectWrapper_h__
+#define __ChromeObjectWrapper_h__
+
+#include "mozilla/Attributes.h"
+
+#include "FilteringWrapper.h"
+
+namespace xpc {
+
+struct OpaqueWithSilentFailing;
+
+// When a vanilla chrome JS object is exposed to content, we use a wrapper that
+// fails silently on GET, ENUMERATE, and GET_PROPERTY_DESCRIPTOR for legacy
+// reasons. For extra security, we override the traps that allow content to pass
+// an object to chrome, and perform extra security checks on them.
+#define ChromeObjectWrapperBase \
+ FilteringWrapper<js::CrossCompartmentSecurityWrapper, OpaqueWithSilentFailing>
+
+class ChromeObjectWrapper : public ChromeObjectWrapperBase {
+ public:
+ constexpr ChromeObjectWrapper() : ChromeObjectWrapperBase(0) {}
+
+ virtual bool defineProperty(JSContext* cx, JS::Handle<JSObject*> wrapper,
+ JS::Handle<jsid> id,
+ JS::Handle<JS::PropertyDescriptor> desc,
+ JS::ObjectOpResult& result) const override;
+ virtual bool set(JSContext* cx, JS::HandleObject wrapper, JS::HandleId id,
+ JS::HandleValue v, JS::HandleValue receiver,
+ JS::ObjectOpResult& result) const override;
+
+ static const ChromeObjectWrapper singleton;
+};
+
+} /* namespace xpc */
+
+#endif /* __ChromeObjectWrapper_h__ */