Re: performing cross-context instanceof checks

2018-01-11 Thread Kris Maglione
On Thu, Jan 11, 2018 at 12:10:35PM -0800, Bobby Holley wrote: On Thu, Jan 11, 2018 at 12:06 PM, Kris Maglione wrote: On Thu, Jan 11, 2018 at 05:12:37PM +0100, Tom Schuster wrote: This could be an issue for WebExtensions as well. I think the contentscript sandbox runs in a different compartment

Re: performing cross-context instanceof checks

2018-01-11 Thread Bobby Holley
On Thu, Jan 11, 2018 at 12:06 PM, Kris Maglione wrote: > On Thu, Jan 11, 2018 at 05:12:37PM +0100, Tom Schuster wrote: > >> This could be an issue for WebExtensions as well. I think the >> contentscript >> sandbox runs in a different compartment. >> > > It runs in a different compartment, but the

Re: performing cross-context instanceof checks

2018-01-11 Thread Kris Maglione
On Thu, Jan 11, 2018 at 05:12:37PM +0100, Tom Schuster wrote: This could be an issue for WebExtensions as well. I think the contentscript sandbox runs in a different compartment. It runs in a different compartment, but the DOM constructors it has access to come from the same content window as

Re: performing cross-context instanceof checks

2018-01-11 Thread Bobby Holley
IIRC Blink uses a different mechanism (called "separate worlds") to allow extensions to interact with content, whereas we use a separate global + xrays. So this likely will be a problem for WebExtensions, and we'll presumably need a sandboxOption to opt into the old behavior. On Thu, Jan 11, 2018

Re: performing cross-context instanceof checks

2018-01-11 Thread Gijs Kruitbosch
Based on what Cameron wrote, other browsers already return false if things get mixed, so hopefully the WebExtensions side of the problem is still limited? ~ Gijs On 11/01/2018 16:12, Tom Schuster wrote: This could be an issue for WebExtensions as well. I think the contentscript sandbox runs i

Re: performing cross-context instanceof checks

2018-01-11 Thread Tom Schuster
This could be an issue for WebExtensions as well. I think the contentscript sandbox runs in a different compartment. On Thu, Jan 11, 2018 at 3:58 PM, Gijs Kruitbosch wrote: > On 11/01/2018 05:29, Cameron McCormack wrote: > >> For use in the meantime, I just landed bug 1428531 on inbound, which a

Re: performing cross-context instanceof checks

2018-01-11 Thread Gijs Kruitbosch
On 11/01/2018 05:29, Cameron McCormack wrote: For use in the meantime, I just landed bug 1428531 on inbound, which adds a new chrome-only static method "isInstance" to Web IDL defined interfaces, so you can write for example: Document.isInstance(otherWindow.document) So that we don't have

performing cross-context instanceof checks

2018-01-10 Thread Cameron McCormack
Hi, For a long time Firefox's behaviour for instanceof checks on DOM objects, when the right-hand side interface object comes from a different window from the object on the left, has differed from other browsers. For example, otherWindow.document instanceof Node evaluates to true in Firefox