Fix: Return error and avoid panicking in SetOpener function (#33002)

* Fix: Return error and avoid panicking in SetOpener function Signed-off-by: Bentaimia Haddadi <haddadi.taym@gmail.com> * eturn JSFailed onstead of InvalidState Signed-off-by: Bentaimia Haddadi <haddadi.taym@gmail.com> * Update wpt test result Signed-off-by: Bentaimia Haddadi <haddadi.taym@gmail.com> --------- Signed-off-by: Bentaimia Haddadi <haddadi.taym@gmail.com>
2025-07-22 06:43:40 +01:00 · 2024-08-12 09:58:00 +02:00 · 2024-08-12 09:58:00 +02:00 · df8ccafa7c
commit df8ccafa7c
parent a797969efe
5 changed files with 22 additions and 21 deletions
--- a/components/script/dom/webidls/Window.webidl
+++ b/components/script/dom/webidls/Window.webidl
@ -36,7 +36,7 @@
  // Note that this can return null in the case that the browsing context has been discarded.
  // https://github.com/whatwg/html/issues/2115
  [LegacyUnforgeable, CrossOriginReadable] readonly attribute WindowProxy? top;
-  [CrossOriginReadable] attribute any opener;
+  [Throws, CrossOriginReadable] attribute any opener;
  // Note that this can return null in the case that the browsing context has been discarded.
  // https://github.com/whatwg/html/issues/2115
  [Replaceable, CrossOriginReadable] readonly attribute WindowProxy? parent;
--- a/components/script/dom/window.rs
+++ b/components/script/dom/window.rs
@ -702,41 +702,43 @@ impl WindowMethods for Window {
    }

    // https://html.spec.whatwg.org/multipage/#dom-opener
-    fn Opener(&self, cx: JSContext, in_realm_proof: InRealm) -> JSVal {
+    fn GetOpener(&self, cx: JSContext) -> Fallible<JSVal> {
        // Step 1, Let current be this Window object's browsing context.
        let current = match self.window_proxy.get() {
            Some(proxy) => proxy,
            // Step 2, If current is null, then return null.
-            None => return NullValue(),
+            None => return Ok(NullValue()),
        };
        // Still step 2, since the window's BC is the associated doc's BC,
        // see https://html.spec.whatwg.org/multipage/#window-bc
        // and a doc's BC is null if it has been discarded.
        // see https://html.spec.whatwg.org/multipage/#concept-document-bc
        if current.is_browsing_context_discarded() {
-            return NullValue();
+            return Ok(NullValue());
        }
        // Step 3 to 5.
-        current.opener(*cx, in_realm_proof)
+        Ok(current.opener(*cx))
    }

    #[allow(unsafe_code)]
    // https://html.spec.whatwg.org/multipage/#dom-opener
-    fn SetOpener(&self, cx: JSContext, value: HandleValue) {
+    fn SetOpener(&self, cx: JSContext, value: HandleValue) -> ErrorResult {
        // Step 1.
        if value.is_null() {
-            return self.window_proxy().disown();
+            self.window_proxy().disown();
+            return Ok(());
        }
        // Step 2.
        let obj = self.reflector().get_jsobject();
        unsafe {
-            assert!(JS_DefineProperty(
-                *cx,
-                obj,
-                c"opener".as_ptr(),
-                value,
-                JSPROP_ENUMERATE as u32
-            ));
+            let result =
+                JS_DefineProperty(*cx, obj, c"opener".as_ptr(), value, JSPROP_ENUMERATE as u32);
+
+            if result {
+                Ok(())
+            } else {
+                Err(Error::JSFailed)
+            }
        }
    }

--- a/components/script/dom/windowproxy.rs
+++ b/components/script/dom/windowproxy.rs
@ -418,7 +418,7 @@ impl WindowProxy {

    #[allow(unsafe_code)]
    // https://html.spec.whatwg.org/multipage/#dom-opener
-    pub fn opener(&self, cx: *mut JSContext, in_realm_proof: InRealm) -> JSVal {
+    pub fn opener(&self, cx: *mut JSContext) -> JSVal {
        if self.disowned.get() {
            return NullValue();
        }
@ -436,8 +436,11 @@ impl WindowProxy {
                    opener_id,
                ) {
                    Some(opener_top_id) => {
-                        let global_to_clone_from =
-                            unsafe { GlobalScope::from_context(cx, in_realm_proof) };
+                        let in_realm_proof =
+                            AlreadyInRealm::assert_for_cx(unsafe { SafeJSContext::from_ptr(cx) });
+                        let global_to_clone_from = unsafe {
+                            GlobalScope::from_context(cx, InRealm::Already(&in_realm_proof))
+                        };
                        let creator =
                            CreatorBrowsingContextInfo::from(parent_browsing_context, None);
                        WindowProxy::new_dissimilar_origin(
--- a/tests/wpt/meta-legacy-layout/html/browsers/the-window-object/window-opener-unconfigurable.window.js.ini
+++ b/tests/wpt/meta-legacy-layout/html/browsers/the-window-object/window-opener-unconfigurable.window.js.ini
@ -1,2 +0,0 @@
-[window-opener-unconfigurable.window.html]
-  expected: CRASH
--- a/tests/wpt/meta/html/browsers/the-window-object/window-opener-unconfigurable.window.js.ini
+++ b/tests/wpt/meta/html/browsers/the-window-object/window-opener-unconfigurable.window.js.ini
@ -1,2 +0,0 @@
-[window-opener-unconfigurable.window.html]
-  expected: CRASH