security fix: Components.util.Sandbox(window) can use xpconnect

git-svn-id: http://svn.coderepos.org/share/lang/javascript/vimperator-plugins/trunk@34032 d0d07461-0603-4401-acd4-de1884942a52
author: teramako 2009-06-18 16:19:11 +0000
committer: teramako 2009-06-18 16:19:11 +0000
commit: 89a619e5c6df544a081b9ccbaae76e33b4143c24 (patch)
tree: d6f6a448024b8418cb1376e72bcd5c21695e5791 /commandBookmarklet.js
parent: 09c2737e16b8b95b8e82d748b78ecd8f2404735d (diff)
download: vimperator-plugins-89a619e5c6df544a081b9ccbaae76e33b4143c24.tar.bz2
1 files changed, 1 insertions, 1 deletions
diff --git a/commandBookmarklet.js b/commandBookmarklet.js
index 829c9cd..18adf93 100644
--- a/commandBookmarklet.js
+++ b/commandBookmarklet.js
@@ -98,7 +98,7 @@ function toBoolean (value, def) {
 }
 
 function evalInSandbox (str) {
-  let sandbox = new Components.utils.Sandbox(buffer.URL);
+  let sandbox = new Components.utils.Sandbox("about:blank");
   sandbox.__proto__ = content.window.wrappedJSObject;
   return Components.utils.evalInSandbox(str, sandbox);
 }
author	teramako	2009-06-18 16:19:11 +0000
committer	teramako	2009-06-18 16:19:11 +0000
commit	89a619e5c6df544a081b9ccbaae76e33b4143c24 (patch)
tree	d6f6a448024b8418cb1376e72bcd5c21695e5791 /commandBookmarklet.js
parent	09c2737e16b8b95b8e82d748b78ecd8f2404735d (diff)
download	vimperator-plugins-89a619e5c6df544a081b9ccbaae76e33b4143c24.tar.bz2