Merge mozilla-central to mozilla-inbound. a=merge on a CLOSED TREE
This commit is contained in:
Andreea Pavel
@@ -1611,24 +1611,6 @@ nsDocShell::GetParentCharset(const Encoding*& aCharset,
|
||||
NS_IF_ADDREF(*aPrincipal = mParentCharsetPrincipal);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsDocShell::GetChannelIsUnsafe(bool* aUnsafe)
|
||||
{
|
||||
*aUnsafe = false;
|
||||
|
||||
nsIChannel* channel = GetCurrentDocChannel();
|
||||
if (!channel) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIJARChannel> jarChannel = do_QueryInterface(channel);
|
||||
if (!jarChannel) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
return jarChannel->GetIsUnsafe(aUnsafe);
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsDocShell::GetHasMixedActiveContentLoaded(bool* aHasMixedActiveContentLoaded)
|
||||
{
|
||||
@@ -1687,12 +1669,6 @@ nsDocShell::GetAllowPlugins(bool* aAllowPlugins)
|
||||
NS_ENSURE_ARG_POINTER(aAllowPlugins);
|
||||
|
||||
*aAllowPlugins = mAllowPlugins;
|
||||
if (!mAllowPlugins) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
bool unsafe;
|
||||
*aAllowPlugins = NS_SUCCEEDED(GetChannelIsUnsafe(&unsafe)) && !unsafe;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
@@ -1906,12 +1882,6 @@ nsDocShell::GetAllowMetaRedirects(bool* aReturn)
|
||||
NS_ENSURE_ARG_POINTER(aReturn);
|
||||
|
||||
*aReturn = mAllowMetaRedirects;
|
||||
if (!mAllowMetaRedirects) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
bool unsafe;
|
||||
*aReturn = NS_SUCCEEDED(GetChannelIsUnsafe(&unsafe)) && !unsafe;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
@@ -9545,34 +9515,6 @@ nsDocShell::InternalLoad(nsIURI* aURI,
|
||||
}
|
||||
}
|
||||
|
||||
// Don't allow loads that would inherit our security context
|
||||
// if this document came from an unsafe channel.
|
||||
{
|
||||
bool willInherit;
|
||||
// This condition needs to match the one in
|
||||
// nsContentUtils::ChannelShouldInheritPrincipal.
|
||||
// Except we reverse the rv check to be safe in case
|
||||
// nsContentUtils::URIInheritsSecurityContext fails here and
|
||||
// succeeds there.
|
||||
rv = nsContentUtils::URIInheritsSecurityContext(aURI, &willInherit);
|
||||
if (NS_FAILED(rv) || willInherit || NS_IsAboutBlank(aURI)) {
|
||||
nsCOMPtr<nsIDocShellTreeItem> treeItem = this;
|
||||
do {
|
||||
nsCOMPtr<nsIDocShell> itemDocShell = do_QueryInterface(treeItem);
|
||||
bool isUnsafe;
|
||||
if (itemDocShell &&
|
||||
NS_SUCCEEDED(itemDocShell->GetChannelIsUnsafe(&isUnsafe)) &&
|
||||
isUnsafe) {
|
||||
return NS_ERROR_DOM_SECURITY_ERR;
|
||||
}
|
||||
|
||||
nsCOMPtr<nsIDocShellTreeItem> parent;
|
||||
treeItem->GetSameTypeParent(getter_AddRefs(parent));
|
||||
parent.swap(treeItem);
|
||||
} while (treeItem);
|
||||
}
|
||||
}
|
||||
|
||||
nsIDocument* doc = mContentViewer ? mContentViewer->GetDocument()
|
||||
: nullptr;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user