KotJohansson/UXP
1
0
Fork 0
mirror of https://github.com/roytam1/UXP.git synced 2026-05-26 14:54:25 +00:00
Code Issues Projects Releases Wiki Activity

[DOM security] Be more explicit about CSP checks and reports.

Browse Source
This commit is contained in:
Moonchild
2022-09-21 14:08:22 +00:00
committed by roytam1
parent ef3685dc5d
commit 95120acbb2
5 changed files with 70 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
dom/html/HTMLFormElement.cpp
+2 -1
View File
@@ -1721,7 +1721,8 @@ HTMLFormElement::GetActionURL(nsIURI** aActionURL,
// policy - do *not* consult default-src, see:
// http://www.w3.org/TR/CSP2/#directive-default-src
rv = csp->Permits(actionURL, nsIContentSecurityPolicy::FORM_ACTION_DIRECTIVE,
true, &permitsFormAction);
true /*aSpecific */, true /* aSendViolationReports */,
&permitsFormAction);
NS_ENSURE_SUCCESS(rv, rv);
if (!permitsFormAction) {
return NS_ERROR_CSP_FORM_ACTION_VIOLATION;