#551: M1538619 M1538736 M1542829 M1543617 M1531346 M1540166
This commit is contained in:
parent
a5f18b5804
commit
54aa2d7cc1
|
@ -43,6 +43,7 @@
|
|||
#include "nsIForm.h"
|
||||
#include "nsIFormControl.h"
|
||||
|
||||
#include "nsContentUtils.h"
|
||||
#include "nsDeckFrame.h"
|
||||
#include "nsLayoutUtils.h"
|
||||
#include "nsIPresShell.h"
|
||||
|
@ -2409,6 +2410,12 @@ Accessible::CurrentItem()
|
|||
nsIDocument* DOMDoc = mContent->OwnerDoc();
|
||||
dom::Element* activeDescendantElm = DOMDoc->GetElementById(id);
|
||||
if (activeDescendantElm) {
|
||||
if (nsContentUtils::ContentIsDescendantOf(mContent,
|
||||
activeDescendantElm)) {
|
||||
// Don't want a cyclical descendant relationship. That would be bad.
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
DocAccessible* document = Document();
|
||||
if (document)
|
||||
return document->GetAccessible(activeDescendantElm);
|
||||
|
|
|
@ -708,6 +708,7 @@ DataTransfer::SetDataAtInternal(const nsAString& aFormat, nsIVariant* aData,
|
|||
// don't allow non-chrome to add file data
|
||||
// XXX perhaps this should also limit any non-string type as well
|
||||
if ((aFormat.EqualsLiteral("application/x-moz-file-promise") ||
|
||||
aFormat.EqualsLiteral("text/x-moz-place") ||
|
||||
aFormat.EqualsLiteral("application/x-moz-file")) &&
|
||||
!nsContentUtils::IsSystemPrincipal(aSubjectPrincipal)) {
|
||||
return NS_ERROR_DOM_SECURITY_ERR;
|
||||
|
|
|
@ -21994,29 +21994,36 @@ TransactionDatabaseOperationBase::RunOnOwningThread()
|
|||
MOZ_ASSERT(mTransaction);
|
||||
|
||||
if (NS_WARN_IF(IsActorDestroyed())) {
|
||||
// Don't send any notifications if the actor was destroyed already.
|
||||
// Normally we wouldn't need to send any notifications if the actor was
|
||||
// already destroyed, but this can be a VersionChangeOp which needs to
|
||||
// notify its parent operation (OpenDatabaseOp) about the failure.
|
||||
// So SendFailureResult needs to be called even when the actor was
|
||||
// destroyed. Normal operations redundantly check if the actor was
|
||||
// destroyed in SendSuccessResult and SendFailureResult, therefore it's
|
||||
// ok to call it in all cases here.
|
||||
if (NS_SUCCEEDED(mResultCode)) {
|
||||
IDB_REPORT_INTERNAL_ERR();
|
||||
mResultCode = NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR;
|
||||
}
|
||||
} else {
|
||||
if (mTransaction->IsInvalidated()) {
|
||||
mResultCode = NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR;
|
||||
} else if (mTransaction->IsAborted()) {
|
||||
// Aborted transactions always see their requests fail with ABORT_ERR,
|
||||
// even if the request succeeded or failed with another error.
|
||||
mResultCode = NS_ERROR_DOM_INDEXEDDB_ABORT_ERR;
|
||||
} else if (NS_SUCCEEDED(mResultCode)) {
|
||||
// This may release the IPDL reference.
|
||||
mResultCode = SendSuccessResult();
|
||||
}
|
||||
} else if (mTransaction->IsInvalidated() || mTransaction->IsAborted()) {
|
||||
// Aborted transactions always see their requests fail with ABORT_ERR,
|
||||
// even if the request succeeded or failed with another error.
|
||||
mResultCode = NS_ERROR_DOM_INDEXEDDB_ABORT_ERR;
|
||||
}
|
||||
|
||||
if (NS_FAILED(mResultCode)) {
|
||||
// This should definitely release the IPDL reference.
|
||||
if (!SendFailureResult(mResultCode)) {
|
||||
// Abort the transaction.
|
||||
mTransaction->Abort(mResultCode, /* aForce */ false);
|
||||
}
|
||||
if (NS_SUCCEEDED(mResultCode)) {
|
||||
// This may release the IPDL reference.
|
||||
mResultCode = SendSuccessResult();
|
||||
} else {
|
||||
// I'm not sure why the code was originally this way, nor why bug 1538619
|
||||
// didn't clean it up, but it looks stupid the way it was written before.
|
||||
// -- Cameron (TenFourFox issue 551)
|
||||
NS_ASSERTION(NS_FAILED(mResultCode), "wtf? we didn't succeed OR fail??");
|
||||
|
||||
// This should definitely release the IPDL reference.
|
||||
if (!SendFailureResult(mResultCode)) {
|
||||
// Abort the transaction.
|
||||
mTransaction->Abort(mResultCode, /* aForce */ false);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -44,9 +44,13 @@ bool
|
|||
CanvasLayerComposite::SetCompositableHost(CompositableHost* aHost)
|
||||
{
|
||||
switch (aHost->GetType()) {
|
||||
case CompositableType::IMAGE:
|
||||
case CompositableType::IMAGE: {
|
||||
if (mCompositableHost && aHost != mCompositableHost) {
|
||||
mCompositableHost->Detach(this);
|
||||
}
|
||||
mCompositableHost = aHost;
|
||||
return true;
|
||||
}
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
|
|
|
@ -50,9 +50,14 @@ ImageLayerComposite::SetCompositableHost(CompositableHost* aHost)
|
|||
{
|
||||
switch (aHost->GetType()) {
|
||||
case CompositableType::IMAGE:
|
||||
case CompositableType::IMAGE_OVERLAY:
|
||||
mImageHost = aHost;
|
||||
case CompositableType::IMAGE_OVERLAY: {
|
||||
ImageHost* newImageHost = static_cast<ImageHost*>(aHost);
|
||||
if (mImageHost && newImageHost != mImageHost) {
|
||||
mImageHost->Detach(this);
|
||||
}
|
||||
mImageHost = newImageHost;
|
||||
return true;
|
||||
}
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
|
|
|
@ -49,9 +49,14 @@ PaintedLayerComposite::SetCompositableHost(CompositableHost* aHost)
|
|||
switch (aHost->GetType()) {
|
||||
case CompositableType::CONTENT_TILED:
|
||||
case CompositableType::CONTENT_SINGLE:
|
||||
case CompositableType::CONTENT_DOUBLE:
|
||||
mBuffer = static_cast<ContentHost*>(aHost);
|
||||
case CompositableType::CONTENT_DOUBLE: {
|
||||
ContentHost* newBuffer = static_cast<ContentHost*>(aHost);
|
||||
if (mBuffer && newBuffer != mBuffer) {
|
||||
mBuffer->Detach(this);
|
||||
}
|
||||
mBuffer = newBuffer;
|
||||
return true;
|
||||
}
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
|
|
|
@ -4599,7 +4599,7 @@ png_image_free(png_imagep image)
|
|||
image->opaque->error_buf == NULL)
|
||||
{
|
||||
/* Ignore errors here: */
|
||||
(void)png_safe_execute(image, png_image_free_function, image);
|
||||
png_image_free_function(image);
|
||||
image->opaque = NULL;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -688,6 +688,7 @@ this.PlacesUtils = {
|
|||
* @param type
|
||||
* The content type of the blob.
|
||||
* @returns An array of objects representing each item contained by the source.
|
||||
* @throws if the blob contains invalid data.
|
||||
*/
|
||||
unwrapNodes: function PU_unwrapNodes(blob, type) {
|
||||
// We split on "\n" because the transferable system converts "\r\n" to "\n"
|
||||
|
@ -719,7 +720,8 @@ this.PlacesUtils = {
|
|||
catch (e) {}
|
||||
}
|
||||
// note: this._uri() will throw if uriString is not a valid URI
|
||||
if (this._uri(uriString)) {
|
||||
let uri = this._uri(uriString);
|
||||
if (uri && uri.scheme != "place") {
|
||||
nodes.push({ uri: uriString,
|
||||
title: titleString ? titleString : uriString ,
|
||||
type: this.TYPE_X_MOZ_URL });
|
||||
|
@ -731,14 +733,17 @@ this.PlacesUtils = {
|
|||
for (var i = 0; i < parts.length; i++) {
|
||||
var uriString = parts[i];
|
||||
// text/uri-list is converted to TYPE_UNICODE but it could contain
|
||||
// comments line prepended by #, we should skip them
|
||||
if (uriString.substr(0, 1) == '\x23')
|
||||
// comments line prepended by #, we should skip them, as well as
|
||||
// empty uris.
|
||||
if (uriString == "" || uriString.substr(0, 1) == '\x23')
|
||||
continue;
|
||||
// note: this._uri() will throw if uriString is not a valid URI
|
||||
if (uriString != "" && this._uri(uriString))
|
||||
let uri = this._uri(uriString);
|
||||
if (uri.scheme != "place") {
|
||||
nodes.push({ uri: uriString,
|
||||
title: uriString,
|
||||
type: this.TYPE_X_MOZ_URL });
|
||||
}
|
||||
}
|
||||
break;
|
||||
default:
|
||||
|
|
|
@ -2820,6 +2820,10 @@ nsCycleCollector::ForgetSkippable(bool aRemoveChildlessNodes,
|
|||
{
|
||||
CheckThreadSafety();
|
||||
|
||||
if (mFreeingSnowWhite) {
|
||||
return;
|
||||
}
|
||||
|
||||
mozilla::Maybe<mozilla::AutoGlobalTimelineMarker> marker;
|
||||
if (NS_IsMainThread()) {
|
||||
marker.emplace("nsCycleCollector::ForgetSkippable", MarkerStackRequest::NO_STACK);
|
||||
|
|
Loading…
Reference in New Issue