The Tor Browser / file revision

js/xpconnect/crashtests/453935-1.html@129ffea94266

js/xpconnect/crashtests/453935-1.html

Sat, 03 Jan 2015 20:18:00 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Sat, 03 Jan 2015 20:18:00 +0100
branch
TOR_BUG_3246
changeset 7
129ffea94266
permissions
-rw-r--r--

Conditionally enable double key logic according to:
private browsing mode or privacy.thirdparty.isolate preference and
implement in GetCookieStringCommon and FindCookie where it counts...
With some reservations of how to convince FindCookie users to test
condition and pass a nullptr when disabling double key logic.

     1 <!DOCTYPE html>

     2 <html>

     3 <head>

     4 <script type="text/javascript">

     5 

     6 function boom()

     7 {

     8   var a = [];

     9   a[31] = undefined;

    10   a[40] = undefined;

    11   a[44] = {};

    12   a[45] = new XMLHttpRequest();

    13   a[48] = new XMLHttpRequest();

    14   a[53] = XMLHttpRequest.prototype;

    15   a[53].__proto__ = {};

    16   a[53].nodeType = 100;

    17   search(a, 41);

    18 }

    19 

    20 

    21 function search(a, start)

    22 {

    23   var N = a.length;

    24   

    25   for (var j = start; j < N; ++j) {

    26     var e = a[j];

    27     if (typeof e == "object" && "nodeType" in e && e.nodeType == 99)

    28       return j;

    29   }

    30 

    31   return null;

    32 }

    33 

    34 </script>

    35 </head>

    36 <body onload="boom();"></body>

    37 </html>

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial