corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Backed out 5 changesets (bug 1761242, bug 1744822, bug 1761252) for causing browser-chrome failures in netwerk/test/browser/browser_103_assets.js CLOSED TREE

Browse Source 
Backed out changeset 33cc08eb51b3 (bug 1744822)
Backed out changeset b70697d24e75 (bug 1761252)
Backed out changeset 4a5e10110c6a (bug 1761242)
Backed out changeset 7cda175b833d (bug 1761242)
Backed out changeset 4f5ed111093b (bug 1761242)
This commit is contained in:
Molnar Sandor
2022-06-08 18:56:35 +03:00
parent 6abd352602
commit cd7c15e45b
27 changed files with 153 additions and 619 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
dom/script/ModuleLoader.cpp
View File

@@ -23,7 +23,6 @@
#include "js/loader/ModuleLoadRequest.h"
#include "xpcpublic.h"
#include "GeckoProfiler.h"
#include "nsContentSecurityManager.h"
#include "nsIContent.h"
#include "nsJSUtils.h"
#include "mozilla/dom/AutoEntryScript.h"
@@ -89,20 +88,24 @@ bool ModuleLoader::CanStartLoad(ModuleLoadRequest* aRequest, nsresult* aRvOut) {
}
nsresult ModuleLoader::StartFetch(ModuleLoadRequest* aRequest) {
nsSecurityFlags securityFlags;
// According to the spec, module scripts have different behaviour to classic
// scripts and always use CORS. Only exception: Non linkable about: pages
// which load local module scripts.
bool isAboutPageLoadingChromeURI = ScriptLoader::IsAboutPageLoadingChromeURI(
aRequest, GetScriptLoader()->GetDocument());
nsContentSecurityManager::CORSSecurityMapping corsMapping =
isAboutPageLoadingChromeURI
? nsContentSecurityManager::CORSSecurityMapping::DISABLE_CORS_CHECKS
: nsContentSecurityManager::CORSSecurityMapping::REQUIRE_CORS_CHECKS;
nsSecurityFlags securityFlags =
nsContentSecurityManager::ComputeSecurityFlags(aRequest->CORSMode(),
corsMapping);
if (GetScriptLoader()->IsAboutPageLoadingChromeURI(
aRequest, GetScriptLoader()->GetDocument())) {
securityFlags = nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL;
} else {
securityFlags = nsILoadInfo::SEC_REQUIRE_CORS_INHERITS_SEC_CONTEXT;
if (aRequest->CORSMode() == CORS_NONE ||
aRequest->CORSMode() == CORS_ANONYMOUS) {
securityFlags |= nsILoadInfo::SEC_COOKIES_SAME_ORIGIN;
} else {
MOZ_ASSERT(aRequest->CORSMode() == CORS_USE_CREDENTIALS);
securityFlags |= nsILoadInfo::SEC_COOKIES_INCLUDE;
}
}
securityFlags |= nsILoadInfo::SEC_ALLOW_CHROME;