Macintosh-SW/tenfourfox
1
0
Fork 0
mirror of https://github.com/classilla/tenfourfox.git synced 2024-12-29 02:31:05 +00:00
Code Issues Projects Releases Wiki Activity

#512: modified M1222924

Browse Source
This commit is contained in:
Cameron Kaiser 2018-07-14 21:16:14 -07:00
parent e8ee244caa
commit c59480e6bb
1 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
caps/nsScriptSecurityManager.cpp
View File

@ -1205,6 +1205,12 @@ nsScriptSecurityManager::CheckLoadURIWithPrincipal(nsIPrincipal* aPrincipal,
}
}
return NS_OK;
} else if ((!sourceScheme.LowerCaseEqualsLiteral("http") &&
!sourceScheme.LowerCaseEqualsLiteral("https")) &&
targetScheme.LowerCaseEqualsLiteral("moz-icon")) {
// Don't expose moz-icon:// to the web, but it's okay for things
// like file:// and ftp://.
return NS_OK;
}
// If the schemes don't match, the policy is specified by the protocol
@ -1233,9 +1239,11 @@ nsScriptSecurityManager::CheckLoadURIWithPrincipal(nsIPrincipal* aPrincipal,
if (hasFlags) {
if (aFlags & nsIScriptSecurityManager::ALLOW_CHROME) {
// For now, don't change behavior for resource:// or moz-icon:// and
// just allow them.
if (!targetScheme.EqualsLiteral("chrome")) {
// For now, don't change behavior for resource:// and
// just allow it. This is required for extensions that inject
// internal resources into pages such as custom controls.
if (!targetScheme.EqualsLiteral("chrome") &&
!targetScheme.EqualsLiteral("moz-icon")) {
return NS_OK;
}