[Project_owners] Re: Getting the right (secure) value from context menu code

Neil neil at parkwaycc.co.uk
Mon May 9 17:39:01 EDT 2005


Michael Vincent van Rantwijk wrote:

> Neil wrote:
>
>> Michael Vincent van Rantwijk wrote:
>>
>>> Neil wrote:
>>>
>>>> Michael Vincent van Rantwijk wrote:
>>>>
>>>>> How do I make the following line secure:
>>>>>
>>>>> var url = gContextMenu.target.ownerDocument.location.href;
>>>>>
>>>>> I hope that this is right:
>>>>>
>>>>> var ownerDocument = new XPCNativeWrapper(gContextMenu.target, 
>>>>> "ownerDocument").ownerDocument;
>>>>> var location = new XPCNativeWrapper(ownerDocument, 
>>>>> "location").location;
>>>>> var url = location.href;
>>>>>
>>>>> but what about 'target'?
>>>>
>>>> gContextMenu is a chrome object, so there are no issues there.
>>>
>>> Oh, well, I got a bit confused by this code I guess:
>>> http://lxr.mozilla.org/seamonkey/source/xpfe/communicator/resources/content/nsContextMenu.js#648 
>>>
>>
>> Well, you'll notice that it doesn't bother to wrap "this.target" ...
>
> As in it isn't needed there, because 'this' is the chrome popup?

It's the chrome variable, yes.

Your clock's time's still wrong. Maybe your time is so far out that your 
timesync app can't cope. Make sure that your local timezone is correct 
as well as your local time.


More information about the Project_owners mailing list