Compare commits
8 Commits
7c9617ab51
...
17b23692fe
Author | SHA1 | Date |
---|---|---|
Cameron Kaiser | 17b23692fe | |
Cameron Kaiser | 2f7da4e25a | |
Cameron Kaiser | c51a503edb | |
Cameron Kaiser | c889bc5ce1 | |
Cameron Kaiser | 2488fabc48 | |
Cameron Kaiser | fb91afbb46 | |
Cameron Kaiser | 28b4c08821 | |
Cameron Kaiser | 9197c15057 |
|
@ -49,7 +49,7 @@
|
||||||
<!ENTITY helpus.getInvolvedLink "get involved!">
|
<!ENTITY helpus.getInvolvedLink "get involved!">
|
||||||
<!ENTITY helpus.end "">
|
<!ENTITY helpus.end "">
|
||||||
|
|
||||||
<!ENTITY copyright.blurb "Copyright © 2010-2022 Contributors to TenFourFox. All rights reserved.">
|
<!ENTITY copyright.blurb "Copyright © 2010-2023 Contributors to TenFourFox. All rights reserved.">
|
||||||
|
|
||||||
<!-- LOCALIZATION NOTE (bottomLinks.license): This is a link title that links to about:license. -->
|
<!-- LOCALIZATION NOTE (bottomLinks.license): This is a link title that links to about:license. -->
|
||||||
<!ENTITY bottomLinks.license "Licensing Information">
|
<!ENTITY bottomLinks.license "Licensing Information">
|
||||||
|
|
|
@ -699,6 +699,7 @@ nsScriptSecurityManager::CheckLoadURIWithPrincipal(nsIPrincipal* aPrincipal,
|
||||||
ToLowerCase(hostname);
|
ToLowerCase(hostname);
|
||||||
#define BLOC(q) hostname.EqualsLiteral(q)
|
#define BLOC(q) hostname.EqualsLiteral(q)
|
||||||
#define BLOCU(q) url.EqualsLiteral(q)
|
#define BLOCU(q) url.EqualsLiteral(q)
|
||||||
|
#define BLOCS(q) (StringBeginsWith(url, NS_LITERAL_CSTRING(q)))
|
||||||
#define BLOCE(q) (StringEndsWith(url, NS_LITERAL_CSTRING(q)))
|
#define BLOCE(q) (StringEndsWith(url, NS_LITERAL_CSTRING(q)))
|
||||||
|
|
||||||
if (0 ||
|
if (0 ||
|
||||||
|
@ -711,10 +712,12 @@ nsScriptSecurityManager::CheckLoadURIWithPrincipal(nsIPrincipal* aPrincipal,
|
||||||
BLOCE("/public/scripts/tldr/index.js")
|
BLOCE("/public/scripts/tldr/index.js")
|
||||||
) ||
|
) ||
|
||||||
#endif // __ppc__
|
#endif // __ppc__
|
||||||
|
BLOCS("https://developer.mozilla.org/static/js/main.") ||
|
||||||
|
|
||||||
0) {
|
0) {
|
||||||
#undef BLOC
|
#undef BLOC
|
||||||
#undef BLOCU
|
#undef BLOCU
|
||||||
|
#undef BLOCS
|
||||||
#undef BLOCE
|
#undef BLOCE
|
||||||
|
|
||||||
#ifndef DEBUG
|
#ifndef DEBUG
|
||||||
|
|
|
@ -281,7 +281,7 @@ nsHTMLContentSerializer::AppendElementStart(Element* aElement,
|
||||||
if (ns == kNameSpaceID_XHTML &&
|
if (ns == kNameSpaceID_XHTML &&
|
||||||
(name == nsGkAtoms::script ||
|
(name == nsGkAtoms::script ||
|
||||||
name == nsGkAtoms::style ||
|
name == nsGkAtoms::style ||
|
||||||
name == nsGkAtoms::noscript ||
|
(name == nsGkAtoms::noscript && aElement->OwnerDoc()->IsScriptEnabled()) ||
|
||||||
name == nsGkAtoms::noframes)) {
|
name == nsGkAtoms::noframes)) {
|
||||||
++mDisableEntityEncoding;
|
++mDisableEntityEncoding;
|
||||||
}
|
}
|
||||||
|
@ -310,7 +310,7 @@ nsHTMLContentSerializer::AppendElementEnd(Element* aElement,
|
||||||
if (ns == kNameSpaceID_XHTML &&
|
if (ns == kNameSpaceID_XHTML &&
|
||||||
(name == nsGkAtoms::script ||
|
(name == nsGkAtoms::script ||
|
||||||
name == nsGkAtoms::style ||
|
name == nsGkAtoms::style ||
|
||||||
name == nsGkAtoms::noscript ||
|
(name == nsGkAtoms::noscript && aElement->OwnerDoc()->IsScriptEnabled()) ||
|
||||||
name == nsGkAtoms::noframes)) {
|
name == nsGkAtoms::noframes)) {
|
||||||
--mDisableEntityEncoding;
|
--mDisableEntityEncoding;
|
||||||
}
|
}
|
||||||
|
|
|
@ -74,7 +74,7 @@ pixman_sample_floor_y (pixman_fixed_t y,
|
||||||
|
|
||||||
if (f < Y_FRAC_FIRST (n))
|
if (f < Y_FRAC_FIRST (n))
|
||||||
{
|
{
|
||||||
if (pixman_fixed_to_int (i) == 0x8000)
|
if (pixman_fixed_to_int (i) == 0xffff8000)
|
||||||
{
|
{
|
||||||
f = 0; /* saturate */
|
f = 0; /* saturate */
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,18 +4,23 @@
|
||||||
|
|
||||||
#include "vdmx.h"
|
#include "vdmx.h"
|
||||||
|
|
||||||
|
#include <set>
|
||||||
|
|
||||||
// VDMX - Vertical Device Metrics
|
// VDMX - Vertical Device Metrics
|
||||||
// http://www.microsoft.com/typography/otspec/vdmx.htm
|
// http://www.microsoft.com/typography/otspec/vdmx.htm
|
||||||
|
|
||||||
namespace ots {
|
namespace ots {
|
||||||
|
|
||||||
|
#define TABLE_NAME "VDMX"
|
||||||
|
|
||||||
bool OpenTypeVDMX::Parse(const uint8_t *data, size_t length) {
|
bool OpenTypeVDMX::Parse(const uint8_t *data, size_t length) {
|
||||||
Buffer table(data, length);
|
Buffer table(data, length);
|
||||||
|
ots::Font* font = this->GetFont();
|
||||||
|
|
||||||
if (!table.ReadU16(&this->version) ||
|
if (!table.ReadU16(&this->version) ||
|
||||||
!table.ReadU16(&this->num_recs) ||
|
!table.ReadU16(&this->num_recs) ||
|
||||||
!table.ReadU16(&this->num_ratios)) {
|
!table.ReadU16(&this->num_ratios)) {
|
||||||
return Error("Failed to read table header");
|
return Drop("Failed to read table header");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (this->version > 1) {
|
if (this->version > 1) {
|
||||||
|
@ -30,7 +35,7 @@ bool OpenTypeVDMX::Parse(const uint8_t *data, size_t length) {
|
||||||
!table.ReadU8(&rec.x_ratio) ||
|
!table.ReadU8(&rec.x_ratio) ||
|
||||||
!table.ReadU8(&rec.y_start_ratio) ||
|
!table.ReadU8(&rec.y_start_ratio) ||
|
||||||
!table.ReadU8(&rec.y_end_ratio)) {
|
!table.ReadU8(&rec.y_end_ratio)) {
|
||||||
return Error("Failed to read RatioRange record %d", i);
|
return Drop("Failed to read RatioRange record %d", i);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (rec.charset > 1) {
|
if (rec.charset > 1) {
|
||||||
|
@ -56,17 +61,28 @@ bool OpenTypeVDMX::Parse(const uint8_t *data, size_t length) {
|
||||||
|
|
||||||
this->offsets.reserve(this->num_ratios);
|
this->offsets.reserve(this->num_ratios);
|
||||||
const size_t current_offset = table.offset();
|
const size_t current_offset = table.offset();
|
||||||
|
std::set<uint16_t> unique_offsets;
|
||||||
// current_offset is less than (2 bytes * 3) + (4 bytes * USHRT_MAX) = 256k.
|
// current_offset is less than (2 bytes * 3) + (4 bytes * USHRT_MAX) = 256k.
|
||||||
for (unsigned i = 0; i < this->num_ratios; ++i) {
|
for (unsigned i = 0; i < this->num_ratios; ++i) {
|
||||||
uint16_t offset;
|
uint16_t offset;
|
||||||
if (!table.ReadU16(&offset)) {
|
if (!table.ReadU16(&offset)) {
|
||||||
return Error("Failed to read ratio offset %d", i);
|
return Drop("Failed to read ratio offset %d", i);
|
||||||
}
|
}
|
||||||
if (current_offset + offset >= length) { // thus doesn't overflow.
|
if (current_offset + offset >= length) { // thus doesn't overflow.
|
||||||
return Error("Bad ratio offset %d for ration %d", offset, i);
|
return Drop("Bad ratio offset %d for ration %d", offset, i);
|
||||||
}
|
}
|
||||||
|
|
||||||
this->offsets.push_back(offset);
|
this->offsets.push_back(offset);
|
||||||
|
unique_offsets.insert(offset);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check that num_recs is sufficient to provide as many VDMXGroup records
|
||||||
|
// as there are unique offsets; if not, update it (we'll return an error
|
||||||
|
// below if they're not actually present).
|
||||||
|
if (unique_offsets.size() > this->num_recs) {
|
||||||
|
OTS_WARNING("increasing num_recs (%u is too small for %u unique offsets)",
|
||||||
|
this->num_recs, unique_offsets.size());
|
||||||
|
this->num_recs = unique_offsets.size();
|
||||||
}
|
}
|
||||||
|
|
||||||
this->groups.reserve(this->num_recs);
|
this->groups.reserve(this->num_recs);
|
||||||
|
@ -75,7 +91,7 @@ bool OpenTypeVDMX::Parse(const uint8_t *data, size_t length) {
|
||||||
if (!table.ReadU16(&group.recs) ||
|
if (!table.ReadU16(&group.recs) ||
|
||||||
!table.ReadU8(&group.startsz) ||
|
!table.ReadU8(&group.startsz) ||
|
||||||
!table.ReadU8(&group.endsz)) {
|
!table.ReadU8(&group.endsz)) {
|
||||||
return Error("Failed to read record header %d", i);
|
return Drop("Failed to read record header %d", i);
|
||||||
}
|
}
|
||||||
group.entries.reserve(group.recs);
|
group.entries.reserve(group.recs);
|
||||||
for (unsigned j = 0; j < group.recs; ++j) {
|
for (unsigned j = 0; j < group.recs; ++j) {
|
||||||
|
@ -83,7 +99,7 @@ bool OpenTypeVDMX::Parse(const uint8_t *data, size_t length) {
|
||||||
if (!table.ReadU16(&vt.y_pel_height) ||
|
if (!table.ReadU16(&vt.y_pel_height) ||
|
||||||
!table.ReadS16(&vt.y_max) ||
|
!table.ReadS16(&vt.y_max) ||
|
||||||
!table.ReadS16(&vt.y_min)) {
|
!table.ReadS16(&vt.y_min)) {
|
||||||
return Error("Failed to read reacord %d group %d", i, j);
|
return Drop("Failed to read record %d group %d", i, j);
|
||||||
}
|
}
|
||||||
if (vt.y_max < vt.y_min) {
|
if (vt.y_max < vt.y_min) {
|
||||||
return Drop("bad y min/max");
|
return Drop("bad y min/max");
|
||||||
|
@ -152,4 +168,6 @@ bool OpenTypeVDMX::Serialize(OTSStream *out) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#undef TABLE_NAME
|
||||||
|
|
||||||
} // namespace ots
|
} // namespace ots
|
||||||
|
|
|
@ -174,6 +174,9 @@ static ContentMap& GetContentMap() {
|
||||||
// When the pref "layout.css.grid.enabled" changes, this function is invoked
|
// When the pref "layout.css.grid.enabled" changes, this function is invoked
|
||||||
// to let us update kDisplayKTable, to selectively disable or restore the
|
// to let us update kDisplayKTable, to selectively disable or restore the
|
||||||
// entries for "grid" and "inline-grid" in that table.
|
// entries for "grid" and "inline-grid" in that table.
|
||||||
|
//
|
||||||
|
// NB: as of TenFourFox issue 659, a whitelist entry per host is also required
|
||||||
|
// to enable (but turning it off turns it off globally).
|
||||||
static void
|
static void
|
||||||
GridEnabledPrefChangeCallback(const char* aPrefName, void* aClosure)
|
GridEnabledPrefChangeCallback(const char* aPrefName, void* aClosure)
|
||||||
{
|
{
|
||||||
|
|
|
@ -6598,7 +6598,11 @@ PresShell::RecordMouseLocation(WidgetGUIEvent* aEvent)
|
||||||
|
|
||||||
nsIFrame* GetNearestFrameContainingPresShell(nsIPresShell* aPresShell)
|
nsIFrame* GetNearestFrameContainingPresShell(nsIPresShell* aPresShell)
|
||||||
{
|
{
|
||||||
nsView* view = aPresShell->GetViewManager()->GetRootView();
|
nsViewManager* vm = aPresShell->GetViewManager();
|
||||||
|
if (!vm) {
|
||||||
|
return nullptr;
|
||||||
|
}
|
||||||
|
nsView* view = vm->GetRootView();
|
||||||
while (view && !view->GetFrame()) {
|
while (view && !view->GetFrame()) {
|
||||||
view = view->GetParent();
|
view = view->GetParent();
|
||||||
}
|
}
|
||||||
|
|
|
@ -1439,6 +1439,10 @@ protected:
|
||||||
// Value to make sure our resolved variable results stay within sane limits.
|
// Value to make sure our resolved variable results stay within sane limits.
|
||||||
const uint32_t MAX_CSS_VAR_LENGTH = 10240;
|
const uint32_t MAX_CSS_VAR_LENGTH = 10240;
|
||||||
|
|
||||||
|
// TenFourFox issue 659
|
||||||
|
// If this host is whitelisted, turn on CSS grid and inline grid.
|
||||||
|
bool mHostCSSGridOK : 1;
|
||||||
|
|
||||||
public:
|
public:
|
||||||
// Used from nsCSSParser constructors and destructors
|
// Used from nsCSSParser constructors and destructors
|
||||||
CSSParserImpl* mNextFree;
|
CSSParserImpl* mNextFree;
|
||||||
|
@ -1587,6 +1591,32 @@ CSSParserImpl::InitScanner(nsCSSScanner& aScanner,
|
||||||
mSheetURI = aSheetURI;
|
mSheetURI = aSheetURI;
|
||||||
mSheetPrincipal = aSheetPrincipal;
|
mSheetPrincipal = aSheetPrincipal;
|
||||||
mHavePushBack = false;
|
mHavePushBack = false;
|
||||||
|
|
||||||
|
// TenFourFox issue 659
|
||||||
|
mHostCSSGridOK = false;
|
||||||
|
if (MOZ_LIKELY(mBaseURI)) {
|
||||||
|
nsCString host;
|
||||||
|
bool isChrome;
|
||||||
|
|
||||||
|
// Never turn on grid for browser chrome.
|
||||||
|
nsresult rv = mBaseURI->SchemeIs("chrome", &isChrome);
|
||||||
|
if (NS_SUCCEEDED(rv) && !isChrome) {
|
||||||
|
// Get host and check pref.
|
||||||
|
rv = mBaseURI->GetHost(host);
|
||||||
|
if (NS_SUCCEEDED(rv) && !host.IsEmpty()) {
|
||||||
|
nsCString pref;
|
||||||
|
|
||||||
|
pref.AssignLiteral("layout.css.grid.host.");
|
||||||
|
pref.SetCapacity(pref.Length() + host.Length());
|
||||||
|
pref += host;
|
||||||
|
mHostCSSGridOK = Preferences::GetBool(pref.get(), false);
|
||||||
|
#if DEBUG
|
||||||
|
if (mHostCSSGridOK)
|
||||||
|
fprintf(stderr, "CSS grid enabled for %s\n", pref.get());
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
|
@ -7586,6 +7616,14 @@ CSSParserImpl::ParseVariant(nsCSSValue& aValue,
|
||||||
}
|
}
|
||||||
if ((aVariantMask & VARIANT_KEYWORD) != 0) {
|
if ((aVariantMask & VARIANT_KEYWORD) != 0) {
|
||||||
int32_t value;
|
int32_t value;
|
||||||
|
|
||||||
|
// TenFourFox issue 659
|
||||||
|
if (MOZ_UNLIKELY(!mHostCSSGridOK &&
|
||||||
|
aKeywordTable == nsCSSProps::kDisplayKTable &&
|
||||||
|
(keyword == eCSSKeyword_grid ||
|
||||||
|
keyword == eCSSKeyword_inline_grid))) {
|
||||||
|
// pretend the keyword wasn't found
|
||||||
|
} else
|
||||||
if (nsCSSProps::FindKeyword(keyword, aKeywordTable, value)) {
|
if (nsCSSProps::FindKeyword(keyword, aKeywordTable, value)) {
|
||||||
aValue.SetIntValue(value, eCSSUnit_Enumerated);
|
aValue.SetIntValue(value, eCSSUnit_Enumerated);
|
||||||
return CSSParseResult::Ok;
|
return CSSParseResult::Ok;
|
||||||
|
|
|
@ -826,6 +826,11 @@ MOZ_WIN_MEM_TRY_BEGIN
|
||||||
uint32_t offset = aItem->LocalOffset();
|
uint32_t offset = aItem->LocalOffset();
|
||||||
if (len < ZIPLOCAL_SIZE || offset > len - ZIPLOCAL_SIZE)
|
if (len < ZIPLOCAL_SIZE || offset > len - ZIPLOCAL_SIZE)
|
||||||
return 0;
|
return 0;
|
||||||
|
// Check there's enough space for the signature
|
||||||
|
if (offset > mFd->mLen) {
|
||||||
|
NS_WARNING("Corrupt local offset in JAR file");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
// -- check signature before using the structure, in case the zip file is corrupt
|
// -- check signature before using the structure, in case the zip file is corrupt
|
||||||
ZipLocal* Local = (ZipLocal*)(data + offset);
|
ZipLocal* Local = (ZipLocal*)(data + offset);
|
||||||
|
@ -838,6 +843,11 @@ MOZ_WIN_MEM_TRY_BEGIN
|
||||||
offset += ZIPLOCAL_SIZE +
|
offset += ZIPLOCAL_SIZE +
|
||||||
xtoint(Local->filename_len) +
|
xtoint(Local->filename_len) +
|
||||||
xtoint(Local->extrafield_len);
|
xtoint(Local->extrafield_len);
|
||||||
|
// Check data points inside the file.
|
||||||
|
if (offset > mFd->mLen) {
|
||||||
|
NS_WARNING("Corrupt local offset in JAR file");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
return offset;
|
return offset;
|
||||||
MOZ_WIN_MEM_TRY_CATCH(return 0)
|
MOZ_WIN_MEM_TRY_CATCH(return 0)
|
||||||
|
|
|
@ -2395,11 +2395,10 @@ pref("layout.css.variables.enabled", true);
|
||||||
pref("layout.css.overflow-clip-box.enabled", false);
|
pref("layout.css.overflow-clip-box.enabled", false);
|
||||||
|
|
||||||
// Is support for CSS grid enabled?
|
// Is support for CSS grid enabled?
|
||||||
#ifdef RELEASE_BUILD
|
// TenFourFox issue 659 makes this into a per-host whitelist.
|
||||||
pref("layout.css.grid.enabled", false);
|
|
||||||
#else
|
|
||||||
pref("layout.css.grid.enabled", true);
|
pref("layout.css.grid.enabled", true);
|
||||||
#endif
|
// Whitelist by default:
|
||||||
|
pref("layout.css.grid.host.developer.mozilla.org", true);
|
||||||
|
|
||||||
// Is support for CSS "grid-template-{columns,rows}: subgrid X" enabled?
|
// Is support for CSS "grid-template-{columns,rows}: subgrid X" enabled?
|
||||||
pref("layout.css.grid-template-subgrid-value.enabled", false);
|
pref("layout.css.grid-template-subgrid-value.enabled", false);
|
||||||
|
|
|
@ -3224,11 +3224,13 @@ nsCookieService::SetCookieInternal(nsIURI *aHostURI,
|
||||||
// 3 = secure and "https:"
|
// 3 = secure and "https:"
|
||||||
bool isHTTPS;
|
bool isHTTPS;
|
||||||
nsresult rv = aHostURI->SchemeIs("https", &isHTTPS);
|
nsresult rv = aHostURI->SchemeIs("https", &isHTTPS);
|
||||||
|
/*
|
||||||
if (NS_SUCCEEDED(rv)) {
|
if (NS_SUCCEEDED(rv)) {
|
||||||
Telemetry::Accumulate(Telemetry::COOKIE_SCHEME_SECURITY,
|
Telemetry::Accumulate(Telemetry::COOKIE_SCHEME_SECURITY,
|
||||||
((cookieAttributes.isSecure)? 0x02 : 0x00) |
|
((cookieAttributes.isSecure)? 0x02 : 0x00) |
|
||||||
((isHTTPS)? 0x01 : 0x00));
|
((isHTTPS)? 0x01 : 0x00));
|
||||||
}
|
}
|
||||||
|
*/
|
||||||
|
|
||||||
int64_t currentTimeInUsec = PR_Now();
|
int64_t currentTimeInUsec = PR_Now();
|
||||||
|
|
||||||
|
@ -3285,6 +3287,15 @@ nsCookieService::SetCookieInternal(nsIURI *aHostURI,
|
||||||
return newCookie;
|
return newCookie;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!CheckHiddenPrefix(cookieAttributes)) {
|
||||||
|
COOKIE_LOGFAILURE(SET_COOKIE, aHostURI, savedCookieHeader, "failed the CheckHiddenPrefix tests");
|
||||||
|
return newCookie;
|
||||||
|
}
|
||||||
|
if (!CheckPrefixes(cookieAttributes, isHTTPS)) {
|
||||||
|
COOKIE_LOGFAILURE(SET_COOKIE, aHostURI, savedCookieHeader, "failed the prefix tests");
|
||||||
|
return newCookie;
|
||||||
|
}
|
||||||
|
|
||||||
// create a new nsCookie and copy attributes
|
// create a new nsCookie and copy attributes
|
||||||
RefPtr<nsCookie> cookie =
|
RefPtr<nsCookie> cookie =
|
||||||
nsCookie::Create(cookieAttributes.name,
|
nsCookie::Create(cookieAttributes.name,
|
||||||
|
@ -4108,6 +4119,56 @@ nsCookieService::CheckPath(nsCookieAttributes &aCookieAttributes,
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool
|
||||||
|
nsCookieService::CheckPrefixes(nsCookieAttributes &aCookieAttributes,
|
||||||
|
bool aSecureRequest)
|
||||||
|
{
|
||||||
|
if (aCookieAttributes.name.IsEmpty() || aCookieAttributes.name.Length() == 0)
|
||||||
|
return true;
|
||||||
|
|
||||||
|
bool isSecure = StringBeginsWith(aCookieAttributes.name, NS_LITERAL_CSTRING("__Secure-"));
|
||||||
|
bool isHost = StringBeginsWith(aCookieAttributes.name, NS_LITERAL_CSTRING("__Host-"));
|
||||||
|
|
||||||
|
if (!isSecure && !isHost) {
|
||||||
|
// not one of the magic prefixes: carry on
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!aSecureRequest || !aCookieAttributes.isSecure) {
|
||||||
|
// the magic prefixes may only be used from a secure request and
|
||||||
|
// the secure attribute must be set on the cookie
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (isHost) {
|
||||||
|
// The host prefix requires that the path is "/" and that the cookie
|
||||||
|
// had no domain attribute. CheckDomain() and CheckPath() MUST be run
|
||||||
|
// first to make sure invalid attributes are rejected and to regularlize
|
||||||
|
// them. In particular all explicit domain attributes result in a host
|
||||||
|
// that starts with a dot, and if the host doesn't start with a dot it
|
||||||
|
// correctly matches the true host.
|
||||||
|
if (aCookieAttributes.host[0] == '.' ||
|
||||||
|
!aCookieAttributes.path.EqualsLiteral("/")) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
bool
|
||||||
|
nsCookieService::CheckHiddenPrefix(nsCookieAttributes &aCookieAttributes)
|
||||||
|
{
|
||||||
|
if (aCookieAttributes.name.IsEmpty() || aCookieAttributes.name.Length() == 0)
|
||||||
|
return true;
|
||||||
|
if (StringBeginsWith(aCookieAttributes.value, NS_LITERAL_CSTRING("__Host-")))
|
||||||
|
return false;
|
||||||
|
if (StringBeginsWith(aCookieAttributes.value, NS_LITERAL_CSTRING("__Secure-")))
|
||||||
|
return false;
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
bool
|
bool
|
||||||
nsCookieService::GetExpiry(nsCookieAttributes &aCookieAttributes,
|
nsCookieService::GetExpiry(nsCookieAttributes &aCookieAttributes,
|
||||||
int64_t aServerTime,
|
int64_t aServerTime,
|
||||||
|
|
|
@ -309,6 +309,8 @@ class nsCookieService final : public nsICookieService
|
||||||
CookieStatus CheckPrefs(nsIURI *aHostURI, bool aIsForeign, bool aRequireHostMatch, const char *aCookieHeader);
|
CookieStatus CheckPrefs(nsIURI *aHostURI, bool aIsForeign, bool aRequireHostMatch, const char *aCookieHeader);
|
||||||
bool CheckDomain(nsCookieAttributes &aCookie, nsIURI *aHostURI, const nsCString &aBaseDomain, bool aRequireHostMatch);
|
bool CheckDomain(nsCookieAttributes &aCookie, nsIURI *aHostURI, const nsCString &aBaseDomain, bool aRequireHostMatch);
|
||||||
static bool CheckPath(nsCookieAttributes &aCookie, nsIURI *aHostURI);
|
static bool CheckPath(nsCookieAttributes &aCookie, nsIURI *aHostURI);
|
||||||
|
bool CheckPrefixes(nsCookieAttributes &aCookie, bool aSecureRequest);
|
||||||
|
bool CheckHiddenPrefix(nsCookieAttributes &aCookie);
|
||||||
static bool GetExpiry(nsCookieAttributes &aCookie, int64_t aServerTime, int64_t aCurrentTime);
|
static bool GetExpiry(nsCookieAttributes &aCookie, int64_t aServerTime, int64_t aCurrentTime);
|
||||||
void RemoveAllFromMemory();
|
void RemoveAllFromMemory();
|
||||||
already_AddRefed<nsIArray> PurgeCookies(int64_t aCurrentTimeInUsec);
|
already_AddRefed<nsIArray> PurgeCookies(int64_t aCurrentTimeInUsec);
|
||||||
|
|
|
@ -786,6 +786,14 @@ parserCreate(const XML_Char *encodingName,
|
||||||
parserInit(parser, encodingName);
|
parserInit(parser, encodingName);
|
||||||
|
|
||||||
if (encodingName && !protocolEncodingName) {
|
if (encodingName && !protocolEncodingName) {
|
||||||
|
if (dtd) {
|
||||||
|
// We need to stop the upcoming call to XML_ParserFree from happily
|
||||||
|
// destroying parser->m_dtd because the DTD is shared with the parent
|
||||||
|
// parser and the only guard that keeps XML_ParserFree from destroying
|
||||||
|
// parser->m_dtd is parser->m_isParamEntity but it will be set to
|
||||||
|
// XML_TRUE only later in XML_ExternalEntityParserCreate (or not at all).
|
||||||
|
parser->m_dtd = NULL;
|
||||||
|
}
|
||||||
XML_ParserFree(parser);
|
XML_ParserFree(parser);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1572,13 +1572,22 @@ nsLocalFile::IsExecutable(bool* aResult)
|
||||||
|
|
||||||
// Search for any of the set of executable extensions.
|
// Search for any of the set of executable extensions.
|
||||||
static const char* const executableExts[] = {
|
static const char* const executableExts[] = {
|
||||||
|
#ifdef MOZ_WIDGET_COCOA
|
||||||
|
"afploc", // Can point to other files.
|
||||||
|
#endif
|
||||||
"air", // Adobe AIR installer
|
"air", // Adobe AIR installer
|
||||||
#ifdef MOZ_WIDGET_COCOA
|
#ifdef MOZ_WIDGET_COCOA
|
||||||
"inetloc", // https://ssd-disclosure.com/ssd-advisory-macos-finder-rce/
|
"atloc", // Can point to other files.
|
||||||
"fileloc", // File location files can be used to point to other files.
|
"fileloc", // File location files can be used to point to other files.
|
||||||
"webloc", // same URL
|
"ftploc", // Can point to other files.
|
||||||
|
"inetloc", // https://ssd-disclosure.com/ssd-advisory-macos-finder-rce/
|
||||||
|
// Shouldn't be able to do the same, but can, due to
|
||||||
|
// macOS vulnerabilities.
|
||||||
#endif
|
#endif
|
||||||
"jar" // java application bundle
|
"jar" // java application bundle
|
||||||
|
#ifdef MOZ_WIDGET_COCOA
|
||||||
|
,"webloc" // same URL
|
||||||
|
#endif
|
||||||
};
|
};
|
||||||
nsDependentSubstring ext = Substring(path, dotIdx + 1);
|
nsDependentSubstring ext = Substring(path, dotIdx + 1);
|
||||||
for (size_t i = 0; i < ArrayLength(executableExts); i++) {
|
for (size_t i = 0; i < ArrayLength(executableExts); i++) {
|
||||||
|
@ -1781,11 +1790,14 @@ nsLocalFile::GetNativeTarget(nsACString& aResult)
|
||||||
return NS_ERROR_OUT_OF_MEMORY;
|
return NS_ERROR_OUT_OF_MEMORY;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (readlink(mPath.get(), target, (size_t)size) < 0) {
|
ssize_t written = readlink(mPath.get(), target, (size_t)size);
|
||||||
|
if (written < 0) {
|
||||||
free(target);
|
free(target);
|
||||||
return NSRESULT_FOR_ERRNO();
|
return NSRESULT_FOR_ERRNO();
|
||||||
}
|
}
|
||||||
target[size] = '\0';
|
// Target might have changed since the lstat call, or lstat might lie, see bug
|
||||||
|
// 1791029.
|
||||||
|
target[written] = '\0';
|
||||||
|
|
||||||
nsresult rv = NS_OK;
|
nsresult rv = NS_OK;
|
||||||
nsCOMPtr<nsIFile> self(this);
|
nsCOMPtr<nsIFile> self(this);
|
||||||
|
|
Loading…
Reference in New Issue