Fixes CVE-2024-11692 (Select list elements could be shown over another site)
Based on <https://hg.mozilla.org/releases/mozilla-esr128/rev/a6cf1a7cd289db4f46cb34f4dd16cce133b25e8d>
Adapted to ESR 115 by Mark H Weaver <mhw@netris.org>

# HG changeset patch
# User Edgar Chen <echen@mozilla.com>
# Date 1730556179 0
# Node ID a6cf1a7cd289db4f46cb34f4dd16cce133b25e8d
# Parent  e983e8a66e515a2e32497cec1b3ccf439396dadc
Bug 1909535 - Don't show select dropdown in background tabs;  a=dmeehan

Original Revision: https://phabricator.services.mozilla.com/D225706

Differential Revision: https://phabricator.services.mozilla.com/D227607

diff --git a/toolkit/actors/SelectParent.sys.mjs b/toolkit/actors/SelectParent.sys.mjs
--- a/toolkit/actors/SelectParent.sys.mjs
+++ b/toolkit/actors/SelectParent.sys.mjs
@@ -273,16 +273,41 @@ export var SelectParentHelper = {
     }
 
     this._currentZoom = zoom;
     this._currentMenulist = menulist;
     this.populateChildren(menulist, items, uniqueItemStyles, selectedIndex);
   },
 
   open(browser, menulist, rect, isOpenedViaTouch, selectParentActor) {
+    const canOpen = (() => {
+      if (!menulist.ownerDocument.hasFocus()) {
+        // Don't open in inactive browser windows.
+        return false;
+      }
+      if (browser) {
+        if (!browser.browsingContext.isActive) {
+          // Don't open in inactive tabs.
+          return false;
+        }
+        let tabbrowser = browser.getTabBrowser();
+        if (tabbrowser && tabbrowser.selectedBrowser != browser) {
+          // AsyncTabSwitcher might delay activating our browser, check
+          // explicitly for tabbrowser.
+          return false;
+        }
+      }
+      return true;
+    })();
+
+    if (!canOpen) {
+      selectParentActor.sendAsyncMessage("Forms:DismissedDropDown", {});
+      return;
+    }
+
     this._actor = selectParentActor;
     menulist.hidden = false;
     this._currentBrowser = browser;
     this._closedWithEnter = false;
     this._selectRect = rect;
     this._registerListeners(menulist.menupopup);
 
     // Set the maximum height to show exactly MAX_ROWS items.