mirror of
https://github.com/classilla/tenfourfox.git
synced 2024-06-06 06:29:31 +00:00
#611: M1277475
This commit is contained in:
parent
80ece6a151
commit
0c828a96e6
|
@ -8293,7 +8293,7 @@ nsDocument::IsScriptEnabled()
|
||||||
{
|
{
|
||||||
// If this document is sandboxed without 'allow-scripts'
|
// If this document is sandboxed without 'allow-scripts'
|
||||||
// script is not enabled
|
// script is not enabled
|
||||||
if (mSandboxFlags & SANDBOXED_SCRIPTS) {
|
if (HasScriptsBlockedBySandbox()) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -13044,6 +13044,12 @@ nsIDocument::InlineScriptAllowedByCSP()
|
||||||
return allowsInlineScript;
|
return allowsInlineScript;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool
|
||||||
|
nsIDocument::HasScriptsBlockedBySandbox()
|
||||||
|
{
|
||||||
|
return mSandboxFlags & SANDBOXED_SCRIPTS;
|
||||||
|
}
|
||||||
|
|
||||||
static bool
|
static bool
|
||||||
MightBeAboutOrChromeScheme(nsIURI* aURI)
|
MightBeAboutOrChromeScheme(nsIURI* aURI)
|
||||||
{
|
{
|
||||||
|
|
|
@ -2678,6 +2678,8 @@ public:
|
||||||
return mUserHasInteracted;
|
return mUserHasInteracted;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool HasScriptsBlockedBySandbox();
|
||||||
|
|
||||||
bool InlineScriptAllowedByCSP();
|
bool InlineScriptAllowedByCSP();
|
||||||
|
|
||||||
void SetLinkHandlingEnabled(bool aValue) { mLinksEnabled = aValue; }
|
void SetLinkHandlingEnabled(bool aValue) { mLinksEnabled = aValue; }
|
||||||
|
|
|
@ -272,7 +272,7 @@ nsScriptLoader::StartLoad(nsScriptLoadRequest *aRequest, const nsAString &aType,
|
||||||
bool aScriptFromHead)
|
bool aScriptFromHead)
|
||||||
{
|
{
|
||||||
// If this document is sandboxed without 'allow-scripts', abort.
|
// If this document is sandboxed without 'allow-scripts', abort.
|
||||||
if (mDocument->GetSandboxFlags() & SANDBOXED_SCRIPTS) {
|
if (mDocument->HasScriptsBlockedBySandbox()) {
|
||||||
return NS_OK;
|
return NS_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -704,7 +704,7 @@ nsScriptLoader::ProcessScriptElement(nsIScriptElement *aElement)
|
||||||
|
|
||||||
// inline script
|
// inline script
|
||||||
// Is this document sandboxed without 'allow-scripts'?
|
// Is this document sandboxed without 'allow-scripts'?
|
||||||
if (mDocument->GetSandboxFlags() & SANDBOXED_SCRIPTS) {
|
if (mDocument->HasScriptsBlockedBySandbox()) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -735,7 +735,7 @@ EventListenerManager::SetEventHandler(nsIAtom* aName,
|
||||||
if (doc) {
|
if (doc) {
|
||||||
// Don't allow adding an event listener if the document is sandboxed
|
// Don't allow adding an event listener if the document is sandboxed
|
||||||
// without 'allow-scripts'.
|
// without 'allow-scripts'.
|
||||||
if (doc->GetSandboxFlags() & SANDBOXED_SCRIPTS) {
|
if (doc->HasScriptsBlockedBySandbox()) {
|
||||||
return NS_ERROR_DOM_SECURITY_ERR;
|
return NS_ERROR_DOM_SECURITY_ERR;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -201,7 +201,7 @@ nsresult nsJSThunk::EvaluateScript(nsIChannel *aChannel,
|
||||||
// Sandboxed document check: javascript: URI's are disabled
|
// Sandboxed document check: javascript: URI's are disabled
|
||||||
// in a sandboxed document unless 'allow-scripts' was specified.
|
// in a sandboxed document unless 'allow-scripts' was specified.
|
||||||
nsIDocument* doc = aOriginalInnerWindow->GetExtantDoc();
|
nsIDocument* doc = aOriginalInnerWindow->GetExtantDoc();
|
||||||
if (doc && (doc->GetSandboxFlags() & SANDBOXED_SCRIPTS)) {
|
if (doc && doc->HasScriptsBlockedBySandbox()) {
|
||||||
return NS_ERROR_DOM_RETVAL_UNDEFINED;
|
return NS_ERROR_DOM_RETVAL_UNDEFINED;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -403,6 +403,12 @@ partial interface Document {
|
||||||
[ChromeOnly] readonly attribute boolean userHasInteracted;
|
[ChromeOnly] readonly attribute boolean userHasInteracted;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
// Extension to give chrome and XBL JS the ability to determine whether
|
||||||
|
// the document is sandboxed without permission to run scripts.
|
||||||
|
partial interface Document {
|
||||||
|
[Func="IsChromeOrXBL"] readonly attribute boolean hasScriptsBlockedBySandbox;
|
||||||
|
};
|
||||||
|
|
||||||
// Extension to give chrome and XBL JS the ability to determine whether
|
// Extension to give chrome and XBL JS the ability to determine whether
|
||||||
// inline scripts are blocked by the document's CSP.
|
// inline scripts are blocked by the document's CSP.
|
||||||
partial interface Document {
|
partial interface Document {
|
||||||
|
|
|
@ -240,6 +240,13 @@
|
||||||
<parameter name="aIgnoreNextCall"/>
|
<parameter name="aIgnoreNextCall"/>
|
||||||
<body>
|
<body>
|
||||||
<![CDATA[
|
<![CDATA[
|
||||||
|
// _setEventListener is only used for setting the attribute event
|
||||||
|
// handlers, which we want to ignore if our document is sandboxed
|
||||||
|
// without the allow-scripts keyword.
|
||||||
|
if (document.hasScriptsBlockedBySandbox) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
// attribute event handlers should only be added if the
|
// attribute event handlers should only be added if the
|
||||||
// document's CSP allows it.
|
// document's CSP allows it.
|
||||||
if (!document.inlineScriptAllowedByCSP) {
|
if (!document.inlineScriptAllowedByCSP) {
|
||||||
|
|
Loading…
Reference in New Issue
Block a user