Fixing part of bug 265790 (the part that's a regression from bug 265921). Make it possible to flag DOM events as trusted when created using DOM APIs from native code, and marking the DOMWindowClose event (and a few other fired from nsGlobalWindow) as trusted to make closing a tab from script close the tab only, and not the whole window. r+sr=bzbarsky@mit.edu, a=chofmann@mozilla.org

git-svn-id: svn://10.0.0.236/trunk@164533 18797224-902f-48f8-a5cc-f745e15eee43

mozilla/content/events/src/nsEventStateManager.cpp

@@ -4305,7 +4305,9 @@ nsEventStateManager::ForceViewUpdate(nsIView* aView)
 }
 
 NS_IMETHODIMP
-nsEventStateManager::DispatchNewEvent(nsISupports* aTarget, nsIDOMEvent* aEvent, PRBool *aPreventDefault)
+nsEventStateManager::DispatchNewEvent(nsISupports* aTarget,
+                                      nsIDOMEvent* aEvent,
+                                      PRBool *aPreventDefault)
 {
   nsresult ret = NS_OK;
 
@@ -4314,14 +4316,22 @@ nsEventStateManager::DispatchNewEvent(nsISupports* aTarget, nsIDOMEvent* aEvent,
     nsCOMPtr<nsIDOMEventTarget> eventTarget(do_QueryInterface(aTarget));
     privEvt->SetTarget(eventTarget);
 
-      //Check security state to determine if dispatcher is trusted
-      nsIScriptSecurityManager *securityManager =
-        nsContentUtils::GetSecurityManager();
+    //Check security state to determine if dispatcher is trusted
+    nsIScriptSecurityManager *securityManager =
+      nsContentUtils::GetSecurityManager();
 
-    PRBool enabled;
-    nsresult res =
-      securityManager->IsCapabilityEnabled("UniversalBrowserWrite", &enabled);
-    privEvt->SetTrusted(NS_SUCCEEDED(res) && enabled);
+    PRBool trusted;
+    nsCOMPtr<nsIDOMNSEvent> nsevent(do_QueryInterface(privEvt));
+
+    nsevent->GetIsTrusted(&trusted);
+
+    if (!trusted) {
+      PRBool enabled;
+      nsresult res =
+        securityManager->IsCapabilityEnabled("UniversalBrowserWrite",
+                                             &enabled);
+      privEvt->SetTrusted(NS_SUCCEEDED(res) && enabled);
+    }
 
     nsEvent * innerEvent;
     privEvt->GetInternalNSEvent(&innerEvent);

mozilla/dom/src/base/nsGlobalWindow.cpp

@@ -2102,6 +2102,10 @@ NS_IMETHODIMP GlobalWindowImpl::SetFullScreen(PRBool aFullScreen)
     return NS_ERROR_FAILURE;
 
   event->InitEvent(NS_LITERAL_STRING("fullscreen"), PR_FALSE, PR_TRUE);
+
+  nsCOMPtr<nsIPrivateDOMEvent> privateEvent(do_QueryInterface(event));
+  privateEvent->SetTrusted(PR_TRUE);
+
   PRBool allowDefault;
   DispatchEvent(event, &allowDefault);
 
@@ -2924,6 +2928,9 @@ void FirePopupBlockedEvent(nsIDOMDocument* aDoc,
       nsCOMPtr<nsIDOMPopupBlockedEvent> pbev(do_QueryInterface(event));
       pbev->InitPopupBlockedEvent(NS_LITERAL_STRING("DOMPopupBlocked"),
               PR_TRUE, PR_TRUE, aRequestingURI, aPopupURI, aPopupWindowFeatures);
+      nsCOMPtr<nsIPrivateDOMEvent> privateEvent(do_QueryInterface(event));
+      privateEvent->SetTrusted(PR_TRUE);
+
       PRBool noDefault;
       nsCOMPtr<nsIDOMEventTarget> targ(do_QueryInterface(aDoc));
       targ->DispatchEvent(event, &noDefault);
@@ -2940,6 +2947,10 @@ void FirePopupWindowEvent(nsIDOMDocument* aDoc)
     docEvent->CreateEvent(NS_LITERAL_STRING("Events"), getter_AddRefs(event));
     if (event) {
       event->InitEvent(NS_LITERAL_STRING("PopupWindow"), PR_TRUE, PR_TRUE);
+
+      nsCOMPtr<nsIPrivateDOMEvent> privateEvent(do_QueryInterface(event));
+      privateEvent->SetTrusted(PR_TRUE);
+
       PRBool noDefault;
       nsCOMPtr<nsIDOMEventTarget> targ(do_QueryInterface(aDoc));
       targ->DispatchEvent(event, &noDefault);
@@ -3427,6 +3438,9 @@ GlobalWindowImpl::Close()
   if (event) {
     event->InitEvent(NS_LITERAL_STRING("DOMWindowClose"), PR_TRUE, PR_TRUE);
 
+    nsCOMPtr<nsIPrivateDOMEvent> privateEvent(do_QueryInterface(event));
+    privateEvent->SetTrusted(PR_TRUE);
+
     PRBool executeDefault = PR_TRUE;
     DispatchEvent(event, &executeDefault);