"Permission denied to access property 'apply'" for wrapped functions

[Jordan Santell]

For all of our media tools, we wrap some content globals in a proxy
function[0]. A crude version of this would be, using an Array for example:

var original = Array.prototype.push;
Array.prototype.push = function wrapper () {
original.call(this, arguments);
/* report context, args, return value, etc */
}

Do not fear, we only wrap a few globals related to audio and canvas, not
the array, and only when the specific media tools are open. This has been
working in practice for awhile now, but some scenarios cause permission
errors. For example, when calling a wrapped function via call or apply.
Since the wrappers are created in chrome code, but exposed to content, is
there anyway to allow this? To test this, open up the web audio editor[1]
(enable in the dev tools options), and hit the reload button with the tool
open, and type this into the console:

(ctx = new AudioContext()).createOscillator.apply(ctx);

This will cause this error:
Error: Permission denied to access property 'apply'

Anyway around allowing apply/call to our chrome-wrapped functions to
content? Corresponding bug for this is bug 1130901 [2].

[0]
https://github.com/mozilla/gecko-dev/blob/4ae95aae6b09eef9de549e35297eabdd2d5c0678/toolkit/devtools/server/actors/call-watcher.js#L419-L429
[1] https://developer.mozilla.org/en-US/docs/Tools/Web_Audio_Editor
[2] https://bugzilla.mozilla.org/show_bug.cgi?id=1130901

[Gavin Sharp]

I think you probably want to talk to bholley!

Gavin

> _______________________________________________
> dev-security mailing list
> dev-se...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-security

[Panos Astithas]

You might have to do something like this (but do talk to bholley):

https://dxr.mozilla.org/mozilla-central/source/toolkit/devtools/server/actors/script.js#3843

Panos

> _______________________________________________
> dev-developer-tools mailing list
> dev-devel...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-developer-tools
>

[Jordan Santell]

Have been trying these suggestions, and doesn't seem like it's directly an
Xray issue, as it's exposing chrome to content, not the other way around.
The Cu.exportFunction gets me there, so Function prototype properties are
accessible, so that seemed to do the trick! Some issues remain with the
scope of arguments passed around, but will get there.

Thanks all!

On Tue, Feb 10, 2015 at 3:31 PM, Bobby Holley <bho...@mozilla.com> wrote:

> On Mon, Feb 9, 2015 at 5:48 PM, Gavin Sharp <ga...@gavinsharp.com> wrote:
>
>> I think you probably want to talk to bholley!
>>
>> Gavin
>>
>> On Mon, Feb 9, 2015 at 3:12 PM, Jordan Santell <jsan...@mozilla.com>
>> wrote:
>> > For all of our media tools, we wrap some content globals in a proxy
>> > function[0]. A crude version of this would be, using an Array for
>> example:
>> >
>> > var original = Array.prototype.push;
>> > Array.prototype.push = function wrapper () {
>> > original.call(this, arguments);
>> > /* report context, args, return value, etc */
>> > }
>>
>

> This example doesn't involve multiple globals, so it's not going to
> illustrate anything security-related.

>
> > Since the wrappers are created in chrome code, but exposed to content
>
>

> Are you just exposing chrome functions directly to content? If so, that
> would explain it - such things are callable for legacy reasons, but
> everything else is forbidden. You want Cu.exportFunction here.
>
> bholley
>