mirrors/zotero
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

fix getTranslatorObject(), and throw an error if cross-site getTranslatorObject() is attempted

Browse source
This commit is contained in:
Simon Kornblith 2010-11-05 03:26:00 +00:00
parent 253e439a0c
commit ee101b5bc0
1 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
chrome/content/zotero/xpcom/translation/translate.js
View file

@ -264,12 +264,16 @@ Zotero.Translate.Sandbox = {
return translation.translate(false); return translation.translate(false);
}; };
safeTranslator.getTranslatorObject = function() { safeTranslator.getTranslatorObject = function() {
translation._loadTranslator(); translation._loadTranslator(translation.translator[0]);
if(translate._sandboxLocation != translation._sandboxLocation) {
throw "Translate: getTranslatorObject() may not be called from web or search "+
"translators to web or search translators with different URIs.";
}
translation._prepareTranslation(); translation._prepareTranslation();
setDefaultHandlers(translate, translation); setDefaultHandlers(translate, translation);
// return sandbox // return sandbox
return translation.sandboxManager.sandbox; return translation._sandboxManager.sandbox;
}; };
// TODO security is not super-tight here, as someone could pass something into arg // TODO security is not super-tight here, as someone could pass something into arg