roytam1/palemoon27
1
0
Fork 0
mirror of https://github.com/roytam1/palemoon27.git synced 2026-05-26 14:18:48 +00:00
Code Issues Projects Releases Wiki Activity

import changes from `dev' branch of rmottola/Arctic-Fox:

Browse Source 
- Bug 1164292 - Tests. r=gabor (83c906b70)
- Bug 1164292 - Order the nsEP whitelist array. r=gabor (9ca334913)
- Bug 1165162 - Tests. r=gabor (5079f112f)
- Bug 1165162 - Introduce a helper for converting from origin strings to a principal. rpending=Yoshi (6d3dc9d23)
- Bug 1165162 - Fix typo in comment. r=me DONTBUILD (737bbcae7)
- Bug 1165162 - Fix up nsScriptSecurityManager::AppStatusForPrincipal to compare principals rather than origins. r=gabor, sr=sicking (17db467fb)
- Bug 1165162 - Add nsIPrincipal::cookieJar. r=sicking (92090c96a)
- Bug 1152033 - Expose CSS lexer to js. r=heycam, r=bz (d4103b799)
- Bug 1129999 - Implement CSP devtool using GCLI; CSP to JSON (r=sstamm,bholley) (3c2099d79)
- Bug 1156847 - Part 1: Add the Response::GetSecurityInfo() helper method; r=nsm (b4973d6b3)
- Bug 1156847 - Part 2: Store the security info for a service worker on its WorkerPrivate; r=bent,khuey (46cad4537)
This commit is contained in:
roytam1
2021-02-17 14:49:08 +08:00
parent fd2bb43e4b
commit 6b21c00205
32 changed files with 950 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files
caps/nsScriptSecurityManager.cpp
+8 -16
View File
@@ -280,29 +280,21 @@ nsScriptSecurityManager::AppStatusForPrincipal(nsIPrincipal *aPrin)
NS_ENSURE_SUCCESS(app->GetAppStatus(&status),
nsIPrincipal::APP_STATUS_NOT_INSTALLED);
nsAutoCString origin;
NS_ENSURE_SUCCESS(aPrin->GetOrigin(origin),
nsIPrincipal::APP_STATUS_NOT_INSTALLED);
nsString appOrigin;
NS_ENSURE_SUCCESS(app->GetOrigin(appOrigin),
nsIPrincipal::APP_STATUS_NOT_INSTALLED);
// We go from string -> nsIURI -> origin to be sure we
// compare two punny-encoded origins.
nsCOMPtr<nsIURI> appURI;
NS_ENSURE_SUCCESS(NS_NewURI(getter_AddRefs(appURI), appOrigin),
nsIPrincipal::APP_STATUS_NOT_INSTALLED);
nsAutoCString appOriginPunned;
NS_ENSURE_SUCCESS(nsPrincipal::GetOriginForURI(appURI, appOriginPunned),
nsIPrincipal::APP_STATUS_NOT_INSTALLED);
if (!appOriginPunned.Equals(origin)) {
return nsIPrincipal::APP_STATUS_NOT_INSTALLED;
}
return status;
// The app could contain a cross-origin iframe - make sure that the content
// is actually same-origin with the app.
MOZ_ASSERT(inMozBrowser == false, "Checked this above");
OriginAttributes attrs(appId, false);
nsCOMPtr<nsIPrincipal> appPrin = BasePrincipal::CreateCodebasePrincipal(appURI, attrs);
NS_ENSURE_TRUE(appPrin, nsIPrincipal::APP_STATUS_NOT_INSTALLED);
return aPrin->Equals(appPrin) ? status
: nsIPrincipal::APP_STATUS_NOT_INSTALLED;
}
NS_IMETHODIMP