corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge inbound to mozilla-central. a=merge

Browse Source
This commit is contained in:
Margareta Eliza Balazs
2018-09-25 12:42:09 +03:00
parent 2aeece263b 027fdf5373
commit 1290c58f68
567 changed files with 28595 additions and 7077 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
docshell/base/nsDocShell.cpp
View File

@@ -11612,7 +11612,9 @@ nsDocShell::AddState(JS::Handle<JS::Value> aData, const nsAString& aTitle,
NS_ENSURE_SUCCESS(currentURI->GetUserPass(currentUserPass),
NS_ERROR_FAILURE);
NS_ENSURE_SUCCESS(newURI->GetUserPass(newUserPass), NS_ERROR_FAILURE);
if (NS_FAILED(secMan->CheckSameOriginURI(currentURI, newURI, true)) ||
bool isPrivateWin =
document->NodePrincipal()->OriginAttributesRef().mPrivateBrowsingId > 0;
if (NS_FAILED(secMan->CheckSameOriginURI(currentURI, newURI, true, isPrivateWin)) ||
!currentUserPass.Equals(newUserPass)) {
return NS_ERROR_DOM_SECURITY_ERR;
}
@@ -12977,10 +12979,18 @@ nsDocShell::IsOKToLoadURI(nsIURI* aURI)
return false;
}
bool isPrivateWin = false;
nsIDocument *doc = GetDocument();
if (doc) {
isPrivateWin =
doc->NodePrincipal()->OriginAttributesRef().mPrivateBrowsingId > 0;
}
nsCOMPtr<nsIScriptSecurityManager> secMan =
do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID);
return secMan &&
NS_SUCCEEDED(secMan->CheckSameOriginURI(aURI, mLoadingURI, false));
NS_SUCCEEDED(secMan->CheckSameOriginURI(aURI, mLoadingURI, false, isPrivateWin));
}
//