This moves the checking code back to NS_SniffContent and specifically
checks requests for either:
- Empty `Content-type` header, OR
- A known JSON MIME type
If present, sniffing is allowed despite `nosniff` because in the first
case this is webmaster error (conflicting `nosniff` without MIME type
would always fail, so sniff it), and in the second case we need this
carveout or our json viewer will break.
This fixes a regression for the JSON viewer from part 1 as it relies on
sniffing to prettify (and should carve out the exception even if `nosniff`
headers are sent).
No real functional changes otherwise. Just catering to a corner case.
This removes a lot of the plumbing for having the platform embed itself
through IPC which was required for B2G running the browser as both
shell and browser application.
This prevents cross-file access from files loaded into the browser from
the local file system, further restricting the origin policy of file:
URIs.
Added a pref to control this behavior for local file access if required
for certain applications, since this change might break using the
browser to run applications on the local file system that require
access to local files.
This creates a number of stubs and leaves some surrounding code that may be irrelevant (eg. recorded time stamps, status variables).
Stub resolution/removal should be a follow-up to this.
Moonchild
Matt A. Tobin
wolfbeast
wolfbeast
janekptacijarabaci
roytam1